last executing test programs: 2m3.751820737s ago: executing program 3 (id=1797): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_IOC_PROTOVER(0xffffffffffffffff, 0x80049363, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r3, &(0x7f0000000340)={&(0x7f0000000240), 0xc, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa9610c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa1900000000000000000000e2ffffffddffffff730d00000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20000000409eaa988dbc2fee9d313d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb79637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0adc7e77dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9af0012ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357baad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff16c45ba4a125a5a8a0000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca135ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522f7dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444653fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a46005332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d366047999c825dbc4bea375529699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c2723d70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0fd9bb2a70801f763524ea2f93229106c871d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd405b8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b74ac5f894b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b4047979379dc15c9056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d6674885914abbf8830abeea2a46342e6a7378173cb2df5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb49ef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38aec0d12aa25d61ce4e2c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008435f39381c2a77c001caae53db7316fa6d48d032ab6831ebb813c85855c7a9ad8140a4b29422fc20d4e75c848984a2e217ec9c2833b8fa9106ee1be2c05103a36fc1126f1aa5284843b08ecadc199b9038cf6b9ee4e1f321a6a32e03bd987ddfada1f69756651b73a7ed0f7e467081193b68448692686ac80d81a89f9c29e27686fd96885205bc21a80b6704c45e42b3656dfdcd9b3048b04752ccf24103e2375ca712f6ed38b06c96bf3da324700"/2640], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r6 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f0000000180)=r5, 0x4) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r7, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000500)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff0200000000000000000000000000010000000000000000fe8000000000000000000000000000bb000000000000000000000000000000000000000000000000ffffffffffffffff00"/156], 0xf0}}, 0x0) mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) socket$nl_route(0x10, 0x3, 0x0) r8 = socket$caif_stream(0x25, 0x1, 0x0) setsockopt$sock_int(r8, 0x1, 0xc, &(0x7f0000000300)=0x3ff, 0x4) connect$caif(r8, &(0x7f0000000100)=@rfm={0x25, 0x0, "d034e68fae880aca9de7751355b0eb74"}, 0x18) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r9 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r9, 0xee01, 0x0) keyctl$setperm(0x5, r9, 0x21081c22) 2m2.390277711s ago: executing program 3 (id=1800): pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x68, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x54, 0x1, [@m_tunnel_key={0x50, 0x1, 0x0, 0x0, {{0xf}, {0x20, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0xe08, 0x0, 0x5, 0x1, 0x80000000}, 0x2}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x8000) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) 2m0.365203085s ago: executing program 3 (id=1805): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400a2921d"], 0x50) (fail_nth: 1) 1m56.699560926s ago: executing program 3 (id=1810): prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x8000}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() setrlimit(0xd, &(0x7f0000000400)={0xf2, 0x5}) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x804e23}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) socket$inet6_mptcp(0xa, 0x1, 0x106) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) r6 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040), 0x4002, 0x0) accept$phonet_pipe(r6, &(0x7f0000000300), &(0x7f0000000340)=0x10) mkdir(0x0, 0x0) syz_open_procfs(r0, &(0x7f0000000140)='net/ip_tables_names\x00') mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[]) chdir(&(0x7f00000000c0)='./file0\x00') r7 = syz_open_dev$vcsn(&(0x7f00000003c0), 0xae0a, 0x20e600) mkdirat(r7, &(0x7f0000000440)='./file0/file0\x00', 0x0) ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0) r8 = syz_open_dev$ttys(0xc, 0x2, 0x1) r9 = syz_open_dev$tty1(0xc, 0x4, 0x1) r10 = fcntl$dupfd(r8, 0x0, r9) ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDSIGACCEPT(r10, 0x400455c8, 0x4) 1m52.938290769s ago: executing program 3 (id=1812): set_mempolicy(0x0, &(0x7f0000000040)=0x10000000005, 0x4) r0 = syz_open_dev$vim2m(&(0x7f0000000c00), 0x101, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000140)={0x36, 0x1, 0x6, "69170000bfce0000000000000200", 0x20385655}) r1 = syz_open_procfs(0x0, &(0x7f0000000bc0)='environ\x00') read$proc_mixer(r1, &(0x7f00000001c0)=""/149, 0x95) madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x3) 1m52.555091555s ago: executing program 3 (id=1815): bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0) r5 = dup(r4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r5, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) socket$inet6_udplite(0xa, 0x2, 0x88) r6 = syz_io_uring_setup(0x10e, 0x0, 0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(0x0, r7, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x13}) io_uring_enter(r6, 0x47f9, 0x0, 0x0, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r8 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) io_uring_setup(0x3e24, &(0x7f0000000080)={0x0, 0x6de, 0x1826, 0x0, 0x149}) write$P9_RSTATu(r8, &(0x7f0000000580)=ANY=[@ANYBLOB="0e0200000200000005cd0000050000000000000000000000000000000000000000000000006195963b56c3477900000000001b00046e6f6465767b65766f6f7e0539c60005000037d93a8b92000000280070673effeb09b5351f5bde05400000000018789ba916638814e5708103b494e10000000000000000020008005500f8f669fb716dcf315ecaf385409ac65b9408678c2c3b9e1d52c36cde7ba4a400b4b0b4f174a666a8529a451b3407dbdab2884baf050000000000000047ec21cabff20f9c1cbe36f4fd1a4cc280e8e289da649a37002c016f6465762f6eb17b2300f9daa5ee23266ecf85fea65e42d979a3fde5f475daf03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa9a74f51685f506ae894806878267d5a1298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d723859dba3f93aed3b42ee7cac07de09d1d68a60333a882467d2b31aacdf9188549b1125d6c4c9b18c2fb56c57d7dc626e4390796a1eb48274669ab13f8b11d146059f310e2634d593fec65d529f382066664df244e4c90570a70049f399f061f75b7797ce1fe11ea919609d51a41dd3de304bd7c7ed0a456f0ae12516105c9ce887df5a6e0b6a77d596cf88ba6e5c6397c7d5021d7989528fd1739e1c2d87fff00"/514, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0xee01], 0x20e) 45.464844422s ago: executing program 4 (id=1946): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000002340)={'xfrm0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) r4 = dup3(0xffffffffffffffff, r2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) getpid() bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r7 = socket$inet_tcp(0x2, 0x1, 0x0) listen(r6, 0x8000) getsockopt$inet_tcp_buf(r7, 0x6, 0x23, &(0x7f00000000c0)=""/40, &(0x7f0000000140)=0x28) ioctl$VIDIOC_G_EXT_CTRLS(r3, 0xc0205647, &(0x7f0000000180)={0x9a0000, 0x8, 0x6, r4, 0x0, &(0x7f0000000140)={0x990906, 0xffff, '\x00', @value64=0x9dc5}}) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="2000000010000110000100000475000000000000", @ANYRES32=r1, @ANYBLOB="da"], 0x20}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="2000000010000104005540000000000000480000", @ANYRES32=r1, @ANYBLOB='\v'], 0x20}}, 0x0) 39.629289218s ago: executing program 4 (id=1956): syz_open_dev$usbmon(&(0x7f0000000140), 0x0, 0x0) syz_open_dev$usbfs(0x0, 0x73, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) prlimit64(0x0, 0x3, &(0x7f00000000c0)={0xffffffffffffffff, 0x3}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GET_LEASE(r3, 0xc01064c8, &(0x7f00000001c0)={0x1, 0x0, &(0x7f0000000180)=[0x0]}) ioctl$DRM_IOCTL_MODE_GETFB(r3, 0xc01c64ad, &(0x7f0000000000)={r4}) r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r6}}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x1c, 0x0, &(0x7f0000cab000)) write$vga_arbiter(r5, &(0x7f00000001c0)=@other={'decodes', ' ', 'none'}, 0xd) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r7, &(0x7f0000000080)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14) sendmsg$inet(r7, &(0x7f0000000500)={&(0x7f0000000280)={0x2, 0x0, @multicast2}, 0x10, 0x0}, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000100)=""/4096, 0x1000}], 0x1, 0x0, 0x0) 38.608156312s ago: executing program 4 (id=1959): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000180)=0x10) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000002c0)={r2, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x304}, 0x9c) 37.20462249s ago: executing program 4 (id=1961): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x107000, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0}, 0x10) r1 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x4380000, @remote}, 0x1c) sendmmsg$alg(r1, &(0x7f0000001840)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000040), 0x18}], 0x1, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[], 0xa4}}, 0x0) 37.127632309s ago: executing program 4 (id=1963): r0 = io_uring_setup(0xb3e, &(0x7f0000000340)={0x0, 0xd673, 0x0, 0x20000000, 0x3}) r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) fcntl$notify(r1, 0x402, 0x29) r2 = syz_open_procfs(0x0, 0x0) r3 = socket$inet_icmp(0x2, 0x2, 0x1) bind$packet(r3, &(0x7f0000003940)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYRES8=r2, @ANYRES32=r0, @ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94) openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) ptrace$ARCH_SET_CPUID(0x1e, r4, 0x1, 0x1012) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@struct={0x0, 0x0, 0x0, 0x4, 0x0, 0x8}, @restrict={0x0, 0x0, 0x0, 0x4}]}}, 0x0, 0x32, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) (fail_nth: 1) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000017c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0xffffffff, '\x00', 0x0, r7, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50) pread64(r2, &(0x7f000001a240)=""/102400, 0x19000, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 36.315175186s ago: executing program 4 (id=1965): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000002340)={'xfrm0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) r4 = dup3(0xffffffffffffffff, r2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) getpid() bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r7 = socket$inet_tcp(0x2, 0x1, 0x0) listen(r6, 0x8000) getsockopt$inet_tcp_buf(r7, 0x6, 0x23, &(0x7f00000000c0)=""/40, &(0x7f0000000140)=0x28) ioctl$VIDIOC_G_EXT_CTRLS(r3, 0xc0205647, &(0x7f0000000180)={0x9a0000, 0x8, 0x6, r4, 0x0, &(0x7f0000000140)={0x990906, 0xffff, '\x00', @value64=0x9dc5}}) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="2000000010000110000100000475000000000000", @ANYRES32=r1, @ANYBLOB="da"], 0x20}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="2000000010000104005540000000000000480000", @ANYRES32=r1, @ANYBLOB='\v'], 0x20}}, 0x0) 9.551769492s ago: executing program 2 (id=2001): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000005c0)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7f, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x199, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3d4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000], [0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x8000]}, 0x45c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000500), &(0x7f00000001c0)=0xc) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in=@loopback, 0x4e22, 0x0, 0x1, 0xa7f8, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x0, 0x0, 0x6}, 0x2253, 0x6e6bb0}, {{@in6=@local, 0x4d2, 0x6c}, 0x0, @in6=@private2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7}}, 0xe8) r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000000)={0xc, 0x0, 0x0}) r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TCSBRKP(r7, 0x5425, 0x0) r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000000c0)=0x3) ioctl$TCSETSW2(r8, 0x5408, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "23f555d9adb42d4408020e90d1beaa82dc1ecf"}) ioctl$TIOCGPGRP(r7, 0x5437, 0x0) ioctl$IOMMU_TEST_OP_ADD_RESERVED(0xffffffffffffffff, 0x3ba0, &(0x7f0000000300)={0x48, 0x1, r6, 0x0, 0x8000}) ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000080)={0x28, 0x0, r6, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000}) ioctl$IOMMU_IOAS_COPY(r5, 0x3b83, &(0x7f0000000040)={0x28, 0x0, r6, r6, 0xa93, 0x0, 0x3fff}) 8.764117788s ago: executing program 0 (id=2003): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) ptrace$ARCH_MAP_VDSO_64(0x1e, 0x0, 0x0, 0x2003) ptrace$getregs(0xffffffffffffffff, 0x0, 0x6, &(0x7f0000000700)=""/49) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ip_vti0\x00', 0x0}) r2 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$sock_int(r2, 0x1, 0x29, 0x0, 0x0) sendmsg$can_raw(r2, &(0x7f0000000300)={&(0x7f0000000800)={0x1d, r1}, 0x10, &(0x7f0000000880)={&(0x7f0000000400)=@canfd={{0x2, 0x1, 0x0, 0x1}, 0x3, 0x3, 0x0, 0x0, "c15f4f3a2093960092f3c0f010e65ba31f556eed36544c453aa59d7f01f7e55065a6e6aaad1a5633428e768879e28b916900"}, 0x6}}, 0x0) mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000) r3 = syz_open_dev$swradio(&(0x7f00000046c0), 0x1, 0x2) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000100)={0x200001, 0x0, 0xffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4) bpf$PROG_LOAD(0x5, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x291962b, 0x0, 0x0) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) syz_emit_vhci(0x0, 0x7) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x0) munlock(&(0x7f0000ff0000/0xd000)=nil, 0xd000) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRESDEC=r4, @ANYRES32=0x0, @ANYBLOB="00000000000000000100000000f6ff00000024080000000000000000000029a0b213fa8d111032a753fb4b8d4b6a9756ca919d29c2d576185d1955fe53fc903b05261aed9fc1d1a0260e544f4d6ebc7d97d5ee3f472a5e1f12fc91283d15"], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000", @ANYRES32, @ANYBLOB], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10) 8.041394637s ago: executing program 2 (id=2004): r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000140)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r2 = open(&(0x7f0000000180)='./file0\x00', 0x24e3c2, 0x40) socket$nl_xfrm(0x10, 0x3, 0x6) r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000300)={0xccf5, "387399d5000000000000000300", 0xffffffffffffffff}) r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f0000000280)={0x8005, "421ae3753785259249154c944122ad063ff47d3bd7a8a45d6bb4c78a3ab4c981", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r4, 0xc0303e03, &(0x7f00000000c0)={"fd0d1af889b4ea07001900005e99e47ac49e4906eddf9edd00004000000029e9", r6, 0xffffffffffffffff}) poll(&(0x7f0000000080)=[{r7}], 0x1, 0x0) ioctl$SW_SYNC_IOC_INC(r5, 0x40045701, &(0x7f0000000180)=0x8) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0) fcntl$lock(0xffffffffffffffff, 0x25, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b"], 0x0, 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r8 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000040)={@map=r8, 0x26, 0x0, 0x0, &(0x7f0000001440)=[0x0], 0x1, 0x0, 0x0, 0x0, 0x0}, 0x40) pwritev2(r2, &(0x7f0000000680), 0x0, 0x6000000, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000b80), 0x0, 0x8010) socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000540)={0x0, 0x31384142}) 6.968713959s ago: executing program 2 (id=2005): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0) syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000640)=@broute={'broute\x00', 0x20, 0x1, 0x170, [], 0x0, 0x0, &(0x7f00000006c0)=ANY=[]}, 0x78) write$binfmt_script(r0, &(0x7f0000000000), 0x4) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1, 0x10012, r0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000640)=@broute={'broute\x00', 0x20, 0x1, 0x170, [], 0x0, 0x0, 0x0}, 0x1e8) accept$unix(0xffffffffffffffff, 0x0, &(0x7f00000000c0)) syz_open_dev$evdev(0x0, 0x0, 0x0) syz_open_dev$evdev(0x0, 0x0, 0x0) write$char_usb(0xffffffffffffffff, &(0x7f0000000040)="e2", 0x2778) syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$HIDIOCAPPLICATION(0xffffffffffffffff, 0x4802, 0x0) syz_usb_connect(0x1, 0x36, &(0x7f0000000040)=ANY=[], 0x0) r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r2, &(0x7f0000000000), 0x0) r3 = socket$packet(0x11, 0x3, 0x300) r4 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f00000002c0)=@add_del={0x2, &(0x7f0000000100)='team_slave_1\x00'}) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x4006}, 0x4) setsockopt$sock_int(r3, 0x1, 0x2c, &(0x7f00000000c0)=0xbfe, 0x4) setsockopt$packet_fanout_data(r3, 0x107, 0x16, 0x0, 0x0) r5 = socket(0x10, 0x6, 0x0) r6 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'lo\x00'}) sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x0) 6.339881257s ago: executing program 1 (id=2006): syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000240), 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) read(r0, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) close(r0) write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15) syz_io_uring_setup(0x6c1f, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x2ea}, &(0x7f00000002c0)=0x0, &(0x7f00000000c0)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x0, &(0x7f0000000080), 0x200000, 0x4) mount$9p_fd(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)=ANY=[]) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000004000000010000000000000000000f020000001ba4009fe55db867395f2e00"], &(0x7f0000000300)=""/2, 0x38, 0x2, 0x1, 0x0, 0x0, @void, @value}, 0x20) 5.991677931s ago: executing program 1 (id=2007): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) syz_io_uring_submit(0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index}) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x0) write$sequencer(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8105000000210000"], 0x8) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1) mount(&(0x7f0000000100)=@nullb, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000000)='ntfs3\x00', 0x0, &(0x7f0000000340)) 5.975442549s ago: executing program 0 (id=2008): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000002340)={'xfrm0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) r4 = dup3(0xffffffffffffffff, r2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r7 = socket$inet_tcp(0x2, 0x1, 0x0) listen(r6, 0x8000) getsockopt$inet_tcp_buf(r7, 0x6, 0x23, &(0x7f00000000c0)=""/40, &(0x7f0000000140)=0x28) ioctl$VIDIOC_G_EXT_CTRLS(r3, 0xc0205647, &(0x7f0000000180)={0x9a0000, 0x8, 0x6, r4, 0x0, &(0x7f0000000140)={0x990906, 0xffff, '\x00', @value64=0x9dc5}}) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="2000000010000110000100000475000000000000", @ANYRES32=r1, @ANYBLOB="da"], 0x20}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="2000000010000104005540000000000000480000", @ANYRES32=r1, @ANYBLOB='\v'], 0x20}}, 0x0) 4.847439104s ago: executing program 1 (id=2009): r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) write$FUSE_INIT(r0, &(0x7f00000000c0)={0x50, 0x0, 0x0, {0x7, 0x28, 0x4, 0x161028, 0x9, 0x4, 0x0, 0x6}}, 0x50) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2000, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x5d, 0x0, 0x0) r2 = openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000180)=0x9) ioctl$VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045613, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r4 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_DEL_MIF(r4, 0x29, 0xc8, 0x0, 0xc000000) setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, 0x0, 0x0) setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x2, @private2}, {0xa, 0x0, 0x0, @empty}}, 0x5c) r5 = socket$packet(0x11, 0x2, 0x300) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x1b2) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0) close_range(r3, r5, 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000000)={@map, 