last executing test programs: 24.303504941s ago: executing program 4 (id=1275): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket(0x0, 0x0, 0x0) io_submit(0x0, 0x0, 0x0) unshare(0x6a040000) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000840)=@mangle={'mangle\x00', 0x64, 0x6, 0x508, 0x100, 0x1d8, 0x100, 0x100, 0x2a8, 0x490, 0x490, 0x490, 0x490, 0x490, 0x6, 0x0, {[{{@ipv6={@empty, @loopback, [], [], 'gre0\x00', 'bond0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@CONNSECMARK={0x28}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x3c0}}, {{@ipv6={@mcast2, @private1, [], [], 'pim6reg1\x00', 'vlan1\x00'}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@remote, @ipv6=@mcast1}}}, {{@ipv6={@private0, @remote, [], [], 'tunl0\x00', 'bond_slave_0\x00'}, 0x0, 0xa8, 0xd0}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x568) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6a, 0x0, @buffer={0x0, 0x73, &(0x7f00000000c0)=""/115}, &(0x7f00000003c0)="259374c96ee3440acbeec63892a3c73244990a0000d4eb62fa952fdaa59cf06cde5bf469a134ffb2e39f0fb9ec8cf62c105d8fb5faeaf2d02ef9f4e0afabe88be431472771f7b0de96a2cb02694cf596206122d2637f3cd6356ddaa6a987ec8f0b541639145a6a494964", 0x0, 0xad, 0xb12531df61d0214, 0x0, 0x0}) syz_emit_vhci(0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000040)={0x7ff, 0xef9, 0x1}) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x11, r3, 0x1000f0000) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x14, 0x16, 0x1e40, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0) getsockopt$sock_buf(r4, 0x1, 0x1c, 0x0, &(0x7f0000000280)) syz_init_net_socket$ax25(0x3, 0x5, 0x0) r5 = openat$cgroup_ro(r0, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000200)=0xffffffffffff7fff, 0x12) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r5, 0x0) 16.849780442s ago: executing program 4 (id=1295): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x2a, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0x1, &(0x7f0000000140)={0x8, 0x9}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000003c0)='net/igmp6\x00') bpf$PROG_LOAD(0x5, 0x0, 0x4a) timer_create(0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = socket(0x10, 0x3, 0x0) r7 = socket(0x10, 0x3, 0x0) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f00000006c0)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(0x0, r8) setregid(0xffffffffffffffff, r8) geteuid() syz_fuse_handle_req(r3, &(0x7f0000004800)="61b5f4796dc3641ea713ab63d3a2db7ce4728e5ff37ec9742d2bc06ecace7c1a23f9916b9e68084bb1a2fc484145d56f289f3ab7a49101af1798a87d4f9641ff35fdb993f8dd84b40ddd0e7aa73d8887126c92d5a63acf0cffc4e368714b64911fe1986089cb814fef76e3fbafe8d9a421b5cbfe2fc06a3996a70b8a2d58c33ece9a9a77a892b7c8922a0770517cb6967824317bd930613145199df9dcab220f7810d8931b7f14037bd668ef983037e3b45c8da1dd410aed6302b145c1371f1af795c3aca960d59d6e0ba74a69e72a4d64ffcbd10628f86eca36712e8772b4b081ec1868169d08541bbbbedad606f3aa5e1462ef1b8ee7b6f517716f2239c6c5926ccf9364a15be26d1d48bf84512db4d549f454847f359d7a07c5e4806288e8092b46d127209fbf7050b14222fdc692c85d49d58be82ead48144664da6f019b9159b6bd586201ac8d7cfabde78fbd4b896aefe364fc0f138be1f8303f1552acad567d03d59ed59ad9d3772bccd5810fd476ad34bb1bdd365eaa7b6be1c67bde3e8d2f238c042df1f21b70efe4d1c3bcd8fca80b84852d7ead3bf04a5bf5646672fe7a9815d6fba7c52b281de45ee4102ad5d551d3bb38f53d0571b1b2c16fdc0d2dddf575043549b2a22bd4bba63efbc9f4f591977c8b0dc959fce3660fe6dfbda12ace61c671cb36aa21cafb9151aeab9f3d37b239373df5c476814bdf42bdb742991eb87b679b250a95877fb999758e53b394dd0084428a43f60ce5b7f11361fdfae04244f6c41e0639f79220d245a2a95d0c1f23703e41cb99cd9511ec1b61a9755a5e46c4f74f8cfcaba8e07811f21614c934f0b9c7ef066879e0da871e017de35da6c91ab6273745ccd31a92371f3cb570829f1303c59a4142fa48f0a50965e14b9cc4678fd95af3bdb1b635a37e7945d3b48db344899a99bf8525d0f9b9918fa1e8083a3a5cbcb59787e47c76d204d320d2e4e2fa6ca8939a6949ef04f2c3365f1c550b286b210021998c669192d92c0cb5df3ecbf1be2d592d7ee50d95636c9d234e441d38d0c94d5f1da55e03ef1c03fec2f8b7e5d3a3fd751ea0c9be843258b7c73db3135eb40fb282c2f61944e4765fc368ca9ed64f56be9ed3900b51ff5cf4b39ef24d328d60f4100456122ccf01083ab2c1fa8f34c06a46d15431bb1173aa27778cf9ffa66fd389bc4b30c49990e846fcba0ec0fc1fe56fa60a7dc1a9796a90d226e537c5edcb0d8e5c68f5d168dcdc6694beec1bc52e5c039c63650ddc91215e835377dc643fc1dab902533b6d34cb71afa320becd2db252c6fc35379d36b53a41c18358804f43715963a975f39df71cc51c54edf4adda902acd4f08a9bfa87ebccee3d45f70ea59c37a9ff7f27bfa8c69d3e68de1e7156aa51fc1fcb810e3d030e762ad112af03bbd093e6ef02351cdf259291a2443c484185d7e8731daf96abde30df1885b5a2ecb9f93d60614efbc7bb8850f66d0225fd024f63a5a7b940d1a6dc9ab0bfcfd999c8500e297d87fc1674b4a16f46fdaf0c1f73cfa30c77a06e86b1b593052bcf57df36ef2c3ade2646c517081f14e1646738dc9e2520b50e221c5a3487cd87ee4345e3056867aeed25d69db44aba4bc20f05a63d514acd3a1849bf7e4ade601a1a545c0722c000160a04fec4472762cdd3c6278ae9ab3f9c2c13ca0cc67aea5c344dd11fe6b8eef7d29472afc385bd66272d746061cbdb7ae44fc6120c00f3f12b06682c08a48d2ab44561025cfa8618f62295ceb94b6e28965c3c6a43e981db8e91f6495b146c4275acb80213336faeaf54f99df57f95e8b29ae0ec1a208c03b561c309f5a16bcf4d66676a85ad14a5e208ed6f2f35b2018289cb8a6a9f237b3f1a95103f039b960fed99a23d88ae20b2ffff19e06e51d9df937159776111538f4b01440f8f3bf32ebbc0e19cf4ef386b30226c7a98bea9578ca057f3373110c5fb8723f4215741b80f815f9071bab0fef855d8d4a3918e1208ff73c38bba812321c2964de4f5f949b14cfb84ff4b855d26156341c53778e599ff55b18fb32770d00fb0997e1afb4d08139bfb1d655af4006878a69fb601662610d17c846e932cb67a8aee3f8234c6c3117264f1c12dc7616745f51aca756ffbb33746590821a92b665c9206028922d858294d1f1eae3b51e5602cb678005e9dd23017076a8544d9ec48d7d4e1523a77d9b036e7c99ea08a625da5f029479c2b93bd618452a0ed9c086c86dede789eb0f2a9a8ebe5ddcd3b2a50914d30aea476186ab4dc9c69f156e6ee1c257b20ff6235239db3a952d967238451af25d7d15f9ad9774297cbe2547d82cdb9947654dfdda6c5055d2e13156f2ccbbd6238f884aa421f604b54894f068f466cafa802d6aa6ebac12ab6a0a6f165a2c585548ffb76e000a0be9354940541ae1ffb8e4dfca20e6aa2f41a605d6e34e14e7c3d17a73c9b5982fbb890d715c0e0458cdbe803ea5b8bb8466da8c2e3dbd5bb699a8e76415c50d50bdb8213688a05f530c47a5ec00a5ea916dbf7d0b64ff7d1922e9cfcd51e94376b52fc1c61dc190bae4aa4d13da5c5c47d91a2b93a5e04a34fd591f089e5c12ae8f49518b66af2331aed9d0d2df0a7e79d58d3735ab1b7e50764d4db1b36832ab7747fb37475650d8fb64b6c882bae248b3bbefae4ec5da20e2dcbe04e4f4429b76ec4ac712925cd7e734e48ba10868bf889d4dfb3acb88fbb1700206a4835f8709c38a8259e20675362268236d7cacd80fe447858e6eda8367f4b842021cfdc14ba01b1eaf0f4deb8a40040ed03d4efe919c386f07fda5cb9430afe5495359bc3ba15f78162563890344ca8f6dd0d1443eab0f6bfea7481c39ee4e777bdd74649799f6b6921b0cbb4b35bcb71d64b9c5a68f19776ba5f4d7e166e79a4819a01d097bc07814fbe12ccef26a088c03c09826f535495086bcf1d1470c5a2aa2a34679a482d44288d96d816a8a372fed78258a0560c5ebb75cca88ae950347449b019367439cfecb7ba6e3a3d3cf46845a1d8f2c65513a12bdd1dee442dac9f3318a9c0059b43bcb14f0438a5959075371dc867f926fa17195f050aaed2062b94d93cd615dd4c3a8b870859c7f2ca03242bc63dc76308c6db6115f7e83efcebb4672782453b56750c68d935e170a7cdd5793efe1135364ca02ab699f3ab2a54567cabdb7e4109ce397ed31e22e8a5199a92c9e6df85245d2fb87188c8f6eb164d5868cd29b77606571439c6758f46327f020cfa1090d10be7462034bec2bb72870a2fbefd06d924ca4adbcc0300781f348e2c40f51a3c729e3a4fe486634be25327c213367925754de8aaf5285b112e5270a2006d2c0929e3f731668cea0fc3c3d36ddac3ce8664b0a69122d9b95a832d609c11072a79c7be59d8fb37024b989fa0f4c50f28212cbcda27c2cf71c37263a0aa4c894fe958500114a6393f8b51a010026d70af91fc4a344ca217ccd2be1332220049609ef42f92fbdd24e3395d3ddb9045f14bd86dd46b176164606a9b003fa2d68d3a17a4270a8695162fcfebf79cd7f39a925e6c0a2e9df4d2bdbbb0e04ef680ab21edc24df495d33e8d30db021b2f028ef51354c4732a980affceb5d3de56bd35829e63be9d93855a95b1060e83cc0eabfb81c5daaffa3085abd680526013f335fd76b381839de6ca57a5bdaaf8483238768c82ab2e6e9c9d7d4058f697127309f663a9f711878feca018f874abea316bc65dc9e598ba8d320ec05b502e4c5f724a78e5b22ecd0f9c8e3af484fe084818986a37da8b390fabbfd277a21210582994309cfbd9fe9888622bfda6cb4ae279dd7876ef3817bd59ac2e52e3f8c06869df6b07c8f2bf35f24c412c6e2c78a64a195d56be8dcd390a294b7eff06de569b14ed044ae2595b8f00ff9db3ba0fb871c0e6c8e32b433c3ab6a4f6f9bff4c12a84a977cb1f293cd6e8d9509a1d150c6df76c6959564e5dd5f8906506d858e66597cbfeb5da7b02c6f7eb832cfb60abe89c07aacc87c37505f253867f3d71dd33e23831f09149eddbbff02cfd0e3b82344fbba0225491b0cf6f71405074df17c75cc3ac4b2ca7378378839da15f544c3a8ffcbace20e7fd1f22d287fa7195fac23cc2450015dd694fed7147558fdd39664b6f43308dfad000149d6f72b13efd62450b08622a7fcf72e7a225af742546c15f197e85a6df16f399908e6e48cbb81e72f75c7e109ea4a7597ff23641d38436f0441bbe5a1598ef5ccf6e9d0a3d8fd0c3d11bb09788f44b55b1db2ff3dbdd8ecc31a9ee62a518dd5273534e5e0699085b2946ca07d17c6bb61855170c1d7570bc80f3ac17b13109a996fc92cc2d5e7cfcfb9bfc452363410f55de30971e4a324df59069cd3bdf732192ebb2cfc1edd5f0402ea5531ce9a4c5de4b2347311c6f824e42508e862cab8760e06be39ee6b4220209a4b837d04e004a735b7f776e1cdaa1881f75b4b227522e677c080c99cec8e3ab4851b63292d028e10bb67031e65402acf4fa465305266dd3a769731336dd0ee0c6de64b527a5c24867cae37763fed7b626d0b70d3cc330a8bcb1e73f4d24f900901d26bbb70c92052a588a377e7c3cece528adc0a367a4c01072a155ceafe5f63a7b59b2272a51545c954256284afbaba6f9a724b42ddd63ed304bf571bf593d73dcfb2d8b09402a2e9940706670d2087ee1b52b288a08fc5dd7647744dbc449e66b4db38d4ac5f5290b626767da53aa29c98e3d9c8c8e54e51efdb95f1f424072c328bae062cf46a5c27833beccc93349e88f479059bcd80b18185ba1190a195189cb5d0584e7fafd70fffcde209b6b5fe3161dd8ee65415ba465dcf5d8d967629a788baa02d54b52dca3f525c663a0330bd6bc24f666982e8d93a4242e85f33e3ee8121305436ad1e2fba762e28d3145589f3424a8f612cd36e2aad4379b12d2ce084a85c050d208110e11bf49efb731881a45de89849c76c0435c7440b14cf2c291fdae14aefa4ffdbc07913de31684354b69c6b489d4059b82b49b33436dd626b92a1c66438cd812871d448b3deed442e3eec72b87be62fa416ef36ddd50290d866c74988c3f4e316bab7798e772940bf43d104ca962ff669b432b48e60441a2cdc9934e67ae48b0ec7c7590c930a327dc061d63c61da4ac5b809ed803933b2b64eafdb8aec3e4188d8918220ca63112cac5069c717ac72adf7cf9c9bc97b08356571d2ecca5e879fe982afb6933249e69ebbd3cfe981b24ca89e575f518f34fe57b72034189ef5f9a03367260e681c45b939983e5bf5e60c9afc974fc21f98d28dd347f2c41923494ff8585bfba8897703facb427dcea14aadcea92f52818e7baad15f76a9042f70239a086fdb647391597141bf85663c310e2e4a02ea9e4e8fa731f990ce19ef912f6a362f96a3e8d23e5ed4d0f004ecf41c4424d9bddfc0b0e9aeb5920b206fd31cfdb305ac288c6de29c429689cb1ef873a4b5d8f21fdfdce1b5761a105f841bcb38e16f49cfde8d771e770b254ee94b66e3bdede3d0d9e55670f6d8df4a6e51cb1f170e07274f0468d7506a50cab589fd264dc6bf3117ec6481fdc919a76398247474d63d6513ec0e2e39b73a1b4d6235db77d3bebf64d594a5e7c73945a93687946bea94f01829785c53eeb4c91f7bb3b2c308bc2604d116118817ee3304e6d97c064d04c150f9af1cba9b077f608119ad86eed125501132a3281ff8aa98e09c0935e432833ef93efa38c9f891de69b2668368a3be53f5b389c5776ca495f7a73c561d17402742d1f1c05bbda2871a3e72e4e85dc3846d7b9b64e2f17114ce1010e21f4dd560650dd247fe5a7725a49a6109c7d4d851ab47c4e7323b89a6df728683e640367395784dfe135a6a17af647f6d184cab3a702e3d83afd9a6775a1faf979bda28fe18d2c82872bf0eee854002fcec1098ffb5ccb25f145f33e06f4077b5c5f000f05bbe694b93f80f1117cbd803d51b5791ef854315b49bc52a142a8fe70adef13d25366ae249a1830a613f7414a41e46a667d953e73f2cf652f80d36d38e6bcd52b0217fd99fc460e0fbb57617cfc80df6b66a820884f98e1f4903c9631a201b0befcd067311a1aaf6417ff3698774678296b15e2e5067ee8b7f9c198c91d0bf040c2f4bc8206c53b02ff43e8b183caf13b51618e48475e0ecd71396cee090e63b876746dee1b093bbc19dba3f34a1dc500a376d49f00389e8493fa3d0e52c486aaa1c88836d9877bab40dbc886e858fc51bc672decc2d4afb461a9bae04bb357e79cf020e73b3c59b939e4388547b9bd8e8c7885b34932ee10b82f407a9149d05e2510e48e9df7d2b5413f54fa8e4cfdcd21034835cf27d2adc50ad474ca4f9e5090efc4e3a03851190f7e87dcbdab8d694952d43c19310d5d68057831ccb6d4a0f3e29be380ae180501f5afd92bf83bab6321e48f34627f905702a4d5434dcf905e5a439439f46f155257b9c22d985f0a095b4cead574ae07dd5ebdefd778c90faf3044ce31a876a3f31602248b8d4901a1db763b653703a8aacfa8c90d98da8c3d2d0b4eb04d56205849985a005e1f86d2b9065d68c497458cbd29f72b8e0d58f056f364282e2f39aafc20b74a47f3e1d34e2fff0112e6e62f063daa0aeadd1960d86ce9b6eb4643ab9fe830bc73fa2f91533e500e5c794aca48063d629db00e5ba0e87b6abb8d27c6c8cbbdb8166494ca639418373855c9eda97dc90de5865551f0e48dec70a2d8f5cbdc594f7df6a134791ac27e17adf303f8f8357f3d9d0a95cbe9f02d0829516d87d4493b4ca2216c19e3e1d6beb50c0c7d41fed92b0df78207db14102573ec4de73ff68acc6cc7f48fa59d509c95b1be40d857b1317aa270b77fd703061ab20f2ea8ffc431df3694edb4479da6d80777504ee8e160a85b29af7562717346cef00c3c9559ed0441345db54ae7a231f66cee8b3a5bb10d0c5739fa10781828af34c345913d93a7787ed33bf9e300d6190b43b54db33a88b6d68fc036b44c15e62a17c7c174fc263e7aff10b437c5b8b77d187de13f202c70a3ff3159593a1893166e4b504b27ae6375304ff8a409301121f3d71e824eb1066d529a6dafb2e39695a6305621fa3732cc7fedb7528c351472a0ac180c97659391656055fed7d0d7e74c8e3fef2ccc19831b8f23230b28d180adf265931baac742509881d9a973f64b6177c03bd6f82efada3daa4be2d348e7126bfa46291cfda7c97355c5a1a5a530361d85f33eaab40554e39918006382c7875075a698e2c32930c134e5a5abe9fd27297ae12d0c1b7d1e2ea9d4e1039dd194d18fd3197d52ab77f1ef4f46c7945e16b0a8d2bacb1657a424cf851610060df2a31d1a069346a8b3a17da269b4c93f0d7840db0c4c3a924cbb357dc7e4c0a5c2d0d56a5f78535b763dd1018df6010115627e3f4eb70f39aa5caa1df07fa540405566de58809eba68946816d332eb0d52bb1166762084548d519b70869902acd3503b40ff13a81b395994a2a8cfd0a45ad1689c06c6f6e6dfb56eb278129b2fed79f0ddaf2b27ca7b86e9deb032ffaa5c6bba7bf7a0653ae678cfca2f73519fb93a75b5b23c4a2fef681a2aeebbd904c36bab783cca5176c28bf17d63a4a9ae287b9cc38049308fef4500a13161c10a9bc09bc258ca5eed1d1297f39ab1b8674f1602a5ef149e1358224edf58cd4185019b5c5c4fd171e25105527be50875e5266e61ea4d6d4bcdd78b27d5afc82f34b6e2775ee94d38246cfb3f147a612c298df659a1736765da17af3ca8c496d4cce2582ab27e90acb100c11583438452ff8c4fce2f4c5b0e4923cac4b2369fb46885d1930a75c0ff71e6628778ecfc3e2ec2a07e5bef3d071414c405d7966cc32a74a4c527672d8e972bed916a5b604ce9123c1098c8876ae628391ea8cb0b29096b4dc5187c02a0580a643ae31ed154f3717aee093d0e1dc7c5441882adc61907d00f5c7fecf4f8ca0d96ca965ff32e89b0db7832ddc06bc6d7288ad94e4b8be63c586ac98fa9cc4c0f02781bca12f26f0d0153b76d201caf75aeec416790fd29df0f51e99e1e0f7851026e21b2a1b463e10bd175794d793b55b6daf4118a38bc02bc619085016290b160933839228fa6853c991031bc6668f591e0e4c0546e4352f8d776bd9ee47408b1841dbc626879ae623b343fc14c24a2f0006c4ad7d279a0351288fa52a2a26de35fdad24cada71ba2fb999dcc79a3136404e12db62b3ba7137b7a9829cf43df5a41ddcc671295fb4a0f14afca8904c50cff2f506c61525b807b6f4fc7b11532c2470f28705b796ed22c2da90abd18fc727b0e2609deb7ae82d15439c152ab1960c49f1bb072fc581b505b8385002223a23963662097896b29678ef9c4b74b7c45daf2ebd96b79602d3609f4b77437d2f8e1285eb9bd4edac78d5b67d26af32845791bc4c930a65454b51415d83dfed06b2d5ced8bb677df8c741e4fcab44bb757243ea8cb3861379f7ff1e9c58151e5b201d499fa3d2b7720fef1da8099837b9d957b9678bbad69659ec69b5bb23ca64780dceafde77a14face8b15a1b39d39f56bf564c0bcf8e8121f6fe636207a3d85b8ffa30171649982f1e4d6c5f0e6ae52787f5259dfb931f0c4eee20e03e6f30c030664a123f4fe25fc7db55c7b99c5da9032a3a35bed9219bfc7ca5e10d4e007748daeecd8d15af1dc91ee988ca37b73eb580a5438a1581cdec09130d5776f2f486b0beeeae7911d42b789122c3c1fb50c94c3a319b9c57bc2200664badf749afea60e14e2d6b72545a21c950f7eac0dec0ff9b3ad3ec9b8c0ba59759a304730c826e1edc100b5b0d4a2091ea24b85ab017d401c05675347cf51debb818b644220627a24b164c9a2590f9ba61190545ddddbe79c693a3cdad85c21f7301f3267defd1c83929abccb4f2cd4aac4034f1479337eaf51c875e67037c89edd195404f98d7fad8cbfa549b2a46158c6d1eac0bde21232b8069122a333a14d3ef6888f3738d3b0ad32a21977728dc6821c987719bf68dd2ac267296a3c4ef1811e89d646eb0a862cfc22b492aa2a6d008ec83fd256ca4c93f484469b7a6e684ba0077065191e359fdfb4c39776fa6074a4c1a0fd04c21e74d621a031e2721216e1490ed46cf124f5654a30eb01f7c789fd91bb9a1716598e41b8d352eebcc9adfbf1171c0209d86b5bb19b1cfa7bac10b3910bdfe3d754da291c061c58371930c5fdcf0e67ade7956090cad6c92685f70dd14f451c4be5ae1191ffac5db70fede49935762c95a4eb33f1ba26403e8cea5854ab73a3c64d39f6ff61df65051299a47e6c6166cf25172154f9f4c0027cda946078439258a81eb45f253b9c69f2aaac93fca557ec4f6e2f2780247dc43ad0aa841e0acdb18f6e069830d002de30032864295404bd40473fcd25a47fddf29ebb13f5dbababc78f051e321488e04ae73e14712f85584bb12d77862b62406f4ee9f28fffb762edeec1c079b27974fe4777b0c4a761b5f613630c2e2de74eedabeccbd93188004d12978efa08a55018ac69f5164948f3ff3ad93395753177396d296fdc7f26563289b368906bae2b51138fd2e976ebd2b23c6b365ecda56a5355507afa53d21ac7915aec52faed2dd1656b98cfe543212ecc6546d7a1c8e2b68e89f275357fe042d3a4ecb2747fb5c8bd21992cc25581974dffb7c413e873a76e2f4f7fe9b172d49c7a79244bd37b94083ed680dacdc70a1cd856a834d7427b830f0a61d89ce445899b0a0fec4674f45a1302631b1751542a1ac1d76db4bd9243424cdd5cd2a41f18bd264d5d7d0ebb1be2c00d734b592877344ec0d675e1b72cc20ed26341b8004242501ab9ccbf7f55c77939c8d378002080eb47fc304ff71adffeda84103ed0c87a9c666a6ce8c00c25c302b44c0e2d49454c11a4231260976499d77d139587e3bf1fdf0fe3a9c2d96499d4f58d5bf6023e770007560ea005d520cffe38fa47986e0b68413fb781449e5f5f674507102cdb9bd764f2a4a7cef72732e70bacaf70753899b65e8290b27fa11e773f584b9e954009bce02bc68c5e3d6900a9aa5bb06a05d41c4af1b46d5bee5de7979918453d354fed62696291d97e1b9d16a3652baed80305ebe720601c34709e6e31df897b4520401ad35f5cbebe8606d1549b5b198ca14c62d74746b1beae442bf7cb307da71b0d6fe9e94f7c6b039fcbf367ecc6598a5d40789c63b0bea42a4f91163f79c274987e078019d9d574077a52d616b8c1bb5aca60432f7ef942df3150760085a040e6386f878b101b9ebe60038d225777509a847df99eabe5c95cc55f46b56b353b314042f8acdbf4998c587b3ac7d2b839898c544617b6a9d831a42f1dbaa49c395f802d536e006790e7779219a7abd5948cb50b5111c41d707beafad788a40abddb3d97efba125c1034dd71d20f0735aba7d8313f565f47a444d36be6c6f6c8c37986ae4704e8564220025f3a732180303d0b43cede3a99636ece457fca727679cbf8a275ba628179f07eb11574763db9a005e39080e5db80eb8868a28b02dd9089b01a35668631a86fb6f09435b991f2fe88f3e228260d35d166d60040337e8e519fcbfb9b6e2297311e952ab13989becb1d7251a32c3cf08b58de8cf0e8802f70086cb3856c5c56158340793326d30dcdf4e37b7a4b1d9eea17888ac171185dd68c3b9acb9d7e491b04d5a1890585ff07f0cf98b01605bd6d04689bcba32ab469c9836f1606813de86074e798570af6963840298921132becf594db6ee3cd79c79f1592b5bb9b8a840162ee96a8831a918500715453e7419d90c3840086173d01a6884714772f45ed4f2b0444d25f1a032107e2e56447bd9727128c060f08e522d1b312c6056d806f0b7db5e5031c3cc84e8954f55b7108b948ca5faab47feaa9dbdc6ffece5eec3a85e4291c80e6f9eb8b74878154d4293008df35c17b097f6557eb85bba641aa5c84cbf1af1846747a38b03c17dfeec0f572ee2e95f669d9d99e7cdf0051b233c1efe429967d89dc92574fb365441a90721d4e80e6ea41e06da7de32f7d55ebd5add7f75411afb65ae4f18af5b8a41a898bc2b051b5b7a2e7d0f80e962959a0d37cfea8f448d5e758eda0ca2ee1f59506f48e6857d38a7f12f05bfcb4994cfd18be082c732d644680e3598b44eab74e85fe3482849dbd3b46ae47dbd4d48ed73aa08cb8b66c8bf90c955fc9ffdce5f50ea1c6ce5a8e10bbe9a208475f35cf52f252940ba27dba385aa3e32c4d6d375e96b69e2f669ffc0e77a603e3377416bb5d63b1ad966d06027c2eb0b22cf3672a3cf967cab1fd554508089d2796fe797042b8f33426751bb368ab926c9c05509a06891f496742582026d2cbe7a9ea949df4fb6986294d3b009dfbd2f0dc4ebe29dcc3a927f2c740e138cbc8cb639a6ec7a5772b1844a78ed3069519a0659050b201430edcfb8bfa95cf56a4aa40d8e1182b73dd6dc3e951a453bef512405af862566064cdb67d4bcde8deb8d920f4a656ee3bfb219ac503665e612812a165733a9e9146b44484b342ae449c05451bcf49ffd2584d12ddfdaebb52a7d2dc353065a881294872e818d195", 0x2000, &(0x7f0000001180)={&(0x7f0000000300)={0x50, 0x0, 0x22d, {0x7, 0x28, 0xd7, 0x80000, 0x4, 0x7, 0x4}}, &(0x7f0000000040)={0x18, 0x0, 0xc, {0x3}}, &(0x7f0000000280)={0x18, 0x0, 0x9, {0x8}}, &(0x7f0000000400)={0x18, 0xfffffffffffffff5, 0x27, {0xcf}}, &(0x7f0000000440)={0x18, 0x0, 0x8, {0x200}}, &(0x7f0000000480)={0x28, 0xfffffffffffffff5, 0x3, {{0x9, 0x1ff, 0x1, r2}}}, &(0x7f00000004c0)={0x60, 0x0, 0x39c, {{0x97, 0x3, 0x2, 0x8, 0xfa9a, 0x6, 0xfff}}}, &(0x7f0000000580)={0x18, 0xffffffffffffffda, 0x9, {0xfffff8ee}}, &(0x7f00000007c0)=ANY=[@ANYBLOB="1a0000e9b28053df92000000000009000000000000006e657464657673696d00"], &(0x7f0000000600)={0x20, 0x0, 0x1202, {0x0, 0x7}}, &(0x7f0000000640)={0x78, 0xffffffffffffffda, 0x13, {0x4, 0x6, 0x0, {0x3, 0xffffffffffffffff, 0x7fffffffffffffff, 0x9, 0x0, 0x2, 0x2, 0xfff, 0x1, 0x4000, 0x81, 0x0, 0x0, 0xeb, 0x1}}}, &(0x7f0000000700)={0x90, 0xffffffffffffffda, 0xb85, {0x1, 0x0, 0xfffffffffffffff1, 0x7ffffffc, 0xa, 0x4, {0x6, 0x7, 0xff, 0x7fffffffffffffff, 0x0, 0x100, 0x5a8, 0x1, 0x4, 0x2000, 0x28000, 0x0, 0x0, 0xfb, 0x9}}}, &(0x7f0000000840)=ANY=[@ANYRES16=r1], &(0x7f0000000cc0)={0x3b8, 0xffffffffffffffda, 0x6, [{{0x2, 0x2, 0xd, 0xffffffffe19e90f6, 0xc697, 0x8, {0x3, 0x80, 0x5, 0x0, 0xffffffffffffffff, 0x1000, 0x481f, 0x0, 0x0, 0x8000, 0xff, 0x0, 0x0, 0x8, 0x7fff}}, {0x0, 0x1, 0x5, 0x6, '#.-\x01-'}}, {{0x4, 0x2, 0x2, 0x29ae, 0x10, 0x40401, {0x5, 0xc8c, 0x22, 0x2, 0xffffffffffffffff, 0x7, 0x4, 0x3, 0x4, 0xc000, 0x28e, 0x0, 0x0, 0x8000}}, {0x6, 0x8000000000000000, 0x2, 0x80, '[!'}}, {{0x6, 0x0, 0x0, 0x8, 0x5, 0x401, {0x6, 0x3e34, 0xc, 0xd, 0x7, 0x2, 0xfffffff8, 0x0, 0x8, 0x4000, 0x3, 0x0, 0x0, 0x4, 0x8001}}, {0x1, 0xc, 0x0, 0x5cc6}}, {{0x2, 0x2, 0xfffffffffffffffd, 0x3ff, 0x9, 0x204000, {0x2, 0x1, 0x9, 0x2, 0x4, 0x0, 0x1, 0x6, 0x80, 0x1000, 0x5, 0x0, 0xee00, 0x5, 0x7fff}}, {0x5, 0x200000000400, 0x1, 0x5, '\xa1'}}, {{0x6, 0x1, 0x3, 0x34a0, 0x9, 0x10, {0x1, 0x4, 0x5, 0x1, 0x80000000, 0xb7fe, 0x6, 0x1ff, 0x8, 0x8000, 0x1, 0x0, 0x0, 0xf6}}, {0x3, 0x0, 0x0, 0x7ff}}, {{0x1, 0x3, 0x5, 0x9, 0x0, 0x8, {0x5, 0x2, 0x1a000000000, 0x5, 0x2, 0x6, 0x1e62ebd, 0xc0, 0x7, 0xc000, 0x7, 0x0, r8, 0x1, 0x4}}, {0x2, 0x6e3, 0x0, 0xff}}]}, 0x0, &(0x7f0000001140)={0x20, 0x0, 0x2, {0xbbf7, 0x4, 0x3, 0x6}}}) write(r6, &(0x7f0000000240)="aefc00001a0025f00385bc04fef7681d020b49ff708800008003280008021000ac0a1410bc71176a36ede498534108e58342fa94a235a2a441f9", 0xfcae) r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) process_vm_writev(r9, 0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x74}], 0x1, 0x0) r10 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000001840), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r10, &(0x7f00000019c0)={0x0, 0x0, 0x0}, 0x0) 15.455900711s ago: executing program 1 (id=1298): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) add_key(&(0x7f0000000000)='big_key\x00', 0x0, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x4, 0x1, 0x1}) ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f0000000000)=0x1) read$FUSE(r1, &(0x7f0000008440)={0x2020}, 0x2020) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket$rds(0x15, 0x5, 0x0) pselect6(0x40, &(0x7f00000045c0)={0x2, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, &(0x7f0000004640)={0xf9, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffff, 0x5}, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bind$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000000100)={&(0x7f0000000440)=[0xfff, 0x9, 0x9, 0x3ff, 0xfffffffc, 0x5, 0x9, 0x6d2e, 0x3ff, 0xf9b1, 0x6, 0x6, 0x9, 0x8, 0x100, 0x7, 0x0, 0x2, 0x7, 0xcc13, 0x800, 0x9, 0x8, 0x93, 0x1, 0x80000001, 0x0, 0x5, 0x4, 0x4, 0x500000, 0x6, 0x3, 0x2, 0x8000, 0x7fff, 0x4, 0x2, 0x7, 0x0, 0x2, 0x9, 0x9, 0x9, 0x81, 0x6, 0x8, 0x1, 0x4, 0x3, 0xbe, 0x10001, 0x6, 0x9, 0x2d, 0x80000000, 0x1, 0x4de, 0x4, 0x7, 0x5, 0x3, 0x0, 0x81, 0x933, 0xf, 0x6, 0x2, 0x4, 0x7fff, 0x4, 0x8, 0x6a, 0x3, 0x8000, 0x6, 0x80, 0xf3, 0xbd59, 0x9, 0xffffffff, 0x3, 0xf, 0x6, 0x80, 0x78, 0xffff, 0x6, 0x5, 0x6, 0x8000, 0x9, 0x5, 0xf, 0x8599, 0x6, 0x200, 0x6, 0x8, 0x4, 0xa6, 0x5, 0x2, 0x9, 0x5, 0x4, 0x2d, 0x0, 0x9, 0x5748, 0x8, 0x4e7, 0xfffffff9, 0x3, 0x5, 0x87, 0x100, 0x3, 0x5, 0x89c, 0x880, 0x40000, 0x2, 0x9, 0x7, 0x10000, 0x7b7, 0x0, 0xe, 0x100, 0x5, 0x86, 0x2, 0x5, 0x4d84, 0xc, 0x8, 0xffffffc0, 0x9, 0x4, 0x8, 0x101, 0x200, 0xd, 0x9, 0xd, 0x72, 0x9, 0x7, 0x1, 0x1, 0x80000001, 0x8, 0x7b81f4f4, 0x9, 0x3644de78, 0xc, 0x7, 0x4, 0xf8, 0xc, 0x6, 0x401, 0xb, 0x32d, 0x1da, 0x7, 0x305c, 0x2, 0x74e, 0x0, 0xf, 0xda, 0x7f, 0xfffffff7, 0x7, 0x4, 0x3, 0xfffffffb, 0xc, 0x9, 0xfff, 0x1, 0x3, 0x6, 0x2, 0xd65, 0x5, 0x3, 0x10001, 0x200, 0xfffffff4, 0xfff, 0x7fffffff, 0x2, 0x10001, 0x7, 0x0, 0x800, 0xffffffff, 0xe70, 0x8001, 0x1, 0x9, 0x3, 0x7f, 0x5, 0x4, 0x1, 0x3, 0x9, 0x0, 0x2, 0x4, 0x6, 0x7, 0xb, 0xa0, 0x9, 0x0, 0x7, 0xfffff567, 0xfffffb54, 0x9, 0x8e6, 0x4, 0x6, 0xba3, 0xfffffffb, 0x32, 0x2, 0x8, 0x3, 0xb, 0x22b7, 0xcac8, 0x9d4, 0xb0, 0x6, 0x2, 0x6, 0x6, 0xfffffffa, 0x859b, 0x7, 0x4, 0x3, 0x8, 0x9, 0xfffffff8, 0x7, 0x7, 0x8, 0x2, 0x4, 0x8, 0x5, 0x4, 0x81, 0x7, 0x8, 0x8, 0x671, 0x0, 0x6, 0xa9, 0x7a, 0x10001, 0x79, 0x8, 0x0, 0x400, 0xc, 0x401, 0x1ff, 0x10000, 0x6, 0x3, 0x7, 0x5, 0x0, 0x4, 0x9, 0xf913, 0x101, 0x8, 0x4, 0x401, 0x8, 0x0, 0x6, 0x7, 0x6, 0x3, 0x47, 0xb, 0x1000, 0x4, 0x401, 0x8000, 0x2, 0x3, 0x2, 0x2, 0x3d8, 0x7, 0x2, 0x7, 0x7ff, 0x9, 0x0, 0x4, 0x539, 0x74, 0x8b, 0x8, 0x401, 0x1, 0x4, 0xfffffffe, 0x1, 0x7, 0x6, 0x4, 0x6, 0x5, 0x0, 0x401, 0x3, 0x8, 0xb91b, 0x3, 0x81, 0x7, 0xf, 0x1, 0x8001, 0x9, 0x7, 0x8, 0x0, 0x9, 0x9, 0x6, 0x1, 0x8, 0x5, 0xab, 0xf, 0xffffffff, 0xfffffff8, 0xef33, 0x1, 0x40000000, 0x54026900, 0xfffffff8, 0x2, 0x8, 0x6, 0x3, 0x81, 0x7ff, 