Warning: Permanently added '[localhost]:38317' (ECDSA) to the list of known hosts. 2020/10/11 15:49:31 fuzzer started 2020/10/11 15:49:32 dialing manager at 10.0.2.10:44167 2020/10/11 15:49:37 syscalls: 3440 2020/10/11 15:49:37 code coverage: enabled 2020/10/11 15:49:37 comparison tracing: enabled 2020/10/11 15:49:37 extra coverage: enabled 2020/10/11 15:49:37 setuid sandbox: enabled 2020/10/11 15:49:37 namespace sandbox: enabled 2020/10/11 15:49:37 Android sandbox: /sys/fs/selinux/policy does not exist 2020/10/11 15:49:37 fault injection: enabled 2020/10/11 15:49:37 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/10/11 15:49:37 net packet injection: enabled 2020/10/11 15:49:37 net device setup: enabled 2020/10/11 15:49:37 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/10/11 15:49:37 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/10/11 15:49:37 USB emulation: enabled 2020/10/11 15:49:37 hci packet injection: enabled 2020/10/11 15:49:37 wifi device emulation: enabled 15:50:52 executing program 0: 15:50:53 executing program 1: 15:50:53 executing program 2: 15:50:53 executing program 3: syzkaller login: [ 179.095256][ T8475] IPVS: ftp: loaded support on port[0] = 21 [ 179.210249][ T8477] IPVS: ftp: loaded support on port[0] = 21 [ 179.476784][ T8477] chnl_net:caif_netlink_parms(): no params data found [ 179.508891][ T8475] chnl_net:caif_netlink_parms(): no params data found [ 179.558872][ T8478] IPVS: ftp: loaded support on port[0] = 21 [ 179.685968][ T8475] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.698094][ T8475] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.711635][ T8475] device bridge_slave_0 entered promiscuous mode [ 179.733464][ T8475] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.742900][ T8475] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.752384][ T8475] device bridge_slave_1 entered promiscuous mode [ 179.780150][ T8477] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.791778][ T8477] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.807596][ T8477] device bridge_slave_0 entered promiscuous mode [ 179.846768][ T8477] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.858645][ T8477] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.878102][ T8477] device bridge_slave_1 entered promiscuous mode [ 179.897974][ T8475] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 179.917716][ T8475] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 179.957326][ T8475] team0: Port device team_slave_0 added [ 179.960038][ T8480] IPVS: ftp: loaded support on port[0] = 21 [ 179.972629][ T8475] team0: Port device team_slave_1 added [ 179.990250][ T8477] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 180.021545][ T8477] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 180.033741][ T8475] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 180.041902][ T8475] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.074301][ T8475] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 180.093659][ T8475] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 180.102970][ T8475] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.135156][ T8475] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 180.171543][ T8477] team0: Port device team_slave_0 added [ 180.182825][ T8477] team0: Port device team_slave_1 added [ 180.258883][ T8477] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 180.272090][ T8477] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.317085][ T8477] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 180.342191][ T8477] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 180.353111][ T8477] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.391427][ T8477] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 180.418437][ T8475] device hsr_slave_0 entered promiscuous mode [ 180.428366][ T8475] device hsr_slave_1 entered promiscuous mode [ 180.445905][ T8478] chnl_net:caif_netlink_parms(): no params data found [ 180.527070][ T8477] device hsr_slave_0 entered promiscuous mode [ 180.536031][ T8477] device hsr_slave_1 entered promiscuous mode [ 180.543766][ T8477] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 180.552987][ T8477] Cannot create hsr debugfs directory [ 180.738904][ T8478] bridge0: port 1(bridge_slave_0) entered blocking state [ 180.749779][ T8478] bridge0: port 1(bridge_slave_0) entered disabled state [ 180.760743][ T8478] device bridge_slave_0 entered promiscuous mode [ 180.781501][ T8478] bridge0: port 2(bridge_slave_1) entered blocking state [ 180.793405][ T8478] bridge0: port 2(bridge_slave_1) entered disabled state [ 180.806599][ T8478] device bridge_slave_1 entered promiscuous mode [ 180.910233][ T8478] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 180.928217][ T8478] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 180.975508][ T8480] chnl_net:caif_netlink_parms(): no params data found [ 180.990632][ T1244] Bluetooth: hci0: command 0x0409 tx timeout [ 181.059575][ T8478] team0: Port device team_slave_0 added [ 181.075576][ T8478] team0: Port device team_slave_1 added [ 181.107837][ T8475] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 181.163383][ T8475] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 181.185765][ T8475] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 181.225618][ T8475] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 181.243187][ T28] Bluetooth: hci1: command 0x0409 tx timeout [ 181.262762][ T8478] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 181.274012][ T8478] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 181.320700][ T8478] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 181.401462][ T8478] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 181.412740][ T8478] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 181.453403][ T8478] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 181.477781][ T2991] Bluetooth: hci2: command 0x0409 tx timeout [ 181.540857][ T8478] device hsr_slave_0 entered promiscuous mode [ 181.550247][ T8478] device hsr_slave_1 entered promiscuous mode [ 181.570147][ T8478] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 181.602305][ T8478] Cannot create hsr debugfs directory [ 181.622099][ T8480] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.657026][ T8480] bridge0: port 1(bridge_slave_0) entered disabled state [ 181.675100][ T8480] device bridge_slave_0 entered promiscuous mode [ 181.722650][ T8480] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.751709][ T8480] bridge0: port 2(bridge_slave_1) entered disabled state [ 181.779830][ T8480] device bridge_slave_1 entered promiscuous mode [ 181.812355][ T8477] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 181.835586][ T8477] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 181.867001][ T5] Bluetooth: hci3: command 0x0409 tx timeout [ 181.886131][ T8480] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 181.915157][ T8480] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 181.941571][ T8477] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 181.962148][ T8477] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 182.034103][ T8480] team0: Port device team_slave_0 added [ 182.054979][ T8480] team0: Port device team_slave_1 added [ 182.120397][ T8480] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 182.139669][ T8480] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 182.216109][ T8480] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 182.247643][ T8480] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 182.265349][ T8480] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 182.334051][ T8480] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 182.422663][ T8480] device hsr_slave_0 entered promiscuous mode [ 182.442720][ T8480] device hsr_slave_1 entered promiscuous mode [ 182.470690][ T8480] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 182.505456][ T8480] Cannot create hsr debugfs directory [ 182.642429][ T8478] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 182.671186][ T8478] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 182.703946][ T8478] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 182.726361][ T8478] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 182.812831][ T8480] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 182.839308][ T8480] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 182.860410][ T8480] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 182.882445][ T8480] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 182.907473][ T8475] 8021q: adding VLAN 0 to HW filter on device bond0 [ 182.945344][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 182.959428][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 182.979884][ T8475] 8021q: adding VLAN 0 to HW filter on device team0 [ 182.999933][ T8477] 8021q: adding VLAN 0 to HW filter on device bond0 [ 183.016847][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 183.027984][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 183.038250][ T1241] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.046774][ T1241] bridge0: port 1(bridge_slave_0) entered forwarding state [ 183.060410][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 183.076947][ T5] Bluetooth: hci0: command 0x041b tx timeout [ 183.083649][ T8506] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 183.102511][ T8506] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 183.118087][ T8506] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.129492][ T8506] bridge0: port 2(bridge_slave_1) entered forwarding state [ 183.142805][ T8506] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 183.156268][ T8506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 183.199374][ T8477] 8021q: adding VLAN 0 to HW filter on device team0 [ 183.212305][ T2991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 183.236040][ T2470] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 183.245931][ T2470] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 183.257099][ T2470] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 183.267188][ T2470] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 183.278641][ T2470] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 183.289823][ T2470] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.298972][ T2470] bridge0: port 1(bridge_slave_0) entered forwarding state [ 183.309802][ T2470] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 183.319741][ T2470] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 183.331827][ T5] Bluetooth: hci1: command 0x041b tx timeout [ 183.353870][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 183.367099][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 183.380841][ T28] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.392562][ T28] bridge0: port 2(bridge_slave_1) entered forwarding state [ 183.404424][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 183.415934][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 183.427079][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 183.440289][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 183.451648][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 183.462492][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 183.489432][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 183.502653][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 183.520051][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 183.538659][ T8506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 183.553196][ T8506] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 183.556837][ T5] Bluetooth: hci2: command 0x041b tx timeout [ 183.567931][ T8506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 183.582247][ T8506] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 183.603198][ T8477] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 183.616835][ T8477] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 183.626445][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 183.637363][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 183.647556][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 183.658017][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 183.675272][ T8478] 8021q: adding VLAN 0 to HW filter on device bond0 [ 183.690617][ T8475] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 183.719428][ T8480] 8021q: adding VLAN 0 to HW filter on device bond0 [ 183.732754][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 183.748136][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 183.759714][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 183.770679][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 183.789743][ T8478] 8021q: adding VLAN 0 to HW filter on device team0 [ 183.807658][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 183.817671][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 183.829978][ T8506] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 183.840664][ T8506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 183.858798][ T8477] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 183.873060][ T8480] 8021q: adding VLAN 0 to HW filter on device team0 [ 183.881427][ T2470] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 183.891549][ T2470] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 183.901622][ T2470] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.909957][ T2470] bridge0: port 1(bridge_slave_0) entered forwarding state [ 183.922097][ T8475] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 183.931093][ T2470] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 183.947765][ T2991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 183.956742][ T5] Bluetooth: hci3: command 0x041b tx timeout [ 183.960620][ T2991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 183.974626][ T2991] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.983076][ T2991] bridge0: port 2(bridge_slave_1) entered forwarding state [ 183.995453][ T2991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 184.019301][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 184.031092][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 184.042733][ T34] bridge0: port 1(bridge_slave_0) entered blocking state [ 184.051027][ T34] bridge0: port 1(bridge_slave_0) entered forwarding state [ 184.060634][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 184.071082][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 184.081187][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 184.091784][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 184.101122][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 184.115055][ T2470] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 184.124827][ T2470] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 184.135970][ T2470] bridge0: port 2(bridge_slave_1) entered blocking state [ 184.144239][ T2470] bridge0: port 2(bridge_slave_1) entered forwarding state [ 184.174625][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 184.185557][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 184.195261][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 184.205757][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 184.216374][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 184.226399][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 184.236411][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 184.247546][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 184.265229][ T2793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 184.274917][ T2793] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 184.284345][ T2793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 184.297061][ T2793] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 184.308145][ T2793] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 184.317821][ T2793] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 184.329240][ T2793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 184.341068][ T2793] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 184.351377][ T2793] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 184.375680][ T2991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 184.385963][ T2991] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 184.395889][ T2991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 184.408109][ T2991] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 184.418540][ T2991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 184.429005][ T2991] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 184.441184][ T8478] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 184.470597][ T8477] device veth0_vlan entered promiscuous mode [ 184.488337][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 184.509244][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 184.547800][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 184.577932][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 184.623327][ T8477] device veth1_vlan entered promiscuous mode [ 184.641578][ T8475] device veth0_vlan entered promiscuous mode [ 184.661369][ T2793] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 184.672785][ T2793] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 184.685449][ T2793] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 184.702236][ T8480] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 184.732291][ T8475] device veth1_vlan entered promiscuous mode [ 184.747887][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 184.758454][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 184.769619][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 184.780420][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 184.803946][ T8478] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 184.819289][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 184.844995][ T8480] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 184.858010][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 184.869349][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 184.893664][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 184.905327][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 184.916743][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 184.926172][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 184.938576][ T8475] device veth0_macvtap entered promiscuous mode [ 184.952148][ T8475] device veth1_macvtap entered promiscuous mode [ 184.969625][ T8477] device veth0_macvtap entered promiscuous mode [ 184.987734][ T8477] device veth1_macvtap entered promiscuous mode [ 184.998848][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 185.014713][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 185.032744][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 185.053161][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 185.070736][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 185.087910][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 185.112875][ T8475] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 185.131877][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 185.143895][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 185.156868][ T2991] Bluetooth: hci0: command 0x040f tx timeout [ 185.157262][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 185.178065][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 185.197779][ T8475] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 185.215245][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 185.225973][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 185.247743][ T8477] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 185.262696][ T8477] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.277596][ T8477] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 185.291373][ T8475] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.304108][ T8475] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.315909][ T8475] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.327394][ T8475] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.342988][ T8506] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 185.352921][ T8506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 185.379882][ T8477] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 185.391447][ T36] Bluetooth: hci1: command 0x040f tx timeout [ 185.397043][ T8477] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.426000][ T8477] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 185.453435][ T2991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 185.486249][ T2991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 185.498673][ T2991] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 185.514291][ T2991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 185.528778][ T2991] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 185.541584][ T2991] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 185.558326][ T8478] device veth0_vlan entered promiscuous mode [ 185.617238][ T8477] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.633331][ T8477] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.638407][ T2793] Bluetooth: hci2: command 0x040f tx timeout [ 185.666930][ T8477] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.703084][ T8477] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.726169][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 185.740444][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 185.752599][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 185.763003][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 185.799788][ T8480] device veth0_vlan entered promiscuous mode [ 185.822365][ T8478] device veth1_vlan entered promiscuous mode [ 185.851803][ T8506] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 185.897800][ T8480] device veth1_vlan entered promiscuous mode [ 185.937824][ T8489] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 185.950095][ T8489] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 185.973585][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 185.982959][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 185.993604][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 186.003877][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 186.015028][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 186.035157][ T8478] device veth0_macvtap entered promiscuous mode [ 186.045264][ T5] Bluetooth: hci3: command 0x040f tx timeout [ 186.050876][ T8480] device veth0_macvtap entered promiscuous mode [ 186.064124][ T8478] device veth1_macvtap entered promiscuous mode [ 186.097611][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 186.102731][ T8497] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 186.104323][ T8480] device veth1_macvtap entered promiscuous mode [ 186.117077][ T8480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 186.117083][ T8480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.117089][ T8480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 186.117093][ T8480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.118352][ T8480] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 186.121382][ T8480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 186.121388][ T8480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.121394][ T8480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 186.121398][ T8480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.122387][ T8480] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 186.127331][ T8480] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.127347][ T8480] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.127365][ T8480] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.128083][ T8480] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.138511][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 186.157427][ T8497] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 186.177944][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 186.367602][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 186.377058][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 186.387037][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 186.396796][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 186.405443][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 186.415411][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 186.425844][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 186.436427][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 186.450683][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 186.476345][ T8510] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 186.477861][ T8478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 186.512320][ T8510] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 186.523684][ T8478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.548001][ T8478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 186.569556][ T8478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.583047][ T8478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 186.598371][ T8478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.622407][ T8478] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 186.655525][ T8478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 186.671564][ T8478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.686268][ T8478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 186.700615][ T8478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.717435][ T8478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 186.735811][ T8478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.756388][ T8478] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 186.770579][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 186.784992][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 186.796666][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 186.807139][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 186.817815][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 186.835757][ T8475] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 186.881732][ T8478] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.911447][ T8478] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.936128][ T8478] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.959900][ T8478] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 15:51:02 executing program 0: 15:51:02 executing program 1: [ 187.030322][ T8] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.049756][ T8] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.094430][ T8509] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready 15:51:02 executing program 1: 15:51:02 executing program 0: [ 187.136011][ T8489] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 15:51:02 executing program 0: 15:51:02 executing program 1: [ 187.155937][ T8489] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.176775][ T8509] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 187.206974][ T8489] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.223739][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.227149][ T2991] Bluetooth: hci0: command 0x0419 tx timeout [ 187.237419][ T8489] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.239878][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.240886][ T2470] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 187.287435][ T8506] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready 15:51:02 executing program 2: 15:51:02 executing program 1: 15:51:02 executing program 0: 15:51:02 executing program 3: 15:51:02 executing program 3: 15:51:02 executing program 1: 15:51:02 executing program 0: 15:51:02 executing program 2: [ 187.468223][ T2991] Bluetooth: hci1: command 0x0419 tx timeout 15:51:02 executing program 0: 15:51:02 executing program 3: 15:51:03 executing program 1: 15:51:03 executing program 2: 15:51:03 executing program 3: 15:51:03 executing program 1: 15:51:03 executing program 0: 15:51:03 executing program 3: 15:51:03 executing program 2: 15:51:03 executing program 1: 15:51:03 executing program 0: 15:51:03 executing program 2: 15:51:03 executing program 0: 15:51:03 executing program 1: 15:51:03 executing program 3: [ 187.717046][ T2991] Bluetooth: hci2: command 0x0419 tx timeout 15:51:03 executing program 2: 15:51:03 executing program 0: 15:51:03 executing program 1: 15:51:03 executing program 2: 15:51:03 executing program 3: 15:51:03 executing program 0: 15:51:03 executing program 1: 15:51:03 executing program 2: 15:51:03 executing program 0: 15:51:03 executing program 1: 15:51:03 executing program 3: 15:51:03 executing program 2: 15:51:03 executing program 0: 15:51:03 executing program 3: 15:51:03 executing program 1: syz_io_uring_setup(0x759b, &(0x7f0000000000), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000080), 0x0) syz_io_uring_setup(0x249d, &(0x7f0000000100), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, &(0x7f00000001c0)) 15:51:03 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), 0x4) accept4(r0, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, 0x0, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) 15:51:03 executing program 3: pselect6(0x0, 0x0, &(0x7f00000018c0), 0x0, 0x0, 0x0) 15:51:03 executing program 0: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000040)={0x81}) [ 188.027535][ T8600] sctp: [Deprecated]: syz-executor.2 (pid 8600) Use of int in max_burst socket option deprecated. [ 188.027535][ T8600] Use struct sctp_assoc_value instead 15:51:03 executing program 0: [ 188.112157][ T2470] Bluetooth: hci3: command 0x0419 tx timeout 15:51:03 executing program 0: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000280)='/dev/uhid\x00', 0x2, 0x0) write$UHID_CREATE(r0, 0x0, 0x0) 15:51:03 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x29, 0x3, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}}, 0x9c) 15:51:03 executing program 1: r0 = mq_open(&(0x7f0000000140)='-+(.))