last executing test programs: 2m7.052678627s ago: executing program 3 (id=4): mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3000009, 0x46031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9) io_setup(0x6, &(0x7f0000001380)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r1}, 0x10) readahead(0xffffffffffffffff, 0x2, 0x81) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_getscheduler(r0) r4 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x700, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x45c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x7fffffff}, {0x0, 0x2}, 0x0, 0x6}}, @TCA_TBF_PTAB={0x404, 0x3, [0x476f, 0xb, 0x8, 0xb525, 0x0, 0x3, 0x4, 0x5, 0x3, 0x0, 0x600000, 0x5, 0x4, 0x7f, 0x2, 0x6, 0x0, 0x0, 0x1, 0x7, 0x2, 0x3ff, 0x101, 0x1ff, 0xffffffe5, 0x7, 0x3, 0xfffffff9, 0x1c000000, 0x4, 0x0, 0x6, 0xfc, 0x2, 0x7ff, 0x0, 0x621, 0x9, 0xf2cd, 0x9, 0x1ff, 0x974, 0xcb1, 0x9, 0x8, 0x19, 0x6, 0xffffffff, 0x8, 0x1000, 0x9, 0x1, 0xfffffe01, 0xf2, 0xd8, 0x891e, 0xff, 0x5, 0xf, 0xfffffffe, 0x1, 0xe, 0x0, 0x1ff, 0x40, 0xa36, 0xa01, 0x8, 0x1ff, 0x9, 0x2, 0x7f, 0x7, 0x2, 0x1e8, 0x8, 0x5, 0xfffffff7, 0x3ff, 0x9, 0x2, 0x6, 0x0, 0x7, 0xa, 0x0, 0xfffffffd, 0x5, 0x8, 0x0, 0x7, 0xfa70, 0xdf, 0x40, 0xa, 0x8, 0x8, 0xe6, 0x3, 0x2, 0x0, 0x65, 0x6, 0x100, 0xe, 0x40, 0x8, 0x1, 0x200, 0x5, 0x8000, 0x7c1, 0x3, 0x81, 0x4, 0x7, 0x800, 0x800, 0x100, 0x7, 0x1, 0x7, 0x9, 0x1000, 0x3, 0x7fffffff, 0x4e84, 0x1, 0xffffffff, 0x1, 0xfffffff8, 0x200, 0xfa9, 0x9, 0x1, 0x8, 0x80, 0x4eb, 0x9, 0x4, 0x2, 0x5, 0x800, 0xfffffff9, 0x6, 0x1, 0x800, 0x7a7d, 0x10001, 0x4, 0x5, 0x1, 0x4, 0x6, 0xffff, 0xfffffffe, 0xfffff801, 0x7, 0x5, 0x5, 0x0, 0x7cd, 0x62, 0x1, 0x8, 0x9, 0x4, 0x7f, 0xfffffff8, 0x8, 0x6, 0x451, 0x69, 0x10001, 0x6, 0x4, 0x7, 0x45, 0x9, 0x5, 0x10000, 0x2, 0x6, 0x81, 0x9, 0x3, 0x200, 0x3, 0x7, 0x7, 0x8, 0x7fffffff, 0x7fffffff, 0x2, 0x5, 0x7f, 0xb5, 0x3, 0x45a, 0x3, 0x800, 0xfffffff9, 0x7, 0x0, 0xf, 0x10000, 0x4, 0x1ff, 0x1, 0xfffffff8, 0x8, 0x8, 0x1, 0x9ff, 0x80000000, 0x9, 0x1, 0x7, 0xe, 0x6, 0x6e6, 0x8001, 0x2, 0x7, 0x3, 0x1, 0x6, 0x8001, 0x4, 0xc34, 0x1, 0x5, 0xfff, 0x3, 0x4, 0x0, 0x0, 0x38, 0x1, 0x100, 0x885, 0x0, 0xb5b, 0x2, 0x2, 0x2, 0xf5, 0x7, 0xfffffff8, 0x5, 0x6, 0x9, 0x9, 0x1da2, 0xffff, 0x6]}]}}]}, 0x45c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 2m6.739581549s ago: executing program 3 (id=14): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x161) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000100)={0x1, 0x9, 0x101, 0x5, 0x81}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="300000001d000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000a0002000080c200000000000700"], 0x30}, 0x1, 0x0, 0x0, 0x44040}, 0x0) mount$bind(&(0x7f00000000c0)='.\x00', 0x0, 0x0, 0x80700a, 0x0) umount2(&(0x7f00000001c0)='./file0/file0/file0\x00', 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r4 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r4, &(0x7f0000000000)={0xa, 0x0, 0x3, @empty, 0x0, 0x3}, 0x20) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) r6 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r6, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, 0x0, 0x0) setsockopt$inet6_udp_encap(r6, 0x11, 0x64, &(0x7f00000000c0)=0x2, 0x4) syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e20004db0"], 0x0) sendmsg$nl_xfrm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000040000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0xfc}}, 0x0) connect$l2tp6(r4, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20) sendmmsg$inet6(r4, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1b, 0x0}}], 0x17fd147c801ae9af, 0xff00) 2m6.288162963s ago: executing program 3 (id=15): ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() syz_emit_ethernet(0x52, &(0x7f0000000000)={@local, @random="e38f6cc55385", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd318", 0x1c, 0x6, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @local, {[], {{0xfffe, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, {[@generic={0xfe, 0x6, "e6673fcf"}]}}}}}}}}, 0x0) accept4$rose(0xffffffffffffffff, &(0x7f0000000080)=@full={0xb, @dev, @remote, 0x0, [@default, @null, @netrom, @bcast, @rose, @rose]}, 0x0, 0x80000) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0xfffb}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) readv(r2, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/214, 0xd6}], 0x1) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100001e0001eb25bd70000000000001"], 0x114}, {&(0x7f0000000340)={0xd0, 0x1d, 0x2, 0x70bd2d, 0x25dfdbfc, "", [@generic="1561fa38ebadb0b9ae05e405c7980aaee5f3c2496ffe0fdfc54a188faa57a55de0d3f491cd16186dc134513b8fdd3a99380e9346c259467752699f381e08ec480f3597a56f83e88508c6d91573ebf4a6420bccf83fbcfd19f445f545625f442d5457a529d9d8c28fa6ba80cd2b4ac4d7f6ab290190124a0bed7da7bb4dcede2f76b796f34e8445e584736d13ae20007a0e513ad09918961a410c3f0e751ddd5c2445411ade07c9f4d7592156f2ff73", @typed={0x8, 0xc5, 0x0, 0x0, @u32=0xfffffffa}, @typed={0x8, 0x13f, 0x0, 0x0, @uid=0xee01}]}, 0xd0}], 0x2}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r3, 0x541b, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x4, 0x8040000000000000}) r5 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x24}}}}, 0x108) r6 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r6, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote, 0x1000}}}, 0x108) close_range(r4, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) 2m4.36414829s ago: executing program 3 (id=24): socket$inet(0x10, 0x3, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0, 0x0, 0x2}, 0x18) pipe(&(0x7f0000000c00)) epoll_create(0x4) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0}, 0x94) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[], &(0x7f0000000000)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r1}, 0x18) socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800080000fcffff08000900fcfc0000080011000000000008000e00800000000800", @ANYRES64=r2], 