last executing test programs: 30.762824236s ago: executing program 1 (id=4493): r0 = signalfd4(0xffffffffffffffff, &(0x7f00000002c0)={[0x5]}, 0x8, 0x80800) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, r0, 0xfffffffd}, 0x48) r2 = socket$inet6_dccp(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000000)={@remote, 0x31}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) sendmsg$NL80211_CMD_SET_COALESCE(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000000)={0x28, r4, 0x1, 0x0, 0x0, {{0x2}, {@void, @val={0xc}}}, [@NL80211_ATTR_COALESCE_RULE_DELAY={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80420c01}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x24, r4, 0x200, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20044004}, 0x8842) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000d40)=ANY=[@ANYBLOB="180000000000e3ff000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b708000000e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = getpid() sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7) ioperm(0x0, 0x7, 0x7) ioperm(0x50b, 0x1, 0x400000000000f) 27.348438641s ago: executing program 1 (id=4496): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) 27.116716658s ago: executing program 1 (id=4497): gettid() openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000ffff0000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$inet6(r6, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @remote}, 0x1c, 0x0, 0x0, &(0x7f0000003700)=ANY=[@ANYBLOB="b005000000000000290000003600000000b2"], 0x5b0}, 0x20008001) sendmsg$inet6(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000280)="3cb7e9e5c30a05c41dd519ab070a98338518476f7b4ee0b1c320fdc6d96ca36805a6391803b3e80000000008b2d6896eb095a97590d01089d7e1a85df4dfa1c226da1baab7e9474cd7c25d7fcb8e77d641098a19ee", 0x55}], 0x1}, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in=@loopback, 0x4e21, 0x4, 0x4e20, 0x7f, 0x2, 0xa0, 0x20, 0x89874b02b691363f, 0x0, 0xee01}, {0xbddc, 0x400000000000000, 0x3, 0x3, 0x9, 0x9, 0x7, 0x6}, {0xf07, 0x4, 0x0, 0x7}, 0x7fffffff, 0x6e6bc0, 0x1, 0x0, 0x5, 0x1}, {{@in=@loopback, 0x4d3, 0x3c}, 0x2, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x34ff, 0x0, 0x3, 0x3, 0x4, 0xe6b}}, 0xe8) 26.113850078s ago: executing program 1 (id=4501): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f0000004bc0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000b80)="1ee88f78de7d57006d8ffa3f1d92c228a43f", 0x12}, {&(0x7f0000001bc0)="5c89eeb1aa86c6f680f09cc1c1d4bc5fc6a067d295afd3aa97af3d777b81db48f9ceb270e506af840503c6fbf20760e4cd8df9c220cd0728585229123d5c61507d00561b8f1a15e64fa2779be424fdeff46058eaee7acfc80b2ae9840e9ac1e33ac8378c98695a08bdb8f2a756b1704c036e3b0ff2d1e9d397a82e24debd371e6855b7dc2dea47d57a9dfbf4fb2ccb3f975c3851c6b5399ab80c4ba95604f70a69674cfe820d82fb06b243625a8a9e4ee52e7c2ec4d63241fb00efd1a485a36dfb4a7dd573c6584c4afc55b3ff0a93509fe41aa0e8892c95ccad3e0435071aff78177e946cf231de4f389b695c5f49772b8abb6b88226fd4c2b0c57d47b98f2aa1b2ec38c4a97f3783023f04cdb380dd6a00d2fc63c932a9876863728e1fcb245109713c16375ffc68b041b86f737c41233cf2a05e51699db6a0e3c4b82b9ca613bea89cefd2ace608e361379b1aeefb75d0aa2db26dcddc9365a8c02f49af78aa6b41599fa501f9b96824bed5cff2028bb06f3852e69b3e58b659606b7ff7e282473701c95f1da7e742b76392f90a89c65577415c62e2b495027153030cf761b44eb1ce8816f14b71f4ecb066111dea78d77fa4b58bc3b27250a516cd5f90b3df608a06eca61970a028193f5ef07ab0cc90936633e4894831d5294011e1dd1f157fe36b0897bc2d8269989a85a326038ef0f6fcec6d5fc1d88f552e2c840489e4b2df437162a800bbf60068f2a382bb4921afeee040d23aae0b3104fe8c4ae098cc71600bb5bec7393b35b4b6066f2ef0c32f5b0a3fec9a005a55293c87437354f8bcb3d8ff36d80cd300c1dddfe331c7eb82a85daa8c2bd5c3ecddb0dec54a85638154b479644ecc2f266994eca97618113ed709734f98a9f6e09f3fb117ebd03e21553e016aa1421eb14c67cb64c4707b0958cfd08776fa1055f5bff34987891c70065b724832560c9e567801fcecc20c399f4857dffc765b79fa4a28f457b3af64180e1094806a65f7fcc73eac94221a707dd8d679b018ce4df7fd960fe305836dc0507aba04e52dc9256ddd20747b4dd1a9214231743ace12ee9e7dae8f6adbef78096f6865731cf1afb8cad3e9b860e0a319a3a3a401aac8a5ed95107e06c7f722b4388d1c3603bf300e92dde9c5b36d59e9374a8a75773f6abcd106e8456f579c4d3c1d3cd29bc4b18985ff6ffd0f6344d547d4f888d150477b6c0a85e3b3234652dce2102d14c8ba9030bc2f4b5860e41ee622ebb62fa1b5886010fa7f894e540e696fb849eaae4f13bcf23b27c2de80a7a79e214125e26a77047277821817f92a7bb7905a5b47f00faeefbf58344a2374294edc97ffcccea02779a7580365d8444a5198659a194eca3c2a800823e7b6feaa4eec37c4c6627bbe212edb591c39dcf67d61f3d032e0f1071fd5387dc5ca22332e4f065780cc32643fd4c32c1c59c0128da369267e7900bc672767ea80a504cd21dbb61932bf0f497eb2494266cd4a321444cd1bea26956845dd0e992e2a073e80bff16044d012ebb1f269a91f75f0a565cdf30d11c5", 0x44c}], 0x2}}], 0x3, 0x0) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27) 22.700511369s ago: executing program 1 (id=4505): mkdir(&(0x7f0000000300)='./file0\x00', 0x2) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000004c0)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00000039c0)=ANY=[@ANYBLOB="180000000300000000000000a012544f95002b000000000093adffa82255f674412d020000000000005ab527ee3697f1ed4436dd1164b1b3f427f6ba6b34f98125f30e631d273683626e00dc254d570d4a6b78a5833488cfe410090000004aa900003d3cd62f00158e6eee8501000000520a0000151d016e6cafbe9309aba218812868a51d129e78f6ae170bf5a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b000024b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e8b701d2d17ebc406e89dcbb7677e6528b0856e31eb9474c0106fc48e1f8c1a5f6945ac24cf609068f6ff21e88b3cfc22df01d51e242443618c02e0a428da651366e4bac9d97328fa2a82b5e8741e02056d933bedf59ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e148bf56497e5d56d06c7551b870b2851c3f0a1aab7158edeeccd92e3a88dc0f432187ce92d7b17a21c8f1b3369ebfcb4cb2946601b0f04edb256c604f068773f6db9d661bd7f0e2536f00000000000000005521458b7d1e341c6f864f983d745f5865aad41d29158ae7602a2d6cd415e8351ebc283df54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121a96eb373845255012e028cb2654d493afb4b35faae176f99b745eda2967199cc93685bb444f9bc50713061385537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d0007ae4e1e347c0cff28235a6bb7aa3804b907a8f2880c5cb1cb385e6add14652003c7cdd3324f07d1ff07000000000000000009dd872ec64fa6c718bbd1aa591140cff0be4c6f8df084c5e9734ae30aa9afdc7125f01ab03a9b1074407136b4506000f0916aada035df2e0452a9b39e73aeeb6eaf14652dda689e2051d9b7eb85f3f2d5ab2c51944da8d7391d5b6b97419a3b76600cd1aa0afe5f8f46df4c5124ca425d374b371867a79b31f3f514573f1e30d1fd2d763f3ee9210b15c1d60be2168fffcd599a2cb77f124e22f87673675805494db821f39b50d5fd8c6b2a3a324c257bc97def5f07f2b77f05a4f81a9cf8110971b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c4407eca22debc99335583b00013c3130978fa069af8223b38ced735c2d90c6d84c30a0d87d42647489b39601be5c27696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f240080000534187738655d7a6240412c8f283cc0c1eba2866dc9580000000000000007fffffffff554b82d9c162f3556076b80552d961ca74d1ffdaccf0ea5f02e0163a9ccb9087e6c3b3917bb74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb01f7ada800e50000000000fdaf2f7b3b79a433e08074ea2462974ab2cbd2190780fa39c43ea647eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433d866665b98ca2002c836e89feef904c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc8d0834fb8d124638fec58faeb4c16abb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a68d2bb2dd163e863314e8449801b52bb93f6c9084659ce777dda8563c859656a357770289a61faa95a82bf1cfb7f2f97252e9322abe282c3344fc6738b4467893b9bf0000000000000001062a35376413c29f7c6f7bde29b9f4bddd5e328661f4615e627a6f608ad53a4168fe8e5d7d934aa289b4bd2b870000000000000000000000000000fc4b4ff50000009b777883a02ffd92dfc4cb4114b9f9cf4ad155110cd3ace2b322ae31bfa27847c799c8869a1ea5018e525e6383ad7fd9795170e7b11e247603000000001459c7f606d721d3979676bffb3049166ab84ac1061991bd57c2566c10c296352a5105b6164e3f2491e4793e2b70590dcc71f110da96366c40dd44a2c9882d3aa0f8a797b8fea6efcfb5276b7679f15559cdaabf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5002adef9546abb7a2d9c085b189b5ff30e4e0c13f60870fde1f88d830b11002135e8e7262f29b6d7923bfbe0bd2a8be179e56b41ff3792cee2fc37eee739c3008ce740d8804f8e705f0dc59d000021363e8df94ff175b48dc8c12def681a11647946595445bf1cb7d2778cd27a6b3b2966b08be600000020a8a711d193bae0ab2db9ed9c6cb3c3de42ab89524414cae922141f7baf17ebb790ad60bd0387837e63f9880fd70259e35590afb4843cd4e9989398eaa89cefb3aa13cab8d015cbaf1561d95362decd73b8f8cbf8269cac091cfaaa3c7e46d6e79145fc0f1d1b383752ccb40515a772356d746914540216adf4c0f44f1cff3760afa252720ec6dad3a98671ecdaff46cddffb1f05a0c0976070d603a442d014822369fa3eacbb69bd1b0a074357acd5d02161fed146ad3aa15d2b8101b7bd1e091ada78ecd50181f4b35cae1b29aff91494c916323b61f815c4e0701657087ad11eef97952921365bc898ba2c76a9b6e0052f43b1ad2dfdf3f958fc1d32e692bc8846c78a956ada453c67c1c2cdc4f8b1c94e9adc106e85b31e030d955c5578e107a6e8ca0d4dd05344c3e2af25d9a3b0f7805624016aeab271a75f0bacb101a156ef8948064569154a7de08f80e4df4c339b69431b0a5671097d89212b465b0b32275deae10a77e334c9fc074d181bdeb5be80a6249d472e78e6be57a5ccd354cf181e099605a644ecade221a2be926210b2690d09e4b7a3dea25403397439979c27d5613262de10bacecfff2d58437f012df4252c018795310c25e8fce18ed366ac2caade564ca869727a7d63c26271e17d7aba48971835530311545273d3caadeb5d2017dc816126b6f2068f68a4111ddd587b5df4b5d8f1ce00231a2092eb2e797c491a1e66f73606fd95bb01b53a2d862b6262f0259da51ff7517ace7361460a4669a97f7d0bf095c2787f00bdbfee19670d1e0ec5e6c3cb09972fa4d94986157b96d6695177c99d83716651129320924352cda7b8ead91c3301af620c1e8d7004d29ad77f54836779600bb0b247139d429df96362db3ecfbd36fa8164fabdcf2e58b720e8e1c03a74daf593f92a8ecc03f8c8e3af9ae07dc03780cc0d69da9e3528c1693fb51998731992ceb27dcc0be5be4decefe41b78bc1847bf54b087e095172f06cfa6d4bf958b1d4544947ff1230655199db4f475006047fe83caca97758dffa53cee764f85932eb20d54241b2d515c0826dfe1f0f40ae920455a4548fb35e2a345c05b1c252b7877bb3d834b0b3579a36249146f832ef258df5127318c7017ac1a996c4f902f82deb60fd113ccf812d55ffd625057bd4ff3960992b85bc8d32edfca386be16b1c549aec52e31e1405f86c7760282901750b732ec06b0db735222a56f3ebb16fad3e9269495230cd88b0ea2e3affa196a2f0adf733bc6afd37a659ecc933d636c1b27d3a16c5ea25301f9b5789e4aa8e7228e3002f146aa5e575bb74b1ebb82147edf8161d362704377058e887c608be8719ea1b6c490f79e0832e2ddd7e217c7adddd4731e032d7eb35bdc38160c676d840e2e8be9033a686cf7061f5f55e2851736aa8c2f3bad8ac05c048e20d8c03b68008a70b8f80c93ebd2ababb5c65fe9abc4642d7b58d8c93efd7b6b39c68a16d75a7852dfc37a6a50cb28a9b6f685a465d08fc603d81d8ddd5296fae97be1401a8be7748a71fcdc85ba2049e96c4e6dce59b88cd5472726bc237fbcf3ffcbf32e2aac9b2f9d6013b59780ded723b08c767fa091e2fa4d51863500fcd5041bcc98a685504835743194113ea0b97b4f9ddc395b9ac4defefadd37a8871fd91f31a56eb96ecf90000000000000000000000000000000000000000000c447ea475c236c3b7f24079fe375f3f861fc54d9d8a04a6cb8c0dbf9e9cc53a84a5795ae5ebcbd825e3572df16fbdcd395e995fa4fcbbf31583d9e1d3ff537f401a3139200a8bd2122157887199cd54075a4d5b29935dda5c6aa0f3ac6895eb73c7abbd4603abdaa8629dedb2cab0fa80f9514ad310491a9a300015c18cdfd9342cff50d849d7516134d45d1a8cf157abe0c79de543993cf689f8a7113508fbf8a610417045e6c38a5d4ff4656dbd9656ad6ce625e1674ab57944ebb834743a248a2be304ba1e037cb63a169d340be8befc1b238aa26e24"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x7}, 0x48) r7 = socket$kcm(0x29, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r7, 0x89e0, &(0x7f0000000180)={r2, r6}) write(r7, 0x0, 0x0) r8 = dup(r1) write$P9_RLERRORu(r8, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r8, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r8, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @private2}}}, 0x30) write$binfmt_elf64(r8, &(0x7f0000000280)=ANY=[@ANYBLOB="7f450700000053c407cd"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[{@access_uid={'access', 0x3d, 0xee00}}], [], 0x6b}}) 19.50109827s ago: executing program 1 (id=4513): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) ptrace$ARCH_MAP_VDSO_64(0x1e, 0x0, 0x0, 0x2003) ptrace$getregs(0xffffffffffffffff, 0x0, 0x6, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) recvmmsg(r2, 0x0, 0x0, 0x45833af92e4b39ff, 0x0) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r3 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) sendfile(r3, 0xffffffffffffffff, 0x0, 0x0) r4 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0x40045532, &(0x7f0000000100)) r5 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r5, 0x80045017, 0x0) r6 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) preadv(r4, &(0x7f0000000000)=[{&(0x7f0000000200)=""/250, 0xfa}], 0x1, 0x2, 0x950f) ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(r6, 0x40184150, &(0x7f0000000080)={0x0, &(0x7f00000015c0)='N', 0x1}) ioctl$SNDRV_PCM_IOCTL_FORWARD(r6, 0x40084149, &(0x7f0000000140)=0x3) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000001c0)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x2}]}, 0x10) 15.436196985s ago: executing program 0 (id=4518): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000100)={'erspan0\x00', &(0x7f0000000180)={'syztnl2\x00', 0x0, 0x20, 0x0, 0x4, 0xcf, {{0x5, 0x4, 0x3, 0x7, 0x14, 0x66, 0x0, 0xba, 0x4, 0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002002000000004000100080004"], 0x44}}, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r3, 0x0) ftruncate(r3, 0xc17a) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r5 = getpid() sched_setscheduler(r5, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bind$alg(0xffffffffffffffff, 0x0, 0x0) r7 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) bind$llc(r7, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x0, 0x3, 0x0, @broadcast}, 0x10) setuid(r4) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x3, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000876f3db8412f2a7e62b5c1778b7443461c02c3777514770ad91621c28e4107ece22541cc2e33bc3578db543ece476704007fedc9c8a7d51364861b64076ce467acf3909460d7134422b67bd085d4fa0b8c22807418459722749dd2ee644d2935ddcfc7ccbde1d3df9ff6a48b1fa902ac82bfcdf39dceb161e6a1c8415a9904fde38ec7cd77e5c325486c48ab746ee59e0b1c53ffadc85aa7f10b960b6cd76354e4fa3379419b15c131f57e427775719976b62da6"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff) r9 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000400)={r8, r9, 0x9, 0x0, @void}, 0x10) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000002c0)={&(0x7f00000005c0)={0xd8, r1, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@ETHTOOL_A_STRSET_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0xb0, 0x2, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0xcd77ab766fd859ec}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}]}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}]}, 0xd8}, 0x1, 0x0, 0x0, 0x40}, 0x8814) 14.388731068s ago: executing program 3 (id=4519): bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) r4 = syz_io_uring_setup(0x410f, &(0x7f0000000140)={0x0, 0x0, 0x400, 0x0, 0xe5}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x13}) io_uring_enter(r4, 0x47f9, 0x0, 0x0, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) io_uring_setup(0x3e24, &(0x7f0000000080)={0x0, 0x6de, 0x1826, 0x0, 0x148}) write$P9_RSTATu(r7, &(0x7f0000000580)={0x20e, 0x2, 0x0, {{0x500, 0xcd, 0x500, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x28, 'pg>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18x\x9b\xa9\x16c\x88\x14\xe5p\x81\x03\xb4\x94\xe1\x00\x00\x00\x00\x00\x00\x00\x00', 0x2, '\b\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x00'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300, 0x0, 0x0, 0xee01}}, 0x20e) 7.764021946s ago: executing program 0 (id=4522): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) syz_usb_connect(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="12012000f1048108cd060202d492e4ff000109021b19f1000000d40904150001da40df000905", @ANYRES32], 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000040)) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) 7.761352685s ago: executing program 3 (id=4523): mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x2, 0x12, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc) r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) write$sysctl(r0, &(0x7f0000000300)='1\x00', 0xffffff4a) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000006800010000000000000000000a0000000000000008000500", @ANYRES32=r3, @ANYBLOB="08000100020000002dc0b4b0a0d14ce9fbc9706c5a4d"], 0x28}}, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x6, 0x1, 0x3, 0x1540, r1, 0x8, '\x00', r3, 0xffffffffffffffff, 0x1, 0x0, 0x2, 0x1}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x3, 0x10, &(0x7f0000000340)=ANY=[@ANYRESHEX=r1, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004500000018110000", @ANYRESHEX=r4, @ANYBLOB="00faffffff000000b702000000000000850000009b00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e86c0d85ff9782762f0800", 0x0, 0x1300, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r6 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r7 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', 0x0}) r9 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', 0x0}) bind$can_j1939(r9, &(0x7f0000001200)={0x1d, r10}, 0x18) connect$can_j1939(r9, &(0x7f0000000080)={0x1d, r10}, 0x18) writev(r9, &(0x7f0000000240)=[{&(0x7f0000000480)="2eb81c0d73d358e1e4677bb905a7d52376b069d04cda9d8125998ee71ffda596074dc84bc99266475ce0c50f3aa88bfa5c04c8f2676ba01b3a620d4a9387b791cee71bff16da8ad6695e320e7d689e92920032218562a8e533b6bced60d2c80d5e04f763954e5b39d9efda3ecdac11a84c57d930308e6e94c374cb172e39d09b", 0x80}, {&(0x7f0000001240)="325173f6fe33f55e07a613510d6987583b88b7076b6d12996ddb4f9455b69d67b04770e89bbd977e536697b63977f30e266d9def0ea30cb73e6b74c37e972308d7f95499aeedef82e7e01f6ead4d81bb6f5fea37b9b3db0b2e9b72fb13d886c25ddf61003eee0d5034c3c7ab74defc878c54478028cfe5a3e47081a99decb080a40d4bb7814beb4b7d5eadd0e00ca06832ead3fa5b877de17786ff0e3c97a84bef7518cf1536963d22936b9b2eefe9bfd4b7cd6031dbea40be8bfff8851bb695599a573095d799a0d76e2b613f27a9498b39ae67f8c60fa67a31a4dc6c41859c36172e5386fec618b15351b757c4caedd967fe3bf473dc5d9bf50ee1fcc66a9d052c35d2aaa512331f2c3522d47b169e8ba2a08127b594a6ea6f52f679112a1d27c532633edbcfd1818269830926d4eb44d8b229e9a89541ef1c92cc738206221f9a3d1a9a3aebac957d0170e53f20c0811425ad6c53e4bc364aeeef0df9eaa9f2bf2862e7b58a951900ac3cfc98ab024943aad7d1baa7ec77f439a4c8e93636a11a09c0f71dcf93a367f5286e926cd9f8be60e9f7e9cca7e726485fb7aa20d807ac1278f6457e3f0c62b843b71636edf22110974a24a64d6603eca1d3f8e8c8feb463287f292a58a4e2fc11681a74b88ddb507e054f8b6a0fddeaac8ff743b6bd5e91904b6041c8ab2207c7521dab56e811b4af79208cad37aef8e8bfa48d16b66ccd4598d439eb974380093e018e5c0471cd510d0db35dc6a7e3c7f1bc9616b4662d77ea85e8a224530ee4887a434ca2896e1796f597bd32544a76e10d1e37809233ec02d982d30e9b2d3b18ca5b3752ae09d1de0e0503dacf4e9dbcdace5212f50a24e162b1eb62499cfb5995522531aac794cff94ff871699402f299ff5c4aba2c45956939fb530eaa731cbcf75da43e09186404d40efe172b73c0919a43d24c570fd6e66cb4880794f6ad38659038f2e4cb2cd151adda7e5dcb1c3ed994cc54214f855774da102eaf617fd080741d46348cf865cc0fc9258c99fd189a18c5d993d2c9f19b09c8bdadcbb8305f76a09159ed17c942b84fab31435ffb689bcc00e0cae50f5eaf41a34927d7a96461cd84cdff208215f876963c0524f596e8f75ca26229a7ad8bcbf20822ee9a05224f62ce263df92c63d4c82f7a260e167a63d1dcf4155d0d4810830ca13aacfbf79f7ece285fdf361ec81d7d2a01826760638880b477f142252f10f12319d3785af4b27632da75089b5bb440160c84b279ea640d056f9fcbd07adaec9e29c7854334fce316ed2aaa2818e6db1df522df16f8e159a4524fb06a8c008710b2e0521b58f8fac362bba2a3ff76f7a2ef97e1584f6155cb81b7676bad86ba5964c84022d7762cf3092d43ecce4ad2784ab606218f26062ca9c8f86f77be4efa2c6af193d626c28abb9698832f111d6475d9086722b209503295084e1a07efe95a95e85bbcdd982aef8c5dc5b22e441c1fc072631531ac4d284bdbb9db73a7a42098ad24c348daa7b2b511bd68b69e971a3150c380e1f219867fc2d785db908297d164ff8c18805515a20b44f7086ccb46c7c2b2646cc367fd99cacd614926bb2b90df6cd230d98dc12a4e09cc13d7e2dfafe92dc1212a61b8c2172def6999c89050d05502587ba3fa075cfd25c451ceac47ff05d668e8e6ef70feb8c34521f4e8515931c402b337b358528b39db9d44ea81326410631ddb2513a605ec9b71503741bc130216f525c5d0afd9d44289adf363258bdd04bcc15c422996fb79bdef354113aa60993f6b307dd7f687a2310e8cc7aec4df2e369971284a218bc407ca9ddb6a415a077e36218343e3cd77d30b273329b5afde2c1d8264666df3628fc4eca0348fa94abda5b2f55ba4df670ca4bdbbb173fd561aa3994dbed97a158157c779a8f054dacf09e3c9371283b71eef7d006d30006de2666573514de8402f4375ab288f36326be4e9129141639e4f4bb1c178d7c8749202346fb51afbd535c67de5d2398f8f48685be425ebf61ee3bfd6a7ca3326de4d910108506d8031668b7aa83f9e84a59048c5258ec7d54070237750b2bcb945b62a28f57e829b2bfeb61763dc27178795f7502eaf01ba2db17ed5e9bba6770f1c65c490a12ab4c0e1b27478a75a87c01aa9ec076b417cd797b31114580c8cba3d91bae0e863f70eb2e4eedfe206bcd9f1985414cb4a978267f7627e33b9a2afd200ee89eef06a88d137d36856012cdbd1364bc55135b7c5dad97af3c2c4b6b076666eaa65d3632d62390fae4e889ac0e1d53a32d1eeea987af631d0e1caa35e2a019fec17521972a07985665b290d9898d2f2c238047b2d5d4f03e70e3ec0e37f9330c5cb6db40a436fe45ee63c1fa21b44b8462c1ed0996d50f8cda8521b82a8cee71ebcabc686a07b913ba7574ca73362330c4d4775ecfcac523c5aa40a470c8ee190f2f011fcfc9bb457bc84ed93d3785577ff4b95730dde6601909d4942e94db9685c9f6b53f542cfa53fbdfff3b3176d218dc6ef058e8efa737e7ec26fa7091aebbf2e879ecb7f046b461d0e3ff2f1ea0d6c213e95529d652144f369d9b517acfb19b8e509d39e391e9135d097d498d09d63c233f335c49bf9f33305e89d2e79755c4cae75b50f1b8e9d225df51ba6e445a1ec75953bee00bd722eb6d05a52fe85535cb3f26217d29b113bd122954c85e2cfe5caec7dc7adaf1b0a083ab61a36592f2c670af14aef3877b7887d8832888c6aaad4c0af002b95d2e3933946b5927620a63352f135caa0befd2dea8c8c971f303f62e5761e7bfe6ba7c42f0d98d685593588a43072577bcc90d6762cf6a073d1568f6047ad5d2d2e84f87f9608e70b91fa20cb398bc3383b202c91ab4531df5452bd4f13ccea9ad9659b4c84b420bd8e0ef7559108363911022453b86d2fa9b3956ff7c243cfb6280063c56a1be6688f084c3d4b6a0142485c7bfed106465cfdd3e59688a888f4c50944edfd992971c8188315a6aa3d42537bf420928a35e4b6d9234528c624749b2add9a87d587cca898fb28792acde3c42f07a868af66c9cfebde1ae9c4960555b3eaa42283d674d3396e9b24513003b147e5da7001df878ee7f241e46c3db1fc2d67ffe3f7dcee5fcdd736f9bfae791e6ca4740f81e764650a3eae482205ab6a615c57ec2c78af724ab1025efc84d62879405c01005a0f8ad562e5f3345a66ba8d74560a5cbb6ce08561d2d02b0c43694e2614c44e4f132962948e1b31586c8b56a2d5609363ed8a1bd95ecaa50791f1260ccfafb8c16d0404fbf402e34590de1c4930e19afd219ac4916c92769b8b3a1593373dc092e5b4247b5a1bb26b92df919e654c8a6ea3fb6826dbd9574ec7b1c5fcf8056abbb738b71d11a3a01ebbc115eb9c29ac75f5123e77efc52c326a91a969cf8b71e3f3ede72d4ec6df4b11d62e09bdc015aa7f82b5f4b1b823e3283b264bbf3df2213936072ca460bf4b2437b7308308e9763cd43c5ca75100fbdbd4592283a6c73c7edad4621325fa7d21a7d53dfec60d063ac018fda1c51bbe17e63c84f1a3710f48953c372fca0bab9fe130b3f67637598a3bf1df5430e36dd11d430afd8893e82616b54610d2fcc1df27fc876dc957c56fba5db485c3e5d11769b8412e61f7b3942ded00507c46a47339b5551a68863e1ba28da82c66595f1221b4927527820dcf782925d91aefa3c9103395293f25cb23e0d5efb4e5dfeba7b20b224aaa7d6ac2f5b9b73aa7c3f1282d4d1181ac25274ac62f0cae1ad9d930bee569a3095856298b8236393395e35a6af56ed4ea72da72fb3a2479b8c721936e522ddac30771a852674c7c5a4117a831801349586664e951b91dd24e9e029e9f2cd7c20d3ece2d15f882856e75749606b1f4a9582d94e417d5fddc3df3dd4151af7ea6ad2dd7d6259f32e7665c2013cbd1e1a67479e6e28103d85b81fb0f5de7c70b23f856bfe7722d33c4c16e946aff8542eef4658147f3eeeb40d08175df4ccb7197eeb1bb2a79f90bfda8c9903c79c6102e5adaa725dedef05f4c001dcdec7912571ac395c9f005739c61c1bf199f950b9cd2e2eeee54d9fcf60426330d1836485a788e39f58575630be63e4c77fe54e182dd0d6bf5decf1782dfaf54e24e3a1dc13a6e922c4ec2240e92606ab74c07164b3d077af0ed1deec9b0ce211e70fd2cac947c588e967795402c245a01250cb7796532aa6d10794225d4a809c96d2e7818b3131d9ca06fcbc0736d59c3b48bc9016f8334e06c8de848b1a0df06406f81801b3b2182cb4423c3bc8805b4705b6c3ebb58ad598b1a50eb0a49845c3a17901e9895b31ceaaea7391acc204714174a140d6f929323cfd584c4bc4a68c32108e8b630e35b1c5602113a4da21db489ca38a5f4ec7c42779ad11867e07779fdb7b4a069223d62150eba6bf8a0fefe9f70888e734dd1bad059a37fce92dd5caa93932fbb0905a39be9cef2c5065a0aa0a312b23dfdf4523afb26f0b755b62f4083437a90a198e2df1f94c884228d98a4548547798934b9f7ee8a68f2728c6cdf7d3dce4bd6f21a13f608b95498315105276cd25fa03963862c7b1f17cb0c0d475662f6d0f49f26c8b4eae8c5d036177fb0253edb5de3ccad1ee59a4c9d17a91d2ed259c5acc063a2c71bdd95fa4afbaf446cf3f5ae1dbcf0bedc8bdd1c73069d3630452d0000c1d797ab2d21f2b5dc4d60e885fd7f04d60780f6d71d6ac074ebda5752db9ca88ba65443fa3853501ab8cb61164a15fa311a333f04178ff4cd332f77657ccb121b755e012d397bac485aa32b2e864ca4403a7190b67b5588c609c368df4e5ac0ffee941a11143891639f9987f9b003fdf48fdbba4f68a552267b3791c36e6777ed5e37a3ef81f4ce7c406ede1d22b68077d23e6c95e5510e07aafb6e48dc427a3a2c94504b280c1222787b5020bd3a2bcb1609fb2fec61b0679a609ffa0c5526aec79112b96b8eca61eeca346f62c5d36f3d4a939a3da81f703440ea93d007aca6f0bcb1460504e91fbf696cdad4b69add516b77eafeb36b48275cd8e94c8445945230eb00e5df417fbe169c62ef9a107904fd6b5336eb60e4546613fca2992074a2c8f46330e11e4b3dec49da87bc093573ee06e3da3e94bf9b38e69d38cde13f54deefc809cbff4f3a71ebcf13d5562c6c60684ab295b5c3d9793cc1e1a33752e8738c5cd6c3699f101dd1d772e17e8fd47359d75b7cfcb36c8850b7dc0c1f54f7a01607f2855adbf0b4dc86afeaaaef882f4f0bd0f96dcb33f40e48405f1896868daa6535e44fae77338ae196aefd4a93d0131fde0668bdb50bab0b29c3ddc6b5e5fcc135476c500bac12ddf800a760a9ed82ca0e21be0ae43145c511faa8b28ed21218bccb41c3c4b988641c05c1a3957a25a3b89171c89dfd37b8b0c7d1add45924cc822f05706f932e388985e8ccc0cd5003ccf2ec89d6200d6c578fc0d82deee631246d02e09479a4ee5a8665ce9288624100488a3c7a10460f87471fabfd8fcc9bde243a4304072cdc4b5589d1fe3069cde47cd29c856ab718cf13972ec3178d8a3d68710324c2fe3941e67a3ed3de4ba9c796385479686fad741a6d25e4176d912bac96b57fcd9e9bccd73d3a8737a52e96e7538d0b671a5951c1051f4d895d89867c42c86f5f229494e4a05308164326babeaa5871e012d83c56adebdfaee12758706907563c045c0e26b76da26f356466876de7889d6f814470ee05974ddd04bfdd9dfe78c34e687b92727bf1fb67f869cbd2ecbe330264a6973fed37e5c64dafcbb4e944", 