0x10001, 0x424, 0x1, 0x8, 0x0, 0x2, 0x0, 0x4, 0x9, 0x5, 0x0, 0x6, 0x8000, 0x4dac2c82, 0x1, 0x9, 0x3, 0x1, 0x41, 0x87b, 0x0, 0x4, 0x5, 0xffff0001, 0x8, 0x0, 0x8000, 0x78ec, 0x10, 0x2, 0x6fa, 0xb5, 0x800, 0x100, 0x7, 0x5aad, 0x4, 0x9, 0x13, 0x6, 0x2, 0x6, 0x10001, 0x3, 0x5, 0xb, 0x2, 0x5, 0xb, 0x401, 0x6, 0x1, 0x2, 0x0, 0x6, 0x81, 0x99e, 0x401, 0x5, 0x40, 0xffe1, 0x3, 0x10001, 0x7, 0xe, 0x0, 0x0, 0x5, 0xc, 0x4, 0x7, 0x911, 0x9, 0xb0b, 0x1ff, 0x2, 0x7, 0x6e2f, 0x1b33, 0x100, 0x3, 0x1, 0xffffff7f, 0x80, 0xa, 0x7, 0x6, 0x0, 0x10000, 0xea5, 0x2, 0x7f, 0x6, 0x6, 0x2, 0x8000000, 0x7, 0xff, 0x8, 0xfffffeff, 0x9, 0xc, 0x6, 0x81, 0x3f, 0x8, 0x3, 0x9, 0x1, 0x6, 0x2, 0x7, 0x1, 0x7, 0x3, 0x6, 0x0, 0x9, 0x4, 0x6, 0x7, 0x7, 0x606ec41, 0x5, 0x7, 0xf76, 0x4, 0xfff, 0x8, 0x4, 0xca, 0x83a0, 0x601ca66e, 0x80, 0x9, 0x4, 0x7, 0x800, 0x3, 0x5, 0x7, 0xa, 0x3, 0x9, 0xb408, 0x0, 0x8, 0x9, 0x800, 0x8ed, 0x2, 0x6, 0xff, 0x0, 0xff, 0x8, 0x53, 0x7fd, 0x100, 0x3d6, 0x81, 0xe, 0x2, 0x200, 0x10, 0xfffffeff, 0x2, 0xfffffff8, 0x3, 0x1ff, 0x7, 0x8, 0x1, 0x1, 0x9, 0x0, 0x7, 0x3, 0x5, 0x3, 0xfff, 0x40000000, 0x7, 0xfffffffa, 0x10000, 0xc54d, 0x7fffffff, 0x80, 0x1, 0x8, 0x640c, 0x4, 0x1, 0x7, 0x223, 0x8, 0x3, 0x6, 0x9, 0x1000, 0x8000, 0x3, 0x6, 0x10000, 0x81, 0x772c, 0x3, 0xfff, 0x30, 0x6, 0x101, 0x7, 0x9, 0x1, 0x1, 0x9, 0x49fe, 0xfffffffb, 0xb, 0x6, 0x4, 0x3, 0x9, 0x0, 0x1, 0x9, 0x380776b3, 0x3, 0x6, 0x6e, 0xffffce02, 0x80000001, 0x10001, 0xfff, 0x0, 0x400, 0x9, 0x4, 0x7d9, 0x2, 0x4, 0x2, 0x4, 0x1, 0xd, 0x0, 0xfffffff8, 0x6, 0xa, 0x6, 0xde0, 0xfffffffd, 0x5, 0xc221, 0x1, 0x1, 0xfffffffb, 0x101, 0x6, 0x86b8, 0x3, 0x6, 0x8, 0x3, 0x8, 0x1, 0x1, 0x44, 0x5d, 0x7, 0x4a, 0x655, 0xffffffff, 0xc, 0xfffffff8, 0x8001, 0x7eb, 0xa36a, 0x7fffffff, 0xf, 0x800, 0x800, 0x1, 0x2de7, 0x0, 0x6, 0x80, 0x2, 0x7, 0xf0d, 0xffffff00, 0xa93, 0x6, 0x10000, 0x4, 0xd, 0x8001, 0x3, 0x9, 0xf, 0xa, 0x81, 0x1, 0xce2, 0x6, 0x7138c437, 0x4, 0x2, 0x7, 0x9, 0x9, 0x200, 0xf75, 0x9, 0x7, 0x6, 0x1, 0x6, 0xffffffff, 0xf5e, 0x85, 0xc, 0x3, 0xfffffff9, 0xd3, 0x9e8f, 0x8, 0x4, 0x1000, 0x200, 0x4, 0x7, 0x4, 0x0, 0x2, 0xb5, 0x101, 0x7f, 0x4, 0x5, 0x53, 0x4, 0x0, 0x3, 0x80000001, 0x6a0, 0x4, 0x80, 0x7, 0xfffffffd, 0x71a4, 0x80, 0x6, 0x5, 0x2a, 0xe, 0x7f, 0x75d3, 0x200, 0x4, 0x401, 0xa, 0x0, 0x80000000, 0x66, 0x401, 0xe73, 0x7, 0x8, 0x4, 0x6, 0xffffffff, 0xf, 0x7fff, 0x8, 0x1000, 0x3, 0x400, 0xfffffffa, 0x81, 0x3, 0x5, 0xffffff80, 0x7c7c, 0x2, 0x3f, 0x9, 0x3, 0x9, 0x5, 0x1ff, 0x7, 0x0, 0x2, 0x7, 0x7, 0x8, 0x9, 0x8001, 0x8, 0x5, 0x2, 0x7, 0x9, 0xffffff7f, 0x9, 0xd858, 0x3800000, 0xffffffff, 0x3, 0x1, 0x4, 0x5, 0x2, 0x300, 0x5, 0xfff, 0xfffffff9, 0x4, 0x80000000, 0x7f, 0x19, 0x6, 0x8, 0x0, 0x9, 0xb, 0x4d7e1dc, 0x4ab1f0da, 0x4, 0x10, 0xfffff21f, 0x5, 0x3, 0xfffffe01, 0x4, 0x0, 0x4, 0x7, 0xffff, 0x1, 0x6, 0x7ff, 0x400, 0x8, 0x2, 0xb, 0xde7, 0xd692, 0x6, 0x8, 0x7, 0x7, 0x8, 0x401, 0xe, 0xc1a, 0x7f, 0x8, 0x3, 0x7, 0x10000, 0x89f, 0x10000, 0xfffffffb, 0x1, 0x8, 0x1ff, 0x401, 0xd0, 0xd, 0x8, 0x7, 0x10000, 0x6, 0xe8f7, 0x3, 0x8, 0x52a, 0x3, 0x0, 0x200, 0x2, 0x9, 0x7ff, 0x4, 0x2, 0x3, 0x4, 0x4, 0x10, 0x200, 0xc, 0x7, 0x8, 0xc, 0xfffff02b, 0x7, 0xff, 0x400, 0x7f, 0x3, 0x24e2, 0x10, 0x1, 0xee, 0x7, 0x8, 0x400, 0x2, 0x1, 0x10001, 0x2, 0x8, 0x2, 0xc, 0x0, 0x8, 0x6, 0xc, 0x6, 0x4, 0x3ff, 0xfffffffb, 0xe, 0x4, 0x81, 0xfff, 0x0, 0x2de88062, 0x28, 0x3, 0xcb99, 0x101, 0x0, 0x1, 0x8, 0x6, 0x8000, 0x7, 0x81, 0xffff, 0xff, 0x10, 0x0, 0x81, 0x6, 0x7, 0x9, 0xffff, 0x200, 0x8, 0xffffffff, 0xc81, 0x5, 0x10000, 0x8, 0x6, 0x4, 0x2, 0x8, 0x3, 0x8001, 0x1000, 0x7fffffff, 0x1, 0x5, 0x6, 0x2, 0x9, 0x9, 0xff, 0xffffffff, 0x8, 0x6, 0x200, 0x3, 0x9, 0x1, 0x8, 0x40, 0x7, 0x7, 0x66, 0x10, 0x8, 0x4, 0x5, 0xbf, 0x8, 0xfffffffd, 0x6, 0xffffff81, 0x7, 0x0, 0xa0be, 0x81, 0x4, 0x8, 0x7fffffff, 0x5, 0x1, 0x80, 0x0, 0xd, 0x4, 0x9aac, 0x4, 0xe0bb, 0x7ff, 0x100000, 0x6, 0x77dd, 0xfff, 0x9, 0x6, 0xffffffff, 0x3, 0x220, 0xffffffff, 0x22, 0x1, 0x6a419c67, 0x8, 0x5f1, 0x8000, 0x9, 0xfe, 0x4c77, 0x8000, 0xc, 0x6, 0x200, 0x3, 0x6, 0x4, 0x4, 0x10, 0x7, 0xdfb3, 0x8, 0x7fff, 0x2, 0x6, 0x1ff, 0x5, 0x80000001, 0x3757, 0x5, 0x2, 0x4, 0x7, 0x1, 0x9, 0x8b, 0x6, 0x8, 0xe, 0x7139, 0x8, 0x3, 0x8], 0x5, 0x400}) syz_emit_ethernet(0x83, 0x0, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x211000, 0x1000}, 0x20) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) r4 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc) setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa0000000003"], 0x1c) sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r3, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @local}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r6 = accept4(r5, 0x0, 0x0, 0x0) sendmsg$alg(r6, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) recvmsg(r6, &(0x7f000000a8c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000009700)=""/4096, 0x1000}], 0x1}, 0x0) 13.837728666s ago: executing program 1 (id=1302): syz_open_dev$tty1(0xc, 0x4, 0x1) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15) keyctl$session_to_parent(0x12) setresuid(0xee01, 0x0, 0xffffffffffffffff) add_key$fscrypt_provisioning(&(0x7f0000000000), 0x0, 0x0, 0xfe00, 0xfffffffffffffffd) keyctl$session_to_parent(0x12) 13.664907401s ago: executing program 1 (id=1303): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) socket$inet6_mptcp(0xa, 0x1, 0x106) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffcb2, &(0x7f0000000800)=0x9) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x700, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) read$FUSE(r0, &(0x7f0000003880)={0x2020}, 0x2047) openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000580)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x7, &(0x7f00000001c0)="fbffffff", 0x4) ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000001800)=[@textreal={0x8, &(0x7f0000000280)="66b92c0a00000f32660f2cda26262e0f49d50f20e03506100f22e0f3aff36eab643e0fc7b40c00baf80c66b84769688966efbafc0c66b9391001c00f32"}], 0xf, 0x0, 0x0, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r6, 0xae9a) ioctl$KVM_RUN(r6, 0xae80, 0x0) syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="040e05027a0c"], 0x7) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000356000), 0x4) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 13.312933863s ago: executing program 0 (id=1304): r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 13.158970921s ago: executing program 0 (id=1305): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket(0x0, 0x0, 0x0) io_submit(0x0, 0x0, 0x0) unshare(0x6a040000) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000840)=@mangle={'mangle\x00', 0x64, 0x6, 0x508, 0x100, 0x1d8, 0x100, 0x100, 0x2a8, 0x490, 0x490, 0x490, 0x490, 0x490, 0x6, 0x0, {[{{@ipv6={@empty, @loopback, [], [], 'gre0\x00', 'bond0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@CONNSECMARK={0x28}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x3c0}}, {{@ipv6={@mcast2, @private1, [], [], 'pim6reg1\x00', 'vlan1\x00'}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@remote, @ipv6=@mcast1}}}, {{@ipv6={@private0, @remote, [], [], 'tunl0\x00', 'bond_slave_0\x00'}, 0x0, 0xa8, 0xd0}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x568) read$msr(0xffffffffffffffff, 0x0, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6a, 0x0, @buffer={0x0, 0x73, &(0x7f00000000c0)=""/115}, &(0x7f00000003c0)="259374c96ee3440acbeec63892a3c73244990a0000d4eb62fa952fdaa59cf06cde5bf469a134ffb2e39f0fb9ec8cf62c105d8fb5faeaf2d02ef9f4e0afabe88be431472771f7b0de96a2cb02694cf596206122d2637f3cd6356ddaa6a987ec8f0b541639145a6a494964", 0x0, 0xad, 0xb12531df61d0214, 0x0, 0x0}) syz_emit_vhci(0x0, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000040)={0x7ff, 0xef9, 0x1}) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x11, r2, 0x1000f0000) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x14, 0x16, 0x1e40, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0) getsockopt$sock_buf(r3, 0x1, 0x1c, 0x0, &(0x7f0000000280)) syz_init_net_socket$ax25(0x3, 0x5, 0x0) r4 = openat$cgroup_ro(r0, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000200)=0xffffffffffff7fff, 0x12) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0) 12.129298986s ago: executing program 4 (id=1307): socket$netlink(0x10, 0x3, 0x0) r0 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0) getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r1 = socket(0x11, 0x800000003, 0x0) r2 = socket(0x1e, 0x4, 0x0) r3 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0) flock(r4, 0x5) r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) flock(r5, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000001600)="4ad1ff49ca613b35c12b8bb8475c8e54bea495ec5746b2dd1fa94347faf077cfaf8cb654dcc1e9178075265e1d450f52d3642c7cb01ce8adff2cd2df5ebab60627b9b27b3a00a0412e248d51b3265ab1f5c3b1e9c605fc66326381d582e829dbddb3c18fda82b21862200d94cc16ecc0ca6f", 0x72}, {&(0x7f0000003100)="b891190f9bf31537fedfa44ecf1a6e10b276f6e8c5fa0f7ada030ae6c4408911425e5f407da87c9f7ea5aa335ed5b64005c7745de96d67da9bfd59cb39173fa78cea4e9d7a4273d008fd62da9afff29548d7897fea69178eefc7f9f87bc7c5e760fce89606c51b1ce4bbe5ebcf9396159b0006c57b252c42930d845b1cf8173efbd429c0f94b6b7608180770500eb2c886366dd152caff97a503ce61c03273ab0002d6ce93cb2f40dfe499148155f470521884011a5205fc314c4b73f6d93e82f6b9c83113e69f137ab0b6500f8f82bcf68c649b3e145c824b9f1fad93c35771e03d908fec7e1139448c5484d70439b875a0709b20e47bf06b8a95f1707000321241ff69062face15b5ff4b38062ce16eed43663d39859d9e2bc21cb7104bc7cd078fe2446ac8864e49d7654ff0fdfbfbd1ec356816c5a0a8883fab12ff0e8e03ed7e3c47f00b82b27908f1651d0c377b984e9d222347eff426b90065e00f79e5c282db213d76979a218dd0eb601710e22ea441d48668ac83fc62824c64ae1212069c8bfe22498fe5d4cc91b989397322e4f78d7a3e563c513b20f85e629c9e1d65eedfe48510cded3ae35e7a76f7c44aa4acc370ac88d5acb982bf6a3d61498053e70cab3f871ae4079463beac688cb384b968a1a2b67143ad9cdfb606263e7e9733c8083eb1389542bfed96499eb11235c78912f2ead36c696407bdf89f9fd695e6676978717de71410d7d1a4b4eb4f4a11b811c1f92cdeef02c0b9f402c3e975dddb917c9e49afcc5d16d5d640fec330f89f625a18736e2e72ce4ad73e83dbc582c6bb28eb964e7cae31149684168b14f59ca0f47ce41848df5d013f6e47b09d39384c6376b7cdee6ba6021cd11a9145210f3ac2352447dacffa24f4012b36c812ac2c5c505096ee9f986f97d8ae6e994c6b22c49ff34fbb7180233d73b231d7cecf31916b66bc3768ca984d9bf11b960ddd8675fdffca6cda6b0ae6c56dd4193e0d3fd25e57116b183fa8a39ebaf980c04ebf0df3a04bcc5d463340204849f610b8fd686a1702c424a1e0a122aea1e57448e4b8383b98c238cbe0cd745eb13f92a0b5d5f6e8c1b60aac2d0d3f94b16ee6080c89d84482abcb4035759cd446dbcd32f68bb330d7da5403c9a22fd22cafcf81ccd744c303a1c736431b4d6f02ac39f767436dbcbc2376b03e8e72c5dde2df34d4f2d7f25ef7cbb53814a9b53aab1b860fabc2929a078407532e20dd2504037661c1f114e39ffb22b64de49e222137757a0358837e2f300ffb22effd0d230d7ac2f1fcf8e8c699a2976e25ec9becc5946b2e57527c48ace6ad2f64ff5a8074f0e289715f8d7547cebaa7c781b39e712f1b0d1d8811583dc5cb2207a78c786b0293987ee25383ed64a456b5b0b1861cbe61088dd985186e16cf6cb3433d31838af75394bb5233cc73147d3f400480c558ce058615767c20a342d891cf036e03135d4eab93a2446564d98e56cff8a86b91379394cc4c270f89fcadf2406900347ee5ad0d06de64ba1a09efe0ae796067d7c08e1fda05c38f6d7fd1cc5f94da255cfa4226da26203b24b8ce2e495bc44a48bd5670bf166fcfad69fd0fe8ff5c532d47f8c89181acd83e0b65f21a42f2ef94e3001ba0d130a6d0f9074ca7cf1ab099cf9276b6a1e0ed8ae729a6bbc29ff9b8a3ae884b758707ae491b84b10181797688e8126fab5ba5be261b77159c83b8c15469314f4df92b49eb8bb258c6d4adabf150315552e14262b9cc5d4e7faf24976ee3e915c0e32c4cfc7cf5245a0df13f72f0fbdd9506a88144432ef52b0bf0c52c52ba50f2bb0e64b0a06e5ae6026e4bdebbf5408250d72b9a083665e8316b32f5aba5cd0eca841e1878394050b8e71a9f3b43e088996d42ca1cf63c4679b931d75fc40fdaf3169acb3c8e8283fda95c8ff8b9a8ac4e8f702af4208d9f377aeb22e13ae88020cc5831e862dfb841cc56c2959b036ae1b00522f6c156c4cc9f49b90b29907be5b091e03b482eba0284ac7c27c32f42a866e9ec36664f44091227ed3d4f32ea28a11c1959ef849e91d4debb7ba0d743413c4fc2e2d0cf5c1d1789124b8abc772f52f8ec56e89c29900a2a83557e14ef391bd187c019d47a0e4a27bf49d3af8492f13d8599c96a618d29e7895becd1dc5a95b3bb226981012f926c6dda53781641fd45b0a94279759ffcd34eadb237d63a89b90c782221f957317958fc441698c016a25d91bfc2ee5333fedb748df940ec2f3864de38fad66d7748132d14c8f8e6a03cbf8d60236dda04a0857c1b163397762b17fa8c931359466752161e3024ccf1d248ccc323eba25ad839ce84dd3ce595a5d688b86b7813d303ea6751e72a7a6bacb315472a57094b74f6b6020805260fba81d0e9b18f21ea453a9bf1d8e2d205e6cba8960b2979560c6a04076553155d69da37a34b48e8da92252c3ab74712eea63cd2dbd02bbf4a5f71eaed0c594f6d6e6ede613b9f0934ed3aaef65f55861a04e8c467e8ff3aa819ba35f08590622dd8673c558bfa5b45cd9611a75258e408dedf4fd36b128a961b547039fec3bbf0135127cedf0d3e51514c8ffcf020f1746544ced0f8f6970322d98a41a707eb22d07eaae03f7212ea92e2c48a5eec6d392bb569f282f8c79cfa491efab9df9177f47fde729b2f6e9f21033fdd0dc131fc26db865562a571952523576690810bf88bda8f22ab6556e54073df8b83a7c103ae2e0fd909146f3e724f2e57ea7087bd35c9a9518da4003b22c4bab5dd0b1bc0caf700536daf288e6a3df4449e27724230eafc363542a45488fda4fc97862f6d8f524d075b9d154fad27b03fa598f728019d0e29909cbb08f36aab7b58f209e15d99a6fd1b4e23a5b1150dde48f7bc7ff63b5f13abe2015285470968daae418e373256b0f42dcf29f14946f8fa939523dbb1a00f3f782a03b866df2ca12e26b4ec6a49c3e87f0758e4b6ba94dc393cd2fc255e935b0740cec27cad29c649f928a87a380541bc9c0a73fecf9666a97220e44e1efb03a28b23fac49c9710fbcce7289db257e82b2c31eddeb567a3385afb08aefda84ec9d6faee11777e0f50a7ae462d9a52110e9945b0c501d8dc6fc6f9687c56faaf669ba7519f53f740c120c46cb339cccf57b8b0c09edfd0f9747146d8c583a366b6f59fd0805c24696b19449afdae2011d79d7c8e577272297d2bc534180aa88f6f60193a1479a75a100493db26d43870a9d83fffa96ca3808ef1c4632e83588c4d2868d04d06d6b11b0da33baed15a3d25481dcc995e6ecbfffbab586ed5a209ed08515f2d83fe400d823b60ae9d702aeeb289859343eb75f09b9513bacb7562e1a3f49393bd19ea624331bbc09d479295af5a88f87d22ca3867d19fd4dfb3ffacf259a095a621ff4ab240f024217a0d9e48a6787afe9b6adcfbe048506c9155168c8d7e6dcbb59894acb03fc77ff69ee5cd09c468631e75ea73881ce10dc9c423e93c38854f50b54998e2bed27ee9f3670385f0708a1dd6e24925344b35c4fc2df6e9b4007beda22b6098125f1ae648e85c2ac337e6ecb56553a52f1a20598568bcede06de30619fa80c9e343f103cceeade258686c5427e1dd4a6d748861ec80d4fb04ba6f49be9c4fbccb7381e107a4cb82a6c481a4fe336d4e8e27d506acd189d10b7185e5f4eb5d8afda566213f1f2ca5891f5d2997373593d86ed82e1ce5e7a5e4211e9cdd8fd1f93ebab7e6b38697550991620611a6d2497d0ad4493993f824a1825157d10bb69f03f695c3e1ced6f392e79e90c5847e8e02903360f23792010d57979fb99181d85a821445006c7f613438f297fec577a8e59e6acafddfa48f86619239687f132bf244f65f76502e6d2b082bb60a276a8d30cdcd829c8e9b0e4a9d17ab09a3c971b2f6931de0286fd4b879781f15fd1669371ff759b02fd34a3c3ab5e64d6d1399d2b96c31581ebe7db2f236bf75e0f3f9464a4e906a5895ff71bc6fbd2548a63a0d974147b99541a599e48b58be2fe328724f26f8a80d44ac02f2f8eb001777f83c3c57e6ee4a4e18288df3bf6320b081a2f84df590af2856c9f2b6b7499bdb00cabca748d7e515e75f50d49f1bcf444517b2134423dbef7792006813111f4a1de84e65016e81b1c4bdfff11d47ccb71f0de9989fb0ea20262126d5deae47cfef3c90105e4fa4b1279451331d804526a59315f78736a45102f4f142ed0a3207236972d5fd509d3a3d77f3946c61d040b300d208e5fc78a9cf02c12a1b00bc785ab16247db10d525137939287277f58411c21f87e8347ca5de32742f00b3c2bd4630b706963f7d3997b2af592bd0c0e5208ad0833065415af6f2f242ebf90ed3a2cbc52432077dde86700bca36af6e7dda75335c3d65a07ef5a615c23d741eb7f5778d356fd1042807d3f9efae5063cc97125c85dd5f9b383e760b841da9e3eaa3d5940c0ae44e8180cf2656de9916e63885431e83d9ace02a91be9a933b6b7c0fc8a9a32ae8ff6e963c23b566468e5dd845bd5501e2e852bd3643d5f60", 0xc87}], 0x2}}], 0x1, 0x9200000004004880) r7 = dup3(r3, r2, 0x0) recvmmsg$unix(r7, &(0x7f0000001780)=[{{&(0x7f0000001800)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000500)=""/4096, 0x1000}], 0x1}}], 0x1, 0x74a081c1, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r9 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x18, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME_EXTENSION={0x0, 0x9, 0x2}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x6}]}}]}, 0x48}}, 0x0) epoll_create1(0x0) syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000), &(0x7f0000000000)) 10.162587721s ago: executing program 4 (id=1309): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) socket$inet6_mptcp(0xa, 0x1, 0x106) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffcb2, &(0x7f0000000800)=0x9) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x4188aec6, 0x0) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io$hid(r1, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0x8, "a8407a73"}, @local=@item_4={0x3, 0x2, 0x0, "93bf0280"}, @main=@item_4={0x3, 0x0, 0x0, "7488dffc"}]}}, 0x0}, 0x0) r2 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$HIDIOCGNAME(r2, 0x80404806, &(0x7f0000000080)) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) read$FUSE(r0, &(0x7f0000003880)={0x2020}, 0x2047) openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000580)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x7, &(0x7f00000001c0)="fbffffff", 0x4) ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000001800)=[@textreal={0x8, &(0x7f0000000280)="66b92c0a00000f32660f2cda26262e0f49d50f20e03506100f22e0f3aff36eab643e0fc7b40c00baf80c66b84769688966efbafc0c66b9391001c00f32"}], 0xf, 0x0, 0x0, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r8, 0xae9a) ioctl$KVM_RUN(r8, 0xae80, 0x0) 9.85902064s ago: executing program 1 (id=1311): getpriority(0x2, 0x0) 9.13663602s ago: executing program 3 (id=1312): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90324fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0) 9.089378975s ago: executing program 2 (id=1313): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x6, &(0x7f0000fff000/0x1000)=nil) connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) fcntl$setown(r0, 0x8, r1) syz_io_uring_setup(0x360b, 0x0, &(0x7f0000000340), 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @local}, 0x10) openat$audio1(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r4 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x5c928c36, 0x2) ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000240)=0x2) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') creat(&(0x7f0000000000)='./file0\x00', 0xfe) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 8.808355558s ago: executing program 3 (id=1314): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r5, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "00000100ebffffff", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00B\x00', "006e34e400"}, 0x28) setsockopt$inet6_tcp_int(r5, 0x6, 0x16, &(0x7f0000000040), 0x4) bind$bt_sco(r4, 0x0, 0x0) bind$bt_sco(0xffffffffffffffff, 0x0, 0x0) listen(r4, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f0000000040)=0xb7, 0x4) 7.979254863s ago: executing program 1 (id=1315): r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 7.818484166s ago: executing program 2 (id=1316): r0 = epoll_create(0x3) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)) r2 = syz_io_uring_setup(0x110, &(0x7f0000000840), &(0x7f0000000240)=0x0, &(0x7f00000000c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0) pause() syz_io_uring_setup(0x233, 0x0, 0x0, 0x0) syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x201, 0xca, 0xb4, 0xc5, 0x8, 0xc72, 0x14, 0x578a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0xb, 0x0, 0xe0, 0x9, [{{0x9, 0x4, 0xf4, 0x5, 0x2, 0x1d, 0xf4, 0x52, 0x8, [], [{{0x9, 0x5, 0x3, 0x3, 0x0, 0x5, 0x8, 0x81}}, {{0x9, 0x5, 0xb, 0x0, 0x10, 0x40, 0x1, 0x7f}}]}}]}}]}}, &(0x7f0000001240)={0x0, 0x0, 0x0, 0x0}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000002140)) 7.758846792s ago: executing program 0 (id=1317): setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, &(0x7f00000001c0)=@framed={{}, [@ldst={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a7fbb}, @ldst={0x6, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffe, 0xa000000}]}, &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x0, 0x0, 0x0) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x300, 0x401eb94) socket(0x15, 0x5, 0x0) ioprio_set$pid(0x1, 0x0, 0x2000) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="5c00000002060b0100000000000000000000000005000100070000000900020073797a30000000000c00078008000640000000000500050002000000"], 0x5c}}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20000023896) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 7.487013992s ago: executing program 1 (id=1318): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r0, 0x0, 0x0) prlimit64(0x0, 0xf, &(0x7f0000000140)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10) syz_open_dev$sndctrl(0x0, 0x0, 0x0) r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) r6 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x9, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cpuacct.stat\x00', 0x275a, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(r5, 0x40045010, &(0x7f0000000000)) ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r6, 0x4112, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r7, 0x0, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/consoles\x00', 0x0, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="2000000072003303000000000000000007000000", @ANYRES32=0x0, @ANYBLOB="08000114f51a7d6701f5516a020007000400005b1feddfdd45b77443c39ae4a9b7c9001da8788ce97a8da17578f3446855dc4e1b3a2a272b8a90d7424667935a0cda28116ab4320433af67caddbe97ca553be3b12b80cd46b189c2c5924014c619d99750a7e94f073f02d54aa06697061a062435295f5204bc25a9d90503e56345f07c08cf6cf8d8bcb25edeceae3c45793e814d4755f5129f5adc008adc7625a42c674ff18221f767b5bf66d7f025863f701bf374851b3ac85fb19d02ae0ca5a539e478ea9579d5c67b7a0a325374fbf068baea3702a76e7e02e18df7a522"], 0x20}}, 0x0) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000580)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0003}]}) 6.063697578s ago: executing program 3 (id=1319): r0 = socket$key(0xf, 0x3, 0x2) recvmmsg(r0, &(0x7f0000000440), 0x6f5, 0x2, &(0x7f0000000480)={0x77359400}) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="0216000002"], 0x10}}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = syz_open_dev$loop(&(0x7f00000001c0), 0x4000000000, 0x96fb82) connect(r0, &(0x7f00000003c0)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x2, 0x2, 0x0, 0x2, {0xa, 0x4e22, 0x6, @rand_addr=' \x01\x00', 0x9}}}, 0x80) r3 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eN\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n0x0}) sendto$packet(r4, &(0x7f0000000340)="03000300000000000000ab5d71acedd7c956946ecd0f37cf8ba788a8a24dede6", 0x20, 0x0, &(0x7f0000000000)={0x11, 0x8100, r5, 0x1, 0x0, 0x6, @random="e131b6ac9c26"}, 0x14) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) sendfile(r2, r2, 0x0, 0x24002de8) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB="240000000104010200000180000000000000000008000540000000000500010001"], 0x24}}, 0x0) 5.304530609s ago: executing program 3 (id=1320): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029e", 0x9}], 0x1}, 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)=ANY=[], 0x10) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000737000/0x2000)=nil, 0x2000, 0x1000002, 0x50, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x516b, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f00000000c0)=0x0) syz_io_uring_setup(0x890, &(0x7f0000000280), &(0x7f00000003c0)=0x0, &(0x7f0000000180)) syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000140), 0x1000000000000221}) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000014c0)=@IORING_OP_POLL_REMOVE={0x7, 0x12, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1, {0x0, r4}}) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r5, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000100), 0xfffffd9d) sendfile(r5, r6, 0x0, 0x8000002b) setsockopt$inet6_tcp_int(r5, 0x6, 0x22, &(0x7f0000000080)=0x8469, 0x4) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001500)=ANY=[@ANYBLOB="300000001800010000000000000000000a000000000000000000000008000600000000800c0009"], 0x30}}, 0x0) r7 = socket(0x40000000015, 0x5, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$sock_int(r8, 0x1, 0x2a, 0x0, &(0x7f0000000600)) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r9 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r9, &(0x7f0000001880)=[{&(0x7f000001aa80)=""/102393, 0x18ff9}], 0x1, 0xfffffffe, 0x1ff) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f00000001c0)={&(0x7f000053f000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/154, 0x9a, 0x0, &(0x7f0000001380)=""/237, 0xed}, &(0x7f0000001480)=0x40) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0) syz_clone3(&(0x7f00000004c0)={0x4000200, 0x0, 0x0, 0x0, {0xa}, 0x0, 0x0, &(0x7f0000000540)=""/127, &(0x7f0000000240)=[0x0, 