0x5c}, 0x1, 0x0, 0x0, 0x20008005}, 0x0) 2m3.570118639s ago: executing program 32 (id=24): socket$inet(0x10, 0x3, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0, 0x0, 0x2}, 0x18) pipe(&(0x7f0000000c00)) epoll_create(0x4) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0}, 0x94) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[], &(0x7f0000000000)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r1}, 0x18) socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800080000fcffff08000900fcfc0000080011000000000008000e00800000000800", @ANYRES64=r2], 0x5c}, 0x1, 0x0, 0x0, 0x20008005}, 0x0) 10.812567247s ago: executing program 5 (id=400): syz_usb_connect(0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000340)={0x0, 0xcc}, 0x8) socket$netlink(0x10, 0x3, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) openat$sndseq(0xffffff9c, &(0x7f0000000000), 0x8000) openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0) keyctl$clear(0x5, 0xffffffffffffffff) r1 = getpid() syz_pidfd_open(r1, 0x0) syz_usb_connect(0x6, 0x75, &(0x7f0000000780)=ANY=[@ANYBLOB="1201010240d85bc7b1131100345c010203010902630002040800070904880400c192fa280724060000d2cf0524001c620d240f0100000000020005f29011cc03080353ee97050a2401f90a00020102092403060703020208"], &(0x7f0000000280)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x110, 0x9, 0x2, 0xf4, 0x20, 0x93}, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(r2, 0x8, &(0x7f00000002c0)=0x4000000000000002) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000000c0), 0x0, 0x40d0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0) prlimit64(r2, 0x7, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="6c00000002060104db406e3e0004000200000000100003006269746d61703a706f72740005000400000000000900020073797a32000000000500050000006c00050001000600000024000780080008400000137906000440fffff000060005400000000008000640"], 0x6c}}, 0x0) sched_setaffinity(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40186f40, &(0x7f0000000440)=0x1f) syz_clone(0x120e1100, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x117, 0x5, 0x101, 0x100}}) 9.036157567s ago: executing program 1 (id=408): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) poll(0x0, 0x0, 0x9) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYRES32=r1, @ANYRES8=r0, @ANYRESDEC=0x0], 0x178}}, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f0000000080)={0x2, 0x0, [{0x7, 0x0, 0x6, 0xfffffff3, 0x2, 0x1000, 0x1}, {0x1, 0x3, 0x4, 0x0, 0x2, 0xf9, 0x9}]}) mount(&(0x7f0000000000)=@nullb, &(0x7f0000000080)='./cgroup\x00', &(0x7f00000000c0)='gfs2\x00', 0x10, &(0x7f0000000100)='barrier') ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000140)=0x15) ioctl$TIOCSTI(r3, 0x5412, &(0x7f00000002c0)=0x7e) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000540)=0x9) r7 = gettid() timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r8 = socket$inet(0x2, 0x5, 0x0) r9 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_buf(r9, 0x6, 0x1f, &(0x7f0000000080)='\x00', 0x1) setsockopt$sock_int(r8, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4) shutdown(r8, 0x0) recvmmsg(r8, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000180)=0x4e) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000280)=0x9) io_setup(0x200, &(0x7f0000000140)) socket$caif_seqpacket(0x25, 0x5, 0x5) 8.492097473s ago: executing program 2 (id=413): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, 0x0}) prlimit64(0x0, 0xe, &(0x7f0000000080)={0xb, 0xba40000000000000}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x16, 0x9, &(0x7f0000000300)=ANY=[@ANYBLOB="3e63e221c36d0022757d51fb685e59ee252eff7888204458182a0f61f47549873448b53d9c1d7b", @ANYRESHEX=r2, @ANYRES8], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x94) ptrace$ARCH_GET_FS(0x1e, 0x0, &(0x7f0000000040), 0x1003) bpf$BPF_LINK_CREATE(0xa, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x24, 0x7, @val=@netkit={@void, @value=r3}}, 0x1c) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) shmget(0x0, 0x4000, 0x1, &(0x7f0000ffa000/0x4000)=nil) close(0xffffffffffffffff) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) ioctl$HIDIOCGRAWINFO(0xffffffffffffffff, 0x80084803, &(0x7f0000000280)=""/75) io_uring_setup(0x66e4, &(0x7f0000000200)={0x0, 0xb833, 0x0, 0x0, 0x2cf}) r5 = socket(0x10, 0x3, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0) setuid(0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x4, 0x0) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="540000000002010200000000000000000700000608000940ffffffff0800044000000081080008400000000320000106000340000000001400018008000100ac14000000000000000000e2ffffff0000000000"], 0x54}, 0x1, 0x0, 0x0, 0x8004}, 0x24000810) r6 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x5, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x0, 0x7}}}}}]}}]}}, 0x0) syz_usb_control_io(r6, 0x0, 0x0) 8.079388872s ago: executing program 1 (id=414): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x28003, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_CAP_PTP_KVM(r1, 0x4068aea3, &(0x7f0000000100)) r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r2, 0xc018643a, &(0x7f00000000c0)={0x4000001, 0x71, 0x200000009}) pread64(r2, 0x0, 0x2000, 0xce2) syz_usb_connect(0x0, 0x24, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)) 7.161873376s ago: executing program 5 (id=417): r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000001900)={0x2, {0xe, 0x6, 0x1, 0x2, 0x340}}) r1 = socket$rxrpc(0x21, 0x2, 0xa) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5) rseq(0x0, 0x0, 0x0, 0x0) r2 = fsmount(0xffffffffffffffff, 0x1, 0x84) sched_setaffinity(0x0, 0xff43, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x1c, 0x44, 0x107, 0xfffffffc, 0x0, {0x1, 0x7c}, [@typed={0x8, 0x1, 0x0, 0x0, @pid}]}, 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) r4 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000000)=0x14200000) ioctl$SNDCTL_DSP_CHANNELS(r5, 