(-,&$l{]@\x00', 0x0, 0x0, 0x0) mq_notify(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}) [ 188.259719][ T8600] sctp: [Deprecated]: syz-executor.2 (pid 8600) Use of int in max_burst socket option deprecated. [ 188.259719][ T8600] Use struct sctp_assoc_value instead 15:51:03 executing program 0: socketpair(0x3, 0x0, 0x8e7, &(0x7f0000000100)) 15:51:03 executing program 0: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0x2, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:04 executing program 3: connect$qrtr(0xffffffffffffffff, 0x0, 0x0) 15:51:04 executing program 2: 15:51:04 executing program 1: 15:51:04 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x5, &(0x7f0000000000)=@framed={{}, [@exit, @call]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:04 executing program 2: syz_io_uring_setup(0x95b, &(0x7f0000000580)={0x0, 0x9ca3, 0x8}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000000600), &(0x7f0000000640)) 15:51:04 executing program 1: syz_emit_ethernet(0x46, &(0x7f0000000080)={@broadcast, @random="8bfead141754", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "e8afa7", 0x10, 0x0, 0x0, @local, @local, {[@hopopts={0x0, 0x1, [], [@ra, @ra]}]}}}}}, 0x0) 15:51:04 executing program 0: recvmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0) 15:51:05 executing program 3: r0 = syz_open_dev$vivid(&(0x7f0000000200)='/dev/video#\x00', 0x3, 0x2) ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000240)={0x0, @reserved}) 15:51:05 executing program 1: socketpair(0x22, 0x0, 0x6, &(0x7f0000000040)) 15:51:05 executing program 0: syz_usb_connect$cdc_ecm(0x0, 0x180, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x16e, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0x2, 0x6, 0x0, 0x0, {{0xb, 0x24, 0x6, 0x0, 0x0, "fccf6f46917a"}, {0x5}, {0xd}, [@mdlm_detail={0x79, 0x24, 0x13, 0x0, "e0d944fa03d438b1a5a1d81104484b0b5646655ef4871a316dd6903277ffbaa8192d08cdc85f2914b25987a22dd71996df7907a0d1e89c61ea0ceb33287a7a8790d886ea2dcd84c5cdc9b27ae23f907f55a703b98ae9fe8e663f48949cd9ef0c5ccaa9b93b65da513fa8f680ad1b0bc4b0598fe577"}, @ncm={0x6}, @network_terminal={0x7}, @mdlm_detail={0xfffffffffffffd94, 0x24, 0x13, 0x0, "66cea91f4ed0c4567b647fa8dfa9e671d7b8402d3376366dd79daa9ebc878113c960b4a8c7e543ee606a33c1d437739759ebefb3cfbd86459e8ca91e694a4ab10ad19be943da75c1b626f2d27824b9c5daf4ce7ec66aeb79e02a1c7d8607167b28e06e9dc0a3b29d04057d364fe85506ae205c8a0c39a2afdfa2869ced2f0a5a1f42af4694dad2b339a1073f5a"}, @mdlm={0xfffffeec, 0x24, 0x12, 0xef81}, @country_functional={0x8, 0x24, 0x7, 0x0, 0x0, [0x0]}]}, {[{}]}}}]}}]}}, 0x0) 15:51:05 executing program 1: clock_gettime(0x0, &(0x7f0000001940)) 15:51:05 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000280)='/dev/mixer\x00', 0x0, 0x0) ioctl$SOUND_MIXER_READ_VOLUME(r0, 0x80044d02, &(0x7f00000002c0)) 15:51:05 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000340)={0x0, @in={{0x2, 0x0, @empty}}}, &(0x7f00000002c0)=0x98) 15:51:05 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={0x0, @in6={{0x2, 0x0, 0x0, @remote}}}, 0x9c) 15:51:05 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x4, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:05 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x10, 0x0, 0x0) 15:51:05 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180)='TIPCv2\x00') sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000600)={0x18, r1, 0xcb6cf3921e52ee5, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x4}]}, 0x18}}, 0x0) [ 190.091924][ T2470] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 190.377975][ T2470] usb 5-1: Using ep0 maxpacket: 8 [ 190.519181][ T2470] usb 5-1: config 1 has an invalid descriptor of length 129, skipping remainder of the config [ 190.544331][ T2470] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 190.727178][ T2470] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 190.741298][ T2470] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 190.754605][ T2470] usb 5-1: Product: syz [ 190.760306][ T2470] usb 5-1: Manufacturer: syz [ 190.766342][ T2470] usb 5-1: SerialNumber: syz [ 190.846438][ T2470] usb 5-1: bad CDC descriptors [ 191.043892][ T1241] usb 5-1: USB disconnect, device number 2 [ 191.826994][ T8509] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 192.076801][ T8509] usb 5-1: Using ep0 maxpacket: 8 [ 192.217203][ T8509] usb 5-1: config 1 has an invalid descriptor of length 129, skipping remainder of the config [ 192.238647][ T8509] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 192.447174][ T8509] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 192.461978][ T8509] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 192.473425][ T8509] usb 5-1: Product: syz [ 192.483971][ T8509] usb 5-1: Manufacturer: syz [ 192.492845][ T8509] usb 5-1: SerialNumber: syz [ 192.549298][ T8509] usb 5-1: bad CDC descriptors [ 192.759899][ T18] usb 5-1: USB disconnect, device number 3 15:51:08 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x4, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000540), &(0x7f0000000640)=0x8) 15:51:08 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180)='TIPCv2\x00') sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000600)={0x18, r1, 0xcb6cf3921e52ee5, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x4}]}, 0x18}}, 0x0) 15:51:08 executing program 0: bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xfffffffc}, 0x8) 15:51:08 executing program 1: openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/mISDNtimer\x00', 0x4000, 0x0) 15:51:08 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="c4"], 0x2c4}}, 0x0) 15:51:08 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x200100, 0x0) ioctl$SOUND_MIXER_READ_STEREODEVS(r0, 0x80044dfb, 0x0) 15:51:08 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000)={0x0, 0x1f, 0xf856, 0x4}, 0x8) 15:51:08 executing program 1: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001700)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f00000017c0)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @ib={0x1b, 0x0, 0x0, {"c047798bd4871ad2a8dd5fa5cb2581e4"}}}}, 0x118) 15:51:08 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4}) 15:51:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x7c, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}}, 0x9c) 15:51:08 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000000)={'wg2\x00'}) 15:51:08 executing program 2: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000280)='/dev/uhid\x00', 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000000340)={0x0, {'syz0\x00', 'syz1\x00', 'syz1\x00', 0x0}}, 0x120) 15:51:08 executing program 1: openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nvme-fabrics\x00', 0x161000, 0x0) 15:51:08 executing program 3: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0) write$vhost_msg_v2(r0, &(0x7f0000000140)={0x2, 0x0, {0x0, 0x0, 0x0}}, 0x48) 15:51:08 executing program 2: openat$udambuf(0xffffffffffffff9c, &(0x7f0000000080)='/dev/udmabuf\x00', 0x2) 15:51:08 executing program 3: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0) write$vhost_msg_v2(r0, &(0x7f0000000140)={0x2, 0x0, {0x0, 0x0, 0x0}}, 0x48) 15:51:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x6e, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}}, 0x9c) 15:51:08 executing program 1: r0 = getpgid(0x0) waitid(0x2, r0, 0x0, 0x2, 0x0) 15:51:08 executing program 3: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0x10, 0x0) 15:51:08 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4}) 15:51:08 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) write$P9_RFLUSH(r0, 0x0, 0x0) 15:51:08 executing program 1: syz_usb_connect$cdc_ecm(0x0, 0x51, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3f, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, [@mdlm_detail={0x4}]}}}]}}]}}, 0x0) 15:51:08 executing program 2: msgctl$IPC_STAT(0x0, 0x2, &(0x7f0000000280)=""/209) 15:51:08 executing program 2: msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000740)={{0x2, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) 15:51:08 executing program 3: openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x4c600, 0x0) 15:51:08 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x9, 0x2, &(0x7f0000000180)=@raw=[@map={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x3, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}}, 0x9c) 15:51:08 executing program 0: syz_io_uring_setup(0x7e41, &(0x7f0000000100), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f0000000180)) 15:51:08 executing program 3: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x867d}) [ 193.646904][ T8509] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 193.896742][ T8509] usb 6-1: Using ep0 maxpacket: 8 [ 194.036974][ T8509] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 194.247107][ T8509] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 194.271267][ T8509] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.291419][ T8509] usb 6-1: Product: syz [ 194.306863][ T8509] usb 6-1: Manufacturer: syz [ 194.322532][ T8509] usb 6-1: SerialNumber: syz [ 194.389280][ T8509] usb 6-1: bad CDC descriptors [ 194.604403][ T8509] usb 6-1: USB disconnect, device number 2 [ 195.387034][ T8506] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 195.637632][ T8506] usb 6-1: Using ep0 maxpacket: 8 [ 195.767010][ T8506] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 195.947137][ T8506] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 195.960916][ T8506] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 195.972970][ T8506] usb 6-1: Product: syz [ 195.978833][ T8506] usb 6-1: Manufacturer: syz [ 195.985086][ T8506] usb 6-1: SerialNumber: syz [ 196.047807][ T8506] usb 6-1: bad CDC descriptors [ 196.250085][ T1241] usb 6-1: USB disconnect, device number 3 15:51:11 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000000)={0x0, 0x0, 0x30}, &(0x7f0000000040)=0x18) 15:51:11 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000680)={'erspan0\x00', 0x0}) 15:51:11 executing program 0: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/vcs\x00', 0x0, 0x0) read$alg(r0, &(0x7f0000000600)=""/196, 0xc4) 15:51:11 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x1b, 0x0, 0x0) 15:51:11 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x10, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:11 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000480), 0x8) 15:51:11 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) accept4(r0, 0x0, 0x0, 0x1800) 15:51:11 executing program 2: msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000040)={{0x1, 0xffffffffffffffff, 0x0, 0xee00, 0xee00}}) 15:51:11 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x8, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:11 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x16, 0x0, 0x0) 15:51:11 executing program 0: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0xc0445636, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:12 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x16, 0x0, 0x0) 15:51:12 executing program 1: openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000380)='/dev/nvme-fabrics\x00', 0x101401, 0x0) 15:51:12 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x16, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:12 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x401}) 15:51:12 executing program 1: syz_usb_connect$cdc_ecm(0x0, 0x5b, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x49, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, [@mdlm_detail={0x4}, @ncm={0x6, 0x24, 0x1a, 0x0, 0x1}, @mdlm_detail={0x4}]}, {[], {}, {{0x9, 0x5, 0x3, 0x2, 0x400}}}}}]}}]}}, 0x0) 15:51:12 executing program 0: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0xc0445636, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:12 executing program 3: r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000080)='/dev/udmabuf\x00', 0x2) ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f00000000c0)) 15:51:12 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x401}) 15:51:12 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x2}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:12 executing program 0: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0xc0445636, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:12 executing program 3: r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/renderD128\x00', 0x0, 0x0) ioctl$sock_bt_bnep_BNEPGETCONNINFO(r0, 0x800442d3, 0x0) 15:51:12 executing program 0: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0xc0445636, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) [ 196.936806][ T2470] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 197.196679][ T2470] usb 6-1: Using ep0 maxpacket: 8 [ 197.367927][ T2470] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 197.536798][ T2470] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 197.552355][ T2470] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 197.562971][ T2470] usb 6-1: Product: syz [ 197.568180][ T2470] usb 6-1: Manufacturer: syz [ 197.574409][ T2470] usb 6-1: SerialNumber: syz [ 197.607607][ T8837] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 197.647924][ T2470] usb 6-1: bad CDC descriptors [ 197.850431][ T8506] usb 6-1: USB disconnect, device number 4 [ 198.626983][ T1244] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 198.897382][ T1244] usb 6-1: Using ep0 maxpacket: 8 [ 199.057000][ T1244] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 199.247067][ T1244] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 199.261773][ T1244] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 199.278046][ T1244] usb 6-1: Product: syz [ 199.284304][ T1244] usb 6-1: Manufacturer: syz [ 199.291745][ T1244] usb 6-1: SerialNumber: syz [ 199.318533][ T8837] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 199.350268][ T1244] usb 6-1: bad CDC descriptors [ 199.553164][ T5] usb 6-1: USB disconnect, device number 5 15:51:15 executing program 2: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001b00)='/dev/nvme-fabrics\x00', 0x0, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000005, 0x10, r0, 0x10000000) 15:51:15 executing program 0: ioctl$VIDIOC_G_MODULATOR(0xffffffffffffffff, 0xc0445636, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:15 executing program 3: setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000480)=[@in6={0xa, 0x4e20, 0x3, @remote, 0x5}, @in={0x2, 0x4e22, @private=0xa010101}, @in={0x2, 0x0, @remote}], 0x3c) 15:51:15 executing program 1: openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x4c600, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x0) 15:51:15 executing program 2: syz_io_uring_setup(0x7e41, &(0x7f0000000100)={0x0, 0x0, 0x20}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f0000000180)) 15:51:15 executing program 0: ioctl$VIDIOC_G_MODULATOR(0xffffffffffffffff, 0xc0445636, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:15 executing program 3: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, 0x0, &(0x7f0000003040)) 15:51:15 executing program 1: clock_gettime(0x4, &(0x7f0000000240)) 15:51:15 executing program 0: ioctl$VIDIOC_G_MODULATOR(0xffffffffffffffff, 0xc0445636, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:15 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x2, &(0x7f0000000180)=@raw=[@map={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [0x2], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:15 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0xf, 0x0, 0x0) 15:51:15 executing program 1: pselect6(0x40, &(0x7f0000001880), 0x0, &(0x7f0000001900)={0x1}, &(0x7f0000001980), 0x0) 15:51:15 executing program 0: r0 = syz_open_dev$radio(0x0, 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0xc0445636, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:15 executing program 2: syz_emit_ethernet(0x7a, &(0x7f0000000140)={@multicast, @random="8bfead141754", @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "fbaeb1", 0x44, 0x2f, 0x0, @local, @private1, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x57}}}}}}}, 0x0) 15:51:15 executing program 3: r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000003280)='/dev/qrtr-tun\x00', 0x0) read$qrtrtun(r0, 0x0, 0x0) 15:51:15 executing program 1: setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000480)=[@in6={0xa, 0x4e20, 0x3, @remote, 0x5}, @in={0x2, 0x0, @private}, @in={0x2, 0x0, @remote}], 0x3c) 15:51:15 executing program 0: r0 = syz_open_dev$radio(0x0, 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0xc0445636, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:15 executing program 2: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001b00)='/dev/nvme-fabrics\x00', 0x0, 0x0) r1 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001b00)='/dev/nvme-fabrics\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000040)) 15:51:15 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000180), &(0x7f00000001c0)=0x8) 15:51:15 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x4, 0x0, 0x0) 15:51:15 executing program 0: r0 = syz_open_dev$radio(0x0, 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0xc0445636, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:15 executing program 1: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) syz_io_uring_setup(0xfa3, &(0x7f0000000180), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0, 0x0) write$P9_RVERSION(r0, &(0x7f0000000380)={0x13, 0x65, 0xffff, 0x0, 0x6, '9P2000'}, 0x13) 15:51:16 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000280), 0x20) 15:51:16 executing program 3: syz_usb_connect$cdc_ecm(0x0, 0x57, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x45, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, [@mdlm_detail={0x4}, @ncm={0x6}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x40}}, {{0x9, 0x5, 0x3, 0x2, 0x400}}}}}]}}]}}, 0x0) 15:51:16 executing program 0: syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(0xffffffffffffffff, 0xc0445636, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:16 executing program 1: syz_io_uring_setup(0x759b, &(0x7f0000000000), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000080), 0x0) syz_io_uring_setup(0x249d, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x260}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) 15:51:16 executing program 2: memfd_create(0x0, 0xd) 15:51:16 executing program 0: syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(0xffffffffffffffff, 0xc0445636, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:16 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x2, &(0x7f0000000180)=@raw=[@map={0x18, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2000000}], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:16 executing program 0: syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(0xffffffffffffffff, 0xc0445636, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:16 executing program 1: io_uring_setup(0x4038, &(0x7f0000000000)={0x0, 0x0, 0x2}) 15:51:16 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}}, 0x9c) [ 201.036755][ T5] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 201.286764][ T5] usb 8-1: Using ep0 maxpacket: 8 [ 201.406988][ T5] usb 8-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 201.587949][ T5] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 201.610138][ T5] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.622702][ T5] usb 8-1: Product: syz [ 201.631219][ T5] usb 8-1: Manufacturer: syz [ 201.636797][ T5] usb 8-1: SerialNumber: syz [ 201.657960][ T8946] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 201.669069][ T8946] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 201.697931][ T5] usb 8-1: bad CDC descriptors [ 201.902080][ T5] usb 8-1: USB disconnect, device number 2 [ 202.666843][ T5] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 202.916676][ T5] usb 8-1: Using ep0 maxpacket: 8 [ 203.036809][ T5] usb 8-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 203.206941][ T5] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 203.219213][ T5] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.228510][ T5] usb 8-1: Product: syz [ 203.233588][ T5] usb 8-1: Manufacturer: syz [ 203.238868][ T5] usb 8-1: SerialNumber: syz [ 203.267663][ T8946] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 203.281026][ T8946] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 203.307763][ T5] usb 8-1: bad CDC descriptors [ 203.511438][ T5] usb 8-1: USB disconnect, device number 3 15:51:19 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:19 executing program 0: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0xc0445636, 0x0) 15:51:19 executing program 2: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) recvfrom$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x2, 0x0, @private}, 0x10) 15:51:19 executing program 1: socketpair(0x1d, 0x0, 0x0, &(0x7f0000000040)) 15:51:19 executing program 0: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0xc0445636, 0x0) [ 203.561906][ T8987] can: request_module (can-proto-0) failed. 15:51:19 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={0x0, 0x0, 0xe6, 0x0, 0x1}, 0x20) [ 203.876562][ T8987] can: request_module (can-proto-0) failed. 15:51:19 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x76, 0x0, 0x0) 15:51:19 executing program 1: openat$ppp(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/ppp\x00', 0x681c0, 0x0) 15:51:19 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300), 0x14) 15:51:19 executing program 0: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0xc0445636, 0x0) 15:51:19 executing program 1: socket(0x1d, 0x0, 0x200) 15:51:19 executing program 2: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vcs\x00', 0x0, 0x0) sendmsg$NLBL_CALIPSO_C_LISTALL(r0, 0x0, 0x0) 15:51:19 executing program 3: socket$inet6(0xa, 0x1, 0x6d) 15:51:19 executing program 1: epoll_pwait(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x1, 0x0, &(0x7f00000002c0)={[0x1fe]}, 0x8) 15:51:19 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0xc0a85352, &(0x7f0000000000)={{0x0, 0x4}, 'port1\x00'}) 15:51:19 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x5, &(0x7f0000000100)=@framed={{}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:19 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe) 15:51:19 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, 0x0, &(0x7f0000000240)) 15:51:19 executing program 3: socketpair(0x22, 0x0, 0x0, &(0x7f0000000040)) 15:51:19 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe) 15:51:19 executing program 2: r0 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r0, &(0x7f0000000000)) 15:51:19 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000040)={0x0, 0x8}, 0x10) 15:51:19 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe) 15:51:20 executing program 0: clock_gettime(0x0, &(0x7f0000001940)={0x0}) pselect6(0x40, &(0x7f0000001880), &(0x7f00000018c0)={0x4}, &(0x7f0000001900)={0x1}, &(0x7f0000001980)={r0}, &(0x7f0000001a00)={&(0x7f00000019c0)={[0x7f]}, 0x8}) 15:51:20 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}}, 0x98) 15:51:20 executing program 3: r0 = socket$qrtr(0x2a, 0x2, 0x0) ioctl$sock_qrtr_TIOCOUTQ(r0, 0x5411, &(0x7f00000002c0)) 15:51:20 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe) 15:51:20 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000000000c4000000c40000000a"], &(0x7f0000000100)=""/205, 0xe6, 0xcd, 0x1}, 0x20) 15:51:20 executing program 1: setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe) 15:51:20 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x22, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:20 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1b, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:20 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x2, &(0x7f0000000180)=@raw=[@map={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:20 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000480)=[@in6={0xa, 0x0, 0x0, @private0}], 0x1c) 15:51:20 executing program 1: setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe) 15:51:20 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000000), 0x4) 15:51:20 executing program 0: 15:51:20 executing program 1: setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe) 15:51:20 executing program 3: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000300), 0x10) 15:51:20 executing program 0: syz_emit_ethernet(0x7a, &(0x7f0000000140)={@multicast, @random="8bfead141754", @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "fbaeb1", 0x44, 0x2f, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff]}, @private1, {[], {{0x0, 0x0, 0x1, 0x0, 0x2}}}}}}}, 0x0) 15:51:20 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x17, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:20 executing program 1: r0 = socket$inet6_sctp(0xa, 0x0, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe) 15:51:21 executing program 2: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 15:51:21 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, 0x0, &(0x7f0000000240)) 15:51:21 executing program 3: memfd_create(&(0x7f0000000100)=')\xe9', 0x0) 15:51:21 executing program 1: r0 = socket$inet6_sctp(0xa, 0x0, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe) 15:51:21 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x11, 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="18"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:21 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x8, 0x2, &(0x7f0000000180)=@raw=[@map={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:21 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x6, 0x0, 0x0) 15:51:21 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x23, 0x0, 0x0) 15:51:21 executing program 1: r0 = socket$inet6_sctp(0xa, 0x0, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe) 15:51:21 executing program 3: openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x109400, 0x0) 15:51:21 executing program 0: syz_emit_ethernet(0x46, &(0x7f0000000080)={@broadcast, @random="8bfead141754", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "e8afa7", 0x10, 0x0, 0x0, @local, @local, {[@hopopts={0x0, 0x1, [], [@ra, @generic={0x1, 0x2, "adb9"}]}]}}}}}, 0x0) 15:51:21 executing program 2: syz_io_uring_setup(0x759b, &(0x7f0000000000), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) syz_io_uring_setup(0x249d, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2, 0x260}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) 15:51:21 executing program 0: openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001b00)='/dev/nvme-fabrics\x00', 0x0, 0x0) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x4c600, 0x0) 15:51:21 executing program 1: socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe) 15:51:21 executing program 3: syz_io_uring_setup(0x7fffffff, &(0x7f0000000000), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000100), &(0x7f0000000140)) 15:51:21 executing program 1: socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe) 15:51:21 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x541b, 0x0) 15:51:21 executing program 1: socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe) 15:51:21 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:21 executing program 3: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0xc0a85352, &(0x7f0000000000)={{0xee}, 'port1\x00'}) 15:51:21 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x24, 0x0, 0x0) 15:51:21 executing program 0: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nvme-fabrics\x00', 0x0, 0x0) epoll_pwait(r0, &(0x7f0000001140)=[{}], 0x1, 0x0, 0x0, 0x0) 15:51:21 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, 0x0, 0x0) 15:51:21 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000040)=[@in6={0xa, 0x0, 0x0, @private0}, @in={0x2, 0x0, @empty}], 0x2c) 15:51:21 executing program 0: clock_gettime(0x0, &(0x7f00000002c0)={0x0, 0x0}) select(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000280)={0x8}, &(0x7f0000000300)={0x0, r0/1000+10000}) 15:51:21 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, 0x0, 0x0) 15:51:21 executing program 2: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000280)='/dev/mixer\x00', 0x0, 0x0) ioctl$SOUND_MIXER_READ_VOLUME(r0, 0x80044d02, 0x0) 15:51:21 executing program 3: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nvme-fabrics\x00', 0x1, 0x0) write$P9_RSYMLINK(r0, 0x0, 0x0) 15:51:21 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, 0x0, 0x0) 15:51:21 executing program 0: pselect6(0x0, 0x0, &(0x7f00000018c0), &(0x7f0000001900), 0x0, 0x0) [ 206.522596][ T9199] nvme_fabrics: missing parameter 'transport=%s' [ 206.538863][ T9199] nvme_fabrics: missing parameter 'nqn=%s' 15:51:22 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x8, &(0x7f0000000540)=ANY=[@ANYBLOB="1800ff5058a354c756"], &(0x7f0000000080)='GPL\x00', 0x1, 0xc0, &(0x7f00000000c0)=""/192, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:22 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000140), 0xe) 15:51:22 executing program 3: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x10, r0, 0x8000000) 15:51:22 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000140), 0xe) 15:51:22 executing program 2: r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000080)='/dev/udmabuf\x00', 0x2) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000013c0)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f00000000c0)={r1, 0x0, 0x0, 0x8000}) 15:51:22 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x82, 0x0, 0x0) 15:51:22 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000140), 0xe) 15:51:22 executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x0, @multicast1}], 0x10) 15:51:22 executing program 3: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000400)=[@in={0x2, 0x0, @dev}], 0x10) 15:51:22 executing program 2: r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/renderD128\x00', 0x0, 0x0) ioctl$DRM_IOCTL_NEW_CTX(r0, 0x40086425, &(0x7f0000000140)) 15:51:22 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$HIDIOCINITREPORT(r0, 0x4805, 0x0) 15:51:22 executing program 1: syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0x1450, 0x0) 15:51:22 executing program 2: pipe2$9p(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RRENAME(r0, &(0x7f0000000300)={0x7}, 0x7) write$P9_RRENAMEAT(r0, &(0x7f0000000340)={0x7}, 0x7) 15:51:22 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x0, 0x0) ioctl$SOUND_MIXER_INFO(r0, 0x805c4d65, &(0x7f0000000100)) 15:51:23 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x8, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}}, 0x9c) 15:51:23 executing program 0: shmctl$SHM_STAT_ANY(0x0, 0xf, &(0x7f0000000000)=""/204) 15:51:23 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x1, "bd"}, &(0x7f0000001040)=0x9) 15:51:23 executing program 3: pselect6(0x40, &(0x7f0000001880), 0x0, &(0x7f0000001900), &(0x7f0000001980), 0x0) 15:51:23 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @loopback}}}, 0x9c) 15:51:23 executing program 0: r0 = epoll_create(0x6d2) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) epoll_ctl$EPOLL_CTL_ADD(r0, 0x2, r1, 0x0) 15:51:23 executing program 2: socket(0x2, 0x5, 0x4) 15:51:23 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @loopback}}}, 0x9c) 15:51:23 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000300), 0x8) 15:51:23 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, 0x0, &(0x7f00000006c0)) 15:51:23 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x401}) 15:51:23 executing program 3: syz_open_dev$hiddev(&(0x7f0000000440)='/dev/usb/hiddev#\x00', 0x0, 0x14401) 15:51:23 executing program 1: sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, 0x0, 0xf825e9dfac12889e) 15:51:23 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000680), &(0x7f00000006c0)=0x14) 15:51:24 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x79, 0x0, 0x0) 15:51:24 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_LIST(r0, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x14}, 0x14}}, 0x0) 15:51:24 executing program 3: r0 = getpgid(0x0) sched_setattr(r0, &(0x7f0000000000)={0x38}, 0x0) 15:51:24 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000001340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000001300)={0xffffffffffffffff}, 0x111}}, 0x20) syz_usb_connect$printer(0x4, 0x2d, &(0x7f0000001480)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1}}]}}, 0x0) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r0, &(0x7f0000002100)={0x5, 0x10, 0xfa00, {&(0x7f0000001f00), r1}}, 0x18) 15:51:24 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x401}) 15:51:24 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f00000019c0)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000001bc0)={0x0, 0x2, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "ec3fb223"}, 0x0, 0x0, @fd}) 15:51:24 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_LIST(r0, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x14}, 0x14}}, 0x0) 15:51:24 executing program 3: openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvme-fabrics\x00', 0x2b4301, 0x0) 15:51:24 executing program 1: pselect6(0x0, 0x0, &(0x7f00000018c0), &(0x7f0000001900), &(0x7f0000001980), 0x0) 15:51:24 executing program 1: syz_emit_ethernet(0x42, &(0x7f00000012c0)={@local, @remote, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "c8b6e7", 0xc, 0x11, 0x0, @remote, @private0, {[], {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}}, 0x0) 15:51:24 executing program 3: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r0, 0xc058534b, &(0x7f0000000100)) 15:51:24 executing program 3: clock_gettime(0x0, &(0x7f0000001940)={0x0, 0x0}) pselect6(0x0, 0x0, &(0x7f00000018c0)={0x4}, &(0x7f0000001900), &(0x7f0000001980)={0x0, r0+60000000}, &(0x7f0000001a00)={&(0x7f00000019c0), 0x8}) 15:51:24 executing program 0: mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x30, 0xffffffffffffffff, 0x10000000) 15:51:24 executing program 1: syz_emit_ethernet(0x42, &(0x7f00000012c0)={@local, @remote, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "c8b6e7", 0xc, 0x11, 0x0, @remote, @private0, {[], {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}}, 0x0) 15:51:24 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000001340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000001300)={0xffffffffffffffff}, 0x111}}, 0x20) syz_usb_connect$printer(0x4, 0x2d, &(0x7f0000001480)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1}}]}}, 0x0) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r0, &(0x7f0000002100)={0x5, 0x10, 0xfa00, {&(0x7f0000001f00), r1}}, 0x18) 15:51:24 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x6e, 0x0, 0x0) 15:51:24 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote, 0x2}}}, 0x9c) 15:51:24 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[], &(0x7f0000000100)=""/205, 0xe6, 0xcd, 0x1}, 0x20) 15:51:24 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000000)=@framed={{0x61}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:25 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000700), &(0x7f0000000740)=0xfffffffffffffe67) 15:51:25 executing program 1: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x4c600, 0x0) 15:51:25 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x7}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:25 executing program 0: syz_emit_ethernet(0x3e, &(0x7f0000000080)={@broadcast, @random="8bfead141754", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "e8afa7", 0x8, 0x0, 0x0, @local, @local, {[@hopopts]}}}}}, 0x0) 15:51:25 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc) 15:51:25 executing program 3: syz_io_uring_setup(0x1d62, &(0x7f0000000000)={0x0, 0x0, 0x4}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0, 0x0) 15:51:25 executing program 2: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001b00)='/dev/nvme-fabrics\x00', 0x0, 0x0) ioctl$mixer_OSS_ALSAEMULVER(r0, 0x80044df9, 0x0) 15:51:25 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001b00)='/dev/nvme-fabrics\x00', 0x0, 0x0) write$P9_RVERSION(r0, 0x0, 0x0) 15:51:25 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000180)={{}, 'syz0\x00'}) ioctl$UI_DEV_DESTROY(r0, 0x5502) 15:51:25 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x35}}}], 0x1c) 15:51:25 executing program 1: socketpair(0x9, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_GET_MPATH(0xffffffffffffffff, 0x0, 0x0) openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000280)='/dev/uhid\x00', 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000000340)={0x0, {'syz0\x00', 'syz1\x00', 'syz1\x00', &(0x7f00000002c0)=""/91, 0x5b}}, 0x120) 15:51:25 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0xd, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:25 executing program 0: bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0x0, 0x0, 0x8}, 0xc) 15:51:25 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000180)={{}, 'syz0\x00'}) ioctl$UI_DEV_DESTROY(r0, 0x5502) [ 210.423948][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.441340][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 15:51:25 executing program 0: clock_getres(0x2, 0x0) r0 = syz_usb_connect$cdc_ecm(0x5, 0x5e, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x4c, 0x1, 0x1, 0x6, 0xa0, 0x2, [{{0x9, 0x4, 0x0, 0x9e, 0x3, 0x2, 0x6, 0x0, 0x6, {{0x6, 0x24, 0x6, 0x0, 0x0, "ca"}, {0x5, 0x24, 0x0, 0xd232}, {0xd, 0x24, 0xf, 0x1, 0xfffff46a, 0x82c, 0x2, 0x3}, [@dmm={0x7, 0x24, 0x14, 0x9, 0xffff}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x10, 0x8, 0x7f, 0x80}}], {{0x9, 0x5, 0x82, 0x2, 0x40, 0x59, 0x0, 0x2}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x6, 0x8, 0x7}}}}}]}}]}}, &(0x7f0000000600)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x310, 0x20, 0x81, 0x4, 0x10, 0x6}, 0x5, &(0x7f00000000c0)={0x5, 0xf, 0x5}, 0x9, [{0x4, &(0x7f0000000100)=@lang_id={0x4, 0x3, 0x82c}}, {0x14, &(0x7f0000000140)=@string={0x14, 0x3, "e4832a134999bc65fce2e6ef5f07a05f1837"}}, {0xc1, &(0x7f0000000180)=@string={0xc1, 0x3, "92080797ec62ad4ba934817728921af7644498509ec3ac1545f8a6c2c1678fdae7d5861f9cc10577ac97e49736248587c70b5739833db39a384adf5ded74f462d63a4cecbe548d0336e61ec229580352952591b08a6ebb0cb916343b25b9eb9c506ab088ad4450bb66f044d1025e8fad181029b1180efeddc000a0b79028b62878e846082cd08e97b5db0921ef10df24d173e0b55f32e9cf954197401fedc23f38acc5dbc78a7efd8bbf9e9260d6f902f30dae7da72d48ccc8610831b728b1"}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x804}}, {0x90, &(0x7f00000002c0)=@string={0x90, 0x3, "e24419616609bc73e27bd5c6bfec40e3be76bbfdec7e6de54825e9ca7a9889585eb8cc57da77f09e0267ff62c604862f34240e958e85c1bb56f85f460ecae8ace3e66098cc651827efda16d8b21670107a381c25569b37e08cb2e4757bff1bfb487f5de40f96e4216939f846520024f659159659908c9581674320d7654abe5519223bebcefe575d0c17a7ec67bd"}}, {0xf0, &(0x7f0000000380)=@string={0xf0, 0x3, "b01fa3d6947dac290421534b357d2c7a9ac2c9fd270db3b16a404b671b63fcd084f81db2bebe84cf0a8a68311af61d1e782253cc17201e2478e64c090bf2b8c29c4a8362f3dd537864fab4adef2445fc6ecf004216f7b8ec69c3d4bdd38adeaa8a1060c950f6cfc581ea221e846a6921febe3931526e7c7a43b0b5ae48151b3675f23d8a191a562737853cd038b9f5e804e36ebe61c7addeb11be062afeda9aea43a7719871b3f28743de6c5514b7185a9e25efa3da10bc563d42a26580e41d959fc7f8b1877b96a6232926a665fdfe22741c135d12f0b50b454cde2e36f41a8493beed7aadba22f25d265e5a821"}}, {0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x40a}}, {0x2d, &(0x7f00000004c0)=@string={0x2d, 0x3, "77c563f6796a7ec71560075ff4f87a553710f2195c03f097a783e76fe41b6fd519674cf1f73e930975aa9f"}}, {0xee, &(0x7f0000000500)=@string={0xee, 0x3, "e2ede24bb29921550bbf280af741c283a4c2b31077e39213dbf98d1804de72b27b1c3227ce1c10c5eedfa9f4a467c23371b4cae22b49ffe80a206bf29ea5fc3d2429c402a58c3d3a382970f3020fdec35faa22bf3bfb91d8273721775b9a4c09db6691b86a042b159ac3b06bcf7a8911071a7e6879d9e2ab441b1b843d8e385caea7a001424d80a8a62d84c804c36d70400648cd82029a36cda44af9814463454232e0099d27a24063b9f26e934d80294e737629dd1adccfa5aea67df619d5ca4cde26419b3c9983c02b8cd911da05f52a589419cc2f01edb6d8b1e070c79db0f2607246ddda024b2d2e87f7"}}]}) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000009c0)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000c40)={&(0x7f0000000980), 0xc, &(0x7f0000000c00)={&(0x7f0000000a00)={0x1e0, r1, 0xc07, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_MEDIA={0x30, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}]}, @TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0xa57}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7ff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x10000}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xec3}]}, @TIPC_NLA_SOCK={0x10, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_PUBL={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x14f}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xe24}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x80000001}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4fb1}, @TIPC_NLA_PUBL_LOWER={0x8}]}, @TIPC_NLA_NODE={0xec, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x44, 0x4, {'gcm(aes)\x00', 0x1c, "286064030d22d7a5dcd0700e5b19921e21c777f0a8691e6d96c6537e"}}, @TIPC_NLA_NODE_KEY={0x48, 0x4, {'gcm(aes)\x00', 0x20, "35c7cffb21217ca81de0d20dd367f55a49ec101a119bc782340fbb17ea66d292"}}, @TIPC_NLA_NODE_ID={0x57, 0x3, "b21fe90e6c2677f45f61e5147590bc38fcfcf67ff83a81b1de3feed4d7f4d1e57ff7a6804e208b921f62765e1fb2472a46c074858acaed96d03634dc22661eb3b9e941aa291d117b7646e67951f1e4ffee4296"}, @TIPC_NLA_NODE_UP={0xfffffffffffffdc1}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xffff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x885}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}]}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x40000}, 0x81) syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000780)={0x14, &(0x7f00000006c0)={0x0, 0xc, 0x68, {0x68, 0xc, "91ead5356294715523a39f5acb09be3ff0c8b707e43c6149f3b1e2a140904d171928ce6318cc32b3cf601233569930accada6f13010d864bcc2f69c57326a0cd6be387bcea470ea5e4c2b1084779a6500f3d888b4528ff75103557ebe72e78d219682c90c519"}}, &(0x7f0000000740)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000940)={0x1c, &(0x7f00000007c0)={0x20, 0x9, 0xf7, "7283702ca07699fcb78dbe48de84c5b40aa2ae7548b1ac8632123d2af8fb306c7b2ae0ecd891096f7e7a97c94557935f8bb236a401596ffff7b876fb8814fbf17bf625d39d957deed20dc5bb8405661fab301ec61fc03e64106e2bd4caf1aaaf8d13ea4ae0d3fadab2a8183a4f43dcefaae08b51d9e34bb11552eb362a71da18b98188b634fecab946ffb0a46d03bfd60f804c349f6a0867af937f717de5b8b719d2d6199e5f917704a6abed65c22d9daf06a8bf7a0aa76b1aa8e7ef3e90ed315a9237b17be5c119924b92aa0102ea612d5e1177e273b3503457420fa3854bd3aee286a1af5a6c508d8e231b07f22b6bd7f8c220ca1cf5"}, &(0x7f00000008c0)={0x0, 0xa, 0x1, 0xff}, &(0x7f0000000900)={0x0, 0x8, 0x1, 0x8}}) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000c80)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) 15:51:25 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockname(r0, 0x0, 0x0) [ 210.522374][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 15:51:26 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x19, 0x0, 0x0) [ 210.546378][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 15:51:26 executing program 2: syz_emit_ethernet(0x106, &(0x7f0000000080)={@broadcast, @random="8bfead141754", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "e8afa7", 0xd0, 0x2f, 0x0, @local, @local, {[@hopopts={0x0, 0x19, [], [@ra, @ra, @generic={0x0, 0x9f, "adb9385792a9bb7c0de1fdabbc14ce203031681649f26946255779f24d58b3de315ffd954fae03956f39c565940f6abfd36ef47239054592d35650a544a8d9a6f777e18d1423bed6ecf4a1997dfb22fe1c6e20924a553d1ac7b5efdd6287906daaec5cf5babedaf011587e5664d7ef9b1ab5acd18dcc1c129156c12585da16e397faf51d7efb9ff372ff3b0957c72a9793c048a28e2aec85a42e893ad16b57"}, @hao={0xc9, 0x10, @private2}, @pad1, @ra, @jumbo]}]}}}}}, 0x0) [ 210.569074][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.593705][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.611134][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.623729][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.642083][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.661544][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.681159][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.691556][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.699993][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.708996][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.719626][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.735490][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.750705][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.766231][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.775182][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.784178][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.796070][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.805291][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.816225][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.828967][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.843793][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.853239][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.857069][ T8509] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 210.865942][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.889305][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.899153][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.908955][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.918324][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.926794][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.936823][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.945517][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.954692][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.966851][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.975653][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 210.984788][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.000044][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.009354][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.020582][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.029769][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.038700][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.047348][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.056289][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.065720][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.075055][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.083381][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.092412][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.102378][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.111173][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.119543][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.128054][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.136838][ T8509] usb 5-1: Using ep0 maxpacket: 8 [ 211.137238][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.153372][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.162950][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.171668][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.180827][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.190125][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.201010][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.209989][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.219028][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.235302][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.245481][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.255281][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.266787][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.283107][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.296875][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.307950][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.318477][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.333661][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.343196][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.356962][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.357406][ T8509] usb 5-1: config 1 interface 0 altsetting 158 bulk endpoint 0x82 has invalid maxpacket 64 [ 211.369819][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.386406][ T8509] usb 5-1: config 1 interface 0 altsetting 158 bulk endpoint 0x3 has invalid maxpacket 1024 [ 211.397149][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.397166][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.397182][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.397195][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.397209][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.397222][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.411788][ T8509] usb 5-1: config 1 interface 0 has no altsetting 0 [ 211.480108][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.489512][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.498856][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.507684][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.516070][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.525426][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.534203][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.542651][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.551543][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.561082][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.570873][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 211.577172][ T8509] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 211.588260][ T28] hid-generic 0000:0000:0000.0002: hidraw1: HID v0.00 Device [syz0] on syz1 [ 211.599446][ T8509] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 15:51:27 executing program 1: wait4(0x0, 0x0, 0x0, &(0x7f0000000240)) 15:51:27 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xe, 0x0, 0x0, 0x6, 0x0, 0x1, 0x0, [], 0x0, 0xffffffffffffffff, 0x3, 0x4}, 0x40) 15:51:27 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) [ 211.616357][ T8509] usb 5-1: Product: ࢒震括䮭㒩瞁鈨䑤傘쎞ᖬ슦柁헧ᾆ솜眅鞬韤␶螅ே㥗㶃骳䨸巟瓭拴㫖咾΍숞堩刃▕낑溊಻ᚹ㬴뤥鳫橐袰䒭뭐텄市궏ဘ넩ธÀ랠⢐⢶ࡆ퀬鞎℉ჯⓟ珑뗠㉟쿩䆕䂗㿂갸談ﵾ뾋銞홠˹ෳ綮⶧챈懈ㄈ⢷ 15:51:27 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x8, 0x0, 0x0) [ 211.682650][ T8509] usb 5-1: Manufacturer: 菤ጪ饉於ݟ徠㜘 [ 211.682660][ T8509] usb 5-1: SerialNumber: ࠄ [ 211.709204][ T9411] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 211.709547][ T9411] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 212.207449][ T8509] cdc_ether: probe of 5-1:1.0 failed with error -71 [ 212.230106][ T8509] usb 5-1: USB disconnect, device number 4 [ 212.926661][ T5] usb 5-1: new high-speed USB device number 5 using dummy_hcd 15:51:28 executing program 1: getgroups(0x2, &(0x7f0000000080)=[0xee01, 0xee01]) setgid(r0) 15:51:28 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000000c0), &(0x7f0000000100)=0x4) 15:51:28 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) 15:51:28 executing program 0: clock_getres(0x2, 0x0) r0 = syz_usb_connect$cdc_ecm(0x5, 0x5e, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x4c, 0x1, 0x1, 0x6, 0xa0, 0x2, [{{0x9, 0x4, 0x0, 0x9e, 0x3, 0x2, 0x6, 0x0, 0x6, {{0x6, 0x24, 0x6, 0x0, 0x0, "ca"}, {0x5, 0x24, 0x0, 0xd232}, {0xd, 0x24, 0xf, 0x1, 0xfffff46a, 0x82c, 0x2, 0x3}, [@dmm={0x7, 0x24, 0x14, 0x9, 0xffff}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x10, 0x8, 0x7f, 0x80}}], {{0x9, 0x5, 0x82, 0x2, 0x40, 0x59, 0x0, 0x2}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x6, 0x8, 0x7}}}}}]}}]}}, &(0x7f0000000600)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x310, 0x20, 0x81, 0x4, 0x10, 0x6}, 0x5, &(0x7f00000000c0)={0x5, 0xf, 0x5}, 0x9, [{0x4, &(0x7f0000000100)=@lang_id={0x4, 0x3, 0x82c}}, {0x14, &(0x7f0000000140)=@string={0x14, 0x3, "e4832a134999bc65fce2e6ef5f07a05f1837"}}, {0xc1, &(0x7f0000000180)=@string={0xc1, 0x3, "92080797ec62ad4ba934817728921af7644498509ec3ac1545f8a6c2c1678fdae7d5861f9cc10577ac97e49736248587c70b5739833db39a384adf5ded74f462d63a4cecbe548d0336e61ec229580352952591b08a6ebb0cb916343b25b9eb9c506ab088ad4450bb66f044d1025e8fad181029b1180efeddc000a0b79028b62878e846082cd08e97b5db0921ef10df24d173e0b55f32e9cf954197401fedc23f38acc5dbc78a7efd8bbf9e9260d6f902f30dae7da72d48ccc8610831b728b1"}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x804}}, {0x90, &(0x7f00000002c0)=@string={0x90, 0x3, "e24419616609bc73e27bd5c6bfec40e3be76bbfdec7e6de54825e9ca7a9889585eb8cc57da77f09e0267ff62c604862f34240e958e85c1bb56f85f460ecae8ace3e66098cc651827efda16d8b21670107a381c25569b37e08cb2e4757bff1bfb487f5de40f96e4216939f846520024f659159659908c9581674320d7654abe5519223bebcefe575d0c17a7ec67bd"}}, {0xf0, &(0x7f0000000380)=@string={0xf0, 0x3, "b01fa3d6947dac290421534b357d2c7a9ac2c9fd270db3b16a404b671b63fcd084f81db2bebe84cf0a8a68311af61d1e782253cc17201e2478e64c090bf2b8c29c4a8362f3dd537864fab4adef2445fc6ecf004216f7b8ec69c3d4bdd38adeaa8a1060c950f6cfc581ea221e846a6921febe3931526e7c7a43b0b5ae48151b3675f23d8a191a562737853cd038b9f5e804e36ebe61c7addeb11be062afeda9aea43a7719871b3f28743de6c5514b7185a9e25efa3da10bc563d42a26580e41d959fc7f8b1877b96a6232926a665fdfe22741c135d12f0b50b454cde2e36f41a8493beed7aadba22f25d265e5a821"}}, {0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x40a}}, {0x2d, &(0x7f00000004c0)=@string={0x2d, 0x3, "77c563f6796a7ec71560075ff4f87a553710f2195c03f097a783e76fe41b6fd519674cf1f73e930975aa9f"}}, {0xee, &(0x7f0000000500)=@string={0xee, 0x3, "e2ede24bb29921550bbf280af741c283a4c2b31077e39213dbf98d1804de72b27b1c3227ce1c10c5eedfa9f4a467c23371b4cae22b49ffe80a206bf29ea5fc3d2429c402a58c3d3a382970f3020fdec35faa22bf3bfb91d8273721775b9a4c09db6691b86a042b159ac3b06bcf7a8911071a7e6879d9e2ab441b1b843d8e385caea7a001424d80a8a62d84c804c36d70400648cd82029a36cda44af9814463454232e0099d27a24063b9f26e934d80294e737629dd1adccfa5aea67df619d5ca4cde26419b3c9983c02b8cd911da05f52a589419cc2f01edb6d8b1e070c79db0f2607246ddda024b2d2e87f7"}}]}) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000009c0)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000c40)={&(0x7f0000000980), 0xc, &(0x7f0000000c00)={&(0x7f0000000a00)={0x1e0, r1, 0xc07, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_MEDIA={0x30, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}]}, @TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0xa57}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7ff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x10000}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xec3}]}, @TIPC_NLA_SOCK={0x10, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_PUBL={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x14f}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xe24}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x80000001}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4fb1}, @TIPC_NLA_PUBL_LOWER={0x8}]}, @TIPC_NLA_NODE={0xec, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x44, 0x4, {'gcm(aes)\x00', 0x1c, "286064030d22d7a5dcd0700e5b19921e21c777f0a8691e6d96c6537e"}}, @TIPC_NLA_NODE_KEY={0x48, 0x4, {'gcm(aes)\x00', 0x20, "35c7cffb21217ca81de0d20dd367f55a49ec101a119bc782340fbb17ea66d292"}}, @TIPC_NLA_NODE_ID={0x57, 0x3, "b21fe90e6c2677f45f61e5147590bc38fcfcf67ff83a81b1de3feed4d7f4d1e57ff7a6804e208b921f62765e1fb2472a46c074858acaed96d03634dc22661eb3b9e941aa291d117b7646e67951f1e4ffee4296"}, @TIPC_NLA_NODE_UP={0xfffffffffffffdc1}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xffff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x885}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}]}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x40000}, 0x81) syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000780)={0x14, &(0x7f00000006c0)={0x0, 0xc, 0x68, {0x68, 0xc, "91ead5356294715523a39f5acb09be3ff0c8b707e43c6149f3b1e2a140904d171928ce6318cc32b3cf601233569930accada6f13010d864bcc2f69c57326a0cd6be387bcea470ea5e4c2b1084779a6500f3d888b4528ff75103557ebe72e78d219682c90c519"}}, &(0x7f0000000740)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000940)={0x1c, &(0x7f00000007c0)={0x20, 0x9, 0xf7, "7283702ca07699fcb78dbe48de84c5b40aa2ae7548b1ac8632123d2af8fb306c7b2ae0ecd891096f7e7a97c94557935f8bb236a401596ffff7b876fb8814fbf17bf625d39d957deed20dc5bb8405661fab301ec61fc03e64106e2bd4caf1aaaf8d13ea4ae0d3fadab2a8183a4f43dcefaae08b51d9e34bb11552eb362a71da18b98188b634fecab946ffb0a46d03bfd60f804c349f6a0867af937f717de5b8b719d2d6199e5f917704a6abed65c22d9daf06a8bf7a0aa76b1aa8e7ef3e90ed315a9237b17be5c119924b92aa0102ea612d5e1177e273b3503457420fa3854bd3aee286a1af5a6c508d8e231b07f22b6bd7f8c220ca1cf5"}, &(0x7f00000008c0)={0x0, 0xa, 0x1, 0xff}, &(0x7f0000000900)={0x0, 0x8, 0x1, 0x8}}) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000c80)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) 15:51:28 executing program 1: r0 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r0, &(0x7f0000001280), 0xc) [ 213.084558][ T9442] sctp: [Deprecated]: syz-executor.3 (pid 9442) Use of int in max_burst socket option. [ 213.084558][ T9442] Use struct sctp_assoc_value instead 15:51:28 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000000000c4000000c40000000a0000000600000000000001"], &(0x7f0000000100)=""/205, 0xe6, 0xcd, 0x1}, 0x20) [ 213.088635][ T9451] sctp: [Deprecated]: syz-executor.3 (pid 9451) Use of int in max_burst socket option. 