0x0], 0x2}, 0x58) connect$inet6(r7, &(0x7f0000000200)={0xa, 0x0, 0x0, @local}, 0x1c) syz_usb_connect$uac1(0x0, 0xac, &(0x7f0000000080)=ANY=[@ANYRESHEX=r7], 0x0) r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x40000) ioctl$BTRFS_IOC_ADD_DEV(r10, 0x5000940a, &(0x7f0000000380)={{r0}, "48833b0ffabeb307cf6069fc70560a2e1eb142b612550055d79475ce084818ca47c9f8f5e0a7c9ca911535c129f87c4755392642e3d58ff1b4cccb1e9c4024f1ce95199816aac9e5ba71d4e82817d77635554531556a50f5890a92e68f6905bf448bc37848793185e174dfe01489f450ebd42d87fc2a807f5706a8d4593c644e1b5feb58cf053b748870fc9eadcd30c520cf5f498479f3a5501d1ec88b86b4448fcefc5c6ccf4c5737bffcaa34d300d203dac61374bddaf8166d7e0776488046947f7f1247c6730cf1ce0775d8ca0cea9cd8a29d68edc0e1adc38d0f7c733009fe496f93bb2cd30ef3e5d14ec917fd71817ed6114fbd04009093deaa43a2db6c4b121a54e389d6d55d13385538b6df1acb1f9b698f2a625f724f18c347119f950fb8d53ef87c919202ad9295d78b7a5bfaa0bd6c8d4c87ac4ea9304b8adc356fc38eaf2ffd0a037a5b93de3823613ac3b78f13f437934e1a8e5da1e1d49f223d5dc13c2eb8029e5ea7bd7241524893d5d856480966bb3a044f4f49d65e725273bbc516fd5894036b299b42a3334bbf3b7d78512f7d16cb2548b3355b61045573b8903e6d3698b67a7659be0951c314a0cf28729931602f2509c4498da06d59706a1f65d565241664f292529299e2865c35e01899ee36eee113db186af731e3aedf51eb6a746e2fe0eddcf29a23928dc7727e0d761cedc97c9189951bb1e69bb108da8bf2dc0aa8c9daafa3261aee740b6693bdfb545eaca57f0cde2ca5b51695e68ec7a56d6c6cb265ab09e688de327be455428a1c2732c19c8c8f289d542860280c7c0e84a6636e41a83d3485eabc36df66202f3108dcb39486f066c1df398247f39e0db2ea9a1e7bf8591137dfce40ef9f784f83b95876f21d8c7b896b12da9ed04b28b03085cc1a851073cedbbaa7ace107f9d2e886b838f4b9dfe4573c8dd0971167da46fc85961d9c5d73397a8bc9fdc294d7868d3f84083f4d735783592c93a0bb1363e51099e9a45d1694be444597a66100e5a46e6b9a66accefe30a1bc2039e89e2aab76510f7ac63728f7047d3f9b6fe368137ffd0ca47e21d7d71c956fdb79456945013b8e34caefb2b99e8ccfed00b0b602bf3759b61a6f9b34098be6a505c2c76a9d748782b6f6b1a0b26d882b2f932e4d1a75f3bb8559b9e730c553e8feb7ef3625a66dda59409ac6aadefe1dcccc88a7f3011f5380d661570849fabb03b807de3ac6ccdb281ca0fa05a1e35d2e3815490d6d94bca123d775ddf9c4de71cb154b5a2485b2630703c60c7b5c3dd97537dcd3764ad19a4f034a7d365b110504d662e24b162ddd401e1bf41de48b48fa29618ae237fe71fd9576d84c062c7b9676e535fdf74a9296062c5caf749c06764d68355fe3c002d06908790a5b95fef60351cd09ad3e99f78d39ae1a0d50b7ff694ff42a876bdbcb8d9caf95bbacd1079ae28ad8bb16f6423578a64408080cda748e4fc5851bd438482224bdf2a45324c71bf55189eb50fdf5f76ae9a47f943cb0a87e798df17ae8da607f0458f3a09ec30e3bf6678dde17e7805aaed2c905ec806cc7af3c898b40db4ccf8569f0f9d7755282a2a5466d6f4b6cbd9b07f60f6164ad5d47a4f981de3235e1936989ca9aa5c7afb9767a447f555359323c4efa99fdd6e7e6b3ae50b82f64ef19f86bc180d8a51d7cb47f56840c3a2ae4568a420ee089f7683b7ceebd7aa163e7bcf13e329447dd833c493650cbd66578c555af34efecd7528a72d3fda8e0ca2dfb9c4d36fc1a82ba6f568ede8a10b45b115568e67cbb89c2c38d23f1341b0a452b742bfefbeee611c6e4de15451865ad574f845894da67931809894dc68fa439e5c31b70c084283969e33269f68d68bc6453a438c9358690b835ba4e2d97b48a228c1dbee727fa8df35329a2dfdeddbe9fc7d709b2420c489be6aeb5ee0316c98a4c0f6f3182a755e307783ef97ad99e7269a1b0d93489db59c0b509a455f7a3410cb8d6cc0221e4ca5af0337ee4a36abf991cf8e7bf3ca274fcd4fd678618ad1b3b06eacf237c55c00deeeb7fda42ed36c4384a28cba73dcf3556b7db1583259f5a434aec1b4fc44464988eb77f434645ea2a537ca2b5713fdd6d0dc5a8d029563620c47f49105d05ee79d7c4b55c276ad4118412d090cd8b0aa692280847106c17593f495f079fefa0cd410c2838eed1746f545f86d11e1038e1748b1e656bd9d2e6fa3dcad85eddaa9f907a223e18d6eb3a69d8f5e40bf96cb39b717097c451624aa88a963f34cf522c4888dcb1c1dbd98c870edb5281f9cf1eb63e8e74996b70cf71eb3c1bc75e9128e42e95481ed2972684fd81472d71b83fc0601d38cb42c68e68cbcf8612c7aabdaa010e3e9b22d649697f4a7bafd64543ca93fde9fb5d5f37e00723b5a4305313bb7ec135eb762027875697d2b8de4c4dca384e5fabde309bad9caa6e4c833da4a22499b18a1bafbba8f84962f4bdc543cac49813adcf0f84cf1b2b5b2ceb845dc3601fdb0c7851cf1e9b6730c30b56a6a93bb3ce54922c55ea2a304c444ce28fb3cc53ec9d9baf253ac840c7431bdd5d47e36f10f4e00fa6049c3c090e674688ad4af0972ac18807d5e6151c62d1b1a84871444f3ab5232236835bb05462874a3eab26cba919ba49c764135902c1f24360639321dd3506d78875f4ed1866d7e464cea43bcbe9efc9644c53cf34d1e8dfef73d2cf2de2ee07e60926bab111a321364dc9da9c1fe7ff579d515f3e4781f9ea42b5996028409430917ad86f02ffe722a971bb88c33468e923136b518ade0902bf948bbf3786905909feedb6bf568a474411ecd2157fe075e12586c80c394648f71c3cf297d48688aa1a2e2c4fadf9c1af6703d346ec086c8f57cecf28bf81c44979ccf6477e3b9f4217bcf0d1fa4126837da10518cb777db5d26d1b79a29a6ac84f788cf7defa125518040ba8b46c15c726b655de0a6323a652ae48ebd5544e551a1aee60e14d861ff67322504b886dfecd6cb90fc6a8350714283c5e091a7346f23737c073f993266bb349a38e3450899b81f351a55b370e4712fd51484b6f83340f149ed0e9062e24b1acdf70795911b2eba5191d57e0dced32b41dc43e93a6e48d2bff698f89eedd862e9074c981c7f376743ab4c7a30ce3fbd13e21b626b11d0a27f992a654263edbcae2b3c3379807b35d565e0a8dda502b5f6eff17eb657cdd2e98a3e8ab4467384e72c9e4475635b75fc8e03e05d326c9057192788cbe996360337ecc108f45fcfe233c7a00867e6443176e05913614d09a3d1ec47974e3298035b4781327241ef1581e44be0479da943bb387f25cb70cc2d1eb7f31aedad3856563da7e4f017e99cc4998b46d3027933f3000e9ed4fba7e78f7f5c420cc21ffe664b0d3655358751eedbce6c63390d2e7e6adc2d4edafcf2700d617c0998f6203f8a9f87417557a44d9f596601a5ed09da5a5d01c4b86835d87b9ea9e60eca0c93b54db3b8d42943c6802eaba718da7e64830f39d47df4721d4d52d14e8d1ac7b123c3d97f9fc62a9238684caece9f416c2f7f2a7f573acb2c2a236096735964b5e4514b495013c028f3564b53f18fc1597fa86fda4a580cf6bb426fcf096e09f5d11cf80ac95cc0459b522fe7a2127959b67ef23fb9687dd2c3e3995113d9cc9a7c80e9024ca90f1c865088b60b53e00162a5939aeec2b2a9e663cda406c7268c13c320c8be45c70cbac2e98b1ad1a726dd06ad51dd1a7594e0ee12d39276e127bcf4201a93f8b79ba1d7842c2d23aca5de166a5d36fd218b95885363ebf88b1e1f802dbd8f9588393169d3e76ee6e6d661c4f4a2260414f98284bb17b08bfb2eb2cc4c68f6dd6cee6f4b7b70a1afc6771715bef63c9a09d56db49ddf1a94e1bdfdb565f509183d655245ec896dc2351d6494b85a9f74daaf59309b8da0188c400c8251659a2521d2b1cb4e9f50c4fb3a33e2102e6491f014023db49426a1766a520e86383d336f499ed7b1a7264d19567001db37c7ed4edba80664009a11bb93bf08d2effc5793ba063d641486e94fad435a25fbb83398f08b4ca85688f4de2e8c26fc172fc5ef40ee6bd7192a03552a6c70f58d59056eee9576bc8fc12e1983f7e60afd21cf4e3d44f945f927c3edd180d0657d1447daa3d33915c6b4308ef4271098bc3c4c7f05d775cff11d3fb3b38d455bae89bcb4302c4c47812fc54d247e46b51c9bc2d8ae74c967cd80f48efb3d51913810ee6cdc3aa1584d90a01601845d7ae48d9e88d5a3ca27c6dc39035c8a1af440f1fb884ad6de4f758f8df1cfacebd63da243b27a08cf32317ab9f2e6ad0e5709cdc00dad716ba15d695d58b077e79ae447a8687042bdd4dd7ea51609798bd3043cbf40ac9c70164eb1fe0e3d2a59817afde27f7733f4b5229fdb7ddb12e9883a1ac783bddd76d3e77debaf23fe8e93860f885c9c56d690a9e65a5e5dc6ebf1367f2cccaa935e2ad08724093637647bbeea195b0a30b55e5e923a77c002ea15b4559f920220ee4a69d2e46e5a5269d2a216235460f46bff111aa431e199cabb777eeef665799529d6c833bbd776be0e09f440b96f0315d76262c6ec1a2b1ba892270157b98c87ad0a34721c3bef5d6c3530d87a0ea3cedd85714d45e427feaaa1d1bf1a1e6e072e13cf575722ecb7d883e67a34c9a4aab5be6c76546384a19e0c31b73d34feb3d6f2cd65e8b5a2e9774de73abe7ce8ecec530d2fd47fc626edd78e418dc634e08cff62605303ceef80ec1c6a24a2f289098410f70b72c1d2a420efd891d8a7cf82654b2c2b7a6d645f126f4c9a35792c0624ac7925d3061eacf827ffac6eca1b6ac75b5cc4a06c5d243e69de766b7254f5512d907a7938129c339c28f5030094b5e8704dde36d8e5da120bf949a83f94f2c1532281a1b488658ae5bf23dfbdacb28815f8d2ce1895d1db3d6e3fd4d150ae53da1d5e28487c3b670f532f4ee5cf9598807c4ad3f02618ca51754e9ca2d280c4ce22439d0c54ca807d1b7c4d47b98591b5f0317d04b0aae6fe50c4e1942df84b43831ae468386652409aba5115fc2be573a99ad2aa49be29cf0a65a20e667157e75c5116074421882c5406f91e413a7cf3133158dd311b6b66072731805cb7692875bced2ec32072e794a4fb71420e990202b6b86ea8004664a2429a97ea00fd2f4e02c888b47e2ce26cea0ba12a796f8205299dbaa102f4a0806fef2caee8e97c61663e3c4f5150fdaa8b12db9893b74f2bcda4c2c98d9a261ba02907b5c755c3fe28e110511ff4d98fb7271f137c70bcf2468030481e6513424b7aa64e4698d2645699ba09cc51080a18d332fc312587d343959cc42b25805a5d6004441e37d2f84c5dce15da7e69f3776f7aed3c63a93c8ca606eef6e0a3d18c70b936daa045e7e1db37b03829d5e4c63e76bdf4c07f0f5a919266325a9309f9cd76ed5e8eac6fc3b5fe52dbe53b16c3e239bb60b5ca03884073637962609652bab7fbc6abba3907594777e2fd2a80158538be6076c08f98a9a4f75706fd1c5e59a636f07b0f66763b69fcb4420da1d7415e6edcde6307f3a5b1fff26557a0d9d2f88d7d769f5684ffc4987881363e46a4cfa99e5b49df65251dbd2b7dcb225d8d9bd51ca4ae5a9e9f7776ea7d62b7e447f88a1b1281ef6886456f737f3173c53043253828e9d2c55caeed403654bfb10586111591f5a714b2f6de48362f7e658b28285d5ec6024c8bb82907b75e756d5e04ca3c8e75a12f15339837e667a39bb7047dbe8f863aee313e6c69ec9fc"}) syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r9) 4.735657539s ago: executing program 4 (id=1321): syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0) syz_open_dev$dmmidi(&(0x7f0000000200), 0x2, 0x0) syz_io_uring_setup(0x6d45, &(0x7f00000003c0), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0'}, 0xf000) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x1, 0x6576, 0x26}) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x100000000) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) ioctl$CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, 0x0) pselect6(0x40, &(0x7f00000001c0), 0x0, 0x0, &(0x7f0000000300)={0x0, 0x3938700}, 0x0) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_KEY_SET(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000015000000400001802c0004001400010002000000ac14142a00000000000000001400020002000000e0dab85c6c000000000000000d000100756438d59160f1d9d9"], 0x54}}, 0x0) 4.463081343s ago: executing program 2 (id=1322): syz_open_dev$tty1(0xc, 0x4, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() capget(&(0x7f0000000380)={0x19980330, r0}, &(0x7f00000003c0)={0x380000, 0x8, 0x100, 0x9, 0x8}) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) r4 = getpid() r5 = inotify_init1(0x0) fcntl$setown(r5, 0x8, 0xffffffffffffffff) kcmp(r4, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) r6 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0)=0x20001, 0x4) r7 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$inet_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000600)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x0, 0x35, 0x0, "679f672c00b69e65b0934066fc7c3406caf2c09e33bd50116312e2b00fee650af69b2150ccaa762a3db7ad752fe616e085e991c0436e7e7111238865d27b4e82dcc94700ddd1878b088736009d15f1fa"}, 0xd8) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6) sendto$inet(r7, 0x0, 0x0, 0x20000010, &(0x7f0000000540)={0x2, 0x0, @empty}, 0x10) keyctl$describe(0x6, r6, &(0x7f0000000080)=""/72, 0x48) add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000080)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "e5231296f5880856cfb591151cebcb3c130e574e0912fc5261cbe89b56860676f63ffd2a5c60e7dc92673d761aa2da81a8b43ddd019e9180e9f00518d131dd3d", 0x19}, 0x48, r6) 4.370781607s ago: executing program 0 (id=1323): socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(0xffffffffffffffff, 0xc0884113, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socket$nl_route(0x10, 0x3, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400020d, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x0, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0xffffffff, 0x3, 0x0, @void, @value, @void, @value}, 0x50) prlimit64(0x0, 0x11, 0x0, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) syz_emit_ethernet(0x4a, &(0x7f0000000340)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a843500140600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5002000090780000df30847e675209e4ac27b7e616cf5ac4351b699e9e5b45efd3a08868334fdfeabf99d75adec5a5dfd043b2633189cf94a70a76d062874eb11ea95c24b134494e4f072f326873e4494d36b42c1b4c7499abf62528b9b6b06e60ce17c333914f504247394676294ae523ed027cbf741f4d9cf6cf3f6443e1d9"], 0x0) 3.452143856s ago: executing program 2 (id=1324): r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000240)={0x0, 0x0}) r2 = syz_open_procfs(r1, &(0x7f0000000600)='fd/4\x00') ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r2, 0x4004662b, &(0x7f0000000180)={@desc={0x1, 0x0, @desc2}}) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$BATADV_CMD_TP_METER(r2, &(0x7f0000000140)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000000)={&(0x7f00000000c0)={0x2c, r3, 0x4, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x13000}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x2000c854) 2.068998044s ago: executing program 0 (id=1325): r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000002c0)='./binderfs/binder0\x00', 0x803, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) mkdirat(0xffffffffffffff9c, 0x0, 0x0) pipe2$9p(0x0, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) timer_gettime(0x0, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x400c040, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000280), 0x1, 0x0, &(0x7f00000006c0)='u'}) prlimit64(0x0, 0xe, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x44, 0x0, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8}, @ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x1}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0xd0}]}, 0x44}}, 0x40) 1.959109767s ago: executing program 2 (id=1326): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = userfaultfd(0x801) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000180)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000bcc000/0x4000)=nil, 0x4000}}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ppoll(&(0x7f0000000000)=[{r2, 0x4047}], 0x1, 0x0, 0x0, 0x0) close(r2) io_setup(0x395, &(0x7f0000000040)) syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x2000800, 0x13580}, &(0x7f0000000100), &(0x7f0000000280)) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) dup(r3) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) socket$kcm(0x10, 0x2, 0x0) r4 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r4, 0x107, 0x9, &(0x7f0000000080)=0xffffffff, 0x4) setsockopt$packet_rx_ring(r4, 0x107, 0x5, &(0x7f0000000040)=@req3={0xffc, 0x3a}, 0x7b) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='mmap_lock_acquire_returned\x00', r5}, 0x10) r6 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') writev(r6, &(0x7f0000000100)=[{&(0x7f00000004c0)='4', 0x1}], 0x9) 1.313094772s ago: executing program 0 (id=1327): syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1e0000006c610000090000000300000040200000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="04000000200004000280e5f2ee0b52257c4ac0bded79aa9c4f6300000067000000000000000000000000009b8ec82daed84a4704b11bfed15b830d88349af4dd8175adcb1b243c992931726b1f2bf635355e2b6647ccc21b39b622c2b535b693a6d71dc6f9e4161baa0f0e01dd30c374e39ae67ec9de6af7dc76da81888121dd28055935499971b6c6cfe9a02035146f6d3ef64303d27f6a5aeaeeb742e3e355b9eda231f42a26023f35d758bee530ff73f3ce652d09eae2d4793af8d8a93fce967fead07597e63a63"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() r3 = socket$inet(0x2, 0x3, 0x1) connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10) socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x82, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffff0000000000000800450000740000000000019078ac1e0001ac1414aa0300907803000000460000000000000000010000ffffffffe000000244440001ac1e0001000000000000000000000000ffffffff00000000ac1e000100000000e00000120000000000000000000000000000000000000000e000000200000000"], 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x0, 0x4d53, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8924, &(0x7f0000000000)={'veth0_vlan\x00', @random="0100002010ff"}) 1.249025521s ago: executing program 3 (id=1328): syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1e0000006c610000090000000300000040200000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="04000000200004000280e5f2ee0b52257c4ac0bded79aa9c4f6300000067000000000000000000000000009b8ec82daed84a4704b11bfed15b830d88349af4dd8175adcb1b243c992931726b1f2bf635355e2b6647ccc21b39b622c2b535b693a6d71dc6f9e4161baa0f0e01dd30c374e39ae67ec9de6af7dc76da81888121dd28055935499971b6c6cfe9a02035146f6d3ef64303d27f6a5aeaeeb742e3e355b9eda231f42a26023f35d758bee530ff73f3ce652d09eae2d4793af8d8a93fce967fead07597e63a63"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() r3 = socket$inet(0x2, 0x3, 0x1) connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10) socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x82, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffff0000000000000800450000740000000000019078ac1e0001ac1414aa0300907803000000460000000000000000010000ffffffffe000000244440001ac1e0001000000000000000000000000ffffffff00000000ac1e000100000000e00000120000000000000000000000000000000000000000e000000200000000"], 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x0, 0x4d53, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) pipe2$9p(&(0x7f0000001900), 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8924, &(0x7f0000000000)={'veth0_vlan\x00', @random="0100002010ff"}) 1.133850704s ago: executing program 4 (id=1329): socket$netlink(0x10, 0x3, 0x0) r0 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0) getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r1 = socket(0x11, 0x800000003, 0x0) r2 = socket(0x1e, 0x4, 0x0) r3 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0) flock(r4, 0x5) r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) flock(r5, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000001600)="4ad1ff49ca613b35c12b8bb8475c8e54bea495ec5746b2dd1fa94347faf077cfaf8cb654dcc1e9178075265e1d450f52d3642c7cb01ce8adff2cd2df5ebab60627b9b27b3a00a0412e248d51b3265ab1f5c3b1e9c605fc66326381d582e829dbddb3c18fda82b21862200d94cc16ecc0ca6f", 0x72}, {&(0x7f0000003100)="b891190f9bf31537fedfa44ecf1a6e10b276f6e8c5fa0f7ada030ae6c4408911425e5f407da87c9f7ea5aa335ed5b64005c7745de96d67da9bfd59cb39173fa78cea4e9d7a4273d008fd62da9afff29548d7897fea69178eefc7f9f87bc7c5e760fce89606c51b1ce4bbe5ebcf9396159b0006c57b252c42930d845b1cf8173efbd429c0f94b6b7608180770500eb2c886366dd152caff97a503ce61c03273ab0002d6ce93cb2f40dfe499148155f470521884011a5205fc314c4b73f6d93e82f6b9c83113e69f137ab0b6500f8f82bcf68c649b3e145c824b9f1fad93c35771e03d908fec7e1139448c5484d70439b875a0709b20e47bf06b8a95f1707000321241ff69062face15b5ff4b38062ce16eed43663d39859d9e2bc21cb7104bc7cd078fe2446ac8864e49d7654ff0fdfbfbd1ec356816c5a0a8883fab12ff0e8e03ed7e3c47f00b82b27908f1651d0c377b984e9d222347eff426b90065e00f79e5c282db213d76979a218dd0eb601710e22ea441d48668ac83fc62824c64ae1212069c8bfe22498fe5d4cc91b989397322e4f78d7a3e563c513b20f85e629c9e1d65eedfe48510cded3ae35e7a76f7c44aa4acc370ac88d5acb982bf6a3d61498053e70cab3f871ae4079463beac688cb384b968a1a2b67143ad9cdfb606263e7e9733c8083eb1389542bfed96499eb11235c78912f2ead36c696407bdf89f9fd695e6676978717de71410d7d1a4b4eb4f4a11b811c1f92cdeef02c0b9f402c3e975dddb917c9e49afcc5d16d5d640fec330f89f625a18736e2e72ce4ad73e83dbc582c6bb28eb964e7cae31149684168b14f59ca0f47ce41848df5d013f6e47b09d39384c6376b7cdee6ba6021cd11a9145210f3ac2352447dacffa24f4012b36c812ac2c5c505096ee9f986f97d8ae6e994c6b22c49ff34fbb7180233d73b231d7cecf31916b66bc3768ca984d9bf11b960ddd8675fdffca6cda6b0ae6c56dd4193e0d3fd25e57116b183fa8a39ebaf980c04ebf0df3a04bcc5d463340204849f610b8fd686a1702c424a1e0a122aea1e57448e4b8383b98c238cbe0cd745eb13f92a0b5d5f6e8c1b60aac2d0d3f94b16ee6080c89d84482abcb4035759cd446dbcd32f68bb330d7da5403c9a22fd22cafcf81ccd744c303a1c736431b4d6f02ac39f767436dbcbc2376b03e8e72c5dde2df34d4f2d7f25ef7cbb53814a9b53aab1b860fabc2929a078407532e20dd2504037661c1f114e39ffb22b64de49e222137757a0358837e2f300ffb22effd0d230d7ac2f1fcf8e8c699a2976e25ec9becc5946b2e57527c48ace6ad2f64ff5a8074f0e289715f8d7547cebaa7c781b39e712f1b0d1d8811583dc5cb2207a78c786b0293987ee25383ed64a456b5b0b1861cbe61088dd985186e16cf6cb3433d31838af75394bb5233cc73147d3f400480c558ce058615767c20a342d891cf036e03135d4eab93a2446564d98e56cff8a86b91379394cc4c270f89fcadf2406900347ee5ad0d06de64ba1a09efe0ae796067d7c08e1fda05c38f6d7fd1cc5f94da255cfa4226da26203b24b8ce2e495bc44a48bd5670bf166fcfad69fd0fe8ff5c532d47f8c89181acd83e0b65f21a42f2ef94e3001ba0d130a6d0f9074ca7cf1ab099cf9276b6a1e0ed8ae729a6bbc29ff9b8a3ae884b758707ae491b84b10181797688e8126fab5ba5be261b77159c83b8c15469314f4df92b49eb8bb258c6d4adabf150315552e14262b9cc5d4e7faf24976ee3e915c0e32c4cfc7cf5245a0df13f72f0fbdd9506a88144432ef52b0bf0c52c52ba50f2bb0e64b0a06e5ae6026e4bdebbf5408250d72b9a083665e8316b32f5aba5cd0eca841e1878394050b8e71a9f3b43e088996d42ca1cf63c4679b931d75fc40fdaf3169acb3c8e8283fda95c8ff8b9a8ac4e8f702af4208d9f377aeb22e13ae88020cc5831e862dfb841cc56c2959b036ae1b00522f6c156c4cc9f49b90b29907be5b091e03b482eba0284ac7c27c32f42a866e9ec36664f44091227ed3d4f32ea28a11c1959ef849e91d4debb7ba0d743413c4fc2e2d0cf5c1d1789124b8abc772f52f8ec56e89c29900a2a83557e14ef391bd187c019d47a0e4a27bf49d3af8492f13d8599c96a618d29e7895becd1dc5a95b3bb226981012f926c6dda53781641fd45b0a94279759ffcd34eadb237d63a89b90c782221f957317958fc441698c016a25d91bfc2ee5333fedb748df940ec2f3864de38fad66d7748132d14c8f8e6a03cbf8d60236dda04a0857c1b163397762b17fa8c931359466752161e3024ccf1d248ccc323eba25ad839ce84dd3ce595a5d688b86b7813d303ea6751e72a7a6bacb315472a57094b74f6b6020805260fba81d0e9b18f21ea453a9bf1d8e2d205e6cba8960b2979560c6a04076553155d69da37a34b48e8da92252c3ab74712eea63cd2dbd02bbf4a5f71eaed0c594f6d6e6ede613b9f0934ed3aaef65f55861a04e8c467e8ff3aa819ba35f08590622dd8673c558bfa5b45cd9611a75258e408dedf4fd36b128a961b547039fec3bbf0135127cedf0d3e51514c8ffcf020f1746544ced0f8f6970322d98a41a707eb22d07eaae03f7212ea92e2c48a5eec6d392bb569f282f8c79cfa491efab9df9177f47fde729b2f6e9f21033fdd0dc131fc26db865562a571952523576690810bf88bda8f22ab6556e54073df8b83a7c103ae2e0fd909146f3e724f2e57ea7087bd35c9a9518da4003b22c4bab5dd0b1bc0caf700536daf288e6a3df4449e27724230eafc363542a45488fda4fc97862f6d8f524d075b9d154fad27b03fa598f728019d0e29909cbb08f36aab7b58f209e15d99a6fd1b4e23a5b1150dde48f7bc7ff63b5f13abe2015285470968daae418e373256b0f42dcf29f14946f8fa939523dbb1a00f3f782a03b866df2ca12e26b4ec6a49c3e87f0758e4b6ba94dc393cd2fc255e935b0740cec27cad29c649f928a87a380541bc9c0a73fecf9666a97220e44e1efb03a28b23fac49c9710fbcce7289db257e82b2c31eddeb567a3385afb08aefda84ec9d6faee11777e0f50a7ae462d9a52110e9945b0c501d8dc6fc6f9687c56faaf669ba7519f53f740c120c46cb339cccf57b8b0c09edfd0f9747146d8c583a366b6f59fd0805c24696b19449afdae2011d79d7c8e577272297d2bc534180aa88f6f60193a1479a75a100493db26d43870a9d83fffa96ca3808ef1c4632e83588c4d2868d04d06d6b11b0da33baed15a3d25481dcc995e6ecbfffbab586ed5a209ed08515f2d83fe400d823b60ae9d702aeeb289859343eb75f09b9513bacb7562e1a3f49393bd19ea624331bbc09d479295af5a88f87d22ca3867d19fd4dfb3ffacf259a095a621ff4ab240f024217a0d9e48a6787afe9b6adcfbe048506c9155168c8d7e6dcbb59894acb03fc77ff69ee5cd09c468631e75ea73881ce10dc9c423e93c38854f50b54998e2bed27ee9f3670385f0708a1dd6e24925344b35c4fc2df6e9b4007beda22b6098125f1ae648e85c2ac337e6ecb56553a52f1a20598568bcede06de30619fa80c9e343f103cceeade258686c5427e1dd4a6d748861ec80d4fb04ba6f49be9c4fbccb7381e107a4cb82a6c481a4fe336d4e8e27d506acd189d10b7185e5f4eb5d8afda566213f1f2ca5891f5d2997373593d86ed82e1ce5e7a5e4211e9cdd8fd1f93ebab7e6b38697550991620611a6d2497d0ad4493993f824a1825157d10bb69f03f695c3e1ced6f392e79e90c5847e8e02903360f23792010d57979fb99181d85a821445006c7f613438f297fec577a8e59e6acafddfa48f86619239687f132bf244f65f76502e6d2b082bb60a276a8d30cdcd829c8e9b0e4a9d17ab09a3c971b2f6931de0286fd4b879781f15fd1669371ff759b02fd34a3c3ab5e64d6d1399d2b96c31581ebe7db2f236bf7", 0xaf7}], 0x2}}], 0x1, 0x9200000004004880) r7 = dup3(r3, r2, 0x0) recvmmsg$unix(r7, &(0x7f0000001780)=[{{&(0x7f0000001800)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000500)=""/4096, 0x1000}], 0x1, &(0x7f0000001880)}}], 0x1, 0x74a081c1, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x0) epoll_create1(0x0) syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000), &(0x7f0000000000)) 59.825648ms ago: executing program 3 (id=1330): r0 = syz_io_uring_setup(0x1151, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x50, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10) syz_emit_ethernet(0x52, &(0x7f0000002700)={@random="5b37182347bc", @broadcast, @val, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f75372", 0x14, 0x6, 0x0, @mcast2, @ipv4={'\x00', '\xff\xff', @private}, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) r2 = io_uring_setup(0x354c, &(0x7f0000000040)={0x0, 0x0, 0x6, 0x4000000, 0x0, 0x0, r0}) r3 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e23, 0x0, @empty}, 0x1c) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000000)) listen(r3, 0x400000001ffffffd) r4 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r5 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) io_setup(0x202, &(0x7f0000000200)=0x0) io_submit(r6, 0x1, &(0x7f0000000580)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x2, 