0xc0045006, &(0x7f0000000080)=0x7f) r6 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet(r6, &(0x7f0000000280)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1}}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000300)='scalable\x00', 0x9) ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f00000000c0)) read$dsp(r5, &(0x7f00000001c0)=""/95, 0x2) dup(r1) bind$rxrpc(r1, &(0x7f00000003c0)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e22, 0x100, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x40003}}, 0x24) 7.086551882s ago: executing program 0 (id=418): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0xa0042, 0x0) write$tcp_mem(r0, &(0x7f0000000000)={0x200, 0x2d, 0x9, 0x3a, 0x10, 0x2c}, 0x48) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x600c83, 0x0) socket(0x1e, 0x1, 0x0) r4 = syz_io_uring_setup(0xbda, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x1, 0x40000333}, &(0x7f0000000dc0)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1}) io_uring_enter(r4, 0x847ba, 0x0, 0xe, 0x0, 0x0) ioctl$KVM_SET_TSC_KHZ(r3, 0xaea2, 0x2) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f00000005c0)={"19661b0697e617faed51161be80e7cb00c7768aacae8b5d0f77479d70d5fc9fa134c2f2472722fe76679423ed0f4a129f296805859a7b848b1d6ad7ba92f2ccbe3a69a82ed92021e57752ae566512b34444cfce8aafd5c06a1e1d196a14775075d0f8294acbfc8528456f2b3bda43a40569c349e398b9777dec8a568cd7978171967ae2d087b955950133474ca71921c9592213d03b640c884afe18a30d31a06ba357ddea2ae1a0468d397038384ccc59cd6c7ef9c28d5288d86c50204a2e1654deb7a6823d92a60abb4127eee801119fb55f7d8c4ad61176317988fa25e6c39fe7faebdf77db4b94ec3b4c3765efdbcdf7b10295b1dd35742f121aad109951629532fc3add58f84bfc682b4e1f05ad8c736204140e2c6c951ec38ddef5afad91097ead7120d5d5490d7f33b14a4aeb1b1b68603d9b4f1755a40b8d96de66bc7ab3614f47667a786ca2635de34411ccb6a16b4dac1e85ef5b003131db4b5ffd1d1fd39f0e19df985825dd4956c638e70ca39fef1b2bb55b3db036fc794683e9bf4619014569c09339e285395da98b28e0bd85c5969edd212b12c52747dc523c8253f68ca7823cff36413e4d442240fc99d9443e1ea89c8debd466ad8a304956e7a7c27dca7c5fce774e6d05a221e270611334189469a2ade0f620455d454f6503969e58c8b653c6f27aaec9881e576795e6688f6606b89b3b5ac51916330f73293c0a371ffd26de20bbecda41c990dd3bbf8f32f97dfa4c5ba389b30733620283ec6ef171bcfe3c39fd0a78e487198fa644ffc8eb59f7831950b050bfd0c4dfa6ab8bd6316b32752ff5c3e2c7ce68b0c9ce87cda48b511758b5e1542147afe3531851d4cc0d9e34c46c71ffc2b30650c493aa804d9976df1f9fc35e1f5355ea1bdfa5e7163e1a2bb2c1e4240bb3591303174b9e9bb0fe5bb094ba3fdc507639534a65a4aeb6c0b2987db11b9c6a9f96714212712c8d42a70d435aa851cb72b6cd82028efa0b3db4d34affa277ddd44ec0aae1a61683e3cdbb0194f9dd49a36406dc0604904dbf37bf244d7cfc666718ce35ba7e943cc2dc11e09341d6c9ceb30afdb452ba47b70f1864cb0d41630f594085bb0409ad4fbfa69d0c0d146fefe5abe36611709c1404f79cdb78ab085501b7e369fb4c57de647db375f4aecb4aa977a120df40b6a58c7f449cf7c69fac82d767be21981e90b694320070f3612fdb45fcbab29afd839d03b0d12f7336e53c56b52c65d2f86a234397fa50e57250976a33311ba1137ebfec9ed374986a3e70f5843fe37255457fdfce5f7af2627fd3d67466930516396afe13f2ad83ee2d2ceabe9801c324962bc2c9bf8c66ec57bcb654e1209afc259adcda8cb16e9aa27f6a6d711dbabf566b750a4768e90bc78394d9bc271fd7272db0303af293586284219ca19c936d7eda4a844b85594ea2e97"}) 6.598534444s ago: executing program 5 (id=420): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0600000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r0, @ANYRESDEC=r0, @ANYBLOB="4af2000000000cf5ffffd27ff1e393bd7680000000003fa400000000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000ffff0000000000006f0000df5ee300181108006c338696802502060c45cabdc1795812086616e701db70da6c45d18d9d6150", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={0xffffffffffffffff, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc92b18236457ee3c8", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r2 = socket$l2tp(0x2, 0x2, 0x73) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4000000010004b0400000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b0001006272696467650000100002800c0021"], 0x40}, 0x1, 0x0, 0x0, 0x34041043}, 0x0) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840) timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004, @thr={&(0x7f0000000400)="e76027f5871b2b2e553d8feaffc3c5adb1dc1345e06e7cdcc4dce4435154f4aada6668e773bb27c00b2adb636f0c71007a64390549948537f5ac746f38ebdd961d89337f427c0a2f12cee753a68c7004ec00011e1370f61d09fff7169ba9cc659726570ef90987def23813c4abda46fb42080500b748a4b3f426438ffa3d3f8715c18265858e00a85c9b9cf377", &(0x7f0000000a40)="207c9f09ccd27fa2d72f05ccb7d84270494d3896b026fce633f2b62bf7d146c6f2dff2b8df177db710009aa1967b8d12541224d119f60c0bdeed1c291492b6c2511f87eb64ec1ee6607d124db01f1ff0bc27f95586951fccf30a0a8ee7d37927806f6a68c55321785319378adfe321fa59fd206d2b0fc179371548ce3b665b858dd8c4d086d5f4c9a74564050d28d19711296dad7ec12aa73832cedde7ac19cc83bd5e1570d29328b9667d03dfcb105e2f4e7367e7e52bfaf6ea01b79f81ed66a981b72b3f6441774fe3b1cf8c9efac8b976b195249752389d69ab85f44f6fbf1f28d219e69131b6e10f82b7c18670b206caf650c62cf61de484bac199c693aa5802054cb35791fb02db32b04088f8dbc0f039757a8f2d6af7b34b7b4a3043d2326f83b107f20f906a377049fed9f6e5a43c341a842d0b382735957f6c40d386dcc6b229ea34757fa726999cc56ffe0bc89a179e47a734dbdbc44c7ac5e7cc575153f2724b050483a0451e8a714b91bffa6ee22c5fe10f75102b7bdb981547c3587254f68af85cf1dbbf827c55d1e7808894e40a9b44966e22b94ecb1cf42aad08eb95b27f0b5f8cf7c847003ac70afdf30bff209058c58b0393ce2b622dfb1f7d538c37ba32de82f66a230c821a0ed4c6d1763f466b9297b5decdb193514caba5ccbc9103a174161482adfddae8f94925880f45d50d513de0bd72f1c33286eb163fd040e54c64ecc958f4f2ac775db0348b8247c9bd87a3c9e92fd83cb18ce5dcc10e4ce670ac376aefc9e6251796daf8897d7cba8fd102c97dfc1b2444d438eeaa3cec6228e1005f6bc48fbcabc7e9475e2b37b8ebdcd11b431911046b8b1f8768a4e471c74a0b0ae1910353075816a48ae9a39848ec38765671155cb712839fed26c143dd991f76abcc115626279cd67d436eed96033adff8e8970e0b9438a0108048f7b92af6eb3406ffea3be4e7d502411b489ed8529601562fd3b4ef8b6c5d74c473b2d018a53a1eae0f8327551