0x1000}, {&(0x7f0000000500)="f2dc93e8b7d089112d33979fd10f8e3b8db033af5ed386bc929653da530b9070312afffe23c18923da44dd37217f0c75f6072c558a43ce6845ea684aa5e7ea1ac5212571177579cb4f496c619fdcf0786191eadb02e9314fac26fc91b322cda7b2e08c9b2c2f6bc4769d4cc66937bfa1d3615a1c07c7427c8ae6e17541c342f7697e50e113eafa47d0bf6c31ee666bd768ad16921876ffaef995378dfef6372d2ea8ee7280b6d30f1e3b401b41ab210338cc3788c7947319e9245eba7542b784babae5815e38853da45523d58fa6f3e1692e7aaf0db87728e9c1635d9c64241f6bee5f7635e758adfd2ca9d1f3860b8fc89328f8", 0xf4}, {&(0x7f0000000600)="9ddcb8794a1f48149813a3e1d3bd4b04a554188869f5f0f946b7d0a248ceb391be589983a34be4ec873b3511dd9de09e95de51a0380b99d0a26adadc8dd036d945ef1b07a2f1a9e3297ab7aac2d0afe687fab7b30647dd9f9be197cffaca3b41", 0x60}], 0x4) bind$can_j1939(r7, &(0x7f0000001200)={0x1d, r8, 0x3, {0x0, 0x0, 0x7}}, 0x18) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000140)={'pim6reg0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000180)={@dev={0xfe, 0x80, '\x00', 0x28}, 0x12, r11}) r12 = socket$can_bcm(0x1d, 0x2, 0x2) socket$can_raw(0x1d, 0x3, 0x1) bind$unix(0xffffffffffffffff, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r12, 0x8933, &(0x7f0000000100)={'vxcan0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r13}}, 0x24}}, 0x0) write$sysctl(r0, &(0x7f0000000000)='2\x00', 0x2) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000280)='lp\x00', 0x3) 7.617016898s ago: executing program 4 (id=4524): socket$kcm(0x2, 0x3, 0x2) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) socket$inet_udp(0x2, 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) socket$inet6_udp(0xa, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x1, 0x803, 0x0) pipe(&(0x7f0000000100)) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 7.135317154s ago: executing program 4 (id=4526): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$alg(0x26, 0x5, 0x0) socket$alg(0x26, 0x5, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0x16, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509011f00000000950000000000000018100000", @ANYRES32, @ANYBLOB="000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x7}, 0x8}, 0x90) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010300000000000000850a000000000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r2], 0x4c}}, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xc, 0x0, 0x5, 0xff, 0xeb7b1550a98251fa}, 0x48) r4 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0xb, &(0x7f0000000000)=0x1a, 0x4) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300"/3601], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r5}, 0x10) getsockname$packet(r0, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000013c0)=0x14) r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r6, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r6, 0xc0105303, &(0x7f0000000280)={{}, 'port1\x00'}) setsockopt$netlink_NETLINK_CAP_ACK(r4, 0x10e, 0xa, &(0x7f0000000040)=0xcbc, 0x4) sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@newtaction={0x48, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x34, 0x1, [@m_mirred={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0x48}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000057"], 0x0}, 0x90) syz_open_dev$usbfs(&(0x7f0000000080), 0x4, 0x4a180) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'veth1\x00', 0x10}) r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r8 = fcntl$dupfd(r7, 0x0, r7) write$tun(r8, 0x0, 0xa2) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 7.134722672s ago: executing program 2 (id=4527): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f0000004bc0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000b80)="1ee88f78de7d57006d8ffa3f1d92c228a43f", 0x12}, {&(0x7f0000001bc0)="5c89eeb1aa86c6f680f09cc1c1d4bc5fc6a067d295afd3aa97af3d777b81db48f9ceb270e506af840503c6fbf20760e4cd8df9c220cd0728585229123d5c61507d00561b8f1a15e64fa2779be424fdeff46058eaee7acfc80b2ae9840e9ac1e33ac8378c98695a08bdb8f2a756b1704c036e3b0ff2d1e9d397a82e24debd371e6855b7dc2dea47d57a9dfbf4fb2ccb3f975c3851c6b5399ab80c4ba95604f70a69674cfe820d82fb06b243625a8a9e4ee52e7c2ec4d63241fb00efd1a485a36dfb4a7dd573c6584c4afc55b3ff0a93509fe41aa0e8892c95ccad3e0435071aff78177e946cf231de4f389b695c5f49772b8abb6b88226fd4c2b0c57d47b98f2aa1b2ec38c4a97f3783023f04cdb380dd6a00d2fc63c932a9876863728e1fcb245109713c16375ffc68b041b86f737c41233cf2a05e51699db6a0e3c4b82b9ca613bea89cefd2ace608e361379b1aeefb75d0aa2db26dcddc9365a8c02f49af78aa6b41599fa501f9b96824bed5cff2028bb06f3852e69b3e58b659606b7ff7e282473701c95f1da7e742b76392f90a89c65577415c62e2b495027153030cf761b44eb1ce8816f14b71f4ecb066111dea78d77fa4b58bc3b27250a516cd5f90b3df608a06eca61970a028193f5ef07ab0cc90936633e4894831d5294011e1dd1f157fe36b0897bc2d8269989a85a326038ef0f6fcec6d5fc1d88f552e2c840489e4b2df437162a800bbf60068f2a382bb4921afeee040d23aae0b3104fe8c4ae098cc71600bb5bec7393b35b4b6066f2ef0c32f5b0a3fec9a005a55293c87437354f8bcb3d8ff36d80cd300c1dddfe331c7eb82a85daa8c2bd5c3ecddb0dec54a85638154b479644ecc2f266994eca97618113ed709734f98a9f6e09f3fb117ebd03e21553e016aa1421eb14c67cb64c4707b0958cfd08776fa1055f5bff34987891c70065b724832560c9e567801fcecc20c399f4857dffc765b79fa4a28f457b3af64180e1094806a65f7fcc73eac94221a707dd8d679b018ce4df7fd960fe305836dc0507aba04e52dc9256ddd20747b4dd1a9214231743ace12ee9e7dae8f6adbef78096f6865731cf1afb8cad3e9b860e0a319a3a3a401aac8a5ed95107e06c7f722b4388d1c3603bf300e92dde9c5b36d59e9374a8a75773f6abcd106e8456f579c4d3c1d3cd29bc4b18985ff6ffd0f6344d547d4f888d150477b6c0a85e3b3234652dce2102d14c8ba9030bc2f4b5860e41ee622ebb62fa1b5886010fa7f894e540e696fb849eaae4f13bcf23b27c2de80a7a79e214125e26a77047277821817f92a7bb7905a5b47f00faeefbf58344a2374294edc97ffcccea02779a7580365d8444a5198659a194eca3c2a800823e7b6feaa4eec37c4c6627bbe212edb591c39dcf67d61f3d032e0f1071fd5387dc5ca22332e4f065780cc32643fd4c32c1c59c0128da369267e7900bc672767ea80a504cd21dbb61932bf0f497eb2494266cd4a321444cd1bea26956845dd0e992e2a073e80bff16044d012ebb1f269a91f75f0a565cdf30d11c5", 0x44c}], 0x2}}], 0x3, 0x0) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27) 6.801440711s ago: executing program 2 (id=4528): r0 = syz_open_dev$sndpcmp(&(0x7f0000000040), 0x9, 0x400800) ioctl$SNDRV_PCM_IOCTL_INFO(r0, 0x81204101, &(0x7f0000000140)) r1 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x8, 0x2, 0x0, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffe}, 0x48) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r1, 0x4008af23, &(0x7f0000000000)={0x0, 0xfff}) lremovexattr(0x0, &(0x7f00000006c0)=ANY=[]) 6.499849859s ago: executing program 2 (id=4529): syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0) getsockopt$inet_int(0xffffffffffffffff, 0x0, 0x989e92d05a33833d, &(0x7f0000000000), &(0x7f0000000180)=0x4) ioprio_set$uid(0x3, 0x0, 0x4007) r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x103382) sendfile(r0, r0, 0x0, 0x24002de8) r1 = socket(0x1d, 0x2, 0x6) setsockopt$pppl2tp_PPPOL2TP_SO_RECVSEQ(r1, 0x6a, 0x3, 0x0, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000280)={'batadv_slave_0\x00'}) sendmsg$key(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[], 0x18}}, 0x0) io_setup(0x8, &(0x7f0000000600)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000080), 0xfefc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000004, 0x10012, r3, 0x0) io_submit(r2, 0x1, &(0x7f0000000180)=[0x0]) openat$pidfd(0xffffffffffffff9c, 0x0, 0x2000, 0x0) inotify_init1(0x0) mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0) syslog(0x3, 0xffffffffffffffff, 0x1000000) mount$overlay(0x0, &(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000140), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x0, 0x4}], 0x1, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000040)=[{}, {}], 0x2, 0x0) semctl$IPC_RMID(0x0, 0x0, 0x10) 6.499460993s ago: executing program 4 (id=4530): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cgroup.kill\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000140)) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, 0x0, 0x0, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a843500140600fe80000000000000e5000000", @ANYRES32=0x41424344], 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000001c0)="b9740b00000f32ea0000000021000f019e6f750000b906030000b800500000ba000000000f300f0e0f01c466660f38305c311366baa10066b8001066efb805000000b9800000000f01d9f2ac", 0x4c}], 0x1, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000080)={0x3}, 0x10}, 0x90) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 6.291445429s ago: executing program 3 (id=4531): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000000)={0x0, r1}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000500)) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)=0x200000000) r2 = dup2(r0, r0) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f00000000c0)=0x1) 6.10680025s ago: executing program 3 (id=4532): bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) r4 = syz_io_uring_setup(0x410f, &(0x7f0000000140)={0x0, 0x0, 0x400, 0x0, 0xe5}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x13}) io_uring_enter(r4, 0x47f9, 0x0, 0x0, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) io_uring_setup(0x3e24, &(0x7f0000000080)={0x0, 0x6de, 0x1826, 0x0, 0x148}) write$P9_RSTATu(r7, &(0x7f0000000580)={0x20e, 0x2, 0x0, {{0x500, 0xcd, 0x500, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x28, 'pg>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18x\x9b\xa9\x16c\x88\x14\xe5p\x81\x03\xb4\x94\xe1\x00\x00\x00\x00\x00\x00\x00\x00', 0x2, '\b\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x00'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300, 0x0, 0x0, 0xee01}}, 0x20e) 5.841529752s ago: executing program 4 (id=4533): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x3, &(0x7f0000000180)=[{0x0, 0x43, 0x3e, 0x7fff0020}, {0x5, 0xd1, 0x2}, {0x5, 0x2, 0x47, 0x10}]}) bpf$ENABLE_STATS(0x20, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() r2 = socket$rxrpc(0x21, 0x2, 0xa) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000019c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="01e8ff000000000000ef00000000"], 0x14}, 0x1, 0x0, 0x0, 0x4008001}, 0x20000080) openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x603, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x101a02, 0x0) capset(0x0, &(0x7f00000000c0)={0xfffffffd, 0xb6fc, 0x0, 0x0, 0x4, 0xff}) syz_io_uring_submit(0x0, 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x7a98, 0x0, 0x0, 0x0, 0x0) bind$rxrpc(r2, &(0x7f00000001c0)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e23, @multicast1}}, 0x24) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}) ioctl$PTP_EXTTS_REQUEST2(0xffffffffffffffff, 0x40603d10, &(0x7f0000000040)) write$binfmt_aout(r2, 0x0, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000200)={0x0, 0x0}) r7 = syz_open_procfs(r6, &(0x7f0000000600)='fd/4\x00') fsetxattr$trusted_overlay_opaque(r7, &(0x7f0000000040), &(0x7f0000000340), 0x2cc, 0x0) 3.14151592s ago: executing program 3 (id=4534): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000000)={0x0, r1}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000500)) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)=0x200000000) r2 = dup2(r0, r0) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000200)=0x1) (fail_nth: 5) 2.349287954s ago: executing program 0 (id=4535): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) preadv(r0, 0x0, 0x0, 0xe34, 0xfffffefc) 2.244497961s ago: executing program 2 (id=4536): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r1, @ANYBLOB="7fb664af0a0002"], 0x28}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) (fail_nth: 1) 2.220959298s ago: executing program 4 (id=4537): mkdir(&(0x7f0000000300)='./file0\x00', 0x2) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000004c0)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00000039c0)=ANY=[@ANYBLOB="180000000300000000000000a012544f95002b000000000093adffa82255f674412d020000000000005ab527ee3697f1ed4436dd1164b1b3f427f6ba6b34f98125f30e631d273683626e00dc254d570d4a6b78a5833488cfe410090000004aa900003d3cd62f00158e6eee8501000000520a0000151d016e6cafbe9309aba218812868a51d129e78f6ae170bf5a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b000024b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e8b701d2d17ebc406e89dcbb7677e6528b0856e31eb9474c0106fc48e1f8c1a5f6945ac24cf609068f6ff21e88b3cfc22df01d51e242443618c02e0a428da651366e4bac9d97328fa2a82b5e8741e02056d933bedf59ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e148bf56497e5d56d06c7551b870b2851c3f0a1aab7158edeeccd92e3a88dc0f432187ce92d7b17a21c8f1b3369ebfcb4cb2946601b0f04edb256c604f068773f6db9d661bd7f0e2536f00000000000000005521458b7d1e341c6f864f983d745f5865aad41d29158ae7602a2d6cd415e8351ebc283df54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121a96eb373845255012e028cb2654d493afb4b35faae176f99b745eda2967199cc93685bb444f9bc50713061385537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d0007ae4e1e347c0cff28235a6bb7aa3804b907a8f2880c5cb1cb385e6add14652003c7cdd3324f07d1ff07000000000000000009dd872ec64fa6c718bbd1aa591140cff0be4c6f8df084c5e9734ae30aa9afdc7125f01ab03a9b1074407136b4506000f0916aada035df2e0452a9b39e73aeeb6eaf14652dda689e2051d9b7eb85f3f2d5ab2c51944da8d7391d5b6b97419a3b76600cd1aa0afe5f8f46df4c5124ca425d374b371867a79b31f3f514573f1e30d1fd2d763f3ee9210b15c1d60be2168fffcd599a2cb77f124e22f87673675805494db821f39b50d5fd8c6b2a3a324c257bc97def5f07f2b77f05a4f81a9cf8110971b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c4407eca22debc99335583b00013c3130978fa069af8223b38ced735c2d90c6d84c30a0d87d42647489b39601be5c27696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f240080000534187738655d7a6240412c8f283cc0c1eba2866dc9580000000000000007fffffffff554b82d9c162f3556076b80552d961ca74d1ffdaccf0ea5f02e0163a9ccb9087e6c3b3917bb74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb01f7ada800e50000000000fdaf2f7b3b79a433e08074ea2462974ab2cbd2190780fa39c43ea647eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433d866665b98ca2002c836e89feef904c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc8d0834fb8d124638fec58faeb4c16abb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a68d2bb2dd163e863314e8449801b52bb93f6c9084659ce777dda8563c859656a357770289a61faa95a82bf1cfb7f2f97252e9322abe282c3344fc6738b4467893b9bf0000000000000001062a35376413c29f7c6f7bde29b9f4bddd5e328661f4615e627a6f608ad53a4168fe8e5d7d934aa289b4bd2b870000000000000000000000000000fc4b4ff50000009b777883a02ffd92dfc4cb4114b9f9cf4ad155110cd3ace2b322ae31bfa27847c799c8869a1ea5018e525e6383ad7fd9795170e7b11e247603000000001459c7f606d721d3979676bffb3049166ab84ac1061991bd57c2566c10c296352a5105b6164e3f2491e4793e2b70590dcc71f110da96366c40dd44a2c9882d3aa0f8a797b8fea6efcfb5276b7679f15559cdaabf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5002adef9546abb7a2d9c085b189b5ff30e4e0c13f60870fde1f88d830b11002135e8e7262f29b6d7923bfbe0bd2a8be179e56b41ff3792cee2fc37eee739c3008ce740d8804f8e705f0dc59d000021363e8df94ff175b48dc8c12def681a11647946595445bf1cb7d2778cd27a6b3b2966b08be600000020a8a711d193bae0ab2db9ed9c6cb3c3de42ab89524414cae922141f7baf17ebb790ad60bd0387837e63f9880fd70259e35590afb4843cd4e9989398eaa89cefb3aa13cab8d015cbaf1561d95362decd73b8f8cbf8269cac091cfaaa3c7e46d6e79145fc0f1d1b383752ccb40515a772356d746914540216adf4c0f44f1cff3760afa252720ec6dad3a98671ecdaff46cddffb1f05a0c0976070d603a442d014822369fa3eacbb69bd1b0a074357acd5d02161fed146ad3aa15d2b8101b7bd1e091ada78ecd50181f4b35cae1b29aff91494c916323b61f815c4e0701657087ad11eef97952921365bc898ba2c76a9b6e0052f43b1ad2dfdf3f958fc1d32e692bc8846c78a956ada453c67c1c2cdc4f8b1c94e9adc106e85b31e030d955c5578e107a6e8ca0d4dd05344c3e2af25d9a3b0f7805624016aeab271a75f0bacb101a156ef8948064569154a7de08f80e4df4c339b69431b0a5671097d89212b465b0b32275deae10a77e334c9fc074d181bdeb5be80a6249d472e78e6be57a5ccd354cf181e099605a644ecade221a2be926210b2690d09e4b7a3dea25403397439979c27d5613262de10bacecfff2d58437f012df4252c018795310c25e8fce18ed366ac2caade564ca869727a7d63c26271e17d7aba48971835530311545273d3caadeb5d2017dc816126b6f2068f68a4111ddd587b5df4b5d8f1ce00231a2092eb2e797c491a1e66f73606fd95bb01b53a2d862b6262f0259da51ff7517ace7361460a4669a97f7d0bf095c2787f00bdbfee19670d1e0ec5e6c3cb09972fa4d94986157b96d6695177c99d83716651129320924352cda7b8ead91c3301af620c1e8d7004d29ad77f54836779600bb0b247139d429df96362db3ecfbd36fa8164fabdcf2e58b720e8e1c03a74daf593f92a8ecc03f8c8e3af9ae07dc03780cc0d69da9e3528c1693fb51998731992ceb27dcc0be5be4decefe41b78bc1847bf54b087e095172f06cfa6d4bf958b1d4544947ff1230655199db4f475006047fe83caca97758dffa53cee764f85932eb20d54241b2d515c0826dfe1f0f40ae920455a4548fb35e2a345c05b1c252b7877bb3d834b0b3579a36249146f832ef258df5127318c7017ac1a996c4f902f82deb60fd113ccf812d55ffd625057bd4ff3960992b85bc8d32edfca386be16b1c549aec52e31e1405f86c7760282901750b732ec06b0db735222a56f3ebb16fad3e9269495230cd88b0ea2e3affa196a2f0adf733bc6afd37a659ecc933d636c1b27d3a16c5ea25301f9b5789e4aa8e7228e3002f146aa5e575bb74b1ebb82147edf8161d362704377058e887c608be8719ea1b6c490f79e0832e2ddd7e217c7adddd4731e032d7eb35bdc38160c676d840e2e8be9033a686cf7061f5f55e2851736aa8c2f3bad8ac05c048e20d8c03b68008a70b8f80c93ebd2ababb5c65fe9abc4642d7b58d8c93efd7b6b39c68a16d75a7852dfc37a6a50cb28a9b6f685a465d08fc603d81d8ddd5296fae97be1401a8be7748a71fcdc85ba2049e96c4e6dce59b88cd5472726bc237fbcf3ffcbf32e2aac9b2f9d6013b59780ded723b08c767fa091e2fa4d51863500fcd5041bcc98a685504835743194113ea0b97b4f9ddc395b9ac4defefadd37a8871fd91f31a56eb96ecf90000000000000000000000000000000000000000000c447ea475c236c3b7f24079fe375f3f861fc54d9d8a04a6cb8c0dbf9e9cc53a84a5795ae5ebcbd825e3572df16fbdcd395e995fa4fcbbf31583d9e1d3ff537f401a3139200a8bd2122157887199cd54075a4d5b29935dda5c6aa0f3ac6895eb73c7abbd4603abdaa8629dedb2cab0fa80f9514ad310491a9a300015c18cdfd9342cff50d849d7516134d45d1a8cf157abe0c79de543993cf689f8a7113508fbf8a610417045e6c38a5d4ff4656dbd9656ad6ce625e1674ab57944ebb834743a248a2be304ba1e037cb63a169d340be8befc1b238aa26e24"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x7}, 0x48) r6 = socket$kcm(0x29, 0x5, 0x0) sendmsg$rds(r6, &(0x7f0000002940)={0x0, 0x0, &(0x7f0000002800)=[{&(0x7f0000002980)=""/4112, 0xfffffe09}], 0x1}, 0x0) write(r6, 0x0, 0x0) r7 = dup(r1) write$P9_RLERRORu(r7, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r7, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r7, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @private2}}}, 0x30) write$binfmt_elf64(r7, &(0x7f0000000280)=ANY=[@ANYBLOB="7f450700000053c407cd"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[{@access_uid={'access', 0x3d, 0xee00}}], [], 0x6b}}) 2.146322313s ago: executing program 0 (id=4538): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f0000004bc0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f00000019c0)}}, {{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000b80)="1ee88f78de7d57006d8ffa3f1d92c228a43f", 0x12}, {&(0x7f0000001bc0)="5c89eeb1aa86c6f680f09cc1c1d4bc5fc6a067d295afd3aa97af3d777b81db48f9ceb270e506af840503c6fbf20760e4cd8df9c220cd0728585229123d5c61507d00561b8f1a15e64fa2779be424fdeff46058eaee7acfc80b2ae9840e9ac1e33ac8378c98695a08bdb8f2a756b1704c036e3b0ff2d1e9d397a82e24debd371e6855b7dc2dea47d57a9dfbf4fb2ccb3f975c3851c6b5399ab80c4ba95604f70a69674cfe820d82fb06b243625a8a9e4ee52e7c2ec4d63241fb00efd1a485a36dfb4a7dd573c6584c4afc55b3ff0a93509fe41aa0e8892c95ccad3e0435071aff78177e946cf231de4f389b695c5f49772b8abb6b88226fd4c2b0c57d47b98f2aa1b2ec38c4a97f3783023f04cdb380dd6a00d2fc63c932a9876863728e1fcb245109713c16375ffc68b041b86f737c41233cf2a05e51699db6a0e3c4b82b9ca613bea89cefd2ace608e361379b1aeefb75d0aa2db26dcddc9365a8c02f49af78aa6b41599fa501f9b96824bed5cff2028bb06f3852e69b3e58b659606b7ff7e282473701c95f1da7e742b76392f90a89c65577415c62e2b495027153030cf761b44eb1ce8816f14b71f4ecb066111dea78d77fa4b58bc3b27250a516cd5f90b3df608a06eca61970a028193f5ef07ab0cc90936633e4894831d5294011e1dd1f157fe36b0897bc2d8269989a85a326038ef0f6fcec6d5fc1d88f552e2c840489e4b2df437162a800bbf60068f2a382bb4921afeee040d23aae0b3104fe8c4ae098cc71600bb5bec7393b35b4b6066f2ef0c32f5b0a3fec9a005a55293c87437354f8bcb3d8ff36d80cd300c1dddfe331c7eb82a85daa8c2bd5c3ecddb0dec54a85638154b479644ecc2f266994eca97618113ed709734f98a9f6e09f3fb117ebd03e21553e016aa1421eb14c67cb64c4707b0958cfd08776fa1055f5bff34987891c70065b724832560c9e567801fcecc20c399f4857dffc765b79fa4a28f457b3af64180e1094806a65f7fcc73eac94221a707dd8d679b018ce4df7fd960fe305836dc0507aba04e52dc9256ddd20747b4dd1a9214231743ace12ee9e7dae8f6adbef78096f6865731cf1afb8cad3e9b860e0a319a3a3a401aac8a5ed95107e06c7f722b4388d1c3603bf300e92dde9c5b36d59e9374a8a75773f6abcd106e8456f579c4d3c1d3cd29bc4b18985ff6ffd0f6344d547d4f888d150477b6c0a85e3b3234652dce2102d14c8ba9030bc2f4b5860e41ee622ebb62fa1b5886010fa7f894e540e696fb849eaae4f13bcf23b27c2de80a7a79e214125e26a77047277821817f92a7bb7905a5b47f00faeefbf58344a2374294edc97ffcccea02779a7580365d8444a5198659a194eca3c2a800823e7b6feaa4eec37c4c6627bbe212edb591c39dcf67d61f3d032e0f1071fd5387dc5ca22332e4f065780cc32643fd4c32c1c59c0128da369267e7900bc672767ea80a504cd21dbb61932bf0f497eb2494266cd4a321444cd1bea26956845dd0e992e2a073e80bff16044d012ebb1f269a91f75f0a565cdf30d11c5", 0x44c}], 0x2}}], 0x3, 0x0) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27) 1.292299997s ago: executing program 3 (id=4539): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) syz_open_dev$dri(0x0, 0x1f, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)=0xd) r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103942, 0x0) r2 = dup(r1) write$UHID_INPUT(r2, &(0x7f0000001040)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f70c9b3e6ee7ff7fc6e5539b9b3b0e8b9b411b5d30091b080d29428f0e1ac6e7049b3468959b4c9a242a9b67f3988f7ef319520200ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x100d}}, 