last executing test programs: 9.157931306s ago: executing program 2 (id=4257): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="043e1d02010100aaaaaaaaaa001110a1ed94495df99cf6e78831ca231f262700"], 0x20) timer_create(0x0, 0x0, &(0x7f0000bbdffc)) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x1010, 0xffffffffffffffff, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x800454cf, 0xa9dd47192d7f0000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000340), 0xffffffffffffffff) socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) r1 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) io_setup(0x1, &(0x7f0000000040)) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x8}, {}, 0x0, 0x0, 0x1}, {{@in=@private=0xa010101, 0x0, 0x33}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0x18}, 0x200, 0x3, 0x0, 0x7}}, 0xe8) sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, 0x0, 0x4000805) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x1d}, {0x0, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x10}, {0x4, 0xc}, 0xd, 0x0, 0x1}, {{@in6=@local, 0x4d3, 0x33}, 0x0, @in=@dev, 0x0, 0x2}}, 0xe8) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000700)) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r2 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000000)={@mcast2={0xff, 0x5}, 0x0, 0x0, 0x2, 0x3}, 0x20) 7.940068404s ago: executing program 2 (id=4262): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2={0xff, 0x5}}, 0x1c) write$P9_RGETLOCK(r0, &(0x7f0000000040)={0x21, 0x37, 0x0, {0x0, 0x0, 0x4a2, 0x0, 0x3, '%+('}}, 0xe6da) 7.907537174s ago: executing program 3 (id=4263): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x33, 0x4, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x8, [{@dev}, {@multicast1, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x13, 0x0, [@dev, @remote, @private=0xa010101, @remote]}]}}}}}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'}) socket(0x8000000010, 0x2, 0x0) write(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f0000000100), 0xffffffffffffffff) syz_emit_ethernet(0x205, &(0x7f0000000980)={@link_local, @random, @void, {@mpls_uc={0x8847, {[{}], @ipv6=@gre_packet={0x0, 0x6, "56faf0", 0x1cb, 0x2f, 0x1, @rand_addr=' \x01\x00', @private0, {[@fragment={0x62, 0x0, 0x7, 0x1, 0x0, 0x19, 0x67}, @routing={0x87, 0xa, 0x1, 0x80, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @remote, @local, @loopback, @local]}, @srh={0x8, 0x6, 0x4, 0x3, 0x81, 0x60, 0x0, [@loopback, @mcast2, @private0={0xfc, 0x0, '\x00', 0x1}]}, @hopopts={0x2b, 0x6, '\x00', [@generic={0xd, 0x28, "6c0f67fa001f2d4f2a4540cf50b4f4630367861fa13140cc6ecf958b1ed52dc5b8c42d0677037923"}, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}]}, @dstopts={0x6, 0x0, '\x00', [@jumbo={0xc2, 0x4, 0x35}]}], {{}, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800, [], "22740ede289c7d8733d3f0c2c5f5075b10d24269e1583e8634cb2e254e8773e5323c7e25639bbcc9742b7e4475d8137342e01c2d8ee133042ce7534d4282506b4fb42ceada68174e4fba7be65842904948a16f7e0877f6f8583f77a1"}, {0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x86dd, [0x4, 0x3, 0x1ff]}, {0x8, 0x88be, 0x2, {{0x0, 0x1, 0x2, 0x1, 0x1, 0x3, 0x2, 0x7f}, 0x1, {0x9}}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x0, 0x2, 0x1}, 0x2, {0x3, 0xa0e, 0x0, 0x8, 0x0, 0x1}}}, {0x8, 0x6558, 0x2, "580133bc23f1b8fe435e1801f478ba03379a8932ae30d335bd3aaa1453a2dc97d4a02ac9f408f0567891108606557613390cf5794558904c04952254e4"}}}}}}}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x90) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$MEDIA_IOC_G_TOPOLOGY(0xffffffffffffffff, 0xc0487c04, 0x0) sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket$can_j1939(0x1d, 0x2, 0x7) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0) ioctl$SNDCTL_SEQ_PANIC(r3, 0x5100) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc)) mremap(&(0x7f0000000000/0x9000)=nil, 0x600a00, 0x200002, 0x3, &(0x7f0000a00000/0x600000)=nil) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x401d031, 0xffffffffffffffff, 0x0) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28de, 0x1102, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket(0x0, 0x0, 0x0) 7.760674783s ago: executing program 2 (id=4264): socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x34, 0x4, 0x0, 0x0, 0xd0, 0x66, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x0, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x44, 0x0, 0x3, 0x0, [{@private=0xa010101}, {@multicast2}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast, 0x8000}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x0, [{@broadcast}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0x0, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0) syz_usb_connect$cdc_ecm(0x5, 0x5e, &(0x7f0000000740)=ANY=[@ANYBLOB="12010003020000082505a1a440000102030109024c0001010000040904000503020600fb0624060000fe05240004000d240f010040000000000000020724146a8f85280b5473c70394a42d445c85cf2a0b00090581034000070106090582020004050304090503020800050300"], &(0x7f00000001c0)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x201, 0x7f, 0xc0, 0x0, 0x40, 0x8}, 0x37, &(0x7f0000000140)={0x5, 0xf, 0x37, 0x4, [@ss_container_id={0x14, 0x10, 0x4, 0x4, "cdde1b301c880a6770eb38fb3778fad0"}, @ss_container_id={0x14, 0x10, 0x4, 0x4, "e46e61705c1b463cdbe34939e15665bb"}, @ptm_cap={0x3}, @ext_cap={0x7, 0x10, 0x2, 0x12, 0x2, 0xf, 0x6}]}, 0x1, [{0xf, &(0x7f0000000180)=@string={0xf, 0x3, "b240ac3a5156a0801df8e9ce81"}}]}) syz_usb_control_io$hid(r1, 0x0, &(0x7f0000000100)={0x2c, &(0x7f0000000440)=ANY=[@ANYBLOB="00000100000004"], 0x0, 0x0, 0x0, 0x0}) sched_setattr(0x0, &(0x7f0000000180)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0) openat$random(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) unshare(0x8000400) r2 = mq_open(&(0x7f0000000040)='!selinuxsel\xad\"\x0e\xabx\xb8\xc9\xa8x\x00', 0x6e93ebbbcc0884f2, 0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000240)={0x0, 0x21, 0x80000}) r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r5, 0x84, 0x1c, 0x0, 0x0) mq_notify(r2, 0x0) 6.880340509s ago: executing program 3 (id=4267): socket$inet6_udplite(0xa, 0x2, 0x88) r0 = socket$inet_tcp(0x2, 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x3, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc}, 0x90) r2 = socket$rds(0x15, 0x5, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_SET(r3, &(0x7f0000003900)={0x0, 0x0, &(0x7f00000038c0)={&(0x7f0000002840)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000330000000e0001006e657464657673696d0000000f0002006e657464655673696d300000"], 0x34}}, 0x0) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/config', 0x600a00, 0x22) getdents(r5, 0x0, 0x0) getdents64(0xffffffffffffffff, &(0x7f0000000100)=""/88, 0x58) r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/config', 0x0, 0x0) getdents64(r6, &(0x7f00000001c0)=""/147, 0x93) getdents(r6, &(0x7f0000000280)=""/182, 0xb6) getdents(r6, 0x0, 0x0) bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000880)=""/4089, 0xff9}], 0x1}, 0x0) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_int(r7, &(0x7f00000002c0)='cpuset.sched_load_balance\x00', 0x2, 0x0) r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x5c, r8, 0x917, 0x4, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @empty}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @multicast1}}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x2}]}, 0x5c}}, 0x0) r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000340), r3) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'team0\x00', 0x0}) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000440)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x30, r9, 0x300, 0x70bd25, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x14, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r10}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0x30}, 0x1, 0x0, 0x0, 0x4008800}, 0x800) sendmsg$L2TP_CMD_TUNNEL_MODIFY(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x14, r8, 0x200, 0x70bd2b, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) preadv(r7, &(0x7f0000001880), 0x0, 0xfffffffc, 0xffffffc0) 6.78866216s ago: executing program 4 (id=4268): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) eventfd(0x5) socket$packet(0x11, 0x2, 0x300) timer_create(0x3, 0x0, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/ip_mr_vif\x00') preadv(r2, 0x0, 0x0, 0x5e, 0x0) timer_create(0xfffffffd, 0x0, 0x0) r3 = add_key(&(0x7f0000000380)='user\x00', &(0x7f00000003c0)={'syz', 0x3}, &(0x7f0000000400)="bfca06480c2e3115466125d344cc0fd35300f193b38c95a3451e712a9cfaa72a93eaa79b3e3aa8e2a8b54a2f45797c6681b93383b91579fb34ccfab0ccefc9e9b778ff53718b3bc95966551ad00f739ba6622e10797a01b8271e35ea743e2d175640f29b0bbb0af5354f85a5bee58e16fa17c3257d1af8372adb50049b481fc60aa510740d0b316382e3e391f2e7466580f4d678ebf9deef3c83a0ef27f6210ec315d5d0d1fbcb75f55190b3b942ff5adfa797752bdc6de7084c3d9e403b28f7b35020c28c56d08c92bd", 0xca, 0xffffffffffffffff) keyctl$instantiate_iov(0x14, r3, &(0x7f00000018c0)=[{&(0x7f0000000500)="c93f469396197404f1db2edb5b6ef263a9682fca57ffc83577de9e819d50c4455fe73febd50a5faf92e968325a3e8f1fcb7a9f1a9d6d1bd958c2b9700f306588df8db747380a771a5c730019edb323e6cd30d6250c61f71849e3170842c0e46022cfd5457b88f6113514296a948f9fb532ebb47db40c82b7287d89415d9c33e400b042acf6616e308e2e65c2d6d61a599d27c9c9", 0x94}, {&(0x7f00000005c0)="42fcc589b0b308e21d1432e6f4dba1712bff63075b484fb97fe1935c0ab9f0d9d28f81a5b26ad83b229cde9d84d856324a6769ffc85e20afcccc90955d2dbc1a8a16cc3dc4fd5281bc8973db49b1b405f9fea2b3cccc0674311a61dcbf21e162d225ab23a33028f78c1ec70208c1ba6465a0ff1f88d05c0be23e16ab34d6f3aca2536c44c01b2465031e65e15863f3077aa0282fa74fbfedbb63e5bd03dc712465d59c115f8c27ec6fc551ccb722472c54919807173f4a6592d4051e6f5bf3120b4582969d26e870f5d048512126ba8c8fba1213f10e48f6395f2b85d85565a8b2fb5510cbc7a7cb16d3e5ef464874d689ff35acbb56a3fd59b7457d51804a6160c442bbfb651cf58c84392270f3311659de3aff32935bbd2c4c59ab625b5d5ba5aeb97880567c1cb42fae8226f47068d926000ce17cc43f913c6ced10207fb9605ae1e40080863fe4b740cfc37483fc0c26218748b933a206614759695fabccc81e7bbcab04f7e1c535b5a9fc852c87734632b65506b30cdb1e10af496d41ae3add8cf9fd770de0acd2650dcc429a08817225670f351176f5b7d8a7e1b2439a9eefcc049c8e580c2b5aa420e5fa8fc1452762f3e2eb1ee50a4bc897fd1cba81f957210e08f027de2fd21b99b588cff704e6735df20c194c1a5eff13a820eeef036d5993b142d28d56209f175be2b5143a9c64876b0957c7969072008cb4634e2e4cb8a5bbecbc2cdde66e8db65cf765bed3c45ba8ae8902c2bd5b5f2ed2eb49603cf54342f377bbdffc229e27ea516e91bad8240d10f5314ea0e32b373276279056b042697db0a840427e19e3718eaf478ec0a3bbd79be0dd0b80096cef26c6f9d1afd13a509b50b638483c350bd1d7cc2c25d605fbbe76c25892c062ec5ffe17f4ece5212d42d6a8b9bb9587a09f8b16a4dd54571e27daac3d68c33a885c251e4db0e96562b7cdff6892215996b83c9941a298d1a20389268c376342c75d62e6f04b05240be2ab03d24ed058b7811f22f976aadf64fc091d457d4f70a834714b702b347917711d6b7f4057769b2769902c9c00e370308df13cdda2f4cc071aead7adc31493f5c68ce75d2922d4e1b7dfc753cfe506514f00e205dee8a96e03aa406a6282911e7ed30b0e7c85e95e7a047350e7518aeab11b0b82faf48c92036ae6cba3ebb5db0b04348f2a73ab080026c6026c980d7b096086c0d0992ed3ee738a4abb09d7cc2864172df1fd9e0680a434d1e265960dc89d10e3aa979266768685a5a62c811772a671dbb9b4d35539251800cd62e56cd41215a6cbb5075900e6f789ddd4de5d0b91ed0c2b37be85694b40d5f8a39804bd2f47c2fc810562805a14fd4d9cc984c8bfdc3633e96e4ed0a819a7a00cd817bec91382973e9a66bcfdaef27422ed45a9db83534a920ab1b6e470d73b6a8a8d66d44327210aba36c6585c30398f3c7c5be8955dc39c838e4c424dcb8faf33780011557f5a46dc56da0f01d55bc00ce580211c7bba66b7a172ea1e9d5c6f9bde38ddd31eb69d74d962e85d070129231740d2ba23deddaaa1cda0cf6d36ad427d719c77341cdfd6f9374cde6cbe58553958f0cf13762c909391c238e5f36a92da8fe5bf765cc3e9e767bc9a7713d5dd52edc4c0af0b95e901f7315eaab3b722b36612899c12ec2bfbe68fd65a6a4a128ead16912e8a3d44b6a18ea79a45b570be3a1711f6791b5e857e3bfb120f483fe9bbf57883f70852dd2ead80eb02495a3f4721529d991f496c66c495ffc8ce4faebf7785a90938de267c60da034a9249c7f1e643468ed2ef30d004955a3c9d21588dcf676580b7c2f6cf07fbf502dc93c6a3e71ff99f8af9e6743d8d53f09a92de7bd36026d712c7fb78d386acb5c0bc1602c69f6ceb639b29ede215521673e0b849b81d2b9552c5dd6a8e855eea715ab1097db05c17abe5c48ca54d9282caa3090a59f9a056f0c08ed9fea0ae51c4aaa53a3bf5adfb209b933dd12c9b67848911ae9af43cfb462264ebda0d82c89ebf8e6df946bba39728ed6cdefc029569922db89ba1b410bef52c21ac9242f377c61cee33d762c8b811332a2bd963a41d819922514502f31722de2ab20ddd77a6560786cbd9231b8a6ec963b45327178461cce5b8fc0c526c7582927ec56261ae3a23c1d51e515f1191de0d73eab8d828f05558def26f7e4c58597b10d98dfed5a2de88d49164e686194351e4054992cb615c85801e53e30dd8c98f8ee42e60c8b150a88f55f764727883f927c6fbcea20565f1851ae9fef614510e5eba50bca101468c8ddf3e364f898b36c6bfbfed27eeb59a9fda73f89b393207da70dd41b542a41b5fd854e633469a9edbd4fc6e5eaa2bc756b7af13b3c20d7d5c6f880a0363c2ee81b9abd9701f854c49e20eacecb60061281c25984d39f68d3b4c33afd8e604ca2fcfbd93e6b82c780018519a49b11e0cbd464d8f584ba3f56311cccd36f7107ee2c8a1c6dcff8a9bc42a20b254f844cc477be4b8048b66fac25e06de3938c7df6f550ff87e675b1268d92fad733ce83a5304a88fa3c8326db40e2f6d48e62b6c6ad56c8adcd1d7947722e9d63dbe5dd30058886c396348f1d1cf0792ec0ba97dd81db7732d7a3e8e248dadfcaf7771c72d395f2f4298f5e4d32a108d186af74b35cba8bcee26e455a3b8f7eeddf98e16f4f260f6f845589231bcc19b80ed929dba9979fdf281ae6f952d6077d493be777b85b067ad2fbf6e248789bc2a74acf166c2a212afdcaff093ae86fcebbbac7a0bac4efd9e4e8913d1a7cd7f069ebf7d118434d07d12c69bdacecefd53e2f05ec3d026ae5375922a19af6a1644eeeb5a016a416e2aec897521ff79515648a6ab731ec4e7e840eb64a847f2bf72e3663d13021f7ce1f2f845f7c4f4707167f062802365cdedaa8907a5abcca773902a1b11b6cc61a0d6f25e4617b24cefe1097db16dc984adbbfb89a1549a8f2c444529ad237312db03c6fc44f8e78cf3b9f1617ae47024e8b00cbd5386ee5b37d23846e57f9870c120a568cf8b03397d6dc3d63ea449f51447a2f42f30b6cd90bc8163a758d9e60f3c973d977b4e8dfddc7312bb0d7d87d6bb103c54c38d2929243c4ecc73ea22df3128e7341f562cc29066310c50c1992701eb0dabe46b27fd3148395a49e29d86298450d39195f46ebb385f58857dcf09af1aa00bb8108340f7fd503618b659f4ee136dff151dc8c06fb64211b17ef530386ae5e4aa0a7cb4193627641ef734076d8d3447b7f3df7573458e5a389a6db6d77f33912a74cc56753120323eb74c861a238a20f6451558929ce7615f4525ac43cc566f12e5e9440060eb455333a6833757c0b4c207ef8871108ca492dc789e42fe885b4bd721c4bb9960b789dcee8c43c37596823362971f0c8c4b8e0e3c38f48d5977fef94b1fa9d92dabab2f26c7ebdb19171807f48bee9082bb30c4134a582e690c9f0d3b98a65a4b307380aa01154a35ca02c03ca09bec6a872ca32cbbd415fc1245ad6e96b9dc9bfdb40cafbf0b578ec6a3d249218c473d2cba3fdbe3dfbcb60c952c16e10058f2f8d2827051b71fafce6c30e417ff6e79d5e67f6488b45c38f588d1483c6c611c04b4c42dd1df29fe946ba6f538609341d4b21b958291815fdc1436f97d35f057138f08187f7c735a016028c7ae47d3f5f058ec0bc118453c3a8a0c8a0444ec9e51a3cd701236b8ee56e8643b32eaabd309093a1be76e9c0008a6817ad3eeaf238ec30ebe6b9687f54d4fbb4888b51e19841c57ca98154b6820632aa7f2c13a1e4217efaf122b52d4712a4be82d28268b9a742fdce2c2757d6eb2a73338d1183da52f429f1611547262f42c01f58907d42fa097695b0ed39dbbb85df70fd9e2d2e91f9c644d603de488157e2bdc5a8f1b4046a921f6610086bf7d706305a3efef9506a14f187a1c54315b2229f3551214ff7559592c62f474735c955908534d3becbf095f96b09b91584bb593d9a29e6d6cc64deb2ebdedd5e2ff93a427809aed8bb650a2bf07e154f07108a5b5b59449dc915f12c89a1c7e1211e369beac970a0da7b1e1f9d58644525752ccfaba86fe4fd098fda97c1b9d9860651855681210f1003e428974a3e3b7fb85f7ed187d0a5c2930c596eac91920c11b11bebad550573c68dde5bca06c5f6679833a8fa99c7d883c9cf3df82c2e6561490e88e136bdecd1bb21339832a3f76a12fa5495ebccf82a8e1e1149ab0bd3915f1bc8eeabe5d0c8e23ad1e846920ef1bf5171b652d60f85bd559dabab4e381619ed4b5883bc66f6d700dd27b189ec671fc529525ab1f591aeca846e329f43f96bbd04da0428780205b6e7697be76339935f5f4bed56790ecc434acacadd606ba4c4db53e9b2279750cf6854bb378b448b4306fbdc7a8cb9233817cbdeeea1d87eaa50ea78d1b5e01b0cae849ebeb43f5fb682d256df18d0c3a95560d7bcd23a08f395cd78bb213fe6addd37aaf093f569d79e9aae6c30d96c0d30ad37ff7eef5032cde6f91996442b0410945cb794889ca5992afc5a944472af52af9daf66cf07dc8262dfb404af84ed2abcdd8ab4a92467b93621d7518e90221af3a8bd0c1f0741e546ded80de401377680ae7ff79819ea6dba76fdbb5d62739f887a4cd4a960eb7513aa84450a76e01acae2bdf2f698fc6fa4122b0f54b4f33834fe9ca45faaace6ad2cbda62f930fdfdb9451d20418b45d822d0e31fe97b6941135377d42aa80fd7c7a7f504f53925729035c2543196a6dcd07ee2cc9a6b6ef70c0b31e9184e57205e53ce4a1baaae9ed0ef490c477a3fb822a70374b82e13be5cbc47809dfe4fb669122dfaeca2eb30e766c782b77932d7ca4452ffff2d27caa85daf9ce47d1e14d7359d13af55c7b45fc4f10094aab8c1274b23f8760a4a5e8858dc5db14877f19cbd6c5b2540ff7c6f4b324938eb384f247dcbd948a2cbee4966391063e7ae8da4541db35a7276c592f28756b9dd8d9c5ec916b1a3d6fe41822aa91b8b3f587c2bffab4492bce4da64e60b46cdd19e61eeb73081ec9a4e836f9582f3bf521dda661ff0cba85f88b7ad8f5f6b759ff42c27a24d8343db4597ad777e3211fd192f977fdc7143969aeeab334293ca41c47405279f51da4e14df2674b624f3064c2e1897ed4f3da73de90faad2a3e56ae37dcb7eade836c3f192c8c42fdfc817c8dffbaa2723cf26a4ab7dd3efe0b692f20d8bd1a319bf204e98debe6c81ce042e7072ecbdc70cf5b3737e2112f85115eddcdb7f01304731d285a349e179ea39b8604e42aa24a940f29449739bd2581a759c5e8e4a7895ba970df73d6fd2d872470fdad690c9432575469e53a68faedcd058746761b4742e7d4a458ae07c59e5bcfd2df72e5862e4df430cfb7232e5e4d10841d443f26e88e7ddb45b52fbc495f7cb5c2f0229d0bf461c5c1ae014393ae67ff7db37dacdca0ec3437d514fe093f46119a8808d97bb434f7facf000d1b8d8c19f7235b3997c8f2192787ed9a28293fe1c4a7747c0dbfbc30b05a320b3b9018d51c88d399e702a8dd3d9efcd4db3d4b648a6e1a61833c0aad7e5e4706b0defeaafdeca119f3968b7fef5a81a88c56ab9b580d69853e492dfcda1139e1875e1ffef54b957337bedbf7faf0a2a46a9354c2fa9c91ddaf6d0a274ec5528f329f2db0852b76353bdff4f5091f338d0a8d0dfaf8b89371b80eb7e73bfbf264b0b4911532cd690f66bf01ea34def8a0dccf0a78e117a110a3be2dc0f368a752712a7e34950f0a563ad43689ce958247b5cd56ec6ae2f69336e045628e7", 0x1000}, {&(0x7f00000015c0)="fce41c4827084acb9cad9082952b43fce7c88ad4158e924c4490a1b5cbd40a2d6e2f522b3059236395fdc67929c77b3f2a3404c14ab6c76f7d56f4089ebe4baa40e382b54dcb64e10e5f6a588df96372d19467ac429435992728d71c3245656d42e0fc59952925815ecb6d215618f66e843d866a8c500da73a2714eb4189725c4d3a6fe155d2b0e767c3b95383c506a465a4fa96dda4f6ff7065fc695153f0952a2600cadc91ffe0cc889866a3cc1e3fbc09ed862f768789f7687d224071aacac3b65cb053a548586918ca3ce0418e2b7a7cbcfd11f4e385a9df6e3fb546409ffaa8cc279041", 0xe6}, {&(0x7f00000016c0)="c18525f0b074aee073f626f3759ae656418cdb37bbb13ff0f934fc1127c524ca7cfc9397b97dfd2e0cbff3d9f14b7041e24ce32925d920cd403cf136c903c1ca8fd52b96482eefe96b5d4a5a89bc0843d909c1ec5cad5f113276d9043d2550565b0b4f5a9a82e1a20c3fb1b8769c23272abb8439a1329e58518c43e41c6100a8ea6c556d8225f861a4faa4d922c0e1c5ad4b1a1256e9af4746dcf89f3fe989375bba8c691a2bf4ef4b57b9599c928be22acfbff7a378c0a6f3f5c2231742672afe38d5581ea0a469e06ea7ac83aa33a1775f7d4b14372b2fa6b9cb51", 0xdc}, {&(0x7f00000017c0)="f2af6673ca5afa70347d6bdd86ebf82ceb48e66b507e59030d7a6b11b669275e72685e1e49e08cead546d875f1ad1cb8137e36727b19a39ea0bb7b48dd57c857e6a5921dcf708c590fd0a9bf854843461049f0bb53be0589473f5fecca69e8b7605f869ad2b332a51174cf4e6c47d33ea3a69e0cb60b6f4197cdb4ad3bffec694bab75f31a11d70a3580f925096e719454ad83f2f4e6817fc6bf5467b9034138d1b7ad51b07d9e1a66e225a2d27769a690499f372a77b09428b4cf2afdfd8656de", 0xc1}], 0x5, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000000)={0x0, 0x9}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000200)={0x0, 0x200, 0x2, 0x2, r4}, &(0x7f0000000240)=0x10) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x2f, 0x5, 0x3, 0x2, 0x40, @mcast1, @empty, 0x80, 0x1, 0x6, 0xb0f}}) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000d80)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5}, 0x90) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000140)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d24070000030769dc000049c40c240000e9fffff5ffffffff0924031300010005024524", @ANYRES8=r6, @ANYBLOB="05"], 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$inet6_sctp(0xa, 0x1, 0x84) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) eventfd(0x5) (async) socket$packet(0x11, 0x2, 0x300) (async) timer_create(0x3, 0x0, 0x0) (async) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/ip_mr_vif\x00') (async) preadv(r2, 0x0, 0x0, 0x5e, 0x0) (async) timer_create(0xfffffffd, 0x0, 0x0) (async) add_key(&(0x7f0000000380)='user\x00', &(0x7f00000003c0)={'syz', 0x3}, &(0x7f0000000400)="bfca06480c2e3115466125d344cc0fd35300f193b38c95a3451e712a9cfaa72a93eaa79b3e3aa8e2a8b54a2f45797c6681b93383b91579fb34ccfab0ccefc9e9b778ff53718b3bc95966551ad00f739ba6622e10797a01b8271e35ea743e2d175640f29b0bbb0af5354f85a5bee58e16fa17c3257d1af8372adb50049b481fc60aa510740d0b316382e3e391f2e7466580f4d678ebf9deef3c83a0ef27f6210ec315d5d0d1fbcb75f55190b3b942ff5adfa797752bdc6de7084c3d9e403b28f7b35020c28c56d08c92bd", 0xca, 0xffffffffffffffff) (async) keyctl$instantiate_iov(0x14, r3, &(0x7f00000018c0)=[{&(0x7f0000000500)="c93f469396197404f1db2edb5b6ef263a9682fca57ffc83577de9e819d50c4455fe73febd50a5faf92e968325a3e8f1fcb7a9f1a9d6d1bd958c2b9700f306588df8db747380a771a5c730019edb323e6cd30d6250c61f71849e3170842c0e46022cfd5457b88f6113514296a948f9fb532ebb47db40c82b7287d89415d9c33e400b042acf6616e308e2e65c2d6d61a599d27c9c9", 0x94}, {&(0x7f00000005c0)="42fcc589b0b308e21d1432e6f4dba1712bff63075b484fb97fe1935c0ab9f0d9d28f81a5b26ad83b229cde9d84d856324a6769ffc85e20afcccc90955d2dbc1a8a16cc3dc4fd5281bc8973db49b1b405f9fea2b3cccc0674311a61dcbf21e162d225ab23a33028f78c1ec70208c1ba6465a0ff1f88d05c0be23e16ab34d6f3aca2536c44c01b2465031e65e15863f3077aa0282fa74fbfedbb63e5bd03dc712465d59c115f8c27ec6fc551ccb722472c54919807173f4a6592d4051e6f5bf3120b4582969d26e870f5d048512126ba8c8fba1213f10e48f6395f2b85d85565a8b2fb5510cbc7a7cb16d3e5ef464874d689ff35acbb56a3fd59b7457d51804a6160c442bbfb651cf58c84392270f3311659de3aff32935bbd2c4c59ab625b5d5ba5aeb97880567c1cb42fae8226f47068d926000ce17cc43f913c6ced10207fb9605ae1e40080863fe4b740cfc37483fc0c26218748b933a206614759695fabccc81e7bbcab04f7e1c535b5a9fc852c87734632b65506b30cdb1e10af496d41ae3add8cf9fd770de0acd2650dcc429a08817225670f351176f5b7d8a7e1b2439a9eefcc049c8e580c2b5aa420e5fa8fc1452762f3e2eb1ee50a4bc897fd1cba81f957210e08f027de2fd21b99b588cff704e6735df20c194c1a5eff13a820eeef036d5993b142d28d56209f175be2b5143a9c64876b0957c7969072008cb4634e2e4cb8a5bbecbc2cdde66e8db65cf765bed3c45ba8ae8902c2bd5b5f2ed2eb49603cf54342f377bbdffc229e27ea516e91bad8240d10f5314ea0e32b373276279056b042697db0a840427e19e3718eaf478ec0a3bbd79be0dd0b80096cef26c6f9d1afd13a509b50b638483c350bd1d7cc2c25d605fbbe76c25892c062ec5ffe17f4ece5212d42d6a8b9bb9587a09f8b16a4dd54571e27daac3d68c33a885c251e4db0e96562b7cdff6892215996b83c9941a298d1a20389268c376342c75d62e6f04b05240be2ab03d24ed058b7811f22f976aadf64fc091d457d4f70a834714b702b347917711d6b7f4057769b2769902c9c00e370308df13cdda2f4cc071aead7adc31493f5c68ce75d2922d4e1b7dfc753cfe506514f00e205dee8a96e03aa406a6282911e7ed30b0e7c85e95e7a047350e7518aeab11b0b82faf48c92036ae6cba3ebb5db0b04348f2a73ab080026c6026c980d7b096086c0d0992ed3ee738a4abb09d7cc2864172df1fd9e0680a434d1e265960dc89d10e3aa979266768685a5a62c811772a671dbb9b4d35539251800cd62e56cd41215a6cbb5075900e6f789ddd4de5d0b91ed0c2b37be85694b40d5f8a39804bd2f47c2fc810562805a14fd4d9cc984c8bfdc3633e96e4ed0a819a7a00cd817bec91382973e9a66bcfdaef27422ed45a9db83534a920ab1b6e470d73b6a8a8d66d44327210aba36c6585c30398f3c7c5be8955dc39c838e4c424dcb8faf33780011557f5a46dc56da0f01d55bc00ce580211c7bba66b7a172ea1e9d5c6f9bde38ddd31eb69d74d962e85d070129231740d2ba23deddaaa1cda0cf6d36ad427d719c77341cdfd6f9374cde6cbe58553958f0cf13762c909391c238e5f36a92da8fe5bf765cc3e9e767bc9a7713d5dd52edc4c0af0b95e901f7315eaab3b722b36612899c12ec2bfbe68fd65a6a4a128ead16912e8a3d44b6a18ea79a45b570be3a1711f6791b5e857e3bfb120f483fe9bbf57883f70852dd2ead80eb02495a3f4721529d991f496c66c495ffc8ce4faebf7785a90938de267c60da034a9249c7f1e643468ed2ef30d004955a3c9d21588dcf676580b7c2f6cf07fbf502dc93c6a3e71ff99f8af9e6743d8d53f09a92de7bd36026d712c7fb78d386acb5c0bc1602c69f6ceb639b29ede215521673e0b849b81d2b9552c5dd6a8e855eea715ab1097db05c17abe5c48ca54d9282caa3090a59f9a056f0c08ed9fea0ae51c4aaa53a3bf5adfb209b933dd12c9b67848911ae9af43cfb462264ebda0d82c89ebf8e6df946bba39728ed6cdefc029569922db89ba1b410bef52c21ac9242f377c61cee33d762c8b811332a2bd963a41d819922514502f31722de2ab20ddd77a6560786cbd9231b8a6ec963b45327178461cce5b8fc0c526c7582927ec56261ae3a23c1d51e515f1191de0d73eab8d828f05558def26f7e4c58597b10d98dfed5a2de88d49164e686194351e4054992cb615c85801e53e30dd8c98f8ee42e60c8b150a88f55f764727883f927c6fbcea20565f1851ae9fef614510e5eba50bca101468c8ddf3e364f898b36c6bfbfed27eeb59a9fda73f89b393207da70dd41b542a41b5fd854e633469a9edbd4fc6e5eaa2bc756b7af13b3c20d7d5c6f880a0363c2ee81b9abd9701f854c49e20eacecb60061281c25984d39f68d3b4c33afd8e604ca2fcfbd93e6b82c780018519a49b11e0cbd464d8f584ba3f56311cccd36f7107ee2c8a1c6dcff8a9bc42a20b254f844cc477be4b8048b66fac25e06de3938c7df6f550ff87e675b1268d92fad733ce83a5304a88fa3c8326db40e2f6d48e62b6c6ad56c8adcd1d7947722e9d63dbe5dd30058886c396348f1d1cf0792ec0ba97dd81db7732d7a3e8e248dadfcaf7771c72d395f2f4298f5e4d32a108d186af74b35cba8bcee26e455a3b8f7eeddf98e16f4f260f6f845589231bcc19b80ed929dba9979fdf281ae6f952d6077d493be777b85b067ad2fbf6e248789bc2a74acf166c2a212afdcaff093ae86fcebbbac7a0bac4efd9e4e8913d1a7cd7f069ebf7d118434d07d12c69bdacecefd53e2f05ec3d026ae5375922a19af6a1644eeeb5a016a416e2aec897521ff79515648a6ab731ec4e7e840eb64a847f2bf72e3663d13021f7ce1f2f845f7c4f4707167f062802365cdedaa8907a5abcca773902a1b11b6cc61a0d6f25e4617b24cefe1097db16dc984adbbfb89a1549a8f2c444529ad237312db03c6fc44f8e78cf3b9f1617ae47024e8b00cbd5386ee5b37d23846e57f9870c120a568cf8b03397d6dc3d63ea449f51447a2f42f30b6cd90bc8163a758d9e60f3c973d977b4e8dfddc7312bb0d7d87d6bb103c54c38d2929243c4ecc73ea22df3128e7341f562cc29066310c50c1992701eb0dabe46b27fd3148395a49e29d86298450d39195f46ebb385f58857dcf09af1aa00bb8108340f7fd503618b659f4ee136dff151dc8c06fb64211b17ef530386ae5e4aa0a7cb4193627641ef734076d8d3447b7f3df7573458e5a389a6db6d77f33912a74cc56753120323eb74c861a238a20f6451558929ce7615f4525ac43cc566f12e5e9440060eb455333a6833757c0b4c207ef8871108ca492dc789e42fe885b4bd721c4bb9960b789dcee8c43c37596823362971f0c8c4b8e0e3c38f48d5977fef94b1fa9d92dabab2f26c7ebdb19171807f48bee9082bb30c4134a582e690c9f0d3b98a65a4b307380aa01154a35ca02c03ca09bec6a872ca32cbbd415fc1245ad6e96b9dc9bfdb40cafbf0b578ec6a3d249218c473d2cba3fdbe3dfbcb60c952c16e10058f2f8d2827051b71fafce6c30e417ff6e79d5e67f6488b45c38f588d1483c6c611c04b4c42dd1df29fe946ba6f538609341d4b21b958291815fdc1436f97d35f057138f08187f7c735a016028c7ae47d3f5f058ec0bc118453c3a8a0c8a0444ec9e51a3cd701236b8ee56e8643b32eaabd309093a1be76e9c0008a6817ad3eeaf238ec30ebe6b9687f54d4fbb4888b51e19841c57ca98154b6820632aa7f2c13a1e4217efaf122b52d4712a4be82d28268b9a742fdce2c2757d6eb2a73338d1183da52f429f1611547262f42c01f58907d42fa097695b0ed39dbbb85df70fd9e2d2e91f9c644d603de488157e2bdc5a8f1b4046a921f6610086bf7d706305a3efef9506a14f187a1c54315b2229f3551214ff7559592c62f474735c955908534d3becbf095f96b09b91584bb593d9a29e6d6cc64deb2ebdedd5e2ff93a427809aed8bb650a2bf07e154f07108a5b5b59449dc915f12c89a1c7e1211e369beac970a0da7b1e1f9d58644525752ccfaba86fe4fd098fda97c1b9d9860651855681210f1003e428974a3e3b7fb85f7ed187d0a5c2930c596eac91920c11b11bebad550573c68dde5bca06c5f6679833a8fa99c7d883c9cf3df82c2e6561490e88e136bdecd1bb21339832a3f76a12fa5495ebccf82a8e1e1149ab0bd3915f1bc8eeabe5d0c8e23ad1e846920ef1bf5171b652d60f85bd559dabab4e381619ed4b5883bc66f6d700dd27b189ec671fc529525ab1f591aeca846e329f43f96bbd04da0428780205b6e7697be76339935f5f4bed56790ecc434acacadd606ba4c4db53e9b2279750cf6854bb378b448b4306fbdc7a8cb9233817cbdeeea1d87eaa50ea78d1b5e01b0cae849ebeb43f5fb682d256df18d0c3a95560d7bcd23a08f395cd78bb213fe6addd37aaf093f569d79e9aae6c30d96c0d30ad37ff7eef5032cde6f91996442b0410945cb794889ca5992afc5a944472af52af9daf66cf07dc8262dfb404af84ed2abcdd8ab4a92467b93621d7518e90221af3a8bd0c1f0741e546ded80de401377680ae7ff79819ea6dba76fdbb5d62739f887a4cd4a960eb7513aa84450a76e01acae2bdf2f698fc6fa4122b0f54b4f33834fe9ca45faaace6ad2cbda62f930fdfdb9451d20418b45d822d0e31fe97b6941135377d42aa80fd7c7a7f504f53925729035c2543196a6dcd07ee2cc9a6b6ef70c0b31e9184e57205e53ce4a1baaae9ed0ef490c477a3fb822a70374b82e13be5cbc47809dfe4fb669122dfaeca2eb30e766c782b77932d7ca4452ffff2d27caa85daf9ce47d1e14d7359d13af55c7b45fc4f10094aab8c1274b23f8760a4a5e8858dc5db14877f19cbd6c5b2540ff7c6f4b324938eb384f247dcbd948a2cbee4966391063e7ae8da4541db35a7276c592f28756b9dd8d9c5ec916b1a3d6fe41822aa91b8b3f587c2bffab4492bce4da64e60b46cdd19e61eeb73081ec9a4e836f9582f3bf521dda661ff0cba85f88b7ad8f5f6b759ff42c27a24d8343db4597ad777e3211fd192f977fdc7143969aeeab334293ca41c47405279f51da4e14df2674b624f3064c2e1897ed4f3da73de90faad2a3e56ae37dcb7eade836c3f192c8c42fdfc817c8dffbaa2723cf26a4ab7dd3efe0b692f20d8bd1a319bf204e98debe6c81ce042e7072ecbdc70cf5b3737e2112f85115eddcdb7f01304731d285a349e179ea39b8604e42aa24a940f29449739bd2581a759c5e8e4a7895ba970df73d6fd2d872470fdad690c9432575469e53a68faedcd058746761b4742e7d4a458ae07c59e5bcfd2df72e5862e4df430cfb7232e5e4d10841d443f26e88e7ddb45b52fbc495f7cb5c2f0229d0bf461c5c1ae014393ae67ff7db37dacdca0ec3437d514fe093f46119a8808d97bb434f7facf000d1b8d8c19f7235b3997c8f2192787ed9a28293fe1c4a7747c0dbfbc30b05a320b3b9018d51c88d399e702a8dd3d9efcd4db3d4b648a6e1a61833c0aad7e5e4706b0defeaafdeca119f3968b7fef5a81a88c56ab9b580d69853e492dfcda1139e1875e1ffef54b957337bedbf7faf0a2a46a9354c2fa9c91ddaf6d0a274ec5528f329f2db0852b76353bdff4f5091f338d0a8d0dfaf8b89371b80eb7e73bfbf264b0b4911532cd690f66bf01ea34def8a0dccf0a78e117a110a3be2dc0f368a752712a7e34950f0a563ad43689ce958247b5cd56ec6ae2f69336e045628e7", 