c9dc1b7467bac15973f385f73dd9f9cac8ba2fc143b3439dc19e4dbd965e95dd412793a532e48ad49e25f95aaf3b47d07839d7f1768360ba35ec051bdd491b6398aa6b72510475ad6cb1093739add0631ebb7c2ab0a34d7877ab9bb773679465c8d5633e438a94aa01575be3595d6b502caa3630eec45b2114b35bea295f6da03e5fa03185945c685192c5e554f5620eb4caade8f49e6dfac4df35999fd464c0fc0dd1e739f3142bf565cdb3496da8a85273bf195a8d9566fe6a06fee529db7bfd407abef4f15c1550b2a39522aac046288a72ea36215aa607994ae070d175cd3b7afc7f02b9505ba38afcbe6b793363ac8748c214d217897b48bc87a6474e9f94f89d4a68327e1442015b6c3564680c871944bb0a36d88d51abb8e305a5e283190953d40aba957f22ae400cf0413f24969c5f846b2ba3f7690e39a5cb4f0a88906a32ed8dcf4399e728a227fb9f30e09c6c161ea04923dc4fad892ad826ea4d7a82bfd2d3ea2eab6552b4c0dc4e21e12181e5ad4584fbecc4e134fa72fdefc3e121078715f29266f833cf8f029800d1ad325e04f7d450f1e790cd9d6b3008aac6e94739b17edafc9db26300a26e2230e1e0cc38f1fd69b31893c82f3ca71d21402a4f68067aaa2d46b02c5b4c38b8c61fcc06ad3d050752d199be7e51a13f3628dc05f197f3431ee798a9919922c9fc4779c218f3a37a0e74b3b02d33ecd37c1246b0dd50d8597cf09cae8808de814d62010cdb140a39d8c11326bdcebf21dfe0bdf82e2b3dd4d80bdb1ca9ac493fe39b1d98cf76ba1958bf929ce3cb4ebe8f48a850d961e045140ccc0b74e4b3f5d05fecb17e1a9f59973bc2099a5a60e10accb7e08dd971a2a7cfd594c704d1f1b2f79a5403962777e039a3005b2f721b7318c5371891c0598a12ce3bd425bade680db9227e1a76bcd8430d4facc81dfba98c18b4bf196d71cdb2e0d8073b3b932766330407ed0ee742a82979e66846c3eb06451f0fb386a77b1a7477217c980749db766b2e3c619bced0929a45aaa9e8e715cffd9c31996d68e5978f1373b3aff400d6b4fa9ff5ee17fe1d3239660df3b5fa1960fc0c07df6f643277099adc8525ffd1601b6ae64f47e7079b93b1d44a8e8decbff1dc702f8a9b74a859589ef55a5a53982e4f85e3ec6146cb8d7b12166b6e879c9b78c715ccd3bc50f85cfea26b06917a75bb8979c06cc953b1bc33539ac8fd2729b098b3aba8873e4f0ec27d78140162eab4a1fef45388b89a6ce7551acc5b7e6ebe2b96aa9e89aff09c5e96b21f6849924435b7c2984c64072330437ed240a6a04d5e1093f0e5253b3c090e8805a22765084d49c16b3c1ba03e25891daa2615d7e20baa5c955cfa46249a37e57cebf25494bf636c5c4f6eea2f6c6be86ad30d8120ced893f2a021acedbb8b962973c4f560928b54f9b334ea437c6e66dd481076796af27bca512dd497883ed596c65252f965caf7f33c61b3b0b80dd5503f397696050386080352d7dc6aaa5a5a9489ecf6d3c2f12449f2f9fa97d52e26604530219294cb851ad854b0350e5de52090804ef2c58a8093e984e5306ab4a1c76ecb4e04f67a6d0b415c804d70c59bc5d83b23ea6174becf450cfe30a25e261c2f8e289989fadf702254e3acdae038551ae518d784564d3b7d6b3f4aedef5a7031bb828959c48e93b158bb2900a35b93beb14fa6f54c65fa7f8fac2d03db4fe63ff0d6aaf519a6fff310723fd880a7fe29ac0f59fbe3ff95b819c8400d40aaa4048414fe39762a982384a4fdd469a19d511807dd971ba1424cf9cad95507aede32de62e2504e45c1ba6025d693d4a9d1400d7560ad9aa54437862b6b63352ab5d615e990e0e56c6a5dee5bc7f1e94bcb6d65d821c3d418a258fd81b551b02a4820cb86644cb888a35d66bdaa8bd604db6ad5261faa82e8c7543e52b3eb0877462cac981e5229cd07ad74617a565a8601e2c9a18d5ced71f8aef330cadc0ea24bc7b4ab53650cf95728ad9bf38afca1ce4a7f040c85fb419b0d9d76fa084977d4f093ac2ea468029e33da69e1a5e470c4e5fd350c59b68de2457d8c1eb3d99072bd6f59f3429dd3a4397e52299527dca2d0e4a2c5af48926f9a6007d74a94dc166ce7d796049a7daf9644785ef21ca8f44648c9dcb0d1c29e9f46c4e86cb6aa583dae7618719800d67d88f2d9616ab9d6333b1baca3cb7a6171f885bee44dfabfb922192fbd42f79f9a6c205340e0211d0a7ac54d0d3d34cb547d5ab7b06cbc494c9e34a0c5c6744a5f46b90d4b8b23ef4d915e01c9366bbd9d90d31c11692e1551d440289b74d406abfbc6818981ced9a91602630645562ebb5e3c7f4fb699cf8878dea51364f0c4c07b6ddb2526932c38ce986e449946ec4113357121a15cf6fe6c11a8d81b0629efcdc28557fd7a18553f8661b924fbec23190ac4a657bbef8023f23b76b6c1cf3ed5bb0cd44faf78bde159cb77f16d18a137aef477cb340c30f98e3cc07eb8b4c47e0ce2c782f9f6fb75cf5bec41c5eb1ad59f564e4c8ceaafd8d223914f6583e75a6fd58bc84a69197d456b64e782805629a606a4a140e9d719e610c65abb7d81e4286e4f9c4c246bb88c0513ace8afb952ac2d93fb8425a12f68fec327c5585ff96b2f1161fa1d61546bcbcc7708c1341a100e14fa6966cda073be501f08262db37776e0bb3a6e12c734fdb340c91b9cc75739c6a437a4ef82b6f34862bfb41d07163e588b71f72550aaa2893c0759c24230bf9b4f6ec3e7bf22d516cd3ca442febdc147368cb7dc248bbc2bb0d25a684271bd8ddf4396b4fd5dd89b762ca9608483612f2c69aeb931b15f18e8bf70c27fa0870b869b672d5934cec8615885c64d3b39f129998e8b450604281209b6423b78153c3f57ea8aa7a463b3feeff9c574b7354acf1172d7e4d53bda2f21baf1736913af2c3b07d863708809388bcc0eb8434b2e814421de89ef855958ba55dd99cb73032bb2a90c334e90af815c7ee421b19e4a4cefda7e6afc29c095b6649f14d1d7d5cbba37bbe76ced53cd4d864a26f37168cec09c91e95d2779ca708a1eb3626bc4db7ae3903bf6e230aad05387bd1aa819e7c1421fa4dfb4207d3e042167bec69b14d4ce856a017078fd7656907b5f8c4acf3ebc5545c0fc1b828aca35261acf2a654bde9c1c4d17310fb77e562ed3fb4f5ca8fcbcc750642df194d7f79cf3c327b8fbe22797d6c4b419bd7fec205ac5bdaeb2d425b5c779581f5da9a8fbbe6cdb5e1097eaacedde2f3e3bf97414b0d002a647bd2a11195d88bfdb0312c0396d9cf6aea196da105bf2abfe6080bc704d634ea4e8f9222ee88966513d03bdbccb06629d852b5cb6bff4120d7ec3ea7c83060d12be2edb9f3ae2657c67447377ffead7279fa3508e9d793619adbefeea6d902024d3b4f152c1c4e65da3aff03d9812b9a8a7b677fa13723547f26e4711b1f8010fd6ac2c310a9f194a99b623eabe93ae1d626188a3a2dbf5d58dfd9c86d02895224612f125dde771ceaa70a0796476a4260c6cd8f4210b23b8b88dacacfb8a64d36ea5d10a0057fa2b5435ad589aaf86f1987f63ba98c6eda5a1df1dcb4c5e99a02142d23a5ff0bb637fc21cefe6152c72aa93589ade4694b390a866cd05936815eccc6659098ef198a43bf5c24ebf564d0caa77f9a4c3b5593b87a6315899f6a567d358293934a21cb0e021438bc40eb5c2422de0f749e1fc178a4ee7adf49fe118ca2160dec20dd85fba4bffb8c25de7ad55c33f4329c26f31dc0bb8b2befc4a0f74888c68bcaaf10b1118129999db27fd3725895c0a50b25c5bf33b6c1966db772195fd537c3c8b258c29ca24ddaaaa0c09eaccd08bfb882ecb67b234fb83788bcd6db27438926a64a2df746c9be2dcde2d7fee89ab24f818d16421e2234740c7f5ba007deb7badc76bf01861d6f558739a9cb33aab384da3015045727260c9113d4f17eb1604e1d7199de466613358358b5442a35d7711f3eb11992aa553d8d7e06444a660d16ee8c6b335e76aef46a209098d9a09467feec30fe1119b684309c3fadc2796688d50d88b79591185e8dcffba1cdd42e21208e13af6f13a76d2db8809a73906978b951338abc30c0537dbb5a7ff800d0e075c646b2c026f1a0b01be6f20b80304c57202156945b96dade0e994d47f14bb0b71c7916575e83ec4111f660e12c25b9dc60a08be41dea6fbf6d3d845f16579ab5f0008bcc021e068c8d79925af45f852dca24357ad0c23232bec5c0b2baa424019638d4d048cc0b681df7041b37ff8c8a8191f0c449bdbeef73fefdd82a3337e1c1e8da20062d6cbf4afdb975253f5d1f3c6fc0ee9108fc33aa9d0e1f3e0eb82ef63906e0cfb83796b36b1223a252c2192a464761fdecb6035a0e4855fca1989ec9573beb05c4e5dec730319e58424aaa58c2baa80989cf0c26d8e93a3054c1a6c6ea3d7c7f2c1a72baf3a0a1d98a661e415d1111c1dad11763422e7fdddba3823fbd03e4f2b11f1f4421eb18e81a5a2434236b9eb68ac16a589a813e47d6c305d28336e034c6ec5713902ce1921217beba30b1d39849e01064f005d57f4be631804e1b6b2e1cfcfb62834b717ff3dd955ab0fb17f1e098dce9c16ec4f71a53a2ee86b061699563297b478b4c7c69b5d51317626d6efb4bdfdb768cc4c14324524ab447b15bb7753108d3d4349bf2e590a45d8a27fbb1ce2d5ef6cbc234ddc249d6b8920fa7c991b90a85c452a964b5025ced7fd09ffc86196eb153add6f2d3502f6c646a9671"}}, &(0x7f0000000380)) prlimit64(0x0, 