0xffffffffffffffff, 0xa, 0x0, 0x0, @void, @value}, 0x20) socket(0xa, 0x806, 0x0) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), 0xffffffffffffffff) mount(&(0x7f0000000480)=@nullb, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000040)='squashfs\x00', 0x0, 0x0) 4.319938796s ago: executing program 1 (id=2010): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x50, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x20, 0x2, {{}, [@TCA_NETEM_LOSS={0x4}]}}}]}, 0x50}}, 0x0) 3.972049628s ago: executing program 1 (id=2011): socket$nl_netfilter(0x10, 0x3, 0xc) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) socket$inet6(0xa, 0x3, 0x8000000003c) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0) socket$tipc(0x1e, 0x2, 0x0) socket$kcm(0x2, 0xa, 0x2) socket$inet_tcp(0x2, 0x1, 0x0) socket$packet(0x11, 0x2, 0x300) socket$inet6(0xa, 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6}]}) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) socket(0x2, 0x80805, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socket$packet(0x11, 0x3, 0x300) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000080), &(0x7f00000003c0)=r5}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @void}, 0x10) syz_emit_ethernet(0x2e, &(0x7f0000000440)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x40}, @multicast, @val={@void, {0x8100, 0x4, 0x0, 0x2}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @multicast1, @broadcast}, {0x400, 0x4e20, 0x8}}}}}, 0x0) 3.549495862s ago: executing program 2 (id=2012): fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40305839, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) syz_emit_ethernet(0x4e, &(0x7f00000004c0)=ANY=[@ANYRESOCT=r0], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$nl_route(0x10, 0x3, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r3}, 0x10) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0) r7 = socket$inet6_udp(0xa, 0x2, 0x0) fsetxattr(r7, &(0x7f0000000400)=ANY=[@ANYBLOB="747275737465642e815f7255613708de8f4b53be4dfb685e38acc02b806230289c0e8a88e356ed4dfbd41bec0ae04e36c9a8983d1612c1370ea5c405370d8a492dd9216ab7f54880359522d98f06f7debb4aafcfc2c3ae8c4461628643d020b1787b4e06a6341929f14e58fdd17549b75823b445743d9ca105e40d8252cf968a9062f75e1a1d957fa29f10fb041696a2bd35e771a0da2e2d6225b3c68c166328cba6ae271a24f3e5555dd8f1dbed3f10c68240edf9b27be4987a41d1cc86341e5626dd16ac63403c6ad8f7f546a86fcb0c30435bf512afba802dcc4a2d28333b87659aed65403f8dae91da511f0d10f3e2a60e4ab683b07f044450f5ab0625588a6bb0aed9f1c56e8ff0ac88f6373d3c000631bd1b9aa49fb3bb719ab43953b64275eb44d7b285ec8118baf953ba0d0af3b5852ff5e887c5b9a1cae9bddd9c06d4cefbe91095b6deccf300b1d31aa986e2a4bece5966fb066f80ec8a3121aa0b72ce47c158c055b8689b6a4170306f5ecc8a637fc6c6acd6cd37e796aa72ed2a77d68a4bdce530aaf0a03eb2e99e1e90049742f23702df913b6cb1606f1b822c11eb4ceaef70ca2bff8180563f0b809bb2d821a23599e24de6824fb46bd3de3fc9d136684d8e8adfa8e45dfbec435c"], 0x0, 0x0, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r8 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x8240) ioctl$EVIOCGSW(r8, 0x80084503, &(0x7f00000020c0)=""/4096) ioctl$TCSBRKP(r4, 0x5425, 0x0) r9 = io_uring_setup(0x2ad5, &(0x7f00000001c0)) close(r9) ioctl$TCSETSW2(r4, 0x5425, 0x0) 3.225458923s ago: executing program 0 (id=2013): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) syz_init_net_socket$rose(0xb, 0x5, 0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="720aacff0000000071101d000000000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) close(r6) close(r5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)) r7 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x12, 0x4, 0x4, 0x40, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r8, r7, 0x26, 0x0, 0x0, @void, @value}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r8}, &(0x7f0000000000), &(0x7f0000000080)=r6}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r8}, &(0x7f0000000180), &(0x7f00000001c0)=r5}, 0x20) close_range(r4, 0xffffffffffffffff, 0x0) syz_open_dev$video4linux(&(0x7f0000000100), 0x7f5b, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 2.239424923s ago: executing program 0 (id=2014): r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x801, 0x800, 0x0, @void, @value, @void, @value}, 0x48) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) ioctl$BTRFS_IOC_START_SYNC(r2, 0x80089418, &(0x7f0000000080)=0x0) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r1, 0x50009417, &(0x7f0000000740)={{r0}, r3, 0x8, @unused=[0x9, 0xfffffffffffffbff, 0xb, 0x81], @name="1918e03a1284a08ef0ab2121776c3359b09d3c353559f8cdea5b13abf51eed9f6b7c8a38077658a7a8b5ab70075754cfed637d3f9c898f80fdb32c9dc2bb7eb05c09107e8f9977030a27ac13e2a59df776b6665e463e5724341fd026cb5244a8c61380b99e5392b33a616aedcdfb1c75b0fc7542ba23ce02764a5037c5262531d55261341681633364dd5fd187b7bb3bc483ccafe0ce00ccef94667d2adc80df460062907d1d5f4fd5e19d690d610b373986cf93801d4bf738a035e92eb8472ef522177f951eb25347419b67e26159cc53d76bb635ad00dca46bf5f09204effdda39934116e081ef4404793196c180aea2e56e7bcfbaf61aa5319c4e9df7455c6a88bedff3466649a6849a112cebfe01ae4632a9d7c92d5d3c955dc05579aa69d4f7288f5e4a681bd97297bd1f560d0e7b815998ea7be76b4c9cdf1fd43a8b7e9fd76e9c6ccae95db656bc132d83bcdadfe1226b5d1ecb84c1943719554d66a56155e3da097772b5089b6407cda3dc3aaca6e2cf592a45529182b47092c1907960cb0c9680d7f32145e35dd606782e707ad7f0c547027a46c713b8b45e8a0157565336c32089d3068052a2662ca521e65aced830e59ad640006a0a9b673674248bd5a548f034999297e369e97038eed9142f0c1925f2de7354f80f790ae9c26eed22f593e7e1059b2e6cf37de5469160f1a50e2b3fbc61c9e7aea462dadbd37e4fc3cff0548f705c850447fe3e9d6f10b6a08b5c1b64a6696ccaec28c9986c1196d0d58c25bda867cba3ea75576da8e56c18ea790aad301878cdd4244760521eedc3c42e009cc2c15c4ed425e6e52e4a1f763da2fe0ce528d0580173610c76d5f3bf1c34f0fdacbb30e3b6ae8688a616429e8a183402455c111c465a25ba4248b736deea45b2d2ee073df2bcc7e6917ddcdd0aa91f1058f1d57281209284288a798b557f5fbf06856d73279a59fb82780ebdb17c0177ad082551786db9704ee7fada887784784d11a16b57d79683ab25200118606bbe370fdde71a2f10966ac42c7564239b88264250b3c99731c52487f1bad2d662e8adf53094e91d5a6625d86153368b499e0b37aa8417b2c3e5120c051e564f0ea086a9fdbaed76b786cc6533ce20217bceb7edaa0732cf8a2264bfe902870b3a26994dd3c0937d79476a821eff5a005a8b9d741cf1ff6ae6c80ff5045c3f93e8f7b768f2f89c721c2b4199d3de5631e864568bac6b692e5e5f0d251c2568f3fd1d5be9518da40c2830f27a0e6a2ee8639d1d1fcfa8da65b133c9bec910cec9662d1e1e8ae65cc7f6526531544b797674096e0e489285aea34e5f086b9cf6b29d2a43c719a48d7ce7bfa0e4cdf198bbf4732db5a38a58461095abfa8ddda9e2a1c9cadf9356dbe99926fc0bf02d9799375fe07cf33abe20a73e06e59b1c3bac2616ceed5508682721331c7bda277df25f36ee2e47d2fa16c37b4d7fa639841b2620de0ca1b5207ee8380a9ee2ab674783a7331e8c66a45eafa65fe0943fe846145a410ce5ba813cb84d9052e2df956eed3fc2c7b9c63d78c40aa75c272d2b9abcbc558523c154d946b9465eb9d34d932259533d6c3af7da0f8b3bf83a5e3b72958ecec355999332c6cb71a4f5f2b28eb1a685268c3b02fb79d0155f93f8e4389693b596eca3cd21c60451b7818d3fcf6628ee7b6c5f0b42ac249d85a892ee788359323f674a05e6bb1a2352c788d1e6b04ae673aad05313048ed6e382580accbd3ad03ed1eae57d0153de62306cc7ef9573b7d11c8612a2d02ba3d9e9fbd6b7a99051b6ee755a51a5d0c88070f19c9a6b2c9b3c607ca3c223a4ab2b388ba47f6a0c3f147fc03fb4871163485a2eb0089374328077f88cb601945e2a9ffa0bd305bab71006a795b4f4196a8c56f96383ce3a9c91c0af51b201ddd4820cb5b5f8569b34f25ca3e398dfe9e208af5db87538c8f3ff093a7318bf58c64c7d10235b34a90351f85ab1ae61dbf06fc75a80b7404d7c79ca88691d542b8a5aa67cfdecb44af458e71fb97b42e453345fedf93ec43308d287eb0eb3ead6fa5513c02028c61d90e17309d1276eeebe7164fec3d7dddae4deaad0786446c93f4078307bcf040b3337014edc7c43f608e44eb1406d6adb599fe7ac4f96b0cb11a773ff362d1cb39242b7784e09f5365cf82563724ac0189f99487424fe9f05d8341d67a43ac4aef3b4e1edf98b82c488781cd04799f397c1e39ed806504a320bf025031152d25d53c5d752e225ddfea04e5837934332e537ab4bc4c83df2fbfe06a891a589999d27f29a28d673e51e58aeaa8aa7142e44ca7cc457b9a7132c6989423479df9517d594b529b95c50c9f7a9f7e457a70267c78fb89cb86055c1bc85aeafa09411825961334bc4216ae57d6d3a3cebeb2c7612ad1e25987d86ea417a618a87b6fa19b82b93dbc4546d3135b329615443821a5bfd1c6be4e1b3aae7f8d0a0705865ab9d3a783e033f30b76d34322abe2d758932c073034a564d59559bdd32e9d7011f714542b5ce169a02839235b3ce9c550a2efea2c3bbfb2e93bc048a13dbf6a3f35706e34e5be018c3589fbcee4e5484aa229e853401fd1959a70bd0279d04d3c3d693cd845508a328953b5decf3a6c68a2f6f4ceaf5b25181d7894a2eee3dd3839b2620a6156e0dbb7c6ff7452b11b535da886e3debfa189149913a4f0912206d59493c040b41b87675c3b8f33d0c53c7974c8d41e0baf0aef496a402b75c62ba78cd374d50ad7abf4d127e11326fcead14191185fec5ff3f688a22ef34428661696f5102bd776769f2f0d81a00c07eed19c26506f383ac347db2c44cbc88ec856b5357cd1a45bca419ae525057b1a6e22468c2e15c586abb1214b1301773776ae119e02c7f8d3ba08db489d770ae0b09f2f9315068b8ed9558975356db95bae6eca20773eb2aeaec0420034eeab8d088d202d65bb2a2a95803d0cf38bd525fb8e224ed61b144f4213ef5bc119407e02c63bd401d1a06d3b4d0083a941a0f5a58cde6e89af3eae9ad7afcedbd79af56721ce39b44a5b573e5ef99d69b7ff0c0a9eabb7667c86dbea009666181e8fca9e250f72243555573c3679ac7c9460f6aa78d6f9f6f67beb990fd4cce3745ea429965c392ff8b43a879c5f5a3249bcc0cf69fae42e7f9e3e357ed1215ca03638750dd2ec60ba9d1a4d0f3352451fa95d75381ceec1e62444da3dd75961bf3bff0b31523ef102d6f067929c85df3e56934004458b48603c63de7284c519d1b43e98a17003f78a906777c1bef3f118d6bc7c33486d5f5a5d6e9224881f8a7995eaf15e3080eec549ed4d1e5d4c174a750646ec24a40d99ae35a178d35fb8e6533db9279552738b8fe9d4abd1b28a6e895275272a5720e34b509564705bb09306f1a89576faaa396227ea5b20510c8b31da3ae780031f624bd78cc85ac8724ef049ae2486ff07765e1c666acda8dfe86bcc07f761e7b774bf87d09ffc587ba6f0d9a9916d9599422b83f901a487bbd75196ddebf8569a86d98fe24e8bd3bcf355002e77f0eeb2de211752de828621edc24d1e09a1a32d14c62471994ab28625e4d5d6fa00f0fccd953f3413a81784e78567968814c7140bda82f538ba8da9062b417481a55ddb24c0206a6724b3c86dfa1a552f96803fcf010706a6df30a3fd20b58e0869a8cc979510a66d40cceb43085e31b693ad529311143ed7f372518264d3288d7842c9c31059e6c2b3e651201dd9dbdac5982a7c5f39e2bff47f29954f49f194ba3f6dbc6214a61ed9b5b979eeb56062b5fe395cd800f82c6b553fa8184a575b04f5be498ce167b9d55e444764fbc7c0635d1a1bc5a03045c68ec220666e9233db63b967e1ead4e113959a1cac9656880ff744d7f0b66ba8d0805f56dcc8b8ac15aca0e5de17eeebebf58babff5faeca2f576b49aa0b27e934aa94b1b860722d8bc5e8826c025afb45c746e71c8f4eade3f7e778a92e4f08e08b9be38bbefdf2b144bfc846621f5492fcd755d6faab6f75d3dd796305af3b9871640e966f18380c073adcd95e163a0924504d5aa5fdaae72b9ef0dc7f5e8dc6b28c2742139f83f584a0398378b6cb6dc2b0a815a4e76e18b0b30636fecc6b97ddc8055eb68b5bdebd12bae3d6fba1a3f597f041bb8d49f21999bb1b04493e3e542f5f54e01390e3a4b3834a251f4578729fa4be5f367bff028f6c7f2e5a3b198e34a7752e235d22e6e89a059a4c120840fd5b82eb95bc9afc46f4c8775f553cd428a11e452bdd72aa30b70fdb118bf9dd1b812107a038af351efccd6ad039a45e348be5ad8425b926ddc9561075e5921493007dc067d405434a981a4c924743c17e47b0c610bc438d4a030ca23ff3909c52fd7a699af6495bcb895828b09b284ff02c55f562ac5e38a1fe80b5d431b1ba6f364bb478c9db391c00f15af760ec8f4a3523219ffe9be3f93430008306954b9a018ee89bb44b19908abc78b1715906d8ebe98a368ccbf3e573369155f12f503bb22fb3e621dc1e8c23c1ea8dcae257f2b8b5dfc3e6f2cea13edbc1719a0b19a737bd8696a74e4637d4a7790d02c7ca050487e6ecaecec8d5afb665f11e217aae527140f8e8e54d6337c3f84a408121d63c9574704ffc08b8b9197e86290af65e17567ea7e1dbabf708b7f8078ce1398523cb7852a53e6d8eabde2524a587e8a5a987bd6df772c342936996563c745434f96f0ff43337ceab2c82ff2db5ecddde1ade174e10a398654ac9685b1073efe32fb62305b0a2fa41a9a137049c80b3fbff8bf4bf91f3c9725c09a8af18dc566c2796bdd1f48fb3cb88035c463d38337656b471cf83f6836ca2627f196392312f15c07cdb5cf8fae1d6eccbdd446e205cafd694f9bc50996d5878e5dcfe62835ed22147ebf22916fb6571e81486ef32954d5eb38abb1281cf7dae3a4f384c8730e94b4d1a9c3bfe7fcb4d5e446ad578622aa96f54f56f71df0cae82c198ebe9800d18fc9cd7a60808471ecf99fe36192227f812ce725995c3d3bd52acb48d3a55a2f76a1f9b968f3f313dd73d7fff80ee4382f1f441b7cdca0dda38604e23cc801ac7ab1a80ee6b5d483db5a85e8d61bfb7d504cc9f3f8eb373a3d2446a8a158efc5009f4c0cad44f6515eaf444ed9f611427566bb4e5c1e70f147170b8fac54fd19d001a68c8d182d86c7f8e412d7f56d9e7fe81d737ca5bd5d495a399fea68b372cd52e131130966944a262aa0ff52e997f5b7314b8c48439ffad6705946e4cb295493157e50287ee0e5d178ea8d1b9aa86aa01c73b4517fcb0695901162967b87eeeb216af0bc5ff8e3140e473e698bfc1e70155a5cc893c43fecf9d61ae545bb4effc10e944f515ae0473f0f927abafb0ff1e78e6222bda21ac9a7c4628c1e7f7cbf9b1410ad4af953eecb7de247203398e116dd1ce63d6ba3ad9f549f485662a7fa0b31a9d6d8063db4691b8d22f016bb0840fde41a3213087f6298063ae453c5544c897e847dce23a0b5f50d82cd57b07fbc07cb1ecf75d2d67d58e72b33c9c7a0b9a12746dc534392708a1906ec78efaf79d3c0b64ec6ec2bc02955268c5e9ec21c995e2f6dec4f24b8077dcb1694e7ae5d1ab767b6fd19fb2e689f324e4cc850c161efa6e25610439f7b9805dd8b754db3511675e9186bd65f3e504f95068689e818af6cd2b4906a681448c802c2a3e72a8aa0bae287e97a4e315a30c593cad43fa508"}) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='freezer.self_freezing\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r4}, 0x10) stat(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2) r5 = getpgid(0xffffffffffffffff) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(r5, 0x1, &(0x7f0000000040)=0x7) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) shutdown(0xffffffffffffffff, 0x2) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0xfc, 0x0, 0x67b}]}, 0x10) bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) futex(0x0, 0xc, 0x3, 0x0, &(0x7f0000000140), 0xfffffffe) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000000)={'veth0_to_bond\x00', &(0x7f0000000140)=@ethtool_cmd={0x17, 0x2cf318ad}}) setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f00000002c0)={0x81, 0x9, 0x0, 0x80, 0x69, 0x4, 0xc, 0x3, 0x34, 0x9, 0xad, 0x2, 0x9, 0x7}, 0xe) 1.447927968s ago: executing program 2 (id=2015): syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000240), 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) read(r0, &(0x7f0000000140)=""/237, 0xed) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, 0x0) close(r0) write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15) syz_io_uring_setup(0x6c1f, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x2ea}, &(0x7f00000002c0)=0x0, &(0x7f00000000c0)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x0, &(0x7f0000000080), 0x200000, 0x4) mount$9p_fd(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)=ANY=[]) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000004000000010000000000000000000f020000001ba4009fe55db867395f2e00"], &(0x7f0000000300)=""/2, 0x38, 0x2, 0x1, 0x0, 0x0, @void, @value}, 0x20) 635.601424ms ago: executing program 1 (id=2016): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) ptrace$ARCH_MAP_VDSO_64(0x1e, 0x0, 0x0, 0x2003) ptrace$getregs(0xffffffffffffffff, 0x0, 0x6, &(0x7f0000000700)=""/49) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ip_vti0\x00', 0x0}) r2 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$sock_int(r2, 0x1, 0x29, 0x0, 0x0) sendmsg$can_raw(r2, &(0x7f0000000300)={&(0x7f0000000800)={0x1d, r1}, 0x10, &(0x7f0000000880)={&(0x7f0000000400)=@canfd={{0x2, 0x1, 0x0, 0x1}, 0x3, 0x3, 0x0, 0x0, "c15f4f3a2093960092f3c0f010e65ba31f556eed36544c453aa59d7f01f7e55065a6e6aaad1a5633428e768879e28b916900"}, 0x6}}, 0x0) mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000) r3 = syz_open_dev$swradio(&(0x7f00000046c0), 0x1, 0x2) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000100)={0x200001, 0x0, 0xffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4) bpf$PROG_LOAD(0x5, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x291962b, 0x0, 0x0) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) syz_emit_vhci(0x0, 0x7) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x0) munlock(&(0x7f0000ff0000/0xd000)=nil, 0xd000) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRESDEC=r4, @ANYRES32=0x0, @ANYBLOB="00000000000000000100000000f6ff00000024080000000000000000000029a0b213fa8d111032a753fb4b8d4b6a9756ca919d29c2d576185d1955fe53fc903b05261aed9fc1d1a0260e544f4d6ebc7d97d5ee3f472a5e1f12fc91283d15"], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000", @ANYRES32, @ANYBLOB], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10) 365.630388ms ago: executing program 0 (id=2017): r0 = openat$smackfs_cipsonum(0xffffffffffffff9c, &(0x7f0000000180)='/sys/fs/smackfs/mapped\x00', 0x2, 0x0) r1 = dup2(r0, r0) r2 = socket$inet_dccp(0x2, 0x6, 0x0) r3 = shmget(0x3, 0x4000, 0x8, &(0x7f0000ff9000/0x4000)=nil) shmat(r3, &(0x7f0000ff9000/0x4000)=nil, 0x7000) getsockopt$inet_int(r2, 0x10d, 0xe3, &(0x7f0000000040), &(0x7f0000000080)=0x4) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f000000e380)={0x0, 0x18, 0xfa00, {0x1, 0x0, 0x13f, 0x4}}, 0x20) 319.900578ms ago: executing program 2 (id=2018): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000002340)={'xfrm0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) r4 = dup3(0xffffffffffffffff, r2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r8 = socket$inet_tcp(0x2, 0x1, 0x0) listen(r7, 0x8000) getsockopt$inet_tcp_buf(r8, 0x6, 0x23, &(0x7f00000000c0)=""/40, &(0x7f0000000140)=0x28) ioctl$VIDIOC_G_EXT_CTRLS(r3, 0xc0205647, &(0x7f0000000180)={0x9a0000, 0x8, 0x6, r4, 0x0, &(0x7f0000000140)={0x990906, 0xffff, '\x00', @value64=0x9dc5}}) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="2000000010000110000100000475000000000000", @ANYRES32=r1, @ANYBLOB="da"], 0x20}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="2000000010000104005540000000000000480000", @ANYRES32=r1, @ANYBLOB='\v'], 0x20}}, 0x0) 0s ago: executing program 0 (id=2019): capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)) r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) pipe2$watch_queue(&(0x7f0000000200)={0xffffffffffffffff}, 0x80) r2 = add_key$keyring(&(0x7f0000000380), &(0x7f00000003c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_WATCH_KEY(0x20, r2, r1, 0x0) r3 = add_key$user(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, &(0x7f0000000240)="a3", 0x1, r2) r4 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001200)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x79, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r5, 0x0, 0x0) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000280)={0x1}, 0x10) sendmsg$nl_generic(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x14, 0x12, 0xa01}, 0x14}}, 0x0) syz_usb_control_io$hid(r5, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x7, {[@main=@item_012={0x1, 0x0, 0x0, "fd"}, @local=@item_4={0x3, 0x2, 0x0, "b7e31a19"}]}}, 0x0}, 0x0) keyctl$KEYCTL_MOVE(0x1e, r3, r2, r4, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000580)=ANY=[@ANYBLOB="000000000000000019"]) kernel console output (not intermixed with test programs): hsr_slave_1: entered promiscuous mode [ 1086.128663][T13186] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1086.147127][T13186] Cannot create hsr debugfs directory [ 1086.161157][ T5642] bridge_slave_1: left allmulticast mode [ 1086.182666][ T5642] bridge_slave_1: left promiscuous mode [ 1086.211881][ T5642] bridge0: port 2(bridge_slave_1) entered disabled state [ 1086.270016][ T5642] bridge_slave_0: left allmulticast mode [ 1086.287428][ T5642] bridge_slave_0: left promiscuous mode [ 1086.320059][ T5642] bridge0: port 1(bridge_slave_0) entered disabled state [ 1086.684983][T13397] FAULT_INJECTION: forcing a failure. [ 1086.684983][T13397] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1086.727903][T13397] CPU: 1 UID: 0 PID: 13397 Comm: syz.2.1619 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1086.738419][T13397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1086.748567][T13397] Call Trace: [ 1086.751865][T13397] [ 1086.754832][T13397] dump_stack_lvl+0x241/0x360 [ 1086.759557][T13397] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1086.764783][T13397] ? __pfx__printk+0x10/0x10 [ 1086.769439][T13397] ? __pfx_lock_release+0x10/0x10 [ 1086.774529][T13397] should_fail_ex+0x3b0/0x4e0 [ 1086.779234][T13397] _copy_from_iter+0x1ed/0x1d60 [ 1086.784145][T13397] ? __virt_addr_valid+0x183/0x530 [ 1086.789285][T13397] ? __pfx_lock_release+0x10/0x10 [ 1086.794348][T13397] ? alloc_pages_mpol_noprof+0x417/0x680 [ 1086.800047][T13397] ? __sk_mem_raise_allocated+0xa5f/0x1140 [ 1086.805896][T13397] ? __pfx__copy_from_iter+0x10/0x10 [ 1086.811292][T13397] ? __virt_addr_valid+0x183/0x530 [ 1086.816426][T13397] ? __virt_addr_valid+0x183/0x530 [ 1086.821557][T13397] ? __virt_addr_valid+0x45f/0x530 [ 1086.826695][T13397] ? __check_object_size+0x49c/0x900 [ 1086.832098][T13397] mptcp_sendmsg+0xd31/0x1b10 [ 1086.836829][T13397] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 1086.841965][T13397] ? sock_rps_record_flow+0x1a/0x400 [ 1086.847277][T13397] ? inet_sendmsg+0x330/0x390 [ 