0x0, 0x0, r5, 0x0}]) accept4(r3, 0x0, 0x0, 0x0) sendmmsg$inet6(r4, &(0x7f0000000f80)=[{{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000b00)="c3", 0x1}], 0x1}}], 0x1, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 0s ago: executing program 2 (id=1331): r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = gettid() r2 = socket(0x10, 0x3, 0x0) r3 = socket(0x400000000010, 0x3, 0x0) write(r3, &(0x7f0000000040)="0a03000019002551075c0165ff0ffc02802000030011000500e1000cee020900ea020000", 0x33a) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r6 = accept4(r5, 0x0, 0x0, 0x0) sendmmsg$alg(r6, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f7", 0x1}], 0x1}], 0x1, 0x0) recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0xf0ffffff, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x4, "00000000b8890c3700000200"}}}]}, 0x48}}, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) tkill(r1, 0xb) kernel console output (not intermixed with test programs): enamed from eth1 [ 879.808791][T10940] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 879.897258][T10940] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 879.928994][T10756] bridge_slave_1: left allmulticast mode [ 879.936802][T10756] bridge_slave_1: left promiscuous mode [ 879.942751][T10756] bridge0: port 2(bridge_slave_1) entered disabled state [ 879.962293][T10756] bridge_slave_0: left allmulticast mode [ 880.110367][T10756] bridge_slave_0: left promiscuous mode [ 880.118400][T10756] bridge0: port 1(bridge_slave_0) entered disabled state [ 880.992376][T10756] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 881.196372][T10756] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 881.208341][T10756] bond0 (unregistering): Released all slaves [ 881.570484][T10940] 8021q: adding VLAN 0 to HW filter on device bond0 [ 881.590701][T10940] 8021q: adding VLAN 0 to HW filter on device team0 [ 881.636244][T10940] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 881.647374][T10940] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 881.665710][T11292] netlink: 20 bytes leftover after parsing attributes in process `syz.3.864'. [ 881.748397][ T2950] bridge0: port 1(bridge_slave_0) entered blocking state [ 881.755641][ T2950] bridge0: port 1(bridge_slave_0) entered forwarding state [ 881.792060][ T2950] bridge0: port 2(bridge_slave_1) entered blocking state [ 881.799325][ T2950] bridge0: port 2(bridge_slave_1) entered forwarding state [ 881.876850][T11297] netlink: 20 bytes leftover after parsing attributes in process `syz.2.865'. [ 881.920686][T10756] hsr_slave_0: left promiscuous mode [ 882.836030][T10756] hsr_slave_1: left promiscuous mode [ 882.858400][T10756] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 882.881856][T10756] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 885.868887][T10756] team0 (unregistering): Port device team_slave_1 removed [ 886.001908][T10756] team0 (unregistering): Port device team_slave_0 removed [ 886.884354][T11338] netlink: 20 bytes leftover after parsing attributes in process `syz.3.870'. [ 886.929568][T11332] netlink: 20 bytes leftover after parsing attributes in process `syz.2.867'. [ 887.043910][T10849] veth0_vlan: entered promiscuous mode [ 887.085440][T10940] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 887.150887][T10849] veth1_vlan: entered promiscuous mode [ 887.459626][T10849] veth0_macvtap: entered promiscuous mode [ 887.468884][T10849] veth1_macvtap: entered promiscuous mode [ 887.484462][T10849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 887.495029][T10849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 887.505154][T10849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 887.515750][T10849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 887.526928][T10849] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 887.599573][T10849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 887.655274][T10849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 887.696052][ T5234] Bluetooth: hci3: command 0x0406 tx timeout [ 887.702329][T10849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 888.141145][T10849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 888.195051][T10849] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 888.245068][T11379] netlink: 20 bytes leftover after parsing attributes in process `syz.3.872'. [ 888.445547][T10849] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 888.463899][T10849] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 888.473422][T10849] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 888.483107][T10849] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 888.507390][T10940] veth0_vlan: entered promiscuous mode [ 888.524321][T10940] veth1_vlan: entered promiscuous mode [ 888.549336][T10940] veth0_macvtap: entered promiscuous mode [ 888.561520][T10940] veth1_macvtap: entered promiscuous mode [ 888.578078][T10940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 888.588691][T10940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 888.598601][T10940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 888.609484][T10940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 888.619367][T10940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 888.630226][T10940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 888.641798][T10940] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 888.651200][T10940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 888.661775][T10940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 888.672067][T10940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 888.683193][T10940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 888.693646][T10940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 888.704811][T10940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 888.716275][T10940] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 888.903251][T10940] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 888.915088][T10940] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 888.931339][T10940] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 888.943938][T10940] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 889.055262][T11395] netlink: 20 bytes leftover after parsing attributes in process `syz.2.874'. [ 889.498683][T11392] netlink: 20 bytes leftover after parsing attributes in process `syz.3.873'. [ 890.664788][T11405] netlink: 20 bytes leftover after parsing attributes in process `syz.2.875'. [ 890.719175][T10756] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 890.733821][T10756] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 890.758548][ T6765] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 890.781527][ T6765] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 890.799897][T11406] netlink: 20 bytes leftover after parsing attributes in process `syz.3.876'. [ 890.964333][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 890.972221][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 891.006858][T11106] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 891.055505][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 891.083597][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 891.085224][T11106] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 891.517329][T11106] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 891.855738][T11106] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 892.387908][T11106] 8021q: adding VLAN 0 to HW filter on device bond0 [ 893.108499][T11106] 8021q: adding VLAN 0 to HW filter on device team0 [ 893.202234][T10756] bridge0: port 1(bridge_slave_0) entered blocking state [ 893.210266][T10756] bridge0: port 1(bridge_slave_0) entered forwarding state [ 893.379292][T10756] bridge0: port 2(bridge_slave_1) entered blocking state [ 893.386503][T10756] bridge0: port 2(bridge_slave_1) entered forwarding state [ 893.760242][ T5234] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 893.769598][ T5234] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 893.853209][ T5234] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 894.107114][ T5234] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 894.508233][T11106] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 894.604024][ T5234] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 894.659652][ T5234] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 894.803944][T11106] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 895.186942][T11460] netlink: 20 bytes leftover after parsing attributes in process `syz.3.881'. [ 895.557283][ T2894] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 897.590095][ T5234] Bluetooth: hci1: command tx timeout [ 897.961525][ T2894] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 898.327334][T11448] chnl_net:caif_netlink_parms(): no params data found [ 899.266746][ T2894] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 899.459732][T11106] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 899.614228][ T5228] Bluetooth: hci1: command tx timeout [ 901.245222][ T2894] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 901.698565][ T5234] Bluetooth: hci1: command tx timeout [ 902.219167][T11448] bridge0: port 1(bridge_slave_0) entered blocking state [ 902.226729][T11448] bridge0: port 1(bridge_slave_0) entered disabled state [ 902.234091][T11448] bridge_slave_0: entered allmulticast mode [ 902.241293][T11448] bridge_slave_0: entered promiscuous mode [ 902.249483][T11448] bridge0: port 2(bridge_slave_1) entered blocking state [ 902.258460][T11448] bridge0: port 2(bridge_slave_1) entered disabled state [ 902.266157][T11448] bridge_slave_1: entered allmulticast mode [ 902.273332][T11448] bridge_slave_1: entered promiscuous mode [ 902.296470][T11516] netlink: 20 bytes leftover after parsing attributes in process `syz.1.888'. [ 902.389871][T11514] netlink: 20 bytes leftover after parsing attributes in process `syz.2.889'. [ 902.527003][T11448] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 902.577266][T11448] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 903.505469][ T5234] Bluetooth: hci6: command 0x0406 tx timeout [ 903.762198][T11106] veth0_vlan: entered promiscuous mode [ 903.783771][ T5228] Bluetooth: hci1: command tx timeout [ 903.792817][T11106] veth1_vlan: entered promiscuous mode [ 903.842339][T11106] veth0_macvtap: entered promiscuous mode [ 903.862126][T11106] veth1_macvtap: entered promiscuous mode [ 903.905088][T11448] team0: Port device team_slave_0 added [ 903.923231][T11448] team0: Port device team_slave_1 added [ 904.707520][ T2894] bridge_slave_1: left allmulticast mode [ 904.762198][ T2894] bridge_slave_1: left promiscuous mode [ 905.196961][ T2894] bridge0: port 2(bridge_slave_1) entered disabled state [ 905.260348][ T2894] bridge_slave_0: left allmulticast mode [ 905.266778][ T2894] bridge_slave_0: left promiscuous mode [ 905.272605][ T2894] bridge0: port 1(bridge_slave_0) entered disabled state [ 907.086828][ T2894] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 907.098395][ T2894] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 907.115374][ T2894] bond0 (unregistering): Released all slaves [ 907.131334][T11448] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 907.139293][T11448] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 907.168720][T11448] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 907.189100][T11548] netlink: 20 bytes leftover after parsing attributes in process `syz.3.894'. [ 907.247830][T11560] netlink: 20 bytes leftover after parsing attributes in process `syz.1.895'. [ 907.348475][T11448] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 907.373057][T11448] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 907.434062][T11448] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 908.423262][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 908.441481][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 908.460615][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 908.475327][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 908.485869][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 908.505319][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 908.522226][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 908.550031][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 908.565002][T11106] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 908.677890][T11448] hsr_slave_0: entered promiscuous mode [ 908.684915][T11448] hsr_slave_1: entered promiscuous mode [ 908.692078][T11448] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 908.708236][T11448] Cannot create hsr debugfs directory [ 908.735112][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 908.757853][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 908.769422][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 908.789117][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 908.802714][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 908.829091][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 908.859502][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 908.876942][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 908.905287][T11106] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 908.951561][ T2894] hsr_slave_0: left promiscuous mode [ 908.960876][ T2894] hsr_slave_1: left promiscuous mode [ 908.972931][ T2894] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 908.988399][ T2894] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 909.004739][ T2894] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 909.019033][ T2894] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 909.058935][ T2894] veth1_macvtap: left promiscuous mode [ 909.065893][ T2894] veth0_macvtap: left promiscuous mode [ 909.075264][ T2894] veth1_vlan: left promiscuous mode [ 909.086304][ T2894] veth0_vlan: left promiscuous mode [ 911.933939][ T2894] team0 (unregistering): Port device team_slave_1 removed [ 911.983451][ T2894] team0 (unregistering): Port device team_slave_0 removed [ 912.502910][T11609] netlink: 20 bytes leftover after parsing attributes in process `syz.3.902'. [ 912.604722][T11106] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 912.613481][T11106] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 912.670817][T11106] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 912.726931][T11106] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 914.040182][T11622] netlink: 20 bytes leftover after parsing attributes in process `syz.2.905'. [ 914.969613][T11628] netlink: 20 bytes leftover after parsing attributes in process `syz.3.906'. [ 915.014506][ T29] audit: type=1326 audit(1726821315.295:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11634 comm="syz.2.907" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9b23f7def9 code=0x0 [ 915.115199][T11564] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 915.123064][T11564] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 915.491207][ T2950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 915.501807][ T2950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 920.842059][T11448] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 922.314359][T11448] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 923.844555][T11448] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 924.894012][T11448] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 925.027619][T11725] netlink: 20 bytes leftover after parsing attributes in process `syz.4.920'. [ 925.736321][T11448] 8021q: adding VLAN 0 to HW filter on device bond0 [ 926.236161][T11448] 8021q: adding VLAN 0 to HW filter on device team0 [ 926.284340][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 926.291565][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 926.330635][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 926.337898][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 926.925360][T11760] netlink: 20 bytes leftover after parsing attributes in process `syz.1.926'. [ 928.299676][T11781] netlink: 20 bytes leftover after parsing attributes in process `syz.2.929'. [ 928.933210][T11448] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 929.479832][T11789] netlink: 20 bytes leftover after parsing attributes in process `syz.4.931'. [ 930.095334][T11448] veth0_vlan: entered promiscuous mode [ 930.106002][T11448] veth1_vlan: entered promiscuous mode [ 930.128952][T11448] veth0_macvtap: entered promiscuous mode [ 930.149951][T11448] veth1_macvtap: entered promiscuous mode [ 930.179861][T11448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 930.193006][T11448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 930.203008][T11448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 930.213623][T11448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 930.223609][T11448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 930.234273][T11448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 930.244263][T11448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 930.256021][T11448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 930.269945][T11448] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 930.303404][T11448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 930.314524][T11448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 930.413500][T11448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 930.452678][T11448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 930.480886][T11448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 930.491820][T11448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 930.502639][T11448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 930.531152][T11448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 930.544575][T11448] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 930.580871][T11448] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 930.599913][T11448] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 930.637688][T11448] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 930.678000][T11448] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 931.704598][ T1264] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.711055][ T1264] ieee802154 phy1 wpan1: encryption failed: -22 [ 931.855416][T11816] netlink: 20 bytes leftover after parsing attributes in process `syz.1.935'. [ 932.217347][T11823] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 932.319201][T11821] netlink: 20 bytes leftover after parsing attributes in process `syz.4.939'. [ 933.237317][T11831] netlink: 20 bytes leftover after parsing attributes in process `syz.3.940'. [ 933.409791][ T6765] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 934.289750][ T6765] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 934.392895][ T6879] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 934.400975][ T6879] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 939.300173][T11878] netlink: 32 bytes leftover after parsing attributes in process `syz.0.949'. [ 941.573500][T11888] netlink: 32 bytes leftover after parsing attributes in process `syz.1.951'. [ 944.543502][T11920] netlink: 32 bytes leftover after parsing attributes in process `syz.1.959'. [ 945.282221][T11917] netlink: 20 bytes leftover after parsing attributes in process `syz.3.957'. [ 948.108386][T11946] netlink: 20 bytes leftover after parsing attributes in process `syz.4.967'. [ 948.964309][T11949] netlink: 20 bytes leftover after parsing attributes in process `syz.1.968'. [ 949.013871][T11944] netlink: 20 bytes leftover after parsing attributes in process `syz.0.965'. [ 953.560473][T11985] netlink: 20 bytes leftover after parsing attributes in process `syz.3.976'. [ 953.753895][T11978] netlink: 20 bytes leftover after parsing attributes in process `syz.2.973'. [ 953.783203][T11976] netlink: 20 bytes leftover after parsing attributes in process `syz.4.972'. [ 955.068508][T12010] netlink: 20 bytes leftover after parsing attributes in process `syz.1.981'. [ 956.848620][T12026] netlink: 20 bytes leftover after parsing attributes in process `syz.3.983'. [ 958.315679][T12027] netlink: 20 bytes leftover after parsing attributes in process `syz.1.985'. [ 960.206539][T12047] netlink: 20 bytes leftover after parsing attributes in process `syz.0.989'. [ 962.250013][T12067] netlink: 20 bytes leftover after parsing attributes in process `syz.1.995'. [ 968.060862][T12109] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1006'. [ 968.846947][T12127] FAULT_INJECTION: forcing a failure. [ 968.846947][T12127] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 968.892136][T12120] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1007'. [ 969.000034][T12127] CPU: 0 UID: 0 PID: 12127 Comm: syz.0.1011 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 969.010543][T12127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 969.020645][T12127] Call Trace: [ 969.023964][T12127] [ 969.026989][T12127] dump_stack_lvl+0x241/0x360 [ 969.031744][T12127] ? __pfx_dump_stack_lvl+0x10/0x10 [ 969.036999][T12127] ? __pfx__printk+0x10/0x10 [ 969.041649][T12127] ? __pfx_lock_release+0x10/0x10 [ 969.046736][T12127] should_fail_ex+0x3b0/0x4e0 [ 969.051457][T12127] _copy_from_user+0x2f/0xe0 [ 969.056093][T12127] __x64_sys_epoll_ctl+0x124/0x1a0 [ 969.061255][T12127] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 969.066937][T12127] ? do_syscall_64+0x100/0x230 [ 969.071762][T12127] ? do_syscall_64+0xb6/0x230 [ 969.076491][T12127] do_syscall_64+0xf3/0x230 [ 969.081048][T12127] ? clear_bhb_loop+0x35/0x90 [ 969.085773][T12127] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 969.091719][T12127] RIP: 0033:0x7f2e7b17def9 [ 969.096174][T12127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 969.115828][T12127] RSP: 002b:00007f2e7c042038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 969.124302][T12127] RAX: ffffffffffffffda RBX: 00007f2e7b335f80 RCX: 00007f2e7b17def9 [ 969.132316][T12127] RDX: 0000000000000004 RSI: 0000000000000003 RDI: 0000000000000003 [ 969.140328][T12127] RBP: 00007f2e7c042090 R08: 0000000000000000 R09: 0000000000000000 [ 969.148335][T12127] R10: 0000000020002140 R11: 0000000000000246 R12: 0000000000000001 [ 969.156343][T12127] R13: 0000000000000000 R14: 00007f2e7b335f80 R15: 00007fff116be8b8 [ 969.164374][T12127] [ 969.799815][ T5228] Bluetooth: hci0: command 0x0406 tx timeout [ 969.991654][T12138] FAULT_INJECTION: forcing a failure. [ 969.991654][T12138] name failslab, interval 1, probability 0, space 0, times 1 [ 970.579807][T12134] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1013'. [ 970.604186][T12138] CPU: 0 UID: 0 PID: 12138 Comm: syz.2.1015 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 970.614745][T12138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 970.624854][T12138] Call Trace: [ 970.628175][T12138] [ 970.631143][T12138] dump_stack_lvl+0x241/0x360 [ 970.635875][T12138] ? __pfx_dump_stack_lvl+0x10/0x10 [ 970.641089][T12138] ? __pfx__printk+0x10/0x10 [ 970.645692][T12138] ? fs_reclaim_acquire+0x93/0x140 [ 970.650808][T12138] ? __pfx___might_resched+0x10/0x10 [ 970.656105][T12138] should_fail_ex+0x3b0/0x4e0 [ 970.660794][T12138] ? tomoyo_realpath_from_path+0xcf/0x5e0 [ 970.666521][T12138] should_failslab+0xac/0x100 [ 970.671211][T12138] ? tomoyo_realpath_from_path+0xcf/0x5e0 [ 970.676934][T12138] __kmalloc_noprof+0xd8/0x400 [ 970.681731][T12138] tomoyo_realpath_from_path+0xcf/0x5e0 [ 970.687290][T12138] tomoyo_path_number_perm+0x23a/0x880 [ 970.692764][T12138] ? tomoyo_path_number_perm+0x208/0x880 [ 970.698417][T12138] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 970.704438][T12138] ? __fget_files+0x29/0x470 [ 970.709032][T12138] ? __fget_files+0x3f3/0x470 [ 970.713728][T12138] security_file_ioctl+0xc6/0x2a0 [ 970.718775][T12138] __se_sys_ioctl+0x47/0x170 [ 970.723381][T12138] do_syscall_64+0xf3/0x230 [ 970.727913][T12138] ? clear_bhb_loop+0x35/0x90 [ 970.732626][T12138] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 970.738541][T12138] RIP: 0033:0x7f9b23f7def9 [ 970.742971][T12138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 970.762585][T12138] RSP: 002b:00007f9b24e09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 970.771051][T12138] RAX: ffffffffffffffda RBX: 00007f9b24135f80 RCX: 00007f9b23f7def9 [ 970.779076][T12138] RDX: 0000000020000240 RSI: 000000004008ae89 RDI: 0000000000000006 [ 970.787066][T12138] RBP: 00007f9b24e09090 R08: 0000000000000000 