15:51:28 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x1, &(0x7f0000000000)=@raw=[@jmp], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 213.088635][ T9451] Use struct sctp_assoc_value instead 15:51:28 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x5, &(0x7f0000000100)=@framed={{}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x17}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:28 executing program 2: openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/qrtr-tun\x00', 0x101ac0) 15:51:28 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001b00)='/dev/nvme-fabrics\x00', 0x0, 0x0) accept4(r0, 0x0, 0x0, 0x0) 15:51:28 executing program 1: sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x0, 0x0, 0x0, 0x6}, 0x0) [ 213.506738][ T5] usb 5-1: Using ep0 maxpacket: 8 [ 213.706870][ T5] usb 5-1: config 1 interface 0 altsetting 158 bulk endpoint 0x82 has invalid maxpacket 64 [ 213.719813][ T5] usb 5-1: config 1 interface 0 altsetting 158 bulk endpoint 0x3 has invalid maxpacket 1024 [ 213.737305][ T5] usb 5-1: config 1 interface 0 has no altsetting 0 [ 213.917178][ T5] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 213.929499][ T5] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.943563][ T5] usb 5-1: Product: ࢒震括䮭㒩瞁鈨䑤傘쎞ᖬ슦柁헧ᾆ솜眅鞬韤␶螅ே㥗㶃骳䨸巟瓭拴㫖咾΍숞堩刃▕낑溊಻ᚹ㬴뤥鳫橐袰䒭뭐텄市궏ဘ넩ธÀ랠⢐⢶ࡆ퀬鞎℉ჯⓟ珑뗠㉟쿩䆕䂗㿂갸談ﵾ뾋銞홠˹ෳ綮⶧챈懈ㄈ⢷ [ 213.976727][ T5] usb 5-1: Manufacturer: 菤ጪ饉於ݟ徠㜘 [ 213.985015][ T5] usb 5-1: SerialNumber: ࠄ [ 214.008045][ T9446] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 214.016432][ T9446] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 214.527046][ T5] cdc_ether: probe of 5-1:1.0 failed with error -71 [ 214.547179][ T5] usb 5-1: USB disconnect, device number 5 15:51:30 executing program 0: pselect6(0x40, &(0x7f0000001880)={0x100000000}, &(0x7f00000018c0), &(0x7f0000001900), &(0x7f0000001980), &(0x7f0000001a00)={&(0x7f00000019c0)={[0x7f]}, 0x8}) 15:51:30 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x9, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:30 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x15, 0x0, 0x0) 15:51:30 executing program 3: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}) 15:51:30 executing program 2: syz_emit_ethernet(0x44, &(0x7f00000012c0)={@local, @remote, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "c8b6e7", 0xe, 0x11, 0x0, @remote, @private0, {[], {0x0, 0x0, 0xe, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}, "1276"}}}}}}}, 0x0) 15:51:30 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e23, @remote}, @in={0x2, 0x4e23, @local}], 0x20) 15:51:30 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x1b, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:30 executing program 3: r0 = syz_io_uring_setup(0xfa3, &(0x7f0000000180), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000240)) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 15:51:30 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000480)=[@in6={0xa, 0x0, 0x3, @remote, 0x5}], 0x1c) 15:51:30 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x1f}, 0x9c) 15:51:30 executing program 1: bind$qrtr(0xffffffffffffffff, 0x0, 0x0) 15:51:30 executing program 2: r0 = syz_io_uring_setup(0x759b, &(0x7f0000000000), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x40010, r0, 0x10000000) 15:51:30 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000000c0), &(0x7f0000000100)=0x4) 15:51:30 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x17, 0x0, 0x0) [ 215.226449][ T9515] sctp: [Deprecated]: syz-executor.3 (pid 9515) Use of int in max_burst socket option. [ 215.226449][ T9515] Use struct sctp_assoc_value instead 15:51:30 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f0000000200)=""/134, &(0x7f00000002c0)=0x86) 15:51:30 executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000080), &(0x7f00000000c0)=0x18) [ 215.952795][ T9495] syz-executor.0 (9495) used greatest stack depth: 23616 bytes left 15:51:31 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000000)=@framed={{0x63}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:31 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000000000c4000000c40000000a00000006000000000000010000000041000e01"], &(0x7f0000000100)=""/205, 0xe6, 0xcd, 0x1}, 0x20) 15:51:31 executing program 1: ioctl$HIDIOCGUCODE(0xffffffffffffffff, 0xc018480d, 0x0) 15:51:31 executing program 3: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0xc0505611, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:31 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000480)=[@in6={0xa, 0x0, 0x0, @remote, 0x5}, @in={0x2, 0x0, @private}], 0x2c) 15:51:31 executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, 0x0, 0x0) 15:51:31 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:31 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x3, 0x0, 0x0) 15:51:31 executing program 1: socketpair(0xa, 0x5, 0x6, &(0x7f0000000000)) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 15:51:31 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x0, 0x0) ioctl$SOUND_MIXER_READ_STEREODEVS(r0, 0x80044dfb, &(0x7f0000000040)) 15:51:31 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000480)=[@in={0x2, 0x0, @private=0xa010101}], 0x10) 15:51:31 executing program 3: socketpair(0x1, 0x0, 0x0, &(0x7f0000000100)) 15:51:31 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000200), &(0x7f0000000240)=0x20) 15:51:31 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 15:51:31 executing program 1: socketpair(0xa, 0x5, 0x6, &(0x7f0000000000)) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 15:51:31 executing program 3: r0 = io_uring_setup(0x25df, &(0x7f0000000080)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1000006, 0x10010, r0, 0x0) 15:51:31 executing program 0: openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x30040, 0x0) 15:51:32 executing program 0: pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000001980), &(0x7f0000001a00)={&(0x7f00000019c0), 0x8}) 15:51:32 executing program 3: socketpair(0x3c, 0x0, 0x0, &(0x7f0000000100)) 15:51:32 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x35}}}, @in={0x2, 0x0, @local}], 0x2c) 15:51:32 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000480)=[@in={0x2, 0x0, @private=0xa010101}], 0x10) 15:51:32 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x1e, 0x0, 0x0) 15:51:32 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:32 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_LIST(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}}, 0x0) 15:51:32 executing program 0: ioctl$mixer_OSS_ALSAEMULVER(0xffffffffffffffff, 0x80044df9, 0x0) 15:51:32 executing program 3: openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nvme-fabrics\x00', 0x20042, 0x0) 15:51:32 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:32 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, 0x0, &(0x7f0000000640)) 15:51:33 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x1e, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:33 executing program 3: syz_emit_ethernet(0x7a, &(0x7f0000000140)={@multicast, @random="8bfead141754", @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "fbaeb1", 0x44, 0x2f, 0x0, @local, @private1, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x1, 0x0, 0x4}}}}}}}, 0x0) 15:51:33 executing program 0: socket(0x1, 0x5, 0x6) 15:51:33 executing program 1: r0 = socket$qrtr(0x2a, 0x2, 0x0) recvmsg$qrtr(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)=[{0x0}, {0x0}], 0x2}, 0x38, 0x0) 15:51:33 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1e, 0x2, &(0x7f0000000180)=@raw=[@map={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:33 executing program 3: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000700), &(0x7f0000000740)=0xc) 15:51:33 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x19, 0x2, &(0x7f0000000180)=@raw=[@map={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:33 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000000)=@framed={{0x18, 0xf}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:33 executing program 3: socketpair(0xa, 0x2, 0x11, &(0x7f0000000000)) 15:51:33 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@call]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:33 executing program 2: clock_gettime(0x0, &(0x7f00000002c0)={0x0, 0x0}) select(0x40, &(0x7f00000001c0)={0xb9, 0x0, 0x0, 0x0, 0x6, 0x101}, 0x0, 0x0, &(0x7f0000000300)={r0, r1/1000+10000}) 15:51:33 executing program 0: pselect6(0x40, &(0x7f0000001880), &(0x7f00000018c0)={0x4}, &(0x7f0000001900)={0x1}, &(0x7f0000001980), &(0x7f0000001a00)={&(0x7f00000019c0)={[0x7f]}, 0x8}) 15:51:33 executing program 1: r0 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, 0xffffffffffffffff, &(0x7f0000000300)) 15:51:33 executing program 3: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0) write$vhost_msg_v2(r0, 0x0, 0x0) 15:51:33 executing program 2: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0x80805659, 0x0) 15:51:33 executing program 0: socket$inet6_sctp(0xa, 0x0, 0x84) syz_io_uring_setup(0x95b, &(0x7f0000000580)={0x0, 0x9ca3}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000000600), &(0x7f0000000640)) 15:51:33 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x1c, 0x0, 0x0) 15:51:33 executing program 3: syz_io_uring_setup(0x581d, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 15:51:33 executing program 1: syz_usb_connect$cdc_ecm(0x0, 0x64, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x52, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, [@mdlm_detail={0x4}, @ncm={0x6, 0x24, 0x1a, 0x0, 0x1}, @mdlm_detail={0x4}]}, {[{}], {{0x9, 0x5, 0x82, 0x2, 0x40}}}}}]}}]}}, 0x0) 15:51:33 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x15, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:33 executing program 0: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000180)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_DESTROY_ID(r0, &(0x7f0000000100)={0x1, 0x10, 0xfa00, {&(0x7f00000000c0), r1}}, 0x18) 15:51:33 executing program 3: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001b00)='/dev/nvme-fabrics\x00', 0x0, 0x0) read$qrtrtun(r0, 0x0, 0x0) [ 218.486825][ T18] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 218.746902][ T18] usb 6-1: Using ep0 maxpacket: 8 [ 218.897849][ T18] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0 15:51:34 executing program 2: socketpair(0x1f, 0x0, 0x0, &(0x7f0000000100)) 15:51:34 executing program 0: setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(0xffffffffffffffff, 0x84, 0x15, 0x0, 0x0) 15:51:34 executing program 3: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001b00)='/dev/nvme-fabrics\x00', 0x0, 0x0) read$qrtrtun(r0, 0x0, 0x0) 15:51:34 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x14) [ 219.137333][ T18] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 219.169490][ T18] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 219.195449][ T18] usb 6-1: Product: syz [ 219.207027][ T18] usb 6-1: Manufacturer: syz [ 219.218675][ T18] usb 6-1: SerialNumber: syz [ 219.258187][ T9696] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 219.288429][ T18] usb 6-1: bad CDC descriptors [ 219.492916][ T1244] usb 6-1: USB disconnect, device number 6 [ 220.266803][ T5] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 220.536878][ T5] usb 6-1: Using ep0 maxpacket: 8 [ 220.697206][ T5] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0 [ 220.876955][ T5] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 220.900343][ T5] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.917751][ T5] usb 6-1: Product: syz [ 220.928222][ T5] usb 6-1: Manufacturer: syz [ 220.937069][ T5] usb 6-1: SerialNumber: syz [ 220.978738][ T9696] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 220.998025][ T5] usb 6-1: bad CDC descriptors [ 221.206906][ T28] usb 6-1: USB disconnect, device number 7 15:51:36 executing program 1: pselect6(0x40, &(0x7f0000001880), &(0x7f00000018c0)={0x4}, &(0x7f0000001900)={0x1}, 0x0, &(0x7f0000001a00)={&(0x7f00000019c0)={[0x7f]}, 0x8}) 15:51:36 executing program 0: syz_emit_vhci(&(0x7f0000000080)=ANY=[], 0x76) 15:51:36 executing program 2: openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x102, 0x0) 15:51:36 executing program 3: openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0xbe5bae8f3a8336e5, 0x0) 15:51:36 executing program 3: syz_open_dev$hiddev(&(0x7f0000000000)='/dev/usb/hiddev#\x00', 0x0, 0x10042) 15:51:36 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x21, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:36 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x7, 0x0, 0x0) 15:51:36 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFCONF(r0, 0x8912, 0x0) 15:51:36 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @mcast2}}}, 0x84) 15:51:36 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x2, &(0x7f0000000180)=@raw=[@map={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x2}, 0x78) 15:51:36 executing program 1: mq_open(&(0x7f0000000140), 0x0, 0x0, 0x0) 15:51:36 executing program 3: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0x5452, &(0x7f0000000440)={0x3, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:36 executing program 1: socket(0x38, 0x0, 0x0) 15:51:36 executing program 0: openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x410000, 0x0) 15:51:36 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_CONFIG(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x4000091) 15:51:36 executing program 1: r0 = mq_open(&(0x7f0000000140)='-+(.))(-,&$l{]@\x00', 0x0, 0x0, 0x0) mq_timedreceive(r0, &(0x7f00000001c0)=""/192, 0xc0, 0x0, &(0x7f0000000300)) 15:51:36 executing program 2: syz_io_uring_setup(0x5a86, &(0x7f0000000000)={0x0, 0x0, 0x6}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140)) 15:51:36 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1c, 0x2, &(0x7f0000000180)=@raw=[@map={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:36 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) recvmsg(r0, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x40) 15:51:36 executing program 1: syz_emit_ethernet(0x7a, &(0x7f0000000140)={@multicast, @random="8bfead141754", @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "fbaeb1", 0x44, 0x2f, 0x0, @local, @private1, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x1}}}}}}}, 0x0) 15:51:37 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x1e, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}}, 0x9c) 15:51:37 executing program 1: bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000580)=0xffffffffffffffff, 0x4) 15:51:37 executing program 2: syz_io_uring_setup(0x5a86, &(0x7f0000000000)={0x0, 0x0, 0x6, 0x3}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140)) 15:51:37 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x8) 15:51:37 executing program 0: socketpair(0x1e, 0x5, 0x0, &(0x7f0000000040)) 15:51:37 executing program 1: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_qos_setup_complete={{0xd, 0x14}}}, 0x17) 15:51:37 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000300), 0x4) 15:51:37 executing program 1: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000280)='/dev/uhid\x00', 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000000340)={0x0, {'syz0\x00', 'syz1\x00', 'syz1\x00', &(0x7f00000002c0)=""/91, 0x5b}}, 0x120) 15:51:37 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f0000000040)=@req={0x28, &(0x7f0000000000)={'netpci0\x00', @ifru_names}}) 15:51:37 executing program 3: openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvme-fabrics\x00', 0x490001, 0x0) [ 221.724588][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.747338][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 15:51:37 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x9c) 15:51:37 executing program 0: socketpair(0x10, 0x0, 0x7f, &(0x7f0000000100)) [ 221.759936][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 15:51:37 executing program 3: syz_emit_vhci(0x0, 0x76) 15:51:37 executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000080), 0x8) [ 221.784093][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.794585][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 15:51:37 executing program 2: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r0, &(0x7f0000000380)={0x13, 0x65, 0xffff, 0x0, 0x6, '9P2000'}, 0x13) [ 221.806683][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.825584][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.838625][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.849652][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.861068][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.876149][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.891271][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.907467][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.919099][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.929932][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.938750][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.947948][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.956307][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.965306][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.975024][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.983000][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.991353][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 221.999726][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.007947][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.015934][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.024183][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.033563][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.041556][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.050464][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.059562][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.068266][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.076253][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.087089][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.095922][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.105207][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.116838][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.126185][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.135361][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.144953][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.153969][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.162634][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.171370][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.180194][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.189419][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.198026][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.206170][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.216309][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.227917][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.237681][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.247270][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.258383][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.267874][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.277310][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.285817][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.295278][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.305397][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.314627][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.323464][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.333735][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.344842][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.354118][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.365513][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.378838][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.398114][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.411558][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.422777][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.433182][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.450006][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.481457][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.507286][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.525578][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.541293][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.558754][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.574777][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.590534][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.602908][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.612663][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.621828][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.630318][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.638999][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.649983][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.659771][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.671865][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.681945][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.692002][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.701068][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.711433][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.722541][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.735039][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.752945][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.764836][ T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 222.790824][ T34] hid-generic 0000:0000:0000.0003: hidraw1: HID v0.00 Device [syz0] on syz1 15:51:38 executing program 3: syz_emit_vhci(0x0, 0x76) 15:51:38 executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000000), 0x8) 15:51:38 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000480)={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "15d1957b"}, 0x0, 0x0, @fd}) 15:51:38 executing program 1: setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x2, 0x0, 0xffffffa1) 15:51:38 executing program 1: r0 = socket$qrtr(0x2a, 0x2, 0x0) recvmsg$qrtr(r0, &(0x7f0000001580)={&(0x7f0000000040), 0xc, 0x0}, 0x38, 0x0) 15:51:38 executing program 3: syz_emit_vhci(0x0, 0x76) 15:51:38 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}) 15:51:38 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/adsp1\x00', 0x240080, 0x0) 15:51:38 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000080)={0x0, 0x0, 0x30}, 0xc) 15:51:38 executing program 2: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000042c0)) 15:51:38 executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000040), 0x8) 15:51:38 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000000)=@framed={{0x18, 0xa}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:38 executing program 3: syz_emit_vhci(0x0, 0x76) 15:51:38 executing program 2: ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448e4, 0x0) socketpair(0x23, 0x5, 0x0, &(0x7f0000000000)) 15:51:38 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}) 15:51:38 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, [], 0x0, 0xffffffffffffffff, 0x3, 0x4}, 0x40) 15:51:38 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={0x0, &(0x7f0000000100)=""/205, 0xe6, 0xcd, 0x1}, 0x20) 15:51:38 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x12, 0x2, &(0x7f0000000180)=@raw=[@map={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:38 executing program 2: ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448e4, 0x0) socketpair(0x23, 0x5, 0x0, &(0x7f0000000000)) 15:51:38 executing program 0: socket(0x23, 0x0, 0xffffff80) 15:51:38 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000480)=[@in6={0xa, 0x4e20, 0x3, @remote, 0x5}], 0x1c) 15:51:38 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x1, &(0x7f0000000000)=@raw=[@jmp], &(0x7f0000000040)='GPL\x00', 0x0, 0xc4, &(0x7f0000000080)=""/196, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:38 executing program 2: r0 = socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f00000003c0)={0x0, 0x36, "bda8102007b1ecc4562859f6e811cf08aada5efd3e90ba1ab27ef5a11160f9503d59fe4717548df9c14db881a35cc9924b2502a3cd18"}, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0) syz_io_uring_setup(0x95b, &(0x7f0000000580)={0x0, 0x9ca3, 0x8, 0x0, 0x1d5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000000600)=0x0, &(0x7f0000000640)) syz_io_uring_submit(r1, 0x0, &(0x7f0000000680)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1, {0x1}}, 0x3f) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000700), &(0x7f0000000740)=0x8) 15:51:38 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={0x0}}, 0x0) 15:51:38 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x14, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:38 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x72, 0x0, 0x0) 15:51:38 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000040), 0x8) 15:51:38 executing program 1: getitimer(0x976a6e241205828f, 0x0) 15:51:39 executing program 3: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nvme-fabrics\x00', 0x0, 0x0) syz_io_uring_setup(0x7e41, &(0x7f0000000100)={0x0, 0x0, 0x20, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f0000000180)) 15:51:39 executing program 0: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0x541b, 0x0) 15:51:39 executing program 2: shmget$private(0x0, 0x2000, 0x88000d95, &(0x7f0000ffc000/0x2000)=nil) 15:51:39 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001b00)='/dev/nvme-fabrics\x00', 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) 15:51:39 executing program 2: r0 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video2\x00', 0x2, 0x0) ioctl$VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000140)={0x0, 0xe, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "730fafe2"}, 0x0, 0x0, @fd}) 15:51:39 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x7b, 0x0, 0x0) 15:51:39 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x13, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:39 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x0, 0x1, 0x0, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:39 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x3, 