0x5, &(0x7f0000000140)={0x7fffffff, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r3, 0x0) iopl(0x8) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r7, 0x0, 0x0, 0x20000841, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @empty}, 0x1c) socket$nl_netfilter(0x10, 0x3, 0xc) r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0) add_key$fscrypt_v1(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xffffffffffffffff) bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) write$cgroup_int(r8, &(0x7f0000000040)=0x1c9, 0x12) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10) 6.264721984s ago: executing program 0 (id=422): r0 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'veth0_to_bridge\x00', &(0x7f0000000000)=@ethtool_rxfh={0x1, 0x0, 0x0, 0x7fff, 0x0, '\x00', 0x100000}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) sysfs$2(0x2, 0x2000419, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x128841, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) close(r3) 5.628563414s ago: executing program 4 (id=423): r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000001900)={0x2, {0xe, 0x6, 0x1, 0x2, 0x340}}) r1 = socket$rxrpc(0x21, 0x2, 0xa) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5) rseq(0x0, 0x0, 0x0, 0x0) r2 = fsmount(0xffffffffffffffff, 0x1, 0x84) sched_setaffinity(0x0, 0xff43, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x1c, 0x44, 0x107, 0xfffffffc, 0x0, {0x1, 0x7c}, [@typed={0x8, 0x1, 0x0, 0x0, @pid}]}, 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) r4 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0) syz_emit_ethernet(0x5e, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd684b38c3c99e57f1e5bdbd870000000000000000000000aaff0200000000000000"], 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000000)=0x14200000) ioctl$SNDCTL_DSP_CHANNELS(r5, 0xc0045006, &(0x7f0000000080)=0x7f) r6 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet(r6, &(0x7f0000000280)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1}}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000300)='scalable\x00', 0x9) ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f00000000c0)) read$dsp(r5, &(0x7f00000001c0)=""/95, 0x2) dup(r1) bind$rxrpc(r1, &(0x7f00000003c0)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e22, 0x100, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x40003}}, 0x24) 5.251697392s ago: executing program 2 (id=424): openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x585c40, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x48) r4 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/cgroup.procs\x00', 0xa00, 0x1c2) openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) inotify_add_watch(r4, &(0x7f0000000000)='./file0\x00', 0x42000200) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$UI_DEV_CREATE(r5, 0x5501) r6 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6, @local}, 0x10) setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f00000002c0)={0x0, 0x11, 0x6}, 0x10) setsockopt$packet_drop_memb(r6, 0x107, 0x2, &(0x7f0000000580)={0x0, 0x1, 0x6, @local}, 0x10) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="380000000301010100000000ecffffff0a0000010c0019800800020000028006000100993f34d5d465a32bac1760a8406d436d812ce190597ba16da8b04f91e9f8a7a45e89ca0ccd23a31993b4ac4e4778268f9e86cd49bb76a60ed8405a0d93eec2b3e7c0a1ab40be5920c59d1f470c1412db71ee45789778a5e71fb585509eb8a9cd79dc3d63e7129f4af2cb3eecbe6759fbffda8d4d18a0b89a66170535d1d5db697044a1857850bdfb045c320000000000"], 0x38}, 0x1, 0x0, 0x0, 0x8814}, 0x20000800) r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r7, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6) write(r7, &(0x7f0000000040)="05000000010005", 0x7) 5.200141458s ago: executing program 1 (id=425): socket$key(0xf, 0x3, 0x2) r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000180)={0xd, 0xfff, {0x0}, {}, 0x7, 0x3}) prlimit64(r1, 0xc, &(0x7f00000001c0)={0x200000000005, 0xb}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sendmsg$kcm(0xffffffffffffffff, 0x0, 0x6000000) r3 = socket(0x10, 0x3, 0x2) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0b0400000000000000000200000054000480500001800a000100696e6e657200000040000280080002"], 0xa8}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x200, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfff2, 0xffff}, {0xfff1, 0x1}, {0x9, 0xf}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x48}}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc041}, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r5, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af0800010000000000080001000000000060001a803f0003"], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x4) sendmmsg(r3, &(0x7f0000000000), 0x400000000000235, 0x0) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000240), 0x0, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$inet(r0, &(0x7f00000009c0)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x20044818) ioctl$FBIO_WAITFORVSYNC(0xffffffffffffffff, 0x40044620, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r3, 0x84, 