R09: 0000000000000000 [ 970.795059][T12138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 970.803060][T12138] R13: 0000000000000000 R14: 00007f9b24135f80 R15: 00007ffe365e5cb8 [ 970.811139][T12138] [ 970.881057][T12138] ERROR: Out of memory at tomoyo_realpath_from_path. [ 971.248388][ T9] libceph: connect (1)[c::]:6789 error -101 [ 971.339902][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 971.346465][ T5274] libceph: connect (1)[c::]:6789 error -101 [ 971.352568][ T5274] libceph: mon0 (1)[c::]:6789 connect error [ 971.388376][ T9] libceph: connect (1)[c::]:6789 error -101 [ 971.398698][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 971.615406][ T8] libceph: connect (1)[c::]:6789 error -101 [ 971.622192][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 971.629001][ T5274] libceph: connect (1)[c::]:6789 error -101 [ 971.644241][ T5274] libceph: mon0 (1)[c::]:6789 connect error [ 971.686124][ T5274] libceph: connect (1)[c::]:6789 error -101 [ 971.700273][ T5274] libceph: mon0 (1)[c::]:6789 connect error [ 971.709766][T12170] FAULT_INJECTION: forcing a failure. [ 971.709766][T12170] name failslab, interval 1, probability 0, space 0, times 0 [ 971.723913][T12170] CPU: 0 UID: 0 PID: 12170 Comm: syz.2.1021 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 971.734435][T12170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 971.744497][T12170] Call Trace: [ 971.747796][T12170] [ 971.750750][T12170] dump_stack_lvl+0x241/0x360 [ 971.755534][T12170] ? __pfx_dump_stack_lvl+0x10/0x10 [ 971.760770][T12170] ? __pfx__printk+0x10/0x10 [ 971.765399][T12170] ? kmem_cache_alloc_noprof+0x44/0x2a0 [ 971.770999][T12170] ? __pfx___might_resched+0x10/0x10 [ 971.776313][T12170] should_fail_ex+0x3b0/0x4e0 [ 971.781014][T12170] ? prepare_creds+0x31/0x640 [ 971.785740][T12170] should_failslab+0xac/0x100 [ 971.790496][T12170] ? prepare_creds+0x31/0x640 [ 971.795190][T12170] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 971.800585][T12170] prepare_creds+0x31/0x640 [ 971.805118][T12170] lookup_user_key+0x40f/0x1500 [ 971.810000][T12170] ? __pfx_lookup_user_key+0x10/0x10 [ 971.815314][T12170] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 971.821499][T12170] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 971.827416][T12170] ? ksys_write+0x23e/0x2c0 [ 971.831938][T12170] ? __pfx_lock_release+0x10/0x10 [ 971.836992][T12170] keyctl_session_to_parent+0x28/0xa30 [ 971.842466][T12170] ? vfs_write+0x7bf/0xc90 [ 971.846902][T12170] __se_sys_keyctl+0x75e/0xa50 [ 971.851680][T12170] ? __pfx___se_sys_keyctl+0x10/0x10 [ 971.856977][T12170] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 971.862977][T12170] ? __fget_files+0x3f3/0x470 [ 971.867674][T12170] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 971.873676][T12170] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 971.880026][T12170] ? do_syscall_64+0x100/0x230 [ 971.884815][T12170] ? __x64_sys_keyctl+0x20/0xc0 [ 971.889677][T12170] do_syscall_64+0xf3/0x230 [ 971.894198][T12170] ? clear_bhb_loop+0x35/0x90 [ 971.898896][T12170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 971.904808][T12170] RIP: 0033:0x7f9b23f7def9 [ 971.909234][T12170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 971.928869][T12170] RSP: 002b:00007f9b24e09038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 971.937322][T12170] RAX: ffffffffffffffda RBX: 00007f9b24135f80 RCX: 00007f9b23f7def9 [ 971.945307][T12170] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000012 [ 971.953296][T12170] RBP: 00007f9b24e09090 R08: 0000000000000000 R09: 0000000000000000 [ 971.961273][T12170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 971.969252][T12170] R13: 0000000000000000 R14: 00007f9b24135f80 R15: 00007ffe365e5cb8 [ 971.977245][T12170] [ 971.987178][T12149] ceph: No mds server is up or the cluster is laggy [ 971.994426][T12154] ceph: No mds server is up or the cluster is laggy [ 972.010715][T12157] ceph: No mds server is up or the cluster is laggy [ 972.054258][T12156] FAULT_INJECTION: forcing a failure. [ 972.054258][T12156] name fail_futex, interval 1, probability 0, space 0, times 1 [ 972.083985][T12156] CPU: 1 UID: 0 PID: 12156 Comm: syz.0.1017 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 972.094527][T12156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 972.104633][T12156] Call Trace: [ 972.107946][T12156] [ 972.110914][T12156] dump_stack_lvl+0x241/0x360 [ 972.115654][T12156] ? __pfx_dump_stack_lvl+0x10/0x10 [ 972.120906][T12156] ? __pfx__printk+0x10/0x10 [ 972.125548][T12156] ? register_lock_class+0x102/0x980 [ 972.130920][T12156] ? __pfx_register_lock_class+0x10/0x10 [ 972.136620][T12156] should_fail_ex+0x3b0/0x4e0 [ 972.141359][T12156] get_futex_key+0x17c/0x1050 [ 972.146106][T12156] ? __pfx_get_futex_key+0x10/0x10 [ 972.151270][T12156] ? __lock_acquire+0x1384/0x2050 [ 972.156336][T12156] futex_wake+0x12a/0x5c0 [ 972.160703][T12156] ? __pfx_futex_wake+0x10/0x10 [ 972.165591][T12156] do_futex+0x392/0x560 [ 972.169774][T12156] ? __pfx_do_futex+0x10/0x10 [ 972.174496][T12156] ? __might_fault+0xaa/0x120 [ 972.179189][T12156] mm_release+0x193/0x430 [ 972.183537][T12156] ? exit_robust_list+0x2cf/0x2f0 [ 972.188573][T12156] ? __pfx_mm_release+0x10/0x10 [ 972.193436][T12156] ? _raw_spin_unlock_irq+0x23/0x50 [ 972.198647][T12156] ? lockdep_hardirqs_on+0x99/0x150 [ 972.203871][T12156] exit_mm+0xb0/0x310 [ 972.207875][T12156] ? __pfx_exit_mm+0x10/0x10 [ 972.212472][T12156] ? taskstats_exit+0x326/0xa60 [ 972.217345][T12156] do_exit+0x9b2/0x27f0 [ 972.221515][T12156] ? __pfx_do_exit+0x10/0x10 [ 972.226113][T12156] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 972.231529][T12156] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 972.237536][T12156] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 972.243886][T12156] ? _raw_spin_lock_irq+0xdf/0x120 [ 972.249025][T12156] do_group_exit+0x207/0x2c0 [ 972.253626][T12156] ? _raw_spin_unlock_irq+0x23/0x50 [ 972.258869][T12156] ? lockdep_hardirqs_on+0x99/0x150 [ 972.264198][T12156] get_signal+0x176f/0x1810 [ 972.268743][T12156] ? __pfx___mutex_lock+0x10/0x10 [ 972.273800][T12156] ? __pfx_get_signal+0x10/0x10 [ 972.278670][T12156] ? __se_sys_fsconfig+0xdae/0xf70 [ 972.283804][T12156] ? rcu_is_watching+0x15/0xb0 [ 972.288596][T12156] ? __se_sys_fsconfig+0xdae/0xf70 [ 972.293731][T12156] arch_do_signal_or_restart+0x96/0x860 [ 972.299309][T12156] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 972.305477][T12156] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 972.311489][T12156] ? syscall_exit_to_user_mode+0xa3/0x370 [ 972.317236][T12156] syscall_exit_to_user_mode+0xc9/0x370 [ 972.322811][T12156] do_syscall_64+0x100/0x230 [ 972.327429][T12156] ? clear_bhb_loop+0x35/0x90 [ 972.332162][T12156] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 972.338081][T12156] RIP: 0033:0x7f2e7b17def9 [ 972.342513][T12156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 972.362160][T12156] RSP: 002b:00007f2e7c000038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 972.370590][T12156] RAX: fffffffffffffffc RBX: 00007f2e7b336130 RCX: 00007f2e7b17def9 [ 972.378581][T12156] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003 [ 972.386567][T12156] RBP: 00007f2e7c000090 R08: 0000000000000000 R09: 0000000000000000 [ 972.394546][T12156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 972.402540][T12156] R13: 0000000000000001 R14: 00007f2e7b336130 R15: 00007fff116be8b8 [ 972.410536][T12156] [ 972.414195][ T5274] libceph: connect (1)[c::]:6789 error -101 [ 972.420259][ T5274] libceph: mon0 (1)[c::]:6789 connect error [ 972.433431][ T5274] libceph: connect (1)[c::]:6789 error -101 [ 972.440568][ T5274] libceph: mon0 (1)[c::]:6789 connect error [ 973.211287][T12181] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1025'. [ 973.578611][ T5274] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 974.100862][ T5274] usb 5-1: Using ep0 maxpacket: 8 [ 974.114601][ T5274] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 974.122923][ T5274] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 974.135895][ T5274] usb 5-1: config 0 has no interface number 0 [ 974.142253][ T5274] usb 5-1: config 0 interface 1 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 974.153941][ T5274] usb 5-1: config 0 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 975.162766][T12197] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1028'. [ 975.236555][ T5274] usb 5-1: config 0 interface 1 has no altsetting 0 [ 975.286075][ T5274] usb 5-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b [ 975.731401][ T5274] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 975.748918][T12201] Bluetooth: MGMT ver 1.23 [ 975.757586][ T5274] usb 5-1: config 0 descriptor?? [ 975.844620][ T5274] hso 5-1:0.1: Failed to find BULK IN ep [ 976.166563][ T9] usb 5-1: USB disconnect, device number 5 [ 977.107960][T12220] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1036'. [ 979.088307][T12232] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1039'. [ 979.633061][T12245] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1041'. [ 980.656016][T12258] FAULT_INJECTION: forcing a failure. [ 980.656016][T12258] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 980.753094][T12258] CPU: 1 UID: 0 PID: 12258 Comm: syz.3.1044 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 980.763595][T12258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 980.773712][T12258] Call Trace: [ 980.777038][T12258] [ 980.780015][T12258] dump_stack_lvl+0x241/0x360 [ 980.784764][T12258] ? __pfx_dump_stack_lvl+0x10/0x10 [ 980.790028][T12258] ? __pfx__printk+0x10/0x10 [ 980.794694][T12258] ? snprintf+0xda/0x120 [ 980.799009][T12258] should_fail_ex+0x3b0/0x4e0 [ 980.803754][T12258] _copy_to_user+0x2f/0xb0 [ 980.808263][T12258] simple_read_from_buffer+0xca/0x150 [ 980.813690][T12258] proc_fail_nth_read+0x1e9/0x250 [ 980.818769][T12258] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 980.824378][T12258] ? rw_verify_area+0x55e/0x6f0 [ 980.829290][T12258] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 980.834902][T12258] vfs_read+0x201/0xbc0 [ 980.839205][T12258] ? __pfx_lock_release+0x10/0x10 [ 980.844293][T12258] ? __pfx_vfs_read+0x10/0x10 [ 980.849038][T12258] ? __fget_files+0x3f3/0x470 [ 980.853780][T12258] ? __fdget_pos+0x24e/0x320 [ 980.858421][T12258] ksys_read+0x1a0/0x2c0 [ 980.862814][T12258] ? __pfx_ksys_read+0x10/0x10 [ 980.867635][T12258] ? __secure_computing+0x125/0x370 [ 980.872956][T12258] do_syscall_64+0xf3/0x230 [ 980.877524][T12258] ? clear_bhb_loop+0x35/0x90 [ 980.882260][T12258] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 980.888206][T12258] RIP: 0033:0x7f20e297c93c [ 980.892665][T12258] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 980.904150][T12269] kernel read not supported for file /!selinۡluxselinx (pid: 12269 comm: syz.4.1047) [ 980.912299][T12258] RSP: 002b:00007f20e36f3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 980.912366][T12258] RAX: ffffffffffffffda RBX: 00007f20e2b35f80 RCX: 00007f20e297c93c [ 980.912384][T12258] RDX: 000000000000000f RSI: 00007f20e36f30a0 RDI: 0000000000000004 [ 980.912400][T12258] RBP: 00007f20e36f3090 R08: 0000000000000000 R09: 0000000000000000 [ 980.912415][T12258] R10: 0000000000800000 R11: 0000000000000246 R12: 0000000000000001 [ 980.912431][T12258] R13: 0000000000000000 R14: 00007f20e2b35f80 R15: 00007ffc538a7b38 [ 980.912464][T12258] [ 980.994796][T12270] FAULT_INJECTION: forcing a failure. [ 980.994796][T12270] name failslab, interval 1, probability 0, space 0, times 0 [ 981.022425][ T5234] Bluetooth: hci0: unexpected event for opcode 0x0c7a [ 981.027249][ T29] audit: type=1800 audit(1726821381.215:65): pid=12269 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.1047" name=2173656C696EDBA102BFD96CD7CDC0757873656C696E0578 dev="mqueue" ino=50702 res=0 errno=0 [ 981.054936][T12270] CPU: 0 UID: 0 PID: 12270 Comm: syz.0.1049 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 981.065428][T12270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 981.075535][T12270] Call Trace: [ 981.078852][T12270] [ 981.081831][T12270] dump_stack_lvl+0x241/0x360 [ 981.086573][T12270] ? __pfx_dump_stack_lvl+0x10/0x10 [ 981.091830][T12270] ? __pfx__printk+0x10/0x10 [ 981.096482][T12270] ? kmem_cache_alloc_lru_noprof+0x49/0x2b0 [ 981.102460][T12270] ? __pfx___might_resched+0x10/0x10 [ 981.107779][T12270] should_fail_ex+0x3b0/0x4e0 [ 981.112519][T12270] ? sock_alloc_inode+0x28/0xc0 [ 981.117417][T12270] should_failslab+0xac/0x100 [ 981.122165][T12270] ? sock_alloc_inode+0x28/0xc0 [ 981.127067][T12270] kmem_cache_alloc_lru_noprof+0x71/0x2b0 [ 981.132829][T12270] sock_alloc_inode+0x28/0xc0 [ 981.137525][T12270] ? __pfx_sock_alloc_inode+0x10/0x10 [ 981.143117][T12270] new_inode_pseudo+0x69/0x1a0 [ 981.147991][T12270] do_accept+0x168/0x6b0 [ 981.152366][T12270] ? __pfx_do_accept+0x10/0x10 [ 981.157202][T12270] __sys_accept4+0x11e/0x1c0 [ 981.161933][T12270] ? __pfx___sys_accept4+0x10/0x10 [ 981.167078][T12270] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 981.173537][T12270] ? do_syscall_64+0x100/0x230 [ 981.178347][T12270] __x64_sys_accept4+0x9a/0xb0 [ 981.183136][T12270] do_syscall_64+0xf3/0x230 [ 981.187665][T12270] ? clear_bhb_loop+0x35/0x90 [ 981.192393][T12270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 981.198319][T12270] RIP: 0033:0x7f2e7b17def9 [ 981.202749][T12270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 981.222375][T12270] RSP: 002b:00007f2e7c042038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120 [ 981.230817][T12270] RAX: ffffffffffffffda RBX: 00007f2e7b335f80 RCX: 00007f2e7b17def9 [ 981.238822][T12270] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 981.246917][T12270] RBP: 00007f2e7c042090 R08: 0000000000000000 R09: 0000000000000000 [ 981.254903][T12270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 981.262883][T12270] R13: 0000000000000000 R14: 00007f2e7b335f80 R15: 00007fff116be8b8 [ 981.270885][T12270] [ 984.340319][T12308] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1057'. [ 985.039607][T12324] tmpfs: Unknown parameter 'nr_' [ 985.115919][T12318] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 985.170282][T12321] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1058'. [ 985.376509][T12338] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 985.435060][T12338] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 985.534182][ T5234] Bluetooth: hci4: command 0x0406 tx timeout [ 985.705289][T12345] nbd1: detected capacity change from 0 to 6 [ 985.799595][T10372] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 985.820693][T12350] block nbd1: shutting down sockets [ 985.901889][T10372] Buffer I/O error on dev nbd1, logical block 0, async page read [ 986.382996][T12354] dccp_close: ABORT with 1 bytes unread [ 986.393164][ T58] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 986.403518][ T58] Buffer I/O error on dev nbd1, logical block 0, async page read [ 986.418352][T10372] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 986.427557][T10372] Buffer I/O error on dev nbd1, logical block 0, async page read [ 986.435608][T10372] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 986.444866][T10372] Buffer I/O error on dev nbd1, logical block 0, async page read [ 986.452867][T10372] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 986.462747][T10372] Buffer I/O error on dev nbd1, logical block 0, async page read [ 986.471237][T10372] ldm_validate_partition_table(): Disk read failed. [ 986.478923][T10372] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 986.488206][T10372] Buffer I/O error on dev nbd1, logical block 0, async page read [ 986.496480][T10372] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 986.505773][T10372] Buffer I/O error on dev nbd1, logical block 0, async page read [ 986.514062][T10372] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 986.523219][T10372] Buffer I/O error on dev nbd1, logical block 0, async page read [ 986.591762][T10372] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 986.612132][T10372] Buffer I/O error on dev nbd1, logical block 0, async page read [ 986.653977][T10372] Dev nbd1: unable to read RDB block 0 [ 986.659610][T10372] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 986.693717][T10372] Buffer I/O error on dev nbd1, logical block 0, async page read [ 986.715405][T10372] nbd1: unable to read partition table [ 986.736882][T10372] nbd1: partition table beyond EOD, truncated [ 986.766067][T10372] ldm_validate_partition_table(): Disk read failed. [ 986.775299][T10372] Dev nbd1: unable to read RDB block 0 [ 986.781509][T10372] nbd1: unable to read partition table [ 986.821794][T10372] nbd1: partition table beyond EOD, truncated [ 987.131820][T12366] netlink: 'syz.2.1073': attribute type 1 has an invalid length. [ 988.205170][T12369] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1075'. [ 988.973349][T12379] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1076'. [ 989.412469][T12384] FAULT_INJECTION: forcing a failure. [ 989.412469][T12384] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 989.483315][T12384] CPU: 0 UID: 0 PID: 12384 Comm: syz.1.1079 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 989.493783][T12384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 989.503867][T12384] Call Trace: [ 989.507192][T12384] [ 989.510159][T12384] dump_stack_lvl+0x241/0x360 [ 989.514977][T12384] ? __pfx_dump_stack_lvl+0x10/0x10 [ 989.520197][T12384] ? __pfx__printk+0x10/0x10 [ 989.524813][T12384] should_fail_ex+0x3b0/0x4e0 [ 989.529506][T12384] prepare_alloc_pages+0x1da/0x5d0 [ 989.534741][T12384] __alloc_pages_noprof+0x166/0x6c0 [ 989.539991][T12384] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 989.545781][T12384] alloc_pages_mpol_noprof+0x3e8/0x680 [ 989.551301][T12384] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 989.557359][T12384] vma_alloc_folio_noprof+0x12e/0x230 [ 989.562774][T12384] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 989.568696][T12384] folio_prealloc+0x31/0x170 [ 989.573315][T12384] handle_pte_fault+0x255b/0x7010 [ 989.578356][T12384] ? __pfx_validate_chain+0x10/0x10 [ 989.583576][T12384] ? mark_lock+0x9a/0x360 [ 989.587934][T12384] ? __pfx_handle_pte_fault+0x10/0x10 [ 989.593341][T12384] ? mt_find+0x226/0x850 [ 989.597607][T12384] ? __pfx_lock_release+0x10/0x10 [ 989.602657][T12384] handle_mm_fault+0x1053/0x1ad0 [ 989.607622][T12384] ? __pfx_handle_mm_fault+0x10/0x10 [ 989.612933][T12384] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 989.619310][T12384] ? lock_mm_and_find_vma+0x9c/0x2f0 [ 989.624614][T12384] exc_page_fault+0x2b9/0x8c0 [ 989.629318][T12384] asm_exc_page_fault+0x26/0x30 [ 989.634188][T12384] RIP: 0010:rep_movs_alternative+0x4a/0x70 [ 989.640011][T12384] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 [ 989.659638][T12384] RSP: 0018:ffffc90009037ad0 EFLAGS: 00050246 [ 989.665725][T12384] RAX: ffffffff84aeb701 RBX: 0000000020033ac0 RCX: 0000000000000040 [ 989.673709][T12384] RDX: 0000000000000000 RSI: ffffc90009037b60 RDI: 0000000020033a80 [ 989.681690][T12384] RBP: ffffc90009037c10 R08: ffffc90009037b9f R09: 1ffff92001206f73 [ 989.689675][T12384] R10: dffffc0000000000 R11: fffff52001206f74 R12: 0000000000000040 [ 989.697662][T12384] R13: 0000000000000000 R14: 0000000020033a80 R15: ffffc90009037b60 [ 989.705680][T12384] ? _copy_to_user+0x61/0xb0 [ 989.710308][T12384] _copy_to_user+0x86/0xb0 [ 989.714742][T12384] rng_dev_read+0x3bb/0x6d0 [ 989.719263][T12384] ? mark_lock+0x9a/0x360 [ 989.723612][T12384] ? __pfx_rng_dev_read+0x10/0x10 [ 989.728669][T12384] ? rw_verify_area+0x568/0x6f0 [ 989.733800][T12384] vfs_readv+0x6bc/0xa80 [ 989.738082][T12384] ? __pfx_rng_dev_read+0x10/0x10 [ 989.743130][T12384] ? __pfx_vfs_readv+0x10/0x10 [ 989.747925][T12384] ? __fget_files+0x29/0x470 [ 989.752538][T12384] ? __fget_files+0x29/0x470 [ 989.757182][T12384] __x64_sys_preadv+0x1c7/0x2d0 [ 989.762072][T12384] ? __pfx___x64_sys_preadv+0x10/0x10 [ 989.767500][T12384] ? do_syscall_64+0x100/0x230 [ 989.772311][T12384] ? do_syscall_64+0xb6/0x230 [ 989.777044][T12384] do_syscall_64+0xf3/0x230 [ 989.781589][T12384] ? clear_bhb_loop+0x35/0x90 [ 989.786301][T12384] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 989.792220][T12384] RIP: 0033:0x7f995f97def9 [ 989.796666][T12384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 989.816287][T12384] RSP: 002b:00007f99606e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 989.824716][T12384] RAX: ffffffffffffffda RBX: 00007f995fb35f80 RCX: 00007f995f97def9 [ 989.832699][T12384] RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000005 [ 989.840682][T12384] RBP: 00007f99606e5090 R08: 0000000000000000 R09: 0000000000000000 [ 989.848703][T12384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 989.856715][T12384] R13: 0000000000000000 R14: 00007f995fb35f80 R15: 00007fffa7424a88 [ 989.864723][T12384] [ 990.118762][T12394] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 990.184606][T12394] FAULT_INJECTION: forcing a failure. [ 990.184606][T12394] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 990.230727][T12394] CPU: 0 UID: 0 PID: 12394 Comm: syz.2.1081 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 990.241199][T12394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 990.251271][T12394] Call Trace: [ 990.254578][T12394] [ 990.257519][T12394] dump_stack_lvl+0x241/0x360 [ 990.262229][T12394] ? __pfx_dump_stack_lvl+0x10/0x10 [ 990.267456][T12394] ? __pfx__printk+0x10/0x10 [ 990.272072][T12394] ? snprintf+0xda/0x120 [ 990.276334][T12394] should_fail_ex+0x3b0/0x4e0 [ 990.281029][T12394] _copy_to_user+0x2f/0xb0 [ 990.285464][T12394] simple_read_from_buffer+0xca/0x150 [ 990.290861][T12394] proc_fail_nth_read+0x1e9/0x250 [ 990.295923][T12394] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 990.301496][T12394] ? rw_verify_area+0x55e/0x6f0 [ 990.306365][T12394] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 990.311932][T12394] vfs_read+0x201/0xbc0 [ 990.316115][T12394] ? __pfx_lock_release+0x10/0x10 [ 990.321163][T12394] ? do_sock_setsockopt+0x3e2/0x720 [ 990.326378][T12394] ? __pfx_vfs_read+0x10/0x10 [ 990.331089][T12394] ? __fget_files+0x3f3/0x470 [ 990.335790][T12394] ? __fdget_pos+0x24e/0x320 [ 990.340401][T12394] ksys_read+0x1a0/0x2c0 [ 990.344669][T12394] ? __pfx_ksys_read+0x10/0x10 [ 990.349453][T12394] ? do_syscall_64+0x100/0x230 [ 990.354243][T12394] ? do_syscall_64+0xb6/0x230 [ 990.358954][T12394] do_syscall_64+0xf3/0x230 [ 990.363481][T12394] ? clear_bhb_loop+0x35/0x90 [ 990.368185][T12394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 990.374101][T12394] RIP: 0033:0x7f9b23f7c93c [ 990.378533][T12394] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 990.398242][T12394] RSP: 002b:00007f9b24e09030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 990.406676][T12394] RAX: ffffffffffffffda RBX: 00007f9b24135f80 RCX: 00007f9b23f7c93c [ 990.414658][T12394] RDX: 000000000000000f RSI: 00007f9b24e090a0 RDI: 0000000000000004 [ 990.422639][T12394] RBP: 00007f9b24e09090 R08: 0000000000000000 R09: 0000000000000000 [ 990.430618][T12394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 990.438598][T12394] R13: 0000000000000000 R14: 00007f9b24135f80 R15: 00007ffe365e5cb8 [ 990.446592][T12394] [ 990.587414][ T5234] Bluetooth: hci0: unexpected event for opcode 0x0c7a [ 990.885679][T12410] FAULT_INJECTION: forcing a failure. [ 990.885679][T12410] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 990.932225][T12410] CPU: 1 UID: 0 PID: 12410 Comm: syz.1.1085 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 990.942708][T12410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 990.952770][T12410] Call Trace: [ 990.956111][T12410] [ 990.959066][T12410] dump_stack_lvl+0x241/0x360 [ 990.963819][T12410] ? __pfx_dump_stack_lvl+0x10/0x10 [ 990.969163][T12410] ? __pfx__printk+0x10/0x10 [ 990.973788][T12410] ? __pfx_lock_release+0x10/0x10 [ 990.978865][T12410] ? rcu_is_watching+0x15/0xb0 [ 990.983646][T12410] should_fail_ex+0x3b0/0x4e0 [ 990.988347][T12410] _copy_from_iter+0x1ed/0x1d60 [ 990.993217][T12410] ? alloc_pages_mpol_noprof+0x417/0x680 [ 990.998857][T12410] ? __pfx__copy_from_iter+0x10/0x10 [ 991.004154][T12410] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 991.010142][T12410] ? alloc_pages_noprof+0xef/0x170 [ 991.015311][T12410] ? page_copy_sane+0x46/0x260 [ 991.020111][T12410] copy_page_from_iter+0x7a/0x100 [ 991.025234][T12410] tun_get_user+0x2046/0x47e0 [ 