0x0, 0x0) 15:51:39 executing program 2: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0) write$vhost_msg_v2(r0, &(0x7f0000000140)={0x2, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}}, 0x48) 15:51:39 executing program 3: syz_io_uring_setup(0x7e41, &(0x7f0000000100), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0) 15:51:39 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x0, 0x0, 0x0, 0x7e0}, 0x40) 15:51:39 executing program 0: getgroups(0x1, &(0x7f0000001040)=[0xffffffffffffffff]) 15:51:39 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001b00)='/dev/nvme-fabrics\x00', 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000042c0)={0xe0000006}) 15:51:39 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_LIST(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) 15:51:39 executing program 0: r0 = socket$qrtr(0x2a, 0x2, 0x0) accept4(r0, 0x0, 0x0, 0x0) 15:51:39 executing program 3: socketpair(0x1, 0x0, 0x80000001, &(0x7f0000000100)) 15:51:39 executing program 0: mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000005, 0x30, 0xffffffffffffffff, 0x10000000) 15:51:39 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x2, 0x0, 0x0) 15:51:39 executing program 3: r0 = epoll_create1(0x0) r1 = socket$inet_sctp(0x2, 0x1, 0x84) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000300)) 15:51:39 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote, 0xf401}}}, 0x9c) 15:51:39 executing program 1: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000040)={0x81, 0x36}) 15:51:39 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x13, 0x0, 0x0) 15:51:39 executing program 2: clock_gettime(0x0, &(0x7f0000001940)={0x0, 0x0}) pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000001980)={0x0, r0+60000000}, 0x0) 15:51:39 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x3, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:39 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @ipv4={[], [], @local}}}}, 0x90) 15:51:39 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_LIST(r0, &(0x7f0000000500)={&(0x7f00000002c0), 0xc, &(0x7f00000004c0)={0x0}}, 0x0) 15:51:39 executing program 1: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@local, @random="0000ed0000fe", @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, 'H\x00', 0x44, 0x2f, 0x0, @local, @private1, {[], {{0x0, 0x0, 0x1, 0x0, 0x2}}}}}}}, 0x0) 15:51:39 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1b, 0x0, 0x0, 0x0, 0x80}, 0x40) 15:51:40 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={0x0, &(0x7f0000000280)=""/11, 0x0, 0xb}, 0x20) 15:51:40 executing program 1: openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x501002) 15:51:40 executing program 2: pselect6(0x40, &(0x7f0000001880)={0x100000000}, 0x0, &(0x7f0000001900), &(0x7f0000001980), &(0x7f0000001a00)={&(0x7f00000019c0)={[0x7f]}, 0x8}) 15:51:40 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000100)=@framed={{}, [@generic={0x1}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:40 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}}, 0x2000019c) 15:51:40 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000480)=[@in6={0xa, 0x0, 0x0, @remote, 0x5}], 0x1c) 15:51:40 executing program 3: socketpair(0x8, 0x0, 0x0, &(0x7f0000000100)) 15:51:40 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x21, 0x0, 0x0) 15:51:40 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, [], 0x0, 0xffffffffffffffff, 0x3}, 0x40) 15:51:40 executing program 0: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0x40086602, 0x0) 15:51:40 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x9c) 15:51:40 executing program 2: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0xc0205647, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:40 executing program 3: bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000000c0)={0xffffffffffffffff, 0x0, 0x0}, 0x10) 15:51:41 executing program 0: socket(0x3, 0x0, 0xffffffe8) 15:51:41 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x0, @private}], 0x10) 15:51:41 executing program 3: getgroups(0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) clock_gettime(0x0, &(0x7f0000001940)={0x0, 0x0}) pselect6(0x40, &(0x7f0000001880)={0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, &(0x7f00000018c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, &(0x7f0000001900)={0x0, 0x0, 0x1, 0x8001, 0x0, 0x80000001, 0x0, 0x4}, &(0x7f0000001980)={0x0, r0+60000000}, &(0x7f0000001a00)={&(0x7f00000019c0)={[0x7f]}, 0x8}) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000001c80)={'gretap0\x00', 0x0}) 15:51:41 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000040), 0x10) 15:51:41 executing program 2: r0 = getpgid(0x0) sched_setattr(r0, &(0x7f0000000000)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0) 15:51:41 executing program 0: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0xc050560f, 0x0) 15:51:41 executing program 3: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0xc050565d, 0x0) 15:51:41 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0xa, 0x0, 0x0) 15:51:42 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nvme-fabrics\x00', 0x1, 0x0) write$P9_RSYMLINK(r0, &(0x7f00000000c0)={0x14}, 0x14) 15:51:42 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x25, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}}, 0x9c) 15:51:42 executing program 2: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0xc0505609, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:42 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, 0x0, &(0x7f00000001c0)) [ 226.882024][T10103] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request 15:51:42 executing program 2: syz_io_uring_setup(0x759b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x38a}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000080), 0x0) syz_io_uring_setup(0x249d, &(0x7f0000000100)={0x0, 0x3f7e, 0x0, 0x2}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x0) 15:51:42 executing program 0: epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000002c0), 0x8) 15:51:42 executing program 3: syz_usb_connect$cdc_ecm(0x0, 0x56, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020040082505a1a44000010203010902440001010007000904009e0002060000052400000524"], 0x0) 15:51:42 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nvme-fabrics\x00', 0x1, 0x0) write$P9_RSYMLINK(r0, &(0x7f00000000c0)={0x14}, 0x14) [ 227.171561][T10124] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request 15:51:42 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), 0x4) accept4(r0, 0x0, 0x0, 0x0) 15:51:42 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nvme-fabrics\x00', 0x1, 0x0) write$P9_RSYMLINK(r0, &(0x7f00000000c0)={0x14}, 0x14) [ 227.246541][T10136] sctp: [Deprecated]: syz-executor.0 (pid 10136) Use of int in max_burst socket option deprecated. [ 227.246541][T10136] Use struct sctp_assoc_value instead 15:51:42 executing program 2: socket(0x18, 0x0, 0xffff) [ 227.298272][T10142] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request 15:51:42 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000000000c4000000c40000000a00000006000000000000010000000041"], &(0x7f0000000100)=""/205, 0xe6, 0xcd, 0x1}, 0x20) [ 227.477478][ T1244] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 227.746743][ T1244] usb 8-1: Using ep0 maxpacket: 8 [ 227.877518][ T1244] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 227.902463][ T1244] usb 8-1: config 1 interface 0 has no altsetting 0 [ 228.067579][ T1244] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 228.077885][ T1244] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 228.086712][ T1244] usb 8-1: Product: syz [ 228.091520][ T1244] usb 8-1: Manufacturer: syz [ 228.096851][ T1244] usb 8-1: SerialNumber: syz [ 228.157128][ T1244] cdc_ether 8-1:1.0: skipping garbage [ 228.174659][ T1244] usb 8-1: bad CDC descriptors [ 228.350256][ T2793] usb 8-1: USB disconnect, device number 4 [ 229.126764][ T28] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 229.386892][ T28] usb 8-1: Using ep0 maxpacket: 8 [ 229.507888][ T28] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 229.536149][ T28] usb 8-1: config 1 interface 0 has no altsetting 0 [ 229.696924][ T28] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 229.711174][ T28] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 229.727953][ T28] usb 8-1: Product: syz [ 229.744839][ T28] usb 8-1: Manufacturer: syz [ 229.758902][ T28] usb 8-1: SerialNumber: syz [ 229.807949][ T28] cdc_ether 8-1:1.0: skipping garbage [ 229.817044][ T28] usb 8-1: bad CDC descriptors [ 230.014463][ T8508] usb 8-1: USB disconnect, device number 5 15:51:45 executing program 3: syz_io_uring_setup(0x759b, &(0x7f0000000000), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) syz_io_uring_setup(0x249d, &(0x7f0000000100), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) 15:51:45 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nvme-fabrics\x00', 0x1, 0x0) write$P9_RSYMLINK(r0, &(0x7f00000000c0)={0x14}, 0x14) 15:51:45 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x83, 0x0, 0x0) 15:51:45 executing program 0: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001b00)='/dev/nvme-fabrics\x00', 0x0, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, 0x0, 0x0) [ 230.043069][T10158] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request 15:51:45 executing program 1: write$P9_RSYMLINK(0xffffffffffffffff, &(0x7f00000000c0)={0x14}, 0x14) 15:51:45 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x18, 0x0, 0x0) 15:51:45 executing program 2: r0 = getpgrp(0x0) sched_rr_get_interval(r0, &(0x7f00000000c0)) 15:51:45 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x6, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:45 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0, 0x0) write$P9_RVERSION(r0, &(0x7f0000000380)={0x13, 0x65, 0xffff, 0x0, 0x6, '9P2000'}, 0x13) 15:51:45 executing program 1: write$P9_RSYMLINK(0xffffffffffffffff, &(0x7f00000000c0)={0x14}, 0x14) 15:51:45 executing program 2: syz_emit_ethernet(0x7a, &(0x7f0000000140)=ANY=[@ANYBLOB="bbbbbbbbbbbb0bfead14175486dd60fbae0000000000fe8000000000000000000000000025de587fffffffffbcc7bb9ab6458eca0b000000000000000000000086dd080088be000000001000000001"], 0x0) 15:51:45 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x2, &(0x7f0000000180)=@raw=[@map={0x18, 0x0, 0x1, 0x0, 0x1, 0x2}], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:45 executing program 1: write$P9_RSYMLINK(0xffffffffffffffff, &(0x7f00000000c0)={0x14}, 0x14) 15:51:45 executing program 0: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvme-fabrics\x00', 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x8000000) 15:51:45 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x9, 0x0, 0x0) 15:51:45 executing program 3: socket$inet6(0xa, 0x0, 0x8000) 15:51:45 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$P9_RSYMLINK(r0, &(0x7f00000000c0)={0x14}, 0x14) 15:51:45 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f00000002c0)=ANY=[@ANYRES16], &(0x7f0000000100)=0xf5) 15:51:45 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x78, 0x0, 0x0) 15:51:45 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000480)={0x0, @in6={{0xa, 0x0, 0x0, @private0}}}, 0x9c) 15:51:45 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x2, &(0x7f0000000180)=@raw=[@map={0x18, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2}], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:45 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$P9_RSYMLINK(r0, &(0x7f00000000c0)={0x14}, 0x14) 15:51:45 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x1, &(0x7f0000000000)=@raw=[@jmp={0x5, 0x0, 0xc, 0x6, 0x7, 0xfffffffffffffff8, 0x1}], &(0x7f0000000040)='GPL\x00', 0xb2a, 0xc4, &(0x7f0000000080)=""/196, 0x41000, 0xa, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x5, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x80, 0x9, 0x49bb, 0x5}, 0x10}, 0x78) 15:51:45 executing program 2: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000280)='/dev/mixer\x00', 0x0, 0x0) ioctl$SOUND_MIXER_READ_VOLUME(r0, 0x0, 0x0) 15:51:45 executing program 0: epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000002c0)={[0x1fe]}, 0x8) 15:51:45 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, 0x0, 0x0) 15:51:45 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$P9_RSYMLINK(r0, &(0x7f00000000c0)={0x14}, 0x14) 15:51:45 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x35}}}, @in={0x2, 0x4e21, @local}], 0x2c) 15:51:45 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nvme-fabrics\x00', 0x0, 0x0) write$P9_RSYMLINK(r0, &(0x7f00000000c0)={0x14}, 0x14) 15:51:45 executing program 0: syz_open_dev$vim2m(&(0x7f00000019c0)='/dev/video#\x00', 0x0, 0x2) 15:51:46 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000)={0x0, 0x0, 0x8008}, 0x20) 15:51:46 executing program 0: socketpair(0x28, 0x0, 0xfffffffb, &(0x7f0000000040)) 15:51:46 executing program 3: io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, [0x3f00]}) r0 = socket$qrtr(0x2a, 0x2, 0x0) ioctl$sock_qrtr_TIOCOUTQ(r0, 0x5411, &(0x7f00000002c0)) 15:51:46 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x7b, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}}, 0x9c) 15:51:46 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nvme-fabrics\x00', 0x0, 0x0) write$P9_RSYMLINK(r0, &(0x7f00000000c0)={0x14}, 0x14) 15:51:46 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x5}, 0x40) 15:51:46 executing program 3: clock_gettime(0x0, &(0x7f00000002c0)={0x0}) select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={r0}) 15:51:46 executing program 2: syz_usb_connect$cdc_ecm(0x0, 0x56, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020040082505a1a4400001020301090244"], 0x0) 15:51:46 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nvme-fabrics\x00', 0x0, 0x0) write$P9_RSYMLINK(r0, &(0x7f00000000c0)={0x14}, 0x14) 15:51:46 executing program 0: openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x6400, 0x0) 15:51:46 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000ac0), &(0x7f0000000000)=0xe) 15:51:46 executing program 3: openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) 15:51:46 executing program 1: openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nvme-fabrics\x00', 0x1, 0x0) write$P9_RSYMLINK(0xffffffffffffffff, &(0x7f00000000c0)={0x14}, 0x14) 15:51:46 executing program 0: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0xc0a85352, &(0x7f0000000000)={{}, 'port1\x00'}) 15:51:46 executing program 1: openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nvme-fabrics\x00', 0x1, 0x0) write$P9_RSYMLINK(0xffffffffffffffff, &(0x7f00000000c0)={0x14}, 0x14) [ 230.916812][ T2793] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 231.176745][ T2793] usb 7-1: Using ep0 maxpacket: 8 [ 231.297237][ T2793] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 231.316797][ T2793] usb 7-1: config 0 has no interfaces? [ 231.497483][ T2793] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 231.531747][ T2793] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 231.558147][ T2793] usb 7-1: Product: syz [ 231.571307][ T2793] usb 7-1: Manufacturer: syz [ 231.583336][ T2793] usb 7-1: SerialNumber: syz [ 231.595851][ T2793] usb 7-1: config 0 descriptor?? [ 231.855650][ T8508] usb 7-1: USB disconnect, device number 2 [ 232.646795][ T2991] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 233.026741][ T2991] usb 7-1: Using ep0 maxpacket: 8 [ 233.177205][ T2991] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 233.197266][ T2991] usb 7-1: config 0 has no interfaces? [ 233.387368][ T2991] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 233.398368][ T2991] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 233.414007][ T2991] usb 7-1: Product: syz [ 233.418984][ T2991] usb 7-1: Manufacturer: syz [ 233.424114][ T2991] usb 7-1: SerialNumber: syz [ 233.431471][ T2991] usb 7-1: config 0 descriptor?? [ 233.651775][ T34] usb 7-1: USB disconnect, device number 3 15:51:49 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x1c, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:49 executing program 1: openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nvme-fabrics\x00', 0x1, 0x0) write$P9_RSYMLINK(0xffffffffffffffff, &(0x7f00000000c0)={0x14}, 0x14) 15:51:49 executing program 0: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000042c0)) shmctl$SHM_LOCK(0x0, 0xb) 15:51:49 executing program 2: syz_io_uring_setup(0x759b, &(0x7f0000000000), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000080), 0x0) syz_io_uring_setup(0x249d, &(0x7f0000000100), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) 15:51:49 executing program 0: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0x4020940d, &(0x7f0000000440)={0x3, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:49 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nvme-fabrics\x00', 0x1, 0x0) write$P9_RSYMLINK(r0, 0x0, 0x0) 15:51:49 executing program 3: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) accept4(r0, 0x0, 0x0, 0x0) [ 233.888267][T10319] nvme_fabrics: missing parameter 'transport=%s' [ 233.896316][T10319] nvme_fabrics: missing parameter 'nqn=%s' 15:51:49 executing program 0: socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$netlink(r0, 0x0, &(0x7f0000000080)) 15:51:49 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000)={0x6, 0x1f, 0xf856, 0x4}, 0x8) 15:51:49 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0xc, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}}, 0x9c) 15:51:49 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000000), &(0x7f0000001040)=0x8) 15:51:49 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x17, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}}, 0x9c) 15:51:49 executing program 0: r0 = syz_io_uring_setup(0x95b, &(0x7f0000000580)={0x0, 0x9ca3}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000000600), &(0x7f0000000640)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) 15:51:49 executing program 2: syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x44200) 15:51:49 executing program 3: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000002000), &(0x7f0000003040)=0x8) 15:51:49 executing program 1: syz_emit_ethernet(0x4e, &(0x7f0000000080)={@broadcast, @random="8bfead141754", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "e8afa7", 0x18, 0x0, 0x0, @local, @local, {[@hopopts={0x0, 0x1, [], [@ra, @generic={0x1, 0x6, "adb9385792a9"}]}]}}}}}, 0x0) 15:51:49 executing program 2: socketpair(0x27, 0x0, 0x0, &(0x7f00000000c0)) 15:51:49 executing program 1: sched_setattr(0x0, &(0x7f0000000100)={0x38}, 0x0) 15:51:49 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x0, 0x0, @ipv4={[], [], @private=0xa010101}}], 0x1c) 15:51:49 executing program 2: r0 = socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x180}, 0x0) 15:51:49 executing program 3: syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0x2, 0x0) 15:51:49 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000000)={0x0, @in={{0x2, 0x0, @dev}}}, 0x84) 15:51:49 executing program 2: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0x5421, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:49 executing program 0: openat$vcs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vcs\x00', 0x0, 0x0) 15:51:49 executing program 3: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r0, 0xc058534b, &(0x7f0000000100)={0x2}) 15:51:49 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001b00)='/dev/nvme-fabrics\x00', 0x0, 0x0) openat$cgroup_int(r0, &(0x7f0000000000)='hugetlb.2MB.failcnt\x00', 0x2, 0x0) 15:51:49 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000140)={0x0, 0x9}, 0x8) 15:51:49 executing program 1: clock_gettime(0x0, &(0x7f00000002c0)={0x0, 0x0}) select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x0, r0/1000+10000}) 15:51:49 executing program 3: syz_io_uring_setup(0x1d62, &(0x7f0000000000)={0x0, 0x0, 0x4}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 15:51:49 executing program 2: pipe2$9p(0x0, 0x100800) 15:51:49 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2c4}}, 0x0) 15:51:49 executing program 1: socket$inet6_sctp(0xa, 0xd, 0x84) 15:51:49 executing program 0: io_uring_setup(0x7b51, &(0x7f0000000080)={0x0, 0x0, 0x2}) socket$can_bcm(0x1d, 0x2, 0x2) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000400)=[@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x32}}], 0x10) 15:51:49 executing program 2: setregid(0x0, 0xee01) 15:51:49 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0xf4240, &(0x7f0000000180)=@raw=[@map={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:49 executing program 1: socketpair(0xa, 0x5, 0x6, &(0x7f0000000000)) 15:51:49 executing program 2: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0xc0189436, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:49 executing program 2: mmap$fb(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0xd, 0x8d44a88325845be, 0xffffffffffffffff, 0x0) 15:51:50 executing program 0: clock_gettime(0x0, &(0x7f0000001940)={0x0}) pselect6(0x40, &(0x7f0000001880), &(0x7f00000018c0)={0x4}, 0x0, &(0x7f0000001980)={r0}, 0x0) 15:51:50 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x7c, 0x0, 0x0) 15:51:50 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018"], &(0x7f0000000100)=""/205, 0xe6, 0xcd, 0x1}, 0x20) 15:51:50 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x21, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}}, 0x9c) 15:51:50 executing program 3: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/seq\x00', 0x200000) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r0, 0xc058534b, 0x0) 15:51:50 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000200), &(0x7f0000000240)=0x8) 15:51:50 executing program 2: openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000240)='/dev/nvme-fabrics\x00', 0x101101, 0x0) 15:51:50 executing program 0: openat$audio1(0xffffffffffffff9c, &(0x7f0000000340)='/dev/audio1\x00', 0x1a5000, 0x0) 15:51:50 executing program 2: pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000001980), 0x0) 15:51:50 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x5, &(0x7f0000000100)=@framed={{}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x17, 0x0, 0x0, 0x0, 0x7f}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:51 executing program 3: r0 = syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r0, 0xc1004111, 0x0) 15:51:51 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) 15:51:51 executing program 2: io_uring_setup(0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000400)=[@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x32}}], 0x10) 15:51:51 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x1f, 0x0, 0x0, 0x40}, 0x9c) 15:51:51 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={0x0, @in={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x0, 0x0, 0x0, 0x8000}, 0x9c) 15:51:51 executing program 3: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001b00)='/dev/nvme-fabrics\x00', 0x0, 0x0) r1 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001b00)='/dev/nvme-fabrics\x00', 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0) r2 = epoll_create(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000040)={0x8000001a}) mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000005, 0x30, r1, 0x10000000) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) ioctl$SOUND_MIXER_READ_CAPS(r0, 0x80044dfc, &(0x7f0000000000)) 15:51:51 executing program 2: msgctl$MSG_STAT(0x0, 0xb, &(0x7f0000000000)=""/2) 15:51:51 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x5, &(0x7f0000000100)=@framed={{}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x17, 0x0, 0x0, 0x0, 0x7f}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:51 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) 15:51:51 executing program 3: syz_usb_connect$cdc_ecm(0x0, 0x56, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020040082505a1a44000010203010902"], 0x0) 15:51:51 executing program 2: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0x40049409, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:51 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 15:51:51 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x65, 0x0, 0x0) 15:51:51 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) 15:51:51 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x29, 0x3, 0x0, 0x0) 15:51:51 executing program 1: socket(0x2, 0x5, 0x2) 15:51:51 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000480)=[@in6={0xa, 0x0, 0x3, @remote, 0x5}, @in={0x2, 0x4e22, @private}], 0x2c) [ 236.046678][ T8508] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 236.296843][ T8508] usb 8-1: Using ep0 maxpacket: 8 [ 236.447193][ T8508] usb 8-1: config 0 has no interfaces? [ 236.640383][ T8508] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 236.661157][ T8508] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 236.682776][ T8508] usb 8-1: Product: syz [ 236.689987][ T8508] usb 8-1: Manufacturer: syz [ 236.698570][ T8508] usb 8-1: SerialNumber: syz [ 236.710828][ T8508] usb 8-1: config 0 descriptor?? [ 236.966397][ T8508] usb 8-1: USB disconnect, device number 6 [ 237.746881][ T36] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 238.016793][ T36] usb 8-1: Using ep0 maxpacket: 8 [ 238.137088][ T36] usb 8-1: config 0 has no interfaces? [ 238.307081][ T36] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 238.319797][ T36] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 238.331229][ T36] usb 8-1: Product: syz [ 238.336392][ T36] usb 8-1: Manufacturer: syz [ 238.344375][ T36] usb 8-1: SerialNumber: syz [ 238.353643][ T36] usb 8-1: config 0 descriptor?? 