0xfffffdef) 803.14162ms ago: executing program 0 (id=4540): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x11, 0x80a, 0xfffe) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000700)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_TLB_DYNAMIC_LB={0x5, 0x1b, 0x40}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 420.992819ms ago: executing program 2 (id=4541): r0 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r0, 0x89f4, &(0x7f0000000000)={'veth0_vlan\x00', 0xc6c}) futex(&(0x7f000000cffc), 0x0, 0x1, &(0x7f0000000000)={0x0, 0x3938700}, 0x0, 0x0) 4.022257ms ago: executing program 0 (id=4542): r0 = signalfd4(0xffffffffffffffff, &(0x7f00000002c0)={[0x5]}, 0x8, 0x80800) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, r0, 0xfffffffd}, 0x48) r2 = socket$inet6_dccp(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000000)={@remote, 0x31}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) sendmsg$NL80211_CMD_SET_COALESCE(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000000)={0x28, r4, 0x1, 0x0, 0x0, {{0x2}, {@void, @val={0xc}}}, [@NL80211_ATTR_COALESCE_RULE_DELAY={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80420c01}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x24, r4, 0x200, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20044004}, 0x8842) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000d40)=ANY=[@ANYBLOB="180000000000e3ff000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b708000000e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = getpid() sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7) capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x0, 0x10ffff, 0xfffffffd}) ioperm(0x50b, 0x1, 0x400000000000f) 3.760016ms ago: executing program 2 (id=4543): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@newtaction={0x48, 0x30, 0xffff, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x34, 0x1, [@m_mirred={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x48}}, 0x0) (fail_nth: 6) 0s ago: executing program 4 (id=4544): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_usb_connect(0x0, 0x34, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x92, 0xdf, 0x55, 0x10, 0x5ac, 0x9226, 0xb289, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x22, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0xe9, 0x0, 0x0, [], [{{0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [@generic={0x7, 0x5, "d77b5d2898"}]}}]}}]}}]}}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]}) r1 = dup(0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) execveat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) socket$inet6(0xa, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x8, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000078"], 0x0, 0x5}, 0x90) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r5 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x400000, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c) listen(r5, 0x9) r6 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt(r6, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) connect$inet(r6, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) sendmmsg$inet(r6, &(0x7f0000002c00)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000380)="f3c310720658a9c16f6146ca84d3eacf9cd4ea0ebd47da172acee03708c231e3061b45bda14e3bfd89ef46d86dc1062a495fa00a405e7dc4949e0125f3a4792f2da94dfff8848d1bced4d1155343d34a5e982346b47cbd0d11c7a3c522c514803ed1b9e4e623df8fddcd99178ad5a8324d0d54bcc59dd32c6c5f3b66f1471de44191c07852019141016b14d795495785f3bdd4254dbe3f598b06f1a71afeb087e28e9ad3d342052d47545200f8b8b9b72ec287adee11ac1503cbbcfe15574eddd834c49eb7124f0d5b3b205124abd41e04d827dda7046bae95d84e", 0xdb}, {&(0x7f0000000700)="4286ce3f84a94d401c0f18cadb06d4cb589648ec5b4e2b533d99be6910f9c8c375b6ec165fd13974c53bd69b0b4e5b4763e6cd0801a0736e1988bb5c87fae61b22a08d21de7812c6a9d2cf70c8132a3a902603d3bea80bf464b343725a23c0efc54b7268d22710375482132705be4f36b19b970f77e218c7ccc52531d8050f10aad32824ef191b12446d79d280c03fba7a802d610919ba", 0x97}, {&(0x7f00000004c0)="8ee1eee3b54b96952272535ad20e64bf0cdf4458d69e305422a605b7c7444ab8c7c7f22528fc7210b1b5c87bf061694dcbd2e025240ea07a34b17d257f04bac2384bb19dc266d0e2ec56905f71330f5b40bb0bf72d78606ca019e90b92e3da0e69cf86cdac62a96e45d6043af2f0c1a76a0d10fcb1d006905630dff3c082", 0x7e}, {&(0x7f0000000840)}], 0x4}}, {{&(0x7f0000000240)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000480)=[@ip_tos_int={{0x14}}], 0x18}}], 0x2, 0x0) open(&(0x7f0000000080)='./bus\x00', 0x143862, 0x0) mount(&(0x7f0000000180)=@filename='\x00', &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,') r7 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) writev(r7, &(0x7f0000000240)=[{&(0x7f0000001680)='0', 0x1}, {&(0x7f0000000080)='+', 0x1}], 0x2) listen(r0, 0x3) kernel console output (not intermixed with test programs): from the interface descriptor's value: 3 [ 2158.287504][ T5285] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 2158.297225][ T5285] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2158.534214][ T5285] usb 1-1: GET_CAPABILITIES returned 0 [ 2158.553956][ T5285] usbtmc 1-1:16.0: can't read capabilities [ 2158.762660][ T5324] usb 1-1: USB disconnect, device number 63 [ 2158.784367][ T5283] usb 4-1: new high-speed USB device number 50 using dummy_hcd [ 2158.999864][ T5283] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2159.022133][ T5283] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2159.054624][ T5283] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 2159.074610][ T5283] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2159.122632][ T5283] usb 4-1: config 0 descriptor?? [ 2159.205703][T20846] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4252'. [ 2159.267383][T20846] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4252'. [ 2160.762483][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 2160.769041][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 2161.238668][ T5283] arvo 0003:1E7D:30D4.0029: unknown main item tag 0x0 [ 2161.489384][ T5283] arvo 0003:1E7D:30D4.0029: unknown main item tag 0x0 [ 2161.740476][ T5283] arvo 0003:1E7D:30D4.0029: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.3-1/input0 [ 2161.830136][T20858] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4254'. [ 2163.181272][ T5285] usb 4-1: USB disconnect, device number 50 [ 2163.529707][T20872] FAULT_INJECTION: forcing a failure. [ 2163.529707][T20872] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2163.597260][T20872] CPU: 0 UID: 0 PID: 20872 Comm: syz.3.4258 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2163.608087][T20872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2163.618193][T20872] Call Trace: [ 2163.621513][T20872] [ 2163.624485][T20872] dump_stack_lvl+0x241/0x360 [ 2163.629217][T20872] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2163.634469][T20872] ? __pfx__printk+0x10/0x10 [ 2163.639128][T20872] ? __pfx_lock_release+0x10/0x10 [ 2163.644214][T20872] ? vfs_write+0x7c4/0xc90 [ 2163.648780][T20872] should_fail_ex+0x3b0/0x4e0 [ 2163.653980][T20872] _copy_from_user+0x2f/0xe0 [ 2163.658596][T20872] __sys_bpf+0x1a4/0x810 [ 2163.662903][T20872] ? __pfx___sys_bpf+0x10/0x10 [ 2163.667710][T20872] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 2163.673827][T20872] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 2163.680224][T20872] ? do_syscall_64+0x100/0x230 [ 2163.685008][T20872] __x64_sys_bpf+0x7c/0x90 [ 2163.689441][T20872] do_syscall_64+0xf3/0x230 [ 2163.693965][T20872] ? clear_bhb_loop+0x35/0x90 [ 2163.698683][T20872] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2163.704600][T20872] RIP: 0033:0x7fc82c77cef9 [ 2163.709034][T20872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2163.728667][T20872] RSP: 002b:00007fc82d59b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 2163.737140][T20872] RAX: ffffffffffffffda RBX: 00007fc82c935f80 RCX: 00007fc82c77cef9 [ 2163.745170][T20872] RDX: 0000000000000048 RSI: 000000002000e000 RDI: 0000000000000005 [ 2163.753163][T20872] RBP: 00007fc82d59b090 R08: 0000000000000000 R09: 0000000000000000 [ 2163.761160][T20872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2163.769259][T20872] R13: 0000000000000001 R14: 00007fc82c935f80 R15: 00007ffe56402858 [ 2163.777291][T20872] [ 2163.955778][ T5324] usb 2-1: new high-speed USB device number 48 using dummy_hcd [ 2164.174699][ T5324] usb 2-1: Using ep0 maxpacket: 8 [ 2164.205633][ T5324] usb 2-1: config index 0 descriptor too short (expected 6427, got 27) [ 2164.218507][ T5324] usb 2-1: config 0 has too many interfaces: 241, using maximum allowed: 32 [ 2164.426031][ T5324] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 241 [ 2164.440649][ T5324] usb 2-1: config 0 has no interface number 0 [ 2164.451973][ T5324] usb 2-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 2164.468288][ T5324] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 2165.527925][ T5324] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 2165.747851][ T5324] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 2165.848295][ T5324] usb 2-1: New USB device strings: Mfr=228, Product=255, SerialNumber=0 [ 2165.862755][ T5324] usb 2-1: Product: syz [ 2166.048190][ T5324] usb 2-1: Manufacturer: syz [ 2166.235470][T20895] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4265'. [ 2166.236905][ T5324] usb 2-1: config 0 descriptor?? [ 2172.473081][ T5324] usb 2-1: can't set config #0, error -110 [ 2172.632506][ T5324] usb 2-1: USB disconnect, device number 48 [ 2173.319534][T20904] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4268'. [ 2173.474830][ T5324] usb 2-1: new high-speed USB device number 49 using dummy_hcd [ 2173.664475][ T5324] usb 2-1: Using ep0 maxpacket: 16 [ 2173.698019][ T5324] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2173.745657][ T5324] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x1D, changing to 0xD [ 2173.792873][ T5324] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 2173.806972][T20911] FAULT_INJECTION: forcing a failure. [ 2173.806972][T20911] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2173.826356][ T5324] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 2173.846829][T20911] CPU: 0 UID: 0 PID: 20911 Comm: syz.3.4272 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2173.857673][T20911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2173.867771][T20911] Call Trace: [ 2173.871081][T20911] [ 2173.874047][T20911] dump_stack_lvl+0x241/0x360 [ 2173.878766][T20911] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2173.884005][T20911] ? __pfx__printk+0x10/0x10 [ 2173.888645][T20911] ? __pfx_lock_release+0x10/0x10 [ 2173.893727][T20911] should_fail_ex+0x3b0/0x4e0 [ 2173.898446][T20911] _copy_from_user+0x2f/0xe0 [ 2173.903077][T20911] copy_msghdr_from_user+0xae/0x680 [ 2173.908319][T20911] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 2173.914189][T20911] __sys_sendmsg+0x23d/0x3a0 [ 2173.919350][T20911] ? __pfx___sys_sendmsg+0x10/0x10 [ 2173.924506][T20911] ? vfs_write+0x7c4/0xc90 [ 2173.929014][T20911] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 2173.935397][T20911] ? do_syscall_64+0x100/0x230 [ 2173.940197][T20911] ? do_syscall_64+0xb6/0x230 [ 2173.944910][T20911] do_syscall_64+0xf3/0x230 [ 2173.949452][T20911] ? clear_bhb_loop+0x35/0x90 [ 2173.954169][T20911] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2173.960112][T20911] RIP: 0033:0x7fc82c77cef9 [ 2173.964565][T20911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2173.984211][T20911] RSP: 002b:00007fc82d59b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2173.992677][T20911] RAX: ffffffffffffffda RBX: 00007fc82c935f80 RCX: 00007fc82c77cef9 [ 2174.000692][T20911] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003 [ 2174.008706][T20911] RBP: 00007fc82d59b090 R08: 0000000000000000 R09: 0000000000000000 [ 2174.016721][T20911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2174.024726][T20911] R13: 0000000000000000 R14: 00007fc82c935f80 R15: 00007ffe56402858 [ 2174.032747][T20911] [ 2174.101260][T11760] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 2174.111292][ T5324] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 2174.116289][T11760] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 2174.123339][ T5324] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 2174.130360][T11760] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 2174.144431][T11760] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 2174.153799][T11760] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 2174.162263][T11760] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 2174.254392][ T5324] usb 2-1: Manufacturer: syz [ 2174.335481][ T5324] usb 2-1: config 0 descriptor?? [ 2174.382119][ T5324] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 2174.667147][ T147] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2174.759236][T20899] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4267'. [ 2174.812905][T20899] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4267'. [ 2174.920024][ T5285] usb 2-1: USB disconnect, device number 49 [ 2175.142570][ T147] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2175.241547][T20929] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4278'. [ 2175.254282][ T5284] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 2175.328239][ T5239] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 2175.341740][ T5239] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 2175.351922][ T5239] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 2175.362053][ T5239] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 2175.372099][ T5239] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 2175.381989][ T5239] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 2175.469709][ T5284] usb 3-1: Using ep0 maxpacket: 8 [ 2175.486145][ T5284] usb 3-1: config index 0 descriptor too short (expected 6427, got 27) [ 2175.504218][ T5284] usb 3-1: config 0 has too many interfaces: 241, using maximum allowed: 32 [ 2175.524200][ T5284] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 241 [ 2175.533325][ T5284] usb 3-1: config 0 has no interface number 0 [ 2175.545411][ T5284] usb 3-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 2175.558919][ T5284] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 2175.570697][ T5284] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 2175.583759][ T147] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2175.596780][ T5284] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 2175.604248][ T9] usb 2-1: new high-speed USB device number 50 using dummy_hcd [ 2175.613000][ T5284] usb 3-1: New USB device strings: Mfr=228, Product=255, SerialNumber=0 [ 2175.621902][ T5284] usb 3-1: Product: syz [ 2175.626978][ T5284] usb 3-1: Manufacturer: syz [ 2175.639116][T20930] syzkaller1: entered promiscuous mode [ 2175.648246][ T5284] usb 3-1: config 0 descriptor?? [ 2175.666766][T20925] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 2175.690927][T20930] syzkaller1: entered allmulticast mode [ 2175.812333][ T147] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2175.854494][ T9] usb 2-1: device descriptor read/64, error -71 [ 2175.984632][T20940] FAULT_INJECTION: forcing a failure. [ 2175.984632][T20940] name failslab, interval 1, probability 0, space 0, times 0 [ 2175.999003][T20940] CPU: 0 UID: 0 PID: 20940 Comm: syz.3.4279 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2176.009850][T20940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2176.019955][T20940] Call Trace: [ 2176.023267][T20940] [ 2176.026225][T20940] dump_stack_lvl+0x241/0x360 [ 2176.030954][T20940] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2176.036203][T20940] ? __pfx__printk+0x10/0x10 [ 2176.040839][T20940] ? kmem_cache_alloc_noprof+0x44/0x2a0 [ 2176.046435][T20940] ? __pfx___might_resched+0x10/0x10 [ 2176.051778][T20940] should_fail_ex+0x3b0/0x4e0 [ 2176.056507][T20940] ? getname_flags+0xb7/0x540 [ 2176.061232][T20940] should_failslab+0xac/0x100 [ 2176.066043][T20940] ? getname_flags+0xb7/0x540 [ 2176.070781][T20940] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 2176.076219][T20940] getname_flags+0xb7/0x540 [ 2176.080769][T20940] do_sys_openat2+0xd2/0x1d0 [ 2176.085407][T20940] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 2176.091438][T20940] ? __pfx_do_sys_openat2+0x10/0x10 [ 2176.096682][T20940] ? __fget_files+0x3f6/0x470 [ 2176.101413][T20940] __x64_sys_openat+0x247/0x2a0 [ 2176.106313][T20940] ? __pfx___x64_sys_openat+0x10/0x10 [ 2176.111739][T20940] ? do_syscall_64+0x100/0x230 [ 2176.116566][T20940] ? do_syscall_64+0xb6/0x230 [ 2176.121302][T20940] do_syscall_64+0xf3/0x230 [ 2176.125858][T20940] ? clear_bhb_loop+0x35/0x90 [ 2176.130588][T20940] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2176.136615][T20940] RIP: 0033:0x7fc82c77b890 [ 2176.141066][T20940] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44 [ 2176.160721][T20940] RSP: 002b:00007fc82d579f60 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 2176.169189][T20940] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc82c77b890 [ 2176.177213][T20940] RDX: 0000000000000000 RSI: 00007fc82c7ef136 RDI: 00000000ffffff9c [ 2176.185299][T20940] RBP: 00007fc82c7ef136 R08: 0000000000000000 R09: 0000000000000000 [ 2176.193328][T20940] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 2176.194524][T11760] Bluetooth: hci2: command tx timeout [ 2176.201444][T20940] R13: 0000000000000000 R14: 00007fc82c936058 R15: 00007ffe56402858 [ 2176.201489][T20940] [ 2176.224253][ T5284] usb 3-1: USB disconnect, device number 41 [ 2176.405982][T20940] xt_hashlimit: max too large, truncated to 1048576 [ 2176.536915][ T9] usb 2-1: new high-speed USB device number 51 using dummy_hcd [ 2176.864695][ T9] usb 2-1: device descriptor read/64, error -71 [ 2176.988663][ T9] usb usb2-port1: attempt power cycle [ 2177.340138][ T147] bridge_slave_1: left allmulticast mode [ 2177.370923][ T147] bridge_slave_1: left promiscuous mode [ 2177.378755][ T147] bridge0: port 2(bridge_slave_1) entered disabled state [ 2177.392223][ T147] bridge_slave_0: left allmulticast mode [ 2177.398500][ T147] bridge_slave_0: left promiscuous mode [ 2177.404573][ T147] bridge0: port 1(bridge_slave_0) entered disabled state [ 2177.445303][ T9] usb 2-1: new high-speed USB device number 52 using dummy_hcd [ 2177.487293][T11760] Bluetooth: hci4: command tx timeout [ 2177.507799][T20956] No control pipe specified [ 2177.532319][ T9] usb 2-1: device descriptor read/8, error -71 [ 2177.864696][ T9] usb 2-1: new high-speed USB device number 53 using dummy_hcd [ 2178.028988][ T9] usb 2-1: device descriptor read/8, error -71 [ 2178.235471][ T9] usb usb2-port1: unable to enumerate USB device [ 2178.274788][T11760] Bluetooth: hci2: command tx timeout [ 2178.467168][T20960] FAULT_INJECTION: forcing a failure. [ 2178.467168][T20960] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2178.487379][T20960] CPU: 0 UID: 0 PID: 20960 Comm: syz.3.4283 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2178.498237][T20960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2178.508336][T20960] Call Trace: [ 2178.511648][T20960] [ 2178.514610][T20960] dump_stack_lvl+0x241/0x360 [ 2178.519340][T20960] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2178.524585][T20960] ? __pfx__printk+0x10/0x10 [ 2178.529217][T20960] ? __pfx_lock_release+0x10/0x10 [ 2178.534301][T20960] should_fail_ex+0x3b0/0x4e0 [ 2178.539031][T20960] _copy_from_user+0x2f/0xe0 [ 2178.543680][T20960] copy_msghdr_from_user+0xae/0x680 [ 2178.548943][T20960] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 2178.554822][T20960] __sys_sendmsg+0x23d/0x3a0 [ 2178.559487][T20960] ? __pfx___sys_sendmsg+0x10/0x10 [ 2178.564651][T20960] ? vfs_write+0x7c4/0xc90 [ 2178.569165][T20960] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 2178.575545][T20960] ? do_syscall_64+0x100/0x230 [ 2178.580364][T20960] ? do_syscall_64+0xb6/0x230 [ 2178.585186][T20960] do_syscall_64+0xf3/0x230 [ 2178.589744][T20960] ? clear_bhb_loop+0x35/0x90 [ 2178.594477][T20960] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2178.600428][T20960] RIP: 0033:0x7fc82c77cef9 [ 2178.604884][T20960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2178.624536][T20960] RSP: 002b:00007fc82d59b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2178.633019][T20960] RAX: ffffffffffffffda RBX: 00007fc82c935f80 RCX: 00007fc82c77cef9 [ 2178.641033][T20960] RDX: 0000000000000050 RSI: 00000000200001c0 RDI: 0000000000000004 [ 2178.649131][T20960] RBP: 00007fc82d59b090 R08: 0000000000000000 R09: 0000000000000000 [ 2178.657137][T20960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2178.665144][T20960] R13: 0000000000000000 R14: 00007fc82c935f80 R15: 00007ffe56402858 [ 2178.673257][T20960] [ 2178.947319][T20964] ceph: No source [ 2179.561452][T11760] Bluetooth: hci4: command tx timeout [ 2179.576277][ T147] team0: Port device bond0 removed [ 2179.584528][ T147] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2179.598499][ T147] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2179.609993][ T147] bond0 (unregistering): Released all slaves [ 2179.651224][T20912] chnl_net:caif_netlink_parms(): no params data found [ 2179.813832][T20971] fuse: Unknown parameter 'group_id00000000000000000000' [ 2180.093923][T20933] chnl_net:caif_netlink_parms(): no params data found [ 2180.355060][T11760] Bluetooth: hci2: command tx timeout [ 2180.404443][ T5283] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 2181.704994][T11760] Bluetooth: hci4: command tx timeout [ 2182.433850][ T147] hsr_slave_0: left promiscuous mode [ 2182.439952][ T5239] Bluetooth: hci2: command tx timeout [ 2182.450985][ T147] hsr_slave_1: left promiscuous mode [ 2182.464054][ T147] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2182.480928][ T147] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2182.494985][ T147] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2182.507409][ T147] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2182.567318][ T147] veth1_macvtap: left promiscuous mode [ 2182.576943][ T147] veth0_macvtap: left promiscuous mode [ 2182.582664][ T147] veth1_vlan: left promiscuous mode [ 2182.593741][ T147] veth0_vlan: left promiscuous mode [ 2182.694299][ T5283] usb 3-1: Using ep0 maxpacket: 8 [ 2182.704376][ T5283] usb 3-1: config index 0 descriptor too short (expected 6427, got 27) [ 2182.712706][ T5283] usb 3-1: config 0 has too many interfaces: 241, using maximum allowed: 32 [ 2182.733450][ T5283] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 241 [ 2182.744351][ T5283] usb 3-1: config 0 has no interface number 0 [ 2182.750852][ T5283] usb 3-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 2182.768023][ T5283] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 2182.779701][ T5283] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 2182.843372][ T5283] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 2182.882149][ T5283] usb 3-1: New USB device strings: Mfr=228, Product=255, SerialNumber=0 [ 2182.890940][ T5283] usb 3-1: Product: syz [ 2182.895542][ T5283] usb 3-1: Manufacturer: syz [ 2182.912052][ T5283] usb 3-1: config 0 descriptor?? [ 2182.940878][T20978] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 2182.955560][T20994] FAULT_INJECTION: forcing a failure. [ 2182.955560][T20994] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2182.972980][T20994] CPU: 0 UID: 0 PID: 20994 Comm: syz.1.4294 