0x6b, &(0x7f0000000380)=[@in6={0xa, 0x4e62, 0x3ff, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xc}}, @in6={0xa, 0x4e21, 0xa0a8, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7}, @in6={0xa, 0x4e22, 0xf, @rand_addr=' \x01\x00'}, @in6={0xa, 0x4e23, 0x4, @ipv4={'\x00', '\xff\xff', @empty}, 0xa}, @in6={0xa, 0x4e20, 0x5, @ipv4={'\x00', '\xff\xff', @empty}, 0x7f}, @in={0x2, 0x4e23, @broadcast}, @in6={0xa, 0x4e22, 0x2, @mcast1, 0xab}, @in={0x2, 0x4e21, @broadcast}], 0xd8) socket$nl_route(0x10, 0x3, 0x0) r8 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x20201) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r8, 0x40045532, &(0x7f0000000100)) r9 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0), 0x2b0202, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r9, 0x80045017, 0x0) syz_open_dev$sndpcmp(&(0x7f0000001200), 0x0, 0xa2c65) 5.112798524s ago: executing program 4 (id=426): syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) r0 = socket(0x29, 0x3, 0xff) bind$inet(r0, &(0x7f0000000080)={0x2, 0x800, @local}, 0x10) syz_open_dev$loop(&(0x7f0000000100), 0x6, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(0x0, 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed88", 0x3a}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) 4.978388363s ago: executing program 0 (id=427): openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x585c40, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x48) r4 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/cgroup.procs\x00', 0xa00, 0x1c2) openat$tcp_mem(0xffffffffffffff9c, 0x0, 0x1, 0x0) inotify_add_watch(r4, &(0x7f0000000000)='./file0\x00', 0x42000200) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) r5 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$UI_DEV_CREATE(r5, 0x5501) r6 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6, @local}, 0x10) setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f00000002c0)={0x0, 0x11, 0x6}, 0x10) setsockopt$packet_drop_memb(r6, 0x107, 0x2, &(0x7f0000000580)={0x0, 0x1, 0x6, @local}, 0x10) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x8814}, 0x20000800) r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r7, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6) write(r7, &(0x7f0000000040)="05000000010005", 0x7) 4.851354104s ago: executing program 4 (id=428): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0xa2d, @empty, 0x4}, 0x1c) listen(r1, 0xfffffffc) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x28, r5, 0x1, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1a}]}]}, 0x28}}, 0x0) (fail_nth: 8) 3.612761478s ago: executing program 2 (id=429): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r0 = socket(0x400000000010, 0x3, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x8c, 0x2c, 0xd27, 0x30b529, 0x25dfdc00, {0x0, 0x0, 0x0, r2, {0x0, 0x4}, {}, {0xfff2}}, [@filter_kind_options=@f_matchall={{0xd}, {0x58, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xfff, 0x0, 0xffffffffffffffff, 0x80000000, 0x10}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x0) 3.510315097s ago: executing program 5 (id=430): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000400)) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f00000001c0)=0x304008000) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f00000003c0)={0x1}) 3.509702598s ago: executing program 4 (id=431): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="78010000170001000000000000000000fc0000000000000000000000000000000000000000000000fe8000000000000000000000000000bbac1414bb000000000000000000000000fc00"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000ffffffff00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000440005007f000001000000000000000000000000000000003c00000000000000fc02000000000000000000000000000000000000000000000000000000000000000000000c0008"], 0x178}}, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=0x0) r4 = socket$netlink(0x10, 0x3, 0x10) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, 0x0, 0x0) r5 = syz_usb_connect(0x0, 0x24, &(0x7f0000000240)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0) syz_usb_control_io(r5, 0x0, &(0x7f0000000080)={0x44, &(0x7f0000000040)=ANY=[@ANYBLOB="00000100000005"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r5, 0x0, 0x0) syz_usb_control_io$printer(r5, 0x0, &(0x7f0000000540)={0x34, &(0x7f00000006c0)=ANY=[@ANYBLOB="00060f00000064b1"], 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r5, 0x0, &(0x7f0000000640)={0x44, &(0x7f0000000300)={0x0, 0x3, 0x13, "1369a86d069a4f67a4f4e23e0090231121f736"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000200), 0x4) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_NET_GET(r6, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040004) syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), r4) syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r4) mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2}) timer_settime(r3, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.kill\x00', 0x275a, 0x0) setsockopt$inet_tcp_int(r7, 0x6, 0x30, &(0x7f0000000140)=0xffffffff, 0x56) getsockopt$inet_int(r7, 0x0, 0x0, 0x0, &(0x7f0000000000)) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) ioctl$SG_SET_DEBUG(r0, 0x227e, &(0x7f0000000040)) 3.419796115s ago: executing program 5 (id=432): syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f0009"], 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x63, &(0x7f0000000240)=[@cr0={0x0, 0x10000}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 3.409790209s ago: executing program 0 (id=433): mkdir(&(0x7f00000000c0)='./file1\x00', 0x154) prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x4, 0x80100008b}, 0x0) r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) mount(&(0x7f0000000500)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000040)='udf\x00', 0x8007, 0x0) ioctl$NBD_CLEAR_SOCK(r0, 0xab00) 3.3327544s ago: executing program 2 (id=434): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 3.273191249s ago: executing program 2 (id=435): openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = socket$kcm(0xa, 0x5, 0x0) syz_usb_connect(0x0, 0x81, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000a7420040ab0501030001010203010902240001000000000904000002aad45c0009058e02000000000009050a06"], 0x0) syz_usb_connect(0x2, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100008ec6184c1e40c9071200f4c2010203010902120001000000000904000000cb8e"], 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) socket$nl_generic(0x10, 0x3, 0x10) r2 = eventfd(0x0) r3 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r3, &(0x7f0000000140), 0x10) r4 = syz_io_uring_setup(0x835, &(0x7f00000000c0)={0x0, 0x679a, 0x400, 0x2000006, 0x3ce}, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r3, 0x0, &(0x7f0000000240)="144024aeae8b2b5d63f7449a372e1406d4defe495b5744eed6801d1d51e1d3fcdcf25bdf4a5f2ef4b45d6898757795c858f0c3d4b26bd644", 0x38, 0x2400c0c7, 0x1}) io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0) ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240)=r2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r7 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r7, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1e000000000000000700400009"], 0x50) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 3.22508216s ago: executing program 1 (id=436): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x22102, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a90000000060a0b040000000000000000020000034c000480240001800b000100736f636b657400001400028008000240000000030800024000000014240001800a000100717565756500000014000280080004400000001006000340000200000900010073797a30000000000900020073797a32000000000900010073797a30000000000c0003400000000000000004c8000000030a01020000000000000000020000020c0002400000000000000005640008800c00014000000000000000090c00014000000000000000070c00014000000000000000060c00024000000000000000020c00024000000000000100000c00014000000000000000080c00024000000000000000040c00014000000000000001a70900010073797a300000000008000b400000000408000540fffffffe28000880"], 0x180}, 0x1, 0x0, 0x0, 0xc00c001}, 0x40) r3 = io_uring_setup(0x1781, &(0x7f0000000140)={0x0, 0x5dda, 0x40, 0x0, 0x268}) r4 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x80000) readv(r4, &(0x7f0000000180)=[{&(0x7f0000000200)=""/147, 0x93}], 0x1) close_range(r3, 0xffffffffffffffff, 0x0) read$FUSE(r0, &(0x7f0000000c40)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) prctl$PR_SET_SECUREBITS(0x1c, 0x2c) setuid(0xee00) r6 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="020000000100010000000000040002000000000008000100", @ANYRES32=0x0, @ANYBLOB="100007000000000020"], 0x2c, 0x2) openat$incfs(0xffffffffffffff9c, &(0x7f0000000140)='.pending_reads\x00', 0x1a10c1, 0x9c37611dc13d0d83) r7 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000) r8 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(0xffffffffffffffff, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc) r9 = syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x14a042) ioctl$HIDIOCGRDESC(r9, 0x40305829, &(0x7f0000000040)) r10 = syz_io_uring_setup(0x493, &(0x7f00000003c0)={0x0, 0x4661, 0x87b21647db54113a, 0x3, 0x288}, &(0x7f0000000380)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r11, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r11, r12, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r8, 0x0, 0x0}) io_uring_enter(r10, 0x40f9, 0x217, 0xa5, 0x0, 0x0) close_range(r7, r8, 0x0) prlimit64(r5, 0x8, &(0x7f0000000100)={0x6b69, 0x2}, &(0x7f00000001c0)) openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={0xffffffffffffffff, 0x1}) 3.023994207s ago: executing program 0 (id=437): r0 = add_key$keyring(&(0x7f00000004c0), &(0x7f0000000500)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffff9) add_key(&(0x7f0000000140)='pkcs7_test\x00', &(0x7f0000000300)={'syz', 0x1}, &(0x7f00000003c0)="1c1ece090d5581a06cedc3467e7a3a82751b12cc4ec67c487b56d862660859e95d4c8a37d5a4a3b7d37e0b46ab0936087181cdf6e0773f6f9f00e27b050acb59af8a064634563441d2d9c033520e1cf1711882a51624bdc2d4713f5cfd8602297317c145e2360d0f293dcb73b472f0107d491d90c5f8208f156e1a045db408a484468ac5975dc72767a50d1e76e948e142b3d69f6de867c2e8ef8ffcf204f3314252b8c001b1c2960d30420f825b1799e442abc97602781852bdfa5c65e28a13cd9cebcd061652da9c7afbd627cdb4fbfe89", 0xd2, r0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket(0x10, 0x3, 0x0) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x2000)=nil, 0x2000, &(0x7f0000000000)) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0xc, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x38}}, 0x44080) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x80, &(0x7f0000000640)=ANY=[@ANYBLOB="71756f74612c75737271756f74615f626c6f631005686176646c696d69743d382c00463cf051e1464f5cc3067e5cb7d0d18d46d4c8f29dc615464c5f63488fcd039a6b268e3361e9b1453a230d0358851c9b22d73464adc0c2a0713828036d53791b3bd925f6c319a4f3ca179999a675dd48b99cda4731259d482e670008b0c60e4167a517fc8db766fb2df0ebb344cedbe5566dd32f2223d9fe48cb1813c400f1cb53638a153580d74500c84f2069b36058f4ef48fa12046f90543fb24cdc0111ad15028622e36432c6e75955cb8c"]) read$FUSE(0xffffffffffffffff, &(0x7f0000003480)={0x2020}, 0x2020) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r4, &(0x7f0000000000)="3b000000010006", 0x7) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0) r6 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r7) socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r7, 0x9) pipe2(&(0x7f0000000180), 0x80080) 2.85934623s ago: executing program 1 (id=438): syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) r0 = socket(0x29, 0x3, 0xff) bind$inet(r0, &(0x7f0000000080)={0x2, 0x800, @local}, 0x10) syz_open_dev$loop(&(0x7f0000000100), 0x6, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(0x0, 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed88", 