15:51:54 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x5, 0x0, 0x0) 15:51:54 executing program 1: syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="02"], 0x76) [ 238.626450][ T36] usb 8-1: USB disconnect, device number 7 15:51:54 executing program 2: clock_gettime(0x0, &(0x7f0000001940)={0x0, 0x0}) pselect6(0x40, &(0x7f0000001880), 0x0, &(0x7f0000001900)={0x1}, &(0x7f0000001980)={0x0, r0+60000000}, 0x0) 15:51:54 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) [ 238.722619][ T8482] Bluetooth: hci1: ACL packet for unknown connection handle 0 15:51:54 executing program 1: socket$inet6_sctp(0xa, 0x0, 0x84) getrusage(0x1, &(0x7f0000000040)) 15:51:54 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x180}, 0x0) [ 238.758095][ T8482] Bluetooth: hci1: ACL packet for unknown connection handle 0 15:51:54 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x14, 0x0, 0x0) 15:51:54 executing program 0: ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) 15:51:54 executing program 3: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000400)=[@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x32}}], 0x10) 15:51:54 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000480)=[@in6={0xa, 0x0, 0x0, @remote}], 0x1c) 15:51:54 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x2, &(0x7f0000000180)=@raw=[@map={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [0x49], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:54 executing program 0: ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) 15:51:54 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x2, &(0x7f0000000180)=@raw=[@map={0x18, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xf0ffff}], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:54 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 15:51:54 executing program 0: ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) 15:51:54 executing program 3: io_uring_setup(0x8699e, &(0x7f0000000900)={0x0, 0x0, 0x10}) 15:51:54 executing program 1: io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, [0x3f00]}) 15:51:54 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0xe, 0x0, 0x0) 15:51:54 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) 15:51:54 executing program 2: r0 = socket$qrtr(0x2a, 0x2, 0x0) recvmsg$qrtr(r0, 0x0, 0x0, 0x0) 15:51:54 executing program 1: r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000080)='/dev/udmabuf\x00', 0x2) ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f00000000c0)={0xffffffffffffffff, 0x0, 0x0, 0x8000}) 15:51:54 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x7, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:54 executing program 3: memfd_create(&(0x7f0000000100)=')\xe9', 0x6) 15:51:54 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) 15:51:54 executing program 2: openat$binder_debug(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) 15:51:54 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x65, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}}, 0x9c) 15:51:54 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, 0x0, &(0x7f00000000c0)) 15:51:54 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x1d, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:54 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) 15:51:54 executing program 0: openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) 15:51:54 executing program 1: shmctl$SHM_STAT(0x0, 0xd, &(0x7f00000005c0)=""/35) 15:51:54 executing program 2: socket(0x10, 0x0, 0x7ff) 15:51:54 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x3}, 0x9c) 15:51:54 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0xd, 0x0, 0x0) 15:51:54 executing program 0: openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) 15:51:54 executing program 2: msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000740)={{0x2, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0xffffffffffffffff}) 15:51:54 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0xa, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:54 executing program 0: openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) 15:51:54 executing program 1: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0xc050565d, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:51:55 executing program 3: socket$inet6_sctp(0xa, 0x1, 0x84) shmctl$IPC_RMID(0x0, 0x0) 15:51:55 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000400)=[@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x32}}], 0x10) 15:51:55 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, 0x0) 15:51:55 executing program 1: socket$inet6_sctp(0xa, 0xe0dd445e931c4167, 0x84) 15:51:55 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, 0x0, &(0x7f0000000740)) 15:51:55 executing program 3: r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/btrfs-control\x00', 0x0, 0x0) mmap$fb(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) 15:51:55 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0xe, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:55 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, 0x0) 15:51:55 executing program 2: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001b00)='/dev/nvme-fabrics\x00', 0x0, 0x0) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 15:51:55 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x14, 0x0, 0x0) 15:51:55 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x20) 15:51:55 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, 0x0) 15:51:55 executing program 3: syz_usb_connect$cdc_ecm(0x0, 0x56, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020040082505a1a44000010203010902440001010007000904"], 0x0) 15:51:55 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) 15:51:55 executing program 1: pselect6(0x0, 0x0, 0x0, &(0x7f0000001900), &(0x7f0000001980), 0x0) 15:51:55 executing program 2: syz_emit_ethernet(0x56, &(0x7f00000001c0)={@multicast, @random="8bfead141754", @void, {@ipv6={0x86dd, @tipc_packet={0x0, 0x6, "97c98c", 0x20, 0x6, 0x0, @rand_addr=' \x01\x00', @mcast2, {[], @payload_direct={{{{0x20, 0x0, 0x0, 0x0, 0x0, 0x8}}}}}}}}}, 0x0) 15:51:55 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)) 15:51:55 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x24, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}}, 0x9c) 15:51:55 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x1, &(0x7f0000000000)=@raw=[@jmp], &(0x7f0000000040)='GPL\x00', 0xb2a, 0xc4, &(0x7f0000000080)=""/196, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:55 executing program 1: shmctl$IPC_RMID(0x0, 0x0) shmat(0x0, &(0x7f0000ffa000/0x4000)=nil, 0x0) [ 239.996640][ T2991] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 240.267184][ T2991] usb 8-1: Using ep0 maxpacket: 8 [ 240.407347][ T2991] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 240.587398][ T2991] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 240.602268][ T2991] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 240.623333][ T2991] usb 8-1: Product: syz [ 240.637234][ T2991] usb 8-1: Manufacturer: syz [ 240.654118][ T2991] usb 8-1: SerialNumber: syz [ 240.913464][ T28] usb 8-1: USB disconnect, device number 8 [ 241.686748][ T1244] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 241.926880][ T1244] usb 8-1: Using ep0 maxpacket: 8 [ 242.060017][ T1244] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 242.268963][ T1244] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 242.284094][ T1244] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 242.296217][ T1244] usb 8-1: Product: syz [ 242.302406][ T1244] usb 8-1: Manufacturer: syz [ 242.309370][ T1244] usb 8-1: SerialNumber: syz [ 242.567188][ T34] usb 8-1: USB disconnect, device number 9 15:51:58 executing program 2: r0 = socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000080)="e5", 0x1}, {0x0}], 0x2, &(0x7f0000000380)=ANY=[], 0x180}, 0x0) 15:51:58 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000300)=0x101, 0x4) 15:51:58 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000002c0)=0x8001, 0x4) 15:51:58 executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, 0x0, &(0x7f0000001040)) 15:51:58 executing program 0: clock_gettime(0x0, &(0x7f0000001940)={0x0, 0x0}) pselect6(0x40, &(0x7f0000001880), &(0x7f00000018c0)={0x4}, 0x0, &(0x7f0000001980)={0x0, r0+60000000}, 0x0) 15:51:58 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}], 0x1c) 15:51:58 executing program 1: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4}) 15:51:58 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x29, 0x2, 0x0, 0x0) 15:51:58 executing program 2: pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)={&(0x7f00000019c0), 0x8}) 15:51:58 executing program 0: r0 = socket$qrtr(0x2a, 0x2, 0x0) getsockname$qrtr(r0, 0x0, &(0x7f00000007c0)) 15:51:58 executing program 3: pselect6(0x40, &(0x7f0000001880), 0x0, 0x0, &(0x7f0000001980), 0x0) 15:51:58 executing program 1: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x0) 15:51:58 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0xf4240, &(0x7f0000000180)=@raw=[@map={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:58 executing program 3: socketpair(0x1, 0x5, 0x80, &(0x7f0000000000)) 15:51:58 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, 0x0, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, 0x0, 0x0) r1 = getpgrp(0xffffffffffffffff) getpgid(r1) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000000c0), &(0x7f0000000100)=0x4) 15:51:58 executing program 3: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4}) [ 242.884392][T10751] sctp: [Deprecated]: syz-executor.1 (pid 10751) Use of int in max_burst socket option. [ 242.884392][T10751] Use struct sctp_assoc_value instead [ 242.935095][T10762] sctp: [Deprecated]: syz-executor.1 (pid 10762) Use of int in max_burst socket option. [ 242.935095][T10762] Use struct sctp_assoc_value instead 15:51:59 executing program 2: r0 = mq_open(&(0x7f0000000140)='-+(.))(-,&$l{]@\x00', 0x0, 0x0, 0x0) clock_gettime(0x1, &(0x7f0000000280)={0x0, 0x0}) mq_timedreceive(r0, &(0x7f00000001c0)=""/192, 0xc0, 0x0, &(0x7f0000000300)={0x0, r1+10000000}) 15:51:59 executing program 0: shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000000)=""/224) 15:51:59 executing program 3: getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) 15:51:59 executing program 1: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) ioctl$SOUND_MIXER_READ_STEREODEVS(r0, 0x80044dfb, &(0x7f0000000040)) 15:51:59 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, 0x0, &(0x7f0000000100)) 15:51:59 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000440)=[@in6={0xa, 0x0, 0x0, @local, 0x8}], 0x1c) 15:51:59 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000480)=[@in6={0xa, 0x0, 0x0, @remote, 0x5}, @in6={0xa, 0x0, 0x0, @private0}], 0x38) 15:51:59 executing program 0: syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0x2, 0x240) 15:51:59 executing program 2: clock_gettime(0x0, &(0x7f0000001940)={0x0, 0x0}) pselect6(0x40, &(0x7f0000001880), 0x0, 0x0, &(0x7f0000001980)={0x0, r0+60000000}, 0x0) 15:51:59 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000480)=[@in6={0xa, 0x4e20, 0x3, @remote, 0x5}, @in={0x2, 0x4e22, @private=0xa010101}], 0x2c) 15:51:59 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x1a, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:59 executing program 0: io_uring_setup(0x4038, &(0x7f0000000000)={0x0, 0x0, 0x2, 0x0, 0x3e2}) 15:51:59 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0xf, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:51:59 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x7d, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote}}}, 0x9c) 15:51:59 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0) 15:51:59 executing program 0: r0 = gettid() ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) 15:51:59 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0xa, 0x0, 0x0) 15:51:59 executing program 2: socketpair(0xa, 0x6, 0x0, &(0x7f0000000100)) 15:51:59 executing program 0: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video1\x00', 0x2, 0x0) ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000080)={0x8, @raw_data="a812a87d8088728f8530efb7db25381b659362db2a08682c08c5ff2bd1ce9ef667571cc84c6aba6d7829f3506282f4f6af0c2a769ebc9c5947a818a5f5e2c23d6b7e23f63f841564d221df11f0198662f06381c1f6b1fd96bb2b339f14b230664b33419984927e73315662ff3e17bc4dee49acf5c0c36c361468299644b386147493011b50acf7d74a051ef929ac77395d9a12eea0ebce4386ec1010f95e0b9b8171175c680c02870431c44cb36ce23ea9fca866ee8450b845d758ce797dbd8b7eb6e08d73bca910"}) 15:51:59 executing program 2: socket(0x25, 0x5, 0x2434) 15:51:59 executing program 3: openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/seq\x00', 0x4000) 15:52:00 executing program 1: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0x5421, &(0x7f0000000440)={0x3, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:52:00 executing program 0: r0 = syz_open_dev$radio(&(0x7f0000000400)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_G_MODULATOR(r0, 0x5452, &(0x7f0000000440)={0x0, "7c4611d47e6e97c4ce51c2bd568ccc5e940ffc25da46429a7d74a01c06eab30f"}) 15:52:00 executing program 2: openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nvme-fabrics\x00', 0x20000, 0x0) 15:52:00 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockname(r0, &(0x7f0000000080)=@alg, &(0x7f0000000100)=0x80) 15:52:00 executing program 1: socket(0x1e, 0x0, 0x4447) 15:52:00 executing program 2: r0 = socket$qrtr(0x2a, 0x2, 0x0) recvmsg$qrtr(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x38, 0x0) 15:52:00 executing program 0: setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0) syz_io_uring_setup(0x95b, &(0x7f0000000580)={0x0, 0x9ca3, 0x8, 0x0, 0x1d5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff6000/0x3000)=nil, 0x0, &(0x7f0000000640)) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000480)=[@in6={0xa, 0x4e20, 0x3, @remote, 0x5}, @in={0x2, 0x4e22, @private}, @in6={0xa, 0x4e23, 0x7, @private0, 0x6}, @in6={0xa, 0x4e22, 0x6, @private0={0xfc, 0x0, [], 0x1}, 0x7f8}, @in={0x2, 0x4e22, @empty}, @in6={0xa, 0x4e23, 0x0, @private0={0xfc, 0x0, [], 0x1}, 0x1}, @in={0x2, 0x0, @remote}, @in={0x2, 0x4e23, @private}, @in={0x2, 0x4e22, @loopback}], 0xc0) 15:52:00 executing program 3: shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000040)=""/173) 15:52:00 executing program 2: clock_getres(0x2, 0x0) r0 = syz_usb_connect$cdc_ecm(0x5, 0x5e, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x4c, 0x1, 0x1, 0x6, 0xa0, 0x2, [{{0x9, 0x4, 0x0, 0x9e, 0x3, 0x2, 0x6, 0x0, 0x6, {{0x6, 0x24, 0x6, 0x0, 0x0, "ca"}, {0x5, 0x24, 0x0, 0xd232}, {0xd, 0x24, 0xf, 0x1, 0xfffff46a, 0x82c, 0x2, 0x3}, [@dmm={0x7, 0x24, 0x14, 0x9, 0xffff}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x10, 0x8, 0x7f, 0x80}}], {{0x9, 0x5, 0x82, 0x2, 0x40, 0x59, 0x0, 0x2}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x6, 0x8, 0x7}}}}}]}}]}}, &(0x7f0000000600)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x310, 0x20, 0x81, 0x4, 0x10, 0x6}, 0x5, &(0x7f00000000c0)={0x5, 0xf, 0x5}, 0x9, [{0x4, &(0x7f0000000100)=@lang_id={0x4, 0x3, 0x82c}}, {0x14, &(0x7f0000000140)=@string={0x14, 0x3, "e4832a134999bc65fce2e6ef5f07a05f1837"}}, {0xc1, &(0x7f0000000180)=@string={0xc1, 0x3, "92080797ec62ad4ba934817728921af7644498509ec3ac1545f8a6c2c1678fdae7d5861f9cc10577ac97e49736248587c70b5739833db39a384adf5ded74f462d63a4cecbe548d0336e61ec229580352952591b08a6ebb0cb916343b25b9eb9c506ab088ad4450bb66f044d1025e8fad181029b1180efeddc000a0b79028b62878e846082cd08e97b5db0921ef10df24d173e0b55f32e9cf954197401fedc23f38acc5dbc78a7efd8bbf9e9260d6f902f30dae7da72d48ccc8610831b728b1"}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x804}}, {0x90, &(0x7f00000002c0)=@string={0x90, 0x3, "e24419616609bc73e27bd5c6bfec40e3be76bbfdec7e6de54825e9ca7a9889585eb8cc57da77f09e0267ff62c604862f34240e958e85c1bb56f85f460ecae8ace3e66098cc651827efda16d8b21670107a381c25569b37e08cb2e4757bff1bfb487f5de40f96e4216939f846520024f659159659908c9581674320d7654abe5519223bebcefe575d0c17a7ec67bd"}}, {0xf0, &(0x7f0000000380)=@string={0xf0, 0x3, "b01fa3d6947dac290421534b357d2c7a9ac2c9fd270db3b16a404b671b63fcd084f81db2bebe84cf0a8a68311af61d1e782253cc17201e2478e64c090bf2b8c29c4a8362f3dd537864fab4adef2445fc6ecf004216f7b8ec69c3d4bdd38adeaa8a1060c950f6cfc581ea221e846a6921febe3931526e7c7a43b0b5ae48151b3675f23d8a191a562737853cd038b9f5e804e36ebe61c7addeb11be062afeda9aea43a7719871b3f28743de6c5514b7185a9e25efa3da10bc563d42a26580e41d959fc7f8b1877b96a6232926a665fdfe22741c135d12f0b50b454cde2e36f41a8493beed7aadba22f25d265e5a821"}}, {0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x40a}}, {0x2d, &(0x7f00000004c0)=@string={0x2d, 0x3, "77c563f6796a7ec71560075ff4f87a553710f2195c03f097a783e76fe41b6fd519674cf1f73e930975aa9f"}}, {0xee, &(0x7f0000000500)=@string={0xee, 0x3, "e2ede24bb29921550bbf280af741c283a4c2b31077e39213dbf98d1804de72b27b1c3227ce1c10c5eedfa9f4a467c23371b4cae22b49ffe80a206bf29ea5fc3d2429c402a58c3d3a382970f3020fdec35faa22bf3bfb91d8273721775b9a4c09db6691b86a042b159ac3b06bcf7a8911071a7e6879d9e2ab441b1b843d8e385caea7a001424d80a8a62d84c804c36d70400648cd82029a36cda44af9814463454232e0099d27a24063b9f26e934d80294e737629dd1adccfa5aea67df619d5ca4cde26419b3c9983c02b8cd911da05f52a589419cc2f01edb6d8b1e070c79db0f2607246ddda024b2d2e87f7"}}]}) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000009c0)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000c40)={&(0x7f0000000980), 0xc, &(0x7f0000000c00)={&(0x7f0000000a00)={0x1e0, r1, 0xc07, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_MEDIA={0x30, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}]}, @TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0xa57}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7ff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x10000}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xec3}]}, @TIPC_NLA_SOCK={0x10, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_PUBL={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x14f}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xe24}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x80000001}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4fb1}, @TIPC_NLA_PUBL_LOWER={0x8}]}, @TIPC_NLA_NODE={0xec, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x44, 0x4, {'gcm(aes)\x00', 0x1c, "286064030d22d7a5dcd0700e5b19921e21c777f0a8691e6d96c6537e"}}, @TIPC_NLA_NODE_KEY={0x48, 0x4, {'gcm(aes)\x00', 0x20, "35c7cffb21217ca81de0d20dd367f55a49ec101a119bc782340fbb17ea66d292"}}, @TIPC_NLA_NODE_ID={0x57, 0x3, "b21fe90e6c2677f45f61e5147590bc38fcfcf67ff83a81b1de3feed4d7f4d1e57ff7a6804e208b921f62765e1fb2472a46c074858acaed96d03634dc22661eb3b9e941aa291d117b7646e67951f1e4ffee4296"}, @TIPC_NLA_NODE_UP={0xfffffffffffffdc1}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xffff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x885}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}]}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x40000}, 0x81) syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000780)={0x14, &(0x7f00000006c0)={0x0, 0xc, 0x68, {0x68, 0xc, "91ead5356294715523a39f5acb09be3ff0c8b707e43c6149f3b1e2a140904d171928ce6318cc32b3cf601233569930accada6f13010d864bcc2f69c57326a0cd6be387bcea470ea5e4c2b1084779a6500f3d888b4528ff75103557ebe72e78d219682c90c519"}}, &(0x7f0000000740)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000940)={0x1c, &(0x7f00000007c0)={0x20, 0x9, 0xf7, "7283702ca07699fcb78dbe48de84c5b40aa2ae7548b1ac8632123d2af8fb306c7b2ae0ecd891096f7e7a97c94557935f8bb236a401596ffff7b876fb8814fbf17bf625d39d957deed20dc5bb8405661fab301ec61fc03e64106e2bd4caf1aaaf8d13ea4ae0d3fadab2a8183a4f43dcefaae08b51d9e34bb11552eb362a71da18b98188b634fecab946ffb0a46d03bfd60f804c349f6a0867af937f717de5b8b719d2d6199e5f917704a6abed65c22d9daf06a8bf7a0aa76b1aa8e7ef3e90ed315a9237b17be5c119924b92aa0102ea612d5e1177e273b3503457420fa3854bd3aee286a1af5a6c508d8e231b07f22b6bd7f8c220ca1cf5"}, &(0x7f00000008c0)={0x0, 0xa, 0x1, 0xff}, &(0x7f0000000900)={0x0, 0x8, 0x1, 0x8}}) 15:52:00 executing program 1: syz_io_uring_setup(0x759b, &(0x7f0000000000), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) syz_io_uring_setup(0x249d, &(0x7f0000000100)={0x0, 0x3f7e, 0x0, 0x0, 0x260}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) 15:52:00 executing program 3: syz_open_dev$hiddev(&(0x7f0000000780)='/dev/usb/hiddev#\x00', 0x0, 0x32dbc1) 15:52:00 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x7d, 0x0, 0x0) 15:52:00 executing program 3: read$qrtrtun(0xffffffffffffffff, 0x0, 0x0) 15:52:00 executing program 3: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, 0x0, &(0x7f0000001280)) 15:52:00 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x10, 0x0, 0x0) 15:52:00 executing program 1: io_uring_setup(0x8699e, &(0x7f0000000900)) [ 244.986928][ T1244] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 245.267428][ T1244] usb 7-1: Using ep0 maxpacket: 8 [ 245.487497][ T1244] usb 7-1: config 1 interface 0 altsetting 158 bulk endpoint 0x82 has invalid maxpacket 64 [ 245.506694][ T1244] usb 7-1: config 1 interface 0 altsetting 158 bulk endpoint 0x3 has invalid maxpacket 1024 [ 245.524090][ T1244] usb 7-1: config 1 interface 0 has no altsetting 0 [ 245.697545][ T1244] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 245.711480][ T1244] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 245.724736][ T1244] usb 7-1: Product: ࢒震括䮭㒩瞁鈨䑤傘쎞ᖬ슦柁헧ᾆ솜眅鞬韤␶螅ே㥗㶃骳䨸巟瓭拴㫖咾΍숞堩刃▕낑溊಻ᚹ㬴뤥鳫橐袰䒭뭐텄市궏ဘ넩ธÀ랠⢐⢶ࡆ퀬鞎℉ჯⓟ珑뗠㉟쿩䆕䂗㿂갸談ﵾ뾋銞홠˹ෳ綮⶧챈懈ㄈ⢷ [ 245.771298][ T1244] usb 7-1: Manufacturer: 菤ጪ饉於ݟ徠㜘 [ 245.783036][ T1244] usb 7-1: SerialNumber: ࠄ [ 245.808340][T10867] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 245.822802][T10867] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 246.337164][ T1244] cdc_ether: probe of 7-1:1.0 failed with error -71 [ 246.350984][ T1244] usb 7-1: USB disconnect, device number 4 [ 247.046914][ T1244] usb 7-1: new high-speed USB device number 5 using dummy_hcd 15:52:02 executing program 2: syz_io_uring_setup(0x1649, &(0x7f0000000100), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0) syz_io_uring_setup(0x95b, &(0x7f0000000580)={0x0, 0x9ca3}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000000600), &(0x7f0000000640)) 15:52:02 executing program 3: syz_io_uring_setup(0x95b, &(0x7f0000000580)={0x0, 0x0, 0x8}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000000600), &(0x7f0000000640)) 15:52:02 executing program 0: openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvme-fabrics\x00', 0x111100, 0x0) 15:52:02 executing program 1: shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000000)=""/4) 15:52:02 executing program 3: 15:52:02 executing program 1: 15:52:02 executing program 0: 15:52:02 executing program 3: openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001b00)='/dev/nvme-fabrics\x00', 0x0, 0x0) bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0) 15:52:02 executing program 2: 15:52:02 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x3f, 0x0, 0x0, 0x0, 0x8}, 0x14) 15:52:02 executing program 0: 15:52:02 executing program 3: 15:52:02 executing program 2: 15:52:02 executing program 1: 15:52:02 executing program 0: 15:52:02 executing program 3: 15:52:02 executing program 2: 15:52:02 executing program 1: 15:52:02 executing program 3: 15:52:02 executing program 0: 15:52:02 executing program 1: 15:52:02 executing program 3: 15:52:02 executing program 2: 15:52:02 executing program 3: 15:52:02 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000140)=@assoc_value, &(0x7f0000000180)=0x8) 15:52:02 executing program 0: r0 = getpgid(0x0) sched_setattr(r0, &(0x7f0000000000)={0x38, 0x0, 0x0, 0x0, 0x7}, 0x0) 15:52:03 executing program 2: 15:52:03 executing program 3: 15:52:03 executing program 0: 15:52:03 executing program 2: 15:52:03 executing program 1: 15:52:03 executing program 0: 15:52:03 executing program 3: 15:52:03 executing program 2: 15:52:03 executing program 0: 15:52:03 executing program 3: 15:52:03 executing program 1: 15:52:03 executing program 2: 15:52:03 executing program 0: 15:52:03 executing program 2: 15:52:03 executing program 3: 15:52:03 executing program 1: 15:52:03 executing program 0: 15:52:03 executing program 2: 15:52:03 executing program 1: 15:52:03 executing program 0: 15:52:03 executing program 1: 15:52:03 executing program 2: 15:52:03 executing program 3: 15:52:03 executing program 2: 15:52:03 executing program 1: 15:52:03 executing program 3: 15:52:03 executing program 0: 15:52:03 executing program 3: 15:52:03 executing program 2: 15:52:03 executing program 1: 15:52:03 executing program 2: 15:52:03 executing program 0: 15:52:03 executing program 3: 15:52:03 executing program 1: 15:52:03 executing program 2: 15:52:03 executing program 3: 15:52:03 executing program 0: 15:52:03 executing program 1: 15:52:03 executing program 2: 15:52:03 executing program 0: 15:52:03 executing program 1: 15:52:03 executing program 0: 15:52:03 executing program 3: 15:52:03 executing program 2: 15:52:03 executing program 3: 15:52:03 executing program 1: 15:52:03 executing program 0: 15:52:03 executing program 3: 15:52:03 executing program 2: 15:52:03 executing program 0: 15:52:03 executing program 1: 15:52:03 executing program 3: 15:52:03 executing program 2: 15:52:03 executing program 0: 15:52:03 executing program 1: 15:52:03 executing program 3: 15:52:03 executing program 2: 15:52:03 executing program 1: 15:52:03 executing program 0: 15:52:03 executing program 3: 15:52:03 executing program 2: 15:52:03 executing program 1: 15:52:03 executing program 0: 15:52:03 executing program 3: 15:52:03 executing program 1: 15:52:03 executing program 3: 15:52:03 executing program 2: 15:52:03 executing program 0: 15:52:03 executing program 1: 15:52:03 executing program 3: 15:52:03 executing program 2: 15:52:03 executing program 0: 15:52:03 executing program 3: 15:52:04 executing program 2: 15:52:04 executing program 1: 15:52:04 executing program 0: 15:52:04 executing program 3: 15:52:04 executing program 2: 15:52:04 executing program 1: 15:52:04 executing program 0: 15:52:04 executing program 1: 15:52:04 executing program 2: 15:52:04 executing program 3: 15:52:04 executing program 2: 15:52:04 executing program 3: 15:52:04 executing program 0: 15:52:04 executing program 1: 15:52:04 executing program 3: 15:52:04 executing program 2: 15:52:04 executing program 1: 15:52:04 executing program 0: 15:52:04 executing program 2: 15:52:04 executing program 3: 15:52:04 executing program 0: 15:52:04 executing program 1: 15:52:04 executing program 3: 15:52:04 executing program 2: 15:52:04 executing program 0: 15:52:04 executing program 3: 15:52:04 executing program 1: 15:52:04 executing program 2: 15:52:04 executing program 0: 15:52:04 executing program 2: 15:52:04 executing program 0: 15:52:04 executing program 1: 15:52:04 executing program 3: 15:52:04 executing program 2: 15:52:04 executing program 0: 15:52:04 executing program 3: 15:52:04 executing program 2: 15:52:04 executing program 1: 15:52:04 executing program 0: 15:52:04 executing program 1: 15:52:04 executing program 3: 15:52:04 executing program 2: 15:52:04 executing program 0: 15:52:04 executing program 1: 15:52:04 executing program 2: 15:52:04 executing program 3: 15:52:04 executing program 0: 15:52:04 executing program 2: 15:52:04 executing program 1: 15:52:04 executing program 3: 15:52:04 executing program 0: 15:52:04 executing program 2: 15:52:04 executing program 1: 15:52:04 executing program 3: 15:52:04 executing program 0: 15:52:04 executing program 2: 15:52:04 executing program 1: 15:52:04 executing program 3: 15:52:05 executing program 0: 15:52:05 executing program 2: 15:52:05 executing program 1: 15:52:05 executing program 3: 15:52:05 executing program 0: 15:52:05 executing program 2: 15:52:05 executing program 3: 15:52:05 executing program 1: 15:52:05 executing program 0: 15:52:05 executing program 2: 15:52:05 executing program 3: 15:52:05 executing program 0: 15:52:05 executing program 2: 15:52:05 executing program 1: 15:52:05 executing program 3: 15:52:05 executing program 1: 15:52:05 executing program 3: 15:52:05 executing program 0: 15:52:05 executing program 2: 15:52:05 executing program 0: 15:52:05 executing program 1: 15:52:05 executing program 3: 15:52:05 executing program 2: 15:52:05 executing program 0: 15:52:05 executing program 2: 15:52:05 executing program 3: 15:52:05 executing program 1: 15:52:05 executing program 0: 15:52:05 executing program 1: 15:52:05 executing program 3: 15:52:05 executing program 0: 15:52:05 executing program 2: 15:52:05 executing program 1: 15:52:05 executing program 3: 15:52:05 executing program 0: 15:52:05 executing program 1: 15:52:05 executing program 3: 15:52:05 executing program 2: 15:52:05 executing program 0: 15:52:05 executing program 3: 15:52:05 executing program 2: 15:52:05 executing program 1: 15:52:05 executing program 0: 15:52:05 executing program 3: 15:52:05 executing program 2: 15:52:05 executing program 0: 15:52:05 executing program 1: 15:52:05 executing program 2: 15:52:05 executing program 3: 15:52:05 executing program 0: 15:52:05 executing program 1: 15:52:05 executing program 3: 15:52:05 executing program 2: 15:52:05 executing program 0: 15:52:05 executing program 1: 15:52:05 executing program 0: 15:52:05 executing program 2: 15:52:05 executing program 1: 15:52:05 executing program 3: 15:52:05 executing program 0: 15:52:05 executing program 2: 15:52:05 executing program 3: 15:52:05 executing program 0: 15:52:05 executing program 1: 15:52:05 executing program 2: 15:52:05 executing program 0: 15:52:06 executing program 3: 15:52:06 executing program 1: 15:52:06 executing program 0: 15:52:06 executing program 2: 15:52:06 executing program 1: 15:52:06 executing program 3: 15:52:06 executing program 2: 15:52:06 executing program 1: 15:52:06 executing program 3: 15:52:06 executing program 0: 15:52:06 executing program 3: 15:52:06 executing program 2: 15:52:06 executing program 1: 15:52:06 executing program 0: 15:52:06 executing program 1: 15:52:06 executing program 3: 15:52:06 executing program 0: 15:52:06 executing program 2: 15:52:06 executing program 1: 15:52:06 executing program 3: 15:52:06 executing program 2: 15:52:06 executing program 0: 15:52:06 executing program 1: 15:52:06 executing program 3: 15:52:06 executing program 2: 15:52:06 executing program 0: 15:52:06 executing program 2: 15:52:06 executing program 1: 15:52:06 executing program 3: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCSACTIVE(r0, 0x40107446, 0x0) 15:52:07 executing program 2 (fault-call:1 fault-nth:0): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)) 15:52:07 executing program 0: socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe) 15:52:07 executing program 1: [ 251.616696][T11373] FAULT_INJECTION: forcing a failure. 