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2182.983818][T20994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2182.993902][T20994] Call Trace: [ 2182.997229][T20994] [ 2183.000198][T20994] dump_stack_lvl+0x241/0x360 [ 2183.004930][T20994] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2183.010260][T20994] ? __pfx__printk+0x10/0x10 [ 2183.014896][T20994] ? __pfx_lock_release+0x10/0x10 [ 2183.019998][T20994] should_fail_ex+0x3b0/0x4e0 [ 2183.024729][T20994] _copy_from_user+0x2f/0xe0 [ 2183.029374][T20994] copy_msghdr_from_user+0xae/0x680 [ 2183.034635][T20994] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 2183.040504][T20994] __sys_sendmsg+0x23d/0x3a0 [ 2183.045161][T20994] ? __pfx___sys_sendmsg+0x10/0x10 [ 2183.050417][T20994] ? vfs_write+0x7c4/0xc90 [ 2183.054945][T20994] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 2183.061334][T20994] ? do_syscall_64+0x100/0x230 [ 2183.066332][T20994] ? do_syscall_64+0xb6/0x230 [ 2183.071246][T20994] do_syscall_64+0xf3/0x230 [ 2183.075812][T20994] ? clear_bhb_loop+0x35/0x90 [ 2183.075859][ T5283] usb 3-1: USB disconnect, device number 42 [ 2183.080628][T20994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2183.080665][T20994] RIP: 0033:0x7f39ea17cef9 [ 2183.097216][T20994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2183.116883][T20994] RSP: 002b:00007f39eaee5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2183.125354][T20994] RAX: ffffffffffffffda RBX: 00007f39ea335f80 RCX: 00007f39ea17cef9 [ 2183.133381][T20994] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2183.141400][T20994] RBP: 00007f39eaee5090 R08: 0000000000000000 R09: 0000000000000000 [ 2183.149419][T20994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2183.157445][T20994] R13: 0000000000000000 R14: 00007f39ea335f80 R15: 00007ffd3ee389d8 [ 2183.165503][T20994] [ 2183.168638][ C0] vkms_vblank_simulate: vblank timer overrun [ 2183.714630][ T5239] Bluetooth: hci4: command tx timeout [ 2183.964316][ T147] team0 (unregistering): Port device team_slave_1 removed [ 2184.048242][ T147] team0 (unregistering): Port device team_slave_0 removed [ 2185.231253][T20912] bridge0: port 1(bridge_slave_0) entered blocking state [ 2185.251761][T20912] bridge0: port 1(bridge_slave_0) entered disabled state [ 2185.273151][T20912] bridge_slave_0: entered allmulticast mode [ 2185.295919][T20912] bridge_slave_0: entered promiscuous mode [ 2185.469572][T20912] bridge0: port 2(bridge_slave_1) entered blocking state [ 2185.506367][T20912] bridge0: port 2(bridge_slave_1) entered disabled state [ 2185.513720][T20912] bridge_slave_1: entered allmulticast mode [ 2185.537911][T20912] bridge_slave_1: entered promiscuous mode [ 2185.698315][T20912] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2185.743666][T20933] bridge0: port 1(bridge_slave_0) entered blocking state [ 2185.772618][T20933] bridge0: port 1(bridge_slave_0) entered disabled state [ 2185.803242][T20933] bridge_slave_0: entered allmulticast mode [ 2185.814262][T20933] bridge_slave_0: entered promiscuous mode [ 2185.847124][T20933] bridge0: port 2(bridge_slave_1) entered blocking state [ 2185.867647][T20933] bridge0: port 2(bridge_slave_1) entered disabled state [ 2185.883486][T20933] bridge_slave_1: entered allmulticast mode [ 2185.891824][T20933] bridge_slave_1: entered promiscuous mode [ 2185.915677][T20912] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2186.000305][T20912] team0: Port device team_slave_0 added [ 2186.081676][T20912] team0: Port device team_slave_1 added [ 2186.113149][T20933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2186.135553][T20933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2186.163631][T20912] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2186.171429][T20912] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2186.208983][T20912] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2186.214323][ T5283] usb 2-1: new high-speed USB device number 54 using dummy_hcd [ 2186.278907][T20912] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2186.295424][T20912] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2186.325274][T20912] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2186.350319][T20933] team0: Port device team_slave_0 added [ 2186.414484][ T5283] usb 2-1: Using ep0 maxpacket: 8 [ 2186.422046][ T5283] usb 2-1: config index 0 descriptor too short (expected 6427, got 27) [ 2186.446639][T20933] team0: Port device team_slave_1 added [ 2186.464948][ T5283] usb 2-1: config 0 has too many interfaces: 241, using maximum allowed: 32 [ 2186.473746][ T5283] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 241 [ 2186.516405][ T5283] usb 2-1: config 0 has no interface number 0 [ 2186.522595][ T5283] usb 2-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 2186.554172][ T5283] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 2186.574174][ T5283] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 2186.596629][ T5283] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 2186.614195][ T5283] usb 2-1: New USB device strings: Mfr=228, Product=255, SerialNumber=0 [ 2186.622614][ T5283] usb 2-1: Product: syz [ 2186.626366][T20912] hsr_slave_0: entered promiscuous mode [ 2186.644305][ T5283] usb 2-1: Manufacturer: syz [ 2186.649577][T20912] hsr_slave_1: entered promiscuous mode [ 2186.656107][ T5283] usb 2-1: config 0 descriptor?? [ 2186.657030][T21021] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 2186.675193][T20912] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2186.695129][T20912] Cannot create hsr debugfs directory [ 2186.747492][T20933] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2186.784359][T20933] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2186.844492][T20933] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2186.894186][T20933] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2186.902634][T20933] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2186.936608][T20933] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2187.131439][T21028] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4306'. [ 2187.142510][T20933] hsr_slave_0: entered promiscuous mode [ 2187.149312][T21021] binder_alloc: 21020: binder_alloc_buf, no vma [ 2187.165179][ T5283] usb 2-1: USB disconnect, device number 54 [ 2187.179948][T20933] hsr_slave_1: entered promiscuous mode [ 2187.200321][T20933] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2187.229443][T20933] Cannot create hsr debugfs directory [ 2187.353478][ T147] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2187.628220][ T147] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2187.944064][ T147] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2188.136658][ T147] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2188.639720][T21047] FAULT_INJECTION: forcing a failure. [ 2188.639720][T21047] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2188.660792][T21047] CPU: 0 UID: 0 PID: 21047 Comm: syz.3.4312 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2188.671660][T21047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2188.681784][T21047] Call Trace: [ 2188.685104][T21047] [ 2188.688081][T21047] dump_stack_lvl+0x241/0x360 [ 2188.692825][T21047] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2188.698084][T21047] ? __pfx__printk+0x10/0x10 [ 2188.702728][T21047] ? __pfx_lock_release+0x10/0x10 [ 2188.707817][T21047] should_fail_ex+0x3b0/0x4e0 [ 2188.712553][T21047] _copy_from_user+0x2f/0xe0 [ 2188.717205][T21047] copy_msghdr_from_user+0xae/0x680 [ 2188.722467][T21047] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 2188.728353][T21047] do_recvmmsg+0x40f/0xae0 [ 2188.732839][T21047] ? __pfx_lock_release+0x10/0x10 [ 2188.737944][T21047] ? __pfx_do_recvmmsg+0x10/0x10 [ 2188.742977][T21047] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 2188.748953][T21047] ? ksys_write+0x23e/0x2c0 [ 2188.753519][T21047] ? __pfx_lock_release+0x10/0x10 [ 2188.758618][T21047] ? vfs_write+0x7c4/0xc90 [ 2188.763109][T21047] ? __mutex_unlock_slowpath+0x21d/0x750 [ 2188.768817][T21047] ? __fget_files+0x3f6/0x470 [ 2188.773581][T21047] __x64_sys_recvmmsg+0x199/0x250 [ 2188.778688][T21047] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 2188.784292][T21047] ? do_syscall_64+0x100/0x230 [ 2188.789098][T21047] ? do_syscall_64+0xb6/0x230 [ 2188.793815][T21047] do_syscall_64+0xf3/0x230 [ 2188.798360][T21047] ? clear_bhb_loop+0x35/0x90 [ 2188.803181][T21047] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2188.809132][T21047] RIP: 0033:0x7fc82c77cef9 [ 2188.813715][T21047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2188.833410][T21047] RSP: 002b:00007fc82d59b038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 2188.841885][T21047] RAX: ffffffffffffffda RBX: 00007fc82c935f80 RCX: 00007fc82c77cef9 [ 2188.849926][T21047] RDX: 040000000000012d RSI: 0000000020000080 RDI: 0000000000000003 [ 2188.857941][T21047] RBP: 00007fc82d59b090 R08: 0000000000000000 R09: 0000000000000000 [ 2188.865953][T21047] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 2188.873964][T21047] R13: 0000000000000000 R14: 00007fc82c935f80 R15: 00007ffe56402858 [ 2188.882088][T21047] [ 2189.546651][ T147] bridge_slave_1: left allmulticast mode [ 2189.562558][ T147] bridge_slave_1: left promiscuous mode [ 2189.575402][ T147] bridge0: port 2(bridge_slave_1) entered disabled state [ 2189.596511][ T147] bridge_slave_0: left allmulticast mode [ 2189.604669][ T147] bridge_slave_0: left promiscuous mode [ 2189.626678][ T147] bridge0: port 1(bridge_slave_0) entered disabled state [ 2189.806187][ T5285] usb 2-1: new high-speed USB device number 55 using dummy_hcd [ 2190.009490][ T5285] usb 2-1: Using ep0 maxpacket: 8 [ 2190.018269][ T5285] usb 2-1: config index 0 descriptor too short (expected 6427, got 27) [ 2190.047401][ T5285] usb 2-1: config 0 has too many interfaces: 241, using maximum allowed: 32 [ 2190.066585][ T5285] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 241 [ 2190.101617][ T5285] usb 2-1: config 0 has no interface number 0 [ 2190.108735][ T5285] usb 2-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 2190.149496][ T5285] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 2190.168550][ T5285] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 2190.208934][ T5285] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 2190.218277][ T5285] usb 2-1: New USB device strings: Mfr=228, Product=255, SerialNumber=0 [ 2190.227484][ T5285] usb 2-1: Product: syz [ 2190.231853][ T5285] usb 2-1: Manufacturer: syz [ 2190.254452][ T5285] usb 2-1: config 0 descriptor?? [ 2190.268620][T21064] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 2190.289347][T21072] netlink: 'syz.3.4320': attribute type 75 has an invalid length. [ 2190.497953][T21064] binder_alloc: 21063: binder_alloc_buf, no vma [ 2190.522669][ T5285] usb 2-1: USB disconnect, device number 55 [ 2190.619540][ T147] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2190.633953][ T147] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2190.647531][ T147] bond0 (unregistering): Released all slaves [ 2191.936098][T21082] FAULT_INJECTION: forcing a failure. [ 2191.936098][T21082] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2191.970034][T21082] CPU: 1 UID: 0 PID: 21082 Comm: syz.3.4323 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2191.980929][T21082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2191.991027][T21082] Call Trace: [ 2191.994425][T21082] [ 2191.997400][T21082] dump_stack_lvl+0x241/0x360 [ 2192.002125][T21082] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2192.007363][T21082] ? __pfx__printk+0x10/0x10 [ 2192.011996][T21082] ? __pfx_lock_release+0x10/0x10 [ 2192.017076][T21082] should_fail_ex+0x3b0/0x4e0 [ 2192.021797][T21082] _copy_from_user+0x2f/0xe0 [ 2192.026525][T21082] sk_setsockopt+0x2e0/0x3390 [ 2192.031245][T21082] ? mark_lock+0x9a/0x350 [ 2192.035643][T21082] ? __pfx_sk_setsockopt+0x10/0x10 [ 2192.040818][T21082] ? __pfx_lock_acquire+0x10/0x10 [ 2192.045888][T21082] ? __fget_files+0x29/0x470 [ 2192.050509][T21082] ? __mutex_unlock_slowpath+0x21d/0x750 [ 2192.056176][T21082] ? __pfx_lock_release+0x10/0x10 [ 2192.061353][T21082] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 2192.067038][T21082] ? security_socket_setsockopt+0x87/0xb0 [ 2192.072802][T21082] do_sock_setsockopt+0x2fb/0x720 [ 2192.077880][T21082] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 2192.083469][T21082] ? __fget_files+0x29/0x470 [ 2192.088101][T21082] ? __fget_files+0x3f6/0x470 [ 2192.092862][T21082] __sys_setsockopt+0x1ae/0x250 [ 2192.097764][T21082] __x64_sys_setsockopt+0xb5/0xd0 [ 2192.102832][T21082] do_syscall_64+0xf3/0x230 [ 2192.107419][T21082] ? clear_bhb_loop+0x35/0x90 [ 2192.112141][T21082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2192.118075][T21082] RIP: 0033:0x7fc82c77cef9 [ 2192.122525][T21082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2192.142174][T21082] RSP: 002b:00007fc82d59b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 2192.150657][T21082] RAX: ffffffffffffffda RBX: 00007fc82c935f80 RCX: 00007fc82c77cef9 [ 2192.158760][T21082] RDX: 0000000000000026 RSI: 0000000000000001 RDI: 0000000000000003 [ 2192.166763][T21082] RBP: 00007fc82d59b090 R08: 0000000000000004 R09: 0000000000000000 [ 2192.174856][T21082] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 2192.182874][T21082] R13: 0000000000000000 R14: 00007fc82c935f80 R15: 00007ffe56402858 [ 2192.190908][T21082] [ 2192.783091][ T147] hsr_slave_0: left promiscuous mode [ 2192.815077][ T147] hsr_slave_1: left promiscuous mode [ 2192.830018][ T147] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2192.841976][ T147] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2193.168752][ T147] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2193.385040][ T147] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2193.537270][T21107] kernel profiling enabled (shift: 17) [ 2194.379650][ T147] veth1_macvtap: left promiscuous mode [ 2194.399961][ T147] veth0_macvtap: left promiscuous mode [ 2194.423417][ T147] veth1_vlan: left promiscuous mode [ 2194.430525][ T147] veth0_vlan: left promiscuous mode [ 2195.213488][T21112] binder_alloc: 21111: binder_alloc_buf, no vma [ 2195.772298][ T147] team0 (unregistering): Port device team_slave_1 removed [ 2195.849273][ T147] team0 (unregistering): Port device team_slave_0 removed [ 2196.969037][T21127] FAULT_INJECTION: forcing a failure. [ 2196.969037][T21127] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2196.986888][T20912] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2197.017504][T21127] CPU: 0 UID: 0 PID: 21127 Comm: syz.3.4338 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2197.028354][T21127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2197.038450][T21127] Call Trace: [ 2197.041746][T21127] [ 2197.044687][T21127] dump_stack_lvl+0x241/0x360 [ 2197.049392][T21127] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2197.054697][T21127] ? __pfx__printk+0x10/0x10 [ 2197.059307][T21127] ? __pfx_lock_release+0x10/0x10 [ 2197.064361][T21127] should_fail_ex+0x3b0/0x4e0 [ 2197.069062][T21127] _copy_from_user+0x2f/0xe0 [ 2197.073674][T21127] copy_msghdr_from_user+0xae/0x680 [ 2197.078898][T21127] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 2197.084735][T21127] __sys_sendmsg+0x23d/0x3a0 [ 2197.089353][T21127] ? __pfx___sys_sendmsg+0x10/0x10 [ 2197.094483][T21127] ? vfs_write+0x7c4/0xc90 [ 2197.098958][T21127] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 2197.105313][T21127] ? do_syscall_64+0x100/0x230 [ 2197.110131][T21127] ? do_syscall_64+0xb6/0x230 [ 2197.114829][T21127] do_syscall_64+0xf3/0x230 [ 2197.119348][T21127] ? clear_bhb_loop+0x35/0x90 [ 2197.124072][T21127] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2197.130000][T21127] RIP: 0033:0x7fc82c77cef9 [ 2197.134428][T21127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2197.154088][T21127] RSP: 002b:00007fc82d59b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2197.162546][T21127] RAX: ffffffffffffffda RBX: 00007fc82c935f80 RCX: 00007fc82c77cef9 [ 2197.170533][T21127] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000003 [ 2197.178539][T21127] RBP: 00007fc82d59b090 R08: 0000000000000000 R09: 0000000000000000 [ 2197.186524][T21127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2197.194508][T21127] R13: 0000000000000000 R14: 00007fc82c935f80 R15: 00007ffe56402858 [ 2197.202508][T21127] [ 2197.205676][ C0] vkms_vblank_simulate: vblank timer overrun [ 2197.265512][T20912] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2197.419208][T20912] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2197.628107][T20912] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2198.903485][T20933] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 2198.981775][T20933] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 2199.040110][T20933] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 2199.067621][T20933] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 2199.431745][T20912] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2199.510806][T20912] 8021q: adding VLAN 0 to HW filter on device team0 [ 2199.597493][ T2951] bridge0: port 1(bridge_slave_0) entered blocking state [ 2199.604758][ T2951] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2199.678064][T20933] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2199.710021][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 2199.717268][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2199.851750][T20933] 8021q: adding VLAN 0 to HW filter on device team0 [ 2199.969093][T18177] bridge0: port 1(bridge_slave_0) entered blocking state [ 2199.976416][T18177] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2200.073245][ T2951] bridge0: port 2(bridge_slave_1) entered blocking state [ 2200.080672][ T2951] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2200.648755][T21181] FAULT_INJECTION: forcing a failure. [ 2200.648755][T21181] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2200.662995][T21181] CPU: 1 UID: 0 PID: 21181 Comm: syz.2.4354 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2200.673811][T21181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2200.683992][T21181] Call Trace: [ 2200.687301][T21181] [ 2200.690258][T21181] dump_stack_lvl+0x241/0x360 [ 2200.694979][T21181] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2200.700212][T21181] ? __pfx__printk+0x10/0x10 [ 2200.704839][T21181] ? __pfx_lock_release+0x10/0x10 [ 2200.709915][T21181] ? lockdep_hardirqs_on+0x99/0x150 [ 2200.715332][T21181] should_fail_ex+0x3b0/0x4e0 [ 2200.720050][T21181] _copy_from_user+0x2f/0xe0 [ 2200.724684][T21181] __sys_bpf+0x1a4/0x810 [ 2200.728968][T21181] ? __pfx___sys_bpf+0x10/0x10 [ 2200.733788][T21181] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 2200.739918][T21181] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 2200.746385][T21181] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 2200.752766][T21181] __x64_sys_bpf+0x7c/0x90 [ 2200.757223][T21181] do_syscall_64+0xf3/0x230 [ 2200.761764][T21181] ? clear_bhb_loop+0x35/0x90 [ 2200.766508][T21181] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2200.772461][T21181] RIP: 0033:0x7f9729f7cef9 [ 2200.776925][T21181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2200.796665][T21181] RSP: 002b:00007f972adc0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 2200.805125][T21181] RAX: ffffffffffffffda RBX: 00007f972a136130 RCX: 00007f9729f7cef9 [ 2200.813217][T21181] RDX: 0000000000000070 RSI: 0000000020000040 RDI: 0000000000000005 [ 2200.821241][T21181] RBP: 00007f972adc0090 R08: 0000000000000000 R09: 0000000000000000 [ 2200.829249][T21181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2200.837256][T21181] R13: 0000000000000001 R14: 00007f972a136130 R15: 00007ffeb2bfc168 [ 2200.845285][T21181] [ 2201.209413][T20912] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2202.255215][ T5356] usb 2-1: new high-speed USB device number 56 using dummy_hcd [ 2202.509102][ T5356] usb 2-1: config 0 interface 0 has no altsetting 0 [ 2202.535103][ T5356] usb 2-1: New USB device found, idVendor=0e41, idProduct=4150, bcdDevice=1f.c8 [ 2202.567729][ T5356] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2202.615948][ T5356] usb 2-1: config 0 descriptor?? [ 2202.659406][ T5356] snd_usb_toneport 2-1:0.0: Line 6 POD Studio UX1 found [ 2202.885969][ T5356] snd_usb_toneport 2-1:0.0: cannot get proper max packet size [ 2202.896270][ T5356] snd_usb_toneport 2-1:0.0: Line 6 POD Studio UX1 now disconnected [ 2202.913411][ T5356] snd_usb_toneport 2-1:0.0: probe with driver snd_usb_toneport failed with error -22 [ 2203.057600][T20912] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2203.095438][ T5283] usb 4-1: new high-speed USB device number 51 using dummy_hcd [ 2203.185463][ T5285] usb 2-1: USB disconnect, device number 56 [ 2203.334933][ T5283] usb 4-1: Using ep0 maxpacket: 8 [ 2203.379293][ T5283] usb 4-1: config 0 has an invalid interface number: 191 but max is 0 [ 2203.414910][ T5283] usb 4-1: config 0 has no interface number 0 [ 2203.434646][ T5283] usb 4-1: config 0 interface 191 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 2203.459050][T20933] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2203.471681][ T5283] usb 4-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=b6.36 [ 2203.496150][ T5283] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2203.521818][ T5283] usb 4-1: Product: syz [ 2203.546165][ T5283] usb 4-1: Manufacturer: syz [ 2203.572213][T21213] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4361'. [ 2203.584509][ T5283] usb 4-1: SerialNumber: syz [ 2203.601671][ T5283] usb 4-1: config 0 descriptor?? [ 2203.640025][ T5283] em28xx 4-1:0.191: New device syz syz @ 480 Mbps (0413:6023, interface 191, class 191) [ 2203.669376][ T5283] em28xx 4-1:0.191: Video interface 191 found: [ 2203.687634][T20933] veth0_vlan: entered promiscuous mode [ 2203.759285][T20933] veth1_vlan: entered promiscuous mode [ 2203.879349][T21202] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2203.936804][T21202] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2203.970903][T20912] veth0_vlan: entered promiscuous mode [ 2204.257898][T20912] veth1_vlan: entered promiscuous mode [ 2204.301373][T20933] veth0_macvtap: entered promiscuous mode [ 2204.447679][ T5283] em28xx 4-1:0.191: unknown em28xx chip ID (0) [ 2205.087263][T20933] veth1_macvtap: entered promiscuous mode [ 2205.168166][ T5283] em28xx 4-1:0.191: failed to trigger read from i2c address 0xa0 (error=-5) [ 2205.199387][ T5283] em28xx 4-1:0.191: board has no eeprom [ 2205.246924][T20933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2205.268394][T20933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2205.284279][ T5283] em28xx 4-1:0.191: Identified as Leadtek Winfast USB II (card=7) [ 2205.285054][T20933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2205.295477][ T5283] em28xx 4-1:0.191: analog set to bulk mode. [ 2205.305680][T20933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2205.320936][T20933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2205.331888][ T5284] em28xx 4-1:0.191: Registering V4L2 extension [ 2205.332877][T20933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2205.351675][ T5283] usb 4-1: USB disconnect, device number 51 [ 2205.370561][T20933] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2205.422075][T20912] veth0_macvtap: entered promiscuous mode [ 2205.439634][ T5283] em28xx 4-1:0.191: Disconnecting em28xx [ 