0x1000}, {&(0x7f00000015c0)="fce41c4827084acb9cad9082952b43fce7c88ad4158e924c4490a1b5cbd40a2d6e2f522b3059236395fdc67929c77b3f2a3404c14ab6c76f7d56f4089ebe4baa40e382b54dcb64e10e5f6a588df96372d19467ac429435992728d71c3245656d42e0fc59952925815ecb6d215618f66e843d866a8c500da73a2714eb4189725c4d3a6fe155d2b0e767c3b95383c506a465a4fa96dda4f6ff7065fc695153f0952a2600cadc91ffe0cc889866a3cc1e3fbc09ed862f768789f7687d224071aacac3b65cb053a548586918ca3ce0418e2b7a7cbcfd11f4e385a9df6e3fb546409ffaa8cc279041", 0xe6}, {&(0x7f00000016c0)="c18525f0b074aee073f626f3759ae656418cdb37bbb13ff0f934fc1127c524ca7cfc9397b97dfd2e0cbff3d9f14b7041e24ce32925d920cd403cf136c903c1ca8fd52b96482eefe96b5d4a5a89bc0843d909c1ec5cad5f113276d9043d2550565b0b4f5a9a82e1a20c3fb1b8769c23272abb8439a1329e58518c43e41c6100a8ea6c556d8225f861a4faa4d922c0e1c5ad4b1a1256e9af4746dcf89f3fe989375bba8c691a2bf4ef4b57b9599c928be22acfbff7a378c0a6f3f5c2231742672afe38d5581ea0a469e06ea7ac83aa33a1775f7d4b14372b2fa6b9cb51", 0xdc}, {&(0x7f00000017c0)="f2af6673ca5afa70347d6bdd86ebf82ceb48e66b507e59030d7a6b11b669275e72685e1e49e08cead546d875f1ad1cb8137e36727b19a39ea0bb7b48dd57c857e6a5921dcf708c590fd0a9bf854843461049f0bb53be0589473f5fecca69e8b7605f869ad2b332a51174cf4e6c47d33ea3a69e0cb60b6f4197cdb4ad3bffec694bab75f31a11d70a3580f925096e719454ad83f2f4e6817fc6bf5467b9034138d1b7ad51b07d9e1a66e225a2d27769a690499f372a77b09428b4cf2afdfd8656de", 0xc1}], 0x5, 0x0) (async) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000000)={0x0, 0x9}, &(0x7f00000000c0)=0x8) (async) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000200)={0x0, 0x200, 0x2, 0x2, r4}, &(0x7f0000000240)=0x10) (async) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x2f, 0x5, 0x3, 0x2, 0x40, @mcast1, @empty, 0x80, 0x1, 0x6, 0xb0f}}) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000d80)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5}, 0x90) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async) pipe2(&(0x7f0000000040), 0x0) (async) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000140)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d24070000030769dc000049c40c240000e9fffff5ffffffff0924031300010005024524", @ANYRES8=r6, @ANYBLOB="05"], 0x0) (async) 5.813672317s ago: executing program 2 (id=4271): set_mempolicy(0x3, &(0x7f0000000040)=0x7, 0x37bc) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) openat$dsp(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x17, 0x0, 0xe) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x1010, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x8, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x2, 0x0, 0xc1}) ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f0000000040)=0x2) close(r1) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062430bc068829afff36"], &(0x7f0000281ffc)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0x20, 0x0, &(0x7f0000000240)="5cdd3086ddff0066b3c9bbac88a8862c00dffd0013dd00000000000000008100", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000180)={0x24, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="2f118174a9db3b934e6e19bd3772f2745e1d98fc849ab2b404"], 0x0, 0x0}, 0x0) r3 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb1000000001020009050276"], 0x0) syz_open_dev$evdev(0x0, 0x0, 0x0) syz_usb_control_io$hid(r3, &(0x7f0000001280)={0x14, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0003040000000403"], 0x0, 0x0}, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xffffffffffffff1a) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) sendmsg$SOCK_DIAG_BY_FAMILY(r4, 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="580000000206010100000000000000000000000005000100070000000900020073797a32000000000c000780080012400000000011000300686173683a6e65742c6e65742e3ac414c72e198a9f79f27a433700000008000066c857fbc44e05acc1245d2bdbe919ec23f63c6b9827f95b8a326539ad471aae2917186579d1d520fac9c09d77334e7c4910568dd197a0b8d0605a2987a28a3b33a5096a663aedab9aec712d73e64aade46ca5c5b4f6b08cb16297b8e58b02b8d4ae4e509322be"], 0x58}}, 0x0) sendmsg$IPSET_CMD_FLUSH(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000000406010100000000ffffffffffffff040500010007"], 0x44}}, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x1c) dup(0xffffffffffffffff) 5.794798554s ago: executing program 3 (id=4272): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)) memfd_create(&(0x7f0000000100)=';e\x00\x00\xa4\xd8\xe0\x9c\x7f9\x8aZ]3N\xbb\xe1^\x9c\xe1\x9b6s$0Y\xf8\x90\x00\x00\x00\x00\xd2~l\xf6\x12\xde\xdd\xd5\x1d\x96\xb0a\xad\xcd\x16\xd8G\xae\xd9DZm\xabO\xad\x11%\x7f`@\x16c\xc0\xb6\x1f\xe3\x00\x1a_\xc7\xbf\xa7T\xbe\x13\x8b\xb3r\x8fL\xe6\xba\xe7\x18\xb4$BIj\xa3\xc9\xc6|\x9b\x88\xddPx\x02I\xde\xe8\xcd\x02\xc1\xedc2\x06\xcbM\xfb\x13jZ\x96\xeej\x9b\xe4XjN\xb9>\xdf3U\r \x8dh8T/h)\x90\xff\x8d\xd9\x89\xab\xf8P\xacYtk\xa3\xed\xfa*8\x13\b\xce\xf8z\xed\xadnz\x96\xa3\x9a9R\xd9]\xe11We\xfe3\xe06\x1a^\x04^\xef\xa3\x0fU\x9b1\xc6J\x83\x9d[\\a\xfd\xdc\xa1\xcd\xbe\x9b\xc5z7\xe8VP\x89\x16MK`\xe5\x137\b\x00\x00\x00\xd5\x01\xea\x98\xe6Z\x95j\xe3\x0ek>\x14\x80\rXS\xce\xf9\x0e\x89\xc4\xc6\x1bOm4Lla\r\xce\x17\xb5r&\xf3\x96\xbc\xc39\xa7\x95\xd9F\x17', 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000300)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000380)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f00000001c0)={@flat=@weak_handle={0x73622a85}, @flat=@weak_binder={0x73622a85, 0x8000000}, @flat=@weak_handle}, &(0x7f0000000240)={0x0, 0x18, 0x84}}, 0x1000}], 0x0, 0x0, 0x0}) 5.595986561s ago: executing program 3 (id=4273): r0 = socket$can_bcm(0x1d, 0x2, 0x2) r1 = socket$inet6(0xa, 0x80002, 0x0) syz_open_dev$video(&(0x7f00000000c0), 0x9, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x7fff, 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0xfffffffffffffd7e, 0x5, 0x2}]}, 0x24}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="050000000000000000002e00000008000300", @ANYRES32=r6, @ANYBLOB="0a00340001efcbccacd7384ba784e012"], 0x2c}}, 0x0) syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0) pselect6(0x40, &(0x7f0000000000)={0xfc}, 0x0, 0x0, 0x0, 0x0) r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0502100, &(0x7f0000000340)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r7, 0xc0182101, &(0x7f0000000100)={r8}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0502100, &(0x7f0000000200)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r7, 0x40182103, &(0x7f0000000180)={r9, 0x3, r7, 0x6}) setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001, 0x2}, 0x8) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000002c0), 0xc) r10 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000040)={'sit0\x00'}) r11 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r11, 0x8922, &(0x7f0000002780)={'batadv0\x00'}) r12 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r12, 0x0, 0x20000005) sendmsg$can_bcm(r0, 0x0, 0x0) syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) bind$alg(0xffffffffffffffff, 0x0, 0x0) 5.250316618s ago: executing program 1 (id=4275): socket$netlink(0x10, 0x3, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x10, 0x4, &(0x7f0000000080)=@raw=[@generic={0x6, 0x4, 0xa, 0x3, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @jmp={0x5, 0x0, 0xb, 0x5, 0x3, 0xffffffffffffffff, 0xfffffffffffffffc}, @jmp={0x5, 0x0, 0x6, 0x9, 0x5, 0x0, 0x1}], &(0x7f00000000c0)='GPL\x00', 0x3, 0x31, &(0x7f0000000100)=""/49, 0x41000, 0x50, '\x00', r1, 0x31, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x0, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1, &(0x7f00000001c0)=[0xffffffffffffffff, 0x1, 0x1, 0x1, 0xffffffffffffffff, 0x1, 0x1], &(0x7f0000000200)=[{0x0, 0x1, 0xe, 0x6fe17e3033075552}], 0x10, 0x8}, 0x90) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000380)=r3, 0x4) r4 = getpid() syz_pidfd_open(r4, 0x0) ptrace$ARCH_GET_UNTAG_MASK(0x1e, r4, &(0x7f0000000040), 0x4001) r5 = signalfd(r0, &(0x7f0000000000)={[0xa5]}, 0x8) sendmsg$nl_route(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@newneigh={0x2c, 0x1c, 0x2, 0x70bd26, 0x25dfdbfe, {0xa, 0x0, 0x0, r1, 0x2, 0x1b, 0x4}, [@NDA_FLAGS_EXT={0x8}, @NDA_SRC_VNI={0x8, 0xb, 0xffffff45}]}, 0x2c}}, 0x0) 5.151978687s ago: executing program 0 (id=4276): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="6000000010000d0400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000082c0012800c0001006d6163766c616e001c00028008000900000000000800010002000000080003000000ff"], 0x60}}, 0x0) 5.093472277s ago: executing program 4 (id=4277): r0 = gettid() prctl$PR_SET_FPEXC(0xc, 0x1) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000007c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0xb8}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x30, r3, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}}, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) r4 = socket$packet(0x11, 0x2, 0x300) r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000040)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r5, 0xc02064b6, &(0x7f00000001c0)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GET_LEASE(r5, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]}) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) openat$cgroup_type(r8, &(0x7f0000000400), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r5, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0], &(0x7f0000000280), 0x1, r7}) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454d0, 0x17) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r10 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r10) r11 = syz_pidfd_open(r10, 0x0) waitid$P_PIDFD(0x3, r11, 0x0, 0x8, 0x0) ioctl$DRM_IOCTL_MODE_ATOMIC(r5, 0xc03864bc, &(0x7f0000000380)={0x601, 0x1, &(0x7f00000000c0)=[r7], &(0x7f0000000200), &(0x7f0000000300)=[r9], &(0x7f0000000340)}) write$tun(r8, &(0x7f0000000100)={@void, @val={0x4, 0x3, 0x9, 0x8, 0x10, 0x4}, @arp=@ether_ipv6={0x1, 0x86dd, 0x6, 0x10, 0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @private2={0xfc, 0x2, '\x00', 0x1}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}, @dev={0xfe, 0x80, '\x00', 0xe}}}, 0x3e) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) socket$inet6(0xa, 0x80803, 0x84) close_range(r4, 0xffffffffffffffff, 0x0) 5.00544231s ago: executing program 1 (id=4278): r0 = socket(0x10, 0x3, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000200), r0) write(r0, &(0x7f0000000100)="1400000052004f7fb3e45f2024d2f1c9fb470000", 0x14) 4.719830498s ago: executing program 1 (id=4279): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.current\x00', 0x275a, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$devlink(&(0x7f0000000240), r2) getsockname$packet(r2, &(0x7f0000000900)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000940)=0x14) getsockname$packet(r2, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)=@newlink={0x50, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0xebe3}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @private1}, @IFLA_IPTUN_TTL={0x5, 0x4, 0x40}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x20811}, 0x0) sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0xa, @remote={0xac, 0x1c}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @empty=0x29}}}], 0x20, 0x2000000}}], 0x1, 0x0) 4.706373427s ago: executing program 0 (id=4280): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) write$P9_RSTATu(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="340200000200000005f300000000feff000000000000000000000000000000000000000000000000000000000000000000001b00046e6f6465767b65766f6f7e05"], 0x234) 4.703058802s ago: executing program 4 (id=4281): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005938d74010973077339600000001090212000100001e000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000010c0)={0x84, &(0x7f0000000080)=ANY=[@ANYBLOB="1f769a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000880)={0x84, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 4.527849274s ago: executing program 1 (id=4282): socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x34, 0x4, 0x0, 0x0, 0xd0, 0x66, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x0, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x44, 0x0, 0x3, 0x0, [{@private=0xa010101}, {@multicast2}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast, 0x8000}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x0, [{@broadcast}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0x0, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0) syz_usb_connect$cdc_ecm(0x5, 0x5e, &(0x7f0000000740)=ANY=[@ANYBLOB="12010003020000082505a1a440000102030109024c0001010000040904000503020600fb0624060000fe05240004000d240f010040000000000000020724146a8f85280b5473c70394a42d445c85cf2a0b00090581034000070106090582020004050304090503020800050300"], &(0x7f00000001c0)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x201, 0x7f, 0xc0, 0x0, 0x40, 0x8}, 0x37, &(0x7f0000000140)={0x5, 0xf, 0x37, 0x4, [@ss_container_id={0x14, 0x10, 0x4, 0x4, "cdde1b301c880a6770eb38fb3778fad0"}, @ss_container_id={0x14, 0x10, 0x4, 0x4, "e46e61705c1b463cdbe34939e15665bb"}, @ptm_cap={0x3}, @ext_cap={0x7, 0x10, 0x2, 0x12, 0x2, 0xf, 0x6}]}, 0x1, [{0xf, &(0x7f0000000180)=@string={0xf, 0x3, "b240ac3a5156a0801df8e9ce81"}}]}) syz_usb_control_io$hid(r1, 0x0, &(0x7f0000000100)={0x2c, &(0x7f0000000440)=ANY=[@ANYBLOB="00000100000004"], 0x0, 0x0, 0x0, 0x0}) sched_setattr(0x0, &(0x7f0000000180)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0) openat$random(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) unshare(0x8000400) r2 = mq_open(&(0x7f0000000040)='!selinuxsel\xad\"\x0e\xabx\xb8\xc9\xa8x\x00', 0x6e93ebbbcc0884f2, 0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000240)={0x0, 0x21, 0x80000, 0x0, 0xffffffffffffffff}) r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f0000001840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r6, 0x84, 0x1c, 0x0, 0x0) mq_notify(r2, 0x0) 4.308861624s ago: executing program 0 (id=4283): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x6, 0x3, 0x0, 0x0}, 0x90) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x6e, 0x0, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r2, 0xffffffffffffffff, 0x0) landlock_create_ruleset(&(0x7f0000000140)={0x0, 0x2}, 0x10, 0x0) r3 = socket$inet6(0xa, 0x1, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_META_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}}, 0x0) r5 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0) r6 = socket$nl_crypto(0x10, 0x3, 0x15) sendfile(r6, r5, &(0x7f00000000c0)=0xffff7fffffffc059, 0x0) dup(r3) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) r10 = dup(r9) ioctl$KVM_SET_MSRS(r10, 0x4048aecb, &(0x7f00000000c0)=ANY=[@ANYRES64=r7]) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000900)={'batadv0\x00', &(0x7f0000000800)=@ethtool_drvinfo={0x3, "47127558c55e94e81f6a92d164d293fb60960760fd5639172703e7611971306d", "784bb2e82fe8fc2abe556c4c48672a19ec4c1621c488b8634de1f645d583ba91", "6acc0f91db70e93c10d8fbd47b53e42eadb323550cd6027777f0f598c5380b97", "6fc50610034dffb5e2a8719618f529fa4da22311f1f4d99a8b79c38aaded28a3", "98110757773ac5e5d59f30f12e2db51abe192f26ef029bd486fa1d4753edf638", "7b54e7a79bc0d3799f634080"}}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x3, &(0x7f00000001c0)=""/207, 0x0) r11 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r11, &(0x7f0000007300), 0x0, 0x0) syz_io_uring_setup(0x239, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000180), &(0x7f00000001c0)) socket$nl_netfilter(0x10, 0x3, 0xc) 3.619452052s ago: executing program 2 (id=4284): capset(&(0x7f0000000080)={0x19980330}, &(0x7f0000000140)={0x400, 0x0, 0x400, 0x0, 0xfffffffd, 0xfffffffe}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000100)=0xc) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newsa={0x138, 0x10, 0xeac0e19b6999623b, 0x0, 0x0, {{@in6=@remote, @in=@remote}, {@in=@empty, 0x0, 0x3c}, @in=@private, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}}, 0x0) ptrace$pokeuser(0x6, r0, 0x1, 0x6) r2 = socket$netlink(0x10, 0x3, 0x4) r3 = socket$kcm(0x10, 0x2, 0x0) r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x403, 0x6030, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x2}}}}]}}]}}, 0x0) syz_usb_control_io(r4, 0x0, 0x0) syz_usb_control_io$hid(r4, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x2, {[@main=@item_012={0x1, 0x0, 0x0, ')'}]}}, 0x0}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r5, 0x10e, 0xc, 0x0, 0x0) sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB='\x00\x00'], 0x38}}, 0x0) syz_usb_control_io(r4, 0x0, &(0x7f0000000880)={0x84, &(0x7f0000000080)=ANY=[@ANYBLOB="00000500009e635e93f1c6dd1d4b7236310381abf2f5246c2f97ff674a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r4, 0x0, &(0x7f0000000540)={0x2c, 0x0, 0x0, 0x0, &(0x7f00000002c0)=ANY=[], 0x0}) syz_usb_control_io$hid(r4, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000140)=0x3, 0x4) r6 = openat$mixer(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r6, 0xc0184800, &(0x7f0000000000)={0x0, r6}) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r8, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r8, 0x0) ioctl$HIDIOCSFEATURE(r7, 0xc0404806, &(0x7f0000000040)) connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) sendmsg$kcm(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="d800000018008111e00212ba0d8105040a020000030f000b067c55a1bc000900b8000699030000000500160002008178a8001500080001400200000901ac040000d67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f27260e970300000000000000000000000000000000000000008dc5fb510162", 0xd8}], 0x1}, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000000180)="590000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008048fc4ac74a2cdabf0000fff5dd000000110001000d0c0c00418e00000b04fcff68", 0x59}], 0x1) 2.483921548s ago: executing program 1 (id=4285): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58) r1 = semget$private(0x0, 0x3, 0x0) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000140), 0x4) setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x30, 0x0, 0x0, 0xfffff010}]}, 0x10) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000001a80)={0x2, 0x4e24, @multicast1}, 0x10) sendmmsg$inet(r3, 0x0, 0x0, 0x240080e4) write(r3, &(0x7f0000003000)='\t', 0x1) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x18, 0x8, 0x40, 0x0, 0x1}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000001c0)={r4, &(0x7f0000000100), 0x0}, 0x20) semtimedop(r1, &(0x7f00000000c0), 0x0, 0x0) semctl$GETPID(r1, 0x0, 0xb, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x1, 0x0, 0x0]) semctl$GETNCNT(r1, 0x0, 0xe, &(0x7f0000000180)=""/141) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x9, 0x12, &(0x7f0000000240)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x26}, 0x90) pipe2$9p(0x0, 0x800) semctl$GETNCNT(0x0, 0x0, 0xe, &(0x7f0000000180)=""/78) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) syz_open_procfs$pagemap(0x0, &(0x7f0000000000)) socket$inet_udp(0x2, 0x2, 0x0) socketpair(0x21, 0x1, 0x8, &(0x7f00000002c0)) syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x4008000, 0x0, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) socket$inet6(0xa, 0x0, 0x0) dup(0xffffffffffffffff) 2.09984813s ago: executing program 4 (id=4286): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) write$P9_RSTATu(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="320200000200000005f1000000000000004200000000000000000000000000000000000000000000000000000000000000001b00046e6f6400767b65746f6f7e05"], 0x232) 1.86404269s ago: executing program 0 (id=4287): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000014c0)=ANY=[@ANYBLOB="c400000021000100000000000000000000000000ac1e0001000000000000000000000000000000000000000300"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000005000110000000000000000000000000000000000e0000001000000000000000000000000640101000000000000000000000000000a0101000000000000000000000000000000000000000000000000001c00040000000000000000000000000000000000000000000000000008001f0003000000"], 0xc4}}, 0x0) 1.819864008s ago: executing program 3 (id=4288): sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x448f4) syz_clone3(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x4e, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a843500180600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="60820000b942f66da2f1c26412e280777a8be314256f0c6e64536631afec64e543c68785b541174226fd4b1a3d85cb989c60ceb3a9c4cd1400"], 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x400, 0x0, 0x32}, 0x9c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c) bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback, 0xfffffffd}, 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000000c0)={0x0, 0x1, 0x20}, 0xc) mincore(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r2, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) migrate_pages(0x0, 0x3, 0x0, 0x0) sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) shutdown(r1, 0x2) ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "da6cd1122d1d837f65d3fe6ba6439cddec04ed"}) r4 = socket(0x10, 0x0, 0x0) setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000180)={0x80000020}, 0x10) openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x10, 0xffffffffffffffff, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) 1.819554715s ago: executing program 4 (id=4289): syz_usb_connect(0x4, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x201, 0x41, 0x85, 0x51, 0x40, 0x1fb9, 0x303, 0x3ad8, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xc0, 0x0, [{{0x9, 0x4, 0xad, 0x0, 0x2, 0xe1, 0x89, 0xae, 0x0, [], [{{0x9, 0x5, 0x2, 0x2}}, {{0x9, 0x5, 0x3, 0x2, 0x10}}]}}]}}]}}, 0x0) syz_usb_connect$cdc_ecm(0x6, 0x5b, &(0x7f0000000080)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x49, 0x1, 0x1, 0xff, 0xc0, 0xf9, [{{0x9, 0x4, 0x0, 0x8, 0x2, 0x2, 0x6, 0x0, 0xb3, {{0xa, 0x24, 0x6, 0x0, 0x0, "e157701e9b"}, {0x5, 0x24, 0x0, 0x243c}, {0xd, 0x24, 0xf, 0x1, 0x50da, 0x400, 0x1, 0xca}, [@call_mgmt={0x5, 0x24, 0x1, 0x2, 0x1f}, @acm={0x4, 0x24, 0x2, 0xa}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x8, 0xfd, 0x2, 0xff}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0x6, 0x9, 0xc}}}}}]}}]}}, &(0x7f0000000240)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x300, 0x5, 0x10, 0x4, 0x38, 0x9}, 0x74, &(0x7f0000000280)=ANY=[@ANYBLOB="050f74000683100b0710020037070036100405a39adcba9947a0386b1683e33d59f314146056075b91183dc10ed573e0fb9d4b79c6ac851dd45598b995b5af24f08a1b6ca614100404d34869f30d91e20ed0ba923358200ee918100a07a37901000f0f07000000ff00ff000000cf9f000003100b20be8f2639af18d59c745adb3306f1dffb085c6f1dd9e1cc57da4f4a73c1b7a559f71ca1700cd618bf"], 0x2, [{0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x54c0}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x44d}}]}) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x7, &(0x7f0000002000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000001fc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = syz_open_dev$loop(&(0x7f0000001dc0), 0x101, 0x0) ioctl$LOOP_GET_STATUS64(r3, 0x4c05, 0x0) r4 = socket$kcm(0x11, 0x200000000000002, 0x300) r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0) fremovexattr(r5, &(0x7f0000000040)=@random={'user.', '\x00'}) r6 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r6, 0x84, 0x8, &(0x7f0000000140)=0xfffffffc, 0x4) setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000900)=r2, 0x4) syz_emit_ethernet(0x7a, &(0x7f00000001c0)={@link_local, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "9a83c9", 0x44, 0x2f, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6558}}}}}}}, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth0_to_batadv\x00'}) r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x400c00, 0x0) ioctl$PPPIOCGFLAGS1(r7, 0x8004745a, &(0x7f0000000340)) 1.647005172s ago: executing program 0 (id=4290): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$EXT4_IOC_GETSTATE(r0, 0x40046629, &(0x7f0000000140)) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x581c42, 0x0) unshare(0x2000400) socket$rxrpc(0x21, 0x2, 0x0) r1 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/pid_for_children\x00') ioctl$NS_GET_USERNS(r1, 0xb701, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="02c83020001c0001000b020400", @ANYRESOCT=0x0], 0x25) syz_emit_vhci(&(0x7f0000000940)=ANY=[@ANYBLOB, @ANYRES8=r1, @ANYRESOCT=r1, @ANYRES64], 0x23) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r3, &(0x7f0000000240)=[{&(0x7f0000001a80)=""/102387, 0x18ff3}], 0x1, 