991.030035][T12410] ? tun_get_user+0x871/0x47e0 [ 991.034838][T12410] ? __lock_acquire+0x1384/0x2050 [ 991.039886][T12410] ? __pfx_tun_get_user+0x10/0x10 [ 991.044949][T12410] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 991.050432][T12410] ? tun_get+0x1e/0x2f0 [ 991.054597][T12410] ? __pfx_lock_release+0x10/0x10 [ 991.059646][T12410] ? tun_get+0x1e/0x2f0 [ 991.063825][T12410] ? tun_get+0x27d/0x2f0 [ 991.068074][T12410] tun_chr_write_iter+0x10d/0x1f0 [ 991.073111][T12410] vfs_write+0xa6d/0xc90 [ 991.077380][T12410] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 991.082947][T12410] ? __pfx_vfs_write+0x10/0x10 [ 991.087813][T12410] ? __fdget_pos+0x19a/0x320 [ 991.092403][T12410] ksys_write+0x1a0/0x2c0 [ 991.096770][T12410] ? __pfx_ksys_write+0x10/0x10 [ 991.101626][T12410] ? do_syscall_64+0x100/0x230 [ 991.106402][T12410] ? do_syscall_64+0xb6/0x230 [ 991.111086][T12410] do_syscall_64+0xf3/0x230 [ 991.115599][T12410] ? clear_bhb_loop+0x35/0x90 [ 991.120285][T12410] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 991.126187][T12410] RIP: 0033:0x7f995f97c9df [ 991.130621][T12410] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 991.150230][T12410] RSP: 002b:00007f99606e5000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 991.158651][T12410] RAX: ffffffffffffffda RBX: 00007f995fb35f80 RCX: 00007f995f97c9df [ 991.166626][T12410] RDX: 0000000000000046 RSI: 0000000020000340 RDI: 00000000000000c8 [ 991.174610][T12410] RBP: 00007f99606e5090 R08: 0000000000000000 R09: 0000000000000000 [ 991.182604][T12410] R10: 0000000000000046 R11: 0000000000000293 R12: 0000000000000001 [ 991.190602][T12410] R13: 0000000000000001 R14: 00007f995fb35f80 R15: 00007fffa7424a88 [ 991.198592][T12410] [ 992.919434][T12429] FAULT_INJECTION: forcing a failure. [ 992.919434][T12429] name failslab, interval 1, probability 0, space 0, times 0 [ 992.957583][T12429] CPU: 1 UID: 0 PID: 12429 Comm: syz.1.1090 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 992.968166][T12429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 992.978280][T12429] Call Trace: [ 992.981599][T12429] [ 992.984575][T12429] dump_stack_lvl+0x241/0x360 [ 992.989327][T12429] ? __pfx_dump_stack_lvl+0x10/0x10 [ 992.994595][T12429] ? __pfx__printk+0x10/0x10 [ 992.999277][T12429] ? __kmalloc_noprof+0xb0/0x400 [ 993.004281][T12429] ? __pfx___might_resched+0x10/0x10 [ 993.009631][T12429] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 993.015685][T12429] should_fail_ex+0x3b0/0x4e0 [ 993.020433][T12429] ? sock_kmalloc+0xd7/0x160 [ 993.025085][T12429] should_failslab+0xac/0x100 [ 993.029817][T12429] ? sock_kmalloc+0xd7/0x160 [ 993.034456][T12429] __kmalloc_noprof+0xd8/0x400 [ 993.039279][T12429] ? __lock_acquire+0x1384/0x2050 [ 993.044365][T12429] sock_kmalloc+0xd7/0x160 [ 993.048842][T12429] af_alg_alloc_areq+0x90/0x260 [ 993.053756][T12429] skcipher_recvmsg+0x382/0x1230 [ 993.058775][T12429] ? __pfx_skcipher_recvmsg+0x10/0x10 [ 993.064203][T12429] ? __might_fault+0xaa/0x120 [ 993.068933][T12429] ? __pfx_lock_release+0x10/0x10 [ 993.073997][T12429] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 993.079296][T12429] ? __pfx_skcipher_recvmsg+0x10/0x10 [ 993.084776][T12429] sock_recvmsg+0x22f/0x280 [ 993.089299][T12429] ____sys_recvmsg+0x1c6/0x480 [ 993.094086][T12429] ? __pfx_____sys_recvmsg+0x10/0x10 [ 993.099400][T12429] __sys_recvmsg+0x2ea/0x3d0 [ 993.104009][T12429] ? __pfx___sys_recvmsg+0x10/0x10 [ 993.109154][T12429] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 993.115522][T12429] ? do_syscall_64+0x100/0x230 [ 993.120324][T12429] ? do_syscall_64+0xb6/0x230 [ 993.125033][T12429] do_syscall_64+0xf3/0x230 [ 993.129557][T12429] ? clear_bhb_loop+0x35/0x90 [ 993.134260][T12429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 993.140208][T12429] RIP: 0033:0x7f995f97def9 [ 993.144639][T12429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 993.164259][T12429] RSP: 002b:00007f99606e5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 993.172688][T12429] RAX: ffffffffffffffda RBX: 00007f995fb35f80 RCX: 00007f995f97def9 [ 993.180686][T12429] RDX: 0000000000000000 RSI: 000000002000a8c0 RDI: 0000000000000004 [ 993.188665][T12429] RBP: 00007f99606e5090 R08: 0000000000000000 R09: 0000000000000000 [ 993.196738][T12429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 993.204742][T12429] R13: 0000000000000000 R14: 00007f995fb35f80 R15: 00007fffa7424a88 [ 993.212733][T12429] [ 993.223664][ T1264] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.230125][ T1264] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.374603][ T5275] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 993.421359][T12439] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1089'. [ 993.508211][T12441] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 993.665005][T12441] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 993.678227][ T5275] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 154, changing to 7 [ 994.563840][T10923] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 994.585938][ T5275] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 994.595218][ T5275] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 994.603457][ T5275] usb 5-1: Product: syz [ 994.608516][ T5275] usb 5-1: Manufacturer: syz [ 994.613188][ T5275] usb 5-1: SerialNumber: syz [ 994.733908][T11299] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 994.793950][T10923] usb 2-1: Using ep0 maxpacket: 32 [ 994.812904][T10923] usb 2-1: config 1 has an invalid interface number: 65 but max is 0 [ 994.875701][T10923] usb 2-1: config 1 has no interface number 0 [ 994.943145][T11299] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 994.961090][T10923] usb 2-1: config 1 interface 65 has no altsetting 0 [ 995.016699][T11299] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 995.047301][T10923] usb 2-1: New USB device found, idVendor=0c52, idProduct=2831, bcdDevice=3d.a6 [ 995.120730][T10923] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 995.129184][T11299] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 995.139483][T10923] usb 2-1: Product: syz [ 995.154026][T10923] usb 2-1: Manufacturer: syz [ 995.159192][T10923] usb 2-1: SerialNumber: syz [ 995.166913][T11299] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 995.209345][T11299] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 995.250272][T11299] usb 3-1: Product: syz [ 995.255304][T11299] usb 3-1: Manufacturer: syz [ 995.260041][T11299] usb 3-1: SerialNumber: syz [ 995.269304][T12431] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 995.302104][T12431] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 995.325069][T11299] usb 3-1: selecting invalid altsetting 1 [ 995.332768][T12431] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 995.364383][T12431] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 995.382558][ C1] hrtimer: interrupt took 45973 ns [ 995.384891][T12431] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 995.396032][T12431] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 995.405152][T12431] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 995.452886][T12431] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 995.471443][T10923] ftdi_sio 2-1:1.65: FTDI USB Serial Device converter detected [ 995.483411][T12431] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 995.503350][T12431] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 995.515713][T10923] ftdi_sio ttyUSB0: unknown device type: 0x3da6 [ 995.551627][ T29] audit: type=1326 audit(1726821624.821:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12435 comm="syz.2.1093" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9b23f7def9 code=0x0 [ 995.607815][T12457] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 995.621389][T10923] usb 2-1: USB disconnect, device number 9 [ 995.646591][T10923] ftdi_sio 2-1:1.65: device disconnected [ 995.654280][T12457] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 995.696528][ T5275] usb 5-1: 2:1: invalid format type 0x1002 is detected, processed as PCM [ 995.706240][ T5275] usb 5-1: 2:1 : sample bitwidth 127 in over sample bytes 3 [ 995.713733][ T5275] usb 5-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 995.720255][ T5275] usb 5-1: 2:1 : invalid channels 0 [ 995.770534][T11299] cdc_ncm 3-1:1.0: failed GET_NTB_PARAMETERS [ 995.790266][T11299] cdc_ncm 3-1:1.0: bind() failure [ 995.818150][ T5275] usb 5-1: USB disconnect, device number 6 [ 995.829145][T11299] usb 3-1: USB disconnect, device number 7 [ 995.989115][T10372] udevd[10372]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 996.174841][T12470] FAULT_INJECTION: forcing a failure. [ 996.174841][T12470] name failslab, interval 1, probability 0, space 0, times 0 [ 996.213937][T10923] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 996.225494][T12470] CPU: 1 UID: 0 PID: 12470 Comm: syz.0.1105 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 996.236005][T12470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 996.246114][T12470] Call Trace: [ 996.249441][T12470] [ 996.252411][T12470] dump_stack_lvl+0x241/0x360 [ 996.257247][T12470] ? __pfx_dump_stack_lvl+0x10/0x10 [ 996.262500][T12470] ? __pfx__printk+0x10/0x10 [ 996.267150][T12470] ? kmem_cache_alloc_noprof+0x44/0x2a0 [ 996.272754][T12470] ? __pfx___might_resched+0x10/0x10 [ 996.278106][T12470] should_fail_ex+0x3b0/0x4e0 [ 996.282844][T12470] ? cred_alloc_blank+0x20/0x120 [ 996.287832][T12470] should_failslab+0xac/0x100 [ 996.292575][T12470] ? cred_alloc_blank+0x20/0x120 [ 996.297553][T12470] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 996.302959][T12470] cred_alloc_blank+0x20/0x120 [ 996.307739][T12470] keyctl_session_to_parent+0x42/0xa30 [ 996.313209][T12470] ? vfs_write+0x7bf/0xc90 [ 996.317646][T12470] __se_sys_keyctl+0x75e/0xa50 [ 996.322422][T12470] ? __pfx___se_sys_keyctl+0x10/0x10 [ 996.327720][T12470] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 996.333727][T12470] ? __fget_files+0x3f3/0x470 [ 996.338530][T12470] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 996.344529][T12470] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 996.350878][T12470] ? do_syscall_64+0x100/0x230 [ 996.355682][T12470] ? __x64_sys_keyctl+0x20/0xc0 [ 996.360566][T12470] do_syscall_64+0xf3/0x230 [ 996.365100][T12470] ? clear_bhb_loop+0x35/0x90 [ 996.369801][T12470] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 996.375716][T12470] RIP: 0033:0x7f2e7b17def9 [ 996.380144][T12470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 996.399872][T12470] RSP: 002b:00007f2e7c042038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 996.408310][T12470] RAX: ffffffffffffffda RBX: 00007f2e7b335f80 RCX: 00007f2e7b17def9 [ 996.416298][T12470] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000012 [ 996.424277][T12470] RBP: 00007f2e7c042090 R08: 0000000000000000 R09: 0000000000000000 [ 996.432255][T12470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 996.440317][T12470] R13: 0000000000000000 R14: 00007f2e7b335f80 R15: 00007fff116be8b8 [ 996.448323][T12470] [ 996.557606][T10923] usb 4-1: Using ep0 maxpacket: 8 [ 996.565547][T10923] usb 4-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 996.581217][T10923] usb 4-1: config 2 has 1 interface, different from the descriptor's value: 3 [ 996.632388][T10923] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=f0.c9 [ 996.646722][T10923] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 996.664002][T10923] usb 4-1: Product: syz [ 996.673421][T10923] usb 4-1: Manufacturer: syz [ 996.683152][T10923] usb 4-1: SerialNumber: syz [ 996.724182][ T5275] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 997.469408][T12482] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1107'. [ 997.471988][ T5275] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 997.501095][ T5275] usb 2-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 997.660724][ T5275] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 997.872794][T10923] snd-usb-6fire 4-1:2.0: unable to receive device firmware state. [ 997.940286][T10923] snd-usb-6fire 4-1:2.0: probe with driver snd-usb-6fire failed with error -110 [ 998.291772][ T5275] usb 2-1: config 0 descriptor?? [ 998.719541][T12467] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 998.822396][T12467] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 998.838775][ T5275] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 998.894202][T11299] usb 2-1: USB disconnect, device number 10 [ 999.030216][ T29] audit: type=1326 audit(1726821628.301:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12462 comm="syz.3.1102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e297def9 code=0x7fc00000 [ 999.085491][ T5275] usb 3-1: Using ep0 maxpacket: 8 [ 999.092562][ T5275] usb 3-1: config 0 has an invalid interface number: 186 but max is 0 [ 999.102094][ T5275] usb 3-1: config 0 has no interface number 0 [ 999.113337][ T5275] usb 3-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 999.140813][ T5275] usb 3-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A [ 999.161216][ T5275] usb 3-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 108, changing to 10 [ 999.200919][ T5275] usb 3-1: config 0 interface 186 altsetting 0 endpoint 0x8A has invalid maxpacket 8949, setting to 1024 [ 999.214996][ T5275] usb 3-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 999.233096][ T5275] usb 3-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5 [ 999.243048][ T5275] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 999.251840][ T5275] usb 3-1: Product: syz [ 999.256672][ T5275] usb 3-1: Manufacturer: syz [ 999.261530][ T5275] usb 3-1: SerialNumber: syz [ 999.300978][ T5275] usb 3-1: config 0 descriptor?? [ 999.489086][T12507] netlink: 'syz.4.1116': attribute type 41 has an invalid length. [ 999.543374][ T5275] iowarrior 3-1:0.186: IOWarrior product=0x1505, serial=42424242 interface=186 now attached to iowarrior0 [ 999.643834][T11299] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 999.746149][ T8] usb 3-1: USB disconnect, device number 8 [ 999.758836][ T8] iowarrior 3-1:0.186: I/O-Warror #0 now disconnected [ 999.813856][T11299] usb 1-1: Using ep0 maxpacket: 16 [ 999.832010][T11299] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 999.848978][T11299] usb 1-1: config 1 has no interface number 1 [ 999.859323][T11299] usb 1-1: too many endpoints for config 1 interface 2 altsetting 4: 249, using maximum allowed: 30 [ 999.872993][T11299] usb 1-1: config 1 interface 2 altsetting 4 has 0 endpoint descriptors, different from the interface descriptor's value: 249 [ 999.890042][T11299] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 999.901130][T11299] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 999.911417][T11299] usb 1-1: config 1 interface 2 has no altsetting 2 [ 999.919976][T11299] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 999.929344][T11299] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 999.937871][T11299] usb 1-1: Product: syz [ 999.942078][T11299] usb 1-1: Manufacturer: syz [ 999.947092][T11299] usb 1-1: SerialNumber: syz [ 1000.034309][T12521] syz.1.1119 uses obsolete (PF_INET,SOCK_PACKET) [ 1000.062475][ T29] audit: type=1326 audit(1726821629.331:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12462 comm="syz.3.1102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f20e297def9 code=0x7fc00000 [ 1000.153468][ T8] usb 4-1: USB disconnect, device number 6 [ 1000.253051][T11299] usb 1-1: USB disconnect, device number 12 [ 1000.346594][T10372] udevd[10372]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1000.387944][T12524] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1120'. [ 1000.553827][T12527] FAULT_INJECTION: forcing a failure. [ 1000.553827][T12527] name failslab, interval 1, probability 0, space 0, times 0 [ 1000.606380][T12527] CPU: 1 UID: 0 PID: 12527 Comm: syz.4.1121 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 1000.616870][T12527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1000.626963][T12527] Call Trace: [ 1000.630273][T12527] [ 1000.633250][T12527] dump_stack_lvl+0x241/0x360 [ 1000.638013][T12527] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1000.643270][T12527] ? __pfx__printk+0x10/0x10 [ 1000.643450][T12532] Zero length message leads to an empty skb [ 1000.647903][T12527] ? __kmalloc_cache_noprof+0x44/0x2c0 [ 1000.647974][T12527] ? __pfx___might_resched+0x10/0x10 [ 1000.648019][T12527] should_fail_ex+0x3b0/0x4e0 [ 1000.648049][T12527] should_failslab+0xac/0x100 [ 1000.648074][T12527] ? __pfx_free_ioctx_reqs+0x10/0x10 [ 1000.648101][T12527] ? percpu_ref_init+0xbf/0x360 [ 1000.648130][T12527] __kmalloc_cache_noprof+0x6c/0x2c0 [ 1000.662913][T12532] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1123'. [ 1000.664768][T12527] ? __pfx_free_ioctx_reqs+0x10/0x10 [ 1000.664804][T12527] percpu_ref_init+0xbf/0x360 [ 1000.664837][T12527] ? __pfx_free_ioctx_users+0x10/0x10 [ 1000.664869][T12527] ioctx_alloc+0x25e/0x7b0 [ 1000.664902][T12527] ? __might_fault+0xc6/0x120 [ 1000.686973][T12532] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1123'. [ 1000.689694][T12527] __se_sys_io_setup+0x7b/0x1a0 [ 1000.708651][T12532] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1123'. [ 1000.713922][T12527] do_syscall_64+0xf3/0x230 [ 1000.713966][T12527] ? clear_bhb_loop+0x35/0x90 [ 1000.714003][T12527] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1000.714032][T12527] RIP: 0033:0x7f38d137def9 [ 1000.714053][T12527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1000.714073][T12527] RSP: 002b:00007f38d21aa038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1000.714100][T12527] RAX: ffffffffffffffda RBX: 00007f38d1535f80 RCX: 00007f38d137def9 [ 1000.714117][T12527] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000202 [ 1000.714131][T12527] RBP: 00007f38d21aa090 R08: 0000000000000000 R09: 0000000000000000 [ 1000.714146][T12527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1000.727343][T12532] overlayfs: failed to resolve './file1': -2 [ 1000.732175][T12527] R13: 0000000000000000 R14: 00007f38d1535f80 R15: 00007ffc82594048 [ 1000.732217][T12527] [ 1000.977102][T12534] FAULT_INJECTION: forcing a failure. [ 1000.977102][T12534] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1000.991343][T12534] CPU: 1 UID: 0 PID: 12534 Comm: syz.2.1124 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 1001.001801][T12534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1001.011875][T12534] Call Trace: [ 1001.015183][T12534] [ 1001.018122][T12534] dump_stack_lvl+0x241/0x360 [ 1001.022827][T12534] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1001.028045][T12534] ? __pfx__printk+0x10/0x10 [ 1001.032659][T12534] ? __pfx_lock_release+0x10/0x10 [ 1001.037730][T12534] ? __lock_acquire+0x1384/0x2050 [ 1001.042804][T12534] should_fail_ex+0x3b0/0x4e0 [ 1001.047519][T12534] _copy_to_user+0x2f/0xb0 [ 1001.051952][T12534] do_ipv6_getsockopt+0x2475/0x3830 [ 1001.057182][T12534] ? __pfx_do_ipv6_getsockopt+0x10/0x10 [ 1001.062757][T12534] ? mark_lock+0x9a/0x360 [ 1001.067098][T12534] ? __lock_acquire+0x1384/0x2050 [ 1001.072177][T12534] ? __pfx___might_resched+0x10/0x10 [ 1001.077486][T12534] ipv6_getsockopt+0x108/0x360 [ 1001.082276][T12534] ? __pfx_ipv6_getsockopt+0x10/0x10 [ 1001.087591][T12534] ? __might_fault+0xc6/0x120 [ 1001.092280][T12534] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 1001.098196][T12534] do_sock_getsockopt+0x3c4/0x7e0 [ 1001.103236][T12534] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 1001.108792][T12534] ? __fget_files+0x3f3/0x470 [ 1001.113479][T12534] ? __fget_files+0x29/0x470 [ 1001.118084][T12534] __sys_getsockopt+0x26b/0x330 [ 1001.122953][T12534] ? __pfx___sys_getsockopt+0x10/0x10 [ 1001.128349][T12534] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1001.134695][T12534] ? do_syscall_64+0x100/0x230 [ 1001.139491][T12534] __x64_sys_getsockopt+0xb5/0xd0 [ 1001.144527][T12534] do_syscall_64+0xf3/0x230 [ 1001.149085][T12534] ? clear_bhb_loop+0x35/0x90 [ 1001.153785][T12534] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1001.159711][T12534] RIP: 0033:0x7f9b23f7def9 [ 1001.164140][T12534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1001.183760][T12534] RSP: 002b:00007f9b24e09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 1001.192199][T12534] RAX: ffffffffffffffda RBX: 00007f9b24135f80 RCX: 00007f9b23f7def9 [ 1001.200189][T12534] RDX: 000000000000000b RSI: 0000000000000029 RDI: 0000000000000003 [ 1001.208167][T12534] RBP: 00007f9b24e09090 R08: 00000000207d0000 R09: 0000000000000000 [ 1001.216157][T12534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1001.224234][T12534] R13: 0000000000000000 R14: 00007f9b24135f80 R15: 00007ffe365e5cb8 [ 1001.232236][T12534] [ 1001.899486][T12554] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1131'. [ 1001.920145][T12554] A link change request failed with some changes committed already. Interface veth1_to_hsr may have been left with an inconsistent configuration, please check. [ 1003.562573][T12574] IPVS: set_ctl: invalid protocol: 44 172.30.1.5:20004 [ 1003.661769][T12574] x_tables: duplicate underflow at hook 1 [ 1003.974158][ T51] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 1004.747825][ T51] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1004.763942][ T51] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1004.772245][ T51] usb 5-1: Product: syz [ 1004.776617][ T51] usb 5-1: Manufacturer: syz [ 1004.781319][ T51] usb 5-1: SerialNumber: syz [ 1004.810255][ T51] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1004.942286][T10923] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1005.654746][T12600] dccp_close: ABORT with 1 bytes unread [ 1006.064004][T10923] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 1006.287073][T10923] ath9k_htc: Failed to initialize the device [ 1006.465305][T10923] usb 5-1: ath9k_htc: USB layer deinitialized [ 1006.626833][ T9] usb 5-1: USB disconnect, device number 7 [ 1006.805107][ T5275] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 1006.867188][T12613] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1142'. [ 1007.089014][ T5275] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 1007.093461][T12618] syz_tun: entered promiscuous mode [ 1007.227584][ T5275] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1007.289265][ T5275] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1007.340803][ T5275] usb 4-1: SerialNumber: syz [ 1007.433567][T12618] syz_tun: left promiscuous mode [ 1007.972556][T12637] fuse: Bad value for 'fd' [ 1008.211326][ T5275] cdc_ether 4-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.3-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 1008.251490][T12645] FAULT_INJECTION: forcing a failure. [ 1008.251490][T12645] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1008.277722][T12645] CPU: 1 UID: 0 PID: 12645 Comm: syz.2.1153 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 1008.288215][T12645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1008.298314][T12645] Call Trace: [ 1008.301674][T12645] [ 1008.304649][T12645] dump_stack_lvl+0x241/0x360 [ 1008.309386][T12645] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1008.314640][T12645] ? __pfx__printk+0x10/0x10 [ 1008.319307][T12645] ? snprintf+0xda/0x120 [ 1008.323599][T12645] should_fail_ex+0x3b0/0x4e0 [ 1008.328335][T12645] _copy_to_user+0x2f/0xb0 [ 1008.332798][T12645] simple_read_from_buffer+0xca/0x150 [ 1008.338225][T12645] proc_fail_nth_read+0x1e9/0x250 [ 1008.343306][T12645] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1008.348999][T12645] ? rw_verify_area+0x55e/0x6f0 [ 1008.353901][T12645] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1008.359500][T12645] vfs_read+0x201/0xbc0 [ 1008.363704][T12645] ? __pfx_lock_release+0x10/0x10 [ 1008.368793][T12645] ? __pfx_vfs_read+0x10/0x10 [ 1008.373536][T12645] ? __fget_files+0x3f3/0x470 [ 1008.378331][T12645] ? __fdget_pos+0x24e/0x320 [ 1008.382975][T12645] ksys_read+0x1a0/0x2c0 [ 1008.387278][T12645] ? __pfx_ksys_read+0x10/0x10 [ 1008.392102][T12645] ? do_syscall_64+0x100/0x230 [ 1008.396932][T12645] ? do_syscall_64+0xb6/0x230 [ 1008.401712][T12645] do_syscall_64+0xf3/0x230 [ 1008.406278][T12645] ? clear_bhb_loop+0x35/0x90 [ 1008.411019][T12645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1008.417054][T12645] RIP: 0033:0x7f9b23f7c93c [ 1008.421512][T12645] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 1008.441166][T12645] RSP: 