2205.498554][T20912] veth1_macvtap: entered promiscuous mode [ 2205.559072][T20933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2205.572389][T20933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2205.591392][T20933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2205.613387][T20933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2205.631670][T20933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2205.643550][T20933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2205.690323][T20933] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2205.791722][T20933] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2205.839874][ T5284] em28xx 4-1:0.191: Config register raw data: 0xffffffed [ 2205.844319][T20933] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2205.853271][ T5284] em28xx 4-1:0.191: AC97 chip type couldn't be determined [ 2205.863390][ T5284] em28xx 4-1:0.191: No AC97 audio processor [ 2205.864931][T20933] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2205.880352][T20933] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2205.943959][ T5284] usb 4-1: Decoder not found [ 2205.960006][ T5284] em28xx 4-1:0.191: failed to create media graph [ 2205.975318][T20912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2205.993990][ T5284] em28xx 4-1:0.191: V4L2 device video71 deregistered [ 2206.035521][T20912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2206.037544][ T5284] em28xx 4-1:0.191: Remote control support is not available for this card. [ 2206.085230][T20912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2206.089713][ T5283] em28xx 4-1:0.191: Closing input extension [ 2206.117556][T20912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2206.148152][T20912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2206.157121][ T5283] em28xx 4-1:0.191: Freeing device [ 2206.174579][T20912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2206.187115][T20912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2206.232615][T20912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2206.234427][ T5324] usb 2-1: new high-speed USB device number 57 using dummy_hcd [ 2206.256600][T20912] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2206.347836][T20912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2206.405604][T20912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2206.448236][T20912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2206.451325][T21243] binder: BINDER_SET_CONTEXT_MGR already set [ 2206.467046][T21243] binder: 21242:21243 ioctl 4018620d 20000040 returned -16 [ 2206.478369][ T5324] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2206.480725][T20912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2206.508961][T20912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2206.511341][ T5324] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2206.526579][T20912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2206.547989][T20912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2206.555088][ T5324] usb 2-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 2206.560221][T20912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2206.584583][ T5324] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2206.586976][T20912] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2206.618330][ T5324] usb 2-1: config 0 descriptor?? [ 2206.772977][T20912] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2206.794839][T20912] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2206.803775][T20912] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2206.822914][T20912] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2207.907503][ T5324] arvo 0003:1E7D:30D4.002A: unknown main item tag 0x0 [ 2207.966879][ T5324] arvo 0003:1E7D:30D4.002A: unknown main item tag 0x0 [ 2208.065154][ T5324] arvo 0003:1E7D:30D4.002A: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.1-1/input0 [ 2208.154837][ T2559] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2208.224484][ T2559] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2208.450515][T18177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2208.540874][T18177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2208.591557][T10894] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2208.670678][T10894] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2208.761539][T10894] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2208.832077][T10894] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2209.535315][ T5324] usb 2-1: USB disconnect, device number 57 [ 2210.029664][T21273] FAULT_INJECTION: forcing a failure. [ 2210.029664][T21273] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2210.950682][T21273] CPU: 0 UID: 0 PID: 21273 Comm: syz.4.4266 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2210.961520][T21273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2210.971599][T21273] Call Trace: [ 2210.974899][T21273] [ 2210.977868][T21273] dump_stack_lvl+0x241/0x360 [ 2210.982570][T21273] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2210.987788][T21273] ? __pfx__printk+0x10/0x10 [ 2210.992399][T21273] ? __pfx_lock_release+0x10/0x10 [ 2210.997452][T21273] should_fail_ex+0x3b0/0x4e0 [ 2211.002151][T21273] _copy_from_user+0x2f/0xe0 [ 2211.006780][T21273] sk_setsockopt+0x26d/0x3390 [ 2211.011476][T21273] ? mark_lock+0x9a/0x350 [ 2211.015839][T21273] ? __pfx_sk_setsockopt+0x10/0x10 [ 2211.020993][T21273] ? __pfx_lock_acquire+0x10/0x10 [ 2211.026045][T21273] ? __fget_files+0x29/0x470 [ 2211.030650][T21273] ? __mutex_unlock_slowpath+0x21d/0x750 [ 2211.036308][T21273] ? __pfx_lock_release+0x10/0x10 [ 2211.041359][T21273] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 2211.046928][T21273] ? security_socket_setsockopt+0x87/0xb0 [ 2211.052673][T21273] do_sock_setsockopt+0x2fb/0x720 [ 2211.057735][T21273] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 2211.063304][T21273] ? __fget_files+0x29/0x470 [ 2211.067913][T21273] ? __fget_files+0x3f6/0x470 [ 2211.072623][T21273] __sys_setsockopt+0x1ae/0x250 [ 2211.077503][T21273] __x64_sys_setsockopt+0xb5/0xd0 [ 2211.082554][T21273] do_syscall_64+0xf3/0x230 [ 2211.087080][T21273] ? clear_bhb_loop+0x35/0x90 [ 2211.091805][T21273] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2211.097742][T21273] RIP: 0033:0x7f4132f7cef9 [ 2211.102179][T21273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2211.121847][T21273] RSP: 002b:00007f4133c98038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 2211.130290][T21273] RAX: ffffffffffffffda RBX: 00007f4133136058 RCX: 00007f4132f7cef9 [ 2211.138291][T21273] RDX: 0000000000000019 RSI: 0000000000000001 RDI: 0000000000000003 [ 2211.146284][T21273] RBP: 00007f4133c98090 R08: 0000000000000000 R09: 0000000000000000 [ 2211.154271][T21273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2211.162257][T21273] R13: 0000000000000001 R14: 00007f4133136058 R15: 00007ffde202f958 [ 2211.170262][T21273] [ 2213.170409][T21290] binder: BINDER_SET_CONTEXT_MGR already set [ 2213.184563][T21290] binder: 21289:21290 ioctl 4018620d 20000040 returned -16 [ 2213.379199][T21299] FAULT_INJECTION: forcing a failure. [ 2213.379199][T21299] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2213.392660][T21299] CPU: 1 UID: 0 PID: 21299 Comm: syz.1.4383 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2213.403481][T21299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2213.413834][T21299] Call Trace: [ 2213.417130][T21299] [ 2213.420097][T21299] dump_stack_lvl+0x241/0x360 [ 2213.424799][T21299] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2213.430028][T21299] ? __pfx__printk+0x10/0x10 [ 2213.434769][T21299] ? __pfx_lock_release+0x10/0x10 [ 2213.439880][T21299] should_fail_ex+0x3b0/0x4e0 [ 2213.444635][T21299] _copy_from_user+0x2f/0xe0 [ 2213.449271][T21299] copy_msghdr_from_user+0xae/0x680 [ 2213.454521][T21299] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 2213.460387][T21299] __sys_sendmsg+0x23d/0x3a0 [ 2213.464999][T21299] ? __pfx___sys_sendmsg+0x10/0x10 [ 2213.470314][T21299] ? vfs_write+0x7c4/0xc90 [ 2213.474806][T21299] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 2213.481177][T21299] ? do_syscall_64+0x100/0x230 [ 2213.485975][T21299] ? do_syscall_64+0xb6/0x230 [ 2213.490665][T21299] do_syscall_64+0xf3/0x230 [ 2213.495199][T21299] ? clear_bhb_loop+0x35/0x90 [ 2213.499919][T21299] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2213.505941][T21299] RIP: 0033:0x7f39ea17cef9 [ 2213.510403][T21299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2213.530211][T21299] RSP: 002b:00007f39eaea3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2213.538648][T21299] RAX: ffffffffffffffda RBX: 00007f39ea336130 RCX: 00007f39ea17cef9 [ 2213.546742][T21299] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 000000000000000c [ 2213.554753][T21299] RBP: 00007f39eaea3090 R08: 0000000000000000 R09: 0000000000000000 [ 2213.562730][T21299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2213.570728][T21299] R13: 0000000000000000 R14: 00007f39ea336130 R15: 00007ffd3ee389d8 [ 2213.578763][T21299] [ 2213.581921][ C1] vkms_vblank_simulate: vblank timer overrun [ 2214.454443][ T5283] usb 5-1: new high-speed USB device number 52 using dummy_hcd [ 2215.777219][ T5283] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 2215.815084][T21317] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7) [ 2215.822036][T21317] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 2215.854330][ T5283] usb 5-1: config 0 has no interface number 0 [ 2215.872636][ T5283] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2215.903170][T21317] vhci_hcd vhci_hcd.0: Device attached [ 2215.950334][ T5283] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2216.002251][ T5283] usb 5-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 2216.028975][T21318] vhci_hcd: connection closed [ 2216.051764][ T5283] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2216.261577][ T12] vhci_hcd: stop threads [ 2216.372389][ T5283] usb 5-1: config 0 descriptor?? [ 2216.381655][ T12] vhci_hcd: release socket [ 2216.428162][T10946] usb 9-1: new high-speed USB device number 2 using vhci_hcd [ 2219.350256][ T5283] usb 5-1: can't set config #0, error -71 [ 2219.396287][ T12] vhci_hcd: disconnect device [ 2219.451538][ T5283] usb 5-1: USB disconnect, device number 52 [ 2219.721330][T21337] xt_NFQUEUE: number of queues (65532) out of range (got 75748) [ 2221.737642][ T5283] usb 2-1: new high-speed USB device number 58 using dummy_hcd [ 2222.276670][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 2222.283940][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 2222.324222][ T5283] usb 2-1: Using ep0 maxpacket: 8 [ 2222.544037][ T5283] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0069, bcdDevice=6e.55 [ 2222.727522][ T5283] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2222.924343][ T5283] usb 2-1: Product: syz [ 2222.928583][ T5283] usb 2-1: Manufacturer: syz [ 2222.964323][ T5283] usb 2-1: SerialNumber: syz [ 2222.978137][ T5283] usb 2-1: config 0 descriptor?? [ 2223.015587][ T5283] usb 2-1: can't set config #0, error -71 [ 2223.074295][ T5283] usb 2-1: USB disconnect, device number 58 [ 2224.606994][T21367] input: syz0 as /devices/virtual/input/input99 [ 2224.664743][T10946] vhci_hcd: vhci_device speed not set [ 2224.945510][ T5285] usb 5-1: new high-speed USB device number 53 using dummy_hcd [ 2225.276618][ T5285] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2225.304221][ T5285] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2226.109717][ T5285] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 2226.164136][ T5285] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2226.196963][ T5285] usb 5-1: config 0 descriptor?? [ 2226.954372][ T5284] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 2227.022738][ T5285] arvo 0003:1E7D:30D4.002B: unknown main item tag 0x0 [ 2227.108760][ T5285] arvo 0003:1E7D:30D4.002B: unknown main item tag 0x0 [ 2227.238343][ T5284] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2227.401121][ T5285] arvo 0003:1E7D:30D4.002B: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.4-1/input0 [ 2227.565748][ T5284] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2227.649839][ T5284] usb 3-1: New USB device found, idVendor=056a, idProduct=0317, bcdDevice= 0.00 [ 2227.854312][ T5284] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2227.866086][ T5284] usb 3-1: config 0 descriptor?? [ 2228.577078][T11760] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 2228.597211][T11760] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 2228.606941][T11760] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 2228.629223][T11760] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 2228.637411][T21394] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2228.669523][T11760] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 2228.678133][T11760] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 2228.766689][T21394] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2228.777651][T15381] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 2228.791033][T15381] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 2228.814952][T15381] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 2228.842917][ T5284] wacom 0003:056A:0317.002C: unknown main item tag 0x0 [ 2228.884368][T15381] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 2228.888463][ T5285] usb 5-1: USB disconnect, device number 53 [ 2228.898269][T15381] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 2228.899024][ T5284] wacom 0003:056A:0317.002C: Unknown device_type for 'HID 056a:0317'. Assuming pen. [ 2228.915828][T15381] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 2228.970509][ T5284] wacom 0003:056A:0317.002C: hidraw0: USB HID v0.00 Device [HID 056a:0317] on usb-dummy_hcd.2-1/input0 [ 2228.988784][ T5284] input: Wacom Intuos Pro L Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:0317.002C/input/input100 [ 2229.214535][T20723] usb 2-1: new high-speed USB device number 59 using dummy_hcd [ 2229.424421][T20723] usb 2-1: Using ep0 maxpacket: 32 [ 2229.596620][ T5324] usb 3-1: USB disconnect, device number 43 [ 2229.725318][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2230.033601][T21399] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4410'. [ 2230.177333][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2230.241297][ T5239] Bluetooth: hci3: sending frame failed (-49) [ 2230.261405][T15381] Bluetooth: hci3: Opcode 0x1003 failed: -49 [ 2230.421474][T20723] usb 2-1: unable to get BOS descriptor or descriptor too short [ 2230.461193][T20723] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 2230.474918][T20723] usb 2-1: can't read configurations, error -71 [ 2230.502795][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2230.666848][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2230.754718][T10946] usb 3-1: new high-speed USB device number 44 using dummy_hcd [ 2230.765140][T15381] Bluetooth: hci0: command tx timeout [ 2230.994279][T15381] Bluetooth: hci4: command tx timeout [ 2231.018976][T10946] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 2231.045402][T10946] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 2231.058908][T10946] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 2231.068989][T10946] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2231.107958][T21420] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 2231.151196][T21396] chnl_net:caif_netlink_parms(): no params data found [ 2231.153817][T10946] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 2232.436071][T10946] usb 3-1: USB disconnect, device number 44 [ 2232.647101][ T12] bridge_slave_1: left allmulticast mode [ 2232.658519][T21443] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4419'. [ 2232.675717][ T12] bridge_slave_1: left promiscuous mode [ 2232.681570][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 2232.786227][ T12] bridge_slave_0: left allmulticast mode [ 2232.813955][ T12] bridge_slave_0: left promiscuous mode [ 2232.824652][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 2232.835451][T15381] Bluetooth: hci0: command tx timeout [ 2233.076824][T15381] Bluetooth: hci4: command tx timeout [ 2234.264637][T20723] usb 2-1: new high-speed USB device number 61 using dummy_hcd [ 2235.304174][T15381] Bluetooth: hci0: command tx timeout [ 2235.304578][T14490] Bluetooth: hci4: command tx timeout [ 2235.474651][T20723] usb 2-1: Using ep0 maxpacket: 32 [ 2235.484021][T20723] usb 2-1: config index 0 descriptor too short (expected 29220, got 36) [ 2235.504212][T20723] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 2235.516326][T20723] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 2235.534233][T20723] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 2235.544029][T20723] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 2235.560383][T20723] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 2235.578139][T20723] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 2235.588885][T20723] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 2235.603005][T20723] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 2235.613527][T20723] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2235.625373][T20723] usb 2-1: config 0 descriptor?? [ 2236.609448][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2236.623660][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2236.637829][ T12] bond0 (unregistering): Released all slaves [ 2236.913720][T20723] usb 2-1: can't set config #0, error -71 [ 2236.935781][T20723] usb 2-1: USB disconnect, device number 61 [ 2236.994207][ T5285] usb 5-1: new high-speed USB device number 54 using dummy_hcd [ 2237.010782][T21393] chnl_net:caif_netlink_parms(): no params data found [ 2237.230630][ T5285] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 2237.265483][ T5285] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 2237.280143][ T5285] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 2237.295538][ T5285] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2237.308147][ T5285] usb 5-1: Product: syz [ 2237.314602][ T5239] Bluetooth: hci0: command tx timeout [ 2237.321568][T21396] bridge0: port 1(bridge_slave_0) entered blocking state [ 2237.330083][ T5285] usb 5-1: Manufacturer: syz [ 2237.337086][ T5285] usb 5-1: SerialNumber: syz [ 2237.337182][T21396] bridge0: port 1(bridge_slave_0) entered disabled state [ 2237.355017][T21486] FAULT_INJECTION: forcing a failure. [ 2237.355017][T21486] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2237.358658][ T5285] cdc_ncm 5-1:1.0: skipping garbage [ 2237.388436][T21486] CPU: 0 UID: 0 PID: 21486 Comm: syz.1.4431 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2237.400327][T21486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2237.410571][T21486] Call Trace: [ 2237.413886][T21486] [ 2237.416925][T21486] dump_stack_lvl+0x241/0x360 [ 2237.421702][T21486] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2237.426931][T21486] ? __pfx__printk+0x10/0x10 [ 2237.431564][T21486] ? snprintf+0xda/0x120 [ 2237.435879][T21486] should_fail_ex+0x3b0/0x4e0 [ 2237.440607][T21486] _copy_to_user+0x2f/0xb0 [ 2237.445343][T21486] simple_read_from_buffer+0xca/0x150 [ 2237.450780][T21486] proc_fail_nth_read+0x1ec/0x260 [ 2237.455951][T21486] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2237.462704][T21486] ? rw_verify_area+0x520/0x6b0 [ 2237.468014][T21486] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2237.473798][T21486] vfs_read+0x204/0xbc0 [ 2237.479253][T21486] ? __pfx_current_check_access_socket+0x10/0x10 [ 2237.485643][T21486] ? __pfx_vfs_read+0x10/0x10 [ 2237.490501][T21486] ? bpf_lsm_socket_bind+0x9/0x10 [ 2237.495667][T21486] ? x25_bind+0xb8/0x3d0 [ 2237.499958][T21486] ? __sys_bind+0x256/0x2f0 [ 2237.504516][T21486] ksys_read+0x1a0/0x2c0 [ 2237.508857][T21486] ? __pfx_ksys_read+0x10/0x10 [ 2237.513683][T21486] ? do_syscall_64+0x100/0x230 [ 2237.518559][T21486] ? do_syscall_64+0xb6/0x230 [ 2237.523279][T21486] do_syscall_64+0xf3/0x230 [ 2237.527907][T21486] ? clear_bhb_loop+0x35/0x90 [ 2237.532639][T21486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2237.538678][T21486] RIP: 0033:0x7f39ea17b93c [ 2237.544876][T21486] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 2237.565483][T21486] RSP: 002b:00007f39eaee5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2237.573953][T21486] RAX: ffffffffffffffda RBX: 00007f39ea335f80 RCX: 00007f39ea17b93c [ 2237.581959][T21486] RDX: 000000000000000f RSI: 00007f39eaee50a0 RDI: 0000000000000003 [ 2237.589985][T21486] RBP: 00007f39eaee5090 R08: 0000000000000000 R09: 0000000000000000 [ 2237.598015][T21486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2237.606028][T21486] R13: 0000000000000000 R14: 00007f39ea335f80 R15: 00007ffd3ee389d8 [ 2237.614082][T21486] [ 2237.628767][ T5239] Bluetooth: hci4: command tx timeout [ 2237.676581][T21396] bridge_slave_0: entered allmulticast mode [ 2237.713960][T21396] bridge_slave_0: entered promiscuous mode [ 2237.765031][T21396] bridge0: port 2(bridge_slave_1) entered blocking state [ 2237.824040][T21396] bridge0: port 2(bridge_slave_1) entered disabled state [ 2237.831656][T21396] bridge_slave_1: entered allmulticast mode [ 2237.876735][T21396] bridge_slave_1: entered promiscuous mode [ 2237.956731][ T5239] Bluetooth: hci1: unexpected event 0x04 length: 14 > 10 [ 2238.186838][ T5239] Bluetooth: hci1: unexpected event for opcode 0x042c [ 2239.053299][T21493] syz.2.4433: attempt to access beyond end of device [ 2239.053299][T21493] nbd2: rw=2048, sector=2, nr_sectors = 1 limit=0 [ 2239.072581][T21493] hfsplus: unable to find HFS+ superblock [ 2239.141956][T21495] zonefs (nbd2) ERROR: Not a zoned block device [ 2239.423745][ T12] hsr_slave_0: left promiscuous mode [ 2239.441716][ T12] hsr_slave_1: left promiscuous mode [ 2239.454698][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2239.470319][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2239.482318][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2239.491087][T18768] usb 2-1: new full-speed USB device number 62 using dummy_hcd [ 2239.500825][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2239.536186][ T12] veth1_macvtap: left promiscuous mode [ 2239.546985][ T12] veth0_macvtap: left promiscuous mode [ 2239.553274][ T12] veth1_vlan: left promiscuous mode [ 2239.561104][ T12] veth0_vlan: left promiscuous mode [ 2239.686813][T18768] usb 2-1: config 0 has no interfaces? [ 2239.702719][T18768] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 2239.731342][T18768] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2239.772413][T18768] usb 2-1: config 0 descriptor?? [ 2239.997273][T21498] FAULT_INJECTION: forcing a failure. [ 2239.997273][T21498] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2240.017391][T21498] CPU: 0 UID: 0 PID: 21498 Comm: syz.1.4434 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2240.028412][T21498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2240.038511][T21498] Call Trace: [ 2240.041821][T21498] [ 2240.044767][T21498] dump_stack_lvl+0x241/0x360 [ 2240.049494][T21498] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2240.054728][T21498] ? __pfx__printk+0x10/0x10 [ 2240.059353][T21498] ? snprintf+0xda/0x120 [ 2240.063628][T21498] should_fail_ex+0x3b0/0x4e0 [ 2240.068329][T21498] _copy_to_user+0x2f/0xb0 [ 2240.072771][T21498] simple_read_from_buffer+0xca/0x150 [ 2240.078170][T21498] proc_fail_nth_read+0x1ec/0x260 [ 