1086.852005][T13397] __sock_sendmsg+0x1a6/0x270 [ 1086.856735][T13397] ____sys_sendmsg+0x52a/0x7e0 [ 1086.861532][T13397] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1086.866867][T13397] __sys_sendmmsg+0x3ac/0x730 [ 1086.871698][T13397] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1086.877138][T13397] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 1086.883060][T13397] ? ksys_write+0x23e/0x2c0 [ 1086.887589][T13397] ? __pfx_lock_release+0x10/0x10 [ 1086.892672][T13397] ? vfs_write+0x7bf/0xc90 [ 1086.897249][T13397] ? __mutex_unlock_slowpath+0x21d/0x750 [ 1086.902947][T13397] ? __pfx_vfs_write+0x10/0x10 [ 1086.907765][T13397] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1086.913784][T13397] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1086.920140][T13397] ? do_syscall_64+0x100/0x230 [ 1086.924933][T13397] __x64_sys_sendmmsg+0xa0/0xb0 [ 1086.929810][T13397] do_syscall_64+0xf3/0x230 [ 1086.934338][T13397] ? clear_bhb_loop+0x35/0x90 [ 1086.939043][T13397] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1086.944969][T13397] RIP: 0033:0x7f45bff7def9 [ 1086.949406][T13397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1086.969035][T13397] RSP: 002b:00007f45c0d55038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1086.977751][T13397] RAX: ffffffffffffffda RBX: 00007f45c0136058 RCX: 00007f45bff7def9 [ 1086.985762][T13397] RDX: 0000000000000001 RSI: 0000000020001200 RDI: 0000000000000005 [ 1086.993755][T13397] RBP: 00007f45c0d55090 R08: 0000000000000000 R09: 0000000000000000 [ 1087.001851][T13397] R10: 0000000000004806 R11: 0000000000000246 R12: 0000000000000001 [ 1087.009926][T13397] R13: 0000000000000001 R14: 00007f45c0136058 R15: 00007ffe8a8bff98 [ 1087.017942][T13397] [ 1087.875751][T13418] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1088.282666][ T5642] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1088.412132][ T5642] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1088.466499][ T5642] bond0 (unregistering): Released all slaves [ 1088.522426][ T5642] bond1 (unregistering): Released all slaves [ 1092.334861][T12938] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1092.444296][ T5642] hsr_slave_0: left promiscuous mode [ 1092.531266][ T5642] hsr_slave_1: left promiscuous mode [ 1092.598527][ T5642] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1092.606043][ T5642] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1092.763303][ T5642] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1092.825983][ T5642] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1093.007305][ T5642] veth1_macvtap: left promiscuous mode [ 1093.032198][ T5642] veth0_macvtap: left promiscuous mode [ 1093.208289][ T5642] veth1_vlan: left promiscuous mode [ 1093.215587][ T5642] veth0_vlan: left promiscuous mode [ 1093.264141][T13479] FAULT_INJECTION: forcing a failure. [ 1093.264141][T13479] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1093.341484][T13479] CPU: 0 UID: 0 PID: 13479 Comm: syz.4.1636 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1093.352166][T13479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1093.362293][T13479] Call Trace: [ 1093.365620][T13479] [ 1093.368608][T13479] dump_stack_lvl+0x241/0x360 [ 1093.373349][T13479] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1093.378605][T13479] ? __pfx__printk+0x10/0x10 [ 1093.383250][T13479] ? __pfx_lock_release+0x10/0x10 [ 1093.388334][T13479] ? kasan_save_free_info+0x40/0x50 [ 1093.393604][T13479] ? __kasan_slab_free+0x37/0x60 [ 1093.398602][T13479] ? tomoyo_path_number_perm+0x68d/0x880 [ 1093.404384][T13479] ? __se_sys_ioctl+0x47/0x170 [ 1093.409213][T13479] should_fail_ex+0x3b0/0x4e0 [ 1093.413953][T13479] _copy_from_user+0x2f/0xe0 [ 1093.418608][T13479] vmci_host_unlocked_ioctl+0x683/0x3560 [ 1093.424385][T13479] ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10 [ 1093.430517][T13479] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1093.436907][T13479] ? tomoyo_path_number_perm+0x208/0x880 [ 1093.442605][T13479] ? __pfx_lock_release+0x10/0x10 [ 1093.447727][T13479] ? tomoyo_path_number_perm+0x71a/0x880 [ 1093.453866][T13479] ? tomoyo_path_number_perm+0x208/0x880 [ 1093.459565][T13479] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1093.465641][T13479] ? __asan_memset+0x23/0x50 [ 1093.470286][T13479] ? smack_file_ioctl+0x29e/0x3a0 [ 1093.475393][T13479] ? __pfx_smack_file_ioctl+0x10/0x10 [ 1093.480839][T13479] ? __fget_files+0x3f3/0x470 [ 1093.485582][T13479] ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10 [ 1093.491801][T13479] __se_sys_ioctl+0xf9/0x170 [ 1093.496462][T13479] do_syscall_64+0xf3/0x230 [ 1093.501015][T13479] ? clear_bhb_loop+0x35/0x90 [ 1093.505779][T13479] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1093.511744][T13479] RIP: 0033:0x7f6fabf7def9 [ 1093.516243][T13479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1093.535901][T13479] RSP: 002b:00007f6facd5d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1093.544372][T13479] RAX: ffffffffffffffda RBX: 00007f6fac135f80 RCX: 00007f6fabf7def9 [ 1093.552435][T13479] RDX: 0000000020000640 RSI: 00000000000007b1 RDI: 0000000000000003 [ 1093.560893][T13479] RBP: 00007f6facd5d090 R08: 0000000000000000 R09: 0000000000000000 [ 1093.568995][T13479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1093.577021][T13479] R13: 0000000000000000 R14: 00007f6fac135f80 R15: 00007fff693eae68 [ 1093.585070][T13479] [ 1093.647365][ T9655] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1093.710955][ T9655] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1093.727946][ T9655] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1093.748697][ T9655] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1093.757329][ T9655] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1093.765057][ T9655] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1093.839961][T13491] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1093.847018][T13491] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1097.805022][ T9655] Bluetooth: hci0: command tx timeout [ 1099.176145][ T5642] team0 (unregistering): Port device team_slave_1 removed [ 1099.260360][ T5642] team0 (unregistering): Port device team_slave_0 removed [ 1099.905774][ T9655] Bluetooth: hci0: command tx timeout [ 1100.287988][ T46] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 1100.506377][ T46] usb 3-1: Using ep0 maxpacket: 16 [ 1100.516346][ T46] usb 3-1: config 7 has an invalid interface number: 247 but max is 0 [ 1100.530475][ T46] usb 3-1: config 7 has no interface number 0 [ 1100.538377][ T46] usb 3-1: config 7 interface 247 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 1100.560674][ T46] usb 3-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=6c.22 [ 1100.618221][ T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1100.658627][ T46] usb 3-1: Product: syz [ 1100.662863][ T46] usb 3-1: Manufacturer: syz [ 1100.667496][ T46] usb 3-1: SerialNumber: syz [ 1100.782287][ T46] ni6501 3-1:7.247: driver 'ni6501' failed to auto-configure device. [ 1103.780930][ T9655] Bluetooth: hci0: command tx timeout [ 1104.069702][ T46] usb 3-1: USB disconnect, device number 26 [ 1104.427913][T13540] hub 6-0:1.0: USB hub found [ 1104.448053][ T8] usb 1-1: new high-speed USB device number 49 using dummy_hcd [ 1104.450551][T13540] hub 6-0:1.0: 1 port detected [ 1106.724201][ T9655] Bluetooth: hci0: command tx timeout [ 1106.731453][ T8] usb 1-1: device descriptor read/64, error -71 [ 1107.038068][ T8] usb 1-1: new high-speed USB device number 50 using dummy_hcd [ 1107.258869][T13557] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1107.265825][T13557] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1107.361119][ T8] usb 1-1: device descriptor read/64, error -71 [ 1107.549563][ T8] usb usb1-port1: attempt power cycle [ 1108.191236][ T29] kauditd_printk_skb: 52 callbacks suppressed [ 1108.191259][ T29] audit: type=1326 audit(1726569963.079:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13568 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341a17def9 code=0x7ffc0000 [ 1108.237345][T13484] chnl_net:caif_netlink_parms(): no params data found [ 1108.261311][ T29] audit: type=1326 audit(1726569963.109:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13568 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f341a17def9 code=0x7ffc0000 [ 1108.325790][ T29] audit: type=1326 audit(1726569963.109:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13568 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341a17def9 code=0x7ffc0000 [ 1108.354439][ T29] audit: type=1326 audit(1726569963.109:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13568 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7f341a17def9 code=0x7ffc0000 [ 1108.387058][ T29] audit: type=1326 audit(1726569963.109:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13568 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341a17def9 code=0x7ffc0000 [ 1108.423991][ T29] audit: type=1326 audit(1726569963.109:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13568 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341a17def9 code=0x7ffc0000 [ 1108.448304][ T29] audit: type=1326 audit(1726569963.109:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13568 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f341a17def9 code=0x7ffc0000 [ 1108.490018][ T29] audit: type=1326 audit(1726569963.109:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13568 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341a17def9 code=0x7ffc0000 [ 1108.513320][ T29] audit: type=1326 audit(1726569963.109:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13568 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f341a17def9 code=0x7ffc0000 [ 1108.545576][ T29] audit: type=1326 audit(1726569963.109:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13568 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341a17def9 code=0x7ffc0000 [ 1108.669465][T13186] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1108.683826][T13186] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1108.808004][ T8] usb 1-1: new high-speed USB device number 51 using dummy_hcd [ 1108.840796][ T8] usb 1-1: Using ep0 maxpacket: 16 [ 1108.851350][ T8] usb 1-1: config 7 has an invalid interface number: 247 but max is 0 [ 1108.868380][ T8] usb 1-1: config 7 has no interface number 0 [ 1108.882126][ T8] usb 1-1: config 7 interface 247 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 1108.923964][ T8] usb 1-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=6c.22 [ 1108.945335][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1108.966295][ T8] usb 1-1: Product: syz [ 1108.970874][ T8] usb 1-1: Manufacturer: syz [ 1108.979600][ T8] usb 1-1: SerialNumber: syz [ 1108.999919][T13186] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1109.247680][ T8] ni6501 1-1:7.247: driver 'ni6501' failed to auto-configure device. [ 1111.308071][T13186] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1111.446331][ T8] usb 1-1: USB disconnect, device number 51 [ 1111.607394][T13484] bridge0: port 1(bridge_slave_0) entered blocking state [ 1111.621815][T13484] bridge0: port 1(bridge_slave_0) entered disabled state [ 1111.645436][T13484] bridge_slave_0: entered allmulticast mode [ 1111.666991][T13484] bridge_slave_0: entered promiscuous mode [ 1111.709476][T13484] bridge0: port 2(bridge_slave_1) entered blocking state [ 1111.716686][T13484] bridge0: port 2(bridge_slave_1) entered disabled state [ 1111.742826][T13484] bridge_slave_1: entered allmulticast mode [ 1111.751176][T13484] bridge_slave_1: entered promiscuous mode [ 1111.872815][T13484] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1111.936054][T13484] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1111.948424][ T8] usb 1-1: new high-speed USB device number 52 using dummy_hcd [ 1112.187580][ T8] usb 1-1: config 0 has too many interfaces: 36, using maximum allowed: 32 [ 1112.196600][ T8] usb 1-1: config 0 has an invalid interface number: 82 but max is 35 [ 1112.214373][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 36 [ 1112.226518][ T8] usb 1-1: config 0 has no interface number 0 [ 1112.421352][ T8] usb 1-1: New USB device found, idVendor=08ca, idProduct=0104, bcdDevice=32.8f [ 1112.443067][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1112.482979][ T8] usb 1-1: config 0 descriptor?? [ 1112.532059][ T8] gspca_main: sunplus-2.14.0 probing 08ca:0104 [ 1112.551317][T13484] team0: Port device team_slave_0 added [ 1112.645719][T13484] team0: Port device team_slave_1 added [ 1112.764272][ T5642] bridge_slave_1: left allmulticast mode [ 1112.788450][ T5642] bridge_slave_1: left promiscuous mode [ 1112.801914][ T5642] bridge0: port 2(bridge_slave_1) entered disabled state [ 1112.822684][ T5642] bridge_slave_0: left allmulticast mode [ 1112.839431][ T5642] bridge_slave_0: left promiscuous mode [ 1112.856161][ T5642] bridge0: port 1(bridge_slave_0) entered disabled state [ 1112.925252][ T8] gspca_sunplus: reg_r err -71 [ 1112.958708][ T8] sunplus 1-1:0.82: probe with driver sunplus failed with error -71 [ 1112.993356][ T8] usb 1-1: USB disconnect, device number 52 [ 1113.356612][ T9655] Bluetooth: hci4: unexpected event for opcode 0x1003 [ 1114.429230][ T9228] usb 1-1: new high-speed USB device number 53 using dummy_hcd [ 1114.493422][ T5642] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1114.505776][ T5642] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1114.517059][ T5642] bond0 (unregistering): Released all slaves [ 1114.537233][T13484] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1114.547435][T13484] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1114.574537][T13484] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1114.587000][T13634] netlink: 288 bytes leftover after parsing attributes in process `syz.2.1668'. [ 1114.635292][T13484] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1114.648035][ T9228] usb 1-1: Using ep0 maxpacket: 16 [ 1114.688264][ T9228] usb 1-1: config 7 has an invalid interface number: 247 but max is 0 [ 1114.696803][T13484] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1114.727500][ T9228] usb 1-1: config 7 has no interface number 0 [ 1114.735719][ T9228] usb 1-1: config 7 interface 247 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 1114.756429][ T9228] usb 1-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=6c.22 [ 1114.767139][T13484] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1114.787865][ T9228] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1114.795928][ T9228] usb 1-1: Product: syz [ 1114.817925][ T9228] usb 1-1: Manufacturer: syz [ 1114.822598][ T9228] usb 1-1: SerialNumber: syz [ 1114.893728][ T9228] ni6501 1-1:7.247: driver 'ni6501' failed to auto-configure device. [ 1115.232388][ T5642] hsr_slave_0: left promiscuous mode [ 1115.282805][ T9228] usb 1-1: USB disconnect, device number 53 [ 1116.033494][ T5642] hsr_slave_1: left promiscuous mode [ 1116.298421][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.305892][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 1116.385366][ T5642] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1116.396024][ T5642] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1116.450369][T13669] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1674'. [ 1116.479793][T13669] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1674'. [ 1117.413432][ T9655] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 1117.423184][ T9655] Bluetooth: hci4: Injecting HCI hardware error event [ 1117.434423][ T5224] Bluetooth: hci4: hardware error 0x00 [ 1117.748111][ T5642] team0 (unregistering): Port device team_slave_1 removed [ 1117.900688][ T5642] team0 (unregistering): Port device team_slave_0 removed [ 1119.298080][ T46] usb 5-1: new full-speed USB device number 31 using dummy_hcd [ 1119.410199][ T4610] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1119.423157][ T4610] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1119.433013][ T4610] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1119.449239][ T4610] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1119.459036][ T4610] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1119.466611][ T4610] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1119.495120][ T46] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86 [ 1119.537396][ T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 10 [ 1119.558924][ T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0 [ 1119.567929][ T5224] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1119.615344][ T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 14129, setting to 64 [ 1119.636958][T13695] netlink: 168 bytes leftover after parsing attributes in process `syz.4.1679'. [ 1119.677993][ T46] usb 5-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36 [ 1119.835537][ T46] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1119.851740][ T46] usb 5-1: Product: syz [ 1119.855992][ T46] usb 5-1: Manufacturer: syz [ 1119.878075][ T46] usb 5-1: SerialNumber: syz [ 1119.893055][ T46] usb 5-1: config 0 descriptor?? [ 1119.895629][T13484] hsr_slave_0: entered promiscuous mode [ 1120.006217][T13484] hsr_slave_1: entered promiscuous mode [ 1120.213025][T13484] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1120.223724][T13484] Cannot create hsr debugfs directory [ 1121.519465][ T8] usb 5-1: USB disconnect, device number 31 [ 1121.558069][ T5224] Bluetooth: hci1: command tx timeout [ 1121.998039][T13726] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 1123.825005][ T5224] Bluetooth: hci1: command tx timeout [ 1125.878602][ T5224] Bluetooth: hci1: command tx timeout [ 1126.002982][T13704] chnl_net:caif_netlink_parms(): no params data found [ 1127.474738][ T29] kauditd_printk_skb: 45 callbacks suppressed [ 1127.474761][ T29] audit: type=1326 audit(1726569982.359:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13775 comm="syz.2.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f45bff7def9 code=0x7ffc0000 [ 1127.526866][ T29] audit: type=1326 audit(1726569982.359:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13775 comm="syz.2.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f45bff7def9 code=0x7ffc0000 [ 1127.548507][ C1] vkms_vblank_simulate: vblank timer overrun [ 1127.585188][ T29] audit: type=1326 audit(1726569982.359:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13775 comm="syz.2.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f45bff7def9 code=0x7ffc0000 [ 1127.645013][ T29] audit: type=1326 audit(1726569982.359:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13775 comm="syz.2.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f45bff7def9 code=0x7ffc0000 [ 1127.719484][ T29] audit: type=1326 audit(1726569982.359:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13775 comm="syz.2.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7f45bff7def9 code=0x7ffc0000 [ 1127.806717][T13776] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1691'. [ 1127.828306][ T29] audit: type=1326 audit(1726569982.359:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13775 comm="syz.2.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f45bff7def9 code=0x7ffc0000 [ 1127.884420][ T29] audit: type=1326 audit(1726569982.359:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13775 comm="syz.2.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f45bff7def9 code=0x7ffc0000 [ 1127.958920][ T5224] Bluetooth: hci1: command tx timeout [ 1127.965621][ T29] audit: type=1326 audit(1726569982.359:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13775 comm="syz.2.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f45bff7def9 code=0x7ffc0000 [ 1128.027407][T13786] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 1128.150195][ T29] audit: type=1326 audit(1726569982.359:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13775 comm="syz.2.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f45bff7def9 code=0x7ffc0000 [ 1128.982974][ T29] audit: type=1326 audit(1726569982.359:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13775 comm="syz.2.