0x1ffffc, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) r4 = openat$cgroup_ro(r3, 0x0, 0x275a, 0x0) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x10, r4, 0x2352a000) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0xe, 0x100010, r1, 0x841ea000) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000), 0x8, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x46, &(0x7f0000000680), 0x4) sendmmsg(0xffffffffffffffff, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f000001da80)=[{&(0x7f0000000ac0)="e2aa2e19019b4678a945bbd985cc4e9674c332a82a373a55ff9d5f9613a9d02295ce55ccb25da36b275b3678f7523ed100f39129319b000559a899d4ccaf713cfef03fdb44a5d59ba5c2148bf51f7b09a67c476a08816ac805b0c8cde2577308413d2f98cb326ea05b807285ab15bf235f", 0x71}, {&(0x7f000001ba80)="176036883652fd56ea36d6c14cee606dc30852823c0ca7d52b600ce89c1f1b8e9381e1f0bf206e387b97faca0bc0154fe86491f424d2c6c15a8bee8b6058c187fc4ad7da51d0ae71d94df97f168f024c787b46e8ef09f77c9d39139a691d1f89e5f95eb53d76076060949856f77117f22bff26f87bc29d2005bb642dff0816da0e4e92065e4ec727ba40829021fef9287c70d7d0391643965d3aeb7d0711fed42504cad5a417c38cb79bbc52e3bb5b88be791bf7cba451363b06a86e5f7f2d59a56587d5298d240ae5ed7d02db7273c3cf0b356b39fb0f9770ac039109bb663da8cc1259acf8ba70c191fca094b61334e991b1dff1996785e444a1e81d4ee6ffbe1bd8901e074dc9877d0ba8795f9a3fc26bbb92cba20a1c31593dff5af0cb1d05d611b52089a3f0a606d76bf8834e9a50c7e3aeea0786b2ad0b5e041d2efff19bc00c6d0ae7bbbd7db822d7782a27a93606644505ef4f1a23e7c39c4d1bef9d47d4170c171afe170d933a2b3b3be757489a7d0e3073c3b5140b1ad9bd812d91dea01149498fe02cbd061b3a31fe315740f4006e93cfcdca9a3ff5d6577be5b6cc2b87e790f68a258c4f6e663e581dde4e59d98fde17140ba6b5b0d120c7f25d288974d2e976edca295776cf955bd7739357172c64259c649a5c6f60ad0a8b755f1684dfb1f5d49563be4277553b649074e22211f70c8fcd1a91b4916fea82c6918dfdd93a28125ed82215a2dbae77189bbe203138b8db1a79f8b90a98b93bdee597076054e02eff3cad62e37ca15bd49f6f9f1665e85785481a0e19a9271b19ccbe683e2e5c8d32c86d2fbefd081acbb31cd9d15a8e3b7131181b1ea4ee903f096c8f9a9702453a50faa9108aad88b3a699565419bfef2978197bd74a56c97bd9298a3d2f9fab3f4d0ed5269ad2d016f67095351c0f503bb8ac917b92f3852da118ce513f4141a71793bf0b655ac85e31121376f18873275e9fead8835de202d7ad0e1706e67774a03e0ba74237ba1d5c4e81f0958796f3858d8575d7ab36e6c2255e757b2c4d56a51ded905ea63208e636e6bdf6f48b31d04e3c4988541089953fb8c628ba984768d6e4984dca73413fad84c97d8c5e4d648191752108081d7d22944abe5dc2c108f6fb947c0c7c0bea1b02405b64779eac3f3f6b9fe2de03a0b1c84b0f2058181645bba3cfbd5c04aa7e9d59d895e2727669554c0ce408d8e68bacf8d9a858c2ef3cc1957d3e2e52abc4ff5b3da21f77938df9030056cb8e89b74f76debcb095304f85745a98f11942bcd77545b651594bab12f25499c46cd602dea01dd7cdcef4da840aa6ba9cbc34065dd4418f5b648fdb300c2655f80f32481f2b90ef9f80bb99cb25146ab52a9c55bb3f8bca9b8c7fba17c82970c999be6e98cb7f76b354f9a1c7b673090276dac294f14548f6e8969af4440c445cff346e1e77b4801a18813fb47aa2a6325ee36ecf96de3cc53efc19a7045f3f279ccab4806e3f6b5687a4da5127d0f97c9b74954ff8705bc25d1e7756a89e0882db216efab33530fadb5deeb794a7037353e5c3c2bf579eed72aacad62a8e5283ee92a857d881eaf4bb958b0b31fb83fca39707bde5b0b4c2d1bba8465a4eb81c13e9b225533c6ca25b24f67176a45c2a6bfd28ceb45f3541f8b03f692e9b75b2bed8abfb06d1d2e819c77a6a10fb6e657788b0d4382f5849fee70ff928f836faa628c4a1f5d787c9ac5e38ebbabaaf089ea9899d38ea7f1917993670167cdde58e542793ebdf370ae99b55e1b19bf986c00954a4b4dad0b16b008b1c5aa9f937a48fa914d33386f00d7b56a6599fd4a28e1247e40fff27a878b86c1737d884a80a0bf286d67c56b1667d08c0ea3c1a5d84eb4ca515f5d55edc15294f28d206e03fc0d30bca24beb2687b0b07b44fd1116912072cf1a8c162ca29993840e9b78c08929e8aeb7af0e656498e6224f40194c39c1671d564e037583d26012d3a03a17ac62b527b437376cac7b73dc366cbc4072eecf281b8b30b4e9b64621058835fcb1cc674ddd4b74d583e6be238ebf87a5c3c7604d39cb4445e831dc776f403464b0334a8ade0871b383ba8a476662688a56b271fdf98f7fe5c39583ceb11863d9155f8007bf49a154a671fabcaaf6df7284b2c9cd8a131905595ae47354b5f655dc2e8f4c18ca89ea6468595c31546b56caaed7e55638eeb7fe8ab63cdaf97e4d5d7317374ff9fa8631283912ba28daf4560c73112a018e2302195d0e95b05b41cf28317248ba929587ddce0c331d57dba0255c450131aa648026f5014f8acd045d7317fe171c2dae409de13dbe61c166f7762346827402ee36ff092c2631c9d5e771c85b040bb68dc338e4dd127b79f160f1623c3d705d194411e5fdccce9a7e576299f28b2b28f683d52f80a13ccd7458edf86cc7cc22af7231495708b6ee70c05944f86be906fd9ea8f4ec2faf1a7dd53c01a5961a358d7e18202f22f833a7258907b5b4b3a532353aacee0473bf13bba24ad5fb03693c689d04d4740612cd0d446326eaa894b58cfffbe43a4b0d7ee0e96212319d6a686b63fad8ef910ecdd304be255dd2c3a4ab8d4661e7cb7358d5f74695ef419b7429a82990d09881c036df3b21149ab017d8502466ce3e2c5be709638f2f53d152ae39a378abc69790c641629f7d70328229fa9c9efe89b3ae28dbb417e091a3b92502016eb5f8f262161fe38b0bed8a6aceb30dacfddc1a089ab1c317a869f977d0683b720d707f660e91be14782896d4ca049d2afaddd52b9eda31a48ea147cb9027693e2c2a0d46ae318ca01bc6319738586388a721f3183237669b367f6e9ac00ebbd88c69b6b6d08a63c5dccd86d208e1f4569bdf48b695e4a12330f5789ee87b6bb2764a7070e012f018217fe8ed1326c09393fbabd6846d81ace22efe8ce759675b346ebfcdb23b74301ab350fe12e5ab614b582b557044f2a7a4cdb8974a2f4c077a4ba498b865fef5ef80a631f61454c487b01b1682f0acb5342da00962bcd3792cc483f88a66457c59b93e45caf785d4cd171d523fae26c8c86c38211ce02767887cd7111130030411db17e4d16e24cb9790ed487e99310d8c8a009c741bb1a36d492dd920dc341bd24b0f71459e746e9f555c2f8b5ae6cf46228d270bbf05dcb5b7e232aeb6c848c0bc4f98697155179fed80f4bcc1780f142eb46896418499ca6107da99fa827aa6fcfd21c3a4ebde44065b17b842c6913629e6caf3eedfb125364d90193fe73c4e59ec0c74180c0cef33bed95ed88fb7e4542f5b1e6c8dc94a727c7c3fd955fd85f91c9d25ec4596fa4edc8509c3d10a5a5040cf064314de698eff40de87fab76b59fffdc1f70d507b396f504af33bf9f948cd1ecf0ae8d8ca9a8d185af627876dd8e32d095ea11dc43a4374e1fc788719c411a9a9c5d07565cbd4e056fdd3849b8c10d3be53520f32fbd5ad1857d5f255ad5f319cfaff055419612417a9ba55a83ca1e8fca8828fd189a504d2945b637fa39dadbae917203526e62260edea644f88a4b711985e046679660b1e52ceb8ea746564aa7ae01b10825fa714904c83ecae89731b93fe7275e469929c6d123ae49064cd9a0f16e94ec36c69a966573eb9dd0ea0cf8119ca8f0a51ec7a5ae475dd96258c23dd463826ec7a6d0aeb78ab8e15eb67b381f524fb3d9aaea396749c7ce483ec9be1b4d1f0b105bd1f6d99add7d12249a0fa99b0bda23595358fab3bbcd3f8e8792da9839afbaa4f733b1b6d69d235e0358f9e7cc476711185ec9319a66c55da8670b9d57c7407f5a0562c933a6ab2348f55272bcd8121453559a5884254136b02fa5acc5ad7948e13074dc5730bdf4555f1cf86b57f3fe424b46efe83484614a5d011af4465823f6b2800b51cadf968a530bde437427925c097b6a2c077a9b197490fd6713d8a774b2166d094025946c2cf3677bc0ddace3055add91dfd4b0d8ecd375bcb93bd9a6ec088e475e411aa6c1e7da64eaae2f7b490359d5146f40a6fd55dcf82713cf0934293a5221d2e8f0d78e4d615a7e1372e82fa9cca327e71a9481bbf85f31834a936111b896a16578177b008d85bc8bdffe60edfd7beac263880bbbee70b425ec52ccbe99598d06cf0853a98b759c5091802f30fb1993d444cb358e8ff30f2a0eaebea2902c2f98bb6cc07b424490901b9716086e37b29c877a42390aabcd20fcd300100d24251e552105ad605ca37df814f01471e401aae404eca9a2142879ada4c4bccc766754f7346ede5e987da642bd3af2a792e57932e75a623a01c32c023941c423ee15b6814e95842d246ea92df2113bc8de343f631c1c49a911d21f267eaab4615bfd637a6115d18d57098902eca23f8981381cc93734ea2dd34cd53e5aef4752605fe05a2bdd9c448e87c4b5361fb8e198781c8f9ed940568655f05d76b06e74b53b58a1597ba81a3ff95a4a1bb70f5bbfe37b066a8610ecc34b572244714c8ace66f7ba7425b4ab948f7bcb9a9a2997fcb24f43a36bd517531b6cfe490ae71159cf0e0c631d8441699ef96475f78570d96af957d7b9e08652a06287f432f385815c4dac31164e142e052178f787bbde4db2acb130b93e5c1a009ab1aacbc6b194420403ddecb9f00a2540d777d65f2392d310bc02d1c5a59e18d7aba5866e9853b62e6e855a173b4d1616829c91c6e96524c5e526fb5a32a66d4fdaa2ce686b86d2899e801588a09d10146b6c6d92e8e5bc47c17c7b0918e57a003c83f8f30a6818c370d515785f5465a8deb9c51c4ecdfb7955eb2945af1d36fc76cca428f8072ce44883055500343238f6b754424e4866144574cf386155199f4752aaff6d9dda893ded45eafa9bf2c7a0259e4760f90f0df410511ddbbf6499b0f4d5ec4b6ae5a227d2f1cc3096678e552ef2d68a3941e9a28e1f16e473ede88dc587b01b123fe311d2d7466643de7f60e8e2306f7043c0d5b7ed05bec854f17444b520156c5382b504d945b4f96a921be0dac6e0446987cf396c7badff3533ef9619678b532b8e7c7d7e140a352f336fc2adf5a64bef3ea8b1be64c3096d13ea83ad9feb0e837ae7ead45bb7d5246564cab63f4c6d31b68d8a29b79cc816beb92f293a09503ab37c2f5ad9a1958cbdbd77759f86efe24aabcb375079228167e1207de90a64837dc8ea6f56691ec663ee87076c072c46900164ccaf67d35358b7a16bb59e4cace0755a465c906bdf1b8cea913380a6baa3c171d872bd46713022906df0a7c0da6938d2ac95ab63841acfcfadb785c3877440011248538586c405069c668bc691e2431e363a56ddce370444d5e26fff8e454e98e2c40ab29a01c4d1346cfed567fe35fa6c99994d441f8c0e6e4d1cc8bc972620daf198d06669db25c7ec20af5375ebedbeade54bf999a9e61b8a40f64c8266365e0466aa97b628a1b5337602989c6fbfffd293c82ae60a713f8bec9dbb34aaa0293176b770d5102f9168d38f713594794419c2c109ee358f8f4dcddc60f7b64ef50078b96d386244e50ef33d1d50cf05e2739e8f39030473e6674e2f2968a4c445a1fdd76da106bdf073f3d9b5e51016ed6d4c77e7bfc52434549b5b936d5df1635e420b6b1c9e84de9c9c98692a79d7e937c723ef4fe9e7acbbbda33a2f5562185cb3e25ffae674f8a5beb2a8cff84656137c85bd7d7b5948eaaff1dad757125798906f7d1689ae4342804988cb329382dd60fd7a3b27621895660ee25c0e86184758fee7f41462fbb9b7016ae46918ed0a88", 0xfec}, {&(0x7f0000000700)="9c7fda5e543d7dc447442af79e0ad225a3b9c36d535cc4be9be7ba9f2bbf9255f73f20703984e5de2ae04a8bb5eaf571ad3d1641", 0x34}, {&(0x7f00000007c0)="f5f8844ef71ba0f86bdd7434620035a7edddfa0f398c59e37bc6018e6aa57c0ba22486b112d175d1a91053781ffc77213dd26cbdfc3de02490437039ce89356236a1efef5f3da4d50e109db8ca05f4cfe3292862200219c4b8827b7a454e82eee1ffd10542a934c5f5bee6d0de751ee60ee7365bd24f319e6fe7046f8a09001be2c4e93aed4a3c0b064023d12e9ccb9453bf5540781b2fbb1cc4aadc18b6c3c119807d3e76aae57c60e0843e63a8da5ad76ba74e7880caa240900fc463c234348818b744dc153a445a80f00938cb341306362bc528f637028777e246eec9d377d1fa0bb7f868c0f55d0cdf0747ad9a000000007f870000000086e08f81cb9a49b960205dca9e71edbea92c90794a41ccf86e9395af46a12ffa34ea5f4cf5863468585a62a0842ee3bd1f06ffa0efa98f94702da0f0068d4dd7717c71d15e86af0a572787", 0x144}, {&(0x7f0000000400)="9013757eae904925b191d7162101b2012e2daeda3d13909edf9fc8abcc5e167eb042b08ef17fea850161fd6ea6f2ad95c53cff6f310654b17daa95b40000000000000000003375b0ec9e40ce484b446cb21b1a9cfbcb6fe412757ef7594be5f170f7ce83e6844e4b4ecd3a894cdb63f0d63d3e2c7a7f92", 0x77}, {&(0x7f0000000740)='\x00', 0x1}, {&(0x7f0000000b40)="525924bcb453904a3f506b317e3c2c1a05cdc55e93b843bf61072a6e792217a1a9cfb31ad924c6f2934b8f4457ce1ee749a9c4c75f66b559e91b4c0b7361d4d987ea53c021324136ce90a39952", 0x4d}, {&(0x7f0000021680)="78baf8b70c32cfd0ad719af0ce76d775b8ec4acf0f9097800dd5c4fc2151d5e66a525fd34749c0fce528461d6d281a343e90a13fd8975cd476fe73ac38f76fd30de393c725b1a56d873f38d4b92899dc2585e241fac094edeaad3e013aa8057bfa1d6fd142847fa0d295b7d241572944f0905afd3de65bddd796bb870908b042f869ca5a8d8fab68a36c6f7f93f98fdf7f51db67e80b9bf080ba991f3db24243fd41685b174a899c16efe3917f552f6f5183938a9236c99349ec5859ec0cbc38de75cf4334e6fa76aea3c3aa26cbf1563f4c42c03a5d54d744540706afc9d460cd3d0a3303c3b93834b38ee901a4a1be1e57f997829b44b22b74aa97ddc229d00327327dbdbfbeaf0c42710e162835e7b3bc960df1518c50c0b7a96624e27d0da07d14400712180f6253c48dd09922d0f1214ac7933da7ccdbec6ff4b87ad638e815d632534e160a64c02424290f0e91d4c0e4c1f4d38ce28018de18749260abc8a057f614338940ba48c4bdb27d58946d7907f5d2a382ed47c4424d987d569876f6e50c7be77c0fc4cee4bd852ed97d95528e860fe120f5a7f4d7a0fecf26a9e44c1639fba04e5b5288e5079960cae4edcdf483343c117b30617f28e84e7417b9fb485ae9f8ec227d653864cc4ee195c0c9c99065662731443f475dfc61753420097c8356360f4747d07e95e4674931b432a42c5945901d4a55cb126151b5044e8f2477de9a6beabc0272d553449b5cf6119623ba4d9d83fd99812e19350cafda4259857ac526564dc64b91759c75cdcd9775d1b91b759d0080c1156f387601ad59e8c9489a8c03c0af08189d0b3e87bf815635b0724c9418b1a218d1f80c864bcc78f0f4c4a43a531a08ad8e4b071897136f6786abb397167e45e60f8763c2e6cc4d4f3e93a068158de2af75b2b295281736bda4d7bcf30e387b1cb5f502e7602819b338b44ea735e0c991c898ab4b2fc78e10fa8f8e3909918a1faf9edbc4015d9e3608b3dce311e834c07f119364a814f8864145d5c3b938ed416c7d91d9fe8a23561f10cecb9db3bfda568c40f585fb70658ef1279002e0f0bc4727ab46721c8dbc77e2e2a60d2ee74b6791c10788e219b7ada82eb5d6155c5ee20f7d79d2c555ca09b5c34b27c143a8f90b8b4cfb1d0293e3cf9c6bab55ccfa5a4afc430bd7ca78947253aa508e69c2ba10f79559a7f06a648c4cb7776a46e6dbc7dc41aef2fe13f56e2159d68abfb84006e0bf43e2da6942811564f2fd812d8f0c59a895ac54767a9eba16ebda0c157f315755e43094e08de65f7c5485829a2a4cea9babff498a0bbae221b4325ca42cc386d7a845ea0e87c597cec013f83e23294374eb87bda24383d04982cd4f3c9d0833493e095271da8aa124a75435cc3ed6aa095b8d21746dbe549a929df6737045fa262b8c1132383f0676c07454bda97d3525419b356c06dd4d7918e7e88a1c110c981467a0c2f8885e12088c57d099dba87b02d13c03af9acaac1a0e7929adc3a53d429c55ba3131e6078b6f1e40096f3fac5578a058c9f216e43b29eab162a37bb175af0424be25909e001ba0cb136f1546247e1ecf05d07609baea409a2a7723d2534415b96192f21ff258b8d8ed4db5bb029c67552f68d7632a3d8ef6c904d926400a7e0d92ef3cbb97acf07b4ef63305aecdf9dc7a19e9202b5d9e1fa668d3aa1c0235fafc584efad2564b2d9d3849d2a32036ded32bffebe9c9c0878a2b41db885bef444ef71ae6c8c7b45ec301ca1a158b5990047af2b7b28a04ab7ff16cd320924ac54b29b162d20dbaab69722d5b4e45404ae786e73c5789061d5655c865eccfac2ffc9517560ba3079829f8d60df5b29da876d56c6ffa3c4dd7e22d40508ffb577d48855d84e40850e5a73e9ca4c866f375cbfffd83bb4a4a75cc4a64c4a8c6de2f4af18318c52ce531d80deaeece026b7b07a1cc9dcde767085cd5769e283e35cc7734854d1e174922aaa8f0f698a80f1f6e24de1ae03500b2e37899b1d8042f4a24ccd382b8f638e940c648e5fe0a831380e6998c4a016eaa8b458b8cac9f375e69c7d1618a714379e682aa829c1b152a681eb12584910e8c347ef78db47e8a7860e98ff1e86af65094e3d3d788dcd269e2090e05c0d4dd338f1b56af4baa6ce67764f6473c34242ef76a8c17d36a1c567f2d4b65952fb2e66fef49d5a03954c70f7e54a74f4fc8294699cab4ecaa72f0b2ccde99245adfa4a15c4115174823783317f913c330098bad8d369bddb06fc53c9d20f021db7bc02ba264c830da992bb4d176bdf81008f4f20270a65fdd32e40c986b9b00aeb60243e4a6fe566ec5630466b4d52924b801e30550796f6441e46642e0a05c9740f6e54fe53392ed634050542c6989fe750a212225ee2a785df93d3ab00faca2a89a8dbc77bd94022f4138108599a8eacc821aa18cb00acb6e3d2fe0d18b4bca0c6ef00a55fdc7b2d477bc5b3da37d3d6afcd9ea39f9291cd3b9e0374cb92f7761c0556e0a13e206ea64581ec4a6b1b14f2b2ac320057c4587e6ff608421a5da53ca96cb14a919086519aecd281dbbe05c501eb9c2edf6d61828f20e6a3e7010d752548875520fdbeec0e8cdb2a661d8b8a3a56c7657a170d927f225ceab9dc8db887d1961572d2875baeeed00f2fddb87e43359fdb30e702581b19c0ecd47fe2d5e49bb675d750c0c2e7924ee763f0746dffa19f29cb1f4163b3870d5af1277fb9b2e2356e075c6e28a6ac4c6c5a9ac7de83482f3009985632e404dd7e8b3d374415586e6cdb408a7a8eac053763c92d380a878ab45c0ff7e37e305ad53810ff32958913fb4ee3f98e572b52defa294edb616e101eda6d6d1429b9a751dd97eef4d75739b11fe5967f785b4ba04b06761a2869d53091e65196a4bf2ab0ea7205bdb71b64fcda4b4a3f0aed0c20e93e9543a4c414db1c52f32ce3760f2adaeca6c90ce1546776b804f7811820053a867606b36285ffd2ee145d1c9f7d3737a3e0c48bffc1bc1010d56508be96d0bdfc2f6d2f20a3034c2497ff4e839539521b0c1f6d47d2e9eec633834ff06445d1d0f2873f8136f5407e8fcbffa57bd13d01face83c3b2e09e4d46c4952328499df1b02a92864bf3491e58b1e278ab4e8a1256da98a994b248933b01700b60ad0f8bbc76644c52c46aae7edb440555c5324f39416654e7701b48563829d97dbd7783a10d72fa80aaf193024ff2753568a87e38bd205fc1493db09172197c804ff1c4f8811709a61c6895c52a43236c367a75801ee5ffe5ae70b4ea7527bd08c53f974a3767cfd675a9913f2d3d07f5c0dd99f574444a23e146399a6ef29740370ea18c6467a070f6f933f392fb05e3b2fca0a27b5d9413c410419469ef08d9d8525c96a370bdf01970688f456b1100a12e5338c8c9e07b34a3c27622ec210570f767e00e0af966a2475048b2a436a44b46ef4617cfc6d667e30f5a8e48dadfe1eeb88c25254b393d07abdfc5e6f21dd2162baa480c289bcec5c06a07a0c277db2c42809a002874c5995aeb462b40e8351cf25191121ac22a252b71567d92fcb9b5b6bd28f3057ea28f5cac09cf37346ed4e74d53efb85898075fcba8ec4ee19ff3605cbbf55f9abae193e38576f6fb0b7d29091de97566716cf31043d6585acfff97bd9a9670a441ae78a858a5829240e62ec9dfb07bcb2559a31f86488fd6ffea2c6566e26458fe5eb34dc418a9f92ddeed9663bb916180ec8fa36bfe46b62ec962bacae522d4a5aa71d8392909b9c44a680a5dced5bada64caa79a327731f9efc396dd9ceebb878796ff59a8eb5bd06d9e20fcef6f50ed6a5c47c9dac43bded1cce6098a55b6a956075c772db6021785df8d1814e6f7594ddd00e8847dd2cbde4588d978af3be7e36dbfb88b45fbc9f62861ede1d312638bccde2b468f86ca061f79911259000298a4f7710be96429cba07530fcb5f61cffc621413ce770d2509511dfea3bab91a65001ae11879d6ba24a4ae5558a01d34e1ca56390d7a3fa8739af6d5a3c39d12febce64593c1d9d0f28e913ef8de0cf89f4b0c222133009c4873c3cca4126bcb86be3120b8de88f7e12d995b6a3ad96aee025673098e9eae2c77ebd6d51bdda26a1b9f69f6a7d20945981a0badac1456a94e70ff631def95b849f622da54b546ba3e7d49238381f83e537eb27b0c001c12205e1f0e9225a71fa02989d50565a115dff42cfbe87387f844843ad9e19d6faea614b70079e54642c82fdc6150077c1dd227bf9852ef12f070e52b9e3d3efaa69909be990b6f331d6266cd7588569b3c48f8261eadadda95c373957f8b0f311f333405bebdb52e247d59a7c25e2fdb8df9c18434ac996fe0add1e0875fa71520057b2709962b9ae22e45b1dda5fab3e3952c0a4891cc0ecd8dac1881c565f0ca1424bf755f5d343bc51ec296e30602c35fe7009568204e101eb1bf512d92e1c8404df50ed1debffcadedee5515e8f3a92759c6e2ba45713fbd55822d3d31acd46f5805efa2a7cb841e428116f2c7fce02ed9c828872b52825645fede8caa5077b3a20647928223bf94c1a4f80bf2eb51ee62e8bea16f148185dbe2a0ee142d9c4c9ed8975dd50ab3a4f3d667243c448c3238a4529cbd8bc7e7a41d380ef6532696754f32b7f1eb4c5e49b31757b6b86a9c339873561148162d315cc3835efb60b9e5a56adb9bc9a9f55b19f0ea2170a7e6a51065df351326f5ffa81637f30cac9b81086161697dc76e445bd446deddf11c8e2f87c6358e20000c63e203ddb780c6499502b4312d05669fd2a982efef3f4224e356b8fb183b8fd4e921f7b20364d872b677a28d29a02d1c55790b47f8e2e322666ee48b0363ab02468f734acabdff6067402162b90c3592f946cb4f3069bbb4ebc7c873995a165d3b5f23eb6647ed50fbfb282374c54622e9104a58300fa8d35be5cf8a645159f02cdfd276e1eea8616c765c4f9b8c6d5cb1fd7d907e483cb5958069671aa3ceb0a1837c7ae593fd319bc2413276d5be097e71ed54b191a4e098d2b4b0303fcb10c5c01773c8d8c9bb422a99fe30e93fb60662282574da55e5e08edd62930e2d3035fa8e59cf16bb9da5894b2578db55d260f81eb311ded45a195b51735aedac9ae39912418577fbda273bf6f953f087ce82eb389f1aff79ec6742af8fc6f079fc1e5eb9b30e227347e3a00ce620959536974850d33ffc255ca76310116ed7710ea4b5212068fd5d0a2cfc997f6e31a85cdfeb89262d60ea0aa8f80c302f46b84e14beabbb1a448d7b2a4b24fcaf5f78d9f31e6626afc62fede6631c77339277057417a32b20715c9ee22cc38e87113f484541c8c51f08476e4426bcce8f59e2ef8aef2f2a65eda141a5382735ec39e54fc7934a785b146dc55923ee93b5cc1abce80b1c3ecc6434ab272b55d870c4017008d0b203c5b73ab17ae39aad80b6c52157f47655c1c1792d7d3e63e716380104975936d2e6024f60f04247d7ed607f720a6fef71daa754238dd14d3dc0b8375fb13a4fcaab21aa934e7e4c3f0f8021e391054a3300d3e41e5643de7938bc4c92ed087f295bf5c884acc2d61f0d16943d4dcf3b5d7fdb7d2ebd08cc8ed8dc1bcde2ea93ff12848b8d91f23227a06e3e0b3fe3c940a6f3a97f0c5d2a3a3696e58bf896ae9bfb5c6970d2e2463c373e3462faebd1698a8739e56589f1461861aecc7f7f5e9b0e0394c30cc6b8c6f2331485d7b98b92821e69afae668876dac4ebdb36553e5f9320a28d096dabc090039621afea7eb0bf496468c082466259fbef04cc33644d4dbd153d96d0109ef82a58a559c9e5ece193cccb6187e45703d96e6badf54e38bf4b16bc74f29d376d952b222cbe1c1bb4a293410693df17df0ac9b6b109066c4ffa78997302ed9e4d38d3fb7ac7cff49d4d40ac753c5743800aad1a7a309b6932efddc3d188c4a2206a9d8021c1f70a95569e3be57d4c53510db9885fad27dc32774c42e9fb2857240a2e", 0x108a}, {&(0x7f0000000380)="90f6b6ba29c9b52d4fda4693f16d19a628d7333639ed12761fd585f49efd770eade7a67e8ae4e8a28713d41c65e333eb223275bdadab69fee4f8c3a0027f87ecf641817d7c8bc8fc20c9ae18a274ddedbee77c7d284e372845b92abe0d55b9c5ac33a6718766ed818d7b624f4016926d0df8e84efb63e8f5356b834d3c", 0x7d}], 0x9, &(0x7f000001db40)=ANY=[@ANYRES8, @ANYRES64=r3], 0x2378}}, {{&(0x7f0000001740)=@caif=@dgm={0x25, 0x7, 0x17}, 0x80, &(0x7f00000000c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="000100000000000020010000080000007701777809cc8467d45147eaa79bfba5dfde105e7498ebee08db933f76ff9ef9935e1cec98c6b85690ea463d581c6ac44364f87b06fd502c60a11e827f27cd13b084e6210714169d7c7cb8daef87d05643630b0cd4db5abc7f7846a4f0cd81d190d2172e5298218bff3d53e9e3d1bc888d45186fded7fae18962ba4d577c73abf6fb55e5c3f4a945a54bde243b5603a9712170dff4ef6548ee7753a9fea5c67c2a092c915b1a7b02d62f77aadff4e20fd2ba9f0ba82ef9d41e275e5d0bb94f93707fd57c2268f274c4299547c6eb14259c2fb4b4956429690b23947d2e04f9aa9b991718428acb13253a1dccc2f4b3ca880000000000000012010000000000007e87c6bebc2fe3b3a4cd75fb0f99c3740584f2b01e438487655c5dc15d2387bdde98d8df7223fade70abdaf289918bf7487787ad074cd2ad14a1576f98a923f469a7cd46afdc3d9b7707da9c5b9742e574103687108417bc82ad390769392b8c2c33ee380d1fb497c975d6d880d8a401eb605b4b0000000008010000000000000b01000007000010c4c1d1fbe504ef3f46cd4041db1ee39329dace5a27215e3524d80bd1e80f02000000cf73722cac462cb7bd44de28b71bffa5fcff5af718916310d34ebf745064d0e10e49502d17f34704a046ab5d8443263bf6faa94303acb7cbac34332ec4010fb2f41c64a49a3530c4d516b08baa005922036b7c5a6b685a6612d16e617801ad8888fc208907150e58b024d22727d8ce171e7e2930b463deb414171b018959efa9c547534b8e0a53f0fa20f1b44b54d1f4be7fefe4177cdcab53fbf75a68fa20386a10572c159e64f14ba27cd15a1fbe70b400940373b297f0a142fd0d1f7666ef91df8c3eb624f6603ef34cf5f874e7c000000000000090000000000000000b01000003000000456dec3b75641424fa2a3a2a4eb04c464723eb8164e532b1efd469382ebe21ea4081e55fbe320660b5419d600b5350b6b0dcf2dc4df87bdb1ca126806553151a4f98844b8b7e7b7821c3ea8c568ca61a15ab89"], 0x3b8}}], 0x2, 0x24004014) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0xa4200, 0x0) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) getsockopt$kcm_KCM_RECV_DISABLE(r5, 0x11c, 0x1, 0x0, 0x20000000) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000780)={'wlan0\x00', 0x0}) r7 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r7, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000060021000000000000000000000000000000000000000000000000ffffffff0000000000000000100000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000e501000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000edffffff00000000"]}, 0x3c0) syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="0400000000000000bd0a9a71ec6aa1aef05f91759efcffff8016ffffff1f885b94bef46565ab7cf540c6e0e00759de054f0ec08aae19ab"], 0x9) sendmsg$NL80211_CMD_GET_STATION(r4, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40008}, 0xc, &(0x7f00000004c0)={&(0x7f00000000c0)=ANY=[@ANYRESDEC=r2, @ANYRESOCT=r6], 0x44}}, 0x24048050) open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) 1.164370752s ago: executing program 4 (id=4291): r0 = socket$netlink(0x10, 0x3, 0x8000000004) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) getpid() r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) rt_sigaction(0x13, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000540)) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000007c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x330, 0x160, 0x12, 0x60d, 0x160, 0x202, 0x260, 0x2e8, 0x2e8, 0x260, 0x2c0, 0x4, 0x0, {[{{@ipv6={@local, @remote, [], [0x0, 0x8700], 'veth0_to_team\x00', 'macsec0\x00'}, 0x0, 0x118, 0x160, 0x0, {}, [@common=@mh={{0x28}, {'SA', 0x1}}, @common=@dst={{0x48}, {0x3ff, 0x4, 0x1, [0x5, 0x270, 0x4, 0x0, 0xde, 0x4, 0xe9, 0x6, 0x1000, 0x8, 0x3, 0xfe01, 0x1, 0x5, 0x100, 0x9]}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x0, 0x0, 0x8}, {0x0, 0xfe}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x390) ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r1, 0xc06c4124, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}) r4 = syz_io_uring_setup(0x1f88, &(0x7f0000000080)={0x0, 0xfffffffe, 0x13580, 0x2}, 0x0, &(0x7f00000004c0)) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f0000000200)=[{0x0}], 0x1) io_uring_enter(r1, 0xd6, 0x100000, 0x4, 0x0, 0xfffffffffffffe30) sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)='}', 0x1, 0x0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10) sendto$inet(0xffffffffffffffff, &(0x7f0000000280), 0x0, 0x0, 0x0, 0x0) ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0x4) setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x1c0, 0x0, 0xb, 0x148, 0x98, 0x148, 0x128, 0x242, 0x240, 0x128, 0x215, 0x3, 0x0, {[{{@ip={@broadcast, @empty, 0x0, 0x0, 'geneve1\x00', 'ipvlan0\x00'}, 0x0, 0x70, 0x98, 0x0, {0xff0f000000000000}}, @common=@unspec=@NFQUEUE2={0x28}}, {{@uncond, 0xec010000, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x220) openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x10000, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000120a03000025d9000000000003404e20000020000000180a05000000001300000000010000010c000540000000007f000000140000001100010000000000000000000000000a630c1100"/107], 0x68}, 0x1, 0x0, 0x0, 0x4000}, 0x4044040) r5 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100003d37d840890457e00000000000010902240003000000000904"], 0x0) syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(r5, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000200)={0x0}) bind$inet6(r1, &(0x7f0000000280)={0xa, 0x4e20, 0xffffffff, @mcast1, 0x4}, 0x1c) capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001400add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1) 1.111802454s ago: executing program 1 (id=4292): syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x4b, 0xdc, 0xad, 0x40, 0xa766, 0x7cb5, 0x553a, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x8, 0x2, 0x50}}]}}]}}, 0x0) syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101101) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, 0x0}) mq_notify(0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r1, &(0x7f0000000040)={0x18, 0x2, {0xffff, @loopback}}, 0x1e) r2 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r2, &(0x7f0000000040)={0x18, 0x2, {0xffff, @loopback}}, 0x1e) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) accept(r3, 0x0, &(0x7f0000000040)) recvmmsg(r3, 0x0, 0x0, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) socket$unix(0x1, 0x5, 0x0) write$binfmt_misc(r4, &(0x7f0000000080)={'syz0', "f5623c43ee27d1b86554f44f0592e9e8fe014b5c90a7ebd09a17bd5586b890e7f2e881921e70f44afa899edeb52715dc4db5"}, 0x36) r5 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) lseek(r5, 0x8000001000000001, 0x3) socket$nl_netfilter(0x10, 0x3, 0xc) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000040), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r6, 0x0) select(0x20000048, &(0x7f0000000040), 0x0, &(0x7f00000000c0), &(0x7f0000000100)) 869.442103ms ago: executing program 0 (id=4293): socket$packet(0x11, 0x0, 0x300) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000540), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) syz_usb_connect(0x0, 0x24, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'veth1_virt_wifi\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=@newlink={0x40, 0x10, 0x1fcb7528088a17a0, 0x0, 0x0, {}, [@IFLA_PROTO_DOWN={0x5, 0x27, 0x1b}, @IFLA_MASTER={0x8, 0xa, r2}, @IFLA_LINKMODE={0x5, 0x11, 0xd}, @IFLA_CARRIER={0x5, 0x21, 0xf0}]}, 0x40}}, 0x0) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, 0x0, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x0) openat$vsock(0xffffffffffffff9c, 0x0, 0x0, 0x0) keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$inet(r3, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0) close(r4) socket$nl_route(0x10, 0x3, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) socket$can_j1939(0x1d, 0x2, 