2240.083229][T21498] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2240.088801][T21498] ? rw_verify_area+0x520/0x6b0 [ 2240.093677][T21498] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2240.099251][T21498] vfs_read+0x204/0xbc0 [ 2240.103433][T21498] ? __pfx_lock_release+0x10/0x10 [ 2240.108493][T21498] ? __pfx_vfs_read+0x10/0x10 [ 2240.113342][T21498] ? __fget_files+0x29/0x470 [ 2240.117998][T21498] ? __fget_files+0x3f6/0x470 [ 2240.122745][T21498] ksys_read+0x1a0/0x2c0 [ 2240.127035][T21498] ? __pfx_ksys_read+0x10/0x10 [ 2240.131865][T21498] ? do_syscall_64+0x100/0x230 [ 2240.136653][T21498] ? do_syscall_64+0xb6/0x230 [ 2240.141354][T21498] do_syscall_64+0xf3/0x230 [ 2240.145885][T21498] ? clear_bhb_loop+0x35/0x90 [ 2240.150595][T21498] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2240.156506][T21498] RIP: 0033:0x7f39ea17b93c [ 2240.160944][T21498] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 2240.180583][T21498] RSP: 002b:00007f39eaee5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2240.189030][T21498] RAX: ffffffffffffffda RBX: 00007f39ea335f80 RCX: 00007f39ea17b93c [ 2240.197020][T21498] RDX: 000000000000000f RSI: 00007f39eaee50a0 RDI: 0000000000000005 [ 2240.205005][T21498] RBP: 00007f39eaee5090 R08: 0000000000000000 R09: 0000000000000000 [ 2240.213002][T21498] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001 [ 2240.220999][T21498] R13: 0000000000000000 R14: 00007f39ea335f80 R15: 00007ffd3ee389d8 [ 2240.229006][T21498] [ 2240.295335][T20723] usb 2-1: USB disconnect, device number 62 [ 2240.635705][ T5285] cdc_ncm 5-1:1.0: bind() failure [ 2240.656817][ T5285] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 2240.663714][ T5285] cdc_ncm 5-1:1.1: bind() failure [ 2240.850227][ T5285] usb 5-1: USB disconnect, device number 54 [ 2242.073456][ T12] team0 (unregistering): Port device team_slave_1 removed [ 2242.168419][ T12] team0 (unregistering): Port device team_slave_0 removed [ 2242.976232][T21396] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2243.128584][T21396] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2243.333687][T21393] bridge0: port 1(bridge_slave_0) entered blocking state [ 2243.353832][T21393] bridge0: port 1(bridge_slave_0) entered disabled state [ 2243.366469][T21393] bridge_slave_0: entered allmulticast mode [ 2243.380008][T21393] bridge_slave_0: entered promiscuous mode [ 2243.430921][T21396] team0: Port device team_slave_0 added [ 2243.485254][T21393] bridge0: port 2(bridge_slave_1) entered blocking state [ 2243.522533][T21393] bridge0: port 2(bridge_slave_1) entered disabled state [ 2243.555543][T21393] bridge_slave_1: entered allmulticast mode [ 2243.565487][T21393] bridge_slave_1: entered promiscuous mode [ 2243.635750][T21396] team0: Port device team_slave_1 added [ 2243.840394][T21393] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2243.895624][T21396] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2243.948225][T21396] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2243.992680][T21396] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2244.052744][T21396] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2244.070204][T21396] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2244.142415][T21396] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2244.222895][T21393] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2247.737166][T21393] team0: Port device team_slave_0 added [ 2247.767768][T21393] team0: Port device team_slave_1 added [ 2247.919379][T21396] hsr_slave_0: entered promiscuous mode [ 2247.949078][T21396] hsr_slave_1: entered promiscuous mode [ 2247.979876][T21396] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2247.996047][T21396] Cannot create hsr debugfs directory [ 2248.023274][T21548] usb usb8: usbfs: process 21548 (syz.4.4446) did not claim interface 0 before use [ 2248.175117][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2248.206581][T21393] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2248.225172][T21393] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2248.289516][T21393] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2248.412980][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2248.440983][T21393] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2248.449129][T21393] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2248.478862][T21393] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2249.424420][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2250.512655][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2250.536645][T21568] FAULT_INJECTION: forcing a failure. [ 2250.536645][T21568] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2250.552681][T21568] CPU: 0 UID: 0 PID: 21568 Comm: syz.1.4453 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2250.563528][T21568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2250.573696][T21568] Call Trace: [ 2250.577285][T21568] [ 2250.580271][T21568] dump_stack_lvl+0x241/0x360 [ 2250.584973][T21568] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2250.590195][T21568] ? __pfx__printk+0x10/0x10 [ 2250.594801][T21568] ? vfs_write+0x7c4/0xc90 [ 2250.599244][T21568] should_fail_ex+0x3b0/0x4e0 [ 2250.604033][T21568] _copy_from_user+0x2f/0xe0 [ 2250.608658][T21568] move_addr_to_kernel+0x82/0x150 [ 2250.613714][T21568] __sys_connect+0xc1/0x310 [ 2250.618246][T21568] ? __pfx___sys_connect+0x10/0x10 [ 2250.623389][T21568] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 2250.629824][T21568] ? do_syscall_64+0x100/0x230 [ 2250.634635][T21568] __x64_sys_connect+0x7a/0x90 [ 2250.639433][T21568] do_syscall_64+0xf3/0x230 [ 2250.643953][T21568] ? clear_bhb_loop+0x35/0x90 [ 2250.648655][T21568] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2250.654564][T21568] RIP: 0033:0x7f39ea17cef9 [ 2250.659084][T21568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2250.678794][T21568] RSP: 002b:00007f39eaee5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2250.687228][T21568] RAX: ffffffffffffffda RBX: 00007f39ea335f80 RCX: 00007f39ea17cef9 [ 2250.695221][T21568] RDX: 000000000000006e RSI: 0000000020000100 RDI: 0000000000000006 [ 2250.703299][T21568] RBP: 00007f39eaee5090 R08: 0000000000000000 R09: 0000000000000000 [ 2250.711292][T21568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2250.719286][T21568] R13: 0000000000000000 R14: 00007f39ea335f80 R15: 00007ffd3ee389d8 [ 2250.727633][T21568] [ 2250.832772][T21393] hsr_slave_0: entered promiscuous mode [ 2250.842694][T21393] hsr_slave_1: entered promiscuous mode [ 2250.870067][T21393] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2250.884631][T21393] Cannot create hsr debugfs directory [ 2252.292864][T21579] 9pnet_fd: Insufficient options for proto=fd [ 2253.104613][ T12] bridge_slave_1: left allmulticast mode [ 2253.134379][ T12] bridge_slave_1: left promiscuous mode [ 2253.140438][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 2253.181024][ T12] bridge_slave_0: left allmulticast mode [ 2253.202393][ T12] bridge_slave_0: left promiscuous mode [ 2253.213569][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 2254.688068][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2254.722407][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2254.763926][ T12] bond0 (unregistering): Released all slaves [ 2254.885564][T21599] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4460'. [ 2254.970787][T21599] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 2255.495077][T21609] FAULT_INJECTION: forcing a failure. [ 2255.495077][T21609] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2255.508341][T21609] CPU: 1 UID: 0 PID: 21609 Comm: syz.4.4462 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2255.519147][T21609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2255.529275][T21609] Call Trace: [ 2255.532588][T21609] [ 2255.535554][T21609] dump_stack_lvl+0x241/0x360 [ 2255.540277][T21609] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2255.545519][T21609] ? __pfx__printk+0x10/0x10 [ 2255.550166][T21609] ? snprintf+0xda/0x120 [ 2255.554457][T21609] should_fail_ex+0x3b0/0x4e0 [ 2255.559180][T21609] _copy_to_user+0x2f/0xb0 [ 2255.563645][T21609] simple_read_from_buffer+0xca/0x150 [ 2255.569082][T21609] proc_fail_nth_read+0x1ec/0x260 [ 2255.574165][T21609] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2255.579757][T21609] ? rw_verify_area+0x520/0x6b0 [ 2255.584652][T21609] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2255.590334][T21609] vfs_read+0x204/0xbc0 [ 2255.594560][T21609] ? __pfx_lock_release+0x10/0x10 [ 2255.599640][T21609] ? __pfx_vfs_read+0x10/0x10 [ 2255.604362][T21609] ? __fget_files+0x29/0x470 [ 2255.608988][T21609] ? __fget_files+0x3f6/0x470 [ 2255.613739][T21609] ksys_read+0x1a0/0x2c0 [ 2255.618113][T21609] ? irqentry_exit+0x63/0x90 [ 2255.622755][T21609] ? lockdep_hardirqs_on+0x99/0x150 [ 2255.628001][T21609] ? __pfx_ksys_read+0x10/0x10 [ 2255.632826][T21609] do_syscall_64+0xf3/0x230 [ 2255.637422][T21609] ? clear_bhb_loop+0x35/0x90 [ 2255.642261][T21609] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2255.648291][T21609] RIP: 0033:0x7f4132f7b93c [ 2255.652756][T21609] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 2255.672435][T21609] RSP: 002b:00007f41329ff030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2255.680894][T21609] RAX: ffffffffffffffda RBX: 00007f4133136130 RCX: 00007f4132f7b93c [ 2255.688903][T21609] RDX: 000000000000000f RSI: 00007f41329ff0a0 RDI: 000000000000000c [ 2255.696907][T21609] RBP: 00007f41329ff090 R08: 0000000000000000 R09: 0000000000000000 [ 2255.704907][T21609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2255.712913][T21609] R13: 0000000000000000 R14: 00007f4133136130 R15: 00007ffde202f958 [ 2255.720960][T21609] [ 2256.464241][ T29] audit: type=1326 audit(1725515302.946:2098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21604 comm="syz.2.4461" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9729f7cef9 code=0x0 [ 2256.619121][T21598] batman_adv: batadv1: Adding interface: netdevsim0 [ 2256.626894][T21598] batman_adv: batadv1: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2256.664853][T21598] batman_adv: batadv1: Interface activated: netdevsim0 [ 2256.830634][T21617] FAULT_INJECTION: forcing a failure. [ 2256.830634][T21617] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2256.870614][T21617] CPU: 1 UID: 0 PID: 21617 Comm: syz.4.4464 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2256.881726][T21617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2256.891995][T21617] Call Trace: [ 2256.895605][T21617] [ 2256.898568][T21617] dump_stack_lvl+0x241/0x360 [ 2256.903294][T21617] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2256.908535][T21617] ? __pfx__printk+0x10/0x10 [ 2256.913168][T21617] ? __pfx_lock_release+0x10/0x10 [ 2256.918300][T21617] ? vfs_write+0x7c4/0xc90 [ 2256.922772][T21617] should_fail_ex+0x3b0/0x4e0 [ 2256.927502][T21617] _copy_from_user+0x2f/0xe0 [ 2256.932225][T21617] __sys_bpf+0x1a4/0x810 [ 2256.936612][T21617] ? __pfx___sys_bpf+0x10/0x10 [ 2256.941450][T21617] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 2256.947483][T21617] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 2256.953871][T21617] ? do_syscall_64+0x100/0x230 [ 2256.959147][T21617] __x64_sys_bpf+0x7c/0x90 [ 2256.963616][T21617] do_syscall_64+0xf3/0x230 [ 2256.968165][T21617] ? clear_bhb_loop+0x35/0x90 [ 2256.972889][T21617] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2256.978822][T21617] RIP: 0033:0x7f4132f7cef9 [ 2256.983268][T21617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2257.002922][T21617] RSP: 002b:00007f4133cb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 2257.011380][T21617] RAX: ffffffffffffffda RBX: 00007f4133135f80 RCX: 00007f4132f7cef9 [ 2257.019403][T21617] RDX: 0000000000000050 RSI: 00000000200003c0 RDI: 000000000000000a [ 2257.027413][T21617] RBP: 00007f4133cb9090 R08: 0000000000000000 R09: 0000000000000000 [ 2257.035504][T21617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2257.043508][T21617] R13: 0000000000000000 R14: 00007f4133135f80 R15: 00007ffde202f958 [ 2257.052490][T21617] [ 2257.769687][T21626] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 2257.908850][T21630] FAULT_INJECTION: forcing a failure. [ 2257.908850][T21630] name failslab, interval 1, probability 0, space 0, times 0 [ 2257.946883][T21626] syz.1.4465: attempt to access beyond end of device [ 2257.946883][T21626] nbd1: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 2257.970787][T21626] SQUASHFS error: Failed to read block 0x0: -5 [ 2257.974434][T21630] CPU: 1 UID: 0 PID: 21630 Comm: syz.4.4468 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2257.987946][T21630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2257.992576][T21626] unable to read squashfs_super_block [ 2257.998016][T21630] Call Trace: [ 2257.998037][T21630] [ 2257.998049][T21630] dump_stack_lvl+0x241/0x360 [ 2257.998088][T21630] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2257.998117][T21630] ? __pfx__printk+0x10/0x10 [ 2258.024311][T21630] ? __kmalloc_node_noprof+0xb7/0x440 [ 2258.029734][T21630] ? __pfx___might_resched+0x10/0x10 [ 2258.035073][T21630] should_fail_ex+0x3b0/0x4e0 [ 2258.039785][T21630] should_failslab+0xac/0x100 [ 2258.044596][T21630] __kmalloc_node_noprof+0xdf/0x440 [ 2258.049831][T21630] ? __kvmalloc_node_noprof+0x72/0x190 [ 2258.055694][T21630] __kvmalloc_node_noprof+0x72/0x190 [ 2258.061017][T21630] file_tty_write+0x2c7/0x9c0 [ 2258.065763][T21630] vfs_write+0xa72/0xc90 [ 2258.070032][T21630] ? __pfx_tty_write+0x10/0x10 [ 2258.074825][T21630] ? __pfx_vfs_write+0x10/0x10 [ 2258.079735][T21630] ksys_write+0x1a0/0x2c0 [ 2258.084097][T21630] ? __pfx_ksys_write+0x10/0x10 [ 2258.088979][T21630] ? do_syscall_64+0x100/0x230 [ 2258.095943][T21630] ? do_syscall_64+0xb6/0x230 [ 2258.100669][T21630] do_syscall_64+0xf3/0x230 [ 2258.105215][T21630] ? clear_bhb_loop+0x35/0x90 [ 2258.109943][T21630] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2258.115873][T21630] RIP: 0033:0x7f4132f7cef9 [ 2258.120299][T21630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2258.139944][T21630] RSP: 002b:00007f4133cb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2258.148371][T21630] RAX: ffffffffffffffda RBX: 00007f4133135f80 RCX: 00007f4132f7cef9 [ 2258.156347][T21630] RDX: 0000000000001006 RSI: 0000000020000000 RDI: 0000000000000004 [ 2258.164406][T21630] RBP: 00007f4133cb9090 R08: 0000000000000000 R09: 0000000000000000 [ 2258.172383][T21630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2258.180364][T21630] R13: 0000000000000000 R14: 00007f4133135f80 R15: 00007ffde202f958 [ 2258.188455][T21630] [ 2258.402453][ T12] hsr_slave_0: left promiscuous mode [ 2258.409113][ T12] hsr_slave_1: left promiscuous mode [ 2258.441040][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2258.450019][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2258.464576][ T29] audit: type=1326 audit(1725515305.386:2099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21634 comm="syz.4.4469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2258.505686][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2258.516214][ T29] audit: type=1326 audit(1725515305.396:2100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21634 comm="syz.4.4469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2258.545262][ T29] audit: type=1326 audit(1725515305.426:2101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21634 comm="syz.4.4469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2258.585898][ T29] audit: type=1326 audit(1725515305.426:2102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21634 comm="syz.4.4469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2258.614300][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2258.698736][ T29] audit: type=1326 audit(1725515305.426:2103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21634 comm="syz.4.4469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2258.773122][ T12] veth1_macvtap: left promiscuous mode [ 2258.793610][ T12] veth0_macvtap: left promiscuous mode [ 2258.803947][ T29] audit: type=1326 audit(1725515305.436:2104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21634 comm="syz.4.4469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2258.810406][ T12] veth1_vlan: left promiscuous mode [ 2258.854670][ T12] veth0_vlan: left promiscuous mode [ 2259.628853][ T29] audit: type=1326 audit(1725515305.436:2105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21634 comm="syz.4.4469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2259.744243][ T29] audit: type=1326 audit(1725515305.436:2106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21634 comm="syz.4.4469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2259.804152][ T29] audit: type=1326 audit(1725515305.436:2107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21634 comm="syz.4.4469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2261.359809][ T12] team0 (unregistering): Port device team_slave_1 removed [ 2261.483853][ T12] team0 (unregistering): Port device team_slave_0 removed [ 2262.749378][T21396] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 2262.912176][T21396] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 2262.993832][T21396] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 2263.046134][T21396] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 2263.282724][T21666] fuse: Bad value for 'fd' [ 2266.570364][T21681] 9pnet_fd: Insufficient options for proto=fd [ 2266.627455][T21396] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2267.028485][T21396] 8021q: adding VLAN 0 to HW filter on device team0 [ 2267.055103][T21393] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 2267.098418][T21393] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 2267.133660][ T2583] bridge0: port 1(bridge_slave_0) entered blocking state [ 2267.140949][ T2583] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2267.189954][T21393] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 2267.232416][ T2583] bridge0: port 2(bridge_slave_1) entered blocking state [ 2267.239725][ T2583] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2267.311092][T21393] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 2267.913559][T21393] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2268.041145][T21393] 8021q: adding VLAN 0 to HW filter on device team0 [ 2268.107652][ T147] bridge0: port 1(bridge_slave_0) entered blocking state [ 2268.114931][ T147] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2268.149456][T21696] FAULT_INJECTION: forcing a failure. [ 2268.149456][T21696] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2268.205555][T21696] CPU: 0 UID: 0 PID: 21696 Comm: syz.1.4484 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2268.208157][ T147] bridge0: port 2(bridge_slave_1) entered blocking state [ 2268.216419][T21696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2268.216440][T21696] Call Trace: [ 2268.216452][T21696] [ 2268.216464][T21696] dump_stack_lvl+0x241/0x360 [ 2268.216503][T21696] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2268.223641][ T147] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2268.233681][T21696] ? __pfx__printk+0x10/0x10 [ 2268.233716][T21696] ? __pfx_lock_release+0x10/0x10 [ 2268.233748][T21696] ? vfs_write+0x7c4/0xc90 [ 2268.271344][T21696] should_fail_ex+0x3b0/0x4e0 [ 2268.276076][T21696] _copy_from_user+0x2f/0xe0 [ 2268.280716][T21696] __sys_bpf+0x1a4/0x810 [ 2268.285013][T21696] ? __pfx___sys_bpf+0x10/0x10 [ 2268.289835][T21696] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 2268.295953][T21696] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 2268.302321][T21696] ? do_syscall_64+0x100/0x230 [ 2268.307373][T21696] __x64_sys_bpf+0x7c/0x90 [ 2268.311811][T21696] do_syscall_64+0xf3/0x230 [ 2268.316342][T21696] ? clear_bhb_loop+0x35/0x90 [ 2268.321233][T21696] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2268.327162][T21696] RIP: 0033:0x7f39ea17cef9 [ 2268.331599][T21696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2268.351712][T21696] RSP: 002b:00007f39eaea3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 2268.360684][T21696] RAX: ffffffffffffffda RBX: 00007f39ea336130 RCX: 00007f39ea17cef9 [ 2268.368768][T21696] RDX: 0000000000000004 RSI: 00000000200003c0 RDI: 000000000000001e [ 2268.376759][T21696] RBP: 00007f39eaea3090 R08: 0000000000000000 R09: 0000000000000000 [ 2268.384748][T21696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2268.392751][T21696] R13: 0000000000000000 R14: 00007f39ea336130 R15: 00007ffd3ee389d8 [ 2268.400757][T21696] [ 2268.620080][T21396] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2268.973933][T21396] veth0_vlan: entered promiscuous mode [ 2269.013927][T21396] veth1_vlan: entered promiscuous mode [ 2269.059461][T21699] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4485'. [ 2269.158052][T21396] veth0_macvtap: entered promiscuous mode [ 2269.186736][T21396] veth1_macvtap: entered promiscuous mode [ 2269.235841][T21396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2269.265109][T21396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2269.284509][T21396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2269.314604][T21396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2269.327692][T21396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2269.354283][T21396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2269.376395][T21396] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2269.416166][T21396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2269.444327][T21396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2269.464464][T21396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2269.484992][T21396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2269.514273][T21396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2269.534320][T21396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2269.641510][T21396] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2269.680575][T21396] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2269.689851][T21396] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2269.699421][T21396] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2269.708689][T21396] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2269.938825][T21393] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2270.830721][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2270.915541][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2270.972684][T21393] veth0_vlan: entered promiscuous mode [ 2271.020490][T21393] veth1_vlan: entered promiscuous mode [ 2271.253344][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2271.298264][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2271.329284][T21720] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4491'. [ 2271.360687][T21725] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4491'. [ 2271.509142][T21393] veth0_macvtap: entered promiscuous mode [ 2271.532180][T21393] veth1_macvtap: entered promiscuous mode [ 2271.591537][T21393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2271.609787][T21393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2271.620651][T21393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2271.646755][T18768] usb 5-1: new high-speed USB device number 55 using dummy_hcd [ 