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f45bff7def9 code=0x7ffc0000 [ 1130.026450][T13704] bridge0: port 1(bridge_slave_0) entered blocking state [ 1130.066289][T13704] bridge0: port 1(bridge_slave_0) entered disabled state [ 1130.111008][T13704] bridge_slave_0: entered allmulticast mode [ 1130.154049][T13704] bridge_slave_0: entered promiscuous mode [ 1130.213948][T13704] bridge0: port 2(bridge_slave_1) entered blocking state [ 1130.431902][T13704] bridge0: port 2(bridge_slave_1) entered disabled state [ 1130.461819][T13704] bridge_slave_1: entered allmulticast mode [ 1130.588169][ T9228] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 1130.723319][T13704] bridge_slave_1: entered promiscuous mode [ 1130.918584][ T9228] usb 5-1: Using ep0 maxpacket: 16 [ 1131.069437][ T9228] usb 5-1: config 7 has an invalid interface number: 247 but max is 0 [ 1131.280887][ T9228] usb 5-1: config 7 has no interface number 0 [ 1131.287084][ T9228] usb 5-1: config 7 interface 247 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 1131.341665][ T9228] usb 5-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=6c.22 [ 1131.351696][ T9228] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1131.366504][ T9228] usb 5-1: Product: syz [ 1131.398950][ T9228] usb 5-1: Manufacturer: syz [ 1131.403643][ T9228] usb 5-1: SerialNumber: syz [ 1131.500424][T13704] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1131.556174][ T9228] ni6501 5-1:7.247: driver 'ni6501' failed to auto-configure device. [ 1131.636784][T13815] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 1131.657104][ T46] usb 5-1: USB disconnect, device number 32 [ 1131.770416][T13704] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1132.070296][T13704] team0: Port device team_slave_0 added [ 1132.172122][T13704] team0: Port device team_slave_1 added [ 1132.296565][ T5642] bridge_slave_1: left allmulticast mode [ 1132.310203][ T5642] bridge_slave_1: left promiscuous mode [ 1132.348837][ T5642] bridge0: port 2(bridge_slave_1) entered disabled state [ 1132.426860][ T5642] bridge_slave_0: left allmulticast mode [ 1132.448042][ T5642] bridge_slave_0: left promiscuous mode [ 1132.453895][ T5642] bridge0: port 1(bridge_slave_0) entered disabled state [ 1132.654973][T13835] ntfs3: Bad value for 'gid' [ 1132.659961][T13835] ntfs3: Bad value for 'gid' [ 1134.618639][ T5642] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1134.848940][ T5642] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1134.980410][ T5642] bond0 (unregistering): Released all slaves [ 1135.068381][T13704] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1135.080147][T13704] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1135.208113][T13704] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1135.253712][T13484] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1135.404207][ T5642] hsr_slave_0: left promiscuous mode [ 1135.431237][ T5642] hsr_slave_1: left promiscuous mode [ 1135.451721][ T5642] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1135.476471][ T5642] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1135.966703][T13872] 9pnet_fd: Insufficient options for proto=fd [ 1135.974931][T13872] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 1136.618285][ T9228] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 1136.972728][ T9228] usb 5-1: Using ep0 maxpacket: 16 [ 1136.997514][ T9228] usb 5-1: config 7 has an invalid interface number: 247 but max is 0 [ 1137.006447][ T9228] usb 5-1: config 7 has no interface number 0 [ 1137.015929][ T9228] usb 5-1: config 7 interface 247 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 1137.680329][ T5642] team0 (unregistering): Port device team_slave_1 removed [ 1137.837460][ T5642] team0 (unregistering): Port device team_slave_0 removed [ 1138.108700][ T9228] usb 5-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=6c.22 [ 1138.118598][ T9228] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1138.126651][ T9228] usb 5-1: Product: syz [ 1138.155153][ T9228] usb 5-1: Manufacturer: syz [ 1138.160019][ T9228] usb 5-1: SerialNumber: syz [ 1138.208163][ T9228] ni6501 5-1:7.247: driver 'ni6501' failed to auto-configure device. [ 1138.389264][ T8] usb 5-1: USB disconnect, device number 33 [ 1138.647396][T13704] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1138.655311][T13704] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1138.721816][T13704] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1138.751174][T13484] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1138.780028][T13484] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1138.840091][T13484] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1139.049659][T13893] FAULT_INJECTION: forcing a failure. [ 1139.049659][T13893] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1139.094352][T13893] CPU: 1 UID: 0 PID: 13893 Comm: syz.0.1717 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1139.104843][T13893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1139.114918][T13893] Call Trace: [ 1139.118204][T13893] [ 1139.121157][T13893] dump_stack_lvl+0x241/0x360 [ 1139.125936][T13893] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1139.131198][T13893] ? __pfx__printk+0x10/0x10 [ 1139.135821][T13893] ? __pfx_lock_release+0x10/0x10 [ 1139.140875][T13893] ? __lock_acquire+0x137a/0x2040 [ 1139.146066][T13893] should_fail_ex+0x3b0/0x4e0 [ 1139.150784][T13893] _copy_from_user+0x2f/0xe0 [ 1139.155480][T13893] gsmld_ioctl+0x507/0x25b0 [ 1139.160052][T13893] ? __pfx_lock_acquire+0x10/0x10 [ 1139.165183][T13893] ? smack_log+0x123/0x540 [ 1139.169625][T13893] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1139.175628][T13893] ? __pfx_smack_log+0x10/0x10 [ 1139.180412][T13893] ? __pfx_gsmld_ioctl+0x10/0x10 [ 1139.185389][T13893] ? tty_ldisc_ref_wait+0x25/0x70 [ 1139.190452][T13893] ? __pfx_gsmld_ioctl+0x10/0x10 [ 1139.195408][T13893] tty_ioctl+0x998/0xdc0 [ 1139.199714][T13893] ? __pfx_tty_ioctl+0x10/0x10 [ 1139.204521][T13893] __se_sys_ioctl+0xf9/0x170 [ 1139.209150][T13893] do_syscall_64+0xf3/0x230 [ 1139.213695][T13893] ? clear_bhb_loop+0x35/0x90 [ 1139.218416][T13893] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1139.224451][T13893] RIP: 0033:0x7f341a17def9 [ 1139.228899][T13893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1139.248648][T13893] RSP: 002b:00007f341af80038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1139.257097][T13893] RAX: ffffffffffffffda RBX: 00007f341a335f80 RCX: 00007f341a17def9 [ 1139.265091][T13893] RDX: 0000000020000000 RSI: 00000000404c4701 RDI: 0000000000000003 [ 1139.273103][T13893] RBP: 00007f341af80090 R08: 0000000000000000 R09: 0000000000000000 [ 1139.281086][T13893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1139.289073][T13893] R13: 0000000000000000 R14: 00007f341a335f80 R15: 00007ffd87bc5368 [ 1139.297073][T13893] [ 1139.383070][T13704] hsr_slave_0: entered promiscuous mode [ 1139.468568][T13704] hsr_slave_1: entered promiscuous mode [ 1139.528045][T13704] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1139.535697][T13704] Cannot create hsr debugfs directory [ 1142.705863][T13921] FAULT_INJECTION: forcing a failure. [ 1142.705863][T13921] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1142.766834][T13921] CPU: 0 UID: 0 PID: 13921 Comm: syz.0.1723 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1142.777337][T13921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1142.787434][T13921] Call Trace: [ 1142.790750][T13921] [ 1142.793716][T13921] dump_stack_lvl+0x241/0x360 [ 1142.798449][T13921] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1142.803684][T13921] ? __pfx__printk+0x10/0x10 [ 1142.808326][T13921] ? snprintf+0xda/0x120 [ 1142.812620][T13921] should_fail_ex+0x3b0/0x4e0 [ 1142.817342][T13921] _copy_to_user+0x2f/0xb0 [ 1142.821807][T13921] simple_read_from_buffer+0xca/0x150 [ 1142.827251][T13921] proc_fail_nth_read+0x1e9/0x250 [ 1142.832344][T13921] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1142.837991][T13921] ? rw_verify_area+0x568/0x6f0 [ 1142.842904][T13921] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1142.848517][T13921] vfs_read+0x201/0xbc0 [ 1142.852730][T13921] ? __pfx_lock_release+0x10/0x10 [ 1142.857816][T13921] ? __pfx_vfs_read+0x10/0x10 [ 1142.862563][T13921] ? __fget_files+0x3f3/0x470 [ 1142.867305][T13921] ? __fdget_pos+0x24e/0x320 [ 1142.871952][T13921] ksys_read+0x1a0/0x2c0 [ 1142.876261][T13921] ? __pfx_ksys_read+0x10/0x10 [ 1142.881087][T13921] ? do_syscall_64+0x100/0x230 [ 1142.885909][T13921] ? do_syscall_64+0xb6/0x230 [ 1142.890675][T13921] do_syscall_64+0xf3/0x230 [ 1142.895315][T13921] ? clear_bhb_loop+0x35/0x90 [ 1142.900042][T13921] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1142.906090][T13921] RIP: 0033:0x7f341a17c93c [ 1142.910552][T13921] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 1142.930212][T13921] RSP: 002b:00007f341af80030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1142.938743][T13921] RAX: ffffffffffffffda RBX: 00007f341a335f80 RCX: 00007f341a17c93c [ 1142.946854][T13921] RDX: 000000000000000f RSI: 00007f341af800a0 RDI: 0000000000000004 [ 1142.954877][T13921] RBP: 00007f341af80090 R08: 0000000000000000 R09: 0000000000000000 [ 1142.962900][T13921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1142.970920][T13921] R13: 0000000000000000 R14: 00007f341a335f80 R15: 00007ffd87bc5368 [ 1142.978961][T13921] [ 1143.788071][ T9228] usb 1-1: new high-speed USB device number 54 using dummy_hcd [ 1143.984399][T13484] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1144.036268][ T9228] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1144.062350][T13484] 8021q: adding VLAN 0 to HW filter on device team0 [ 1144.075097][ T9228] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1144.106467][ T9228] usb 1-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 1144.126757][ T9228] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1144.149127][ T9228] usb 1-1: config 0 descriptor?? [ 1144.249090][ T9270] bridge0: port 1(bridge_slave_0) entered blocking state [ 1144.256401][ T9270] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1144.555492][ T5642] bridge0: port 2(bridge_slave_1) entered blocking state [ 1144.562834][ T5642] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1144.788638][T13930] FAULT_INJECTION: forcing a failure. [ 1144.788638][T13930] name failslab, interval 1, probability 0, space 0, times 0 [ 1144.884639][T13930] CPU: 0 UID: 0 PID: 13930 Comm: syz.0.1724 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1144.895134][T13930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1144.905249][T13930] Call Trace: [ 1144.908648][T13930] [ 1144.911621][T13930] dump_stack_lvl+0x241/0x360 [ 1144.916348][T13930] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1144.921589][T13930] ? __pfx__printk+0x10/0x10 [ 1144.926226][T13930] ? ___ratelimit+0xc5/0x670 [ 1144.930856][T13930] should_fail_ex+0x3b0/0x4e0 [ 1144.935574][T13930] ? alloc_empty_file+0x9e/0x1d0 [ 1144.940552][T13930] should_failslab+0xac/0x100 [ 1144.945270][T13930] ? alloc_empty_file+0x9e/0x1d0 [ 1144.950249][T13930] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 1144.955751][T13930] alloc_empty_file+0x9e/0x1d0 [ 1144.960561][T13930] path_openat+0x107/0x3590 [ 1144.965117][T13930] ? __pfx_stack_trace_save+0x10/0x10 [ 1144.970527][T13930] ? __pfx___schedule+0x10/0x10 [ 1144.975424][T13930] ? mark_lock+0x9a/0x350 [ 1144.979803][T13930] ? __lock_acquire+0x137a/0x2040 [ 1144.984894][T13930] ? __pfx_path_openat+0x10/0x10 [ 1144.989897][T13930] do_filp_open+0x235/0x490 [ 1144.994446][T13930] ? __pfx_do_filp_open+0x10/0x10 [ 1144.999626][T13930] ? _raw_spin_unlock+0x28/0x50 [ 1145.004519][T13930] ? alloc_fd+0x5a1/0x640 [ 1145.008889][T13930] do_sys_openat2+0x13e/0x1d0 [ 1145.013692][T13930] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1145.019718][T13930] ? __pfx_do_sys_openat2+0x10/0x10 [ 1145.024970][T13930] __x64_sys_openat+0x247/0x2a0 [ 1145.029864][T13930] ? __pfx___x64_sys_openat+0x10/0x10 [ 1145.035280][T13930] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1145.041691][T13930] ? do_syscall_64+0xb6/0x230 [ 1145.046408][T13930] do_syscall_64+0xf3/0x230 [ 1145.050951][T13930] ? clear_bhb_loop+0x35/0x90 [ 1145.055663][T13930] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1145.061606][T13930] RIP: 0033:0x7f341a17c890 [ 1145.066053][T13930] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44 [ 1145.085732][T13930] RSP: 002b:00007f341af7fb70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1145.094189][T13930] RAX: ffffffffffffffda RBX: 0000000000004180 RCX: 00007f341a17c890 [ 1145.102214][T13930] RDX: 0000000000004180 RSI: 00007f341af7fc10 RDI: 00000000ffffff9c [ 1145.110244][T13930] RBP: 00007f341af7fc10 R08: 0000000000000000 R09: 0023776172646968 [ 1145.118244][T13930] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1145.126243][T13930] R13: 0000000000000000 R14: 00007f341a335f80 R15: 00007ffd87bc5368 [ 1145.134279][T13930] [ 1145.165427][ T9228] hid-steam 0003:28DE:1142.0006: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.0-1/input0 [ 1145.265054][ T9228] hid-steam 0003:28DE:1142.0006: Steam wireless receiver connected [ 1145.338858][ T9228] hid-steam 0003:28DE:1142.0007: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.0-1/input0 [ 1145.373903][ T9228] usb 1-1: USB disconnect, device number 54 [ 1145.475997][ T9228] hid-steam 0003:28DE:1142.0006: Steam wireless receiver disconnected [ 1145.751995][T13704] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1145.809005][T13704] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1145.858734][T13704] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1145.890185][T13704] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1146.176735][T13484] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1146.241940][T13704] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1146.337521][T13704] 8021q: adding VLAN 0 to HW filter on device team0 [ 1146.387209][ T9270] bridge0: port 1(bridge_slave_0) entered blocking state [ 1146.394492][ T9270] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1146.439254][ T8] usb 1-1: new high-speed USB device number 55 using dummy_hcd [ 1146.472911][T13484] veth0_vlan: entered promiscuous mode [ 1146.493238][ T6804] bridge0: port 2(bridge_slave_1) entered blocking state [ 1146.500555][ T6804] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1146.650543][ T8] usb 1-1: Using ep0 maxpacket: 16 [ 1146.660558][ T8] usb 1-1: config 7 has an invalid interface number: 247 but max is 0 [ 1146.676347][T13484] veth1_vlan: entered promiscuous mode [ 1146.678900][ T8] usb 1-1: config 7 has no interface number 0 [ 1146.688887][ T8] usb 1-1: config 7 interface 247 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 1146.703609][ T8] usb 1-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=6c.22 [ 1146.715857][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1146.724408][ T8] usb 1-1: Product: syz [ 1146.729279][ T8] usb 1-1: Manufacturer: syz [ 1146.734307][ T8] usb 1-1: SerialNumber: syz [ 1146.753530][ T8] ni6501 1-1:7.247: driver 'ni6501' failed to auto-configure device. [ 1147.023750][T13484] veth0_macvtap: entered promiscuous mode [ 1147.082589][T13484] veth1_macvtap: entered promiscuous mode [ 1147.103009][ T46] usb 1-1: USB disconnect, device number 55 [ 1147.299372][T13484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1147.337995][T13484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1147.359148][T13484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1147.379349][T13484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1147.393730][T13484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1147.405384][T13484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1147.422944][T13484] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1147.437312][T13987] netlink: 43 bytes leftover after parsing attributes in process `syz.2.1733'. [ 1147.501660][T13484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1147.542090][T13484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1147.561799][T13484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1147.573238][T13484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1147.583570][T13484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1147.594495][T13484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1147.610304][T13484] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1147.626959][T13989] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1733'. [ 1147.692243][T13484] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1147.739980][T13484] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1147.753440][T13484] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1147.779957][T13484] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1147.799175][ T8] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 1147.936592][T13704] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1148.002522][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 1148.058418][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1148.077460][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1148.140897][ T8] usb 3-1: New USB device found, idVendor=05ac, idProduct=026c, bcdDevice= 0.00 [ 1148.176433][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1148.204179][ T8] usb 3-1: config 0 descriptor?? [ 1148.294821][T13704] veth0_vlan: entered promiscuous mode [ 1148.371601][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1148.406263][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1148.629231][T13704] veth1_vlan: entered promiscuous mode [ 1148.672574][ T8] apple 0003:05AC:026C.0008: unknown main item tag 0x0 [ 1148.708380][ T8] apple 0003:05AC:026C.0008: unknown main item tag 0x0 [ 1149.124078][ T6805] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1149.315290][ T6805] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1149.479003][ T8] apple 0003:05AC:026C.0008: hidraw0: USB HID v0.00 Device [HID 05ac:026c] on usb-dummy_hcd.2-1/input0 [ 1149.576694][T13704] veth0_macvtap: entered promiscuous mode [ 1149.616853][T13704] veth1_macvtap: entered promiscuous mode [ 1149.641102][ T8] usb 3-1: USB disconnect, device number 27 [ 1149.721310][T13704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1149.736132][T13704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1149.762603][T13704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1149.785534][T13704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1149.825176][T13704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1149.847680][T13704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1149.857969][T13704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1149.868761][T13704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1149.881987][T13704] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1149.929105][T13704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1149.984720][T13704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1150.034511][T13704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1150.052405][T13704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1150.065260][T13704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1150.080812][T13704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1150.102504][T13704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1150.118091][T13704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1150.161315][T13704] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1150.176117][T14037] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1502'. [ 1150.203278][T13704] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1150.218627][T13704] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1150.229013][T13704] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1150.244882][T13704] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1150.284233][T14037] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1502'. [ 1150.925954][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1150.957317][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1151.018129][ T5301] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 1151.110770][ T6804] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1151.132607][ T6804] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1151.429032][ T5301] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 1151.460753][ T5301] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1151.558996][ T5301] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1151.582558][ T5301] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 1152.677879][ T5301] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 1152.735841][ T5301] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 