002b:00007f9b24e09030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1008.449628][T12645] RAX: ffffffffffffffda RBX: 00007f9b24135f80 RCX: 00007f9b23f7c93c [ 1008.457835][T12645] RDX: 000000000000000f RSI: 00007f9b24e090a0 RDI: 0000000000000005 [ 1008.465853][T12645] RBP: 00007f9b24e09090 R08: 0000000000000000 R09: 0000000000000000 [ 1008.473870][T12645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1008.481883][T12645] R13: 0000000000000000 R14: 00007f9b24135f80 R15: 00007ffe365e5cb8 [ 1008.489913][T12645] [ 1008.574123][ T51] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 1008.739046][ T5275] usb 4-1: USB disconnect, device number 7 [ 1008.753388][ T5275] cdc_ether 4-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.3-1, CDC Ethernet Device [ 1008.773291][ T51] usb 5-1: config 0 has an invalid interface number: 185 but max is 0 [ 1008.795641][ T51] usb 5-1: config 0 has an invalid interface association descriptor of length 5, skipping [ 1008.834220][ T51] usb 5-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config [ 1008.874420][ T51] usb 5-1: config 0 has no interface number 0 [ 1008.904204][ T51] usb 5-1: config 0 interface 185 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 1008.918164][ T29] audit: type=1326 audit(1726821638.191:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12652 comm="syz.2.1154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b23f7def9 code=0x7ffc0000 [ 1008.933709][ T51] usb 5-1: config 0 interface 185 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 16 [ 1008.989486][ T29] audit: type=1326 audit(1726821638.191:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12652 comm="syz.2.1154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b23f7def9 code=0x7ffc0000 [ 1009.029861][ T51] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=d2.82 [ 1009.056715][ T51] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1009.083727][ T51] usb 5-1: Product: syz [ 1009.087958][ T51] usb 5-1: Manufacturer: syz [ 1009.092587][ T51] usb 5-1: SerialNumber: syz [ 1009.137069][ T51] usb 5-1: config 0 descriptor?? [ 1009.153473][ T51] cdc_ether 5-1:0.185: skipping garbage [ 1009.173692][ T51] cdc_ether 5-1:0.185: skipping garbage [ 1009.184448][ T51] cdc_ether 5-1:0.185: skipping garbage [ 1009.190082][ T51] usb 5-1: bad CDC descriptors [ 1009.214205][ T51] usb 5-1: unsupported MDLM descriptors [ 1009.378255][ T51] usb 5-1: USB disconnect, device number 8 [ 1009.748377][T12680] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1158'. [ 1009.964650][ T9] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 1009.973916][ T5274] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 1010.038144][T12691] FAULT_INJECTION: forcing a failure. [ 1010.038144][T12691] name failslab, interval 1, probability 0, space 0, times 0 [ 1010.090916][T12691] CPU: 0 UID: 0 PID: 12691 Comm: syz.4.1161 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 1010.101418][T12691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1010.111516][T12691] Call Trace: [ 1010.114846][T12691] [ 1010.117813][T12691] dump_stack_lvl+0x241/0x360 [ 1010.122544][T12691] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1010.127806][T12691] ? __pfx__printk+0x10/0x10 [ 1010.132459][T12691] ? ref_tracker_alloc+0x332/0x490 [ 1010.137641][T12691] should_fail_ex+0x3b0/0x4e0 [ 1010.142371][T12691] ? skb_clone+0x20c/0x390 [ 1010.146831][T12691] should_failslab+0xac/0x100 [ 1010.151559][T12691] ? skb_clone+0x20c/0x390 [ 1010.156017][T12691] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 1010.161447][T12691] skb_clone+0x20c/0x390 [ 1010.165744][T12691] __netlink_deliver_tap+0x3cc/0x7c0 [ 1010.171095][T12691] ? netlink_deliver_tap+0x2e/0x1b0 [ 1010.176444][T12691] netlink_deliver_tap+0x19d/0x1b0 [ 1010.181617][T12691] netlink_unicast+0x7c4/0x990 [ 1010.186452][T12691] ? __pfx_netlink_unicast+0x10/0x10 [ 1010.191792][T12691] ? __virt_addr_valid+0x183/0x530 [ 1010.196949][T12691] ? __check_object_size+0x49c/0x900 [ 1010.202278][T12691] netlink_sendmsg+0x8e4/0xcb0 [ 1010.207104][T12691] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1010.212455][T12691] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1010.217800][T12691] __sock_sendmsg+0x221/0x270 [ 1010.222524][T12691] ____sys_sendmsg+0x52a/0x7e0 [ 1010.227341][T12691] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1010.232684][T12691] __sys_sendmsg+0x2aa/0x390 [ 1010.237314][T12691] ? __pfx___sys_sendmsg+0x10/0x10 [ 1010.242474][T12691] ? vfs_write+0x7bf/0xc90 [ 1010.246991][T12691] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1010.253381][T12691] ? do_syscall_64+0x100/0x230 [ 1010.258242][T12691] ? do_syscall_64+0xb6/0x230 [ 1010.262985][T12691] do_syscall_64+0xf3/0x230 [ 1010.267559][T12691] ? clear_bhb_loop+0x35/0x90 [ 1010.272297][T12691] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1010.278244][T12691] RIP: 0033:0x7f38d137def9 [ 1010.282716][T12691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1010.302415][T12691] RSP: 002b:00007f38d21aa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1010.310896][T12691] RAX: ffffffffffffffda RBX: 00007f38d1535f80 RCX: 00007f38d137def9 [ 1010.318923][T12691] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1010.326948][T12691] RBP: 00007f38d21aa090 R08: 0000000000000000 R09: 0000000000000000 [ 1010.334978][T12691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1010.342998][T12691] R13: 0000000000000000 R14: 00007f38d1535f80 R15: 00007ffc82594048 [ 1010.351058][T12691] [ 1010.407365][T12691] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1161'. [ 1010.425123][T12691] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1161'. [ 1010.457969][T12691] netlink: 292 bytes leftover after parsing attributes in process `syz.4.1161'. [ 1010.487199][ T9] usb 3-1: Using ep0 maxpacket: 8 [ 1010.506436][ T5274] usb 1-1: too many configurations: 9, using maximum allowed: 8 [ 1010.516040][ T9] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1010.526798][ T9] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1010.541442][ T9] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1010.550788][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1010.559313][ T9] usb 3-1: Product: 赽袇픗ᦤㅘ炊᫖ὑ [ 1010.580609][ T5274] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1010.589621][ T5274] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1010.601262][ T9] usb 3-1: Manufacturer: Ꭳ轴ᄄᵊ䝁Э殕檂䝙烉췽㧩셬湸뱏ՙ੄汣Ⱙᙑ㲯韝蹬᳚㩒㑱芦ﳝᬬꥉ騥䍒듁᾿劬宧윭싮謷晐⟉堗؄熱䞞얱﫬뜂뙐鄁㍿훃跈꼓㺈ꔀ⩳磜掋娡䕷䜛 [ 1010.654578][ T5274] usb 1-1: config 0 interface 0 has no altsetting 0 [ 1010.662943][ T5274] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1010.682541][ T5274] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1010.693899][ T9] usb 3-1: SerialNumber: syz [ 1010.719182][ T5274] usb 1-1: config 0 interface 0 has no altsetting 0 [ 1010.756067][ T5274] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1010.773893][ T5274] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1010.802133][ T5274] usb 1-1: config 0 interface 0 has no altsetting 0 [ 1010.824160][ T5274] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1010.847880][ T5274] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1010.870896][ T5274] usb 1-1: config 0 interface 0 has no altsetting 0 [ 1010.885433][ T5274] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1010.895671][ T5274] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1010.910767][ T5274] usb 1-1: config 0 interface 0 has no altsetting 0 [ 1010.996715][ T5274] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1011.023815][ T5274] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1011.095474][T12704] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 1011.892120][ T5274] usb 1-1: config 0 interface 0 has no altsetting 0 [ 1011.914988][ T5274] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1011.936094][ T5274] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1011.947247][T12704] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 1011.959207][ T5274] usb 1-1: config 0 interface 0 has no altsetting 0 [ 1011.977860][T12704] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 1011.993753][ T5274] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1012.015521][ T5274] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1012.031013][T12704] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 1012.067906][ T5274] usb 1-1: config 0 interface 0 has no altsetting 0 [ 1012.116855][ T5274] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 1012.120463][T12704] geneve2: entered promiscuous mode [ 1012.132084][ T5274] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 1012.150551][ T5274] usb 1-1: Product: syz [ 1012.155125][ T5274] usb 1-1: Manufacturer: syz [ 1012.159977][ T5274] usb 1-1: SerialNumber: syz [ 1012.165953][ T9] usb 3-1: 0:2 : does not exist [ 1012.187510][ T5274] usb 1-1: config 0 descriptor?? [ 1012.222864][ T5274] yurex 1-1:0.0: USB YUREX device now attached to Yurex #0 [ 1012.223847][T12704] geneve2: entered allmulticast mode [ 1012.244300][ T9] usb 3-1: USB disconnect, device number 9 [ 1012.253909][ T51] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 1012.369392][T12704] netdevsim netdevsim1 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 1012.429288][T12704] netdevsim netdevsim1 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 1012.438872][ T51] usb 2-1: Using ep0 maxpacket: 16 [ 1012.468641][ T51] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1012.476717][T12704] netdevsim netdevsim1 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 1012.488589][ T51] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1012.488695][ T51] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 1012.488760][ T51] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1012.492131][ T51] usb 2-1: config 0 descriptor?? [ 1012.516504][T12704] netdevsim netdevsim1 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 1012.534689][T12713] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1012.558713][T12713] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1012.651613][ C0] usb 1-1: yurex_control_callback - control failed: -71 [ 1012.663420][ T9] usb 1-1: USB disconnect, device number 13 [ 1012.671515][ T9] yurex 1-1:0.0: USB YUREX #0 now disconnected [ 1013.421565][T12704] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1162'. [ 1013.759540][T12724] xt_hashlimit: size too large, truncated to 1048576 [ 1015.887973][T12736] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1170'. [ 1017.126345][ T51] usbhid 2-1:0.0: can't add hid device: -71 [ 1017.140225][ T51] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 1018.015770][ T8] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 1018.097497][ T51] usb 2-1: USB disconnect, device number 11 [ 1018.718428][T12768] netlink: 'syz.1.1176': attribute type 16 has an invalid length. [ 1018.727546][T12768] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.1176'. [ 1019.593366][T12770] netlink: 'syz.3.1178': attribute type 41 has an invalid length. [ 1019.711361][T12773] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 1019.799215][ T5228] Bluetooth: hci6: unexpected event for opcode 0x0c7a [ 1020.105692][T12781] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1180'. [ 1020.844987][T12793] FAULT_INJECTION: forcing a failure. [ 1020.844987][T12793] name failslab, interval 1, probability 0, space 0, times 0 [ 1021.025258][T12793] CPU: 1 UID: 0 PID: 12793 Comm: syz.1.1188 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 1021.035784][T12793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1021.045883][T12793] Call Trace: [ 1021.049184][T12793] [ 1021.052153][T12793] dump_stack_lvl+0x241/0x360 [ 1021.056866][T12793] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1021.062083][T12793] ? __pfx__printk+0x10/0x10 [ 1021.066690][T12793] ? ref_tracker_alloc+0x332/0x490 [ 1021.071821][T12793] should_fail_ex+0x3b0/0x4e0 [ 1021.076541][T12793] ? skb_clone+0x20c/0x390 [ 1021.080989][T12793] should_failslab+0xac/0x100 [ 1021.085696][T12793] ? skb_clone+0x20c/0x390 [ 1021.090130][T12793] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 1021.095544][T12793] skb_clone+0x20c/0x390 [ 1021.099805][T12793] __netlink_deliver_tap+0x3cc/0x7c0 [ 1021.105160][T12793] ? netlink_deliver_tap+0x2e/0x1b0 [ 1021.110387][T12793] netlink_deliver_tap+0x19d/0x1b0 [ 1021.115521][T12793] netlink_unicast+0x7c4/0x990 [ 1021.120323][T12793] ? __pfx_netlink_unicast+0x10/0x10 [ 1021.125619][T12793] ? __virt_addr_valid+0x183/0x530 [ 1021.130736][T12793] ? __check_object_size+0x49c/0x900 [ 1021.136033][T12793] netlink_sendmsg+0x8e4/0xcb0 [ 1021.140829][T12793] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1021.146137][T12793] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1021.151452][T12793] __sock_sendmsg+0x221/0x270 [ 1021.156160][T12793] ____sys_sendmsg+0x52a/0x7e0 [ 1021.160940][T12793] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1021.166259][T12793] __sys_sendmsg+0x2aa/0x390 [ 1021.170875][T12793] ? __pfx___sys_sendmsg+0x10/0x10 [ 1021.175988][T12793] ? vfs_write+0x7bf/0xc90 [ 1021.180452][T12793] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1021.186801][T12793] ? do_syscall_64+0x100/0x230 [ 1021.191595][T12793] ? do_syscall_64+0xb6/0x230 [ 1021.196288][T12793] do_syscall_64+0xf3/0x230 [ 1021.200804][T12793] ? clear_bhb_loop+0x35/0x90 [ 1021.205490][T12793] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1021.211420][T12793] RIP: 0033:0x7f995f97def9 [ 1021.215843][T12793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1021.235456][T12793] RSP: 002b:00007f99606e5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1021.243877][T12793] RAX: ffffffffffffffda RBX: 00007f995fb35f80 RCX: 00007f995f97def9 [ 1021.251851][T12793] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1021.259914][T12793] RBP: 00007f99606e5090 R08: 0000000000000000 R09: 0000000000000000 [ 1021.267891][T12793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1021.275863][T12793] R13: 0000000000000000 R14: 00007f995fb35f80 R15: 00007fffa7424a88 [ 1021.283855][T12793] [ 1021.355579][T12797] netlink: 'syz.0.1184': attribute type 16 has an invalid length. [ 1021.363811][T12797] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.1184'. [ 1021.714485][ T5228] Bluetooth: hci1: command 0x0406 tx timeout [ 1023.145240][ T29] audit: type=1800 audit(1726821652.241:71): pid=12812 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.1190" name="/" dev="fuse" ino=1 res=0 errno=0 [ 1023.593799][ T8] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 1023.593954][ T9] usb 4-1: new full-speed USB device number 8 using dummy_hcd [ 1023.819266][ T8] usb 5-1: Using ep0 maxpacket: 32 [ 1024.417610][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1024.417677][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1024.417716][ T9] usb 4-1: New USB device found, idVendor=056a, idProduct=00b7, bcdDevice= 0.00 [ 1024.417742][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1024.423566][ T9] usb 4-1: config 0 descriptor?? [ 1024.452796][ T8] usb 5-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=bf.99 [ 1024.452860][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1024.452886][ T8] usb 5-1: Product: syz [ 1024.452904][ T8] usb 5-1: Manufacturer: syz [ 1024.452922][ T8] usb 5-1: SerialNumber: syz [ 1024.458179][ T8] usb 5-1: config 0 descriptor?? [ 1024.472366][T12836] netlink: 184472 bytes leftover after parsing attributes in process `syz.1.1196'. [ 1024.961631][T12840] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1197'. [ 1025.022517][T12806] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1025.045146][ T51] usb 5-1: USB disconnect, device number 10 [ 1025.251478][T12806] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1025.473133][ T9] usb 4-1: string descriptor 0 read error: -71 [ 1025.487229][ T9] usbhid 4-1:0.0: can't add hid device: -71 [ 1025.493385][ T9] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 1025.505496][ T9] usb 4-1: USB disconnect, device number 8 [ 1025.543175][ T51] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 1025.600758][T12846] FAULT_INJECTION: forcing a failure. [ 1025.600758][T12846] name failslab, interval 1, probability 0, space 0, times 0 [ 1025.613762][T12846] CPU: 1 UID: 0 PID: 12846 Comm: syz.1.1199 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 1025.624234][T12846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1025.634315][T12846] Call Trace: [ 1025.637601][T12846] [ 1025.640543][T12846] dump_stack_lvl+0x241/0x360 [ 1025.645262][T12846] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1025.650527][T12846] ? __pfx__printk+0x10/0x10 [ 1025.655172][T12846] ? ref_tracker_alloc+0x332/0x490 [ 1025.660336][T12846] should_fail_ex+0x3b0/0x4e0 [ 1025.665043][T12846] ? skb_clone+0x20c/0x390 [ 1025.669483][T12846] should_failslab+0xac/0x100 [ 1025.674187][T12846] ? skb_clone+0x20c/0x390 [ 1025.678628][T12846] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 1025.684056][T12846] skb_clone+0x20c/0x390 [ 1025.688333][T12846] __netlink_deliver_tap+0x3cc/0x7c0 [ 1025.693666][T12846] ? netlink_deliver_tap+0x2e/0x1b0 [ 1025.698919][T12846] netlink_deliver_tap+0x19d/0x1b0 [ 1025.704067][T12846] netlink_unicast+0x7c4/0x990 [ 1025.708868][T12846] ? __pfx_netlink_unicast+0x10/0x10 [ 1025.714193][T12846] ? __virt_addr_valid+0x183/0x530 [ 1025.719315][T12846] ? __check_object_size+0x49c/0x900 [ 1025.724631][T12846] netlink_sendmsg+0x8e4/0xcb0 [ 1025.729446][T12846] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1025.734768][T12846] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1025.740101][T12846] __sock_sendmsg+0x221/0x270 [ 1025.744804][T12846] ____sys_sendmsg+0x52a/0x7e0 [ 1025.749599][T12846] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1025.754906][T12846] __sys_sendmsg+0x2aa/0x390 [ 1025.759506][T12846] ? __pfx___sys_sendmsg+0x10/0x10 [ 1025.764644][T12846] ? vfs_write+0x7bf/0xc90 [ 1025.769122][T12846] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1025.775509][T12846] ? do_syscall_64+0x100/0x230 [ 1025.780312][T12846] ? do_syscall_64+0xb6/0x230 [ 1025.785036][T12846] do_syscall_64+0xf3/0x230 [ 1025.789570][T12846] ? clear_bhb_loop+0x35/0x90 [ 1025.794286][T12846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1025.800196][T12846] RIP: 0033:0x7f995f97def9 [ 1025.804630][T12846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1025.824280][T12846] RSP: 002b:00007f99606e5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1025.832738][T12846] RAX: ffffffffffffffda RBX: 00007f995fb35f80 RCX: 00007f995f97def9 [ 1025.840736][T12846] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1025.848720][T12846] RBP: 00007f99606e5090 R08: 0000000000000000 R09: 0000000000000000 [ 1025.856703][T12846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1025.864698][T12846] R13: 0000000000000000 R14: 00007f995fb35f80 R15: 00007fffa7424a88 [ 1025.872732][T12846] [ 1025.875871][ C1] vkms_vblank_simulate: vblank timer overrun [ 1025.943800][ T51] usb 1-1: device descriptor read/64, error -71 [ 1026.183926][ T51] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 1026.223749][ T9] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 1026.337217][ T51] usb 1-1: device descriptor read/64, error -71 [ 1026.509195][ T51] usb usb1-port1: attempt power cycle [ 1027.094523][ T51] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 1027.161008][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 1027.182453][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0 [ 1027.185686][ T51] usb 1-1: device descriptor read/8, error -71 [ 1027.192604][ T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x87 has invalid maxpacket 0 [ 1027.343188][ T9] usb 2-1: New USB device found, idVendor=065a, idProduct=0009, bcdDevice=1f.2e [ 1027.352695][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1027.366735][ T9] usb 2-1: Product: syz [ 1027.370976][ T9] usb 2-1: Manufacturer: syz [ 1027.380167][ T9] usb 2-1: SerialNumber: syz [ 1027.414973][T12863] FAULT_INJECTION: forcing a failure. [ 1027.414973][T12863] name failslab, interval 1, probability 0, space 0, times 0 [ 1027.451955][T12863] CPU: 0 UID: 0 PID: 12863 Comm: syz.2.1206 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 1027.462455][T12863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1027.472557][T12863] Call Trace: [ 1027.475885][T12863] [ 1027.478844][T12863] dump_stack_lvl+0x241/0x360 [ 1027.483554][T12863] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1027.488763][T12863] ? __pfx__printk+0x10/0x10 [ 1027.493386][T12863] ? __kmalloc_node_track_caller_noprof+0xb2/0x440 [ 1027.499900][T12863] ? __pfx___might_resched+0x10/0x10 [ 1027.505212][T12863] should_fail_ex+0x3b0/0x4e0 [ 1027.509907][T12863] should_failslab+0xac/0x100 [ 1027.514621][T12863] __kmalloc_node_track_caller_noprof+0xda/0x440 [ 1027.520962][T12863] ? __kernfs_new_node+0x9d/0x870 [ 1027.526005][T12863] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1027.532047][T12863] kstrdup+0x3a/0x80 [ 1027.535987][T12863] __kernfs_new_node+0x9d/0x870 [ 1027.540877][T12863] ? mark_lock+0x9a/0x360 [ 1027.545244][T12863] ? __lock_acquire+0x1384/0x2050 [ 1027.550316][T12863] ? __pfx___kernfs_new_node+0x10/0x10 [ 1027.555846][T12863] kernfs_new_node+0x137/0x240 [ 1027.560663][T12863] kernfs_create_dir_ns+0x43/0x120 [ 1027.565822][T12863] sysfs_create_dir_ns+0x189/0x3a0 [ 1027.570975][T12863] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1027.576652][T12863] kobject_add_internal+0x435/0x8d0 [ 1027.581946][T12863] kobject_add+0x152/0x220 [ 1027.586414][T12863] ? kobject_put+0x43d/0x480 [ 1027.591084][T12863] ? __pfx_kobject_add+0x10/0x10 [ 1027.596090][T12863] ? get_device_parent+0x25d/0x410 [ 1027.601251][T12863] ? device_add+0x318/0xbf0 [ 1027.605811][T12863] device_add+0x4e5/0xbf0 [ 1027.610208][T12863] ? __raw_spin_lock_init+0x45/0x100 [ 1027.615547][T12863] input_register_device+0xa53/0x1110 [ 1027.621052][T12863] uinput_create_device+0x40e/0x630 [ 1027.626308][T12863] uinput_ioctl_handler+0x488/0x1770 [ 1027.631639][T12863] ? __pfx_uinput_ioctl_handler+0x10/0x10 [ 1027.637409][T12863] ? __fget_files+0x3f3/0x470 [ 1027.642124][T12863] ? __pfx_uinput_ioctl+0x10/0x10 [ 1027.647189][T12863] __se_sys_ioctl+0xf9/0x170 [ 1027.651821][T12863] do_syscall_64+0xf3/0x230 [ 1027.653897][ T51] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 1027.656362][T12863] ? clear_bhb_loop+0x35/0x90 [ 1027.668696][T12863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1027.674632][T12863] RIP: 0033:0x7f9b23f7def9 [ 1027.679093][T12863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1027.698737][T12863] RSP: 002b:00007f9b24e09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1027.707277][T12863] RAX: ffffffffffffffda RBX: 00007f9b24135f80 RCX: 00007f9b23f7def9 [ 1027.709058][ T51] usb 1-1: device descriptor read/8, error -71 [ 1027.715254][T12863] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000003 [ 1027.715274][T12863] RBP: 00007f9b24e09090 R08: 0000000000000000 R09: 0000000000000000 [ 1027.715288][T12863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1027.715302][T12863] R13: 0000000000000000 R14: 00007f9b24135f80 R15: 00007ffe365e5cb8 [ 1027.753508][T12863] [ 1027.759687][ T9] usb 2-1: config 0 descriptor?? [ 1027.771532][ T9] opticon 2-1:0.0: opticon converter detected [ 1027.784200][T12863] kobject: kobject_add_internal failed for input11 (error: -12 parent: input) [ 1027.796029][ T9] usb 2-1: opticon converter now attached to ttyUSB0 [ 1027.824977][ T51] usb usb1-port1: unable to enumerate USB device [ 1027.986575][ T9] usb 2-1: USB disconnect, device number 12 [ 1028.000190][ T9] opticon ttyUSB0: opticon converter now disconnected from ttyUSB0 [ 1028.811826][ T9] opticon 2-1:0.0: device disconnected [ 1030.118502][ T9] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 1031.216861][ T9] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1031.228484][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 1031.251430][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1031.566270][T12904] input: syz0 as /devices/virtual/input/input12 [ 1031.766501][ T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1031.779697][ T9] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1031.788814][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1031.799584][ T9] usb 3-1: config 0 descriptor?? [ 1031.806616][T12891] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1033.197138][ T9] usbhid 3-1:0.0: can't add hid device: -71 [ 1033.203296][ T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 1033.214231][ T9] usb 3-1: USB disconnect, device number 10 [ 1033.539405][ T8] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 1033.737487][ T8] usb 1-1: Using ep0 maxpacket: 16 [ 1034.091229][ T8] usb 1-1: config 1 interface 0 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1034.210869][ T8] usb 1-1: config 1 interface 0 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 1034.230138][ T8] usb 1-1: config 1 interface 0 altsetting 255 bulk endpoint 0x3 has invalid maxpacket 64 [ 1034.241642][T12920] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1220'. [ 1034.251119][ T8] usb 1-1: config 1 interface 0 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 22 [ 1034.265652][ T8] usb 1-1: config 1 interface 0 has no altsetting 0 [ 1034.276026][ T8] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1034.449263][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1034.457439][ T8] usb 1-1: SerialNumber: syz [ 1034.476518][T12919] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 1035.428535][ T8] usb 1-1: USB disconnect, device number 18 [ 1036.232023][ T29] audit: type=1326 audit(1726821665.491:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12946 comm="syz.3.