2271.669141][T21393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2271.871806][T21393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2271.883648][T21393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2271.895009][T21393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2274.656070][T21393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2274.746997][T21393] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2274.778951][T21741] FAULT_INJECTION: forcing a failure. [ 2274.778951][T21741] name failslab, interval 1, probability 0, space 0, times 0 [ 2274.780272][T18768] usb 5-1: Using ep0 maxpacket: 8 [ 2274.809362][T18768] usb 5-1: device descriptor read/all, error -61 [ 2274.841071][T21741] CPU: 1 UID: 0 PID: 21741 Comm: syz.2.4494 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2274.851929][T21741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2274.862032][T21741] Call Trace: [ 2274.865351][T21741] [ 2274.868316][T21741] dump_stack_lvl+0x241/0x360 [ 2274.873041][T21741] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2274.878280][T21741] ? __pfx__printk+0x10/0x10 [ 2274.882963][T21741] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 2274.888997][T21741] ? __pfx___might_resched+0x10/0x10 [ 2274.894363][T21741] ? validate_chain+0x11e/0x5900 [ 2274.899434][T21741] should_fail_ex+0x3b0/0x4e0 [ 2274.904159][T21741] should_failslab+0xac/0x100 [ 2274.909141][T21741] ? __alloc_skb+0x1c3/0x440 [ 2274.909749][T21393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2274.913757][T21741] kmem_cache_alloc_node_noprof+0x71/0x320 [ 2274.930138][T21741] __alloc_skb+0x1c3/0x440 [ 2274.934601][T21741] ? __pfx___alloc_skb+0x10/0x10 [ 2274.939589][T21741] alloc_skb_with_frags+0xc3/0x770 [ 2274.944748][T21741] ? __pfx_reacquire_held_locks+0x10/0x10 [ 2274.950516][T21741] sock_alloc_send_pskb+0x91a/0xa60 [ 2274.955809][T21741] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 2274.961624][T21741] ? __local_bh_enable_ip+0x168/0x200 [ 2274.967046][T21741] ? dccp_sendmsg+0x3d5/0xba0 [ 2274.971778][T21741] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 2274.977558][T21741] dccp_sendmsg+0x3f1/0xba0 [ 2274.982121][T21741] ? __pfx_dccp_sendmsg+0x10/0x10 [ 2274.984729][T21393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2274.987164][T21741] ? sock_rps_record_flow+0x1a/0x400 [ 2274.987207][T21741] ? inet_sendmsg+0x330/0x390 [ 2274.987239][T21741] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 2274.987269][T21741] ? security_socket_sendmsg+0x87/0xb0 [ 2274.987298][T21741] __sock_sendmsg+0x1a6/0x270 [ 2274.987325][T21741] ____sys_sendmsg+0x525/0x7d0 [ 2274.987367][T21741] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2274.987409][T21741] ? __might_fault+0xaa/0x120 [ 2274.987441][T21741] __sys_sendmmsg+0x3b2/0x740 [ 2274.987483][T21741] ? __pfx___sys_sendmmsg+0x10/0x10 [ 2274.987555][T21741] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 2275.005698][T18768] usb 5-1: new high-speed USB device number 56 using dummy_hcd [ 2275.007328][T21741] ? ksys_write+0x23e/0x2c0 [ 2275.064201][T21393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2275.065503][T21741] ? __pfx_lock_release+0x10/0x10 [ 2275.081151][T21741] ? vfs_write+0x7c4/0xc90 [ 2275.085628][T21741] ? __mutex_unlock_slowpath+0x21d/0x750 [ 2275.091308][T21741] ? __pfx_vfs_write+0x10/0x10 [ 2275.096154][T21741] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 2275.102270][T21741] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 2275.108653][T21741] ? do_syscall_64+0x100/0x230 [ 2275.113474][T21741] __x64_sys_sendmmsg+0xa0/0xb0 [ 2275.118373][T21741] do_syscall_64+0xf3/0x230 [ 2275.122917][T21741] ? clear_bhb_loop+0x35/0x90 [ 2275.127180][T21393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2275.127629][T21741] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2275.143390][T21741] RIP: 0033:0x7f9729f7cef9 [ 2275.147851][T21741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2275.168726][T21741] RSP: 002b:00007f972ae02038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2275.177279][T21741] RAX: ffffffffffffffda RBX: 00007f972a135f80 RCX: 00007f9729f7cef9 [ 2275.185392][T21741] RDX: 0000000000000500 RSI: 00000000200001c0 RDI: 0000000000000005 [ 2275.193583][T21741] RBP: 00007f972ae02090 R08: 0000000000000000 R09: 0000000000000000 [ 2275.201592][T21741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2275.209608][T21741] R13: 0000000000000000 R14: 00007f972a135f80 R15: 00007ffeb2bfc168 [ 2275.214123][T21393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2275.217624][T21741] [ 2275.263823][T21393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2275.281727][T21393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2275.303893][T21393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2275.337610][T21393] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2275.357680][T21393] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2275.374870][T21393] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2275.394568][T21393] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2275.404902][ T5324] usb 4-1: new high-speed USB device number 52 using dummy_hcd [ 2275.412674][T18768] usb 5-1: device descriptor read/64, error -71 [ 2275.425209][T21393] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2275.536567][T18768] usb usb5-port1: attempt power cycle [ 2275.590395][T21751] FAULT_INJECTION: forcing a failure. [ 2275.590395][T21751] name failslab, interval 1, probability 0, space 0, times 0 [ 2275.614412][ T5324] usb 4-1: Using ep0 maxpacket: 32 [ 2275.633112][T21751] CPU: 1 UID: 0 PID: 21751 Comm: syz.2.4498 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2275.641702][ T5324] usb 4-1: config 0 has an invalid interface number: 7 but max is 0 [ 2275.643935][T21751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2275.643957][T21751] Call Trace: [ 2275.643968][T21751] [ 2275.643980][T21751] dump_stack_lvl+0x241/0x360 [ 2275.670146][ T5324] usb 4-1: config 0 has no interface number 0 [ 2275.673033][T21751] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2275.673070][T21751] ? __pfx__printk+0x10/0x10 [ 2275.673100][T21751] ? fs_reclaim_acquire+0x93/0x140 [ 2275.694117][T21751] ? __pfx___might_resched+0x10/0x10 [ 2275.699435][T21751] should_fail_ex+0x3b0/0x4e0 [ 2275.704224][T21751] ? tomoyo_realpath_from_path+0xcf/0x5e0 [ 2275.710051][T21751] should_failslab+0xac/0x100 [ 2275.714778][T21751] ? tomoyo_realpath_from_path+0xcf/0x5e0 [ 2275.720708][T21751] __kmalloc_noprof+0xd8/0x400 [ 2275.725498][T21751] ? kfree+0x4e/0x360 [ 2275.729596][T21751] tomoyo_realpath_from_path+0xcf/0x5e0 [ 2275.735188][T21751] ? kmem_cache_free+0x145/0x350 [ 2275.740243][T21751] tomoyo_mount_permission+0xa61/0xb80 [ 2275.745739][T21751] ? tomoyo_mount_permission+0x295/0xb80 [ 2275.751422][T21751] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 2275.757451][T21751] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 2275.763505][T21751] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 2275.769895][T21751] ? hook_sb_mount+0x122/0x390 [ 2275.774714][T21751] security_sb_mount+0x8f/0xd0 [ 2275.779517][T21751] path_mount+0xb9/0xfa0 [ 2275.783789][T21751] ? kmem_cache_free+0x145/0x350 [ 2275.788793][T21751] __se_sys_mount+0x2d6/0x3c0 [ 2275.793510][T21751] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 2275.799527][T21751] ? __pfx___se_sys_mount+0x10/0x10 [ 2275.804746][T21751] ? do_syscall_64+0x100/0x230 [ 2275.809533][T21751] ? __x64_sys_mount+0x20/0xc0 [ 2275.814331][T21751] do_syscall_64+0xf3/0x230 [ 2275.818859][T21751] ? clear_bhb_loop+0x35/0x90 [ 2275.823562][T21751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2275.829488][T21751] RIP: 0033:0x7f9729f7cef9 [ 2275.833936][T21751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2275.853688][T21751] RSP: 002b:00007f972ae02038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2275.862306][T21751] RAX: ffffffffffffffda RBX: 00007f972a135f80 RCX: 00007f9729f7cef9 [ 2275.870471][T21751] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020000440 [ 2275.878482][T21751] RBP: 00007f972ae02090 R08: 0000000000000000 R09: 0000000000000000 [ 2275.886506][T21751] R10: 00000000008b101a R11: 0000000000000246 R12: 0000000000000001 [ 2275.894582][T21751] R13: 0000000000000000 R14: 00007f972a135f80 R15: 00007ffeb2bfc168 [ 2275.902676][T21751] [ 2275.916063][ T5324] usb 4-1: config 0 interface 7 has no altsetting 0 [ 2275.932122][ T2951] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2275.959544][ T2951] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2275.992613][ T2951] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2276.006334][ T5324] usb 4-1: New USB device found, idVendor=19d2, idProduct=1129, bcdDevice=2b.4b [ 2276.092764][T21751] ERROR: Out of memory at tomoyo_realpath_from_path. [ 2276.109007][ T2951] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2276.117383][ T5324] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2276.131464][ T5324] usb 4-1: Product: syz [ 2276.139163][ T5324] usb 4-1: Manufacturer: syz [ 2276.164284][ T5324] usb 4-1: SerialNumber: syz [ 2276.197556][ T5324] usb 4-1: config 0 descriptor?? [ 2276.216963][ T5324] option 4-1:0.7: GSM modem (1-port) converter detected [ 2276.376476][T21761] FAULT_INJECTION: forcing a failure. [ 2276.376476][T21761] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2276.393326][T21761] CPU: 1 UID: 0 PID: 21761 Comm: syz.2.4500 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2276.404169][T21761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2276.414280][T21761] Call Trace: [ 2276.414800][T21743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2276.417570][T21761] [ 2276.428875][T21761] dump_stack_lvl+0x241/0x360 [ 2276.433609][T21761] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2276.438863][T21761] ? __pfx__printk+0x10/0x10 [ 2276.443519][T21761] ? __pfx_lock_release+0x10/0x10 [ 2276.448619][T21761] should_fail_ex+0x3b0/0x4e0 [ 2276.453352][T21761] _copy_from_user+0x2f/0xe0 [ 2276.458008][T21761] copy_msghdr_from_user+0xae/0x680 [ 2276.463272][T21761] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 2276.469130][T21761] __sys_sendmsg+0x23d/0x3a0 [ 2276.473752][T21761] ? __pfx___sys_sendmsg+0x10/0x10 [ 2276.478881][T21761] ? vfs_write+0x7c4/0xc90 [ 2276.483372][T21761] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 2276.489733][T21761] ? do_syscall_64+0x100/0x230 [ 2276.494536][T21761] ? do_syscall_64+0xb6/0x230 [ 2276.499246][T21761] do_syscall_64+0xf3/0x230 [ 2276.503765][T21761] ? clear_bhb_loop+0x35/0x90 [ 2276.508468][T21761] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2276.514379][T21761] RIP: 0033:0x7f9729f7cef9 [ 2276.518825][T21761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2276.538463][T21761] RSP: 002b:00007f972ae02038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2276.546928][T21761] RAX: ffffffffffffffda RBX: 00007f972a135f80 RCX: 00007f9729f7cef9 [ 2276.554921][T21761] RDX: 0000000000004000 RSI: 0000000020000d40 RDI: 0000000000000007 [ 2276.563032][T21761] RBP: 00007f972ae02090 R08: 0000000000000000 R09: 0000000000000000 [ 2276.571117][T21761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2276.579112][T21761] R13: 0000000000000000 R14: 00007f972a135f80 R15: 00007ffeb2bfc168 [ 2276.587120][T21761] [ 2276.621176][T21743] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2276.649684][ T5324] usb 4-1: USB disconnect, device number 52 [ 2276.687355][ T5324] option 4-1:0.7: device disconnected [ 2276.856521][ T29] kauditd_printk_skb: 21 callbacks suppressed [ 2276.856624][ T29] audit: type=1326 audit(1725515323.786:2129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21768 comm="syz.4.4502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2276.920614][ T29] audit: type=1326 audit(1725515323.786:2130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21768 comm="syz.4.4502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2276.947629][ T5285] usb 1-1: new high-speed USB device number 64 using dummy_hcd [ 2276.999740][ T29] audit: type=1326 audit(1725515323.826:2131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21768 comm="syz.4.4502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2279.172472][T21759] xt_CT: You must specify a L4 protocol and not use inversions on it [ 2279.582696][T21759] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2279.615974][T21759] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2279.623493][ T29] audit: type=1326 audit(1725515323.826:2132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21768 comm="syz.4.4502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2279.679736][T21759] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2279.698205][ T29] audit: type=1326 audit(1725515323.826:2133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21768 comm="syz.4.4502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2279.739897][ T29] audit: type=1326 audit(1725515323.826:2134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21768 comm="syz.4.4502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2279.740210][T21759] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2279.764698][ T29] audit: type=1326 audit(1725515323.826:2135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21768 comm="syz.4.4502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2279.817289][ T29] audit: type=1326 audit(1725515323.826:2136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21768 comm="syz.4.4502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4132f73ea7 code=0x7ffc0000 [ 2279.842554][ T29] audit: type=1326 audit(1725515323.826:2137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21768 comm="syz.4.4502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4132f18859 code=0x7ffc0000 [ 2279.865922][ T29] audit: type=1326 audit(1725515323.826:2138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21768 comm="syz.4.4502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4132f73ea7 code=0x7ffc0000 [ 2282.431953][T21787] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4506'. [ 2283.820810][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 2283.834260][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 2286.315057][T20723] usb 3-1: new high-speed USB device number 45 using dummy_hcd [ 2287.414413][T20723] usb 3-1: Using ep0 maxpacket: 16 [ 2288.090485][ T29] kauditd_printk_skb: 58 callbacks suppressed [ 2288.090508][ T29] audit: type=1326 audit(1725515334.996:2197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21821 comm="syz.4.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2288.110615][T20723] usb 3-1: device descriptor read/all, error -71 [ 2288.394499][ T29] audit: type=1326 audit(1725515334.996:2198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21821 comm="syz.4.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2288.416935][ T29] audit: type=1326 audit(1725515335.006:2199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21821 comm="syz.4.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2294.364153][ T29] audit: type=1326 audit(1725515335.006:2200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21821 comm="syz.4.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2294.588693][ T29] audit: type=1326 audit(1725515335.006:2201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21821 comm="syz.4.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2294.747259][ T29] audit: type=1326 audit(1725515335.006:2202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21821 comm="syz.4.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2294.894187][ T29] audit: type=1326 audit(1725515335.006:2203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21821 comm="syz.4.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2294.998342][ T29] audit: type=1326 audit(1725515335.006:2204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21821 comm="syz.4.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2295.100257][T21843] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4523'. [ 2295.124631][ T9] usb 1-1: new high-speed USB device number 65 using dummy_hcd [ 2295.176174][ T29] audit: type=1326 audit(1725515335.006:2205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21821 comm="syz.4.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2295.283253][ T29] audit: type=1326 audit(1725515335.006:2206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21821 comm="syz.4.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2295.356402][ T29] audit: type=1326 audit(1725515335.006:2207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21821 comm="syz.4.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2295.384129][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 2295.405593][ T9] usb 1-1: config index 0 descriptor too short (expected 6427, got 27) [ 2295.434561][ T9] usb 1-1: config 0 has too many interfaces: 241, using maximum allowed: 32 [ 2295.453832][ T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 241 [ 2295.465772][ T29] audit: type=1326 audit(1725515335.006:2208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21821 comm="syz.4.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2295.491806][T21852] IPv6: NLM_F_REPLACE set, but no existing node found! [ 2295.501461][ T9] usb 1-1: config 0 has no interface number 0 [ 2295.531887][ T9] usb 1-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 2295.545013][ T29] audit: type=1326 audit(1725515335.006:2209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21821 comm="syz.4.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4132f7cef9 code=0x7ffc0000 [ 2295.574921][ T9] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 2295.614720][ T9] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 2295.653999][ T9] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 2295.677525][ T9] usb 1-1: New USB device strings: Mfr=228, Product=255, SerialNumber=0 [ 2295.694592][ T9] usb 1-1: Product: syz [ 2295.698835][ T9] usb 1-1: Manufacturer: syz [ 2295.719048][ T9] usb 1-1: config 0 descriptor?? [ 2295.761375][T21835] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 2295.869882][T14490] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 2295.887468][T14490] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 2295.899784][T14490] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 2295.908722][T14490] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 2295.920812][T14490] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 2295.932799][T14490] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 2295.997388][ T9] usb 1-1: USB disconnect, device number 65 [ 2296.328370][T21856] chnl_net:caif_netlink_parms(): no params data found [ 2299.096589][ T5239] Bluetooth: hci1: command tx timeout [ 2300.217046][T21886] FAULT_INJECTION: forcing a failure. [ 2300.217046][T21886] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2300.251603][T21885] FAULT_INJECTION: forcing a failure. [ 2300.251603][T21885] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2300.268225][T21886] CPU: 1 UID: 0 PID: 21886 Comm: syz.2.4536 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2300.280055][T21886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2300.291207][T21886] Call Trace: [ 2300.294511][T21886] [ 2300.297838][T21886] dump_stack_lvl+0x241/0x360 [ 2300.302761][T21886] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2300.308155][T21886] ? __pfx__printk+0x10/0x10 [ 2300.312923][T21886] ? __pfx_lock_release+0x10/0x10 [ 2300.318250][T21886] should_fail_ex+0x3b0/0x4e0 [ 2300.323622][T21886] _copy_from_user+0x2f/0xe0 [ 2300.328302][T21886] copy_msghdr_from_user+0xae/0x680 [ 2300.333596][T21886] ? _parse_integer_limit+0x1b5/0x200 [ 2300.345031][T21886] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 2300.351323][T21886] __sys_sendmmsg+0x374/0x740 [ 2300.356402][T21886] ? __pfx___sys_sendmmsg+0x10/0x10 [ 2300.362082][T21886] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 2300.368133][T21886] ? ksys_write+0x23e/0x2c0 [ 2300.372724][T21886] ? __pfx_lock_release+0x10/0x10 [ 2300.377826][T21886] ? vfs_write+0x7c4/0xc90 [ 2300.382500][T21886] ? __mutex_unlock_slowpath+0x21d/0x750 [ 2300.388187][T21886] ? __pfx_vfs_write+0x10/0x10 [ 2300.394260][T21886] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 2300.400596][T21886] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 2300.407259][T21886] ? do_syscall_64+0x100/0x230 [ 2300.412158][T21886] __x64_sys_sendmmsg+0xa0/0xb0 [ 2300.417569][T21886] do_syscall_64+0xf3/0x230 [ 2300.422299][T21886] ? clear_bhb_loop+0x35/0x90 [ 2300.427303][T21886] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2300.433356][T21886] RIP: 0033:0x7f9729f7cef9 [ 2300.437857][T21886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2300.458970][T21886] RSP: 002b:00007f972ae02038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2300.467598][T21886] RAX: ffffffffffffffda RBX: 00007f972a135f80 RCX: 00007f9729f7cef9 [ 2300.475648][T21886] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004 [ 2300.483654][T21886] RBP: 00007f972ae02090 R08: 0000000000000000 R09: 0000000000000000 [ 2300.491832][T21886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2300.500087][T21886] R13: 0000000000000000 R14: 00007f972a135f80 R15: 00007ffeb2bfc168 [ 2300.508191][T21886] [ 2300.511235][T21885] CPU: 0 UID: 0 PID: 21885 Comm: syz.3.4534 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2300.522139][T21885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2300.533031][T21885] Call Trace: [ 2300.536351][T21885] [ 2300.539435][T21885] dump_stack_lvl+0x241/0x360 [ 2300.544315][T21885] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2300.549982][T21885] ? __pfx__printk+0x10/0x10 [ 2300.555410][T21885] ? snprintf+0xda/0x120 [ 2300.559772][T21885] should_fail_ex+0x3b0/0x4e0 [ 2300.565045][T21885] _copy_to_user+0x2f/0xb0 [ 2300.569527][T21885] simple_read_from_buffer+0xca/0x150 [ 2300.575002][T21885] proc_fail_nth_read+0x1ec/0x260 [ 2300.581567][T21885] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2300.587554][T21885] ? rw_verify_area+0x520/0x6b0 [ 2300.593524][T21885] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2300.600724][T21885] vfs_read+0x204/0xbc0 [ 2300.605811][T21885] ? __pfx_lock_release+0x10/0x10 [ 2300.611002][T21885] ? __pfx_vfs_read+0x10/0x10 [ 2300.617176][T21885] ? __fget_files+0x29/0x470 [ 2300.621896][T21885] ? __fget_files+0x3f6/0x470 [ 2300.626925][T21885] ksys_read+0x1a0/0x2c0 [ 2300.632718][T21885] ? __pfx_ksys_read+0x10/0x10 [ 2300.639272][T21885] ? do_syscall_64+0x100/0x230 [ 2300.644612][T21885] ? do_syscall_64+0xb6/0x230 [ 2300.650489][T21885] do_syscall_64+0xf3/0x230 [ 2300.655754][T21885] ? clear_bhb_loop+0x35/0x90 [ 2300.661021][T21885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2300.668020][T21885] RIP: 0033:0x7f3e4437b93c [ 2300.672669][T21885] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 2300.695434][T21885] RSP: 002b:00007f3e4521b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2300.705651][T21885] RAX: ffffffffffffffda RBX: 00007f3e44535f80 RCX: 00007f3e4437b93c [ 2300.716329][T21885] RDX: 000000000000000f RSI: 00007f3e4521b0a0 RDI: 0000000000000005 [ 2300.726712][T21885] RBP: 00007f3e4521b090 R08: 0000000000000000 R09: 0000000000000000 [ 2300.737453][T21885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2300.746906][T21885] R13: 0000000000000000 R14: 00007f3e44535f80 R15: 00007ffef54e5798 [ 2300.755559][T21885] [ 2300.793423][T21856] bridge0: port 1(bridge_slave_0) entered blocking state [ 2300.806553][T21856] bridge0: port 1(bridge_slave_0) entered disabled state [ 2300.820308][T21856] bridge_slave_0: entered allmulticast mode [ 2301.026525][T21856] bridge_slave_0: entered promiscuous mode [ 2301.476084][T14490] Bluetooth: hci2: command 0x0406 tx timeout [ 2301.483025][T14490] Bluetooth: hci1: command tx timeout [ 2302.085314][T21901] bond0: option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0) [ 2302.234523][T21856] bridge0: port 2(bridge_slave_1) entered blocking state [ 2302.242024][T21856] bridge0: port 2(bridge_slave_1) entered disabled state [ 2302.249580][T21856] bridge_slave_1: entered allmulticast mode [ 2302.257420][T21856] bridge_slave_1: entered promiscuous mode [ 2302.528865][T21856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2302.541454][T21909] FAULT_INJECTION: forcing a failure. [ 2302.541454][T21909] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2302.541571][T21909] [ 2302.541579][T21909] ====================================================== [ 2302.541588][T21909] WARNING: possible circular locking dependency detected [ 2302.541598][T21909] 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 Not tainted [ 2302.541611][T21909] ------------------------------------------------------ [ 2302.541620][T21909] syz.2.4543/21909 is trying to acquire lock: [ 2302.541632][T21909] ffffffff8e613cb8 ((console_sem).lock){-.