1152.781215][ T5301] usb 4-1: Manufacturer: syz [ 1152.815385][ T5301] usb 4-1: config 0 descriptor?? [ 1152.959173][T14058] 9pnet: Could not find request transport: fsS fdno=0x0000000000000008 [ 1156.424720][T14090] netlink: 88 bytes leftover after parsing attributes in process `syz.0.1753'. [ 1156.522666][T14095] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1757'. [ 1156.776171][T14095] hsr_slave_1 (unregistering): left promiscuous mode [ 1156.783280][ T8] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 1156.896109][ T5301] usb 4-1: can't set config #0, error -71 [ 1156.939023][ T5301] usb 4-1: USB disconnect, device number 20 [ 1157.011510][ T8] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1157.059546][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1157.109008][ T8] usb 3-1: config 0 descriptor?? [ 1157.133218][ T8] cp210x 3-1:0.0: cp210x converter detected [ 1158.816193][ T8] usb 3-1: cp210x converter now attached to ttyUSB0 [ 1159.853930][ T6804] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 2 [ 1159.899136][ T5280] usb 3-1: USB disconnect, device number 28 [ 1159.951505][ T5280] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1160.011523][ T5280] cp210x 3-1:0.0: device disconnected [ 1160.170330][T14140] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1769'. [ 1160.218789][T14140] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1769'. [ 1166.357336][ T8] kernel read not supported for file /usbmon0 (pid: 8 comm: kworker/0:0) [ 1166.999536][ T8] usb 1-1: new high-speed USB device number 56 using dummy_hcd [ 1167.325344][ T8] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1167.468168][ T8] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 1167.619215][ T8] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1167.748231][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1167.992114][ T8] usb 1-1: config 0 descriptor?? [ 1172.318740][ T8] usb 1-1: USB disconnect, device number 56 [ 1172.778288][ T5272] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 1175.628973][ T941] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 1176.687844][ T941] usb 3-1: Using ep0 maxpacket: 32 [ 1176.739693][ T941] usb 3-1: device descriptor read/all, error -71 [ 1176.791659][T14229] delete_channel: no stack [ 1177.329951][T14256] FAULT_INJECTION: forcing a failure. [ 1177.329951][T14256] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1177.350977][T14256] CPU: 0 UID: 0 PID: 14256 Comm: syz.3.1805 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1177.361570][T14256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1177.371671][T14256] Call Trace: [ 1177.374978][T14256] [ 1177.377944][T14256] dump_stack_lvl+0x241/0x360 [ 1177.382845][T14256] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1177.388085][T14256] ? __pfx__printk+0x10/0x10 [ 1177.392717][T14256] ? __pfx_lock_release+0x10/0x10 [ 1177.397783][T14256] ? vfs_write+0x7bf/0xc90 [ 1177.402246][T14256] should_fail_ex+0x3b0/0x4e0 [ 1177.406973][T14256] _copy_from_user+0x2f/0xe0 [ 1177.411605][T14256] __sys_bpf+0x1a4/0x810 [ 1177.415885][T14256] ? __pfx___sys_bpf+0x10/0x10 [ 1177.420717][T14256] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1177.426757][T14256] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1177.433132][T14256] ? do_syscall_64+0x100/0x230 [ 1177.437979][T14256] __x64_sys_bpf+0x7c/0x90 [ 1177.442456][T14256] do_syscall_64+0xf3/0x230 [ 1177.447036][T14256] ? clear_bhb_loop+0x35/0x90 [ 1177.451845][T14256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1177.457872][T14256] RIP: 0033:0x7f48c037def9 [ 1177.462319][T14256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1177.481969][T14256] RSP: 002b:00007f48c1157038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1177.490427][T14256] RAX: ffffffffffffffda RBX: 00007f48c0535f80 RCX: 00007f48c037def9 [ 1177.498430][T14256] RDX: 0000000000000050 RSI: 0000000020000640 RDI: 0000000000000000 [ 1177.506433][T14256] RBP: 00007f48c1157090 R08: 0000000000000000 R09: 0000000000000000 [ 1177.514433][T14256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1177.522433][T14256] R13: 0000000000000001 R14: 00007f48c0535f80 R15: 00007ffebd7920b8 [ 1177.530461][T14256] [ 1180.138265][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 1180.144747][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 1192.098003][ T8] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 1192.318001][ T8] usb 5-1: Using ep0 maxpacket: 32 [ 1192.332932][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1192.358846][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1192.379584][ T8] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 1192.404215][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1192.436729][ T8] usb 5-1: config 0 descriptor?? [ 1192.567857][ T5301] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 1192.723935][ T9655] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1192.735649][ T9655] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1192.758881][ T9655] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1192.776215][ T9655] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1192.787957][ T9655] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1192.797866][ T5301] usb 3-1: Using ep0 maxpacket: 16 [ 1192.797928][ T9655] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1192.831629][ T5301] usb 3-1: config 7 has an invalid interface number: 247 but max is 0 [ 1192.886189][ T5301] usb 3-1: config 7 has no interface number 0 [ 1192.927844][ T5301] usb 3-1: config 7 interface 247 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 1192.952964][ T8] ft260 0003:0403:6030.0009: unknown main item tag 0x0 [ 1193.026083][ T5301] usb 3-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=6c.22 [ 1193.055860][ T5301] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1193.085561][ T5301] usb 3-1: Product: syz [ 1193.110790][ T5301] usb 3-1: Manufacturer: syz [ 1193.122916][ T8] ft260 0003:0403:6030.0009: chip code: 5e81 abf2 [ 1193.146397][ T5301] usb 3-1: SerialNumber: syz [ 1193.249390][ T5301] ni6501 3-1:7.247: driver 'ni6501' failed to auto-configure device. [ 1193.588340][ T8] usb 3-1: USB disconnect, device number 31 [ 1194.004626][ T52] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1194.313733][T14337] FAULT_INJECTION: forcing a failure. [ 1194.313733][T14337] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1194.327028][T14337] CPU: 1 UID: 0 PID: 14337 Comm: syz.1.1826 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1194.337632][T14337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1194.347730][T14337] Call Trace: [ 1194.351036][T14337] [ 1194.354005][T14337] dump_stack_lvl+0x241/0x360 [ 1194.358825][T14337] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1194.364065][T14337] ? __pfx__printk+0x10/0x10 [ 1194.368704][T14337] ? snprintf+0xda/0x120 [ 1194.373001][T14337] should_fail_ex+0x3b0/0x4e0 [ 1194.377720][T14337] _copy_to_user+0x2f/0xb0 [ 1194.382170][T14337] simple_read_from_buffer+0xca/0x150 [ 1194.387601][T14337] proc_fail_nth_read+0x1e9/0x250 [ 1194.392681][T14337] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1194.398275][T14337] ? rw_verify_area+0x55e/0x6f0 [ 1194.403169][T14337] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1194.408768][T14337] vfs_read+0x201/0xbc0 [ 1194.412966][T14337] ? __pfx_lock_release+0x10/0x10 [ 1194.418043][T14337] ? __pfx_vfs_read+0x10/0x10 [ 1194.422771][T14337] ? __fget_files+0x3f3/0x470 [ 1194.428360][T14337] ? __fdget_pos+0x24e/0x320 [ 1194.432988][T14337] ksys_read+0x1a0/0x2c0 [ 1194.437289][T14337] ? __pfx_ksys_read+0x10/0x10 [ 1194.442108][T14337] ? do_syscall_64+0x100/0x230 [ 1194.447092][T14337] ? do_syscall_64+0xb6/0x230 [ 1194.451809][T14337] do_syscall_64+0xf3/0x230 [ 1194.456355][T14337] ? clear_bhb_loop+0x35/0x90 [ 1194.461155][T14337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1194.467095][T14337] RIP: 0033:0x7f6b5477c93c [ 1194.471544][T14337] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 1194.491195][T14337] RSP: 002b:00007f6b554bb030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1194.499683][T14337] RAX: ffffffffffffffda RBX: 00007f6b54936130 RCX: 00007f6b5477c93c [ 1194.507718][T14337] RDX: 000000000000000f RSI: 00007f6b554bb0a0 RDI: 0000000000000008 [ 1194.515717][T14337] RBP: 00007f6b554bb090 R08: 0000000000000000 R09: 0000000000000000 [ 1194.523722][T14337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1194.531730][T14337] R13: 0000000000000000 R14: 00007f6b54936130 R15: 00007ffed92b9318 [ 1194.539763][T14337] [ 1195.075374][ T9655] Bluetooth: hci2: command tx timeout [ 1197.531063][ T9655] Bluetooth: hci2: command tx timeout [ 1198.668171][ T944] usb 5-1: USB disconnect, device number 34 [ 1198.999814][ T52] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1199.096791][T14324] chnl_net:caif_netlink_parms(): no params data found [ 1199.309127][T14363] FAULT_INJECTION: forcing a failure. [ 1199.309127][T14363] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1199.344938][ T52] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1199.359515][T14363] CPU: 1 UID: 0 PID: 14363 Comm: syz.2.1833 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1199.370010][T14363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1199.380106][T14363] Call Trace: [ 1199.383420][T14363] [ 1199.386384][T14363] dump_stack_lvl+0x241/0x360 [ 1199.391112][T14363] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1199.396357][T14363] ? __pfx__printk+0x10/0x10 [ 1199.400995][T14363] ? __pfx_lock_release+0x10/0x10 [ 1199.406086][T14363] ? tomoyo_path_number_perm+0x71a/0x880 [ 1199.411795][T14363] should_fail_ex+0x3b0/0x4e0 [ 1199.416529][T14363] _copy_from_user+0x2f/0xe0 [ 1199.421171][T14363] wext_handle_ioctl+0xf2/0x270 [ 1199.426082][T14363] ? __pfx_wext_handle_ioctl+0x10/0x10 [ 1199.431600][T14363] ? __asan_memset+0x23/0x50 [ 1199.436232][T14363] ? smack_file_ioctl+0x29e/0x3a0 [ 1199.441317][T14363] sock_ioctl+0x17c/0x8e0 [ 1199.445702][T14363] ? __pfx_sock_ioctl+0x10/0x10 [ 1199.450603][T14363] ? __fget_files+0x3f3/0x470 [ 1199.455337][T14363] ? __pfx_sock_ioctl+0x10/0x10 [ 1199.460241][T14363] __se_sys_ioctl+0xf9/0x170 [ 1199.464886][T14363] do_syscall_64+0xf3/0x230 [ 1199.469438][T14363] ? clear_bhb_loop+0x35/0x90 [ 1199.474160][T14363] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1199.480103][T14363] RIP: 0033:0x7f45bff7def9 [ 1199.484730][T14363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1199.504464][T14363] RSP: 002b:00007f45c0d76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1199.512924][T14363] RAX: ffffffffffffffda RBX: 00007f45c0135f80 RCX: 00007f45bff7def9 [ 1199.521107][T14363] RDX: 0000000020000500 RSI: 0000000000008b15 RDI: 0000000000000005 [ 1199.529142][T14363] RBP: 00007f45c0d76090 R08: 0000000000000000 R09: 0000000000000000 [ 1199.537157][T14363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1199.545165][T14363] R13: 0000000000000000 R14: 00007f45c0135f80 R15: 00007ffe8a8bff98 [ 1199.553193][T14363] [ 1199.599703][ T9655] Bluetooth: hci2: command tx timeout [ 1202.093117][ T5224] Bluetooth: hci2: command tx timeout [ 1202.252257][ T9655] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1202.267387][ T9655] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1202.278573][ T9655] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1202.293435][ T9655] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1202.301652][ T9655] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 1202.314065][ T9655] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1202.413340][ T52] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1205.734402][ T5224] Bluetooth: hci5: command tx timeout [ 1206.847054][T14324] bridge0: port 1(bridge_slave_0) entered blocking state [ 1206.873330][T14324] bridge0: port 1(bridge_slave_0) entered disabled state [ 1206.898392][T14324] bridge_slave_0: entered allmulticast mode [ 1206.904954][T14406] FAULT_INJECTION: forcing a failure. [ 1206.904954][T14406] name failslab, interval 1, probability 0, space 0, times 0 [ 1206.925375][T14324] bridge_slave_0: entered promiscuous mode [ 1206.929436][T14406] CPU: 1 UID: 0 PID: 14406 Comm: syz.2.1842 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1206.933718][ T8] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 1206.941746][T14406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1206.941770][T14406] Call Trace: [ 1206.941782][T14406] [ 1206.941795][T14406] dump_stack_lvl+0x241/0x360 [ 1206.970385][T14406] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1206.975637][T14406] ? __pfx__printk+0x10/0x10 [ 1206.980288][T14406] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 1206.986397][T14406] ? __pfx___might_resched+0x10/0x10 [ 1206.991711][T14406] should_fail_ex+0x3b0/0x4e0 [ 1206.996419][T14406] should_failslab+0xac/0x100 [ 1207.001120][T14406] ? __alloc_skb+0x1c3/0x440 [ 1207.005763][T14406] kmem_cache_alloc_node_noprof+0x71/0x320 [ 1207.011604][T14406] __alloc_skb+0x1c3/0x440 [ 1207.016079][T14406] ? __pfx___alloc_skb+0x10/0x10 [ 1207.021043][T14406] ? netlink_autobind+0xd6/0x2f0 [ 1207.026006][T14406] ? netlink_autobind+0x2b0/0x2f0 [ 1207.031055][T14406] netlink_sendmsg+0x638/0xcb0 [ 1207.035856][T14406] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1207.041213][T14406] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1207.046520][T14406] __sock_sendmsg+0x221/0x270 [ 1207.051239][T14406] ____sys_sendmsg+0x52a/0x7e0 [ 1207.056053][T14406] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1207.061386][T14406] __sys_sendmsg+0x2aa/0x390 [ 1207.066000][T14406] ? __pfx___sys_sendmsg+0x10/0x10 [ 1207.071142][T14406] ? vfs_write+0x7bf/0xc90 [ 1207.075620][T14406] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1207.082162][T14406] ? do_syscall_64+0x100/0x230 [ 1207.086947][T14406] ? do_syscall_64+0xb6/0x230 [ 1207.091641][T14406] do_syscall_64+0xf3/0x230 [ 1207.096162][T14406] ? clear_bhb_loop+0x35/0x90 [ 1207.100945][T14406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1207.106864][T14406] RIP: 0033:0x7f45bff7def9 [ 1207.111318][T14406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1207.131032][T14406] RSP: 002b:00007f45c0d76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1207.139483][T14406] RAX: ffffffffffffffda RBX: 00007f45c0135f80 RCX: 00007f45bff7def9 [ 1207.147492][T14406] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003 [ 1207.155495][T14406] RBP: 00007f45c0d76090 R08: 0000000000000000 R09: 0000000000000000 [ 1207.163509][T14406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1207.171580][T14406] R13: 0000000000000000 R14: 00007f45c0135f80 R15: 00007ffe8a8bff98 [ 1207.179587][T14406] [ 1207.190522][T14324] bridge0: port 2(bridge_slave_1) entered blocking state [ 1207.227089][T14324] bridge0: port 2(bridge_slave_1) entered disabled state [ 1207.246220][T14324] bridge_slave_1: entered allmulticast mode [ 1207.261747][T14324] bridge_slave_1: entered promiscuous mode [ 1207.330180][ T8] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1207.367517][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1207.385224][T14324] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1207.496303][ T8] usb 5-1: config 0 descriptor?? [ 1207.505416][ T8] usb 5-1: can't set config #0, error -71 [ 1207.520041][ T8] usb 5-1: USB disconnect, device number 35 [ 1207.595684][T14324] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1207.792879][T14324] team0: Port device team_slave_0 added [ 1207.801875][ T9655] Bluetooth: hci5: command tx timeout [ 1208.135552][T14324] team0: Port device team_slave_1 added [ 1208.158840][ T52] bridge_slave_1: left allmulticast mode [ 1208.918926][ T52] bridge_slave_1: left promiscuous mode [ 1208.924928][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 1208.968243][ T52] bridge_slave_0: left allmulticast mode [ 1208.975883][ T52] bridge_slave_0: left promiscuous mode [ 1208.997995][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 1209.017890][ T9020] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 1209.209383][ T9020] usb 5-1: Using ep0 maxpacket: 16 [ 1209.219826][ T9020] usb 5-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config [ 1209.234373][ T9020] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 12336, setting to 64 [ 1209.836495][ T9020] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 1209.880053][ T9655] Bluetooth: hci5: command tx timeout [ 1209.889392][ T9020] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1209.926283][ T9020] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1209.936613][ T9020] usb 5-1: Manufacturer: syz [ 1209.949263][ T9020] usb 5-1: config 0 descriptor?? [ 1210.372486][T14454] ntfs3: Bad value for 'gid' [ 1210.377371][T14454] ntfs3: Bad value for 'gid' [ 1211.305989][ T9020] usb 5-1: USB disconnect, device number 36 [ 1212.106919][ T9655] Bluetooth: hci5: command tx timeout [ 1213.415450][T14475] FAULT_INJECTION: forcing a failure. [ 1213.415450][T14475] name failslab, interval 1, probability 0, space 0, times 0 [ 1213.429566][T14475] CPU: 0 UID: 0 PID: 14475 Comm: syz.4.1859 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1213.440137][T14475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1213.450355][T14475] Call Trace: [ 1213.453671][T14475] [ 1213.456630][T14475] dump_stack_lvl+0x241/0x360 [ 1213.461409][T14475] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1213.466668][T14475] ? __pfx__printk+0x10/0x10 [ 1213.471312][T14475] ? kmem_cache_alloc_noprof+0x44/0x2a0 [ 1213.476913][T14475] ? __pfx___might_resched+0x10/0x10 [ 1213.482256][T14475] should_fail_ex+0x3b0/0x4e0 [ 1213.486987][T14475] ? getname_flags+0xb7/0x540 [ 1213.491713][T14475] should_failslab+0xac/0x100 [ 1213.496587][T14475] ? getname_flags+0xb7/0x540 [ 1213.501335][T14475] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 1213.506765][T14475] getname_flags+0xb7/0x540 [ 1213.511319][T14475] io_openat2_prep+0x23e/0x4f0 [ 1213.516147][T14475] io_submit_sqes+0x9c4/0x1bf0 [ 1213.521004][T14475] __se_sys_io_uring_enter+0x2c3/0x2bf0 [ 1213.526624][T14475] ? __pfx_lock_release+0x10/0x10 [ 1213.531727][T14475] ? vfs_write+0x7bf/0xc90 [ 1213.536204][T14475] ? __mutex_unlock_slowpath+0x21d/0x750 [ 1213.541976][T14475] ? __pfx___se_sys_io_uring_enter+0x10/0x10 [ 1213.548011][T14475] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1213.554069][T14475] ? __fget_files+0x3f3/0x470 [ 1213.558808][T14475] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1213.564849][T14475] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1213.571239][T14475] ? do_syscall_64+0x100/0x230 [ 1213.576049][T14475] ? __x64_sys_io_uring_enter+0x21/0xf0 [ 1213.581729][T14475] do_syscall_64+0xf3/0x230 [ 1213.586280][T14475] ? clear_bhb_loop+0x35/0x90 [ 1213.591006][T14475] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1213.596945][T14475] RIP: 0033:0x7f6fabf7def9 [ 1213.601397][T14475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1213.621045][T14475] RSP: 002b:00007f6facd5d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1213.629494][T14475] RAX: ffffffffffffffda RBX: 00007f6fac135f80 RCX: 00007f6fabf7def9 [ 1213.637580][T14475] RDX: 0000000000000000 RSI: 0000000000002d3e RDI: 0000000000000003 [ 1213.645576][T14475] RBP: 00007f6facd5d090 R08: 0000000000000000 R09: 0000000000000000 [ 1213.653561][T14475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1213.661543][T14475] R13: 0000000000000000 R14: 00007f6fac135f80 R15: 00007fff693eae68 [ 1213.669555][T14475] [ 1213.750856][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1213.771758][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1213.927087][T14488] ntfs3: Bad value for 'gid' [ 1213.932080][T14488] ntfs3: Bad value for 'gid' [ 1214.043842][T14487] ALSA: mixer_oss: invalid OSS volume './file0' [ 1214.194486][ T52] bond0 (unregistering): Released all slaves [ 1214.537470][T14481] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1215.176261][T14324] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1215.206616][T14324] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1215.267250][T14324] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1215.350043][T14324] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1215.357058][T14324] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1215.388637][T14324] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1216.513662][T14324] hsr_slave_0: entered promiscuous mode [ 