0x7) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) socket(0x22, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) userfaultfd(0x801) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) 825.405977ms ago: executing program 3 (id=4294): set_mempolicy(0x3, &(0x7f0000000040)=0x7, 0x37bc) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) openat$dsp(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x17, 0x0, 0xe) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x1010, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x8, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x2, 0x0, 0xc1}) ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f0000000040)=0x2) close(r1) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062430bc068829afff36"], &(0x7f0000281ffc)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0x20, 0x0, &(0x7f0000000240)="5cdd3086ddff0066b3c9bbac88a8862c00dffd0013dd00000000000000008100", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000180)={0x24, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="2f118174a9db3b934e6e19bd3772f2745e1d98fc849ab2b404"], 0x0, 0x0}, 0x0) r3 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb1000000001020009050276"], 0x0) syz_open_dev$evdev(0x0, 0x0, 0x0) syz_usb_control_io$hid(r3, &(0x7f0000001280)={0x14, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0003040000000403"], 0x0, 0x0}, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xffffffffffffff1a) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) sendmsg$SOCK_DIAG_BY_FAMILY(r4, 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="580000000206010100000000000000000000000005000100070000000900020073797a32000000000c000780080012400000000011000300686173683a6e65742c6e65742e3ac414c72e198a9f79f27a433700000008000066c857fbc44e05acc1245d2bdbe919ec23f63c6b9827f95b8a326539ad471aae2917186579d1d520fac9c09d77334e7c4910568dd197a0b8d0605a2987a28a3b33a5096a663aedab9aec712d73e64aade46ca5c5b4f6b08cb16297b8e58b02b8d4ae4e509322be"], 0x58}}, 0x0) sendmsg$IPSET_CMD_FLUSH(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000000406010100000000ffffffffffffff040500010007"], 0x44}}, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x1c) dup(0xffffffffffffffff) 0s ago: executing program 2 (id=4295): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000001c40)={{0x12, 0x1, 0x0, 0x1b, 0x47, 0xf9, 0x8, 0x4102, 0x1020, 0x100, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x88, 0x0, 0x0, 0x20, 0xc4, 0x3e}}]}}]}}, 0x0) r1 = socket$packet(0x11, 0x0, 0x300) setsockopt$packet_int(r1, 0x107, 0x11, &(0x7f0000000040)=0x80, 0x4) r2 = syz_usb_connect(0x0, 0x0, 0x0, 0x0) syz_usb_control_io$hid(r2, 0x0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000300)) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x14, 0x0, &(0x7f00000003c0)=[@acquire_done={0x40106309, 0x2}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000500)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfc}], 0x0, 0x0, 0x0}) ioctl$BINDER_GET_FROZEN_INFO(0xffffffffffffffff, 0xc00c620f, 0x0) syz_usb_control_io$cdc_ecm(r2, 0x0, &(0x7f0000000580)={0x1c, &(0x7f0000000340)=ANY=[@ANYBLOB="097eb3fd694ca71695959da4d472f0a1037f7d43261687544dd86e34d27102d1ce7a5ff0794b6b51feca10df88d8468e87040e06a31baf8105fc889837786f0994bdcb80aa0bb0ce3571516dccf849e5cbfd9607c1d8d6e558e6599e577cb5823bb7a0e3c52fb8d41231d413e5a6686bc1512b2396"], 0x0, 0x0}) socket(0x0, 0x0, 0x0) r4 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000080)={0x19}) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0) mkdir(0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = fcntl$getown(0xffffffffffffffff, 0x9) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000180)=0x1, 0x87c5) write$binfmt_script(r6, 0x0, 0x0) shutdown(r6, 0x0) recvfrom$inet6(r6, &(0x7f0000000280)=""/31, 0x1f, 0x40000102, 0x0, 0x0) sched_setaffinity(r5, 0x8, &(0x7f00000000c0)=0x10001) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r7, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x20, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="7c000000010405000000000000000000000000000600064000000000080005400000000005000100010000000a0002000000000000000000080003400000c018060006"], 0x7c}}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000000c0)={0x84, &(0x7f0000000000)={0x0, 0x0, 0xa, "b6e448cf56cae905c4b9"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) kernel console output (not intermixed with test programs): ? [ 1126.301613][T23686] cp210x 5-1:0.0: cp210x converter detected [ 1126.501733][T32327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1126.572558][T32327] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1126.582967][T32363] xt_hashlimit: overflow, try lower: 3/0 [ 1126.711038][T32363] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1126.805266][T32363] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1126.869060][ T29] audit: type=1400 audit(1723594638.566:1947): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=381CD2A12F2F pid=32358 comm="syz.2.3936" [ 1126.888757][ C0] vkms_vblank_simulate: vblank timer overrun [ 1127.195346][ T5287] usb 3-1: new high-speed USB device number 46 using dummy_hcd [ 1127.374071][T23686] cp210x 5-1:0.0: failed to get vendor val 0x370c size 13: -71 [ 1127.395107][T23686] cp210x 5-1:0.0: GPIO initialisation failed: -71 [ 1127.410743][ T5287] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 255, changing to 11 [ 1127.458317][T23686] usb 5-1: cp210x converter now attached to ttyUSB0 [ 1127.465074][ T5287] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 59391, setting to 1024 [ 1127.520100][T23686] usb 5-1: USB disconnect, device number 80 [ 1127.535132][ T5287] usb 3-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 1127.560943][T23686] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1127.584486][ T5287] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1127.614521][T23686] cp210x 5-1:0.0: device disconnected [ 1127.648512][ T5287] usb 3-1: config 0 descriptor?? [ 1127.656751][T32361] raw-gadget.4 gadget.2: fail, usb_ep_enable returned -22 [ 1127.667217][ T5287] gspca_main: spca561-2.14.0 probing abcd:cdee [ 1127.904638][T32361] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1127.936973][T32361] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1128.003827][ T5287] spca561 3-1:0.0: probe with driver spca561 failed with error -22 [ 1128.056787][ T5287] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 1128.081750][ T5287] usb 3-1: MIDIStreaming interface descriptor not found [ 1128.115120][T23686] usb 5-1: new high-speed USB device number 81 using dummy_hcd [ 1128.218050][ T5287] usb 3-1: USB disconnect, device number 46 [ 1128.286267][T23686] usb 5-1: device descriptor read/64, error -71 [ 1128.438622][T32433] binder: transaction release 346 bad object at offset 1525465, size 72 [ 1128.586410][T23686] usb 5-1: new high-speed USB device number 82 using dummy_hcd [ 1128.805585][T23686] usb 5-1: device descriptor read/64, error -71 [ 1128.955480][T23686] usb usb5-port1: attempt power cycle [ 1129.003836][T32443] netlink: 'syz.3.3945': attribute type 20 has an invalid length. [ 1129.205332][T32448] FAULT_INJECTION: forcing a failure. [ 1129.205332][T32448] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1129.248201][T32448] CPU: 0 UID: 0 PID: 32448 Comm: syz.3.3947 Not tainted 6.11.0-rc3-syzkaller-00010-g6b4aa469f049 #0 [ 1129.259006][T32448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1129.269055][T32448] Call Trace: [ 1129.272327][T32448] [ 1129.275251][T32448] dump_stack_lvl+0x241/0x360 [ 1129.279940][T32448] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1129.285139][T32448] ? __pfx__printk+0x10/0x10 [ 1129.289735][T32448] should_fail_ex+0x3b0/0x4e0 [ 1129.294407][T32448] prepare_alloc_pages+0x1da/0x5d0 [ 1129.299521][T32448] __alloc_pages_noprof+0x166/0x6c0 [ 1129.304747][T32448] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 1129.310461][T32448] ? __lock_acquire+0x137a/0x2040 [ 1129.315495][T32448] alloc_pages_mpol_noprof+0x3e8/0x680 [ 1129.320955][T32448] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 1129.326935][T32448] ? filemap_get_entry+0x123/0x3b0 [ 1129.332043][T32448] ? __pfx_lock_release+0x10/0x10 [ 1129.337064][T32448] folio_alloc_mpol_noprof+0x36/0x50 [ 1129.342356][T32448] shmem_alloc_and_add_folio+0x2cf/0x14f0 [ 1129.348073][T32448] ? filemap_get_entry+0x328/0x3b0 [ 1129.353177][T32448] ? irqentry_exit+0x63/0x90 [ 1129.357763][T32448] ? __pfx_filemap_get_entry+0x10/0x10 [ 1129.363214][T32448] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1129.369363][T32448] ? shmem_get_folio_gfp+0x176/0x2370 [ 1129.374728][T32448] ? shmem_get_folio_gfp+0x231/0x2370 [ 1129.380100][T32448] shmem_get_folio_gfp+0x8dc/0x2370 [ 1129.385342][T32448] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1129.391002][T32448] shmem_fallocate+0x9bc/0x11d0 [ 1129.395874][T32448] ? __pfx_shmem_fallocate+0x10/0x10 [ 1129.401166][T32448] ? rcu_read_lock_any_held+0xb7/0x160 [ 1129.406626][T32448] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 1129.412526][T32448] vfs_fallocate+0x553/0x6c0 [ 1129.417117][T32448] __x64_sys_fallocate+0xbd/0x110 [ 1129.422140][T32448] do_syscall_64+0xf3/0x230 [ 1129.426643][T32448] ? clear_bhb_loop+0x35/0x90 [ 1129.431318][T32448] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1129.437203][T32448] RIP: 0033:0x7f44ec3799f9 [ 1129.441613][T32448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1129.461214][T32448] RSP: 002b:00007f44ed163038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1129.469622][T32448] RAX: ffffffffffffffda RBX: 00007f44ec516058 RCX: 00007f44ec3799f9 [ 1129.477590][T32448] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008 [ 1129.485554][T32448] RBP: 00007f44ed163090 R08: 0000000000000000 R09: 0000000000000000 [ 1129.493518][T32448] R10: 00000000001001f0 R11: 0000000000000246 R12: 0000000000000002 [ 1129.501482][T32448] R13: 0000000000000000 R14: 00007f44ec516058 R15: 00007f44ec63fa38 [ 1129.509458][T32448] [ 1129.512482][ C0] vkms_vblank_simulate: vblank timer overrun [ 1129.599335][T32431] binder: 32429:32431 ioctl c0306201 20000280 returned -14 [ 1129.669124][T23686] usb 5-1: new high-speed USB device number 83 using dummy_hcd [ 1129.775652][T23686] usb 5-1: device descriptor read/8, error -71 [ 1130.065307][T23686] usb 5-1: new high-speed USB device number 84 using dummy_hcd [ 1130.106045][T23686] usb 5-1: device descriptor read/8, error -71 [ 1130.123907][ T29] audit: type=1400 audit(1723594641.806:1948): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=381CD2A12F2F pid=32461 comm="syz.3.3952" [ 1130.240158][T23686] usb usb5-port1: unable to enumerate USB device [ 1130.322744][T32476] ttyS ttyS3: ldisc open failed (-12), clearing slot 3 [ 1130.435119][T32481] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3954'. [ 1130.446711][ T5287] usb 4-1: new high-speed USB device number 65 using dummy_hcd [ 1130.666366][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 255, changing to 11 [ 1130.709245][T32492] fuse: Bad value for 'rootmode' [ 1130.725889][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 59391, setting to 1024 [ 1130.778843][ T5287] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 1130.817083][ T5287] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1130.863583][ T5287] usb 4-1: config 0 descriptor?? [ 1130.894378][T32462] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22 [ 1130.933268][ T5287] gspca_main: spca561-2.14.0 probing abcd:cdee [ 1131.143875][T32462] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1131.173519][T32462] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1131.218618][T32504] xt_hashlimit: overflow, try lower: 3/0 [ 1131.277536][ T5287] spca561 4-1:0.0: probe with driver spca561 failed with error -22 [ 1131.357602][ T5287] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 1131.392124][ T5287] usb 4-1: MIDIStreaming interface descriptor not found [ 1131.622004][ T5287] usb 4-1: USB disconnect, device number 65 [ 1131.727761][ T5276] usb 5-1: new low-speed USB device number 85 using dummy_hcd [ 1131.904106][T32541] FAULT_INJECTION: forcing a failure. [ 1131.904106][T32541] name failslab, interval 1, probability 0, space 0, times 0 [ 1132.010709][T32541] CPU: 1 UID: 0 PID: 32541 Comm: syz.2.3960 Not tainted 6.11.0-rc3-syzkaller-00010-g6b4aa469f049 #0 [ 1132.021544][T32541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1132.031588][T32541] Call Trace: [ 1132.034859][T32541] [ 1132.037789][T32541] dump_stack_lvl+0x241/0x360 [ 1132.042467][T32541] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1132.047676][T32541] ? __pfx__printk+0x10/0x10 [ 1132.052291][T32541] ? fs_reclaim_acquire+0x93/0x140 [ 1132.057439][T32541] ? __pfx___might_resched+0x10/0x10 [ 1132.062755][T32541] should_fail_ex+0x3b0/0x4e0 [ 1132.067456][T32541] ? tomoyo_realpath_from_path+0xcf/0x5e0 [ 1132.073200][T32541] should_failslab+0xac/0x100 [ 1132.077907][T32541] ? tomoyo_realpath_from_path+0xcf/0x5e0 [ 1132.083655][T32541] __kmalloc_noprof+0xd8/0x400 [ 1132.088455][T32541] ? kfree+0x4e/0x360 [ 1132.092476][T32541] tomoyo_realpath_from_path+0xcf/0x5e0 [ 1132.098068][T32541] tomoyo_path_number_perm+0x23a/0x880 [ 1132.103562][T32541] ? tomoyo_path_number_perm+0x208/0x880 [ 1132.109220][T32541] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1132.115257][T32541] ? __fget_files+0x29/0x470 [ 1132.119873][T32541] ? __fget_files+0x3f6/0x470 [ 1132.124571][T32541] ? __fget_files+0x29/0x470 [ 1132.129194][T32541] security_file_ioctl+0x75/0xb0 [ 1132.134156][T32541] __se_sys_ioctl+0x47/0x170 [ 1132.138766][T32541] do_syscall_64+0xf3/0x230 [ 1132.143274][T32541] ? clear_bhb_loop+0x35/0x90 [ 1132.147948][T32541] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1132.153828][T32541] RIP: 0033:0x7fb224b799f9 [ 1132.158232][T32541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1132.177823][T32541] RSP: 002b:00007fb2259eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1132.186222][T32541] RAX: ffffffffffffffda RBX: 00007fb224d16058 RCX: 00007fb224b799f9 [ 1132.194180][T32541] RDX: 00000000200000c0 RSI: 000000004048aecb RDI: 0000000000000008 [ 1132.202161][T32541] RBP: 00007fb2259eb090 R08: 0000000000000000 R09: 0000000000000000 [ 1132.210120][T32541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1132.218077][T32541] R13: 0000000000000000 R14: 00007fb224d16058 R15: 00007fb224e3fa38 [ 1132.226043][T32541] [ 1132.230701][ T5276] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 1132.261888][ T5276] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1132.328221][ T5276] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1132.369250][ T5276] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1132.393947][T32541] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1132.421879][ T5276] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1132.469695][ T5276] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 1132.516918][ T5276] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1132.545152][T32557] xt_TPROXY: Can be used only with -p tcp or -p udp [ 1132.565639][ T5276] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1132.589861][ T5276] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1132.656274][ T5276] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1132.721861][ T5276] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 1132.769917][ T5276] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1132.807845][ T5276] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1132.883532][ T5276] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1132.967624][ T5276] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1133.056525][ T5276] usb 5-1: string descriptor 0 read error: -22 [ 1133.081175][ T5276] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 1133.130555][ T5276] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1133.252514][ T5276] adutux 5-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 1134.039751][T32583] vlan2: entered promiscuous mode [ 1134.059925][T32583] macvtap0: entered promiscuous mode [ 1134.151793][T32583] team0: Port device vlan2 added [ 1134.579942][T12001] usb 5-1: USB disconnect, device number 85 [ 1134.655100][ T5276] usb 2-1: new high-speed USB device number 68 using dummy_hcd [ 1134.863104][ T5276] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 1134.892116][ T5276] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1134.925979][ T5276] usb 2-1: config 0 descriptor?? [ 1135.056819][T32634] netlink: 'syz.0.3978': attribute type 1 has an invalid length. [ 1135.118436][T12001] usb 4-1: new high-speed USB device number 66 using dummy_hcd [ 1135.255154][ T5274] usb 3-1: new high-speed USB device number 47 using dummy_hcd [ 1135.355155][T12001] usb 4-1: Using ep0 maxpacket: 8 [ 1135.393989][T12001] usb 4-1: config 0 has an invalid interface number: 136 but max is 0 [ 1135.429037][T12001] usb 4-1: config 0 has no interface number 0 [ 1135.488057][ T5276] usb 2-1: Cannot read MAC address [ 1135.525612][ T5276] MOSCHIP usb-ethernet driver 2-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -61 [ 1135.540953][ T5274] usb 3-1: config 164 has an invalid descriptor of length 0, skipping remainder of the config [ 1135.554352][T12001] usb 4-1: New USB device found, idVendor=4102, idProduct=1020, bcdDevice= 1.00 [ 1135.578962][ T5274] usb 3-1: New USB device found, idVendor=048d, idProduct=9005, bcdDevice=40.3d [ 1135.591653][T12001] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1135.642495][ T5274] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1135.653886][T12001] usb 4-1: Product: syz [ 1135.664190][T12001] usb 4-1: Manufacturer: syz [ 1135.669129][ T5274] usb 3-1: Product: syz [ 1135.673534][T12001] usb 4-1: SerialNumber: syz [ 1135.683149][ T5274] usb 3-1: Manufacturer: syz [ 1135.712423][ T25] usb 2-1: USB disconnect, device number 68 [ 1135.731253][T12001] usb 4-1: config 0 descriptor?? [ 1135.736894][ T5274] usb 3-1: SerialNumber: syz [ 1135.774077][T12001] usb-storage 4-1:0.136: USB Mass Storage device detected [ 1135.827186][T12001] usb-storage 4-1:0.136: Quirks match for vid 4102 pid 1020: 20 [ 1136.032339][ T5274] usb 3-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 1136.041033][ T5274] dvb_usb_af9035 3-1:164.0: probe with driver dvb_usb_af9035 failed with error -22 [ 1136.104994][ T5274] usb 3-1: USB disconnect, device number 47 [ 1137.145133][ T5274] usb 2-1: new high-speed USB device number 69 using dummy_hcd [ 1137.375030][ T5274] usb 2-1: Using ep0 maxpacket: 32 [ 1137.393066][ T5274] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1137.425060][ T5274] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1137.462002][ T5274] usb 2-1: New USB device found, idVendor=172f, idProduct=0501, bcdDevice= 0.00 [ 1137.472220][T32687] xt_hashlimit: overflow, try lower: 3/0 [ 1137.534464][ T5274] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1137.576499][ T5274] usb 2-1: config 0 descriptor?? [ 1137.862593][ T25] usb 4-1: USB disconnect, device number 66 [ 1137.875192][T12001] usb 3-1: new low-speed USB device number 48 using dummy_hcd [ 1138.001980][ T5274] waltop 0003:172F:0501.0035: unknown main item tag 0x0 [ 1138.043685][ T5274] waltop 0003:172F:0501.0035: item fetching failed at offset 5/8 [ 1138.058778][T32709] netlink: 'syz.0.3989': attribute type 20 has an invalid length. [ 1138.074230][ T5274] waltop 0003:172F:0501.0035: probe with driver waltop failed with error -22 [ 1138.123354][T12001] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 1138.142017][T12001] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1138.179267][T12001] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1138.234810][T12001] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1138.282196][T12001] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1138.287423][T32715] fuse: Bad value for 'rootmode' [ 1138.312270][T12001] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 1138.342312][ T5287] usb 2-1: USB disconnect, device number 69 [ 1138.400779][T12001] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1138.468884][T12001] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1138.519495][T12001] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1138.546024][T12001] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1138.590006][T12001] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 1138.616880][T12001] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1138.655981][T12001] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1138.689976][T12001] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1138.725963][T12001] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1138.763102][T12001] usb 3-1: string descriptor 0 read error: -22 [ 1138.777227][T30651] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 1138.787450][T30651] Bluetooth: hci1: unexpected event 0x30 length: 32 > 3 [ 1138.788455][T12001] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 1138.838243][T12001] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1138.907571][T12001] adutux 3-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 1138.985419][T30651] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 1139.233128][ T29] audit: type=1400 audit(1723594650.936:1949): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=381CD2A12F2F pid=32751 comm="syz.3.3995" [ 1139.572818][T12001] usb 4-1: new high-speed USB device number 67 using dummy_hcd [ 1139.776689][T12001] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 255, changing to 11 [ 1139.829337][T12001] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 59391, setting to 1024 [ 1139.881322][T12001] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 1139.917006][T12001] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1139.962794][T12001] usb 4-1: config 0 descriptor?? [ 1139.975222][T32752] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 1139.984625][T12001] gspca_main: spca561-2.14.0 probing abcd:cdee [ 1140.101185][ T310] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4002'. [ 1140.247190][ T310] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4002'. [ 1140.266250][T32752] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1140.312241][T32752] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1140.401409][T12001] spca561 4-1:0.0: probe with driver spca561 failed with error -22 [ 1140.423526][ T5287] usb 3-1: USB disconnect, device number 48 [ 1140.431985][T12001] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 1140.468116][T12001] usb 4-1: MIDIStreaming interface descriptor not found [ 1140.643546][T12001] usb 4-1: USB disconnect, device number 67 [ 1140.769290][ T29] audit: type=1326 audit(1723594652.476:1950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=337 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb224b799f9 code=0x7ffc0000 [ 1140.886224][ T362] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.4005'. [ 1140.902561][ T29] audit: type=1326 audit(1723594652.476:1951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=337 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb224b799f9 code=0x7ffc0000 [ 1140.918466][ T362] openvswitch: netlink: Tunnel attr 2 has unexpected len 13 expected 4 [ 1141.026192][ T29] audit: type=1326 audit(1723594652.476:1952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=337 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fb224b799f9 code=0x7ffc0000 [ 1141.127387][ T29] audit: type=1326 audit(1723594652.476:1953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=337 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb224b79a33 code=0x7ffc0000 [ 1141.194316][ T29] audit: type=1326 audit(1723594652.476:1954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=337 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb224b79a33 code=0x7ffc0000 [ 1141.253318][ T29] audit: type=1326 audit(1723594652.486:1955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=337 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb224b799f9 code=0x7ffc0000 [ 1141.360867][ T29] audit: type=1326 audit(1723594652.496:1956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=337 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb224b799f9 code=0x7ffc0000 [ 1141.475407][ T29] audit: type=1326 audit(1723594652.496:1957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=337 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7fb224b799f9 code=0x7ffc0000 [ 1141.539900][ T29] audit: type=1326 audit(1723594652.496:1958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=337 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb224b799f9 code=0x7ffc0000 [ 1141.898610][ T408] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4012'. [ 1141.904526][ T405] ip6tnl1: entered promiscuous mode [ 1141.941634][ T405] ip6tnl1: entered allmulticast mode [ 1142.812655][ T420] xt_hashlimit: overflow, try lower: 3/0 [ 1143.075135][ T46] usb 3-1: new high-speed USB device number 49 using dummy_hcd [ 1143.205872][ T25] usb 2-1: new low-speed USB device number 70 using dummy_hcd [ 1143.271936][ T433] netlink: 452 bytes leftover after parsing attributes in process `syz.4.4017'. [ 1143.327667][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1143.367173][ T436] netlink: 'syz.3.4018': attribute type 22 has an invalid length. [ 1143.379233][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1143.439066][ T25] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 1143.455141][ T46] usb 3-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00 [ 1143.477117][ T25] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1143.513387][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1143.531247][ T25] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1143.568573][ T25] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1143.580516][ T46] usb 3-1: config 0 descriptor?? [ 1143.625786][ T25] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1143.668844][ T25] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 1143.696597][ T25] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1143.743391][ T25] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1143.785277][ T25] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1143.815687][ T5276] usb 5-1: new high-speed USB device number 87 using dummy_hcd [ 1143.817504][ T422] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4015'. [ 1143.840527][ T25] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1143.895511][ T422] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4015'. [ 1143.955950][ T25] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 1143.963415][ T25] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1143.979160][ T455] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1144.042030][ T25] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1144.057276][ T5276] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 1144.067743][ T455] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1144.100178][ T5276] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1144.121197][ T25] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1144.166214][ T5276] usb 5-1: config 0 descriptor?? [ 1144.195346][ T25] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1144.211767][ T46] logitech 0003:046D:C294.0036: item fetching failed at offset 5/7 [ 1144.261877][ T443] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1144.278332][ T46] logitech 0003:046D:C294.0036: parse failed [ 1144.299572][ T25] usb 2-1: string descriptor 0 read error: -22 [ 1144.319369][ T443] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1144.326341][ T25] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 1144.357974][ T46] logitech 0003:046D:C294.0036: probe with driver logitech failed with error -22 [ 1144.385982][ T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1144.459443][ T25] adutux 2-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 1144.548007][ T5274] usb 3-1: USB disconnect, device number 49 [ 1145.020373][ T5276] usb 5-1: Cannot set MAC address [ 1145.080541][ T5276] MOSCHIP usb-ethernet driver 5-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 1145.126297][ T5276] usb 5-1: USB disconnect, device number 87 [ 1145.685361][ T5276] usb 3-1: new high-speed USB device number 50 using dummy_hcd [ 1145.751987][ T25] usb 2-1: USB disconnect, device number 70 [ 1145.901311][ T5276] usb 3-1: config 0 has an invalid interface number: 18 but max is 0 [ 1145.955633][ T5276] usb 3-1: config 0 has no interface number 0 [ 1145.972069][ T5276] usb 3-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1146.050248][ T542] binder: BINDER_SET_CONTEXT_MGR already set [ 1146.068675][ T542] binder: 534:542 ioctl 4018620d 20000100 returned -16 [ 1146.089487][ T5276] usb 3-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1146.142673][ T5276] usb 3-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10 [ 1146.180897][ T5276] usb 3-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 1146.220014][ T5276] usb 3-1: Manufacturer: syz [ 1146.249649][ T5276] usb 3-1: config 0 descriptor?? [ 1146.375255][ T25] usb 5-1: new high-speed USB device number 88 using dummy_hcd [ 1146.595075][ T25] usb 5-1: Using ep0 maxpacket: 32 [ 1146.708398][ T569] QAT: Device 0 not found [ 1146.746183][ T29] kauditd_printk_skb: 6 callbacks suppressed [ 1146.746202][ T29] audit: type=1400 audit(1723594658.446:1965): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=381CD2A12F2F pid=562 comm="syz.3.4031" [ 1147.095265][ T46] usb 4-1: new high-speed USB device number 68 using dummy_hcd [ 1147.330708][ T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 255, changing to 11 [ 1147.355411][ T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 59391, setting to 1024 [ 1147.389389][ T46] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 1147.422432][ T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1147.453536][ T46] usb 4-1: config 0 descriptor?? [ 1147.481539][ T566] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22 [ 1147.517823][ T46] gspca_main: spca561-2.14.0 probing abcd:cdee [ 1147.833871][ T563] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1147.901338][ T563] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1148.004163][ T46] spca561 4-1:0.0: probe with driver spca561 failed with error -22 [ 1148.078165][ T46] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 1148.093347][ T46] usb 4-1: MIDIStreaming interface descriptor not found [ 1148.275252][ T46] usb 4-1: USB disconnect, device number 68 [ 1148.315833][ T54] Bluetooth: hci4: command 0x0405 tx timeout [ 1148.411112][ T29] audit: type=1400 audit(1723594660.066:1966): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=381CD2A12F2F pid=584 comm="syz.1.4035" [ 1148.642511][ T5276] usbhid 3-1:0.18: can't add hid device: -71 [ 1148.697565][ T5276] usbhid 3-1:0.18: probe with driver usbhid failed with error -71 [ 1148.764333][ T5276] usb 3-1: USB disconnect, device number 50 [ 1148.815063][ T5274] usb 2-1: new high-speed USB device number 71 using dummy_hcd [ 1148.854256][ T641] FAULT_INJECTION: forcing a failure. [ 1148.854256][ T641] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1148.908944][ T641] CPU: 1 UID: 0 PID: 641 Comm: syz.2.4037 Not tainted 6.11.0-rc3-syzkaller-00010-g6b4aa469f049 #0 [ 1148.919563][ T641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1148.929618][ T641] Call Trace: [ 1148.932887][ T641] [ 1148.935809][ T641] dump_stack_lvl+0x241/0x360 [ 1148.940500][ T641] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1148.945721][ T641] ? __pfx__printk+0x10/0x10 [ 1148.950350][ T641] should_fail_ex+0x3b0/0x4e0 [ 1148.955048][ T641] prepare_alloc_pages+0x1da/0x5d0 [ 1148.960180][ T641] __alloc_pages_noprof+0x166/0x6c0 [ 1148.965392][ T641] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 1148.971129][ T641] ? __lock_acquire+0x137a/0x2040 [ 1148.976178][ T641] alloc_pages_mpol_noprof+0x3e8/0x680 [ 1148.981649][ T641] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 1148.987639][ T641] ? filemap_get_entry+0x123/0x3b0 [ 1148.992772][ T641] ? __pfx_lock_release+0x10/0x10 [ 1148.997796][ T641] folio_alloc_mpol_noprof+0x36/0x50 [ 1149.003076][ T641] shmem_alloc_and_add_folio+0x2cf/0x14f0 [ 1149.008784][ T641] ? filemap_get_entry+0x328/0x3b0 [ 1149.013887][ T641] ? __pfx_filemap_get_entry+0x10/0x10 [ 1149.019349][ T641] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1149.025497][ T641] shmem_get_folio_gfp+0x8dc/0x2370 [ 1149.030691][ T641] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1149.036312][ T641] shmem_fallocate+0x9bc/0x11d0 [ 1149.041160][ T641] ? __pfx_shmem_fallocate+0x10/0x10 [ 1149.046435][ T641] ? rcu_read_lock_any_held+0xb7/0x160 [ 1149.051886][ T641] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 1149.057779][ T641] vfs_fallocate+0x553/0x6c0 [ 1149.062357][ T641] __x64_sys_fallocate+0xbd/0x110 [ 1149.067374][ T641] do_syscall_64+0xf3/0x230 [ 1149.071865][ T641] ? clear_bhb_loop+0x35/0x90 [ 1149.076530][ T641] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1149.082403][ T641] RIP: 0033:0x7fb224b799f9 [ 1149.086799][ T641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1149.106385][ T641] RSP: 002b:00007fb2259eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1149.114779][ T641] RAX: ffffffffffffffda RBX: 00007fb224d16058 RCX: 00007fb224b799f9 [ 1149.122751][ T641] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008 [ 1149.130731][ T641] RBP: 00007fb2259eb090 R08: 0000000000000000 R09: 0000000000000000 [ 1149.138707][ T641] R10: 00000000001001f0 R11: 0000000000000246 R12: 0000000000000002 [ 1149.146688][ T641] R13: 0000000000000000 R14: 00007fb224d16058 R15: 00007fb224e3fa38 [ 1149.154684][ T641] [ 1149.161586][ T5274] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 255, changing to 11 [ 1149.219941][ T5274] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 59391, setting to 1024 [ 1149.241339][ T5274] usb 2-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 1149.261950][ T25] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1149.263012][ T5274] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1149.290124][ T25] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 1149.320208][ T5274] usb 2-1: config 0 descriptor?? [ 1149.334472][ T585] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22 [ 1149.342082][ T25] usb 5-1: can't read configurations, error -71 [ 1149.367569][ T5274] gspca_main: spca561-2.14.0 probing abcd:cdee [ 1149.568652][ T585] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1149.695549][ T585] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1149.725252][ T5274] spca561 2-1:0.0: probe with driver spca561 failed with error -22 [ 1149.735486][ T25] usb 5-1: new high-speed USB device number 89 using dummy_hcd [ 1149.765269][ T5274] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 1149.772294][ T5274] usb 2-1: MIDIStreaming interface descriptor not found [ 1149.895931][ T5274] usb 2-1: USB disconnect, device number 71 [ 1149.927327][ T25] usb 5-1: Using ep0 maxpacket: 16 [ 1149.941632][ T25] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1149.972696][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1149.992247][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1150.029328][ T5888] usb 3-1: new high-speed USB device number 51 using dummy_hcd [ 1150.043416][ T25] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 1150.057248][ T25] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1150.081458][ T25] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1150.091219][ T25] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1150.101358][ T25] usb 5-1: Manufacturer: syz [ 1150.113872][ T25] usb 5-1: config 0 descriptor?? [ 1150.146564][ T701] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1150.178352][ T701] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1150.242232][ T701] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1150.257959][ T5888] usb 3-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98 [ 1150.274008][ T5888] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1150.299717][ T701] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1150.311807][ T5888] usb 3-1: config 0 descriptor?? [ 1150.435034][ T25] rc_core: IR keymap rc-hauppauge not found [ 1150.447969][ T25] Registered IR keymap rc-empty [ 1150.461092][ T25] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 1150.509726][ T25] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 1150.537772][ T650] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4038'. [ 1150.566588][ T25] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 1150.634114][ T25] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input73 [ 1150.746979][ T25] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 1150.805286][ T25] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 1150.843838][ T25] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 1150.905110][ T25] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 1150.937796][ T25] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 1151.005247][ T25] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 1151.048625][ T25] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 1151.056657][ T5888] usb 3-1: string descriptor 0 read error: -71 [ 1151.078182][ T5888] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 1151.107264][ T5888] ftdi_sio ttyUSB0: unknown device type: 0xc698 [ 1151.115453][ T25] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 1151.148754][ T5888] usb 3-1: USB disconnect, device number 51 [ 1151.163184][ T5888] ftdi_sio 3-1:0.0: device disconnected [ 1151.169944][ T25] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 1151.227893][ T25] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 1151.277491][ T25] mceusb 5-1:0.0: Registered with mce emulator interface version 1 [ 1151.290362][ T25] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 1151.318515][ T25] usb 5-1: USB disconnect, device number 89 [ 1151.334345][ T749] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4045'. [ 1151.445121][ T46] usb 4-1: new high-speed USB device number 69 using dummy_hcd [ 1151.625075][ T46] usb 4-1: Using ep0 maxpacket: 32 [ 1151.636841][ T46] usb 4-1: config 1 interface 0 altsetting 7 bulk endpoint 0x1 has invalid maxpacket 16 [ 1151.659717][ T46] usb 4-1: config 1 interface 0 altsetting 7 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 1151.693570][ T46] usb 4-1: config 1 interface 0 has no altsetting 0 [ 1151.713438][ T46] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 1151.728115][ T46] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1151.751505][ T46] usb 4-1: Product: syz [ 1151.761069][ T46] usb 4-1: Manufacturer: syz [ 1151.786116][ T46] usb 4-1: SerialNumber: syz [ 1151.876866][ T738] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 1151.895204][ T738] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 1152.191537][ T788] binder: BINDER_SET_CONTEXT_MGR already set [ 1152.208924][ T788] binder: 780:788 ioctl 4018620d 20000100 returned -16 [ 1152.245390][ T46] usb 4-1: USB disconnect, device number 69 [ 1152.331632][ T788] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1152.370595][ T788] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1152.374649][ T799] AppArmor: change_hat: Invalid input '0m0000000000000002^' [ 1154.521207][ T847] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4062'. [ 1154.667463][ T854] x_tables: arp_tables: RATEEST.0 target: invalid size 32 (kernel) != (user) 0 [ 1154.854048][ T851] kvm: kvm [850]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0xc100000000 [ 1154.896450][ T851] kvm: kvm [850]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xc200000080 [ 1154.938696][ T851] kvm: kvm [850]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x11e00000000 [ 1154.993241][ T859] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4066'. [ 1155.002721][ T851] kvm: kvm [850]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x18600000080 [ 1155.026996][ T851] kvm: kvm [850]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x18700000000 [ 1155.057965][ T862] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4066'. [ 1155.283806][ T869] FAULT_INJECTION: forcing a failure. [ 1155.283806][ T869] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1155.338208][ T872] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4068'. [ 1155.352323][ T869] CPU: 1 UID: 0 PID: 869 Comm: syz.1.4069 Not tainted 6.11.0-rc3-syzkaller-00010-g6b4aa469f049 #0 [ 1155.362931][ T869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1155.372972][ T869] Call Trace: [ 1155.376238][ T869] [ 1155.379156][ T869] dump_stack_lvl+0x241/0x360 [ 1155.383824][ T869] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1155.389014][ T869] ? __pfx__printk+0x10/0x10 [ 1155.393610][ T869] ? __pfx_lock_release+0x10/0x10 [ 1155.398631][ T869] should_fail_ex+0x3b0/0x4e0 [ 1155.403295][ T869] _copy_from_iter+0x1f6/0x1960 [ 1155.408130][ T869] ? __virt_addr_valid+0x183/0x530 [ 1155.413231][ T869] ? __pfx_lock_release+0x10/0x10 [ 1155.418248][ T869] ? __pfx__copy_from_iter+0x10/0x10 [ 1155.423518][ T869] ? __virt_addr_valid+0x183/0x530 [ 1155.428873][ T869] ? __virt_addr_valid+0x183/0x530 [ 1155.433963][ T869] ? __virt_addr_valid+0x45f/0x530 [ 1155.439055][ T869] ? __check_object_size+0x49c/0x900 [ 1155.444346][ T869] udplite_getfrag+0x4a/0xa0 [ 1155.448928][ T869] __ip6_append_data+0x3047/0x4070 [ 1155.454043][ T869] ? __pfx_udplite_getfrag+0x10/0x10 [ 1155.459327][ T869] ? __pfx___ip6_append_data+0x10/0x10 [ 1155.464858][ T869] ? ip6_setup_cork+0x9fd/0xfb0 [ 1155.469695][ T869] ip6_make_skb+0x43b/0x530 [ 1155.474186][ T869] ? ip6_dst_check+0xe7/0x7e0 [ 1155.478848][ T869] ? ip6_dst_check+0x5d9/0x7e0 [ 1155.483597][ T869] ? __pfx_udplite_getfrag+0x10/0x10 [ 1155.488865][ T869] ? __pfx_ip6_make_skb+0x10/0x10 [ 1155.493880][ T869] ? ip6_sk_dst_lookup_flow+0x714/0xa30 [ 1155.499418][ T869] ? __pfx_ip6_sk_dst_lookup_flow+0x10/0x10 [ 1155.505304][ T869] ? udpv6_sendmsg+0x1cc7/0x3270 [ 1155.510226][ T869] udpv6_sendmsg+0x237f/0x3270 [ 1155.514985][ T869] ? __pfx_udplite_getfrag+0x10/0x10 [ 1155.520258][ T869] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 1155.525355][ T869] ? __pfx_lock_release+0x10/0x10 [ 1155.530372][ T869] ? aa_file_perm+0x3ef/0xf60 [ 1155.535038][ T869] ? inet_send_prepare+0x21/0x260 [ 1155.540048][ T869] ? inet_send_prepare+0x5a/0x260 [ 1155.545074][ T869] __sock_sendmsg+0xef/0x270 [ 1155.549674][ T869] sock_write_iter+0x2dd/0x400 [ 1155.554426][ T869] ? __pfx_sock_write_iter+0x10/0x10 [ 1155.559711][ T869] ? bpf_lsm_file_permission+0x9/0x10 [ 1155.565071][ T869] ? security_file_permission+0x7f/0xa0 [ 1155.570605][ T869] vfs_write+0xa72/0xc90 [ 1155.574833][ T869] ? __pfx_sock_write_iter+0x10/0x10 [ 1155.580103][ T869] ? __pfx_vfs_write+0x10/0x10 [ 1155.584861][ T869] ksys_write+0x1a0/0x2c0 [ 1155.589177][ T869] ? __pfx_ksys_write+0x10/0x10 [ 1155.594009][ T869] ? do_syscall_64+0x100/0x230 [ 1155.598769][ T869] ? do_syscall_64+0xb6/0x230 [ 1155.603438][ T869] do_syscall_64+0xf3/0x230 [ 1155.607932][ T869] ? clear_bhb_loop+0x35/0x90 [ 1155.612594][ T869] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1155.618469][ T869] RIP: 0033:0x7fa00b5799f9 [ 1155.622868][ T869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1155.642459][ T869] RSP: 002b:00007fa00c394038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1155.650857][ T869] RAX: ffffffffffffffda RBX: 00007fa00b715f80 RCX: 00007fa00b5799f9 [ 1155.658814][ T869] RDX: 000000000000e6da RSI: 0000000020000040 RDI: 0000000000000003 [ 1155.666769][ T869] RBP: 00007fa00c394090 R08: 0000000000000000 R09: 0000000000000000 [ 1155.674726][ T869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1155.682680][ T869] R13: 0000000000000000 R14: 00007fa00b715f80 R15: 00007fa00b83fa38 [ 1155.690642][ T869] [ 1155.947484][ T887] ip6tnl1: entered promiscuous mode [ 1155.952733][ T887] ip6tnl1: entered allmulticast mode [ 1155.986881][ T890] FAULT_INJECTION: forcing a failure. [ 1155.986881][ T890] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1156.045190][ T890] CPU: 0 UID: 0 PID: 890 Comm: syz.1.4072 Not tainted 6.11.0-rc3-syzkaller-00010-g6b4aa469f049 #0 [ 1156.055823][ T890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1156.065874][ T890] Call Trace: [ 1156.069145][ T890] [ 1156.072066][ T890] dump_stack_lvl+0x241/0x360 [ 1156.076749][ T890] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1156.081955][ T890] ? __pfx__printk+0x10/0x10 [ 1156.086544][ T890] ? seqcount_lockdep_reader_access+0x1d7/0x220 [ 1156.092780][ T890] ? __pfx_lock_release+0x10/0x10 [ 1156.097800][ T890] ? ktime_get_ts64+0xa8/0x2b0 [ 1156.102564][ T890] should_fail_ex+0x3b0/0x4e0 [ 1156.107239][ T890] _copy_from_user+0x2f/0xe0 [ 1156.111829][ T890] copy_msghdr_from_user+0xae/0x680 [ 1156.117032][ T890] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1156.122836][ T890] ? set_normalized_timespec64+0x160/0x1e0 [ 1156.128644][ T890] ? __might_fault+0xaa/0x120 [ 1156.133317][ T890] do_recvmmsg+0x40f/0xae0 [ 1156.137737][ T890] ? mark_lock+0x9a/0x350 [ 1156.142069][ T890] ? __pfx_do_recvmmsg+0x10/0x10 [ 1156.147017][ T890] ? __pfx___might_resched+0x10/0x10 [ 1156.152297][ T890] ? __might_fault+0xaa/0x120 [ 1156.156968][ T890] ? __pfx_lock_release+0x10/0x10 [ 1156.162077][ T890] ? vfs_write+0x7c4/0xc90 [ 1156.166502][ T890] ? get_timespec64+0x19c/0x280 [ 1156.171358][ T890] __x64_sys_recvmmsg+0x1b8/0x250 [ 1156.176378][ T890] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 1156.181916][ T890] ? do_syscall_64+0x100/0x230 [ 1156.186676][ T890] ? do_syscall_64+0xb6/0x230 [ 1156.191351][ T890] do_syscall_64+0xf3/0x230 [ 1156.195850][ T890] ? clear_bhb_loop+0x35/0x90 [ 1156.200539][ T890] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1156.206423][ T890] RIP: 0033:0x7fa00b5799f9 [ 1156.210833][ T890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1156.230434][ T890] RSP: 002b:00007fa00c394038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1156.238845][ T890] RAX: ffffffffffffffda RBX: 00007fa00b715f80 RCX: 00007fa00b5799f9 [ 1156.246813][ T890] RDX: 04000000000003b4 RSI: 00000000200037c0 RDI: 0000000000000003 [ 1156.254775][ T890] RBP: 00007fa00c394090 R08: 0000000020003700 R09: 0000000000000000 [ 1156.262735][ T890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1156.270701][ T890] R13: 0000000000000000 R14: 00007fa00b715f80 R15: 00007fa00b83fa38 [ 1156.278674][ T890] [ 1156.281708][ C0] vkms_vblank_simulate: vblank timer overrun [ 1156.788934][ T932] binder: BINDER_SET_CONTEXT_MGR already set [ 1156.815103][ T932] binder: 928:932 ioctl 4018620d 20000100 returned -16 [ 1156.878019][ T936] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1156.905720][ T936] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1156.969024][ T936] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4081'. [ 1157.013344][ T936] netlink: 'syz.0.4081': attribute type 1 has an invalid length. [ 1157.200332][ T25] usb 4-1: new high-speed USB device number 70 using dummy_hcd [ 1157.405248][ T25] usb 4-1: Using ep0 maxpacket: 32 [ 1157.781601][ T954] FAULT_INJECTION: forcing a failure. [ 1157.781601][ T954] name failslab, interval 1, probability 0, space 0, times 0 [ 1157.809689][ T954] CPU: 1 UID: 0 PID: 954 Comm: syz.4.4086 Not tainted 6.11.0-rc3-syzkaller-00010-g6b4aa469f049 #0 [ 1157.820297][ T954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1157.830337][ T954] Call Trace: [ 1157.833600][ T954] [ 1157.836540][ T954] dump_stack_lvl+0x241/0x360 [ 1157.841212][ T954] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1157.846400][ T954] ? __pfx__printk+0x10/0x10 [ 1157.850988][ T954] should_fail_ex+0x3b0/0x4e0 [ 1157.855668][ T954] ? dst_alloc+0x12b/0x190 [ 1157.860099][ T954] should_failslab+0xac/0x100 [ 1157.864798][ T954] ? dst_alloc+0x12b/0x190 [ 1157.869231][ T954] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 1157.874610][ T954] dst_alloc+0x12b/0x190 [ 1157.878846][ T954] ip_route_output_key_hash_rcu+0x13cc/0x2390 [ 1157.884909][ T954] ip_route_output_key_hash+0x193/0x2b0 [ 1157.890453][ T954] ? ip_route_output_key_hash+0xdf/0x2b0 [ 1157.896071][ T954] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 1157.902128][ T954] tcp_v4_connect+0x6df/0x1ba0 [ 1157.906892][ T954] ? __pfx_tcp_v4_connect+0x10/0x10 [ 1157.912079][ T954] ? mark_lock+0x9a/0x350 [ 1157.916399][ T954] __inet_stream_connect+0x262/0xf30 [ 1157.921673][ T954] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1157.927985][ T954] ? __local_bh_enable_ip+0x168/0x200 [ 1157.933336][ T954] ? lockdep_hardirqs_on+0x99/0x150 [ 1157.938528][ T954] ? __pfx___inet_stream_connect+0x10/0x10 [ 1157.944336][ T954] ? __local_bh_enable_ip+0x168/0x200 [ 1157.949717][ T954] ? inet_stream_connect+0x50/0xa0 [ 1157.954830][ T954] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 1157.960553][ T954] inet_stream_connect+0x65/0xa0 [ 1157.965495][ T954] __sys_connect+0x2df/0x310 [ 1157.970071][ T954] ? __pfx___sys_connect+0x10/0x10 [ 1157.975169][ T954] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1157.981489][ T954] ? do_syscall_64+0x100/0x230 [ 1157.986244][ T954] __x64_sys_connect+0x7a/0x90 [ 1157.990991][ T954] do_syscall_64+0xf3/0x230 [ 1157.995481][ T954] ? clear_bhb_loop+0x35/0x90 [ 1158.000143][ T954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1158.006028][ T954] RIP: 0033:0x7fc9c07799f9 [ 1158.010428][ T954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1158.030019][ T954] RSP: 002b:00007fc9c161d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 1158.038433][ T954] RAX: ffffffffffffffda RBX: 00007fc9c0915f80 RCX: 00007fc9c07799f9 [ 1158.046388][ T954] RDX: 0000000000000010 RSI: 0000000020000040 RDI: 0000000000000003 [ 1158.054344][ T954] RBP: 00007fc9c161d090 R08: 0000000000000000 R09: 0000000000000000 [ 1158.062304][ T954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1158.070343][ T954] R13: 0000000000000000 R14: 00007fc9c0915f80 R15: 00007fc9c0a3fa38 [ 1158.078313][ T954] [ 1158.081458][ C1] vkms_vblank_simulate: vblank timer overrun [ 1158.093275][ T951] netlink: 200 bytes leftover after parsing attributes in process `syz.0.4084'. [ 1158.417511][ T5282] usb 2-1: new high-speed USB device number 72 using dummy_hcd [ 1158.502325][ T970] x_tables: ip6_tables: mh match: only valid for protocol 135 [ 1158.546804][ T970] xt_NFQUEUE: number of total queues is 0 [ 1158.626777][ T5282] usb 2-1: config index 0 descriptor too short (expected 45, got 36) [ 1158.635778][ T5282] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1158.657752][ T5282] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1158.688459][ T5282] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1158.706970][ T5282] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1158.726504][ T5282] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1158.741680][ T5282] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1158.766752][ T5282] usb 2-1: config 0 descriptor?? [ 1158.773787][ T956] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 1158.855102][ T5888] usb 5-1: new high-speed USB device number 90 using dummy_hcd [ 1159.038220][ T5888] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1159.055292][ T5888] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 1159.098421][ T5888] usb 5-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 1159.129383][ T5888] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1159.173782][ T5888] usb 5-1: config 0 descriptor?? [ 1159.186533][ T5282] plantronics 0003:047F:FFFF.0037: unknown main item tag 0xd [ 1159.231561][ T5282] plantronics 0003:047F:FFFF.0037: No inputs registered, leaving [ 1159.274825][ T5282] plantronics 0003:047F:FFFF.0037: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 1159.414900][ T5888] Bluetooth: Can't get state to change to load ram patch err [ 1159.443337][ T5888] Bluetooth: Loading patch file failed [ 1159.461666][ T5888] ath3k 5-1:0.0: probe with driver ath3k failed with error -32 [ 1159.470971][ T956] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1159.509799][ T956] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1159.533351][ T956] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1159.595678][ T956] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1159.750809][ T5274] usb 2-1: USB disconnect, device number 72 [ 1159.838072][ T25] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1159.870297][ T25] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 1159.899283][ T25] usb 4-1: can't read configurations, error -71 [ 1160.112277][ T1043] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4094'. [ 1160.595947][ T5282] usb 3-1: new high-speed USB device number 52 using dummy_hcd [ 1160.639815][ T29] audit: type=1400 audit(1723594672.316:1967): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=381CD2A12F2F pid=1057 comm="syz.1.4101" [ 1160.746049][ T1071] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4103'. [ 1160.805064][ T1072] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1160.838091][ T5282] usb 3-1: config 164 has an invalid descriptor of length 0, skipping remainder of the config [ 1160.866178][ T1072] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1160.884445][ T5282] usb 3-1: New USB device found, idVendor=048d, idProduct=9005, bcdDevice=40.3d [ 1160.896515][ T5274] usb 2-1: new high-speed USB device number 73 using dummy_hcd [ 1160.910713][ T5282] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1160.924552][ T5282] usb 3-1: Product: syz [ 1160.932430][ T5282] usb 3-1: Manufacturer: syz [ 1160.941534][ T5282] usb 3-1: SerialNumber: syz [ 1161.072674][ T25] hid-generic 0000:0000:100000.0038: unknown main item tag 0x0 [ 1161.090761][ T25] hid-generic 0000:0000:100000.0038: unknown main item tag 0x0 [ 1161.114193][ T25] hid-generic 0000:0000:100000.0038: unknown main item tag 0x0 [ 1161.137712][ T25] hid-generic 0000:0000:100000.0038: unknown main item tag 0x0 [ 1161.149197][ T5274] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 255, changing to 11 [ 1161.149633][ T1078] QAT: Device 0 not found [ 1161.171353][ T25] hid-generic 0000:0000:100000.0038: unknown main item tag 0x0 [ 1161.192204][ T25] hid-generic 0000:0000:100000.0038: unknown main item tag 0x0 [ 1161.235752][ T25] hid-generic 0000:0000:100000.0038: hidraw0: HID v0.00 Device [syz0] on syz1 [ 1161.242642][ T5274] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 59391, setting to 1024 [ 1161.263209][ T1049] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4099'. [ 1161.300169][ T5274] usb 2-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 1161.324577][ T5274] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1161.360430][ T5274] usb 2-1: config 0 descriptor?? [ 1161.384348][ T1058] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 1161.435110][ T5274] gspca_main: spca561-2.14.0 probing abcd:cdee [ 1161.503856][ T25] usb 5-1: USB disconnect, device number 90 [ 1161.703330][ T1058] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1161.754068][ T1058] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1161.785772][ T5274] spca561 2-1:0.0: probe with driver spca561 failed with error -22 [ 1161.851620][ T5274] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 1161.901721][ T5274] usb 2-1: MIDIStreaming interface descriptor not found [ 1162.050781][ T5274] usb 2-1: USB disconnect, device number 73 [ 1162.386566][ T1134] binder: 1133:1134 ioctl c0306201 0 returned -14 [ 1162.815551][ T5225] usb 4-1: new high-speed USB device number 72 using dummy_hcd [ 1163.035093][ T5225] usb 4-1: Using ep0 maxpacket: 32 [ 1163.227518][ T1154] kvm: pic: non byte write [ 1163.314252][ T1157] binder: transaction release 373 bad object at offset 1525465, size 72 [ 1163.330495][ T5282] usb 3-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 1163.345228][ T5282] dvb_usb_af9035 3-1:164.0: probe with driver dvb_usb_af9035 failed with error -22 [ 1163.370104][ T5282] usb 3-1: USB disconnect, device number 52 [ 1163.829021][ T1171] netlink: 'syz.2.4110': attribute type 29 has an invalid length. [ 1164.552847][ T1203] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4116'. [ 1164.571150][ T5274] usb 5-1: new high-speed USB device number 91 using dummy_hcd [ 1164.616214][T30651] Bluetooth: unknown link type 64 [ 1164.621472][T30651] Bluetooth: hci2: connection err: -111 [ 1164.780401][ T5274] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 19, changing to 8 [ 1164.794816][ T5274] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59136, setting to 1024 [ 1164.819533][ T5274] usb 5-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00 [ 1164.837170][ T5274] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1164.889733][ T5274] usb 5-1: config 0 descriptor?? [ 1164.907599][ T1186] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 1165.418202][ T5225] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1165.439856][ T5225] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 1165.468648][ T5225] usb 4-1: can't read configurations, error -71 [ 1165.593110][ T5274] usbhid 5-1:0.0: can't add hid device: -71 [ 1165.645138][ T25] usb 3-1: new high-speed USB device number 53 using dummy_hcd [ 1165.673072][ T5274] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 1165.702402][ T1236] pim6reg1: entered promiscuous mode [ 1165.711536][ T1236] pim6reg1: entered allmulticast mode [ 1165.730943][ T5274] usb 5-1: USB disconnect, device number 91 [ 1165.829287][ T25] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 1165.884855][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1165.939462][ T25] usb 3-1: config 0 descriptor?? [ 1166.357702][ T25] usb 3-1: Cannot read MAC address [ 1166.379699][ T25] MOSCHIP usb-ethernet driver 3-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -61 [ 1166.408450][ T1260] FAULT_INJECTION: forcing a failure. [ 1166.408450][ T1260] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1166.446023][ T1260] CPU: 0 UID: 0 PID: 1260 Comm: syz.4.4121 Not tainted 6.11.0-rc3-syzkaller-00010-g6b4aa469f049 #0 [ 1166.456739][ T1260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1166.466803][ T1260] Call Trace: [ 1166.470071][ T1260] [ 1166.472983][ T1260] dump_stack_lvl+0x241/0x360 [ 1166.477667][ T1260] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1166.482886][ T1260] ? __pfx__printk+0x10/0x10 [ 1166.487475][ T1260] should_fail_ex+0x3b0/0x4e0 [ 1166.492140][ T1260] prepare_alloc_pages+0x1da/0x5d0 [ 1166.497254][ T1260] __alloc_pages_noprof+0x166/0x6c0 [ 1166.502450][ T1260] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 1166.508175][ T1260] ? __lock_acquire+0x137a/0x2040 [ 1166.513239][ T1260] alloc_pages_mpol_noprof+0x3e8/0x680 [ 1166.518729][ T1260] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 1166.524733][ T1260] ? filemap_get_entry+0x123/0x3b0 [ 1166.529868][ T1260] ? __pfx_lock_release+0x10/0x10 [ 1166.534917][ T1260] folio_alloc_mpol_noprof+0x36/0x50 [ 1166.540223][ T1260] shmem_alloc_and_add_folio+0x2cf/0x14f0 [ 1166.545965][ T1260] ? filemap_get_entry+0x328/0x3b0 [ 1166.551102][ T1260] ? __pfx_filemap_get_entry+0x10/0x10 [ 1166.556581][ T1260] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1166.562772][ T1260] shmem_get_folio_gfp+0x8dc/0x2370 [ 1166.568014][ T1260] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1166.573683][ T1260] shmem_fallocate+0x9bc/0x11d0 [ 1166.578582][ T1260] ? __pfx_shmem_fallocate+0x10/0x10 [ 1166.583899][ T1260] ? rcu_read_lock_any_held+0xb7/0x160 [ 1166.589382][ T1260] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 1166.595314][ T1260] vfs_fallocate+0x553/0x6c0 [ 1166.599932][ T1260] __x64_sys_fallocate+0xbd/0x110 [ 1166.605061][ T1260] do_syscall_64+0xf3/0x230 [ 1166.609590][ T1260] ? clear_bhb_loop+0x35/0x90 [ 1166.614291][ T1260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1166.620203][ T1260] RIP: 0033:0x7fc9c07799f9 [ 1166.624640][ T1260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1166.644255][ T1260] RSP: 002b:00007fc9c15fc038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1166.652654][ T1260] RAX: ffffffffffffffda RBX: 00007fc9c0916058 RCX: 00007fc9c07799f9 [ 1166.660621][ T1260] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008 [ 1166.668579][ T1260] RBP: 00007fc9c15fc090 R08: 0000000000000000 R09: 0000000000000000 [ 1166.676536][ T1260] R10: 00000000001001f0 R11: 0000000000000246 R12: 0000000000000002 [ 1166.684492][ T1260] R13: 0000000000000000 R14: 00007fc9c0916058 R15: 00007fc9c0a3fa38 [ 1166.692456][ T1260] [ 1166.723776][ T25] usb 3-1: USB disconnect, device number 53 [ 1166.819119][ T1283] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1166.833307][ T1283] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1167.405622][ T1296] kvm: pic: non byte write [ 1167.635090][ T25] usb 2-1: new high-speed USB device number 74 using dummy_hcd [ 1167.646376][ T5225] usb 3-1: new high-speed USB device number 54 using dummy_hcd [ 1167.758545][ T5282] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0 [ 1167.802751][ T5282] hid-generic 0000:0000:0000.0039: hidraw0: HID v0.00 Device [syz0] on syz0 [ 1167.835702][ T25] usb 2-1: Using ep0 maxpacket: 32 [ 1167.845717][ T5225] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 1167.868633][ T25] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=4a.83 [ 1167.879047][ T5225] usb 3-1: config 1 has an invalid descriptor of length 110, skipping remainder of the config [ 1167.904650][ T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1167.919725][ T5225] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1167.930896][ T25] usb 2-1: Product: syz [ 1167.941684][ T25] usb 2-1: Manufacturer: syz [ 1167.951470][ T5225] usb 3-1: config 1 has no interface number 1 [ 1167.958588][ T25] usb 2-1: SerialNumber: syz [ 1167.970272][ T5225] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 156, changing to 7 [ 1167.995514][ T25] usb 2-1: config 0 descriptor?? [ 1168.036573][ T5225] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 17696, setting to 1024 [ 1168.094083][ T5225] usb 3-1: string descriptor 0 read error: -22 [ 1168.128400][ T5225] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1168.162215][ T5225] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1168.193649][ T5225] usb 3-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 1168.481793][ T1352] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4131'. [ 1168.905722][ T5276] usb 4-1: new high-speed USB device number 75 using dummy_hcd [ 1169.038168][ T25] snd-usb-6fire 2-1:0.0: unable to receive device firmware state. [ 1169.085181][ T25] snd-usb-6fire 2-1:0.0: probe with driver snd-usb-6fire failed with error -110 [ 1169.132951][ T5276] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 255, changing to 11 [ 1169.181255][ T5276] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 59391, setting to 1024 [ 1169.226845][ T5276] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 1169.252064][ T5276] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1169.306093][ T5276] usb 4-1: config 0 descriptor?? [ 1169.330207][ T1353] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22 [ 1169.349890][ T5276] gspca_main: spca561-2.14.0 probing abcd:cdee [ 1169.546511][ T1353] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1169.563056][ T1353] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1169.886639][ T5276] spca561 4-1:0.0: probe with driver spca561 failed with error -22 [ 1169.919265][ T5276] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 1169.943388][ T5276] usb 4-1: MIDIStreaming interface descriptor not found [ 1170.456483][ T25] usb 5-1: new high-speed USB device number 92 using dummy_hcd [ 1170.604902][ T5274] usb 2-1: USB disconnect, device number 74 [ 1170.716892][ T25] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 1170.735061][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1170.777086][ T5825] usb 3-1: USB disconnect, device number 54 [ 1170.790249][ T25] usb 5-1: config 0 descriptor?? [ 1170.883615][ T1436] x_tables: ip6_tables: mh match: only valid for protocol 135 [ 1170.990188][ T1436] xt_NFQUEUE: number of total queues is 0 [ 1171.021000][ T1436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1171.059733][ T1436] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1171.148565][ T1446] kvm: pic: non byte write [ 1171.398204][ T5825] usb 4-1: USB disconnect, device number 75 [ 1171.643992][ T1476] FAULT_INJECTION: forcing a failure. [ 1171.643992][ T1476] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1171.678328][ T1476] CPU: 1 UID: 0 PID: 1476 Comm: syz.3.4142 Not tainted 6.11.0-rc3-syzkaller-00010-g6b4aa469f049 #0 [ 1171.689035][ T1476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1171.699080][ T1476] Call Trace: [ 1171.702342][ T1476] [ 1171.705271][ T1476] dump_stack_lvl+0x241/0x360 [ 1171.709962][ T1476] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1171.715156][ T1476] ? __pfx__printk+0x10/0x10 [ 1171.719737][ T1476] ? __pfx_lock_release+0x10/0x10 [ 1171.724750][ T1476] should_fail_ex+0x3b0/0x4e0 [ 1171.729433][ T1476] _copy_to_iter+0x1f6/0x1960 [ 1171.734128][ T1476] ? __pfx__copy_to_iter+0x10/0x10 [ 1171.739228][ T1476] ? ksys_write+0x23e/0x2c0 [ 1171.743716][ T1476] get_random_bytes_user+0x1e5/0x420 [ 1171.748987][ T1476] ? __pfx_get_random_bytes_user+0x10/0x10 [ 1171.754783][ T1476] __x64_sys_getrandom+0x152/0x250 [ 1171.759877][ T1476] ? __pfx___x64_sys_getrandom+0x10/0x10 [ 1171.765491][ T1476] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1171.771456][ T1476] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1171.777772][ T1476] ? do_syscall_64+0x100/0x230 [ 1171.782526][ T1476] ? do_syscall_64+0xb6/0x230 [ 1171.787197][ T1476] do_syscall_64+0xf3/0x230 [ 1171.791778][ T1476] ? clear_bhb_loop+0x35/0x90 [ 1171.796441][ T1476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1171.802319][ T1476] RIP: 0033:0x7f44ec3799f9 [ 1171.806720][ T1476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1171.826328][ T1476] RSP: 002b:00007f44ed184038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e [ 1171.834854][ T1476] RAX: ffffffffffffffda RBX: 00007f44ec515f80 RCX: 00007f44ec3799f9 [ 1171.842826][ T1476] RDX: 0000000000000000 RSI: fffffffffffffdde RDI: 0000000020000040 [ 1171.850792][ T1476] RBP: 00007f44ed184090 R08: 0000000000000000 R09: 0000000000000000 [ 1171.858753][ T1476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1171.866715][ T1476] R13: 0000000000000000 R14: 00007f44ec515f80 R15: 00007f44ec63fa38 [ 1171.874695][ T1476] [ 1171.877782][ C1] vkms_vblank_simulate: vblank timer overrun [ 1171.907989][ T25] usb 5-1: Cannot set autoneg [ 1171.923497][ T25] MOSCHIP usb-ethernet driver 5-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -32 [ 1171.986216][ T25] usb 5-1: USB disconnect, device number 92 [ 1172.476330][ T5287] usb 2-1: new high-speed USB device number 75 using dummy_hcd [ 1172.628063][ T29] audit: type=1326 audit(1723594684.326:1968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1501 comm="syz.4.4147" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc9c07799f9 code=0x0 [ 1172.649915][ C1] vkms_vblank_simulate: vblank timer overrun [ 1172.687295][ T5287] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 1172.704509][ T5287] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1172.734062][ T1503] : renamed from team_slave_0 (while UP) [ 1172.757350][ T5287] usb 2-1: config 0 descriptor?? [ 1173.191337][ T5287] usb 2-1: Cannot read MAC address [ 1173.255201][ T5287] MOSCHIP usb-ethernet driver 2-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -61 [ 1173.405420][ T5287] usb 2-1: USB disconnect, device number 75 [ 1173.645382][ T25] usb 4-1: new high-speed USB device number 76 using dummy_hcd [ 1173.714659][ T1522] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.4150'. [ 1173.856760][ T25] usb 4-1: config 0 has an invalid interface number: 18 but max is 0 [ 1173.875036][ T25] usb 4-1: config 0 has no interface number 0 [ 1173.901711][ T25] usb 4-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1173.937628][ T25] usb 4-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1173.960967][ T25] usb 4-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10 [ 1173.980520][ T25] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 1174.021191][ T25] usb 4-1: Manufacturer: syz [ 1174.052563][ T25] usb 4-1: config 0 descriptor?? [ 1174.075471][ T5225] usb 5-1: new high-speed USB device number 93 using dummy_hcd [ 1174.169616][ T5276] usb 3-1: new high-speed USB device number 55 using dummy_hcd [ 1174.277223][ T5225] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1174.309472][ T5225] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1174.326734][ T1550] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1174.379534][ T5225] usb 5-1: config 0 descriptor?? [ 1174.406646][ T5276] usb 3-1: config 0 has an invalid interface number: 18 but max is 0 [ 1174.414767][ T5276] usb 3-1: config 0 has no interface number 0 [ 1174.439762][ T5225] cp210x 5-1:0.0: cp210x converter detected [ 1174.450327][ T1550] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1174.469133][ T5276] usb 3-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1174.497185][ T5825] hid-generic 0000:0000:100000.003A: unknown main item tag 0x0 [ 1174.525388][ T5825] hid-generic 0000:0000:100000.003A: unknown main item tag 0x0 [ 1174.534260][ T5276] usb 3-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1174.553283][ T1544] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1174.573028][ T5825] hid-generic 0000:0000:100000.003A: unknown main item tag 0x0 [ 1174.584857][ T1559] QAT: Device 0 not found [ 1174.604327][ T5276] usb 3-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10 [ 1174.623256][ T5825] hid-generic 0000:0000:100000.003A: unknown main item tag 0x0 [ 1174.644559][ T1544] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1174.665133][ T5825] hid-generic 0000:0000:100000.003A: unknown main item tag 0x0 [ 1174.678819][ T5276] usb 3-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 1174.689790][ T5225] cp210x 5-1:0.0: failed to get vendor val 0x370b size 1: -121 [ 1174.697795][ T5825] hid-generic 0000:0000:100000.003A: unknown main item tag 0x0 [ 1174.715798][ T5225] cp210x 5-1:0.0: querying part number failed [ 1174.733513][ T5825] hid-generic 0000:0000:100000.003A: hidraw0: HID v0.00 Device [syz0] on syz1 [ 1174.748930][ T5225] usb 5-1: cp210x converter now attached to ttyUSB0 [ 1174.784140][ T5276] usb 3-1: Manufacturer: syz [ 1174.847106][ T5276] usb 3-1: config 0 descriptor?? [ 1174.970192][ T1522] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1175.013089][ T1522] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1175.315119][ T1533] QAT: Device 0 not found [ 1175.439156][ T1527] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1175.474377][ T1527] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1176.392828][ T25] usbhid 4-1:0.18: can't add hid device: -71 [ 1176.457401][ T25] usbhid 4-1:0.18: probe with driver usbhid failed with error -71 [ 1176.502950][ T25] usb 4-1: USB disconnect, device number 76 [ 1176.762291][ T25] usb 5-1: USB disconnect, device number 93 [ 1176.843646][ T25] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1176.871277][ T25] cp210x 5-1:0.0: device disconnected [ 1176.977425][ T5276] usbhid 3-1:0.18: can't add hid device: -71 [ 1177.018316][ T5276] usbhid 3-1:0.18: probe with driver usbhid failed with error -71 [ 1177.075203][ T5276] usb 3-1: USB disconnect, device number 55 [ 1177.101189][ T1610] FAULT_INJECTION: forcing a failure. [ 1177.101189][ T1610] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1177.208535][ T1610] CPU: 0 UID: 0 PID: 1610 Comm: syz.2.4158 Not tainted 6.11.0-rc3-syzkaller-00010-g6b4aa469f049 #0 [ 1177.219236][ T1610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1177.229288][ T1610] Call Trace: [ 1177.232560][ T1610] [ 1177.235491][ T1610] dump_stack_lvl+0x241/0x360 [ 1177.240179][ T1610] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1177.245385][ T1610] ? __pfx__printk+0x10/0x10 [ 1177.249991][ T1610] ? __pfx_lock_release+0x10/0x10 [ 1177.255016][ T1610] should_fail_ex+0x3b0/0x4e0 [ 1177.259690][ T1610] _copy_from_user+0x2f/0xe0 [ 1177.264276][ T1610] drm_ioctl+0x577/0xad0 [ 1177.268518][ T1610] ? __pfx_drm_mode_create_lease_ioctl+0x10/0x10 [ 1177.274851][ T1610] ? __pfx_drm_ioctl+0x10/0x10 [ 1177.279636][ T1610] ? bpf_lsm_file_ioctl+0x9/0x10 [ 1177.284571][ T1610] ? security_file_ioctl+0x87/0xb0 [ 1177.289736][ T1610] ? __pfx_drm_ioctl+0x10/0x10 [ 1177.294495][ T1610] __se_sys_ioctl+0xfc/0x170 [ 1177.299081][ T1610] do_syscall_64+0xf3/0x230 [ 1177.303579][ T1610] ? clear_bhb_loop+0x35/0x90 [ 1177.308254][ T1610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1177.314140][ T1610] RIP: 0033:0x7fb224b799f9 [ 1177.318557][ T1610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1177.338172][ T1610] RSP: 002b:00007fb225a0c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1177.346577][ T1610] RAX: ffffffffffffffda RBX: 00007fb224d15f80 RCX: 00007fb224b799f9 [ 1177.354540][ T1610] RDX: 0000000020000240 RSI: 00000000c01864c6 RDI: 0000000000000003 [ 1177.362505][ T1610] RBP: 00007fb225a0c090 R08: 0000000000000000 R09: 0000000000000000 [ 1177.370466][ T1610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1177.378429][ T1610] R13: 0000000000000000 R14: 00007fb224d15f80 R15: 00007fb224e3fa38 [ 1177.386401][ T1610] [ 1177.683460][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.690642][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 1177.795324][ T5274] usb 5-1: new high-speed USB device number 94 using dummy_hcd [ 1177.818717][ T1624] kvm: kvm [1619]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xa00000000 [ 1177.937135][ T1624] kvm: kvm [1619]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0xa400000800 [ 1178.010189][ T1624] kvm: kvm [1619]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0xe400000800 [ 1178.026737][ T5274] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 64, changing to 10 [ 1178.114890][ T5274] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 1178.140881][ T5274] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 1178.174157][ T5274] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1178.192492][ T1624] kvm: kvm [1619]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x1a400000800 [ 1178.206423][ T5274] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1178.252959][ T5274] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 1178.311707][ T1624] kvm: kvm [1619]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x1e400000800 [ 1178.410464][ T1624] kvm: kvm [1619]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x2a400000800 [ 1178.422808][ T1624] kvm: kvm [1619]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x2e400000800 [ 1178.482481][ T5274] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -12 [ 1178.875086][ T5274] usb 4-1: new high-speed USB device number 77 using dummy_hcd [ 1179.075193][ T5274] usb 4-1: Using ep0 maxpacket: 32 [ 1179.091712][ T5274] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 1179.118074][ T5274] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1179.164451][ T5274] usb 4-1: config 0 descriptor?? [ 1179.193599][ T5274] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 1179.837444][ T1664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1179.888039][ T1664] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1180.187540][ T5225] usb 5-1: USB disconnect, device number 94 [ 1180.591369][ T1658] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1180.685044][ T1658] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1180.736490][ T5274] gspca_vc032x: reg_w err -71 [ 1180.741226][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1180.772048][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1180.786603][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1180.812760][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1180.825373][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1180.830708][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1180.854984][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1180.860326][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1180.870906][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1180.893515][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1180.944993][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1180.950336][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1180.986706][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1180.992591][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1181.068028][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1181.077725][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1181.083238][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1181.088829][ T5274] gspca_vc032x: I2c Bus Busy Wait 00 [ 1181.110363][ T5274] gspca_vc032x: Unknown sensor... [ 1181.152556][ T5274] vc032x 4-1:0.0: probe with driver vc032x failed with error -22 [ 1181.183376][ T5274] usb 4-1: USB disconnect, device number 77 [ 1181.306473][ T1106] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1181.557133][ T1106] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1181.714806][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1181.729166][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1181.737789][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1181.745946][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1181.753558][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1181.761205][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1181.884737][ T1106] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1181.995352][ T1743] syzkaller1: entered promiscuous mode [ 1182.009029][ T1743] syzkaller1: entered allmulticast mode [ 1182.205947][ T1106] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1182.261762][ T1757] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4176'. [ 1182.425871][ T5825] usb 4-1: new full-speed USB device number 78 using dummy_hcd [ 1182.608883][ T1805] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1182.647400][ T5825] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 520, setting to 64 [ 1182.660765][ T1805] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1182.668681][ T5825] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 1182.683329][ T5825] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1182.692894][ T5825] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1182.705204][ T5825] usb 4-1: SerialNumber: syz [ 1182.719929][ T1758] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 1182.751018][ T1106] bridge_slave_1: left allmulticast mode [ 1182.771860][ T1106] bridge_slave_1: left promiscuous mode [ 1182.781907][ T1106] bridge0: port 2(bridge_slave_1) entered disabled state [ 1182.816677][ T1106] bridge_slave_0: left allmulticast mode [ 1182.845816][ T1106] bridge_slave_0: left promiscuous mode [ 1182.851643][ T1106] bridge0: port 1(bridge_slave_0) entered disabled state [ 1182.965615][ T1758] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 1183.835094][ T5225] usb 3-1: new high-speed USB device number 56 using dummy_hcd [ 1183.842824][ T54] Bluetooth: hci1: command tx timeout [ 1184.059382][ T5225] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1184.073261][ T5225] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1184.090427][ T5225] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1184.110955][ T5225] usb 3-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00 [ 1184.125039][ T5225] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1184.159025][ T5225] usb 3-1: config 0 descriptor?? [ 1184.596904][ T5225] logitech 0003:046D:C293.003B: item fetching failed at offset 5/7 [ 1184.628212][ T5225] logitech 0003:046D:C293.003B: parse failed [ 1184.657683][ T5225] logitech 0003:046D:C293.003B: probe with driver logitech failed with error -22 [ 1184.696029][ T1106] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1184.749340][ T1106] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1184.777531][ T1106] bond0 (unregistering): Released all slaves [ 1184.797692][ T5276] usb 3-1: USB disconnect, device number 56 [ 1184.802333][ T1106] bond1 (unregistering): Released all slaves [ 1184.919764][ T5825] cdc_ether 4-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.3-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 1184.992353][ T1741] chnl_net:caif_netlink_parms(): no params data found [ 1185.095623][ T1106] tipc: Disabling bearer [ 1185.105385][ T1106] tipc: Left network mode [ 1185.183644][ T5274] usb 4-1: USB disconnect, device number 78 [ 1185.219418][ T5274] cdc_ether 4-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.3-1, CDC Ethernet Device [ 1185.581279][ T1741] bridge0: port 1(bridge_slave_0) entered blocking state [ 1185.602445][ T1741] bridge0: port 1(bridge_slave_0) entered disabled state [ 1185.626139][ T1741] bridge_slave_0: entered allmulticast mode [ 1185.665331][ T1741] bridge_slave_0: entered promiscuous mode [ 1185.695940][ T1741] bridge0: port 2(bridge_slave_1) entered blocking state [ 1185.703924][ T1741] bridge0: port 2(bridge_slave_1) entered disabled state [ 1185.745268][ T1741] bridge_slave_1: entered allmulticast mode [ 1185.752702][ T1741] bridge_slave_1: entered promiscuous mode [ 1185.916210][ T54] Bluetooth: hci1: command tx timeout [ 1186.238466][ T1741] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1186.288668][ T1741] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1186.340279][T30651] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 1186.353978][T30651] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 1186.365950][T30651] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 1186.384585][T30651] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 1186.395412][T30651] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 1186.402750][T30651] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 1187.037209][ T1741] team0: Port device team_slave_0 added [ 1187.118482][ T1741] team0: Port device team_slave_1 added [ 1187.446173][ T1106] hsr_slave_0: left promiscuous mode [ 1187.544713][ T1106] hsr_slave_1: left promiscuous mode [ 1187.553395][ T1106] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1187.575021][ T1106] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1187.603514][ T1106] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1187.645225][ T1106] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1187.702797][ T1106] veth0_macvtap: left promiscuous mode [ 1187.725834][ T1106] veth1_vlan: left promiscuous mode [ 1187.731198][ T1106] veth0_vlan: left promiscuous mode [ 1187.995142][ T54] Bluetooth: hci1: command tx timeout [ 1188.483790][ T54] Bluetooth: hci7: command tx timeout [ 1188.774301][T12001] usb 4-1: new high-speed USB device number 79 using dummy_hcd [ 1188.973272][T12001] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1188.998226][T12001] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 1189.007637][T12001] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1189.029386][T12001] usb 4-1: Product: syz [ 1189.033680][T12001] usb 4-1: Manufacturer: syz [ 1189.054118][T12001] usb 4-1: SerialNumber: syz [ 1189.065857][T12001] usb 4-1: config 0 descriptor?? [ 1189.108863][T12001] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 1189.296341][ T1106] team0 (unregistering): Port device team_slave_1 removed [ 1189.376971][T12001] snd-usb-audio 4-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 1189.409608][T12001] usb 4-1: USB disconnect, device number 79 [ 1189.438927][T31972] udevd[31972]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1189.476496][ T1106] team0 (unregistering): Port device  removed [ 1189.946622][ T29] audit: type=1326 audit(1723594701.646:1969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2194 comm="syz.3.4199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ec3799f9 code=0x7ffc0000 [ 1190.015031][ T29] audit: type=1326 audit(1723594701.696:1970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2194 comm="syz.3.4199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f44ec3799f9 code=0x7ffc0000 [ 1190.045146][ T29] audit: type=1326 audit(1723594701.696:1971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2194 comm="syz.3.4199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ec3799f9 code=0x7ffc0000 [ 1190.075137][ T54] Bluetooth: hci1: command tx timeout [ 1190.075309][ T29] audit: type=1326 audit(1723594701.696:1972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2194 comm="syz.3.4199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ec3799f9 code=0x7ffc0000 [ 1190.555969][ T54] Bluetooth: hci7: command tx timeout [ 1190.768548][ T1741] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1190.786036][ T1741] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1190.836245][ T1741] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1190.861460][ T1741] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1190.869187][ T1741] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1190.895996][ T1741] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1190.916202][ T2160] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4195'. [ 1190.927125][ T2160] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 1190.932449][ T2163] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1 [ 1191.052741][ T2165] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4195'. [ 1191.353624][ T2250] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1191.436913][ T2282] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4209'. [ 1191.449132][ T1741] hsr_slave_0: entered promiscuous mode [ 1191.478407][ T1741] hsr_slave_1: entered promiscuous mode [ 1192.045052][ T5282] usb 4-1: new high-speed USB device number 80 using dummy_hcd [ 1192.278447][ T2354] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4212'. [ 1192.296926][ T5282] usb 4-1: config 164 has an invalid descriptor of length 0, skipping remainder of the config [ 1192.321998][ T1106] IPVS: stop unused estimator thread 0... [ 1192.365826][ T5282] usb 4-1: New USB device found, idVendor=048d, idProduct=9005, bcdDevice=40.3d [ 1192.381437][ T5282] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1192.464450][ T5282] usb 4-1: Product: syz [ 1192.525068][ T5282] usb 4-1: Manufacturer: syz [ 1192.545063][ T5282] usb 4-1: SerialNumber: syz [ 1192.635142][ T54] Bluetooth: hci7: command tx timeout [ 1192.834555][ T2062] chnl_net:caif_netlink_parms(): no params data found [ 1192.908728][ T5282] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 1192.932827][ T5282] dvb_usb_af9035 4-1:164.0: probe with driver dvb_usb_af9035 failed with error -22 [ 1192.952151][ T5282] usb 4-1: USB disconnect, device number 80 [ 1193.634686][ T2062] bridge0: port 1(bridge_slave_0) entered blocking state [ 1193.648099][ T2062] bridge0: port 1(bridge_slave_0) entered disabled state [ 1193.704162][ T2062] bridge_slave_0: entered allmulticast mode [ 1193.754142][ T2062] bridge_slave_0: entered promiscuous mode [ 1193.780353][ T2062] bridge0: port 2(bridge_slave_1) entered blocking state [ 1193.823778][ T2062] bridge0: port 2(bridge_slave_1) entered disabled state [ 1193.850111][ T2062] bridge_slave_1: entered allmulticast mode [ 1193.874156][ T2062] bridge_slave_1: entered promiscuous mode [ 1193.957842][ T2602] kvm: pic: non byte write [ 1194.018520][ T2062] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1194.128752][ T2062] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1194.196152][ T2623] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1194.237242][ T2623] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1194.430254][ T2062] team0: Port device team_slave_0 added [ 1194.453822][ T2062] team0: Port device team_slave_1 added [ 1194.492466][ T1741] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1194.520128][ T1741] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1194.670690][ T1741] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1194.715706][T30651] Bluetooth: hci7: command tx timeout [ 1194.786855][ T1741] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1194.849804][ T2062] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1194.883563][ T2062] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1194.968904][ T2062] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1195.055053][ T2062] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1195.062028][ T2062] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1195.087933][ C0] vkms_vblank_simulate: vblank timer overrun [ 1195.126822][ T54] Bluetooth: hci2: command 0x0406 tx timeout [ 1195.142399][ T2695] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4216'. [ 1195.233144][ T2062] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1195.274859][ T2701] xt_hashlimit: overflow, try lower: 3/0 [ 1195.528905][ T2062] hsr_slave_0: entered promiscuous mode [ 1195.553952][ T2062] hsr_slave_1: entered promiscuous mode [ 1195.575900][ T2062] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1195.623309][ T2062] Cannot create hsr debugfs directory [ 1195.893156][ T1741] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1196.108775][ T1741] 8021q: adding VLAN 0 to HW filter on device team0 [ 1196.210653][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 1196.217894][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1196.317581][ T2805] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1196.393996][ T2805] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1196.404072][ T2062] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1196.479612][T14176] bridge0: port 2(bridge_slave_1) entered blocking state [ 1196.486848][T14176] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1196.554272][ T2813] loop8: detected capacity change from 0 to 6 [ 1196.624239][ T2813] Dev loop8: unable to read RDB block 6 [ 1196.642238][ T2062] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1196.659709][ T2813] loop8: unable to read partition table [ 1196.681181][ T2813] loop8: partition table beyond EOD, truncated [ 1196.754114][ T2813] loop_reread_partitions: partition scan of loop8 (被xڬdƤݡ [ 1196.754114][ T2813] ) failed (rc=-5) [ 1196.814806][ T2062] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1197.056154][ T2062] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1197.235460][ T1741] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1197.321386][ T2832] AppArmor: change_hat: Invalid input '0m0000000000000002^' [ 1197.415606][ T1741] veth0_vlan: entered promiscuous mode [ 1197.503249][ T1741] veth1_vlan: entered promiscuous mode [ 1197.566570][ T5287] usb 3-1: new high-speed USB device number 57 using dummy_hcd [ 1197.568911][ T2062] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1197.643316][ T2062] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1197.671748][ T2062] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1197.713562][ T2062] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1197.748874][ T1741] veth0_macvtap: entered promiscuous mode [ 1197.789315][ T1741] veth1_macvtap: entered promiscuous mode [ 1197.800770][ T5287] usb 3-1: config 164 has an invalid descriptor of length 0, skipping remainder of the config [ 1197.907279][ T5287] usb 3-1: New USB device found, idVendor=048d, idProduct=9005, bcdDevice=40.3d [ 1197.919256][ T5287] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1197.928954][ T5287] usb 3-1: Product: syz [ 1197.934540][ T5287] usb 3-1: Manufacturer: syz [ 1197.939505][ T5287] usb 3-1: SerialNumber: syz [ 1197.945474][ T2865] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1198.022485][ T2865] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1198.047880][ T1741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1198.092027][ T1741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1198.114685][ T1741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1198.170544][ T1741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1198.201143][ T2865] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4223'. [ 1198.210404][ T1741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1198.241578][ T5287] usb 3-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 1198.255832][ T1741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1198.263642][ T5287] dvb_usb_af9035 3-1:164.0: probe with driver dvb_usb_af9035 failed with error -22 [ 1198.287787][ T5287] usb 3-1: USB disconnect, device number 57 [ 1198.307315][ T1741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1198.346103][ T1741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1198.382739][ T1741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1198.433503][ T1741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1198.460199][ T1741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1198.501904][ T1741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1198.523470][ T1741] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1198.586607][ T1741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1198.636709][ T1741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1198.673260][ T1741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1198.710912][ T1741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1198.745136][ T1741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1198.776389][ T1741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1198.824371][ T1741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1198.874782][ T1741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1198.926949][ T1741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1198.967353][ T1741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1199.110648][ T1741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1199.148990][ T1741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1199.192354][ T1741] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1199.260002][ T1741] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1199.279718][ T2906] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1199.311768][ T1741] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1199.337530][ T1741] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1199.369328][ T1741] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1199.442308][ T2906] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1199.730689][ T2906] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4225'. [ 1199.785463][ T2062] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1199.915284][ T5276] usb 3-1: new high-speed USB device number 58 using dummy_hcd [ 1199.931651][T14176] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1199.984555][T14176] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1200.061135][ T2062] 8021q: adding VLAN 0 to HW filter on device team0 [ 1200.141659][T14177] bridge0: port 1(bridge_slave_0) entered blocking state [ 1200.148792][T14177] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1200.166776][ T5276] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 255, changing to 11 [ 1200.229743][ T5276] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 59391, setting to 1024 [ 1200.241246][T30651] Bluetooth: hci6: command 0x0406 tx timeout [ 1200.301902][T14177] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1200.318083][T14174] bridge0: port 2(bridge_slave_1) entered blocking state [ 1200.325231][T14174] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1200.339662][T14177] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1200.362994][ T5276] usb 3-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 1200.422425][ T5276] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1200.462204][ T5276] usb 3-1: config 0 descriptor?? [ 1200.488399][ T2909] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22 [ 1200.522147][ T5276] gspca_main: spca561-2.14.0 probing abcd:cdee [ 1200.696569][ T2945] netlink: 'syz.4.4166': attribute type 22 has an invalid length. [ 1200.761428][ T2062] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1200.782110][ T2904] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1200.814534][ T2904] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1201.073837][ T2062] veth0_vlan: entered promiscuous mode [ 1201.075890][ T5276] spca561 3-1:0.0: probe with driver spca561 failed with error -22 [ 1201.128201][ T2062] veth1_vlan: entered promiscuous mode [ 1201.146255][ T54] Bluetooth: hci1: unexpected event 0x30 length: 32 > 3 [ 1201.198809][ T5276] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 1201.222106][ T2062] veth0_macvtap: entered promiscuous mode [ 1201.258720][ T2062] veth1_macvtap: entered promiscuous mode [ 1201.322365][ T54] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 1201.379131][ T5276] usb 3-1: MIDIStreaming interface descriptor not found [ 1201.466590][ T2062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1201.567749][ T2062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1201.637929][ T2062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1201.701484][ T2062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1201.762817][ T2062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1201.807461][ T2062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1201.938548][ T2062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1201.971607][ T2062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1202.000220][ T2062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1202.096214][ T2062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1202.137354][ T2062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1202.181412][ T2062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1202.244883][ T2062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1202.299473][ T25] usb 3-1: USB disconnect, device number 58 [ 1202.324800][ T2062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1202.406719][ T2062] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1202.551089][ T2062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1202.589266][ T3005] AppArmor: change_hat: Invalid input '0m0000000000000002^' [ 1202.591714][ T2062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1202.656235][ T2062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1202.692171][ T2062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1202.723256][ T2062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1202.740996][ T2062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1202.758801][ T2062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1202.798572][ T2062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1202.821840][ T2062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1202.834992][ T2062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1202.846243][ T2062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1202.858233][ T2062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1202.869401][ T2062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1202.880274][ T2062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1202.897891][ T2062] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1202.928024][ T2062] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1202.960783][ T2062] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1202.983761][ T2062] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1203.006160][ T2062] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1203.307035][T14177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1203.349970][T14177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1203.494142][T14176] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1203.522365][T14176] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1203.602891][ T3032] netlink: 144 bytes leftover after parsing attributes in process `syz.2.4233'. [ 1204.014735][ T3046] FAULT_INJECTION: forcing a failure. [ 1204.014735][ T3046] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1204.092040][ T3046] CPU: 0 UID: 0 PID: 3046 Comm: syz.3.4237 Not tainted 6.11.0-rc3-syzkaller-00010-g6b4aa469f049 #0 [ 1204.102746][ T3046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1204.112797][ T3046] Call Trace: [ 1204.116070][ T3046] [ 1204.118991][ T3046] dump_stack_lvl+0x241/0x360 [ 1204.123667][ T3046] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1204.128865][ T3046] ? __pfx__printk+0x10/0x10 [ 1204.133467][ T3046] ? __pfx_lock_release+0x10/0x10 [ 1204.138524][ T3046] should_fail_ex+0x3b0/0x4e0 [ 1204.143203][ T3046] _copy_from_iter+0x1f6/0x1960 [ 1204.148051][ T3046] ? __virt_addr_valid+0x183/0x530 [ 1204.153156][ T3046] ? __pfx_lock_release+0x10/0x10 [ 1204.158182][ T3046] ? __pfx__copy_from_iter+0x10/0x10 [ 1204.163464][ T3046] ? __virt_addr_valid+0x183/0x530 [ 1204.168563][ T3046] ? __virt_addr_valid+0x183/0x530 [ 1204.173662][ T3046] ? __virt_addr_valid+0x45f/0x530 [ 1204.178764][ T3046] ? __check_object_size+0x49c/0x900 [ 1204.184041][ T3046] udplite_getfrag+0x4a/0xa0 [ 1204.188713][ T3046] __ip6_append_data+0x3047/0x4070 [ 1204.193841][ T3046] ? __pfx_udplite_getfrag+0x10/0x10 [ 1204.199128][ T3046] ? __pfx___ip6_append_data+0x10/0x10 [ 1204.204581][ T3046] ? ip6_setup_cork+0x9fd/0xfb0 [ 1204.209432][ T3046] ip6_make_skb+0x43b/0x530 [ 1204.213934][ T3046] ? ip6_dst_check+0xe7/0x7e0 [ 1204.218605][ T3046] ? ip6_dst_check+0x5d9/0x7e0 [ 1204.223362][ T3046] ? __pfx_udplite_getfrag+0x10/0x10 [ 1204.228640][ T3046] ? __pfx_ip6_make_skb+0x10/0x10 [ 1204.233659][ T3046] ? ip6_sk_dst_lookup_flow+0x714/0xa30 [ 1204.239211][ T3046] ? __pfx_ip6_sk_dst_lookup_flow+0x10/0x10 [ 1204.245116][ T3046] ? udpv6_sendmsg+0x1cc7/0x3270 [ 1204.250059][ T3046] udpv6_sendmsg+0x237f/0x3270 [ 1204.254825][ T3046] ? __pfx_udplite_getfrag+0x10/0x10 [ 1204.260106][ T3046] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 1204.265215][ T3046] ? __pfx_lock_release+0x10/0x10 [ 1204.270242][ T3046] ? aa_file_perm+0x3ef/0xf60 [ 1204.274928][ T3046] ? inet_send_prepare+0x21/0x260 [ 1204.279956][ T3046] ? inet_send_prepare+0x5a/0x260 [ 1204.284982][ T3046] __sock_sendmsg+0xef/0x270 [ 1204.289570][ T3046] sock_write_iter+0x2dd/0x400 [ 1204.294335][ T3046] ? __pfx_sock_write_iter+0x10/0x10 [ 1204.299634][ T3046] ? bpf_lsm_file_permission+0x9/0x10 [ 1204.305008][ T3046] ? security_file_permission+0x7f/0xa0 [ 1204.310549][ T3046] vfs_write+0xa72/0xc90 [ 1204.314785][ T3046] ? __pfx_sock_write_iter+0x10/0x10 [ 1204.320065][ T3046] ? __pfx_vfs_write+0x10/0x10 [ 1204.324842][ T3046] ksys_write+0x1a0/0x2c0 [ 1204.329167][ T3046] ? __pfx_ksys_write+0x10/0x10 [ 1204.334014][ T3046] ? do_syscall_64+0x100/0x230 [ 1204.338777][ T3046] ? do_syscall_64+0xb6/0x230 [ 1204.343452][ T3046] do_syscall_64+0xf3/0x230 [ 1204.347962][ T3046] ? clear_bhb_loop+0x35/0x90 [ 1204.352635][ T3046] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1204.358521][ T3046] RIP: 0033:0x7f44ec3799f9 [ 1204.362928][ T3046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1204.382523][ T3046] RSP: 002b:00007f44ed184038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1204.390928][ T3046] RAX: ffffffffffffffda RBX: 00007f44ec515f80 RCX: 00007f44ec3799f9 [ 1204.398889][ T3046] RDX: 000000000000e6da RSI: 0000000020000040 RDI: 0000000000000003 [ 1204.406853][ T3046] RBP: 00007f44ed184090 R08: 0000000000000000 R09: 0000000000000000 [ 1204.414814][ T3046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1204.422775][ T3046] R13: 0000000000000000 R14: 00007f44ec515f80 R15: 00007f44ec63fa38 [ 1204.430747][ T3046] [ 1205.280969][ T29] audit: type=1326 audit(1723594716.986:1973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3055 comm="syz.3.4241" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f44ec3799f9 code=0x0 [ 1205.302803][ C0] vkms_vblank_simulate: vblank timer overrun [ 1205.355472][T30651] Bluetooth: hci4: command 0x0405 tx timeout [ 1205.441824][ T3070] x_tables: ip6_tables: mh match: only valid for protocol 135 [ 1205.500298][ T3070] xt_NFQUEUE: number of total queues is 0 [ 1205.503605][ T3072] random: crng reseeded on system resumption [ 1206.231970][ T3063] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1206.339555][ T3063] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1206.396709][ T3063] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1206.475148][ T25] usb 2-1: new high-speed USB device number 76 using dummy_hcd [ 1206.489258][ T3063] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1206.610235][ T29] audit: type=1326 audit(1723594718.316:1974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3086 comm="syz.2.4248" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb224b799f9 code=0x0 [ 1206.709144][ T25] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1206.738910][ T25] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 1206.773222][ T25] usb 2-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 1206.809106][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1206.835056][ T46] usb 4-1: new high-speed USB device number 81 using dummy_hcd [ 1206.856606][ T25] usb 2-1: config 0 descriptor?? [ 1207.040493][ T46] usb 4-1: config 0 has an invalid interface number: 18 but max is 0 [ 1207.062886][ T46] usb 4-1: config 0 has no interface number 0 [ 1207.064415][ T3112] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4249'. [ 1207.107659][ T46] usb 4-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1207.135820][ T25] Bluetooth: Can't get state to change to load ram patch err [ 1207.175149][ T46] usb 4-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1207.189830][ T25] Bluetooth: Loading patch file failed [ 1207.231861][ T25] ath3k 2-1:0.0: probe with driver ath3k failed with error -32 [ 1207.255719][ T46] usb 4-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10 [ 1207.287136][ T46] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 1207.313828][ T46] usb 4-1: Manufacturer: syz [ 1207.340606][ T46] usb 4-1: config 0 descriptor?? [ 1207.502369][ T3113] loop7: detected capacity change from 16320 to 16383 [ 1207.667570][ T25] hid-generic 0000:0000:100000.003C: unknown main item tag 0x0 [ 1207.694188][ T25] hid-generic 0000:0000:100000.003C: unknown main item tag 0x0 [ 1207.718776][ T3122] QAT: Device 0 not found [ 1207.726836][ T25] hid-generic 0000:0000:100000.003C: unknown main item tag 0x0 [ 1207.748345][ T25] hid-generic 0000:0000:100000.003C: unknown main item tag 0x0 [ 1207.813563][ T25] hid-generic 0000:0000:100000.003C: unknown main item tag 0x0 [ 1207.834114][ T25] hid-generic 0000:0000:100000.003C: unknown main item tag 0x0 [ 1207.873550][ T25] hid-generic 0000:0000:100000.003C: hidraw0: HID v0.00 Device [syz0] on syz1 [ 1208.543268][ T25] usb 2-1: USB disconnect, device number 76 [ 1208.753155][ T3149] bond0: entered promiscuous mode [ 1208.753180][ T3149] bond_slave_0: entered promiscuous mode [ 1208.753415][ T3149] bond_slave_1: entered promiscuous mode [ 1208.753853][ T3149] macvlan2: entered promiscuous mode [ 1208.753916][ T3149] macvlan2: entered allmulticast mode [ 