-.}-{2:2}, at: down_trylock+0x20/0xa0 [ 2302.541689][T21909] [ 2302.541689][T21909] but task is already holding lock: [ 2302.541697][T21909] ffff8880b893e998 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 2302.541748][T21909] [ 2302.541748][T21909] which lock already depends on the new lock. [ 2302.541748][T21909] [ 2302.541757][T21909] [ 2302.541757][T21909] the existing dependency chain (in reverse order) is: [ 2302.541765][T21909] [ 2302.541765][T21909] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 2302.541793][T21909] lock_acquire+0x1ed/0x550 [ 2302.541822][T21909] _raw_spin_lock_nested+0x31/0x40 [ 2302.541842][T21909] raw_spin_rq_lock_nested+0x2a/0x140 [ 2302.541866][T21909] task_fork_fair+0x61/0x1e0 [ 2302.541895][T21909] sched_cgroup_fork+0x37c/0x410 [ 2302.541914][T21909] copy_process+0x2217/0x3dc0 [ 2302.541941][T21909] kernel_clone+0x223/0x880 [ 2302.541969][T21909] user_mode_thread+0x132/0x1a0 [ 2302.541998][T21909] rest_init+0x23/0x300 [ 2302.542023][T21909] start_kernel+0x47a/0x500 [ 2302.542052][T21909] x86_64_start_reservations+0x2a/0x30 [ 2302.542074][T21909] x86_64_start_kernel+0x9f/0xa0 [ 2302.542095][T21909] common_startup_64+0x13e/0x147 [ 2302.542118][T21909] [ 2302.542118][T21909] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 2302.542146][T21909] lock_acquire+0x1ed/0x550 [ 2302.542172][T21909] _raw_spin_lock_irqsave+0xd5/0x120 [ 2302.542202][T21909] try_to_wake_up+0xb0/0x1470 [ 2302.542232][T21909] up+0x72/0x90 [ 2302.542253][T21909] console_unlock+0x22f/0x4d0 [ 2302.542273][T21909] vprintk_emit+0x5dc/0x7c0 [ 2302.542292][T21909] _printk+0xd5/0x120 [ 2302.542310][T21909] ip_vs_wlc_schedule+0x129/0x420 [ 2302.542333][T21909] ip_vs_schedule+0xf14/0x2320 [ 2302.542356][T21909] udp_conn_schedule+0x391/0x740 [ 2302.542387][T21909] ip_vs_in_hook+0xe39/0x2280 [ 2302.542409][T21909] nf_hook_slow+0xc3/0x220 [ 2302.542437][T21909] nf_hook+0x2c4/0x450 [ 2302.542465][T21909] __ip_local_out+0x3d9/0x4e0 [ 2302.542493][T21909] ip_local_out+0x26/0x70 [ 2302.542521][T21909] iptunnel_xmit+0x540/0x9b0 [ 2302.542547][T21909] udp_tunnel_xmit_skb+0x234/0x350 [ 2302.542576][T21909] tipc_udp_xmit+0x5b6/0xa10 [ 2302.542606][T21909] tipc_bearer_xmit_skb+0x2f5/0x460 [ 2302.542633][T21909] tipc_disc_timeout+0x5ee/0x760 [ 2302.542658][T21909] call_timer_fn+0x18e/0x650 [ 2302.542688][T21909] __run_timer_base+0x66a/0x8e0 [ 2302.542715][T21909] run_timer_softirq+0xb7/0x170 [ 2302.542742][T21909] handle_softirqs+0x2c4/0x970 [ 2302.542768][T21909] __irq_exit_rcu+0xf4/0x1c0 [ 2302.542794][T21909] irq_exit_rcu+0x9/0x30 [ 2302.542817][T21909] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 2302.542850][T21909] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 2302.542877][T21909] kasan_check_range+0x3a/0x290 [ 2302.542902][T21909] kernfs_put+0x30/0x370 [ 2302.542929][T21909] __kernfs_remove+0x768/0x870 [ 2302.542958][T21909] kernfs_remove_by_name_ns+0xdc/0x160 [ 2302.542989][T21909] sysfs_remove_group+0xfe/0x2c0 [ 2302.543014][T21909] sysfs_remove_groups+0x54/0xb0 [ 2302.543039][T21909] device_remove_attrs+0x23a/0x290 [ 2302.543060][T21909] device_del+0x572/0x9b0 [ 2302.543079][T21909] unregister_netdevice_many_notify+0x1709/0x1c40 [ 2302.543110][T21909] cleanup_net+0x75d/0xcc0 [ 2302.543132][T21909] process_scheduled_works+0xa2c/0x1830 [ 2302.543159][T21909] worker_thread+0x86d/0xd10 [ 2302.543186][T21909] kthread+0x2f0/0x390 [ 2302.543216][T21909] ret_from_fork+0x4b/0x80 [ 2302.543244][T21909] ret_from_fork_asm+0x1a/0x30 [ 2302.543274][T21909] [ 2302.543274][T21909] -> #0 ((console_sem).lock){-.-.}-{2:2}: [ 2302.543303][T21909] validate_chain+0x18e0/0x5900 [ 2302.543323][T21909] __lock_acquire+0x137a/0x2040 [ 2302.543350][T21909] lock_acquire+0x1ed/0x550 [ 2302.543376][T21909] _raw_spin_lock_irqsave+0xd5/0x120 [ 2302.543406][T21909] down_trylock+0x20/0xa0 [ 2302.543428][T21909] __down_trylock_console_sem+0x109/0x250 [ 2302.543451][T21909] vprintk_emit+0x2aa/0x7c0 [ 2302.543470][T21909] _printk+0xd5/0x120 [ 2302.543487][T21909] should_fail_ex+0x391/0x4e0 [ 2302.543507][T21909] strncpy_from_user+0x36/0x2e0 [ 2302.543548][T21909] strncpy_from_user_nofault+0x71/0x140 [ 2302.543580][T21909] bpf_probe_read_user_str+0x2a/0x70 [ 2302.543610][T21909] bpf_prog_bc7c5c6b9645592f+0x3d/0x3f [ 2302.543627][T21909] bpf_trace_run4+0x334/0x590 [ 2302.543650][T21909] __traceiter_sched_switch+0x98/0xd0 [ 2302.543670][T21909] __schedule+0x253f/0x4a10 [ 2302.543700][T21909] schedule+0x14b/0x320 [ 2302.543728][T21909] schedule_preempt_disabled+0x13/0x30 [ 2302.543761][T21909] __mutex_lock+0x6a4/0xd70 [ 2302.543781][T21909] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 2302.543801][T21909] netlink_rcv_skb+0x1e3/0x430 [ 2302.543822][T21909] netlink_unicast+0x7f6/0x990 [ 2302.543853][T21909] netlink_sendmsg+0x8e4/0xcb0 [ 2302.543874][T21909] __sock_sendmsg+0x221/0x270 [ 2302.543893][T21909] ____sys_sendmsg+0x525/0x7d0 [ 2302.543920][T21909] __sys_sendmsg+0x2b0/0x3a0 [ 2302.543947][T21909] do_syscall_64+0xf3/0x230 [ 2302.543968][T21909] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2302.543993][T21909] [ 2302.543993][T21909] other info that might help us debug this: [ 2302.543993][T21909] [ 2302.544001][T21909] Chain exists of: [ 2302.544001][T21909] (console_sem).lock --> &p->pi_lock --> &rq->__lock [ 2302.544001][T21909] [ 2302.544032][T21909] Possible unsafe locking scenario: [ 2302.544032][T21909] [ 2302.544039][T21909] CPU0 CPU1 [ 2302.544045][T21909] ---- ---- [ 2302.544051][T21909] lock(&rq->__lock); [ 2302.544064][T21909] lock(&p->pi_lock); [ 2302.544078][T21909] lock(&rq->__lock); [ 2302.544093][T21909] lock((console_sem).lock); [ 2302.544107][T21909] [ 2302.544107][T21909] *** DEADLOCK *** [ 2302.544107][T21909] [ 2302.544113][T21909] 3 locks held by syz.2.4543/21909: [ 2302.544127][T21909] #0: ffffffff8fa79848 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 2302.544176][T21909] #1: ffff8880b893e998 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 2302.544231][T21909] #2: ffffffff8e738320 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x244/0x590 [ 2302.544282][T21909] [ 2302.544282][T21909] stack backtrace: [ 2302.544290][T21909] CPU: 1 UID: 0 PID: 21909 Comm: syz.2.4543 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2302.544314][T21909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2302.544329][T21909] Call Trace: [ 2302.544337][T21909] [ 2302.544347][T21909] dump_stack_lvl+0x241/0x360 [ 2302.544372][T21909] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2302.544404][T21909] ? print_circular_bug+0x130/0x1a0 [ 2302.544429][T21909] check_noncircular+0x36a/0x4a0 [ 2302.544456][T21909] ? __pfx_check_noncircular+0x10/0x10 [ 2302.544481][T21909] ? lockdep_lock+0x123/0x2b0 [ 2302.544518][T21909] validate_chain+0x18e0/0x5900 [ 2302.544563][T21909] ? __pfx_validate_chain+0x10/0x10 [ 2302.544586][T21909] ? __pfx_prb_first_seq+0x10/0x10 [ 2302.544627][T21909] ? this_cpu_in_panic+0x4f/0x80 [ 2302.544660][T21909] ? _prb_read_valid+0xa39/0xac0 [ 2302.544702][T21909] ? mark_lock+0x9a/0x350 [ 2302.544736][T21909] __lock_acquire+0x137a/0x2040 [ 2302.544778][T21909] lock_acquire+0x1ed/0x550 [ 2302.544807][T21909] ? down_trylock+0x20/0xa0 [ 2302.544833][T21909] ? __pfx_desc_update_last_finalized+0x10/0x10 [ 2302.544869][T21909] ? __pfx_lock_acquire+0x10/0x10 [ 2302.544898][T21909] ? rcu_is_watching+0x15/0xb0 [ 2302.544931][T21909] ? vprintk_store+0xd3e/0x1160 [ 2302.544960][T21909] _raw_spin_lock_irqsave+0xd5/0x120 [ 2302.544990][T21909] ? down_trylock+0x20/0xa0 [ 2302.545011][T21909] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 2302.545044][T21909] ? validate_chain+0x11e/0x5900 [ 2302.545068][T21909] down_trylock+0x20/0xa0 [ 2302.545091][T21909] __down_trylock_console_sem+0x109/0x250 [ 2302.545114][T21909] ? _printk+0xd5/0x120 [ 2302.545132][T21909] ? __pfx___down_trylock_console_sem+0x10/0x10 [ 2302.545157][T21909] ? __pfx_validate_chain+0x10/0x10 [ 2302.545182][T21909] vprintk_emit+0x2aa/0x7c0 [ 2302.545206][T21909] ? __pfx_vprintk_emit+0x10/0x10 [ 2302.545229][T21909] ? is_bpf_text_address+0x26/0x2a0 [ 2302.545261][T21909] ? mark_lock+0x9a/0x350 [ 2302.545297][T21909] _printk+0xd5/0x120 [ 2302.545321][T21909] ? __pfx__printk+0x10/0x10 [ 2302.545351][T21909] should_fail_ex+0x391/0x4e0 [ 2302.545377][T21909] strncpy_from_user+0x36/0x2e0 [ 2302.545415][T21909] strncpy_from_user_nofault+0x71/0x140 [ 2302.545453][T21909] bpf_probe_read_user_str+0x2a/0x70 [ 2302.545487][T21909] ? bpf_trace_run4+0x244/0x590 [ 2302.545511][T21909] bpf_prog_bc7c5c6b9645592f+0x3d/0x3f [ 2302.545545][T21909] bpf_trace_run4+0x334/0x590 [ 2302.545570][T21909] ? psi_group_change+0xb88/0x11c0 [ 2302.545597][T21909] ? __pfx_bpf_trace_run4+0x10/0x10 [ 2302.545627][T21909] ? __pfx_probe_sched_switch+0x10/0x10 [ 2302.545654][T21909] ? tracing_record_taskinfo_sched_switch+0x7b/0x390 [ 2302.545681][T21909] ? __pfx___bpf_trace_sched_switch+0x10/0x10 [ 2302.545705][T21909] __traceiter_sched_switch+0x98/0xd0 [ 2302.545731][T21909] __schedule+0x253f/0x4a10 [ 2302.545779][T21909] ? __pfx___schedule+0x10/0x10 [ 2302.545815][T21909] ? __pfx_lock_release+0x10/0x10 [ 2302.545845][T21909] ? __mutex_trylock_common+0x92/0x2e0 [ 2302.545875][T21909] ? schedule+0x90/0x320 [ 2302.545907][T21909] schedule+0x14b/0x320 [ 2302.545940][T21909] schedule_preempt_disabled+0x13/0x30 [ 2302.545973][T21909] __mutex_lock+0x6a4/0xd70 [ 2302.546000][T21909] ? __mutex_lock+0x527/0xd70 [ 2302.546025][T21909] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 2302.546048][T21909] ? __pfx___mutex_lock+0x10/0x10 [ 2302.546084][T21909] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 2302.546105][T21909] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 2302.546130][T21909] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 2302.546157][T21909] ? ref_tracker_free+0x643/0x7e0 [ 2302.546186][T21909] netlink_rcv_skb+0x1e3/0x430 [ 2302.546211][T21909] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 2302.546235][T21909] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 2302.546273][T21909] ? netlink_deliver_tap+0x2e/0x1b0 [ 2302.546299][T21909] netlink_unicast+0x7f6/0x990 [ 2302.546339][T21909] ? __pfx_netlink_unicast+0x10/0x10 [ 2302.546371][T21909] ? __virt_addr_valid+0x183/0x530 [ 2302.546395][T21909] ? __check_object_size+0x49c/0x900 [ 2302.546419][T21909] ? bpf_lsm_netlink_send+0x9/0x10 [ 2302.546448][T21909] netlink_sendmsg+0x8e4/0xcb0 [ 2302.546481][T21909] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2302.546508][T21909] ? __import_iovec+0x536/0x820 [ 2302.546545][T21909] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 2302.546575][T21909] ? security_socket_sendmsg+0x87/0xb0 [ 2302.546601][T21909] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2302.546625][T21909] __sock_sendmsg+0x221/0x270 [ 2302.546649][T21909] ____sys_sendmsg+0x525/0x7d0 [ 2302.546685][T21909] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2302.546726][T21909] __sys_sendmsg+0x2b0/0x3a0 [ 2302.546757][T21909] ? __pfx___sys_sendmsg+0x10/0x10 [ 2302.546786][T21909] ? vfs_write+0x7c4/0xc90 [ 2302.546845][T21909] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 2302.546877][T21909] ? do_syscall_64+0x100/0x230 [ 2302.546902][T21909] ? do_syscall_64+0xb6/0x230 [ 2302.546929][T21909] do_syscall_64+0xf3/0x230 [ 2302.546953][T21909] ? clear_bhb_loop+0x35/0x90 [ 2302.546984][T21909] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2302.547011][T21909] RIP: 0033:0x7f9729f7cef9 [ 2302.547031][T21909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2302.547051][T21909] RSP: 002b:00007f972ae02038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2302.547074][T21909] RAX: ffffffffffffffda RBX: 00007f972a135f80 RCX: 00007f9729f7cef9 [ 2302.547092][T21909] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 2302.547107][T21909] RBP: 00007f972ae02090 R08: 0000000000000000 R09: 0000000000000000 [ 2302.547121][T21909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2302.547134][T21909] R13: 0000000000000000 R14: 00007f972a135f80 R15: 00007ffeb2bfc168 [ 2302.547160][T21909] [ 2303.807143][T21909] CPU: 1 UID: 0 PID: 21909 Comm: syz.2.4543 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 2303.818013][T21909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2303.828076][T21909] Call Trace: [ 2303.831385][T21909] [ 2303.834316][T21909] dump_stack_lvl+0x241/0x360 [ 2303.839003][T21909] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2303.844209][T21909] ? __pfx__printk+0x10/0x10 [ 2303.848827][T21909] should_fail_ex+0x3b0/0x4e0 [ 2303.853690][T21909] strncpy_from_user+0x36/0x2e0 [ 2303.858561][T21909] strncpy_from_user_nofault+0x71/0x140 [ 2303.864118][T21909] bpf_probe_read_user_str+0x2a/0x70 [ 2303.869435][T21909] ? bpf_trace_run4+0x244/0x590 [ 2303.874296][T21909] bpf_prog_bc7c5c6b9645592f+0x3d/0x3f [ 2303.879776][T21909] bpf_trace_run4+0x334/0x590 [ 2303.884456][T21909] ? psi_group_change+0xb88/0x11c0 [ 2303.889592][T21909] ? __pfx_bpf_trace_run4+0x10/0x10 [ 2303.894821][T21909] ? __pfx_probe_sched_switch+0x10/0x10 [ 2303.900368][T21909] ? tracing_record_taskinfo_sched_switch+0x7b/0x390 [ 2303.907069][T21909] ? __pfx___bpf_trace_sched_switch+0x10/0x10 [ 2303.913339][T21909] __traceiter_sched_switch+0x98/0xd0 [ 2303.918716][T21909] __schedule+0x253f/0x4a10 [ 2303.923243][T21909] ? __pfx___schedule+0x10/0x10 [ 2303.928199][T21909] ? __pfx_lock_release+0x10/0x10 [ 2303.933319][T21909] ? __mutex_trylock_common+0x92/0x2e0 [ 2303.938873][T21909] ? schedule+0x90/0x320 [ 2303.943236][T21909] schedule+0x14b/0x320 [ 2303.947402][T21909] schedule_preempt_disabled+0x13/0x30 [ 2303.952876][T21909] __mutex_lock+0x6a4/0xd70 [ 2303.957408][T21909] ? __mutex_lock+0x527/0xd70 [ 2303.962138][T21909] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 2303.967476][T21909] ? __pfx___mutex_lock+0x10/0x10 [ 2303.972523][T21909] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 2303.977462][T21909] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 2303.982598][T21909] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 2303.988080][T21909] ? ref_tracker_free+0x643/0x7e0 [ 2303.993130][T21909] netlink_rcv_skb+0x1e3/0x430 [ 2303.997922][T21909] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 2304.003390][T21909] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 2304.008690][T21909] ? netlink_deliver_tap+0x2e/0x1b0 [ 2304.013912][T21909] netlink_unicast+0x7f6/0x990 [ 2304.018801][T21909] ? __pfx_netlink_unicast+0x10/0x10 [ 2304.024137][T21909] ? __virt_addr_valid+0x183/0x530 [ 2304.029255][T21909] ? __check_object_size+0x49c/0x900 [ 2304.034569][T21909] ? bpf_lsm_netlink_send+0x9/0x10 [ 2304.039895][T21909] netlink_sendmsg+0x8e4/0xcb0 [ 2304.044858][T21909] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2304.050164][T21909] ? __import_iovec+0x536/0x820 [ 2304.055042][T21909] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 2304.060450][T21909] ? security_socket_sendmsg+0x87/0xb0 [ 2304.066176][T21909] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2304.071488][T21909] __sock_sendmsg+0x221/0x270 [ 2304.077299][T21909] ____sys_sendmsg+0x525/0x7d0 [ 2304.082115][T21909] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2304.087429][T21909] __sys_sendmsg+0x2b0/0x3a0 [ 2304.092028][T21909] ? __pfx___sys_sendmsg+0x10/0x10 [ 2304.097140][T21909] ? vfs_write+0x7c4/0xc90 [ 2304.101603][T21909] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 2304.107958][T21909] ? do_syscall_64+0x100/0x230 [ 2304.112725][T21909] ? do_syscall_64+0xb6/0x230 [ 2304.117402][T21909] do_syscall_64+0xf3/0x230 [ 2304.122090][T21909] ? clear_bhb_loop+0x35/0x90 [ 2304.126994][T21909] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2304.132909][T21909] RIP: 0033:0x7f9729f7cef9 [ 2304.138585][T21909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2304.159108][T21909] RSP: 002b:00007f972ae02038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2304.167646][T21909] RAX: ffffffffffffffda RBX: 00007f972a135f80 RCX: 00007f9729f7cef9 [ 2304.175729][T21909] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 2304.184094][T21909] RBP: 00007f972ae02090 R08: 0000000000000000 R09: 0000000000000000 [ 2304.192169][T21909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2304.200630][T21909] R13: 0000000000000000 R14: 00007f972a135f80 R15: 00007ffeb2bfc168 [ 2304.208639][T21909] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 2304.230048][T21856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2304.258706][ T5239] Bluetooth: hci1: command tx timeout [ 2304.584126][T18768] usb 5-1: new high-speed USB device number 58 using dummy_hcd [ 2305.292833][ T147] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2305.346555][ T147] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2305.411032][ T147] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2305.459578][ T147] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2305.537083][ T147] bridge_slave_1: left allmulticast mode [ 2305.546262][ T147] bridge_slave_1: left promiscuous mode [ 2305.552158][ T147] bridge0: port 2(bridge_slave_1) entered disabled state [ 2305.572501][ T147] bridge_slave_0: left allmulticast mode [ 2305.579230][ T147] bridge_slave_0: left promiscuous mode [ 2305.587022][ T147] bridge0: port 1(bridge_slave_0) entered disabled state [ 2305.722227][ T147] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2305.736744][ T147] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2305.749544][ T147] bond0 (unregistering): Released all slaves [ 2306.005890][ T147] hsr_slave_0: left promiscuous mode [ 2306.011809][ T147] hsr_slave_1: left promiscuous mode [ 2306.019077][ T147] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2306.026727][ T147] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2306.036498][ T147] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2306.044011][ T147] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2306.058986][ T147] veth1_macvtap: left promiscuous mode [ 2306.064724][ T147] veth0_macvtap: left promiscuous mode [ 2306.070319][ T147] veth1_vlan: left promiscuous mode [ 2306.076261][ T147] veth0_vlan: left promiscuous mode [ 2306.330493][ T147] team0 (unregistering): Port device team_slave_1 removed [ 2306.378311][ T147] team0 (unregistering): Port device team_slave_0 removed [ 2306.785547][ T147] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2306.842649][ T147] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2306.889998][ T147] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2306.950288][ T147] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2307.034357][ T147] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2307.090178][ T147] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2307.140788][ T147] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2307.191399][ T147] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2307.286443][ T147] bridge_slave_1: left allmulticast mode [ 2307.292147][ T147] bridge_slave_1: left promiscuous mode [ 2307.298351][ T147] bridge0: port 2(bridge_slave_1) entered disabled state [ 2307.307174][ T147] bridge_slave_0: left allmulticast mode [ 2307.312844][ T147] bridge_slave_0: left promiscuous mode [ 2307.318995][ T147] bridge0: port 1(bridge_slave_0) entered disabled state [ 2307.328168][ T147] bridge_slave_1: left allmulticast mode [ 2307.333922][ T147] bridge_slave_1: left promiscuous mode [ 2307.339939][ T147] bridge0: port 2(bridge_slave_1) entered disabled state [ 2307.349623][ T147] bridge_slave_0: left allmulticast mode [ 2307.355927][ T147] bridge_slave_0: left promiscuous mode [ 2307.361623][ T147] bridge0: port 1(bridge_slave_0) entered disabled state [ 2307.371159][ T147] bridge_slave_1: left allmulticast mode [ 2307.377061][ T147] bridge_slave_1: left promiscuous mode [ 2307.383381][ T147] bridge0: port 2(bridge_slave_1) entered disabled state [ 2307.392103][ T147] bridge_slave_0: left allmulticast mode [ 2307.401195][ T147] bridge_slave_0: left promiscuous mode [ 2307.407086][ T147] bridge0: port 1(bridge_slave_0) entered disabled state [ 2307.787355][ T147] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2307.798904][ T147] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2307.808849][ T147] bond0 (unregistering): Released all slaves [ 2307.823447][ T147] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2307.833831][ T147] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2307.844392][ T147] bond0 (unregistering): Released all slaves [ 2307.861618][ T147] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2307.876633][ T147] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2307.887222][ T147] bond0 (unregistering): Released all slaves [ 2308.266138][ T147] hsr_slave_0: left promiscuous mode [ 2308.272096][ T147] hsr_slave_1: left promiscuous mode [ 2308.279634][ T147] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2308.288573][ T147] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2308.298142][ T147] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2308.307285][ T147] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2308.318324][ T147] hsr_slave_0: left promiscuous mode [ 2308.325100][ T147] hsr_slave_1: left promiscuous mode [ 2308.331096][ T147] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2308.338652][ T147] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2308.347309][ T147] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2308.355443][ T147] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2308.367634][ T147] veth1_macvtap: left promiscuous mode [ 2308.373264][ T147] veth0_macvtap: left promiscuous mode [ 2308.378964][ T147] veth1_vlan: left promiscuous mode [ 2308.384724][ T147] veth0_vlan: left promiscuous mode [ 2308.390936][ T147] veth1_macvtap: left promiscuous mode [ 2308.396992][ T147] veth0_macvtap: left promiscuous mode [ 2308.402575][ T147] veth1_vlan: left promiscuous mode [ 2308.408193][ T147] veth0_vlan: left promiscuous mode [ 2308.840845][ T147] team0 (unregistering): Port device team_slave_1 removed [ 2308.878345][ T147] team0 (unregistering): Port device team_slave_0 removed [ 2309.204353][ T147] team0 (unregistering): Port device team_slave_1 removed [ 2309.246101][ T147] team0 (unregistering): Port device team_slave_0 removed