1216.541315][T14324] hsr_slave_1: entered promiscuous mode [ 1216.750538][T14324] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1216.848796][T14324] Cannot create hsr debugfs directory [ 1216.953132][ T52] hsr_slave_0: left promiscuous mode [ 1217.020304][ T52] hsr_slave_1: left promiscuous mode [ 1217.033445][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1217.199198][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1217.223392][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1217.272083][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1217.516554][ T52] veth1_macvtap: left promiscuous mode [ 1217.540974][ T52] veth0_macvtap: left promiscuous mode [ 1217.546702][ T52] veth1_vlan: left promiscuous mode [ 1217.569933][ T52] veth0_vlan: left promiscuous mode [ 1217.894259][T14519] ntfs3: Bad value for 'gid' [ 1217.899105][T14519] ntfs3: Bad value for 'gid' [ 1217.906704][ T9176] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 1218.314536][ T9176] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1218.448553][ T9176] usb 3-1: New USB device found, idVendor=1bc7, idProduct=9010, bcdDevice=36.53 [ 1218.584245][ T9176] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1218.679364][ T9176] usb 3-1: config 0 descriptor?? [ 1218.712467][ T9176] option 3-1:0.0: GSM modem (1-port) converter detected [ 1218.923332][T14513] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1218.932635][T14513] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1219.149514][T14525] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1219.160934][T14513] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1219.191520][T14513] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1219.201781][ T9020] usb 3-1: USB disconnect, device number 32 [ 1219.209199][ T9020] option 3-1:0.0: device disconnected [ 1220.000858][ T9] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 1220.104733][ T52] team0 (unregistering): Port device team_slave_1 removed [ 1220.452443][ T52] team0 (unregistering): Port device team_slave_0 removed [ 1220.486412][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 1220.509492][ T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1220.527796][ T9] usb 5-1: New USB device found, idVendor=0bda, idProduct=0140, bcdDevice=b2.f6 [ 1220.537003][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1220.546546][ T9] usb 5-1: Product: syz [ 1220.557817][ T9] usb 5-1: Manufacturer: syz [ 1220.562495][ T9] usb 5-1: SerialNumber: syz [ 1220.577553][ T9] usb 5-1: config 0 descriptor?? [ 1220.785229][ T9] rtsx_usb 5-1:0.0: probe with driver rtsx_usb failed with error -22 [ 1220.822190][ T9] usb 5-1: USB disconnect, device number 37 [ 1222.341554][T14525] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1876'. [ 1223.535170][T14377] chnl_net:caif_netlink_parms(): no params data found [ 1225.036574][T14377] bridge0: port 1(bridge_slave_0) entered blocking state [ 1225.069464][T14377] bridge0: port 1(bridge_slave_0) entered disabled state [ 1225.095918][T14377] bridge_slave_0: entered allmulticast mode [ 1225.102075][ T941] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 1225.113123][T14377] bridge_slave_0: entered promiscuous mode [ 1225.151704][T14601] IPv6: addrconf: prefix option has invalid lifetime [ 1225.158534][T14601] IPv6: addrconf: prefix option has invalid lifetime [ 1225.273430][T14377] bridge0: port 2(bridge_slave_1) entered blocking state [ 1225.297854][ T941] usb 3-1: Using ep0 maxpacket: 16 [ 1225.300062][T14377] bridge0: port 2(bridge_slave_1) entered disabled state [ 1225.311639][T14377] bridge_slave_1: entered allmulticast mode [ 1225.313243][ T941] usb 3-1: config 7 has an invalid interface number: 247 but max is 0 [ 1225.322339][T14377] bridge_slave_1: entered promiscuous mode [ 1225.346480][ T941] usb 3-1: config 7 has no interface number 0 [ 1225.368934][ T941] usb 3-1: config 7 interface 247 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 1225.391963][ T941] usb 3-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=6c.22 [ 1225.405350][ T941] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1225.413990][ T941] usb 3-1: Product: syz [ 1225.418722][ T941] usb 3-1: Manufacturer: syz [ 1225.423358][ T941] usb 3-1: SerialNumber: syz [ 1225.459531][ T941] ni6501 3-1:7.247: driver 'ni6501' failed to auto-configure device. [ 1225.475171][ T52] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1225.618215][ T9020] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 1225.676205][ T5280] usb 3-1: USB disconnect, device number 33 [ 1225.721219][ T52] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1225.810321][ T9020] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1225.831047][ T9020] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1225.845074][ T9020] usb 5-1: New USB device found, idVendor=056a, idProduct=00b8, bcdDevice= 0.00 [ 1225.864672][T14377] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1225.891602][T14377] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1225.906466][ T9020] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1225.943987][ T52] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1225.955493][ T29] kauditd_printk_skb: 44 callbacks suppressed [ 1225.955512][ T29] audit: type=1400 audit(1726570080.839:905): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=14604 comm="syz.1.1893" dest=20002 netif=wpan0 [ 1226.016843][ T9020] usb 5-1: config 0 descriptor?? [ 1226.131274][ T52] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1226.168217][T14377] team0: Port device team_slave_0 added [ 1226.221360][T14607] FAULT_INJECTION: forcing a failure. [ 1226.221360][T14607] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1226.236585][T14377] team0: Port device team_slave_1 added [ 1226.264743][T14607] CPU: 1 UID: 0 PID: 14607 Comm: syz.1.1894 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1226.275274][T14607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1226.285374][T14607] Call Trace: [ 1226.288702][T14607] [ 1226.291670][T14607] dump_stack_lvl+0x241/0x360 [ 1226.296416][T14607] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1226.301669][T14607] ? __pfx__printk+0x10/0x10 [ 1226.306317][T14607] ? __pfx_lock_release+0x10/0x10 [ 1226.311418][T14607] ? _raw_spin_unlock_irq+0x2e/0x50 [ 1226.316685][T14607] should_fail_ex+0x3b0/0x4e0 [ 1226.321507][T14607] _copy_from_user+0x2f/0xe0 [ 1226.326157][T14607] restore_sigcontext+0xd8/0x7d0 [ 1226.331158][T14607] ? __pfx_restore_sigcontext+0x10/0x10 [ 1226.336788][T14607] ? __pfx___set_current_blocked+0x10/0x10 [ 1226.342663][T14607] ? __task_pid_nr_ns+0x28/0x450 [ 1226.347656][T14607] __do_sys_rt_sigreturn+0x17f/0x270 [ 1226.353034][T14607] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 1226.358902][T14607] ? do_syscall_64+0x100/0x230 [ 1226.363718][T14607] ? do_syscall_64+0xb6/0x230 [ 1226.368451][T14607] do_syscall_64+0xf3/0x230 [ 1226.373004][T14607] ? clear_bhb_loop+0x35/0x90 [ 1226.377737][T14607] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1226.383694][T14607] RIP: 0033:0x7f6b54719869 [ 1226.388187][T14607] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25 [ 1226.407926][T14607] RSP: 002b:00007f6b554fca80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f [ 1226.410334][T14324] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1226.416360][T14607] RAX: ffffffffffffffda RBX: 00007f6b54935f80 RCX: 00007f6b54719869 [ 1226.416381][T14607] RDX: 00007f6b554fca80 RSI: 00007f6b554fcbb0 RDI: 0000000000000021 [ 1226.416399][T14607] RBP: 00007f6b554fd090 R08: 0000000000000000 R09: 0000000000000000 [ 1226.416414][T14607] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001 [ 1226.416429][T14607] R13: 0000000000000000 R14: 00007f6b54935f80 R15: 00007ffed92b9318 [ 1226.440266][ T9020] wacom 0003:056A:00B8.000A: unknown main item tag 0x0 [ 1226.447162][T14607] [ 1226.496082][ T9020] wacom 0003:056A:00B8.000A: Unknown device_type for 'HID 056a:00b8'. Assuming pen. [ 1226.555695][T14324] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1226.618278][ T9020] wacom 0003:056A:00B8.000A: hidraw0: USB HID v0.00 Device [HID 056a:00b8] on usb-dummy_hcd.4-1/input0 [ 1226.685830][ T9020] input: Wacom Intuos4 4x6 Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:056A:00B8.000A/input/input10 [ 1226.691815][T14377] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1226.735209][T14377] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1226.810155][T14377] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1226.825075][T14619] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1898'. [ 1226.826623][T14324] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1226.855310][T14324] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1226.900237][T14622] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1897'. [ 1226.925933][T14377] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1226.933218][ T9020] usb 5-1: USB disconnect, device number 38 [ 1226.952257][T14377] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1226.983466][T14377] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1227.428913][T14377] hsr_slave_0: entered promiscuous mode [ 1227.463476][T14377] hsr_slave_1: entered promiscuous mode [ 1227.582089][T14628] overlayfs: failed to resolve './file1': -2 [ 1227.645419][ T52] bridge_slave_1: left allmulticast mode [ 1227.654657][ T52] bridge_slave_1: left promiscuous mode [ 1227.664223][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 1227.685072][ T52] bridge_slave_0: left allmulticast mode [ 1227.692123][ T52] bridge_slave_0: left promiscuous mode [ 1227.705606][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 1228.370418][T14644] FAULT_INJECTION: forcing a failure. [ 1228.370418][T14644] name failslab, interval 1, probability 0, space 0, times 0 [ 1228.426911][T14644] CPU: 0 UID: 0 PID: 14644 Comm: syz.1.1901 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1228.437502][T14644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1228.447566][T14644] Call Trace: [ 1228.450847][T14644] [ 1228.453799][T14644] dump_stack_lvl+0x241/0x360 [ 1228.458509][T14644] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1228.463710][T14644] ? __pfx__printk+0x10/0x10 [ 1228.468305][T14644] ? __kmalloc_node_noprof+0xb7/0x440 [ 1228.473703][T14644] ? __pfx___might_resched+0x10/0x10 [ 1228.479116][T14644] should_fail_ex+0x3b0/0x4e0 [ 1228.483849][T14644] should_failslab+0xac/0x100 [ 1228.488713][T14644] __kmalloc_node_noprof+0xdf/0x440 [ 1228.494123][T14644] ? __kvmalloc_node_noprof+0x72/0x190 [ 1228.499626][T14644] __kvmalloc_node_noprof+0x72/0x190 [ 1228.504939][T14644] xt_alloc_table_info+0x3d/0xa0 [ 1228.509896][T14644] do_ip6t_set_ctl+0xba0/0x1270 [ 1228.514760][T14644] ? __pfx___might_resched+0x10/0x10 [ 1228.520236][T14644] ? __pfx_do_ip6t_set_ctl+0x10/0x10 [ 1228.525529][T14644] ? __pfx_lock_release+0x10/0x10 [ 1228.530583][T14644] ? __mutex_unlock_slowpath+0x21d/0x750 [ 1228.536251][T14644] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 1228.542216][T14644] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1228.548240][T14644] ? sb_end_write+0xe9/0x1c0 [ 1228.552940][T14644] ? vfs_write+0x7bf/0xc90 [ 1228.557440][T14644] nf_setsockopt+0x295/0x2c0 [ 1228.562063][T14644] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 1228.567970][T14644] do_sock_setsockopt+0x3af/0x720 [ 1228.573016][T14644] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 1228.578589][T14644] __sys_setsockopt+0x1a8/0x250 [ 1228.583455][T14644] __x64_sys_setsockopt+0xb5/0xd0 [ 1228.588494][T14644] do_syscall_64+0xf3/0x230 [ 1228.593010][T14644] ? clear_bhb_loop+0x35/0x90 [ 1228.597695][T14644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1228.603712][T14644] RIP: 0033:0x7f6b5477def9 [ 1228.608142][T14644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1228.627857][T14644] RSP: 002b:00007f6b554fd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1228.636348][T14644] RAX: ffffffffffffffda RBX: 00007f6b54935f80 RCX: 00007f6b5477def9 [ 1228.644350][T14644] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000006 [ 1228.652340][T14644] RBP: 00007f6b554fd090 R08: 0000000000000428 R09: 0000000000000000 [ 1228.660325][T14644] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 1228.668418][T14644] R13: 0000000000000000 R14: 00007f6b54935f80 R15: 00007ffed92b9318 [ 1228.676419][T14644] [ 1229.448361][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1229.462547][T14662] /dev/nullb0: Can't open blockdev [ 1229.482398][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1229.530278][ T52] bond0 (unregistering): Released all slaves [ 1232.012237][ T52] hsr_slave_0: left promiscuous mode [ 1232.052053][ T52] hsr_slave_1: left promiscuous mode [ 1232.084707][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1232.105827][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1232.130724][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1232.155187][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1232.310142][ T52] veth1_macvtap: left promiscuous mode [ 1232.323093][ T52] veth0_macvtap: left promiscuous mode [ 1232.336092][ T52] veth1_vlan: left promiscuous mode [ 1232.346384][T14707] FAULT_INJECTION: forcing a failure. [ 1232.346384][T14707] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1232.348070][ T52] veth0_vlan: left promiscuous mode [ 1232.483972][T14707] CPU: 0 UID: 0 PID: 14707 Comm: syz.2.1912 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1232.494561][T14707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1232.504664][T14707] Call Trace: [ 1232.508074][T14707] [ 1232.511055][T14707] dump_stack_lvl+0x241/0x360 [ 1232.515813][T14707] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1232.521064][T14707] ? __pfx__printk+0x10/0x10 [ 1232.525701][T14707] should_fail_ex+0x3b0/0x4e0 [ 1232.530418][T14707] prepare_alloc_pages+0x1da/0x5d0 [ 1232.535553][T14707] __alloc_pages_noprof+0x166/0x6c0 [ 1232.540787][T14707] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 1232.546572][T14707] ? validate_chain+0x11e/0x5900 [ 1232.551578][T14707] ? 0xffffffffa000083c [ 1232.555792][T14707] alloc_pages_mpol_noprof+0x3e8/0x680 [ 1232.561329][T14707] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 1232.567373][T14707] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1232.573520][T14707] ? arch_stack_walk+0x16d/0x1b0 [ 1232.578516][T14707] ? alloc_pages_noprof+0xef/0x170 [ 1232.583699][T14707] pte_alloc_one+0x88/0x5d0 [ 1232.588351][T14707] ? __pfx_pte_alloc_one+0x10/0x10 [ 1232.593531][T14707] ? mark_lock+0x9a/0x350 [ 1232.597922][T14707] ? __lock_acquire+0x137a/0x2040 [ 1232.603002][T14707] ? cgroup_rstat_updated+0x13b/0xc60 [ 1232.608436][T14707] __pte_alloc+0x79/0x3a0 [ 1232.612832][T14707] ? __pfx___pte_alloc+0x10/0x10 [ 1232.617851][T14707] handle_pte_fault+0x55cd/0x6fc0 [ 1232.622996][T14707] ? __pfx_handle_pte_fault+0x10/0x10 [ 1232.628437][T14707] ? __pfx_lock_acquire+0x10/0x10 [ 1232.633526][T14707] ? __pmd_alloc+0x507/0x630 [ 1232.638260][T14707] ? __pfx_lock_release+0x10/0x10 [ 1232.643355][T14707] ? do_raw_spin_lock+0x14f/0x370 [ 1232.648485][T14707] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1232.653749][T14707] ? _raw_spin_unlock+0x28/0x50 [ 1232.658757][T14707] ? __pmd_alloc+0x507/0x630 [ 1232.663403][T14707] ? __pfx___pmd_alloc+0x10/0x10 [ 1232.668430][T14707] handle_mm_fault+0x1053/0x1ad0 [ 1232.673459][T14707] ? __pfx_handle_mm_fault+0x10/0x10 [ 1232.678830][T14707] ? lock_mm_and_find_vma+0x9c/0x2f0 [ 1232.684174][T14707] exc_page_fault+0x2b9/0x8c0 [ 1232.688921][T14707] ? __might_fault+0xaa/0x120 [ 1232.693646][T14707] asm_exc_page_fault+0x26/0x30 [ 1232.698539][T14707] RIP: 0010:__get_user_4+0x11/0x20 [ 1232.703717][T14707] Code: 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 [ 1232.723458][T14707] RSP: 0018:ffffc90003cd7d60 EFLAGS: 00050206 [ 1232.729581][T14707] RAX: 0000000020000200 RBX: ffffc90003cd7de0 RCX: ffffc90003cd7c03 [ 1232.737598][T14707] RDX: 0000000000000000 RSI: ffffffff8beae960 RDI: ffffffff8c3fd540 [ 1232.745618][T14707] RBP: ffffc90003cd7ed8 R08: ffffffff8ffa80ef R09: 1ffffffff1ff501d [ 1232.753638][T14707] R10: dffffc0000000000 R11: fffffbfff1ff501e R12: 0000000020000200 [ 1232.761656][T14707] R13: 000000000000000c R14: 0000000000000000 R15: ffffc90003cd7de0 [ 1232.769695][T14707] move_addr_to_user+0x4e/0x1d0 [ 1232.774621][T14707] __sys_getsockname+0x1f3/0x2a0 [ 1232.779632][T14707] ? __pfx___sys_getsockname+0x10/0x10 [ 1232.785169][T14707] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1232.791562][T14707] ? do_syscall_64+0x100/0x230 [ 1232.796389][T14707] __x64_sys_getsockname+0x7b/0x90 [ 1232.801658][T14707] do_syscall_64+0xf3/0x230 [ 1232.806226][T14707] ? clear_bhb_loop+0x35/0x90 [ 1232.810956][T14707] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1232.816917][T14707] RIP: 0033:0x7f45bff7def9 [ 1232.821382][T14707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1232.841210][T14707] RSP: 002b:00007f45c0d76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000033 [ 1232.849683][T14707] RAX: ffffffffffffffda RBX: 00007f45c0135f80 RCX: 00007f45bff7def9 [ 1232.857701][T14707] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000003 [ 1232.865719][T14707] RBP: 00007f45c0d76090 R08: 0000000000000000 R09: 0000000000000000 [ 1232.873727][T14707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1232.881818][T14707] R13: 0000000000000000 R14: 00007f45c0135f80 R15: 00007ffe8a8bff98 [ 1232.889848][T14707] [ 1233.257138][T14717] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1233.266114][T14717] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1235.531538][ T944] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 1235.783193][ T944] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 1235.832141][ T944] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1235.851808][ T944] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1235.866987][ T944] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 1235.910316][ T944] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 1235.926435][ T944] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 1235.936311][ T944] usb 3-1: Manufacturer: syz [ 1235.981178][ T944] usb 3-1: config 0 descriptor?? [ 1237.273729][ T52] team0 (unregistering): Port device team_slave_1 removed [ 1237.402912][ T52] team0 (unregistering): Port device team_slave_0 removed [ 1238.819915][T14751] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 1238.856659][T14751] overlayfs: overlapping lowerdir path [ 1239.152503][T14716] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1913'. [ 1239.165352][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 1239.176895][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 1239.189941][T14720] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1913'. [ 1239.301806][T14735] netlink: 'syz.1.1919': attribute type 10 has an invalid length. [ 1239.331010][T14735] team0: Port device netdevsim0 added [ 1239.347508][T14736] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1919'. [ 1239.371676][T14752] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1923'. [ 1239.435574][T14749] syz.4.1923 (14749) used greatest stack depth: 18360 bytes left [ 1239.632657][T14324] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1239.676864][T14754] tipc: Enabling of bearer rejected, failed to enable media [ 1239.697917][ T944] usbhid 3-1:0.0: can't add hid device: -71 [ 1239.704277][ T944] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 1239.914759][ T944] usb 3-1: USB disconnect, device number 34 [ 1240.225087][T14761] netlink: 'syz.4.1925': attribute type 10 has an invalid length. [ 1240.669295][T14761] bond0: (slave bond_slave_0): Releasing backup interface [ 1241.037978][ T5272] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 1241.378098][ T5272] usb 3-1: Using ep0 maxpacket: 32 [ 1241.637636][ T5272] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1241.810511][ T5272] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 1241.859171][ T5272] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 1241.887102][T14324] 8021q: adding VLAN 0 to HW filter on device team0 [ 1241.916340][ T5272] usb 3-1: Product: syz [ 1241.929515][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 1241.936746][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1241.947796][ T5272] usb 3-1: Manufacturer: syz [ 1241.979453][ T5272] hub 3-1:4.0: bad descriptor, ignoring hub [ 1241.985878][ T5272] hub 3-1:4.0: probe with driver hub failed with error -5 [ 1241.997242][ T5272] usbhid 3-1:4.0: couldn't find an input interrupt endpoint [ 1242.053892][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 1242.061133][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1242.458709][ T9176] usb 3-1: USB disconnect, device number 35 [ 1242.673908][T14377] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1242.728814][T14377] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1242.781248][T14377] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1242.832817][T14377] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1246.091496][T14815] /dev/nullb0: Can't open blockdev [ 1246.781801][T14377] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1246.941032][T14377] 8021q: adding VLAN 0 to HW filter on device team0 [ 1246.984918][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 1246.992219][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1247.032084][T14324] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1247.053096][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 1247.060334][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1247.069060][T14817] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1934'. [ 1247.087374][T14817] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1934'. [ 1247.530154][T14324] veth0_vlan: entered promiscuous mode [ 1248.008008][ T5224] Bluetooth: hci1: command 0x0406 tx timeout [ 1248.543614][T14324] veth1_vlan: entered promiscuous mode [ 1249.713419][T14324] veth0_macvtap: entered promiscuous mode [ 1249.846082][T14324] veth1_macvtap: entered promiscuous mode [ 1250.010852][T14324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1250.077985][T14324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1250.119130][T14324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1250.129819][T14324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1250.140149][T14324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1250.150683][T14324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1250.162481][T14324] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1250.173186][T14324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1250.184239][T14324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1250.209788][T14324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1250.257797][T14324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1250.279825][T14324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1250.306579][T14324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1250.370986][T14324] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1250.438760][T14324] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1250.473792][T14324] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1250.502555][T14324] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1250.517181][T14324] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1250.585829][T14377] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1250.846170][ T9020] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 1251.092046][T14868] FAULT_INJECTION: forcing a failure. [ 1251.092046][T14868] name failslab, interval 1, probability 0, space 0, times 0 [ 1251.105126][T14868] CPU: 0 UID: 0 PID: 14868 Comm: syz.1.1944 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1251.115600][T14868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1251.125818][T14868] Call Trace: [ 1251.129144][T14868] [ 1251.132115][T14868] dump_stack_lvl+0x241/0x360 [ 1251.136854][T14868] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1251.142140][T14868] ? __pfx__printk+0x10/0x10 [ 1251.146793][T14868] ? io_file_get_flags+0xd9/0x160 [ 1251.151900][T14868] should_fail_ex+0x3b0/0x4e0 [ 1251.156654][T14868] should_failslab+0xac/0x100 [ 1251.161407][T14868] ? io_arm_poll_handler+0x4ea/0xba0 [ 1251.162896][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1251.166905][T14868] __kmalloc_cache_noprof+0x6c/0x2c0 [ 1251.180034][T14868] io_arm_poll_handler+0x4ea/0xba0 [ 1251.185204][T14868] ? __pfx_io_arm_poll_handler+0x10/0x10 [ 1251.190857][T14868] ? io_issue_sqe+0x796/0x1570 [ 1251.195647][T14868] ? io_alloc_async_data+0x7a/0x120 [ 1251.200884][T14868] ? __pfx_io_issue_sqe+0x10/0x10 [ 1251.205946][T14868] io_queue_async+0xa3/0x510 [ 1251.210565][T14868] io_submit_sqes+0xe67/0x1bf0 [ 1251.215393][T14868] __se_sys_io_uring_enter+0x2c3/0x2bf0 [ 1251.220974][T14868] ? __pfx_lock_release+0x10/0x10 [ 1251.226028][T14868] ? vfs_write+0x7bf/0xc90 [ 1251.230569][T14868] ? __mutex_unlock_slowpath+0x21d/0x750 [ 1251.236319][T14868] ? __pfx___se_sys_io_uring_enter+0x10/0x10 [ 1251.242432][T14868] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1251.248434][T14868] ? __fget_files+0x3f3/0x470 [ 1251.253353][T14868] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1251.259363][T14868] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1251.265716][T14868] ? do_syscall_64+0x100/0x230 [ 1251.270505][T14868] ? __x64_sys_io_uring_enter+0x21/0xf0 [ 1251.276150][T14868] do_syscall_64+0xf3/0x230 [ 1251.280853][T14868] ? clear_bhb_loop+0x35/0x90 [ 1251.285549][T14868] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1251.291480][T14868] RIP: 0033:0x7f6b5477def9 [ 1251.295930][T14868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1251.315616][T14868] RSP: 002b:00007f6b554fd038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1251.324146][T14868] RAX: ffffffffffffffda RBX: 00007f6b54935f80 RCX: 00007f6b5477def9 [ 1251.332594][T14868] RDX: 0000000000000000 RSI: 0000000000003701 RDI: 0000000000000004 [ 1251.340763][T14868] RBP: 00007f6b554fd090 R08: 0000000000000000 R09: 0000000000000000 [ 1251.348856][T14868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1251.357018][T14868] R13: 0000000000000000 R14: 00007f6b54935f80 R15: 00007ffed92b9318 [ 1251.365205][T14868] [ 1251.368457][ C0] vkms_vblank_simulate: vblank timer overrun [ 1251.398934][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1251.425565][T14377] veth0_vlan: entered promiscuous mode [ 1251.446912][ T9020] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1251.446944][ T9020] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1251.446975][ T9020] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 1251.446995][ T9020] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1251.469167][ T9020] usb 3-1: config 0 descriptor?? [ 1251.530728][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1251.554329][T14377] veth1_vlan: entered promiscuous mode [ 1251.563804][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1251.712836][T14377] veth0_macvtap: entered promiscuous mode [ 1251.753070][T14377] veth1_macvtap: entered promiscuous mode [ 1251.792499][T14872] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1945'. [ 1251.824731][T14872] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1945'. [ 1251.845237][T14377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1252.164390][T14879] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 1252.503190][T14377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1253.363330][ T9020] usbhid 3-1:0.0: can't add hid device: -71 [ 1253.369653][ T9020] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 1253.371375][T14377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1253.381902][ T9020] usb 3-1: USB disconnect, device number 36 [ 1253.439405][T14377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1253.465078][T14377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1253.489452][T14377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1253.509315][T14377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1253.567188][T14377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1254.415103][T14377] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1254.696347][T14894] FAULT_INJECTION: forcing a failure. [ 1254.696347][T14894] name failslab, interval 1, probability 0, space 0, times 0 [ 1254.731081][T14894] CPU: 0 UID: 0 PID: 14894 Comm: syz.0.1948 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1254.741552][T14894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1254.751630][T14894] Call Trace: [ 1254.754916][T14894] [ 1254.757891][T14894] dump_stack_lvl+0x241/0x360 [ 1254.762589][T14894] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1254.767839][T14894] ? __pfx__printk+0x10/0x10 [ 1254.772468][T14894] ? __kmalloc_cache_noprof+0x44/0x2c0 [ 1254.777965][T14894] ? __pfx___might_resched+0x10/0x10 [ 1254.783290][T14894] should_fail_ex+0x3b0/0x4e0 [ 1254.788011][T14894] should_failslab+0xac/0x100 [ 1254.792735][T14894] ? shrinker_alloc+0x5a/0x9d0 [ 1254.797528][T14894] __kmalloc_cache_noprof+0x6c/0x2c0 [ 1254.802844][T14894] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 1254.808677][T14894] shrinker_alloc+0x5a/0x9d0 [ 1254.813325][T14894] ? __raw_spin_lock_init+0x45/0x100 [ 1254.818654][T14894] alloc_super+0x6c0/0x9d0 [ 1254.823153][T14894] sget_fc+0x34c/0x9c0 [ 1254.827259][T14894] ? __pfx_set_anon_super_fc+0x10/0x10 [ 1254.832761][T14894] ? __pfx_binderfs_fill_super+0x10/0x10 [ 1254.838433][T14894] get_tree_nodev+0x2a/0x140 [ 1254.843079][T14894] vfs_get_tree+0x90/0x2b0 [ 1254.847518][T14894] vfs_cmd_create+0xa0/0x1f0 [ 1254.852132][T14894] ? __se_sys_fsconfig+0xa15/0xf70 [ 1254.857273][T14894] __se_sys_fsconfig+0xa1f/0xf70 [ 1254.862277][T14894] ? __pfx___se_sys_fsconfig+0x10/0x10 [ 1254.867772][T14894] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1254.873793][T14894] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1254.880245][T14894] ? do_syscall_64+0x100/0x230 [ 1254.885230][T14894] ? __x64_sys_fsconfig+0x20/0xc0 [ 1254.890283][T14894] do_syscall_64+0xf3/0x230 [ 1254.894817][T14894] ? clear_bhb_loop+0x35/0x90 [ 1254.899520][T14894] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1254.905479][T14894] RIP: 0033:0x7f8c7537def9 [ 1254.909912][T14894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1254.929561][T14894] RSP: 002b:00007f8c760d5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 1254.938000][T14894] RAX: ffffffffffffffda RBX: 00007f8c75536130 RCX: 00007f8c7537def9 [ 1254.945997][T14894] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006 [ 1254.953987][T14894] RBP: 00007f8c760d5090 R08: 0000000000000000 R09: 0000000000000000 [ 1254.961979][T14894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1254.969968][T14894] R13: 0000000000000000 R14: 00007f8c75536130 R15: 00007fff96e1bf68 [ 1254.977993][T14894] [ 1254.981180][ C0] vkms_vblank_simulate: vblank timer overrun [ 1255.350828][T14377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1255.407771][T14377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1255.434647][T14377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1255.471909][T14377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1255.489582][T14896] 9pnet_fd: Insufficient options for proto=fd [ 1255.522394][T14377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1255.552201][T14377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1255.589615][T14377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1255.618969][T14377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1255.650909][T14377] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1255.703431][T14377] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1255.725633][T14377] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1255.768910][T14377] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1255.816449][T14377] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1255.899014][ T5272] usb 1-1: new high-speed USB device number 57 using dummy_hcd [ 1256.158438][ T5272] usb 1-1: Using ep0 maxpacket: 16 [ 1256.268554][ T5272] usb 1-1: config 7 has an invalid interface number: 247 but max is 0 [ 1256.278638][ T5272] usb 1-1: config 7 has no interface number 0 [ 1256.285165][ T5272] usb 1-1: config 7 interface 247 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 1256.388095][ T5272] usb 1-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=6c.22 [ 1256.407873][ T5272] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1256.416038][ T5272] usb 1-1: Product: syz [ 1256.461377][ T5272] usb 1-1: Manufacturer: syz [ 1256.466061][ T5272] usb 1-1: SerialNumber: syz [ 1256.534940][ T5272] ni6501 1-1:7.247: driver 'ni6501' failed to auto-configure device. [ 1256.735483][ T5272] usb 1-1: USB disconnect, device number 57 [ 1257.047457][ T5224] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1257.061494][ T5224] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1257.074873][ T5224] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1257.087597][ T5224] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1257.098379][ T5224] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1257.108032][ T5224] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1257.202157][ T5551] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1257.870357][T14930] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 1258.694873][ T5551] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1259.159725][ T5224] Bluetooth: hci0: command tx timeout [ 1259.800840][T14944] 9pnet_fd: Insufficient options for proto=fd [ 1260.142643][ T5551] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1260.178122][T14944] netlink: 'syz.0.1960': attribute type 10 has an invalid length. [ 1260.202398][T14944] bond0: (slave bond_slave_0): Releasing backup interface [ 1260.405824][T14956] sg_write: data in/out 42219/14 bytes for SCSI command 0x0-- guessing data in; [ 1260.405824][T14956] program syz.2.1964 not setting count and/or reply_len properly [ 1260.499976][T14957] FAULT_INJECTION: forcing a failure. [ 1260.499976][T14957] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1260.513428][T14957] CPU: 0 UID: 0 PID: 14957 Comm: syz.4.1963 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1260.523888][T14957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1260.533983][T14957] Call Trace: [ 1260.537293][T14957] [ 1260.540264][T14957] dump_stack_lvl+0x241/0x360 [ 1260.544990][T14957] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1260.550273][T14957] ? __pfx__printk+0x10/0x10 [ 1260.555006][T14957] should_fail_ex+0x3b0/0x4e0 [ 1260.559823][T14957] _copy_from_user+0x2f/0xe0 [ 1260.564455][T14957] __sys_bpf+0x1a4/0x810 [ 1260.568748][T14957] ? __pfx___sys_bpf+0x10/0x10 [ 1260.573576][T14957] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1260.579605][T14957] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1260.585984][T14957] ? do_syscall_64+0x100/0x230 [ 1260.590887][T14957] __x64_sys_bpf+0x7c/0x90 [ 1260.595351][T14957] do_syscall_64+0xf3/0x230 [ 1260.600033][T14957] ? clear_bhb_loop+0x35/0x90 [ 1260.604753][T14957] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1260.610713][T14957] RIP: 0033:0x7f6fabf7def9 [ 1260.615165][T14957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1260.634818][T14957] RSP: 002b:00007f6facd1b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1260.643279][T14957] RAX: ffffffffffffffda RBX: 00007f6fac136130 RCX: 00007f6fabf7def9 [ 1260.651288][T14957] RDX: 0000000000000020 RSI: 0000000020000280 RDI: 0000000000000012 [ 1260.659728][T14957] RBP: 00007f6facd1b090 R08: 0000000000000000 R09: 0000000000000000 [ 1260.667739][T14957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1260.675745][T14957] R13: 0000000000000000 R14: 00007f6fac136130 R15: 00007fff693eae68 [ 1260.683774][T14957] [ 1260.686943][ C0] vkms_vblank_simulate: vblank timer overrun [ 1261.281488][ T5551] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1265.193397][ T5224] Bluetooth: hci0: command tx timeout [ 1266.888268][T14913] chnl_net:caif_netlink_parms(): no params data found [ 1267.888505][ T5224] Bluetooth: hci0: command tx timeout [ 1270.768968][ T5224] Bluetooth: hci0: command tx timeout [ 1271.152380][ T5551] bridge_slave_1: left allmulticast mode [ 1271.158167][ T5551] bridge_slave_1: left promiscuous mode [ 1271.166241][ T5551] bridge0: port 2(bridge_slave_1) entered disabled state [ 1271.810655][ T5551] bridge_slave_0: left allmulticast mode [ 1271.858007][ T5551] bridge_slave_0: left promiscuous mode [ 1271.863904][ T5551] bridge0: port 1(bridge_slave_0) entered disabled state [ 1272.928488][T15015] FAULT_INJECTION: forcing a failure. [ 1272.928488][T15015] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1273.037578][T15015] CPU: 1 UID: 0 PID: 15015 Comm: syz.0.1978 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1273.048081][T15015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1273.058181][T15015] Call Trace: [ 1273.061495][T15015] [ 1273.064458][T15015] dump_stack_lvl+0x241/0x360 [ 1273.069195][T15015] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1273.074444][T15015] ? __pfx__printk+0x10/0x10 [ 1273.079092][T15015] ? __pfx_lock_release+0x10/0x10 [ 1273.084186][T15015] should_fail_ex+0x3b0/0x4e0 [ 1273.088927][T15015] _copy_from_user+0x2f/0xe0 [ 1273.093574][T15015] evdev_ioctl_handler+0x6a0/0x21a0 [ 1273.098827][T15015] ? tomoyo_path_number_perm+0x208/0x880 [ 1273.104518][T15015] ? smack_log+0x123/0x540 [ 1273.108993][T15015] ? __pfx_evdev_ioctl_handler+0x10/0x10 [ 1273.114764][T15015] ? __pfx_smack_log+0x10/0x10 [ 1273.119582][T15015] ? smk_access+0x4ab/0x4e0 [ 1273.124143][T15015] ? smk_tskacc+0x300/0x370 [ 1273.128699][T15015] ? smack_file_ioctl+0x2f7/0x3a0 [ 1273.133963][T15015] ? __pfx_smack_file_ioctl+0x10/0x10 [ 1273.139416][T15015] ? __pfx_evdev_ioctl+0x10/0x10 [ 1273.144401][T15015] __se_sys_ioctl+0xf9/0x170 [ 1273.149060][T15015] do_syscall_64+0xf3/0x230 [ 1273.153619][T15015] ? clear_bhb_loop+0x35/0x90 [ 1273.158350][T15015] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1273.164343][T15015] RIP: 0033:0x7f8c7537def9 [ 1273.168811][T15015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1273.188462][T15015] RSP: 002b:00007f8c76117038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1273.196931][T15015] RAX: ffffffffffffffda RBX: 00007f8c75535f80 RCX: 00007f8c7537def9 [ 1273.204956][T15015] RDX: 0000000020000040 RSI: 0000000080104592 RDI: 0000000000000005 [ 1273.212975][T15015] RBP: 00007f8c76117090 R08: 0000000000000000 R09: 0000000000000000 [ 1273.221000][T15015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1273.229023][T15015] R13: 0000000000000000 R14: 00007f8c75535f80 R15: 00007fff96e1bf68 [ 1273.237059][T15015] [ 1273.420052][ T5224] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1273.433954][ T5224] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1273.457994][ T5224] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1273.569726][ T5224] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1273.610700][ T5224] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 1273.628823][ T5224] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1277.744085][ T9655] Bluetooth: hci5: command tx timeout [ 1279.514768][T15024] FAULT_INJECTION: forcing a failure. [ 1279.514768][T15024] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1279.575708][T15024] CPU: 0 UID: 0 PID: 15024 Comm: syz.0.1980 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1279.586231][T15024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1279.596420][T15024] Call Trace: [ 1279.599736][T15024] [ 1279.602711][T15024] dump_stack_lvl+0x241/0x360 [ 1279.608219][T15024] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1279.613571][T15024] ? __pfx__printk+0x10/0x10 [ 1279.618906][T15024] ? tomoyo_path_number_perm+0x71a/0x880 [ 1279.625295][T15024] ? __pfx_lock_release+0x10/0x10 [ 1279.630382][T15024] should_fail_ex+0x3b0/0x4e0 [ 1279.635114][T15024] _copy_from_user+0x2f/0xe0 [ 1279.639753][T15024] video_usercopy+0x378/0x1180 [ 1279.644582][T15024] ? __pfx___video_do_ioctl+0x10/0x10 [ 1279.650012][T15024] ? __pfx_video_usercopy+0x10/0x10 [ 1279.655264][T15024] ? smack_file_ioctl+0x2f7/0x3a0 [ 1279.660347][T15024] ? __fget_files+0x3f3/0x470 [ 1279.665035][T15024] v4l2_ioctl+0x189/0x1e0 [ 1279.669378][T15024] ? __pfx_v4l2_ioctl+0x10/0x10 [ 1279.674238][T15024] __se_sys_ioctl+0xf9/0x170 [ 1279.678868][T15024] do_syscall_64+0xf3/0x230 [ 1279.683435][T15024] ? clear_bhb_loop+0x35/0x90 [ 1279.688174][T15024] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1279.694194][T15024] RIP: 0033:0x7f8c7537def9 [ 1279.698663][T15024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1279.718394][T15024] RSP: 002b:00007f8c76117038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1279.726817][T15024] RAX: ffffffffffffffda RBX: 