15:52:07 executing program 0: [ 251.616696][T11373] name failslab, interval 1, probability 0, space 0, times 1 [ 251.653993][T11373] CPU: 2 PID: 11373 Comm: syz-executor.2 Not tainted 5.9.0-rc8-syzkaller #0 15:52:07 executing program 1: [ 251.663452][T11373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 15:52:07 executing program 0: [ 251.674459][T11373] Call Trace: 15:52:07 executing program 3: [ 251.674459][T11373] dump_stack+0x198/0x1fd [ 251.674459][T11373] should_fail.cold+0x5/0x14 [ 251.674459][T11373] ? tomoyo_realpath_from_path+0xc3/0x620 [ 251.707264][T11373] should_failslab+0x5/0xf 15:52:07 executing program 0: [ 251.707264][T11373] slab_pre_alloc_hook.constprop.0+0xf4/0x1f0 [ 251.707264][T11373] __kmalloc+0x6f/0x360 [ 251.707264][T11373] tomoyo_realpath_from_path+0xc3/0x620 15:52:07 executing program 1: [ 251.727218][T11373] ? tomoyo_profile+0x42/0x50 [ 251.727218][T11373] tomoyo_path_number_perm+0x1d5/0x590 [ 251.742180][T11373] ? tomoyo_path_number_perm+0x18d/0x590 [ 251.742180][T11373] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 251.742180][T11373] ? find_held_lock+0x2d/0x110 [ 251.765405][T11373] ? ksys_write+0x212/0x250 [ 251.770835][T11373] ? __mutex_unlock_slowpath+0xe2/0x610 [ 251.775440][T11373] ? __fget_files+0x294/0x400 [ 251.778150][T11373] security_file_ioctl+0x50/0xb0 [ 251.778150][T11373] __do_compat_sys_ioctl+0x50/0x230 [ 251.794644][T11373] __do_fast_syscall_32+0x60/0x90 [ 251.800586][T11373] do_fast_syscall_32+0x2f/0x70 [ 251.806612][T11373] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 251.813517][T11373] RIP: 0023:0xf7f2f549 [ 251.819812][T11373] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 251.846080][T11373] RSP: 002b:00000000f55290bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 251.855456][T11373] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601 [ 251.864829][T11373] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 251.872932][T11373] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 251.888183][T11373] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 251.903024][T11373] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 251.931043][T11373] ERROR: Out of memory at tomoyo_realpath_from_path. 15:52:07 executing program 2 (fault-call:1 fault-nth:1): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)) 15:52:07 executing program 0: 15:52:07 executing program 3: 15:52:07 executing program 1: 15:52:07 executing program 1: 15:52:07 executing program 0: 15:52:07 executing program 3: [ 252.084695][T11392] FAULT_INJECTION: forcing a failure. [ 252.084695][T11392] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 252.089882][T11392] CPU: 1 PID: 11392 Comm: syz-executor.2 Not tainted 5.9.0-rc8-syzkaller #0 15:52:07 executing program 1: [ 252.122457][T11392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 252.129220][T11392] Call Trace: [ 252.148564][T11392] dump_stack+0x198/0x1fd [ 252.152633][T11392] should_fail.cold+0x5/0x14 [ 252.152633][T11392] __alloc_pages_nodemask+0x183/0x790 [ 252.163643][T11392] ? __alloc_pages_slowpath.constprop.0+0x28c0/0x28c0 [ 252.163643][T11392] cache_grow_begin+0x71/0x4a0 [ 252.183558][T11392] cache_alloc_refill+0x27f/0x380 [ 252.195634][T11392] ? lockdep_hardirqs_off+0x96/0xd0 [ 252.202235][T11392] ? tomoyo_realpath_from_path+0xc3/0x620 [ 252.209382][T11392] __kmalloc+0x2f9/0x360 [ 252.214797][T11392] tomoyo_realpath_from_path+0xc3/0x620 [ 252.225698][T11392] ? tomoyo_profile+0x42/0x50 [ 252.232214][T11392] tomoyo_path_number_perm+0x1d5/0x590 [ 252.238823][T11392] ? tomoyo_path_number_perm+0x18d/0x590 [ 252.245378][T11392] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 252.253181][T11392] ? find_held_lock+0x2d/0x110 [ 252.266693][T11392] ? ksys_write+0x212/0x250 [ 252.274096][T11392] ? __mutex_unlock_slowpath+0xe2/0x610 [ 252.285206][T11392] ? __fget_files+0x294/0x400 [ 252.290763][T11392] security_file_ioctl+0x50/0xb0 [ 252.296847][T11392] __do_compat_sys_ioctl+0x50/0x230 [ 252.306690][T11392] __do_fast_syscall_32+0x60/0x90 [ 252.313407][T11392] do_fast_syscall_32+0x2f/0x70 [ 252.319203][T11392] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 252.328675][T11392] RIP: 0023:0xf7f2f549 [ 252.335761][T11392] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 252.374945][T11392] RSP: 002b:00000000f55290bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 252.384774][T11392] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601 [ 252.395323][T11392] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 252.404498][T11392] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 252.414233][T11392] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 252.423133][T11392] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 15:52:07 executing program 2 (fault-call:1 fault-nth:2): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)) 15:52:07 executing program 1: 15:52:07 executing program 3: 15:52:07 executing program 0: 15:52:07 executing program 3: [ 252.499991][T11407] FAULT_INJECTION: forcing a failure. 15:52:07 executing program 1: 15:52:07 executing program 0: [ 252.499991][T11407] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 252.509141][T11407] CPU: 2 PID: 11407 Comm: syz-executor.2 Not tainted 5.9.0-rc8-syzkaller #0 [ 252.509141][T11407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 15:52:08 executing program 3: [ 252.509141][T11407] Call Trace: [ 252.546731][T11407] dump_stack+0x198/0x1fd [ 252.546731][T11407] should_fail.cold+0x5/0x14 [ 252.546731][T11407] __alloc_pages_nodemask+0x183/0x790 [ 252.566320][T11407] ? lock_is_held_type+0xbb/0xf0 [ 252.569414][T11407] ? __alloc_pages_slowpath.constprop.0+0x28c0/0x28c0 [ 252.579160][T11407] ? ____cache_alloc_node+0x157/0x1d0 [ 252.581916][T11407] ? lock_downgrade+0x830/0x830 [ 252.581916][T11407] ? do_raw_spin_lock+0x120/0x2b0 [ 252.581916][T11407] ? tomoyo_realpath_from_path+0xc3/0x620 [ 252.581916][T11407] cache_grow_begin+0x71/0x4a0 [ 252.581916][T11407] ? tomoyo_realpath_from_path+0xc3/0x620 [ 252.581916][T11407] ____cache_alloc_node+0x171/0x1d0 [ 252.581916][T11407] ? tomoyo_realpath_from_path+0xc3/0x620 [ 252.581916][T11407] __kmalloc+0x272/0x360 [ 252.581916][T11407] tomoyo_realpath_from_path+0xc3/0x620 [ 252.581916][T11407] ? tomoyo_profile+0x42/0x50 [ 252.581916][T11407] tomoyo_path_number_perm+0x1d5/0x590 [ 252.581916][T11407] ? tomoyo_path_number_perm+0x18d/0x590 [ 252.581916][T11407] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 252.581916][T11407] ? find_held_lock+0x2d/0x110 [ 252.581916][T11407] ? ksys_write+0x212/0x250 [ 252.581916][T11407] ? __mutex_unlock_slowpath+0xe2/0x610 [ 252.581916][T11407] ? __fget_files+0x294/0x400 [ 252.581916][T11407] security_file_ioctl+0x50/0xb0 [ 252.581916][T11407] __do_compat_sys_ioctl+0x50/0x230 [ 252.581916][T11407] __do_fast_syscall_32+0x60/0x90 [ 252.746714][T11407] do_fast_syscall_32+0x2f/0x70 [ 252.758507][T11407] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 252.769256][T11407] RIP: 0023:0xf7f2f549 [ 252.780557][T11407] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 252.812196][T11407] RSP: 002b:00000000f55290bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 252.823991][T11407] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601 [ 252.837396][T11407] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 252.846735][T11407] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 252.856697][T11407] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 252.869285][T11407] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 15:52:08 executing program 2 (fault-call:1 fault-nth:3): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)) 15:52:08 executing program 0: 15:52:08 executing program 1: 15:52:08 executing program 3: 15:52:08 executing program 3: 15:52:08 executing program 0: 15:52:08 executing program 1: [ 253.094706][T11428] FAULT_INJECTION: forcing a failure. [ 253.094706][T11428] name fail_page_alloc, interval 1, probability 0, space 0, times 0 15:52:08 executing program 0: [ 253.126398][T11428] CPU: 0 PID: 11428 Comm: syz-executor.2 Not tainted 5.9.0-rc8-syzkaller #0 [ 253.131714][T11428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 253.149306][T11428] Call Trace: [ 253.156653][T11428] dump_stack+0x198/0x1fd [ 253.156653][T11428] should_fail.cold+0x5/0x14 [ 253.156653][T11428] __alloc_pages_nodemask+0x183/0x790 [ 253.156653][T11428] ? lock_is_held_type+0xbb/0xf0 [ 253.186582][T11428] ? __alloc_pages_slowpath.constprop.0+0x28c0/0x28c0 [ 253.194829][T11428] ? cache_grow_begin+0x2b3/0x4a0 [ 253.200766][T11428] ? check_preemption_disabled+0x50/0x130 [ 253.213009][T11428] cache_grow_begin+0x71/0x4a0 [ 253.219080][T11428] fallback_alloc+0x1fb/0x2e0 [ 253.226597][T11428] ? tomoyo_realpath_from_path+0xc3/0x620 [ 253.234952][T11428] __kmalloc+0x272/0x360 [ 253.240840][T11428] tomoyo_realpath_from_path+0xc3/0x620 [ 253.247928][T11428] ? tomoyo_profile+0x42/0x50 [ 253.253839][T11428] tomoyo_path_number_perm+0x1d5/0x590 [ 253.260896][T11428] ? tomoyo_path_number_perm+0x18d/0x590 [ 253.270393][T11428] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 253.277462][T11428] ? find_held_lock+0x2d/0x110 [ 253.284664][T11428] ? ksys_write+0x212/0x250 [ 253.293055][T11428] ? __mutex_unlock_slowpath+0xe2/0x610 [ 253.300244][T11428] ? __fget_files+0x294/0x400 [ 253.309987][T11428] security_file_ioctl+0x50/0xb0 [ 253.325931][T11428] __do_compat_sys_ioctl+0x50/0x230 [ 253.340797][T11428] __do_fast_syscall_32+0x60/0x90 [ 253.361109][T11428] do_fast_syscall_32+0x2f/0x70 [ 253.382857][T11428] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 253.400656][T11428] RIP: 0023:0xf7f2f549 [ 253.413884][T11428] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 253.490455][T11428] RSP: 002b:00000000f55290bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 253.514840][T11428] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601 [ 253.546283][T11428] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 253.586410][T11428] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 253.610168][T11428] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 253.633366][T11428] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 253.670737][T11428] ERROR: Out of memory at tomoyo_realpath_from_path. 15:52:09 executing program 2 (fault-call:1 fault-nth:4): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)) 15:52:09 executing program 3: 15:52:09 executing program 1: 15:52:09 executing program 0: 15:52:09 executing program 0: 15:52:09 executing program 3: 15:52:09 executing program 1: 15:52:09 executing program 0: [ 253.828395][T11446] FAULT_INJECTION: forcing a failure. [ 253.828395][T11446] name failslab, interval 1, probability 0, space 0, times 0 [ 253.853243][T11446] CPU: 3 PID: 11446 Comm: syz-executor.2 Not tainted 5.9.0-rc8-syzkaller #0 [ 253.889399][T11446] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 253.896883][T11446] Call Trace: [ 253.896883][T11446] dump_stack+0x198/0x1fd [ 253.896883][T11446] should_fail.cold+0x5/0x14 [ 253.896883][T11446] ? tomoyo_encode2.part.0+0xe9/0x3a0 [ 253.896883][T11446] should_failslab+0x5/0xf [ 253.896883][T11446] slab_pre_alloc_hook.constprop.0+0xf4/0x1f0 [ 253.896883][T11446] __kmalloc+0x6f/0x360 [ 253.896883][T11446] ? d_absolute_path+0x12e/0x180 [ 253.896883][T11446] ? __d_path+0x160/0x160 [ 253.896883][T11446] ? trace_kmalloc+0xfd/0x130 [ 253.896883][T11446] tomoyo_encode2.part.0+0xe9/0x3a0 [ 253.896883][T11446] tomoyo_encode+0x28/0x50 [ 253.896883][T11446] tomoyo_realpath_from_path+0x186/0x620 [ 253.896883][T11446] tomoyo_path_number_perm+0x1d5/0x590 [ 253.896883][T11446] ? tomoyo_path_number_perm+0x18d/0x590 [ 253.896883][T11446] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 253.896883][T11446] ? find_held_lock+0x2d/0x110 [ 253.896883][T11446] ? ksys_write+0x212/0x250 [ 253.896883][T11446] ? __mutex_unlock_slowpath+0xe2/0x610 [ 253.896883][T11446] ? __fget_files+0x294/0x400 [ 253.896883][T11446] security_file_ioctl+0x50/0xb0 [ 253.896883][T11446] __do_compat_sys_ioctl+0x50/0x230 [ 253.896883][T11446] __do_fast_syscall_32+0x60/0x90 [ 253.896883][T11446] do_fast_syscall_32+0x2f/0x70 [ 253.896883][T11446] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 253.896883][T11446] RIP: 0023:0xf7f2f549 [ 253.896883][T11446] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 253.896883][T11446] RSP: 002b:00000000f55290bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 253.896883][T11446] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601 [ 253.896883][T11446] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 253.896883][T11446] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 253.896883][T11446] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 253.896883][T11446] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 254.305157][T11446] ERROR: Out of memory at tomoyo_realpath_from_path. 15:52:09 executing program 2 (fault-call:1 fault-nth:5): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)) 15:52:09 executing program 1: 15:52:09 executing program 3: 15:52:09 executing program 0: 15:52:09 executing program 1: 15:52:09 executing program 0: 15:52:09 executing program 3: [ 254.381584][T11455] FAULT_INJECTION: forcing a failure. [ 254.381584][T11455] name failslab, interval 1, probability 0, space 0, times 0 [ 254.382078][T11455] CPU: 2 PID: 11455 Comm: syz-executor.2 Not tainted 5.9.0-rc8-syzkaller #0 15:52:09 executing program 3: [ 254.382086][T11455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 254.382089][T11455] Call Trace: [ 254.382110][T11455] dump_stack+0x198/0x1fd [ 254.382126][T11455] should_fail.cold+0x5/0x14 [ 254.382141][T11455] should_failslab+0x5/0xf [ 254.382152][T11455] slab_pre_alloc_hook.constprop.0+0xf4/0x1f0 [ 254.382166][T11455] kmem_cache_alloc_trace+0x49/0x300 [ 254.382382][T11455] drm_atomic_state_alloc+0xae/0x110 [ 254.382424][T11455] drm_client_modeset_commit_atomic+0xbf/0x7c0 [ 254.382441][T11455] ? __mutex_lock+0x626/0x10e0 [ 254.382453][T11455] ? drm_connector_pick_cmdline_mode+0x650/0x650 [ 254.382464][T11455] ? mutex_lock_io_nested+0xf60/0xf60 [ 254.382555][T11455] ? is_bpf_text_address+0xcb/0x160 [ 254.382569][T11455] drm_client_modeset_commit_locked+0x145/0x580 [ 254.382581][T11455] drm_client_modeset_commit+0x4d/0x80 [ 254.382623][T11455] drm_fb_helper_set_par+0x249/0x2c0 [ 254.382632][T11455] ? drm_fb_helper_blank+0x250/0x250 [ 254.382686][T11455] fb_set_var+0x4ba/0xce0 [ 254.382696][T11455] ? fb_blank+0x190/0x190 [ 254.382708][T11455] ? lock_release+0x8f0/0x8f0 [ 254.382723][T11455] ? lock_is_held_type+0xbb/0xf0 [ 254.382732][T11455] ? lockdep_hardirqs_on_prepare+0x530/0x530 [ 254.382747][T11455] ? __mutex_lock+0x626/0x10e0 [ 254.382757][T11455] ? do_fb_ioctl+0x2ee/0x690 [ 254.382779][T11455] ? _raw_spin_unlock_irqrestore+0x6f/0x90 [ 254.382788][T11455] ? lockdep_hardirqs_on_prepare+0x354/0x530 [ 254.382797][T11455] ? _raw_spin_unlock_irqrestore+0x6f/0x90 [ 254.382810][T11455] do_fb_ioctl+0x2f9/0x690 [ 254.382819][T11455] ? fb_set_suspend+0x1a0/0x1a0 [ 254.382828][T11455] ? lock_downgrade+0x830/0x830 [ 254.382836][T11455] ? kfree+0x221/0x2b0 [ 254.382846][T11455] ? check_preemption_disabled+0x50/0x130 [ 254.382853][T11455] ? kfree+0x221/0x2b0 [ 254.382926][T11455] ? tomoyo_path_number_perm+0x441/0x590 [ 254.382937][T11455] ? lockdep_hardirqs_on+0x53/0x100 [ 254.382952][T11455] ? tomoyo_path_number_perm+0x24e/0x590 [ 254.382964][T11455] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 254.383046][T11455] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 254.383059][T11455] ? do_vfs_ioctl+0x27d/0x1090 [ 254.383070][T11455] ? generic_block_fiemap+0x60/0x60 [ 254.383082][T11455] fb_compat_ioctl+0x17c/0xc30 [ 254.383091][T11455] ? fb_open+0x430/0x430 [ 254.383105][T11455] ? __fget_files+0x294/0x400 [ 254.383139][T11455] ? bpf_lsm_file_ioctl+0x5/0x10 [ 254.383147][T11455] ? fb_open+0x430/0x430 [ 254.383159][T11455] __do_compat_sys_ioctl+0x1d3/0x230 [ 254.383172][T11455] __do_fast_syscall_32+0x60/0x90 [ 254.383183][T11455] do_fast_syscall_32+0x2f/0x70 [ 254.383195][T11455] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 254.383203][T11455] RIP: 0023:0xf7f2f549 [ 254.383213][T11455] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 254.383218][T11455] RSP: 002b:00000000f55290bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 254.383228][T11455] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601 [ 254.383234][T11455] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 254.383260][T11455] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 254.383266][T11455] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 254.383279][T11455] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 15:52:10 executing program 2 (fault-call:1 fault-nth:6): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)) 15:52:10 executing program 0: 15:52:10 executing program 1: 15:52:10 executing program 3: 15:52:10 executing program 3: 15:52:10 executing program 1: 15:52:10 executing program 0: 15:52:10 executing program 3: [ 255.186971][T11472] FAULT_INJECTION: forcing a failure. [ 255.186971][T11472] name failslab, interval 1, probability 0, space 0, times 0 [ 255.187102][T11472] CPU: 3 PID: 11472 Comm: syz-executor.2 Not tainted 5.9.0-rc8-syzkaller #0 [ 255.187108][T11472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 255.187112][T11472] Call Trace: [ 255.187132][T11472] dump_stack+0x198/0x1fd [ 255.187147][T11472] should_fail.cold+0x5/0x14 [ 255.187162][T11472] should_failslab+0x5/0xf [ 255.187176][T11472] slab_pre_alloc_hook.constprop.0+0xf4/0x1f0 [ 255.187188][T11472] kmem_cache_alloc_trace+0x49/0x300 [ 255.187202][T11472] ? ww_mutex_lock+0x3d/0x170 [ 255.187244][T11472] drm_atomic_helper_crtc_duplicate_state+0x6b/0xc0 [ 255.187257][T11472] drm_atomic_get_crtc_state+0x175/0x400 [ 255.187270][T11472] drm_atomic_get_plane_state+0x3d6/0x510 [ 255.187285][T11472] drm_client_modeset_commit_atomic+0x225/0x7c0 [ 255.187300][T11472] ? __mutex_lock+0x626/0x10e0 [ 255.187311][T11472] ? drm_connector_pick_cmdline_mode+0x650/0x650 [ 255.187321][T11472] ? mutex_lock_io_nested+0xf60/0xf60 [ 255.187346][T11472] ? is_bpf_text_address+0xcb/0x160 [ 255.187359][T11472] drm_client_modeset_commit_locked+0x145/0x580 [ 255.187370][T11472] drm_client_modeset_commit+0x4d/0x80 [ 255.187381][T11472] drm_fb_helper_set_par+0x249/0x2c0 [ 255.187389][T11472] ? drm_fb_helper_blank+0x250/0x250 [ 255.187398][T11472] fb_set_var+0x4ba/0xce0 [ 255.187407][T11472] ? fb_blank+0x190/0x190 [ 255.187417][T11472] ? lock_release+0x8f0/0x8f0 [ 255.187431][T11472] ? lock_is_held_type+0xbb/0xf0 [ 255.187439][T11472] ? lockdep_hardirqs_on_prepare+0x530/0x530 [ 255.187453][T11472] ? __mutex_lock+0x626/0x10e0 [ 255.187462][T11472] ? do_fb_ioctl+0x2ee/0x690 [ 255.187498][T11472] ? _raw_spin_unlock_irqrestore+0x6f/0x90 [ 255.187507][T11472] ? lockdep_hardirqs_on_prepare+0x354/0x530 [ 255.187533][T11472] ? _raw_spin_unlock_irqrestore+0x6f/0x90 [ 255.187547][T11472] do_fb_ioctl+0x2f9/0x690 [ 255.187557][T11472] ? fb_set_suspend+0x1a0/0x1a0 [ 255.187566][T11472] ? lock_downgrade+0x830/0x830 [ 255.187574][T11472] ? kfree+0x221/0x2b0 [ 255.187585][T11472] ? check_preemption_disabled+0x50/0x130 [ 255.187592][T11472] ? kfree+0x221/0x2b0 [ 255.187606][T11472] ? tomoyo_path_number_perm+0x441/0x590 [ 255.187615][T11472] ? lockdep_hardirqs_on+0x53/0x100 [ 255.187629][T11472] ? tomoyo_path_number_perm+0x24e/0x590 [ 255.187642][T11472] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 255.187669][T11472] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 255.187681][T11472] ? do_vfs_ioctl+0x27d/0x1090 [ 255.187691][T11472] ? generic_block_fiemap+0x60/0x60 [ 255.187703][T11472] fb_compat_ioctl+0x17c/0xc30 [ 255.187712][T11472] ? fb_open+0x430/0x430 [ 255.187726][T11472] ? __fget_files+0x294/0x400 [ 255.187740][T11472] ? bpf_lsm_file_ioctl+0x5/0x10 [ 255.187747][T11472] ? fb_open+0x430/0x430 [ 255.187759][T11472] __do_compat_sys_ioctl+0x1d3/0x230 [ 255.187771][T11472] __do_fast_syscall_32+0x60/0x90 [ 255.187786][T11472] do_fast_syscall_32+0x2f/0x70 [ 255.187799][T11472] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 255.187807][T11472] RIP: 0023:0xf7f2f549 [ 255.187827][T11472] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 255.187833][T11472] RSP: 002b:00000000f55290bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 255.187843][T11472] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601 [ 255.187849][T11472] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 255.187854][T11472] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 255.187860][T11472] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 255.187866][T11472] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 15:52:11 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)) 15:52:11 executing program 1: 15:52:11 executing program 0: 15:52:11 executing program 3: 15:52:11 executing program 0: 15:52:11 executing program 3: 15:52:11 executing program 1: 15:52:11 executing program 0: 15:52:11 executing program 1: 15:52:11 executing program 3: 15:52:11 executing program 0: 15:52:11 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x2, &(0x7f0000000080)) 15:52:11 executing program 1: 15:52:11 executing program 0: 15:52:11 executing program 3: 15:52:11 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x10, &(0x7f0000000080)) 15:52:11 executing program 1: 15:52:11 executing program 0: 15:52:11 executing program 3: 15:52:11 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4600, &(0x7f0000000080)) 15:52:11 executing program 1: 15:52:12 executing program 3: 15:52:12 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4602, &(0x7f0000000080)) 15:52:12 executing program 0: 15:52:12 executing program 1: 15:52:12 executing program 3: 15:52:12 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4603, &(0x7f0000000080)) 15:52:12 executing program 1: 15:52:12 executing program 0: 15:52:12 executing program 3: 15:52:12 executing program 0: 15:52:12 executing program 3: 15:52:12 executing program 1: 15:52:12 executing program 3: 15:52:12 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4604, &(0x7f0000000080)) 15:52:12 executing program 0: 15:52:12 executing program 3: 15:52:12 executing program 1: 15:52:12 executing program 0: 15:52:12 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4605, &(0x7f0000000080)) 15:52:12 executing program 0: 15:52:12 executing program 1: 15:52:12 executing program 3: 15:52:12 executing program 1: 15:52:12 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4606, &(0x7f0000000080)) 15:52:12 executing program 0: 15:52:12 executing program 3: 15:52:12 executing program 1: 15:52:12 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4608, &(0x7f0000000080)) 15:52:12 executing program 0: 15:52:12 executing program 3: 15:52:12 executing program 1: 15:52:12 executing program 0: 15:52:12 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x460f, &(0x7f0000000080)) 15:52:12 executing program 1: 15:52:12 executing program 0: 15:52:12 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4610, &(0x7f0000000080)) 15:52:12 executing program 3: 15:52:12 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4611, &(0x7f0000000080)) 15:52:12 executing program 0: 15:52:12 executing program 1: 15:52:12 executing program 3: 15:52:12 executing program 0: 15:52:12 executing program 1: 15:52:12 executing program 3: 15:52:12 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4c01, &(0x7f0000000080)) 15:52:12 executing program 0: 15:52:12 executing program 1: 15:52:12 executing program 3: 15:52:12 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x541b, &(0x7f0000000080)) 15:52:12 executing program 0: 15:52:12 executing program 1: 15:52:12 executing program 3: 15:52:12 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x5421, &(0x7f0000000080)) 15:52:12 executing program 0: 15:52:12 executing program 3: 15:52:12 executing program 1: 15:52:12 executing program 0: 15:52:12 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x5450, &(0x7f0000000080)) 15:52:12 executing program 3: 15:52:12 executing program 1: 15:52:13 executing program 0: 15:52:13 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x5451, &(0x7f0000000080)) 15:52:13 executing program 1: 15:52:13 executing program 3: 15:52:13 executing program 1: 15:52:13 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x5452, &(0x7f0000000080)) 15:52:13 executing program 3: 15:52:13 executing program 0: 15:52:13 executing program 0: 15:52:13 executing program 3: 15:52:13 executing program 1: 15:52:13 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x5460, &(0x7f0000000080)) 15:52:13 executing program 3: 15:52:13 executing program 0: 15:52:13 executing program 0: 15:52:13 executing program 1: 15:52:13 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x6364, &(0x7f0000000080)) 15:52:13 executing program 3: 15:52:13 executing program 0: 15:52:13 executing program 1: 15:52:13 executing program 3: 15:52:13 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x8913, &(0x7f0000000080)) 15:52:13 executing program 1: 15:52:13 executing program 0: 15:52:13 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x8914, &(0x7f0000000080)) 15:52:13 executing program 3: 15:52:13 executing program 0: 15:52:13 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x8933, &(0x7f0000000080)) 15:52:13 executing program 1: 15:52:13 executing program 3: 15:52:13 executing program 0: 15:52:13 executing program 1: 15:52:13 executing program 3: 15:52:13 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x89f1, &(0x7f0000000080)) 15:52:13 executing program 0: 15:52:13 executing program 1: 15:52:13 executing program 3: 15:52:13 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x400448c9, &(0x7f0000000080)) 15:52:13 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x400448dd, &(0x7f0000000080)) 15:52:13 executing program 0: 15:52:13 executing program 1: 15:52:13 executing program 3: 15:52:13 executing program 0: 15:52:13 executing program 1: 15:52:13 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x400454ca, &(0x7f0000000080)) 15:52:13 executing program 3: 15:52:13 executing program 0: 15:52:13 executing program 1: 15:52:13 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x40049409, &(0x7f0000000080)) 15:52:14 executing program 3: 15:52:14 executing program 1: 15:52:14 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x40186366, &(0x7f0000000080)) 15:52:14 executing program 0: 15:52:14 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4020940d, &(0x7f0000000080)) 15:52:14 executing program 1: 15:52:14 executing program 3: 15:52:14 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x402c5828, &(0x7f0000000080)) 15:52:14 executing program 0: 15:52:14 executing program 1: 15:52:14 executing program 3: 15:52:14 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x402c5829, &(0x7f0000000080)) 15:52:14 executing program 1: 15:52:14 executing program 0: 15:52:14 executing program 3: 15:52:14 executing program 0: 15:52:14 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x402c582a, &(0x7f0000000080)) 15:52:14 executing program 1: 15:52:14 executing program 3: 15:52:14 executing program 3: 15:52:14 executing program 1: 15:52:14 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x402c582b, &(0x7f0000000080)) 15:52:14 executing program 0: 15:52:14 executing program 3: 15:52:14 executing program 1: 15:52:14 executing program 0: 15:52:14 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x402c5839, &(0x7f0000000080)) 15:52:14 executing program 3: 15:52:14 executing program 1: 15:52:14 executing program 0: 15:52:14 executing program 0: 15:52:14 executing program 3: 15:52:14 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x80086301, &(0x7f0000000080)) 15:52:14 executing program 1: 15:52:14 executing program 3: 15:52:14 executing program 1: 15:52:14 executing program 0: 15:52:14 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0xc0045878, &(0x7f0000000080)) 15:52:14 executing program 3: 15:52:14 executing program 1: 15:52:14 executing program 0: 15:52:14 executing program 3: 15:52:14 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0xc0045878, &(0x7f0000000080)) 15:52:14 executing program 1: 15:52:14 executing program 0: 15:52:14 executing program 3: 15:52:14 executing program 1: 15:52:14 executing program 0: 15:52:14 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0xc0189436, &(0x7f0000000080)) 15:52:14 executing program 3: 15:52:14 executing program 1: 15:52:14 executing program 0: 15:52:14 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0xc020660b, &(0x7f0000000080)) 15:52:14 executing program 1: 15:52:14 executing program 3: 15:52:14 executing program 1: 15:52:14 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0xc0684608, &(0x7f0000000080)) 15:52:14 executing program 0: 15:52:14 executing program 1: 15:52:14 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)) 15:52:14 executing program 3: 15:52:14 