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e297def9 code=0x7ffc0000 [ 1036.253665][ C0] vkms_vblank_simulate: vblank timer overrun [ 1036.260515][ T29] audit: type=1326 audit(1726821665.491:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12946 comm="syz.3.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e297def9 code=0x7ffc0000 [ 1036.282516][ T29] audit: type=1326 audit(1726821665.491:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12946 comm="syz.3.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7f20e297def9 code=0x7ffc0000 [ 1036.304019][ C0] vkms_vblank_simulate: vblank timer overrun [ 1036.310401][ T29] audit: type=1326 audit(1726821665.491:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12946 comm="syz.3.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e297def9 code=0x7ffc0000 [ 1036.332269][ T29] audit: type=1326 audit(1726821665.491:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12946 comm="syz.3.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e297def9 code=0x7ffc0000 [ 1036.353788][ C0] vkms_vblank_simulate: vblank timer overrun [ 1036.360520][ T29] audit: type=1326 audit(1726821665.491:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12946 comm="syz.3.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f20e297def9 code=0x7ffc0000 [ 1036.382782][ T29] audit: type=1326 audit(1726821665.491:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12946 comm="syz.3.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e297def9 code=0x7ffc0000 [ 1036.404297][ C0] vkms_vblank_simulate: vblank timer overrun [ 1036.410640][ T29] audit: type=1326 audit(1726821665.491:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12946 comm="syz.3.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e297def9 code=0x7ffc0000 [ 1036.432481][ T29] audit: type=1326 audit(1726821665.491:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12946 comm="syz.3.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f20e297def9 code=0x7ffc0000 [ 1036.454158][ C0] vkms_vblank_simulate: vblank timer overrun [ 1036.460810][ T29] audit: type=1326 audit(1726821665.491:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12946 comm="syz.3.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e297def9 code=0x7ffc0000 [ 1036.512666][T12952] fuse: Bad value for 'fd' [ 1038.730049][T12973] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1235'. [ 1038.739234][T12973] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1235'. [ 1038.748282][T12973] netlink: 292 bytes leftover after parsing attributes in process `syz.4.1235'. [ 1038.822306][T12974] input: syz1 as /devices/virtual/input/input13 [ 1038.975210][T12976] bond_slave_0: entered promiscuous mode [ 1038.991785][T12976] bond_slave_0: entered allmulticast mode [ 1039.443129][T12968] bond_slave_0: left allmulticast mode [ 1039.450589][T12968] bond_slave_0: left promiscuous mode [ 1039.753237][ T8] usb 4-1: new low-speed USB device number 9 using dummy_hcd [ 1039.844195][T12971] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1233'. [ 1040.319562][T12984] FAULT_INJECTION: forcing a failure. [ 1040.319562][T12984] name failslab, interval 1, probability 0, space 0, times 0 [ 1040.336704][T12984] CPU: 1 UID: 0 PID: 12984 Comm: syz.4.1238 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 1040.347205][T12984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1040.357320][T12984] Call Trace: [ 1040.360616][T12984] [ 1040.363556][T12984] dump_stack_lvl+0x241/0x360 [ 1040.368265][T12984] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1040.373573][T12984] ? __pfx__printk+0x10/0x10 [ 1040.378189][T12984] ? kmem_cache_alloc_noprof+0x44/0x2a0 [ 1040.383754][T12984] ? __pfx___might_resched+0x10/0x10 [ 1040.389059][T12984] should_fail_ex+0x3b0/0x4e0 [ 1040.393753][T12984] ? __kernfs_new_node+0xd8/0x870 [ 1040.398793][T12984] should_failslab+0xac/0x100 [ 1040.403501][T12984] ? __kernfs_new_node+0xd8/0x870 [ 1040.408544][T12984] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 1040.413963][T12984] __kernfs_new_node+0xd8/0x870 [ 1040.418850][T12984] ? mark_lock+0x9a/0x360 [ 1040.423221][T12984] ? __lock_acquire+0x1384/0x2050 [ 1040.428265][T12984] ? __pfx___kernfs_new_node+0x10/0x10 [ 1040.433863][T12984] kernfs_new_node+0x137/0x240 [ 1040.438699][T12984] kernfs_create_dir_ns+0x43/0x120 [ 1040.443836][T12984] sysfs_create_dir_ns+0x189/0x3a0 [ 1040.448971][T12984] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1040.454626][T12984] kobject_add_internal+0x435/0x8d0 [ 1040.459862][T12984] kobject_add+0x152/0x220 [ 1040.464392][T12984] ? kobject_put+0x43d/0x480 [ 1040.469003][T12984] ? __pfx_kobject_add+0x10/0x10 [ 1040.473966][T12984] ? get_device_parent+0x25d/0x410 [ 1040.479096][T12984] ? device_add+0x318/0xbf0 [ 1040.483631][T12984] device_add+0x4e5/0xbf0 [ 1040.487984][T12984] ? __raw_spin_lock_init+0x45/0x100 [ 1040.493289][T12984] input_register_device+0xa53/0x1110 [ 1040.498686][T12984] uinput_create_device+0x40e/0x630 [ 1040.503915][T12984] uinput_ioctl_handler+0x488/0x1770 [ 1040.509277][T12984] ? __pfx_uinput_ioctl_handler+0x10/0x10 [ 1040.515483][T12984] ? __fget_files+0x3f3/0x470 [ 1040.520222][T12984] ? __pfx_uinput_ioctl+0x10/0x10 [ 1040.525291][T12984] __se_sys_ioctl+0xf9/0x170 [ 1040.529928][T12984] do_syscall_64+0xf3/0x230 [ 1040.534489][T12984] ? clear_bhb_loop+0x35/0x90 [ 1040.539192][T12984] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1040.545110][T12984] RIP: 0033:0x7f38d137def9 [ 1040.549545][T12984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1040.569174][T12984] RSP: 002b:00007f38d21aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1040.577607][T12984] RAX: ffffffffffffffda RBX: 00007f38d1535f80 RCX: 00007f38d137def9 [ 1040.585593][T12984] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000003 [ 1040.593578][T12984] RBP: 00007f38d21aa090 R08: 0000000000000000 R09: 0000000000000000 [ 1040.601563][T12984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1040.609570][T12984] R13: 0000000000000000 R14: 00007f38d1535f80 R15: 00007ffc82594048 [ 1040.617588][T12984] [ 1041.273975][T12984] kobject: kobject_add_internal failed for input14 (error: -12 parent: input) [ 1041.334061][T12980] bridge0: port 3(vlan0) entered blocking state [ 1041.340842][T12980] bridge0: port 3(vlan0) entered disabled state [ 1041.357991][T12980] vlan0: entered allmulticast mode [ 1041.380937][T12980] veth0_vlan: entered allmulticast mode [ 1041.393798][ T8] usb 4-1: Invalid ep0 maxpacket: 16 [ 1041.423136][T12980] vlan0: entered promiscuous mode [ 1041.444808][T12980] bridge0: port 3(vlan0) entered blocking state [ 1041.452042][T12980] bridge0: port 3(vlan0) entered forwarding state [ 1041.534590][T12980] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check. [ 1041.590852][T12986] vlan0: left allmulticast mode [ 1041.610022][T12986] veth0_vlan: left allmulticast mode [ 1041.617121][T12986] vlan0: left promiscuous mode [ 1041.623989][T12986] bridge0: port 3(vlan0) entered disabled state [ 1044.949396][T13010] ======================================================= [ 1044.949396][T13010] WARNING: The mand mount option has been deprecated and [ 1044.949396][T13010] and is ignored by this kernel. Remove the mand [ 1044.949396][T13010] option from the mount to silence this warning. [ 1044.949396][T13010] ======================================================= [ 1046.592980][T13043] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1250'. [ 1048.877365][ T5274] libceph: connect (1)[c::]:6789 error -101 [ 1048.883547][ T5274] libceph: mon0 (1)[c::]:6789 connect error [ 1049.317464][ T5314] libceph: connect (1)[c::]:6789 error -101 [ 1049.365013][ T5314] libceph: mon0 (1)[c::]:6789 connect error [ 1049.970556][T13090] kAFS: unparsable volume name [ 1050.010568][ T5274] libceph: connect (1)[c::]:6789 error -101 [ 1050.068404][ T5274] libceph: mon0 (1)[c::]:6789 connect error [ 1050.146458][T13074] ceph: No mds server is up or the cluster is laggy [ 1050.253801][ T8] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 1050.492349][T13095] smc: adding net device pimreg with user defined pnetid SYZ2 [ 1050.612623][T13095] pimreg: entered allmulticast mode [ 1050.619374][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1050.645631][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1050.690462][ T8] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1050.725472][T13101] deleting an unspecified loop device is not supported. [ 1050.729730][ T8] usb 3-1: New USB device found, idVendor=28bd, idProduct=0055, bcdDevice= 0.00 [ 1051.111250][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1051.165178][ T8] usb 3-1: config 0 descriptor?? [ 1051.433840][T10923] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 1052.117312][ T8] uclogic 0003:28BD:0055.0001: interface is invalid, ignoring [ 1052.136956][ T8] usb 3-1: USB disconnect, device number 11 [ 1052.443521][T13124] FAULT_INJECTION: forcing a failure. [ 1052.443521][T13124] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1052.445569][T10923] usb 4-1: Using ep0 maxpacket: 16 [ 1053.477839][T10923] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1053.505844][T10923] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1053.569787][T10923] usb 4-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00 [ 1053.576553][T13124] CPU: 0 UID: 0 PID: 13124 Comm: syz.1.1276 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 1053.579097][T10923] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1053.589272][T13124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1053.589297][T13124] Call Trace: [ 1053.589308][T13124] [ 1053.589319][T13124] dump_stack_lvl+0x241/0x360 [ 1053.618349][T13124] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1053.623600][T13124] ? __pfx__printk+0x10/0x10 [ 1053.628250][T13124] ? snprintf+0xda/0x120 [ 1053.632513][T13124] should_fail_ex+0x3b0/0x4e0 [ 1053.637208][T13124] _copy_to_user+0x2f/0xb0 [ 1053.641673][T13124] simple_read_from_buffer+0xca/0x150 [ 1053.647075][T13124] proc_fail_nth_read+0x1e9/0x250 [ 1053.652134][T13124] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1053.657705][T13124] ? rw_verify_area+0x55e/0x6f0 [ 1053.662583][T13124] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1053.668195][T13124] vfs_read+0x201/0xbc0 [ 1053.672379][T13124] ? __pfx_tomoyo_socket_bind_permission+0x10/0x10 [ 1053.678927][T13124] ? __pfx_vfs_read+0x10/0x10 [ 1053.683681][T13124] ? do_sys_openat2+0x17a/0x1d0 [ 1053.688592][T13124] ? __sys_bind+0x250/0x2e0 [ 1053.693120][T13124] ? __fdget_pos+0x265/0x320 [ 1053.697750][T13124] ksys_read+0x1a0/0x2c0 [ 1053.702119][T13124] ? __pfx_ksys_read+0x10/0x10 [ 1053.706913][T13124] ? do_syscall_64+0x100/0x230 [ 1053.711707][T13124] ? do_syscall_64+0xb6/0x230 [ 1053.716417][T13124] do_syscall_64+0xf3/0x230 [ 1053.720955][T13124] ? clear_bhb_loop+0x35/0x90 [ 1053.725666][T13124] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1053.731579][T13124] RIP: 0033:0x7f995f97c93c [ 1053.736016][T13124] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 1053.755749][T13124] RSP: 002b:00007f99606e5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1053.764190][T13124] RAX: ffffffffffffffda RBX: 00007f995fb35f80 RCX: 00007f995f97c93c [ 1053.772176][T13124] RDX: 000000000000000f RSI: 00007f99606e50a0 RDI: 0000000000000004 [ 1053.780163][T13124] RBP: 00007f99606e5090 R08: 0000000000000000 R09: 0000000000000000 [ 1053.788171][T13124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1053.796158][T13124] R13: 0000000000000000 R14: 00007f995fb35f80 R15: 00007fffa7424a88 [ 1053.804152][T13124] [ 1053.817746][T10923] usb 4-1: config 0 descriptor?? [ 1054.398012][T10923] usb 4-1: can't set config #0, error -71 [ 1054.421231][T10923] usb 4-1: USB disconnect, device number 11 [ 1055.303562][ T1264] ieee802154 phy0 wpan0: encryption failed: -22 [ 1055.310060][ T1264] ieee802154 phy1 wpan1: encryption failed: -22 [ 1055.438670][T13144] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 1055.582642][T13150] fuse: Bad value for 'user_id' [ 1055.600774][T13150] fuse: Bad value for 'user_id' [ 1056.553546][T13147] netlink: 138192 bytes leftover after parsing attributes in process `syz.1.1279'. [ 1056.578746][T13147] netlink: zone id is out of range [ 1056.585489][T13147] netlink: zone id is out of range [ 1056.590818][T13147] netlink: zone id is out of range [ 1057.147541][T13147] netlink: zone id is out of range [ 1057.158528][T13147] netlink: zone id is out of range [ 1057.167766][T13147] netlink: zone id is out of range [ 1058.154749][T13147] netlink: zone id is out of range [ 1058.160002][T13147] netlink: zone id is out of range [ 1058.367105][T13172] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1287'. [ 1058.443810][T13147] netlink: zone id is out of range [ 1059.478353][T13181] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1289'. [ 1059.734758][T13184] 9pnet_fd: Insufficient options for proto=fd [ 1059.871581][T13187] netlink: 'syz.2.1293': attribute type 1 has an invalid length. [ 1062.204252][T13206] tipc: Started in network mode [ 1062.209157][T13206] tipc: Node identity ac1414aa, cluster identity 4711 [ 1062.267997][T13206] tipc: Enabled bearer , priority 10 [ 1062.850044][T13217] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1301'. [ 1063.011897][T13223] netlink: 'syz.4.1295': attribute type 16 has an invalid length. [ 1063.067660][T13223] netlink: 64138 bytes leftover after parsing attributes in process `syz.4.1295'. [ 1063.386012][T10923] tipc: Node number set to 2886997162 [ 1064.563910][ T5234] Bluetooth: hci0: unexpected event for opcode 0x0c7a [ 1066.027829][T13248] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1307'. [ 1067.600085][T13267] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1312'. [ 1067.813044][ T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 1069.130523][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1069.141563][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1069.154110][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1069.172110][ T9] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1069.182198][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1069.206820][ T9] usb 5-1: config 0 descriptor?? [ 1069.337994][T13290] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1317'. [ 1069.504038][ T8] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 1069.667816][ T9] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 1069.682448][ T9] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 1069.766476][ T8] usb 3-1: Using ep0 maxpacket: 8 [ 1069.777157][ T9] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 1069.931607][ T5314] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 1070.004186][ T8] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1070.141161][ T8] usb 3-1: config 11 has an invalid interface number: 244 but max is 0 [ 1070.150048][ T8] usb 3-1: config 11 has no interface number 0 [ 1070.156495][ T8] usb 3-1: config 11 interface 244 altsetting 5 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1070.166663][ T8] usb 3-1: config 11 interface 244 has no altsetting 0 [ 1070.191672][ T8] usb 3-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=57.8a [ 1070.204665][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1070.264642][ T8] usb 3-1: Product: syz [ 1070.268994][ T8] usb 3-1: Manufacturer: syz [ 1070.273784][ T8] usb 3-1: SerialNumber: syz [ 1070.310538][ T5314] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1070.321661][ T5314] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1070.335254][ T5314] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1070.344954][ T5314] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1070.356612][ T5314] usb 2-1: config 0 descriptor?? [ 1070.801230][T13299] loop4: detected capacity change from 0 to 2 [ 1070.827061][T13300] blk_print_req_error: 19 callbacks suppressed [ 1070.827117][T13300] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0 [ 1071.234689][ T7713] usb 5-1: reset high-speed USB device number 11 using dummy_hcd [ 1072.047611][ T8] usb 3-1: USB disconnect, device number 12 [ 1072.711111][ T9] usb 5-1: USB disconnect, device number 11 [ 1075.480873][ T5314] usbhid 2-1:0.0: can't add hid device: -32 [ 1075.488044][ T5314] usbhid 2-1:0.0: probe with driver usbhid failed with error -32 [ 1076.805454][T13344] ------------[ cut here ]------------ [ 1076.810993][T13344] WARNING: CPU: 1 PID: 13344 at include/linux/cpumask.h:135 io_sq_offload_create+0xd2f/0xfd0 [ 1076.821908][T13344] Modules linked in: [ 1076.826072][T13344] CPU: 1 UID: 0 PID: 13344 Comm: syz.3.1330 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 1076.836626][T13344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1076.846807][T13344] RIP: 0010:io_sq_offload_create+0xd2f/0xfd0 [ 1076.852847][T13344] Code: 43 f6 e9 57 f4 ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c a2 f3 ff ff 48 89 df e8 8c 8a 43 f6 e9 95 f3 ff ff e8 92 29 df f5 90 <0f> 0b 90 e9 f3 fc ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 4c [ 1076.872665][T13344] RSP: 0018:ffffc90004507c40 EFLAGS: 00010287 [ 1076.879169][T13344] RAX: ffffffff8bb5953e RBX: ffffc90004507e0c RCX: 0000000000040000 [ 1076.887945][T13344] RDX: ffffc90009179000 RSI: 0000000000000b1d RDI: 0000000000000b1e [ 1076.896621][T13344] RBP: ffffc90004507d40 R08: ffffffff8bb5922b R09: 1ffffffff20365d5 [ 1076.904798][T13344] R10: dffffc0000000000 R11: fffffbfff20365d6 R12: ffff88807dcac000 [ 1076.912823][T13344] R13: 0000000004000000 R14: 1ffff920008a0f94 R15: ffffc90004507cc0 [ 1076.920902][T13344] FS: 00007f20e36d26c0(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000 [ 1076.930054][T13344] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1076.936799][T13344] CR2: 0000000020c18000 CR3: 0000000054df6000 CR4: 00000000003506f0 [ 1076.944880][T13344] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1076.952961][T13344] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1076.961016][T13344] Call Trace: [ 1076.964386][T13344] [ 1076.967331][T13344] ? __warn+0x168/0x4e0 [ 1076.971496][T13344] ? io_sq_offload_create+0xd2f/0xfd0 [ 1076.976999][T13344] ? report_bug+0x2b3/0x500 [ 1076.981520][T13344] ? io_sq_offload_create+0xd2f/0xfd0 [ 1076.987360][T13344] ? handle_bug+0x60/0x90 [ 1076.991703][T13344] ? exc_invalid_op+0x1a/0x50 [ 1076.996977][T13344] ? asm_exc_invalid_op+0x1a/0x20 [ 1077.002044][T13344] ? io_sq_offload_create+0xa1b/0xfd0 [ 1077.007524][T13344] ? io_sq_offload_create+0xd2e/0xfd0 [ 1077.012912][T13344] ? io_sq_offload_create+0xd2f/0xfd0 [ 1077.018345][T13344] ? __pfx_io_sq_offload_create+0x10/0x10 [ 1077.024350][T13344] ? io_allocate_scq_urings+0x426/0x640 [ 1077.029911][T13344] io_uring_create+0x792/0x1360 [ 1077.034899][T13344] __se_sys_io_uring_setup+0x2ba/0x330 [ 1077.040379][T13344] ? __pfx___se_sys_io_uring_setup+0x10/0x10 [ 1077.046439][T13344] ? do_syscall_64+0x100/0x230 [ 1077.051248][T13344] ? do_syscall_64+0xb6/0x230 [ 1077.056166][T13344] do_syscall_64+0xf3/0x230 [ 1077.060767][T13344] ? clear_bhb_loop+0x35/0x90 [ 1077.065663][T13344] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1077.071779][T13344] RIP: 0033:0x7f20e297def9 [ 1077.076363][T13344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1077.096854][T13344] RSP: 002b:00007f20e36d2038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1077.106027][T13344] RAX: ffffffffffffffda RBX: 00007f20e2b36058 RCX: 00007f20e297def9 [ 1077.114265][T13344] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 000000000000354c [ 1077.122328][T13344] RBP: 00007f20e29f0b76 R08: 0000000000000000 R09: 0000000000000000 [ 1077.130425][T13344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1077.138815][T13344] R13: 0000000000000000 R14: 00007f20e2b36058 R15: 00007ffc538a7b38 [ 1077.147041][T13344] [ 1077.150146][T13344] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1077.157444][T13344] CPU: 1 UID: 0 PID: 13344 Comm: syz.3.1330 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 1077.167892][T13344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1077.177962][T13344] Call Trace: [ 1077.181282][T13344] [ 1077.184225][T13344] dump_stack_lvl+0x241/0x360 [ 1077.189190][T13344] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1077.194427][T13344] ? __pfx__printk+0x10/0x10 [ 1077.199132][T13344] ? vscnprintf+0x5d/0x90 [ 1077.203547][T13344] panic+0x349/0x880 [ 1077.207509][T13344] ? __warn+0x177/0x4e0 [ 1077.211712][T13344] ? __pfx_panic+0x10/0x10 [ 1077.216194][T13344] __warn+0x34b/0x4e0 [ 1077.220198][T13344] ? io_sq_offload_create+0xd2f/0xfd0 [ 1077.225618][T13344] report_bug+0x2b3/0x500 [ 1077.230010][T13344] ? io_sq_offload_create+0xd2f/0xfd0 [ 1077.235408][T13344] handle_bug+0x60/0x90 [ 1077.239579][T13344] exc_invalid_op+0x1a/0x50 [ 1077.244098][T13344] asm_exc_invalid_op+0x1a/0x20 [ 1077.248966][T13344] RIP: 0010:io_sq_offload_create+0xd2f/0xfd0 [ 1077.254971][T13344] Code: 43 f6 e9 57 f4 ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c a2 f3 ff ff 48 89 df e8 8c 8a 43 f6 e9 95 f3 ff ff e8 92 29 df f5 90 <0f> 0b 90 e9 f3 fc ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 4c [ 1077.274605][T13344] RSP: 0018:ffffc90004507c40 EFLAGS: 00010287 [ 1077.280781][T13344] RAX: ffffffff8bb5953e RBX: ffffc90004507e0c RCX: 0000000000040000 [ 1077.288767][T13344] RDX: ffffc90009179000 RSI: 0000000000000b1d RDI: 0000000000000b1e [ 1077.296768][T13344] RBP: ffffc90004507d40 R08: ffffffff8bb5922b R09: 1ffffffff20365d5 [ 1077.304798][T13344] R10: dffffc0000000000 R11: fffffbfff20365d6 R12: ffff88807dcac000 [ 1077.312782][T13344] R13: 0000000004000000 R14: 1ffff920008a0f94 R15: ffffc90004507cc0 [ 1077.320798][T13344] ? io_sq_offload_create+0xa1b/0xfd0 [ 1077.326209][T13344] ? io_sq_offload_create+0xd2e/0xfd0 [ 1077.331611][T13344] ? __pfx_io_sq_offload_create+0x10/0x10 [ 1077.337372][T13344] ? io_allocate_scq_urings+0x426/0x640 [ 1077.343029][T13344] io_uring_create+0x792/0x1360 [ 1077.347909][T13344] __se_sys_io_uring_setup+0x2ba/0x330 [ 1077.353423][T13344] ? __pfx___se_sys_io_uring_setup+0x10/0x10 [ 1077.359442][T13344] ? do_syscall_64+0x100/0x230 [ 1077.364242][T13344] ? do_syscall_64+0xb6/0x230 [ 1077.368943][T13344] do_syscall_64+0xf3/0x230 [ 1077.373470][T13344] ? clear_bhb_loop+0x35/0x90 [ 1077.378168][T13344] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1077.384077][T13344] RIP: 0033:0x7f20e297def9 [ 1077.388506][T13344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1077.408133][T13344] RSP: 002b:00007f20e36d2038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1077.416566][T13344] RAX: ffffffffffffffda RBX: 00007f20e2b36058 RCX: 00007f20e297def9 [ 1077.424552][T13344] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 000000000000354c [ 1077.432541][T13344] RBP: 00007f20e29f0b76 R08: 0000000000000000 R09: 0000000000000000 [ 1077.440523][T13344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1077.448500][T13344] R13: 0000000000000000 R14: 00007f20e2b36058 R15: 00007ffc538a7b38 [ 1077.456493][T13344] [ 1077.459647][T13344] Kernel Offset: disabled [ 1077.463979][T13344] Rebooting in 86400 seconds..