1208.753930][ T3149] bond0: entered allmulticast mode [ 1208.753943][ T3149] bond_slave_0: entered allmulticast mode [ 1208.753959][ T3149] bond_slave_1: entered allmulticast mode [ 1208.777620][ T3149] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1209.722890][ T46] usbhid 4-1:0.18: can't add hid device: -71 [ 1209.750950][ T3177] netlink: 'syz.4.4259': attribute type 11 has an invalid length. [ 1209.770524][ T46] usbhid 4-1:0.18: probe with driver usbhid failed with error -71 [ 1209.781281][ T3171] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1209.839238][ T46] usb 4-1: USB disconnect, device number 81 [ 1209.902081][ T3171] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1210.225107][ T5287] usb 2-1: new high-speed USB device number 77 using dummy_hcd [ 1210.439457][ T5287] usb 2-1: config 36 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 192, changing to 11 [ 1210.469581][ T5287] usb 2-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29 [ 1210.499617][ T5287] usb 2-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16 [ 1210.527413][ T5287] usb 2-1: Manufacturer: syz [ 1210.537533][ T5287] usb 2-1: SerialNumber: syz [ 1210.675052][T23686] usb 3-1: new high-speed USB device number 59 using dummy_hcd [ 1210.806793][ T5287] usbhid 2-1:36.0: couldn't find an input interrupt endpoint [ 1210.853783][ T5287] usb 2-1: USB disconnect, device number 77 [ 1210.912683][T23686] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1210.932275][T23686] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1210.963394][T23686] usb 3-1: config 0 descriptor?? [ 1210.990782][T23686] cp210x 3-1:0.0: cp210x converter detected [ 1211.016746][ T3229] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1211.068980][ T3229] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1211.197486][ T3206] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1211.224835][ T3206] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1211.541432][ T3253] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4269'. [ 1211.785035][ T46] usb 5-1: new high-speed USB device number 95 using dummy_hcd [ 1211.970278][T23686] cp210x 3-1:0.0: failed to get vendor val 0x370c size 13: -71 [ 1211.991687][T23686] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 1212.030724][ T46] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1212.042309][T23686] usb 3-1: cp210x converter now attached to ttyUSB0 [ 1212.076152][ T46] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1212.108049][T23686] usb 3-1: USB disconnect, device number 59 [ 1212.133999][ T46] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1212.134112][T23686] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1212.180313][ T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1212.186322][T23686] cp210x 3-1:0.0: device disconnected [ 1212.256757][ T46] usb 5-1: SerialNumber: syz [ 1212.273086][ T3276] binder: transaction release 382 bad object at offset 1525465, size 72 [ 1212.493612][ T3286] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4273'. [ 1212.511485][ T3286] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4273'. [ 1212.688577][ T3294] fuse: Unknown parameter 'u.er_id' [ 1212.735548][T23686] usb 3-1: new high-speed USB device number 60 using dummy_hcd [ 1212.749753][ T46] usb 5-1: 0:2 : does not exist [ 1212.754714][ T46] usb 5-1: unit 5: unexpected type 0x0c [ 1212.842281][ T46] usb 5-1: USB disconnect, device number 95 [ 1212.842688][ T3304] batadv0: mtu less than device minimum [ 1212.962679][T31972] udevd[31972]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1213.000849][T23686] usb 3-1: Using ep0 maxpacket: 16 [ 1213.021950][T23686] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1213.072697][T23686] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1213.108042][ T3322] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4276'. [ 1213.124721][T23686] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1213.163690][T23686] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 1213.205060][T23686] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1213.266382][T23686] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1213.296857][T23686] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1213.340227][T23686] usb 3-1: Manufacturer: syz [ 1213.376095][T23686] usb 3-1: config 0 descriptor?? [ 1213.696480][T23686] rc_core: IR keymap rc-hauppauge not found [ 1213.707185][T23686] Registered IR keymap rc-empty [ 1213.717564][T23686] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 1213.756842][T23686] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 1213.787029][ T5287] usb 5-1: new high-speed USB device number 96 using dummy_hcd [ 1213.789504][ T3280] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4271'. [ 1213.866693][T23686] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 1213.900888][T23686] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input75 [ 1213.914466][ T5274] usb 2-1: new high-speed USB device number 78 using dummy_hcd [ 1213.936381][T23686] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 1213.985293][T23686] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 1214.035378][T23686] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 1214.044063][ T5287] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 1214.062098][ T5287] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1214.085543][T23686] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 1214.093968][ T5287] usb 5-1: config 0 descriptor?? [ 1214.129825][ T5274] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1214.139399][T23686] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 1214.152241][ T5274] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1214.180826][ T5274] usb 2-1: config 0 descriptor?? [ 1214.186164][T23686] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 1214.201107][ T5274] cp210x 2-1:0.0: cp210x converter detected [ 1214.225220][T23686] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 1214.256133][T23686] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 1214.295197][T23686] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 1214.335360][T23686] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 1214.395986][T23686] mceusb 3-1:0.0: Registered with mce emulator interface version 1 [ 1214.417470][ T3340] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1214.435942][T23686] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 1214.478486][T23686] usb 3-1: USB disconnect, device number 60 [ 1214.499014][ T3340] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1214.956048][T23686] usb 3-1: new high-speed USB device number 61 using dummy_hcd [ 1215.127863][ T5287] usb 5-1: Cannot set autoneg [ 1215.132819][ T5287] MOSCHIP usb-ethernet driver 5-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -61 [ 1215.185214][T23686] usb 3-1: Using ep0 maxpacket: 32 [ 1215.193757][T23686] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1215.213111][T23686] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1215.238958][T23686] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 1215.275560][T23686] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1215.305799][T23686] usb 3-1: config 0 descriptor?? [ 1215.340014][ T5225] usb 5-1: USB disconnect, device number 96 [ 1215.343032][ T5274] cp210x 2-1:0.0: failed to get vendor val 0x370c size 13: -71 [ 1215.415543][ T5274] cp210x 2-1:0.0: GPIO initialisation failed: -71 [ 1215.463875][ T5274] usb 2-1: cp210x converter now attached to ttyUSB0 [ 1215.541900][ T5274] usb 2-1: USB disconnect, device number 78 [ 1215.579788][ T5274] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1215.617918][ T5274] cp210x 2-1:0.0: device disconnected [ 1215.744494][T23686] ft260 0003:0403:6030.003D: unknown main item tag 0x0 [ 1215.942742][T23686] ft260 0003:0403:6030.003D: failed to retrieve chip version [ 1215.995912][T23686] ft260 0003:0403:6030.003D: probe with driver ft260 failed with error -5 [ 1216.476926][ T54] Bluetooth: hci5: ACL packet for unknown connection handle 200 [ 1216.513408][ T54] Bluetooth: hci5: unexpected event 0x30 length: 32 > 3 [ 1216.720028][ T54] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1217.004194][ T3448] x_tables: ip6_tables: mh match: only valid for protocol 135 [ 1217.033104][ T3448] xt_NFQUEUE: number of total queues is 0 [ 1217.255155][ T46] usb 2-1: new high-speed USB device number 79 using dummy_hcd [ 1217.315284][ T5225] usb 5-1: new high-speed USB device number 97 using dummy_hcd [ 1217.473358][ T46] usb 2-1: New USB device found, idVendor=a766, idProduct=7cb5, bcdDevice=55.3a [ 1217.485182][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1217.508083][ T46] usb 2-1: config 0 descriptor?? [ 1217.517548][ T5225] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1217.538330][ T46] usb-storage 2-1:0.0: USB Mass Storage device detected [ 1217.550311][ T5225] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 1217.579225][ T25] usb 4-1: new high-speed USB device number 82 using dummy_hcd [ 1217.588981][ T5225] usb 5-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 1217.610850][ T5225] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1217.664580][ T5225] usb 5-1: config 0 descriptor?? [ 1217.794006][ T25] usb 4-1: Using ep0 maxpacket: 16 [ 1217.814172][ T25] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1217.840576][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1217.858504][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1217.878672][ T25] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 1217.903105][ T5225] Bluetooth: Can't get state to change to load ram patch err [ 1217.927856][ T25] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1217.950218][ T5225] Bluetooth: Loading patch file failed [ 1217.964902][ T5825] usb 3-1: USB disconnect, device number 61 [ 1217.978388][ T5225] ath3k 5-1:0.0: probe with driver ath3k failed with error -32 [ 1217.991849][ T25] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1218.030527][ T25] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1218.039645][ T25] usb 4-1: Manufacturer: syz [ 1218.050789][ T25] usb 4-1: config 0 descriptor?? [ 1218.395497][ T25] rc_core: IR keymap rc-hauppauge not found [ 1218.413862][ T25] Registered IR keymap rc-empty [ 1218.436444][ T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1218.465209][ T3457] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4294'. [ 1218.505371][ T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1218.545095][ T5825] usb 3-1: new high-speed USB device number 62 using dummy_hcd [ 1218.556409][ T25] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 1218.581622][ T25] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input76 [ 1218.609158][ T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1218.639439][ T30] INFO: task syz.2.3744:29828 blocked for more than 143 seconds. [ 1218.655190][ T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1218.663707][ T30] Not tainted 6.11.0-rc3-syzkaller-00010-g6b4aa469f049 #0 [ 1218.702196][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1218.733600][ T30] task:syz.2.3744 state:D stack:25520 pid:29828 tgid:29828 ppid:22936 flags:0x00004004 [ 1218.735104][ T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1218.751587][ T5825] usb 3-1: Using ep0 maxpacket: 8 [ 1218.758907][ T5825] usb 3-1: config 0 has an invalid interface number: 136 but max is 0 [ 1218.767716][ T5825] usb 3-1: config 0 has no interface number 0 [ 1218.767725][ T30] Call Trace: [ 1218.767740][ T30] [ 1218.778330][ T5825] usb 3-1: New USB device found, idVendor=4102, idProduct=1020, bcdDevice= 1.00 [ 1218.791277][ T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1218.811427][ T30] __schedule+0x1800/0x4a60 [ 1218.814726][ T5825] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1218.825306][ T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1218.843931][ T5825] usb 3-1: Product: syz [ 1218.850062][ T5825] usb 3-1: Manufacturer: syz [ 1218.858569][ T5825] usb 3-1: SerialNumber: syz [ 1218.865517][ T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1218.880611][ T30] ? __pfx___schedule+0x10/0x10 [ 1218.893193][ T30] ? __pfx_lock_release+0x10/0x10 [ 1218.903098][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1218.920455][ T30] ? schedule+0x90/0x320 [ 1218.920625][ T5825] usb 3-1: config 0 descriptor?? [ 1218.941388][ T30] schedule+0x14b/0x320 [ 1218.950423][ T5825] usb-storage 3-1:0.136: USB Mass Storage device detected [ 1218.967428][ T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1218.979282][ T30] schedule_preempt_disabled+0x13/0x30 [ 1218.987267][ T5825] usb-storage 3-1:0.136: Quirks match for vid 4102 pid 1020: 20 [ 1219.020995][ T30] __mutex_lock+0x6a4/0xd70 [ 1219.026119][ T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1219.057574][ T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1219.063690][ T30] ? __mutex_lock+0x527/0xd70 [ 1219.080786][ T30] ? hugetlb_wp+0x104d/0x3a90 [ 1219.098020][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1219.105401][ T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1219.122164][ T30] ? __pfx_up_write+0x10/0x10 [ 1219.137856][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1219.148262][ T25] mceusb 4-1:0.0: Registered with mce emulator interface version 1 [ 1219.166434][ T30] ? vma_interval_tree_iter_next+0x193/0x340 [ 1219.168207][ T25] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 1219.209491][ T30] hugetlb_wp+0x104d/0x3a90 [ 1219.240074][ T30] ? mark_lock+0x9a/0x350 [ 1219.252531][ T30] ? __pfx_hugetlb_wp+0x10/0x10 [ 1219.262467][ T25] usb 4-1: USB disconnect, device number 82 [ 1219.280271][ T30] ? __pfx___might_resched+0x10/0x10 [ 1219.293462][ T3510] netlink: 52 bytes leftover after parsing attributes in process `syz.2.4295'. [ 1219.328492][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 1219.350476][ T30] ? do_raw_spin_lock+0x14f/0x370 [ 1219.377529][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1219.399689][ T30] ? __filemap_get_folio+0x769/0xc10 [ 1219.425022][ T30] hugetlb_fault+0x26de/0x3780 [ 1219.437012][ T30] ? __pfx_hugetlb_fault+0x10/0x10 [ 1219.445078][ T30] ? reacquire_held_locks+0x3eb/0x690 [ 1219.472572][ T30] ? __pfx_reacquire_held_locks+0x10/0x10 [ 1219.488495][ T30] handle_mm_fault+0x173f/0x1980 [ 1219.505381][ T30] ? __pfx_lock_release+0x10/0x10 [ 1219.518651][ T30] ? __pfx_handle_mm_fault+0x10/0x10 [ 1219.543206][ T30] ? lock_vma_under_rcu+0x592/0x6e0 [ 1219.560240][ T30] ? lock_vma_under_rcu+0x18a/0x6e0 [ 1219.579385][ T30] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 1219.601254][ T30] ? exc_page_fault+0x113/0x8c0 [ 1219.616654][ T30] exc_page_fault+0x459/0x8c0 [ 1219.635935][ T30] asm_exc_page_fault+0x26/0x30 [ 1219.647439][ T30] RIP: 0033:0x7fd4ec040e23 [ 1219.669792][ T30] RSP: 002b:00007fd4ec43fb60 EFLAGS: 00010246 [ 1219.684997][ T30] RAX: 0000000020000400 RBX: 0000000000000002 RCX: 0000000000000000 [ 1219.718632][ T30] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 000055558b94d3c8 [ 1219.736391][ T30] RBP: 00007fd4ec43fc70 R08: 0000000000000000 R09: 0000000000000000 [ 1219.750763][ T30] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000032 [ 1219.770378][ T30] R13: 00007fd4ec43fc90 R14: 00007fd4ec43fcb0 R15: fffffffffffffffe [ 1219.792183][ T30] [ 1219.802299][ T30] INFO: task syz.2.3744:29829 blocked for more than 144 seconds. [ 1219.848763][ T30] Not tainted 6.11.0-rc3-syzkaller-00010-g6b4aa469f049 #0 [ 1219.887908][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1219.909320][ T30] task:syz.2.3744 state:D stack:23736 pid:29829 tgid:29828 ppid:22936 flags:0x00004006 [ 1219.962193][ T30] Call Trace: [ 1219.976837][ T30] [ 1219.983921][T23686] usb 5-1: USB disconnect, device number 97 [ 1220.015942][ T30] __schedule+0x1800/0x4a60 [ 1220.046087][ T30] ? __pfx___schedule+0x10/0x10 [ 1220.140475][ T30] ? __pfx_lock_release+0x10/0x10 [ 1220.148370][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1220.154713][ T30] ? schedule+0x90/0x320 [ 1220.165189][ T30] schedule+0x14b/0x320 [ 1220.170862][ T30] io_schedule+0x8d/0x110 [ 1220.177632][ T30] folio_wait_bit_common+0x882/0x12b0 [ 1220.187784][ T30] ? __pfx_folio_wait_bit_common+0x10/0x10 [ 1220.194570][ T30] ? __pfx_wake_page_function+0x10/0x10 [ 1220.202838][ T30] ? _raw_spin_unlock+0x28/0x50 [ 1220.212037][ T30] ? __vma_reservation_common+0x498/0x7d0 [ 1220.226910][ T30] __filemap_get_folio+0xb7/0xc10 [ 1220.241448][ T30] hugetlb_fault+0x1b10/0x3780 [ 1220.248236][ T30] ? __pfx_validate_chain+0x10/0x10 [ 1220.259416][ T30] ? __pfx_hugetlb_fault+0x10/0x10 [ 1220.269421][ T30] ? mt_find+0x226/0x850 [ 1220.275876][ T30] ? __pfx_lock_release+0x10/0x10 [ 1220.282437][ T30] handle_mm_fault+0x173f/0x1980 [ 1220.287618][ T30] ? mt_find+0x62d/0x850 [ 1220.292164][ T30] ? mt_find+0x226/0x850 [ 1220.300513][ T30] ? __pfx_mt_find+0x10/0x10 [ 1220.306718][ T30] ? __pfx_handle_mm_fault+0x10/0x10 [ 1220.312958][ T30] ? find_vma+0xf9/0x170 [ 1220.317636][ T30] ? __pfx_find_vma+0x10/0x10 [ 1220.323086][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1220.330604][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1220.337432][ T30] ? lock_mm_and_find_vma+0x9c/0x2f0 [ 1220.342865][ T30] exc_page_fault+0x2b9/0x8c0 [ 1220.348098][ T30] asm_exc_page_fault+0x26/0x30 [ 1220.353058][ T30] RIP: 0010:__put_user_8+0x11/0x20 [ 1220.365177][ T30] Code: 84 00 00 00 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <48> 89 01 31 c9 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90 [ 1220.419215][ T30] RSP: 0018:ffffc900048e7778 EFLAGS: 00050202 [ 1220.436845][ T30] RAX: 0000000000800000 RBX: 0000000000000000 RCX: 0000000020000020 [ 1220.459820][ T30] RDX: 0000000000000000 RSI: ffffffff8c0ae6e0 RDI: ffffffff8c606400 [ 1220.477824][ T30] RBP: ffffc900048e7ec8 R08: ffffffff9017ce2f R09: 1ffffffff202f9c5 [ 1220.504560][ T30] R10: dffffc0000000000 R11: fffffbfff202f9c6 R12: 1ffff9200091cf7d [ 1220.521343][ T30] R13: 1ffff9200091cf08 R14: 0000000020800000 R15: 0000000000800000 [ 1220.540715][ T30] userfaultfd_ioctl+0x28e7/0x70a0 [ 1220.548642][ T30] ? stack_trace_save+0x118/0x1d0 [ 1220.553839][ T30] ? __pfx_userfaultfd_ioctl+0x10/0x10 [ 1220.564846][ T30] ? stack_depot_save_flags+0x29/0x830 [ 1220.603512][ T30] ? kasan_save_track+0x51/0x80 [ 1220.615189][ T30] ? kasan_save_track+0x3f/0x80 [ 1220.622162][ T30] ? kasan_save_free_info+0x40/0x50 [ 1220.627503][ T30] ? poison_slab_object+0xe0/0x150 [ 1220.633181][ T30] ? __kasan_slab_free+0x37/0x60 [ 1220.639264][ T30] ? kfree+0x149/0x360 [ 1220.644228][ T30] ? tomoyo_path_number_perm+0x68d/0x880 [ 1220.650896][ T30] ? security_file_ioctl+0x75/0xb0 [ 1220.656444][ T30] ? __se_sys_ioctl+0x47/0x170 [ 1220.663353][ T30] ? do_syscall_64+0xf3/0x230 [ 1220.668642][ T30] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1220.677512][ T30] ? do_vfs_ioctl+0xf0e/0x2e50 [ 1220.682325][ T30] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1220.689657][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1220.697448][ T30] ? tomoyo_path_number_perm+0x208/0x880 [ 1220.704154][ T30] ? __pfx_lock_release+0x10/0x10 [ 1220.729330][ T30] ? kfree+0x149/0x360 [ 1220.745111][ T30] ? tomoyo_path_number_perm+0x208/0x880 [ 1220.751229][ T30] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1220.759040][ T30] ? __fget_files+0x29/0x470 [ 1220.764514][ T30] ? __fget_files+0x3f6/0x470 [ 1220.770097][ T30] ? __fget_files+0x29/0x470 [ 1220.775218][ T30] ? bpf_lsm_file_ioctl+0x9/0x10 [ 1220.781188][ T30] ? security_file_ioctl+0x87/0xb0 [ 1220.788913][ T30] ? __pfx_userfaultfd_ioctl+0x10/0x10 [ 1220.794496][ T30] __se_sys_ioctl+0xfc/0x170 [ 1220.800779][ T30] do_syscall_64+0xf3/0x230 [ 1220.805675][ T30] ? clear_bhb_loop+0x35/0x90 [ 1220.810621][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1220.818300][ T30] RIP: 0033:0x7fd4ec1799f9 [ 1220.822781][ T30] RSP: 002b:00007fd4ece6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1220.833449][ T30] RAX: ffffffffffffffda RBX: 00007fd4ec315f80 RCX: 00007fd4ec1799f9 [ 1220.841809][ T30] RDX: 0000000020000000 RSI: 00000000c028aa03 RDI: 0000000000000005 [ 1220.850180][ T30] RBP: 00007fd4ec1e78ee R08: 0000000000000000 R09: 0000000000000000 [ 1220.861591][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1220.884027][ T30] R13: 0000000000000000 R14: 00007fd4ec315f80 R15: 00007fd4ec43fa38 [ 1220.892385][ T30] [ 1220.895966][ T30] [ 1220.895966][ T30] Showing all locks held in the system: [ 1220.909992][ T5276] usb 2-1: USB disconnect, device number 79 [ 1220.956329][ T30] 4 locks held by kworker/1:0/25: [ 1221.002129][ T30] #0: ffff88801d2f6148 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1221.034771][ T30] #1: ffffc900001f7d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1221.054961][ T30] #2: ffff88802484d190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150 [ 1221.064321][ T30] #3: ffff8880b923ea18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xb0/0x140 [ 1221.090791][ T30] 1 lock held by khungtaskd/30: [ 1221.101537][ T30] #0: ffffffff8e9382e0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 1221.111999][ T30] 2 locks held by getty/4978: [ 1221.117528][ T30] #0: ffff88802b7f70a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1221.129076][ T30] #1: ffffc9000311b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00 [ 1221.142627][ T30] 3 locks held by kworker/0:6/5276: [ 1221.150265][ T30] #0: ffff88801d2f6148 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1221.162932][ T30] #1: ffffc90004407d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1221.175855][ T30] #2: ffff88801caad250 (&devlink->lock_key#63){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x57/0xaa0 [ 1221.195638][ T30] 3 locks held by kworker/u8:12/14176: [ 1221.204525][ T30] #0: ffff8880b923ea18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xb0/0x140 [ 1221.228557][ T5276] usb 3-1: USB disconnect, device number 62 [ 1221.247928][ T30] #1: ffff8880b9228948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x3a7/0x770 [ 1221.283023][ T30] #2: ffff88805e11a818 (&p->pi_lock){-.-.}-{2:2}, at: wake_up_new_task+0xb4/0xc30 [ 1221.297461][ T30] 2 locks held by syz.2.3744/29828: [ 1221.343457][ T30] #0: ffff8880691f6a90 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x2f9/0x6e0 [ 1221.487087][ T30] #1: ffff88801bae2338 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: hugetlb_wp+0x104d/0x3a90 [ 1221.503259][ T30] 3 locks held by syz.2.3744/29829: [ 1221.515315][ T30] #0: ffff88807d94ea18 (&mm->mmap_lock){++++}-{3:3}, at: lock_mm_and_find_vma+0x32/0x2f0 [ 1221.526468][ T30] #1: ffff88801bae2338 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: hugetlb_fault+0x575/0x3780 [ 1221.539753][ T30] #2: ffff88801caf90e8 (&resv_map->rw_sema){++++}-{3:3}, at: hugetlb_fault+0x67b/0x3780 [ 1221.551097][ T30] 3 locks held by syz.1.4155/1576: [ 1221.557435][ T30] #0: ffff88802dc77c40 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x2f9/0x6e0 [ 1221.568664][ T30] #1: ffff88807a44a038 (&ctx->map_changing_lock){.+.+}-{3:3}, at: mfill_atomic_poison+0x2af/0x1780 [ 1221.611812][ T30] #2: ffff88801bae2338 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: mfill_atomic_poison+0x10a6/0x1780 [ 1221.678468][ T30] 1 lock held by syz.2.4295/3485: [ 1221.683588][ T30] #0: ffffffff8e93d6b8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 [ 1221.696067][ T30] [ 1221.705675][ T30] ============================================= [ 1221.705675][ T30] [ 1221.720276][ T30] NMI backtrace for cpu 0 [ 1221.724643][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc3-syzkaller-00010-g6b4aa469f049 #0 [ 1221.735157][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1221.745221][ T30] Call Trace: [ 1221.748512][ T30] [ 1221.751444][ T30] dump_stack_lvl+0x241/0x360 [ 1221.756126][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1221.761317][ T30] ? __pfx__printk+0x10/0x10 [ 1221.765897][ T30] ? vprintk_emit+0x631/0x770 [ 1221.770563][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 1221.775593][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 1221.780537][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 1221.785984][ T30] ? _printk+0xd5/0x120 [ 1221.790129][ T30] ? __pfx__printk+0x10/0x10 [ 1221.794711][ T30] ? __wake_up_klogd+0xcc/0x110 [ 1221.799551][ T30] ? __pfx__printk+0x10/0x10 [ 1221.804131][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 1221.809145][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1221.815115][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 1221.821081][ T30] watchdog+0xfee/0x1030 [ 1221.825313][ T30] ? watchdog+0x1ea/0x1030 [ 1221.829716][ T30] ? __pfx_watchdog+0x10/0x10 [ 1221.834380][ T30] kthread+0x2f0/0x390 [ 1221.838443][ T30] ? __pfx_watchdog+0x10/0x10 [ 1221.843104][ T30] ? __pfx_kthread+0x10/0x10 [ 1221.847684][ T30] ret_from_fork+0x4b/0x80 [ 1221.852098][ T30] ? __pfx_kthread+0x10/0x10 [ 1221.856679][ T30] ret_from_fork_asm+0x1a/0x30 [ 1221.861441][ T30] [ 1221.866800][ T30] Sending NMI from CPU 0 to CPUs 1: [ 1221.872038][ C1] NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x21/0x30 [ 1221.888939][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 1221.895813][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc3-syzkaller-00010-g6b4aa469f049 #0 [ 1221.906297][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1221.916339][ T30] Call Trace: [ 1221.919605][ T30] [ 1221.922518][ T30] dump_stack_lvl+0x241/0x360 [ 1221.927190][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1221.932377][ T30] ? __pfx__printk+0x10/0x10 [ 1221.936951][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1221.942919][ T30] ? vscnprintf+0x5d/0x90 [ 1221.947234][ T30] panic+0x349/0x860 [ 1221.951127][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 1221.957285][ T30] ? __pfx_panic+0x10/0x10 [ 1221.961686][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 1221.967043][ T30] ? __irq_work_queue_local+0x137/0x410 [ 1221.972568][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 1221.977918][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 1221.984049][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 1221.990182][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 1221.996314][ T30] watchdog+0x102d/0x1030 [ 1222.000645][ T30] ? watchdog+0x1ea/0x1030 [ 1222.005080][ T30] ? __pfx_watchdog+0x10/0x10 [ 1222.009751][ T30] kthread+0x2f0/0x390 [ 1222.013816][ T30] ? __pfx_watchdog+0x10/0x10 [ 1222.018484][ T30] ? __pfx_kthread+0x10/0x10 [ 1222.023066][ T30] ret_from_fork+0x4b/0x80 [ 1222.027478][ T30] ? __pfx_kthread+0x10/0x10 [ 1222.032058][ T30] ret_from_fork_asm+0x1a/0x30 [ 1222.036832][ T30] [ 1222.040066][ T30] Kernel Offset: disabled [ 1222.044383][ T30] Rebooting in 86400 seconds..