00007f8c75535f80 RCX: 00007f8c7537def9 [ 1279.734824][T15024] RDX: 0000000020000040 RSI: 00000000c0405602 RDI: 0000000000000003 [ 1279.742825][T15024] RBP: 00007f8c76117090 R08: 0000000000000000 R09: 0000000000000000 [ 1279.750848][T15024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1279.758843][T15024] R13: 0000000000000000 R14: 00007f8c75535f80 R15: 00007fff96e1bf68 [ 1279.766839][T15024] [ 1279.803867][ T9655] Bluetooth: hci5: command tx timeout [ 1280.297884][ T9] usb 1-1: new high-speed USB device number 58 using dummy_hcd [ 1281.213961][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 1281.222997][ T9] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 1281.232048][ T9] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1281.248942][ T9] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1281.258974][ T9] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1281.271593][ T9] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1281.285344][ T9] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1281.336524][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1281.580345][T15046] netlink: 'syz.2.1986': attribute type 1 has an invalid length. [ 1281.609966][ T9] usb 1-1: GET_CAPABILITIES returned 0 [ 1281.615544][ T9] usbtmc 1-1:16.0: can't read capabilities [ 1281.691807][ T5551] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1281.705780][ T5551] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1281.726798][ T5551] bond0 (unregistering): Released all slaves [ 1281.878363][ T9655] Bluetooth: hci5: command tx timeout [ 1281.883697][ T5301] usb 1-1: USB disconnect, device number 58 [ 1281.969425][ T5551] hsr_slave_0: left promiscuous mode [ 1281.998029][ T5551] hsr_slave_1: left promiscuous mode [ 1282.013728][ T5551] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1282.023139][ T5551] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1282.052358][ T5551] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1282.066405][ T5551] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1282.127438][ T5551] veth1_macvtap: left promiscuous mode [ 1282.145292][ T5551] veth0_macvtap: left promiscuous mode [ 1282.154116][ T5551] veth1_vlan: left promiscuous mode [ 1282.186846][ T5551] veth0_vlan: left promiscuous mode [ 1284.488504][ T9655] Bluetooth: hci5: command tx timeout [ 1285.659747][ T29] audit: type=1326 audit(1726570140.549:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15071 comm="syz.2.1995" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f45bff7def9 code=0x0 [ 1286.220832][ T5551] team0 (unregistering): Port device team_slave_1 removed [ 1286.305342][ T5551] team0 (unregistering): Port device team_slave_0 removed [ 1287.306764][T15069] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1994'. [ 1287.369153][T14913] bridge0: port 1(bridge_slave_0) entered blocking state [ 1287.383107][T14913] bridge0: port 1(bridge_slave_0) entered disabled state [ 1287.408424][T14913] bridge_slave_0: entered allmulticast mode [ 1287.432155][T14913] bridge_slave_0: entered promiscuous mode [ 1287.463886][T14913] bridge0: port 2(bridge_slave_1) entered blocking state [ 1287.498361][T14913] bridge0: port 2(bridge_slave_1) entered disabled state [ 1287.522410][T14913] bridge_slave_1: entered allmulticast mode [ 1287.533243][T14913] bridge_slave_1: entered promiscuous mode [ 1287.967327][T14913] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1288.651242][T14913] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1289.285123][T14913] team0: Port device team_slave_0 added [ 1290.142497][T14913] team0: Port device team_slave_1 added [ 1290.324284][T14913] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1290.333557][T14913] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1290.380528][T14913] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1290.395010][T14913] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1290.402643][T14913] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1290.428827][T14913] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1290.777868][ T944] usb 3-1: new full-speed USB device number 37 using dummy_hcd [ 1290.875148][T14913] hsr_slave_0: entered promiscuous mode [ 1290.906999][T14913] hsr_slave_1: entered promiscuous mode [ 1291.012009][ T944] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1291.032763][ T944] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 1291.052182][ T944] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64 [ 1291.087908][ T944] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 1291.127642][ T944] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1291.160208][T15127] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1291.164116][ T5551] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1291.190325][ T944] hub 3-1:1.0: bad descriptor, ignoring hub [ 1291.196319][ T944] hub 3-1:1.0: probe with driver hub failed with error -5 [ 1291.226030][ T944] cdc_wdm 3-1:1.0: skipping garbage [ 1291.231881][ T944] cdc_wdm 3-1:1.0: skipping garbage [ 1291.277976][ T944] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 1291.296055][ T944] cdc_wdm 3-1:1.0: Unknown control protocol [ 1291.398279][T15017] chnl_net:caif_netlink_parms(): no params data found [ 1291.672162][T15149] /dev/nullb0: Can't open blockdev [ 1292.107566][T15150] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1292.139450][T15150] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1292.162067][ T5551] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1292.213672][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 1292.220659][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 1292.226999][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 1292.233644][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 1292.239977][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 1292.246609][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 1292.252941][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 1292.259582][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 1292.265952][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 1292.272593][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 1292.279009][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 1292.285632][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 1292.291976][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 1292.298618][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 1292.304968][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 1292.311599][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 1292.317910][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 1292.324537][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 1292.330845][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 1292.337486][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 1292.420467][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1 [ 1292.526062][ T5551] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1292.734581][ T5551] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1293.041772][ T9] usb 3-1: USB disconnect, device number 37 [ 1293.120538][T15017] bridge0: port 1(bridge_slave_0) entered blocking state [ 1293.138399][T15017] bridge0: port 1(bridge_slave_0) entered disabled state [ 1293.152567][T15017] bridge_slave_0: entered allmulticast mode [ 1293.170038][T15017] bridge_slave_0: entered promiscuous mode [ 1293.232639][T15017] bridge0: port 2(bridge_slave_1) entered blocking state [ 1293.258220][T15017] bridge0: port 2(bridge_slave_1) entered disabled state [ 1293.268167][T15017] bridge_slave_1: entered allmulticast mode [ 1293.283871][T15017] bridge_slave_1: entered promiscuous mode [ 1293.345044][ T29] audit: type=1326 audit(1726570148.229:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15174 comm="syz.1.2011" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6b5477def9 code=0x0 [ 1293.499077][T15017] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1293.512449][T15017] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1293.934779][T15017] team0: Port device team_slave_0 added [ 1293.972426][T15017] team0: Port device team_slave_1 added [ 1293.989328][ T5551] bridge_slave_1: left allmulticast mode [ 1293.995319][ T5551] bridge_slave_1: left promiscuous mode [ 1294.008024][ T5551] bridge0: port 2(bridge_slave_1) entered disabled state [ 1294.028886][ T5551] bridge_slave_0: left allmulticast mode [ 1294.034698][ T5551] bridge_slave_0: left promiscuous mode [ 1294.043753][ T5551] bridge0: port 1(bridge_slave_0) entered disabled state [ 1296.367477][ T5551] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1296.379595][ T5551] bond0 (unregistering): Released all slaves [ 1296.514937][T15017] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1296.577945][T15017] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1296.653428][T15017] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1296.695763][T15017] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1296.847968][T15017] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1296.874750][T15017] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1297.075274][T14913] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1297.290041][T14913] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1297.849978][T15223] ================================================================== [ 1297.858111][T15223] BUG: KASAN: slab-use-after-free in smk_access+0xae/0x4e0 [ 1297.865355][T15223] Read of size 8 at addr ffff8880540f0840 by task syz.0.2019/15223 [ 1297.873304][T15223] [ 1297.875652][T15223] CPU: 0 UID: 0 PID: 15223 Comm: syz.0.2019 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1297.886186][T15223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1297.896619][T15223] Call Trace: [ 1297.900021][T15223] [ 1297.902972][T15223] dump_stack_lvl+0x241/0x360 [ 1297.907687][T15223] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1297.912919][T15223] ? __pfx__printk+0x10/0x10 [ 1297.918420][T15223] ? _printk+0xd5/0x120 [ 1297.922609][T15223] ? __virt_addr_valid+0x183/0x530 [ 1297.927781][T15223] ? __virt_addr_valid+0x183/0x530 [ 1297.932931][T15223] print_report+0x169/0x550 [ 1297.937513][T15223] ? __virt_addr_valid+0x183/0x530 [ 1297.942657][T15223] ? __virt_addr_valid+0x183/0x530 [ 1297.947893][T15223] ? __virt_addr_valid+0x45f/0x530 [ 1297.953040][T15223] ? __phys_addr+0xba/0x170 [ 1297.957583][T15223] ? smk_access+0xae/0x4e0 [ 1297.962039][T15223] kasan_report+0x143/0x180 [ 1297.966583][T15223] ? smk_access+0xae/0x4e0 [ 1297.971039][T15223] smk_access+0xae/0x4e0 [ 1297.975326][T15223] smack_watch_key+0x2f4/0x3a0 [ 1297.980132][T15223] ? __pfx_smack_watch_key+0x10/0x10 [ 1297.985546][T15223] ? __kasan_kmalloc+0x98/0xb0 [ 1297.990351][T15223] security_watch_key+0x86/0x250 [ 1297.995331][T15223] keyctl_watch_key+0x2b7/0x480 [ 1298.000218][T15223] __se_sys_keyctl+0x106/0xa50 [ 1298.005030][T15223] ? do_futex+0x33b/0x560 [ 1298.009394][T15223] ? __pfx___se_sys_keyctl+0x10/0x10 [ 1298.014719][T15223] ? __pfx_do_futex+0x10/0x10 [ 1298.019451][T15223] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1298.025484][T15223] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1298.031877][T15223] ? do_syscall_64+0x100/0x230 [ 1298.036683][T15223] ? __x64_sys_keyctl+0x20/0xc0 [ 1298.041581][T15223] do_syscall_64+0xf3/0x230 [ 1298.046140][T15223] ? clear_bhb_loop+0x35/0x90 [ 1298.050877][T15223] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1298.057011][T15223] RIP: 0033:0x7f8c7537def9 [ 1298.061476][T15223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1298.081206][T15223] RSP: 002b:00007f8c76117038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1298.089672][T15223] RAX: ffffffffffffffda RBX: 00007f8c75535f80 RCX: 00007f8c7537def9 [ 1298.097703][T15223] RDX: 0000000000000004 RSI: 0000000020b8ab90 RDI: 0000000000000020 [ 1298.105725][T15223] RBP: 00007f8c753f0b76 R08: 0000000000000000 R09: 0000000000000000 [ 1298.113743][T15223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1298.121758][T15223] R13: 0000000000000000 R14: 00007f8c75535f80 R15: 00007fff96e1bf68 [ 1298.129773][T15223] [ 1298.132843][T15223] [ 1298.135168][T15223] Allocated by task 13484: [ 1298.139606][T15223] kasan_save_track+0x3f/0x80 [ 1298.144301][T15223] __kasan_kmalloc+0x98/0xb0 [ 1298.148903][T15223] __kmalloc_node_track_caller_noprof+0x225/0x440 [ 1298.155336][T15223] kvasprintf+0xdf/0x190 [ 1298.159590][T15223] kobject_set_name_vargs+0x61/0x120 [ 1298.164889][T15223] kobject_init_and_add+0xde/0x190 [ 1298.170017][T15223] net_rx_queue_update_kobjects+0x1cf/0x5b0 [ 1298.175949][T15223] netdev_register_kobject+0x224/0x310 [ 1298.181416][T15223] register_netdevice+0x12c5/0x1b00 [ 1298.186627][T15223] __ip_tunnel_create+0x2b4/0x380 [ 1298.191664][T15223] ip_tunnel_init_net+0x21c/0x720 [ 1298.196708][T15223] ops_init+0x31e/0x590 [ 1298.200876][T15223] setup_net+0x287/0x9e0 [ 1298.205126][T15223] copy_net_ns+0x33f/0x570 [ 1298.209552][T15223] create_new_namespaces+0x425/0x7b0 [ 1298.214852][T15223] unshare_nsproxy_namespaces+0x124/0x180 [ 1298.220615][T15223] ksys_unshare+0x619/0xc10 [ 1298.225147][T15223] __x64_sys_unshare+0x38/0x40 [ 1298.229922][T15223] do_syscall_64+0xf3/0x230 [ 1298.234435][T15223] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1298.240382][T15223] [ 1298.242715][T15223] Freed by task 52: [ 1298.246530][T15223] kasan_save_track+0x3f/0x80 [ 1298.251231][T15223] kasan_save_free_info+0x40/0x50 [ 1298.256447][T15223] poison_slab_object+0xe0/0x150 [ 1298.261397][T15223] __kasan_slab_free+0x37/0x60 [ 1298.266189][T15223] kfree+0x149/0x360 [ 1298.270105][T15223] kobject_put+0x272/0x480 [ 1298.274540][T15223] net_rx_queue_update_kobjects+0x52b/0x5b0 [ 1298.280459][T15223] netdev_unregister_kobject+0x104/0x250 [ 1298.286100][T15223] unregister_netdevice_many_notify+0x1851/0x1da0 [ 1298.292550][T15223] cleanup_net+0x75d/0xcc0 [ 1298.296980][T15223] process_scheduled_works+0xa2c/0x1830 [ 1298.302539][T15223] worker_thread+0x870/0xd30 [ 1298.307147][T15223] kthread+0x2f0/0x390 [ 1298.311226][T15223] ret_from_fork+0x4b/0x80 [ 1298.315683][T15223] ret_from_fork_asm+0x1a/0x30 [ 1298.320482][T15223] [ 1298.322810][T15223] The buggy address belongs to the object at ffff8880540f0840 [ 1298.322810][T15223] which belongs to the cache kmalloc-8 of size 8 [ 1298.336529][T15223] The buggy address is located 0 bytes inside of [ 1298.336529][T15223] freed 8-byte region [ffff8880540f0840, ffff8880540f0848) [ 1298.349997][T15223] [ 1298.352325][T15223] The buggy address belongs to the physical page: [ 1298.358836][T15223] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x540f0 [ 1298.367611][T15223] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 1298.374755][T15223] page_type: 0xfdffffff(slab) [ 1298.379452][T15223] raw: 00fff00000000000 ffff88801a841500 dead000000000100 dead000000000122 [ 1298.388050][T15223] raw: 0000000000000000 0000000080800080 00000001fdffffff 0000000000000000 [ 1298.396634][T15223] page dumped because: kasan: bad access detected [ 1298.403057][T15223] page_owner tracks the page as allocated [ 1298.408779][T15223] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 12842, tgid 12840 (syz.3.1479), ts 1023531992496, free_ts 1022325300939 [ 1298.428348][T15223] post_alloc_hook+0x1f3/0x230 [ 1298.433123][T15223] get_page_from_freelist+0x2e4c/0x2f10 [ 1298.438681][T15223] __alloc_pages_noprof+0x256/0x6c0 [ 1298.443907][T15223] alloc_slab_page+0x5f/0x120 [ 1298.448624][T15223] allocate_slab+0x5a/0x2f0 [ 1298.453137][T15223] ___slab_alloc+0xcd1/0x14b0 [ 1298.457907][T15223] __slab_alloc+0x58/0xa0 [ 1298.462330][T15223] __kmalloc_node_track_caller_noprof+0x281/0x440 [ 1298.468764][T15223] kstrdup+0x3a/0x80 [ 1298.472673][T15223] __kernfs_new_node+0x9d/0x870 [ 1298.477554][T15223] kernfs_new_node+0x137/0x240 [ 1298.482511][T15223] __kernfs_create_file+0x49/0x2e0 [ 1298.487635][T15223] sysfs_add_file_mode_ns+0x24a/0x310 [ 1298.493025][T15223] internal_create_group+0x7a7/0x11d0 [ 1298.498422][T15223] sysfs_create_groups+0x56/0x120 [ 1298.503462][T15223] ib_setup_port_attrs+0xfae/0x2440 [ 1298.508671][T15223] page last free pid 12864 tgid 12860 stack trace: [ 1298.515205][T15223] free_unref_folios+0x100f/0x1ac0 [ 1298.520331][T15223] folios_put_refs+0x76e/0x860 [ 1298.525105][T15223] free_pages_and_swap_cache+0x2ea/0x690 [ 1298.530833][T15223] tlb_flush_mmu+0x3a3/0x680 [ 1298.535445][T15223] tlb_finish_mmu+0xd4/0x200 [ 1298.540041][T15223] exit_mmap+0x44f/0xc80 [ 1298.544298][T15223] __mmput+0x115/0x380 [ 1298.548376][T15223] exit_mm+0x220/0x310 [ 1298.552451][T15223] do_exit+0x9b2/0x27f0 [ 1298.556610][T15223] do_group_exit+0x207/0x2c0 [ 1298.561204][T15223] get_signal+0x16a1/0x1740 [ 1298.565717][T15223] arch_do_signal_or_restart+0x96/0x860 [ 1298.571276][T15223] syscall_exit_to_user_mode+0xc9/0x370 [ 1298.576850][T15223] do_syscall_64+0x100/0x230 [ 1298.581458][T15223] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1298.587380][T15223] [ 1298.589740][T15223] Memory state around the buggy address: [ 1298.595379][T15223] ffff8880540f0700: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc [ 1298.603472][T15223] ffff8880540f0780: fa fc fc fc fa fc fc fc fa fc fc fc 05 fc fc fc [ 1298.611553][T15223] >ffff8880540f0800: fa fc fc fc 00 fc fc fc fa fc fc fc 00 fc fc fc [ 1298.619619][T15223] ^ [ 1298.625776][T15223] ffff8880540f0880: 05 fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc [ 1298.633849][T15223] ffff8880540f0900: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc [ 1298.641913][T15223] ================================================================== [ 1298.694782][T15223] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1298.702135][T15223] CPU: 1 UID: 0 PID: 15223 Comm: syz.0.2019 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 1298.712577][T15223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1298.722655][T15223] Call Trace: [ 1298.725951][T15223] [ 1298.728893][T15223] dump_stack_lvl+0x241/0x360 [ 1298.733672][T15223] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1298.738896][T15223] ? __pfx__printk+0x10/0x10 [ 1298.743506][T15223] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1298.749513][T15223] ? vscnprintf+0x5d/0x90 [ 1298.753857][T15223] panic+0x349/0x860 [ 1298.757785][T15223] ? check_panic_on_warn+0x21/0xb0 [ 1298.762950][T15223] ? __pfx_panic+0x10/0x10 [ 1298.767496][T15223] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 1298.773495][T15223] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1298.779863][T15223] check_panic_on_warn+0x86/0xb0 [ 1298.784834][T15223] ? smk_access+0xae/0x4e0 [ 1298.789267][T15223] end_report+0x77/0x160 [ 1298.793518][T15223] kasan_report+0x154/0x180 [ 1298.798057][T15223] ? smk_access+0xae/0x4e0 [ 1298.802482][T15223] smk_access+0xae/0x4e0 [ 1298.806736][T15223] smack_watch_key+0x2f4/0x3a0 [ 1298.811510][T15223] ? __pfx_smack_watch_key+0x10/0x10 [ 1298.816872][T15223] ? __kasan_kmalloc+0x98/0xb0 [ 1298.821757][T15223] security_watch_key+0x86/0x250 [ 1298.826728][T15223] keyctl_watch_key+0x2b7/0x480 [ 1298.831598][T15223] __se_sys_keyctl+0x106/0xa50 [ 1298.836372][T15223] ? do_futex+0x33b/0x560 [ 1298.840712][T15223] ? __pfx___se_sys_keyctl+0x10/0x10 [ 1298.846093][T15223] ? __pfx_do_futex+0x10/0x10 [ 1298.850782][T15223] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1298.856770][T15223] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1298.863106][T15223] ? do_syscall_64+0x100/0x230 [ 1298.867985][T15223] ? __x64_sys_keyctl+0x20/0xc0 [ 1298.872885][T15223] do_syscall_64+0xf3/0x230 [ 1298.877418][T15223] ? clear_bhb_loop+0x35/0x90 [ 1298.882298][T15223] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1298.888350][T15223] RIP: 0033:0x7f8c7537def9 [ 1298.892797][T15223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1298.912421][T15223] RSP: 002b:00007f8c76117038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1298.920844][T15223] RAX: ffffffffffffffda RBX: 00007f8c75535f80 RCX: 00007f8c7537def9 [ 1298.928841][T15223] RDX: 0000000000000004 RSI: 0000000020b8ab90 RDI: 0000000000000020 [ 1298.936993][T15223] RBP: 00007f8c753f0b76 R08: 0000000000000000 R09: 0000000000000000 [ 1298.944972][T15223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1298.952945][T15223] R13: 0000000000000000 R14: 00007f8c75535f80 R15: 00007fff96e1bf68 [ 1298.960928][T15223] [ 1298.964211][T15223] Kernel Offset: disabled [ 1298.968737][T15223] Rebooting in 86400 seconds..