executing program 0: 15:52:15 executing program 1: 15:52:15 executing program 3: 15:52:15 executing program 0: 15:52:15 executing program 1: 15:52:15 executing program 3: 15:52:15 executing program 0: 15:52:15 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x2}) 15:52:15 executing program 3: 15:52:15 executing program 1: 15:52:15 executing program 0: 15:52:15 executing program 3: 15:52:15 executing program 1: 15:52:15 executing program 0: 15:52:16 executing program 3: 15:52:16 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x3}) 15:52:16 executing program 1: 15:52:16 executing program 0: 15:52:16 executing program 3: 15:52:16 executing program 1: 15:52:16 executing program 0: 15:52:16 executing program 3: 15:52:16 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x4}) 15:52:16 executing program 0: 15:52:16 executing program 1: 15:52:16 executing program 0: 15:52:16 executing program 3: 15:52:16 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x5}) 15:52:16 executing program 1: 15:52:16 executing program 0: 15:52:16 executing program 3: 15:52:16 executing program 1: 15:52:16 executing program 0: 15:52:16 executing program 3: 15:52:16 executing program 1: 15:52:16 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x6}) 15:52:16 executing program 3: 15:52:16 executing program 0: 15:52:16 executing program 1: 15:52:16 executing program 3: 15:52:16 executing program 0: 15:52:16 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x7}) 15:52:16 executing program 1: 15:52:16 executing program 3: 15:52:16 executing program 1: 15:52:16 executing program 0: 15:52:16 executing program 3: 15:52:16 executing program 1: 15:52:16 executing program 3: 15:52:16 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x8}) 15:52:16 executing program 0: 15:52:16 executing program 3: 15:52:16 executing program 1: 15:52:16 executing program 0: 15:52:16 executing program 0: 15:52:16 executing program 1: 15:52:16 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x10}) 15:52:16 executing program 0: 15:52:16 executing program 1: 15:52:16 executing program 3: 15:52:16 executing program 0: 15:52:16 executing program 1: 15:52:16 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x104}) 15:52:16 executing program 3: 15:52:16 executing program 0: 15:52:16 executing program 3: 15:52:16 executing program 1: 15:52:16 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x300}) 15:52:17 executing program 0: 15:52:17 executing program 3: 15:52:17 executing program 1: 15:52:17 executing program 3: 15:52:17 executing program 0: 15:52:17 executing program 0: 15:52:17 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x310}) 15:52:17 executing program 1: 15:52:17 executing program 3: 15:52:17 executing program 1: 15:52:17 executing program 0: 15:52:17 executing program 1: 15:52:17 executing program 3: 15:52:17 executing program 0: 15:52:17 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x500}) 15:52:17 executing program 1: 15:52:17 executing program 0: 15:52:17 executing program 3: 15:52:17 executing program 0: 15:52:17 executing program 1: 15:52:17 executing program 3: 15:52:17 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x600}) 15:52:17 executing program 0: 15:52:17 executing program 1: 15:52:17 executing program 3: 15:52:17 executing program 0: 15:52:17 executing program 1: 15:52:17 executing program 3: 15:52:17 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x700}) 15:52:17 executing program 0: 15:52:17 executing program 3: 15:52:17 executing program 1: 15:52:17 executing program 0: 15:52:17 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x1003}) 15:52:17 executing program 3: 15:52:17 executing program 0: 15:52:17 executing program 1: 15:52:17 executing program 3: 15:52:17 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x2000}) 15:52:17 executing program 0: 15:52:17 executing program 3: 15:52:17 executing program 0: 15:52:17 executing program 1: 15:52:17 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x4000}) 15:52:17 executing program 3: 15:52:17 executing program 0: 15:52:17 executing program 1: 15:52:17 executing program 0: 15:52:17 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0xff7f}) 15:52:17 executing program 1: 15:52:17 executing program 3: 15:52:17 executing program 0: 15:52:17 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x30000}) 15:52:17 executing program 1: 15:52:17 executing program 3: 15:52:17 executing program 0: 15:52:17 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x40000}) 15:52:17 executing program 0: 15:52:17 executing program 1: 15:52:17 executing program 3: 15:52:17 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x400000}) 15:52:17 executing program 0: 15:52:17 executing program 1: 15:52:17 executing program 3: 15:52:18 executing program 0: 15:52:18 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x1000000}) 15:52:18 executing program 1: 15:52:18 executing program 0: 15:52:18 executing program 3: 15:52:18 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x1040000}) 15:52:18 executing program 0: 15:52:18 executing program 3: 15:52:18 executing program 1: 15:52:18 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x2000000}) 15:52:18 executing program 3: 15:52:18 executing program 1: 15:52:18 executing program 0: 15:52:18 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x3000000}) 15:52:18 executing program 1: 15:52:18 executing program 3: 15:52:18 executing program 0: 15:52:18 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x4000000}) 15:52:18 executing program 3: 15:52:18 executing program 0: 15:52:18 executing program 1: 15:52:18 executing program 0: 15:52:18 executing program 1: 15:52:18 executing program 3: 15:52:18 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x5000000}) 15:52:18 executing program 0: 15:52:18 executing program 3: 15:52:18 executing program 1: 15:52:18 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x6000000}) 15:52:18 executing program 0: 15:52:18 executing program 1: 15:52:18 executing program 3: 15:52:18 executing program 0: 15:52:18 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x7000000}) 15:52:18 executing program 1: 15:52:18 executing program 3: 15:52:18 executing program 0: 15:52:18 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x8000000}) 15:52:18 executing program 1: 15:52:18 executing program 0: 15:52:18 executing program 3: 15:52:18 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x10000000}) 15:52:19 executing program 1: 15:52:19 executing program 3: 15:52:19 executing program 0: 15:52:19 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x10030000}) 15:52:19 executing program 1: 15:52:19 executing program 3: 15:52:19 executing program 0: 15:52:19 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x20000000}) 15:52:19 executing program 1: 15:52:19 executing program 3: 15:52:19 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x7ffffbff}) 15:52:19 executing program 0: 15:52:19 executing program 3: 15:52:19 executing program 1: 15:52:19 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x7ffffcff}) 15:52:19 executing program 3: 15:52:19 executing program 0: 15:52:19 executing program 1: 15:52:19 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0xddffffff}) 15:52:19 executing program 3: 15:52:19 executing program 0: 15:52:19 executing program 1: 15:52:19 executing program 3: 15:52:19 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0xfcffffff}) 15:52:19 executing program 1: 15:52:19 executing program 0: 15:52:19 executing program 1: 15:52:19 executing program 0: 15:52:19 executing program 3: 15:52:19 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0xff7f0000}) 15:52:19 executing program 3: syz_usb_connect$uac1(0x5, 0x83, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x71, 0x3, 0x1, 0x3, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x0, 0x3f}, [@output_terminal={0x9, 0x24, 0x3, 0x0, 0x0, 0x2, 0x2}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x9, 0x24, 0x2, 0x1, 0x2, 0x0, 0x0, 0x0, 'h'}]}, {{0x9, 0x5, 0x1, 0x9, 0x200, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0x0, 0x0, 0x0, {0x7, 0x25, 0x1, 0x0, 0x5}}}}}}}]}}, 0x0) 15:52:19 executing program 1: setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0xfffffd28) 15:52:19 executing program 0: 15:52:19 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0xfffbff7f}) 15:52:19 executing program 0: 15:52:19 executing program 1: 15:52:19 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0xfffcff7f}) 15:52:19 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffffff, 0x4}, 0x40) [ 264.469236][ T8508] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 264.747316][ T8508] usb 8-1: Using ep0 maxpacket: 8 [ 264.897753][ T8508] usb 8-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 264.918869][ T8508] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 264.953154][ T8508] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 265.160008][ T8508] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 265.173633][ T8508] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 265.189931][ T8508] usb 8-1: Product: syz [ 265.198456][ T8508] usb 8-1: Manufacturer: syz [ 265.209281][ T8508] usb 8-1: SerialNumber: syz [ 265.629642][ T8508] usb 8-1: 0:2 : does not exist [ 265.664176][ T8508] usb 8-1: USB disconnect, device number 10 [ 266.286958][ T2991] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 266.546640][ T2991] usb 8-1: Using ep0 maxpacket: 8 [ 266.666883][ T2991] usb 8-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 266.677831][ T2991] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 266.691118][ T2991] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 266.858039][ T2991] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 266.874318][ T2991] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 266.890467][ T2991] usb 8-1: Product: syz [ 266.898438][ T2991] usb 8-1: Manufacturer: syz [ 266.909929][ T2991] usb 8-1: SerialNumber: syz 15:52:22 executing program 0: r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x0, 0x0) ioctl$VFIO_IOMMU_UNMAP_DMA(r0, 0x3b72, 0x0) 15:52:22 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0xffffffdd}) 15:52:22 executing program 1: syz_mount_image$bfs(&(0x7f0000000140)='bfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x80480, &(0x7f00000003c0)) 15:52:22 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_buf(r0, 0x6, 0x0, 0x0, &(0x7f0000000140)) 15:52:22 executing program 3: bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000040)={0xfffffff7}, 0x8) 15:52:22 executing program 1: r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f00000048c0)={0x0, 0x0, &(0x7f0000004880)={0x0}}, 0x0) 15:52:22 executing program 0: openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000300)='/proc/capi/capi20ncci\x00', 0x101006, 0x0) [ 267.291165][ T2991] usb 8-1: 0:2 : does not exist 15:52:22 executing program 3: syz_usb_connect$uac1(0x0, 0x76, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x64, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@mixer_unit={0x5}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0) 15:52:22 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0xfffffffc}) 15:52:22 executing program 1: openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x0, 0x0) [ 267.356322][ T2991] usb 8-1: USB disconnect, device number 11 15:52:22 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)) 15:52:22 executing program 0: syz_genetlink_get_family_id$net_dm(&(0x7f0000000580)='NET_DM\x00') 15:52:22 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r0, &(0x7f0000002e80)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private2}, 0x1c, 0x0, 0x0, &(0x7f0000000600)=[@flowinfo={{0x14}}, @hopopts_2292={{0x18}}], 0x30}}], 0x1, 0x4080) 15:52:23 executing program 1: shmctl$SHM_STAT_ANY(0x0, 0xf, 0x0) syz_genetlink_get_family_id$devlink(&(0x7f0000000080)='devlink\x00') 15:52:23 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x0, 0x2}) [ 267.602801][T12348] ================================================================== [ 267.605849][T12348] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x117f/0x1290 [ 267.606107][T12348] Write of size 4 at addr ffffc90009bd1000 by task syz-executor.2/12348 [ 267.606109][T12348] [ 267.606896][T12348] CPU: 0 PID: 12348 Comm: syz-executor.2 Not tainted 5.9.0-rc8-syzkaller #0 [ 267.606975][T12348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 267.607053][T12348] Call Trace: [ 267.607258][T12348] dump_stack+0x198/0x1fd [ 267.607258][T12348] ? sys_imageblit+0x117f/0x1290 [ 267.607258][T12348] ? sys_imageblit+0x117f/0x1290 [ 267.607258][T12348] print_address_description.constprop.0.cold+0x5/0x497 [ 267.607258][T12348] ? sys_imageblit+0x117f/0x1290 [ 267.607258][T12348] ? lockdep_hardirqs_off+0x96/0xd0 [ 267.607258][T12348] ? vprintk_func+0x95/0x1d4 [ 267.607258][T12348] ? sys_imageblit+0x117f/0x1290 [ 267.607258][T12348] ? sys_imageblit+0x117f/0x1290 [ 267.607258][T12348] kasan_report.cold+0x1f/0x37 [ 267.607258][T12348] ? sys_imageblit+0x117f/0x1290 [ 267.607258][T12348] sys_imageblit+0x117f/0x1290 [ 267.607258][T12348] drm_fb_helper_sys_imageblit+0x1c/0x180 [ 267.607258][T12348] bit_putcs+0x6e1/0xd20 [ 267.607258][T12348] ? bit_cursor+0x1720/0x1720 [ 267.607258][T12348] ? wait_for_completion+0x260/0x260 [ 267.607258][T12348] ? fb_get_color_depth+0xa1/0x240 [ 267.607258][T12348] ? fb_get_color_depth+0x11a/0x240 [ 267.607258][T12348] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 267.607258][T12348] ? bit_cursor+0x1720/0x1720 [ 267.607258][T12348] fbcon_putcs+0x35a/0x450 [ 267.607258][T12348] do_update_region+0x399/0x630 [ 267.607258][T12348] ? con_get_trans_old+0x2a0/0x2a0 [ 267.607258][T12348] ? fb_get_color_depth+0x11a/0x240 [ 267.607258][T12348] ? fbcon_set_palette+0x422/0x620 [ 267.607258][T12348] ? var_to_display+0x7f0/0x7f0 [ 267.607258][T12348] redraw_screen+0x658/0x790 [ 267.607258][T12348] ? vc_init+0x5a0/0x5a0 [ 267.607258][T12348] ? fbcon_set_palette+0x422/0x620 [ 267.607258][T12348] fbcon_modechanged+0x593/0x6d0 [ 267.607258][T12348] fbcon_update_vcs+0x3a/0x50 [ 267.607258][T12348] do_fb_ioctl+0x62e/0x690 [ 267.607258][T12348] ? fb_set_suspend+0x1a0/0x1a0 [ 267.607258][T12348] ? lock_downgrade+0x830/0x830 [ 267.607258][T12348] ? kfree+0x221/0x2b0 [ 267.607258][T12348] ? check_preemption_disabled+0x50/0x130 [ 267.607258][T12348] ? kfree+0x221/0x2b0 [ 267.607258][T12348] ? tomoyo_path_number_perm+0x441/0x590 [ 267.607258][T12348] ? lockdep_hardirqs_on+0x53/0x100 [ 267.607258][T12348] ? tomoyo_path_number_perm+0x24e/0x590 [ 267.607258][T12348] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 267.607258][T12348] ? lock_is_held_type+0xbb/0xf0 [ 267.607258][T12348] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 267.607258][T12348] ? do_vfs_ioctl+0x27d/0x1090 [ 267.607258][T12348] ? generic_block_fiemap+0x60/0x60 [ 267.607258][T12348] fb_compat_ioctl+0x17c/0xc30 [ 267.607258][T12348] ? fb_open+0x430/0x430 [ 267.607258][T12348] ? __fget_files+0x294/0x400 [ 267.607258][T12348] ? bpf_lsm_file_ioctl+0x5/0x10 [ 267.607258][T12348] ? fb_open+0x430/0x430 [ 267.607258][T12348] __do_compat_sys_ioctl+0x1d3/0x230 [ 267.607258][T12348] __do_fast_syscall_32+0x60/0x90 [ 267.607258][T12348] do_fast_syscall_32+0x2f/0x70 [ 267.607258][T12348] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 267.609719][T12348] RIP: 0023:0xf7f2f549 [ 267.610352][T12348] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 267.610352][T12348] RSP: 002b:00000000f55290bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 267.610352][T12348] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601 [ 267.610352][T12348] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 267.610352][T12348] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 267.610352][T12348] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 267.610352][T12348] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 267.610352][T12348] [ 267.610352][T12348] [ 267.610352][T12348] Memory state around the buggy address: [ 267.610352][T12348] ffffc90009bd0f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 267.610352][T12348] ffffc90009bd0f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 267.610352][T12348] >ffffc90009bd1000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 267.610352][T12348] ^ [ 267.610352][T12348] ffffc90009bd1080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 267.610352][T12348] ffffc90009bd1100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 267.610352][T12348] ================================================================== [ 267.610352][T12348] Disabling lock debugging due to kernel taint [ 267.616067][T12348] Kernel panic - not syncing: panic_on_warn set ... [ 267.616176][T12348] CPU: 0 PID: 12348 Comm: syz-executor.2 Tainted: G B 5.9.0-rc8-syzkaller #0 [ 267.616181][T12348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 267.616232][T12348] Call Trace: [ 267.616432][T12348] dump_stack+0x198/0x1fd [ 267.616443][T12348] ? sys_imageblit+0x10a0/0x1290 [ 267.616730][T12348] panic+0x382/0x7fb [ 267.616763][T12348] ? __warn_printk+0xf3/0xf3 [ 267.616773][T12348] ? preempt_schedule_common+0x59/0xc0 [ 267.616779][T12348] ? sys_imageblit+0x117f/0x1290 [ 267.616941][T12348] ? preempt_schedule_thunk+0x16/0x18 [ 267.616976][T12348] ? trace_hardirqs_on+0x55/0x220 [ 267.616983][T12348] ? sys_imageblit+0x117f/0x1290 [ 267.616989][T12348] ? sys_imageblit+0x117f/0x1290 [ 267.617034][T12348] end_report+0x4d/0x53 [ 267.617041][T12348] kasan_report.cold+0xd/0x37 [ 267.617048][T12348] ? sys_imageblit+0x117f/0x1290 [ 267.617055][T12348] sys_imageblit+0x117f/0x1290 [ 267.617067][T12348] drm_fb_helper_sys_imageblit+0x1c/0x180 [ 267.617076][T12348] bit_putcs+0x6e1/0xd20 [ 267.617087][T12348] ? bit_cursor+0x1720/0x1720 [ 267.617095][T12348] ? wait_for_completion+0x260/0x260 [ 267.617102][T12348] ? fb_get_color_depth+0xa1/0x240 [ 267.617109][T12348] ? fb_get_color_depth+0x11a/0x240 [ 267.617117][T12348] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 267.617125][T12348] ? bit_cursor+0x1720/0x1720 [ 267.617132][T12348] fbcon_putcs+0x35a/0x450 [ 267.617142][T12348] do_update_region+0x399/0x630 [ 267.617151][T12348] ? con_get_trans_old+0x2a0/0x2a0 [ 267.617158][T12348] ? fb_get_color_depth+0x11a/0x240 [ 267.617166][T12348] ? fbcon_set_palette+0x422/0x620 [ 267.617173][T12348] ? var_to_display+0x7f0/0x7f0 [ 267.617181][T12348] redraw_screen+0x658/0x790 [ 267.617188][T12348] ? vc_init+0x5a0/0x5a0 [ 267.617195][T12348] ? fbcon_set_palette+0x422/0x620 [ 267.617204][T12348] fbcon_modechanged+0x593/0x6d0 [ 267.617212][T12348] fbcon_update_vcs+0x3a/0x50 [ 267.617219][T12348] do_fb_ioctl+0x62e/0x690 [ 267.617225][T12348] ? fb_set_suspend+0x1a0/0x1a0 [ 267.617233][T12348] ? lock_downgrade+0x830/0x830 [ 267.617239][T12348] ? kfree+0x221/0x2b0 [ 267.617247][T12348] ? check_preemption_disabled+0x50/0x130 [ 267.617253][T12348] ? kfree+0x221/0x2b0 [ 267.617273][T12348] ? tomoyo_path_number_perm+0x441/0x590 [ 267.617280][T12348] ? lockdep_hardirqs_on+0x53/0x100 [ 267.617289][T12348] ? tomoyo_path_number_perm+0x24e/0x590 [ 267.617297][T12348] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 267.617304][T12348] ? lock_is_held_type+0xbb/0xf0 [ 267.617314][T12348] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 267.617322][T12348] ? do_vfs_ioctl+0x27d/0x1090 [ 267.617329][T12348] ? generic_block_fiemap+0x60/0x60 [ 267.617335][T12348] fb_compat_ioctl+0x17c/0xc30 [ 267.617341][T12348] ? fb_open+0x430/0x430 [ 267.617349][T12348] ? __fget_files+0x294/0x400 [ 267.617357][T12348] ? bpf_lsm_file_ioctl+0x5/0x10 [ 267.617362][T12348] ? fb_open+0x430/0x430 [ 267.617370][T12348] __do_compat_sys_ioctl+0x1d3/0x230 [ 267.617377][T12348] __do_fast_syscall_32+0x60/0x90 [ 267.617384][T12348] do_fast_syscall_32+0x2f/0x70 [ 267.617393][T12348] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 267.617434][T12348] RIP: 0023:0xf7f2f549 [ 267.617524][T12348] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 267.617528][T12348] RSP: 002b:00000000f55290bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 267.617535][T12348] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601 [ 267.617539][T12348] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 267.617543][T12348] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 267.617547][T12348] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 267.617551][T12348] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 267.624991][T12348] Kernel Offset: disabled [ 267.624991][T12348] BUG: unable to handle page fault for address: ffffc90009bd1000 [ 267.624991][T12348] #PF: supervisor write access in kernel mode [ 267.624991][T12348] #PF: error_code(0x0002) - not-present page [ 267.624991][T12348] PGD 2c800067 P4D 2c800067 PUD 2c975067 PMD 28175067 PTE 0 [ 267.624991][T12348] Oops: 0002 [#1] PREEMPT SMP KASAN [ 267.624991][T12348] CPU: 0 PID: 12348 Comm: syz-executor.2 Tainted: G B 5.9.0-rc8-syzkaller #0 [ 267.624991][T12348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 267.624991][T12348] RIP: 0010:sys_imageblit+0x651/0x1290 [ 267.624991][T12348] Code: 89 f2 48 c1 ea 03 23 38 42 0f b6 0c 3a 4c 89 f2 8b 44 24 04 83 e2 07 83 c2 03 31 f8 38 ca 7c 08 84 c9 0f 85 24 0b 00 00 31 ff <41> 89 45 fc 44 89 e6 e8 b3 f4 89 fd 45 85 e4 75 0f e8 49 f8 89 fd [ 267.624991][T12348] RSP: 0018:ffffc90002f0ee68 EFLAGS: 00010046 [ 267.624991][T12348] RAX: 0000000000000000 RBX: ffff888075dbc620 RCX: ffffffff83ec51df [ 267.624991][T12348] RDX: 0000000000000001 RSI: 0000000000000004 RDI: 0000000000000000 [ 267.624991][T12348] RBP: 0000000000000310 R08: 0000000000000030 R09: 0000000000000000 [ 267.624991][T12348] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000007 [ 267.624991][T12348] R13: ffffc90009bd1004 R14: ffffc90009bd1000 R15: dffffc0000000000 [ 267.624991][T12348] FS: 0000000000000000(0000) GS:ffff88802ce00000(0063) knlGS:00000000f5529b40 [ 267.624991][T12348] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 267.624991][T12348] CR2: ffffc90009bd1000 CR3: 00000000512e4000 CR4: 0000000000350ef0 [ 267.624991][T12348] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 267.624991][T12348] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 267.624991][T12348] Call Trace: [ 267.624991][T12348] drm_fb_helper_sys_imageblit+0x1c/0x180 [ 267.624991][T12348] bit_putcs+0x6e1/0xd20 [ 267.624991][T12348] ? bit_cursor+0x1720/0x1720 [ 267.624991][T12348] ? fb_get_color_depth+0xa1/0x240 [ 267.624991][T12348] ? fb_get_color_depth+0x11a/0x240 [ 267.624991][T12348] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 267.624991][T12348] ? bit_cursor+0x1720/0x1720 [ 267.624991][T12348] fbcon_putcs+0x35a/0x450 [ 267.624991][T12348] do_update_region+0x399/0x630 [ 267.624991][T12348] ? con_get_trans_old+0x2a0/0x2a0 [ 267.624991][T12348] ? fb_get_color_depth+0x11a/0x240 [ 267.624991][T12348] ? fbcon_set_palette+0x422/0x620 [ 267.624991][T12348] ? var_to_display+0x7f0/0x7f0 [ 267.624991][T12348] redraw_screen+0x658/0x790 [ 267.624991][T12348] ? drm_fb_helper_setcmap+0xf40/0xf40 [ 267.624991][T12348] ? fb_blank+0x117/0x190 [ 267.624991][T12348] ? vc_init+0x5a0/0x5a0 [ 267.624991][T12348] fbcon_blank+0x8c5/0xc30 [ 267.624991][T12348] ? fbcon_init+0x1b10/0x1b10 [ 267.624991][T12348] ? lock_acquire+0x1f3/0xaf0 [ 267.624991][T12348] ? vprintk_deferred+0x60/0x60 [ 267.624991][T12348] ? lock_release+0x8f0/0x8f0 [ 267.624991][T12348] ? lock_downgrade+0x830/0x830 [ 267.624991][T12348] ? lock_downgrade+0x830/0x830 [ 267.624991][T12348] ? sys_imageblit+0x10a0/0x1290 [ 267.624991][T12348] do_unblank_screen+0x25b/0x470 [ 267.624991][T12348] panic+0x42f/0x7fb [ 267.624991][T12348] ? __warn_printk+0xf3/0xf3 [ 267.624991][T12348] ? preempt_schedule_common+0x59/0xc0 [ 267.624991][T12348] ? sys_imageblit+0x117f/0x1290 [ 267.624991][T12348] ? preempt_schedule_thunk+0x16/0x18 [ 267.624991][T12348] ? trace_hardirqs_on+0x55/0x220 [ 267.624991][T12348] ? sys_imageblit+0x117f/0x1290 [ 267.624991][T12348] ? sys_imageblit+0x117f/0x1290 [ 267.624991][T12348] end_report+0x4d/0x53 [ 267.624991][T12348] kasan_report.cold+0xd/0x37 [ 267.624991][T12348] ? sys_imageblit+0x117f/0x1290 [ 267.624991][T12348] sys_imageblit+0x117f/0x1290 [ 267.624991][T12348] drm_fb_helper_sys_imageblit+0x1c/0x180 [ 267.624991][T12348] bit_putcs+0x6e1/0xd20 [ 267.624991][T12348] ? bit_cursor+0x1720/0x1720 [ 267.624991][T12348] ? wait_for_completion+0x260/0x260 [ 267.624991][T12348] ? fb_get_color_depth+0xa1/0x240 [ 267.624991][T12348] ? fb_get_color_depth+0x11a/0x240 [ 267.624991][T12348] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 267.624991][T12348] ? bit_cursor+0x1720/0x1720 [ 267.624991][T12348] fbcon_putcs+0x35a/0x450 [ 267.624991][T12348] do_update_region+0x399/0x630 [ 267.624991][T12348] ? con_get_trans_old+0x2a0/0x2a0 [ 267.624991][T12348] ? fb_get_color_depth+0x11a/0x240 [ 267.624991][T12348] ? fbcon_set_palette+0x422/0x620 [ 267.624991][T12348] ? var_to_display+0x7f0/0x7f0 [ 267.624991][T12348] redraw_screen+0x658/0x790 [ 267.624991][T12348] ? vc_init+0x5a0/0x5a0 [ 267.624991][T12348] ? fbcon_set_palette+0x422/0x620 [ 267.624991][T12348] fbcon_modechanged+0x593/0x6d0 [ 267.624991][T12348] fbcon_update_vcs+0x3a/0x50 [ 267.624991][T12348] do_fb_ioctl+0x62e/0x690 [ 267.624991][T12348] ? fb_set_suspend+0x1a0/0x1a0 [ 267.624991][T12348] ? lock_downgrade+0x830/0x830 [ 267.624991][T12348] ? kfree+0x221/0x2b0 [ 267.624991][T12348] ? check_preemption_disabled+0x50/0x130 [ 267.624991][T12348] ? kfree+0x221/0x2b0 [ 267.624991][T12348] ? tomoyo_path_number_perm+0x441/0x590 [ 267.624991][T12348] ? lockdep_hardirqs_on+0x53/0x100 [ 267.624991][T12348] ? tomoyo_path_number_perm+0x24e/0x590 [ 267.624991][T12348] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 267.624991][T12348] ? lock_is_held_type+0xbb/0xf0 [ 267.624991][T12348] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 267.624991][T12348] ? do_vfs_ioctl+0x27d/0x1090 [ 267.624991][T12348] ? generic_block_fiemap+0x60/0x60 [ 267.624991][T12348] fb_compat_ioctl+0x17c/0xc30 [ 267.624991][T12348] ? fb_open+0x430/0x430 [ 267.624991][T12348] ? __fget_files+0x294/0x400 [ 267.624991][T12348] ? bpf_lsm_file_ioctl+0x5/0x10 [ 267.624991][T12348] ? fb_open+0x430/0x430 [ 267.624991][T12348] __do_compat_sys_ioctl+0x1d3/0x230 [ 267.624991][T12348] __do_fast_syscall_32+0x60/0x90 [ 267.624991][T12348] do_fast_syscall_32+0x2f/0x70 [ 267.624991][T12348] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 267.624991][T12348] RIP: 0023:0xf7f2f549 [ 267.624991][T12348] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 267.624991][T12348] RSP: 002b:00000000f55290bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 267.624991][T12348] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601 [ 267.624991][T12348] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 267.624991][T12348] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 267.624991][T12348] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 267.624991][T12348] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 267.624991][T12348] Modules linked in: [ 267.624991][T12348] CR2: ffffc90009bd1000 [ 267.624991][T12348] ---[ end trace 6a0d281a76dc9408 ]--- [ 267.624991][T12348] RIP: 0010:sys_imageblit+0x651/0x1290 [ 267.624991][T12348] Code: 89 f2 48 c1 ea 03 23 38 42 0f b6 0c 3a 4c 89 f2 8b 44 24 04 83 e2 07 83 c2 03 31 f8 38 ca 7c 08 84 c9 0f 85 24 0b 00 00 31 ff <41> 89 45 fc 44 89 e6 e8 b3 f4 89 fd 45 85 e4 75 0f e8 49 f8 89 fd [ 267.624991][T12348] RSP: 0018:ffffc90002f0ee68 EFLAGS: 00010046 [ 267.624991][T12348] RAX: 0000000000000000 RBX: ffff888075dbc620 RCX: ffffffff83ec51df [ 267.624991][T12348] RDX: 0000000000000001 RSI: 0000000000000004 RDI: 0000000000000000 [ 267.624991][T12348] RBP: 0000000000000310 R08: 0000000000000030 R09: 0000000000000000 [ 267.624991][T12348] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000007 [ 267.624991][T12348] R13: ffffc90009bd1004 R14: ffffc90009bd1000 R15: dffffc0000000000 [ 267.624991][T12348] FS: 0000000000000000(0000) GS:ffff88802ce00000(0063) knlGS:00000000f5529b40 [ 267.624991][T12348] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 267.624991][T12348] CR2: ffffc90009bd1000 CR3: 00000000512e4000 CR4: 0000000000350ef0 [ 267.624991][T12348] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 267.624991][T12348] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 267.624991][T12348] Kernel panic - not syncing: Fatal exception [ 267.624991][T12348] Kernel Offset: disabled [ 267.624991][T12348] Rebooting in 86400 seconds..