0x3a}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) 2.531210548s ago: executing program 1 (id=439): openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = socket$kcm(0xa, 0x5, 0x0) syz_usb_connect(0x0, 0x81, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000a7420040ab0501030001010203010902240001000000000904000002aad45c0009058e02000000000009050a06"], 0x0) syz_usb_connect(0x2, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100008ec6184c1e40c9071200f4c2010203010902120001000000000904000000cb8e"], 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) socket$nl_generic(0x10, 0x3, 0x10) r2 = eventfd(0x0) r3 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r3, &(0x7f0000000140), 0x10) r4 = syz_io_uring_setup(0x835, &(0x7f00000000c0)={0x0, 0x679a, 0x400, 0x2000006, 0x3ce}, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r3, 0x0, &(0x7f0000000240)="144024aeae8b2b5d63f7449a372e1406d4defe495b5744eed6801d1d51e1d3fcdcf25bdf4a5f2ef4b45d6898757795c858f0c3d4b26bd644", 0x38, 0x2400c0c7, 0x1}) io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0) ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240)=r2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r7 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r7, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1e000000000000000700400009"], 0x50) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 2.468261494s ago: executing program 0 (id=440): mkdir(&(0x7f0000000180)='./file0\x00', 0x30) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x4000, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}]}) syz_usb_connect(0x0, 0x64, &(0x7f00000000c0)=ANY=[@ANYRES8=0x0, @ANYRESOCT], 0x0) r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000003c0), 0x20000, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_mptcp_buf(r1, 0x11c, 0x3, 0x0, &(0x7f0000000080)) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0) r3 = socket$tipc(0x1e, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x6ffc1ffb}]}) lsm_list_modules(0x0, 0x0, 0x1000000) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000200)={0x40, 0x2, 0x1}, 0x10) r4 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0) linkat(r2, &(0x7f0000000100)='./file1\x00', r4, &(0x7f0000000240)='./file0\x00', 0x0) r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) close(r5) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00') r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000480)={r6, 0x0, 0xfffffffffffffc57, 0x0, 0x0, 0x0, 0x1003, 0x0, 0x0, 0x35, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x69) syz_emit_ethernet(0x4a, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd6011a8bc0014060000000000000000000000ffffac141400fe8000000000000000000000000000aa00004001", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5004000090780000f94ab2faabd3861517edb180c37eb0610b0bb682c885f63397c6be0aa478c68847e1750b2a2d4251f6efdacc27ea568dc923647131caacbfa2f8533ad105b588018dd311a3fad24204068ff48470a7cb4f10a6e8fe87af202b53264b625162ba521ad8966c4271a128fc588687ad9bd28eb37f70b0789ec9d69c5812f50a6307fa0c948450880cefc667042a5a83b4d58d1e8c"], 0x0) 1.568157337s ago: executing program 5 (id=441): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000040)="66b9a90b000066b80080000066ba000000000f3036260f0766b9780200000f326766c7442400315000006766c7442402000000006766c744240600000000670f0114246766c7442400009000006766c7442402860000006766c744240600000000670f011c24260f01d1f30f35ddceba2100ec0f20d86635080000000f22d8", 0x7f}], 0x1, 0x10, 0x0, 0x0) r3 = openat$cuse(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) writev(r3, &(0x7f0000000e00)=[{&(0x7f0000000a40)="348f8c6aa0", 0x5}, {&(0x7f0000000a80)="073fe2d5ad69dddb99b353", 0xb}], 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/65, 0x328000, 0x800, 0x1003, 0x2}, 0x20) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8) syz_clone(0x80040000, 0x0, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r6 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r9}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r10}, 0x2d) syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) 925.56832ms ago: executing program 4 (id=442): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup/syz0\x00', 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, 0x0, 0x8) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)=0x1000) writev(r0, &(0x7f0000000340)=[{&(0x7f00000000c0)="6274fc22cad5d7910f94c294e7036330c367d0a251894a5dee4499612efaf696f5b7ddff0a8ce7d9a89d441dbf63603b8d2791ebba0529641bb23af13642dbbe52181481ef2e0d5594ce0da1dd84ffb1140dad", 0x53}, {&(0x7f0000000140)="16eede6d86ec5f46b0fb39f3a43edd74487dec3a3b5941f828bb1322ff0a99a022f8607d4156c4afe2f4fd4c6b4b461200635960ade4826b72426ca484c9d017ff9d893e5a244906ed1ef53b4c6c7ac8bc39d5e4cb7a31f959308575b93d446596b62e5bb16a7c49399fb1441efe99a0942bfb427ef0a49fd06fa24ebb910bf7c5de1dce2d860080ffa85245489be303a7d15a4fe5182cad7b5cd697301f0409fac1e08e2f79af439d4db14f18ec9a46bc1bfcfdd172b2c7bb17222f6dae848789b00c974c880283f60c45", 0xcb}, {&(0x7f0000000240)="1868427d406b34a56de0532ba84596a2e31767344d7741b0e1cd6fcabd066d2600e3b5839eeb0a2075cd152967cf315715018d3f0f92e91098c1e18deadc19883fec2060d00a6fb4f271ed9f8646d737bd85e929e5cd2e238a7ae23f2c3ac51063dc79d43f292e3bc9bcde51c0cffe0cb43de333b289ba3b0e2117b20aa479828f63d04e1af78b50bd84821e760ed87a419294a5513e87ad429b04891a5b469002aab196012d8ba0910fbcac70abbc711c7df23c4e0661da39b350a09734ea473299b8bfee58", 0xc6}], 0x3) setsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0xf, 0x0, 0x0) 12.133846ms ago: executing program 4 (id=443): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000) r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000002c0)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, 0x0) r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340), 0x0}) ioctl$HIDIOCGFIELDINFO(0xffffffffffffffff, 0xc038480a, &(0x7f0000000240)={0x1, 0x0, 0x2, 0xff800000, 0x9, 0xe, 0x1, 0x4, 0x800001, 0x8, 0x12, 0x0, 0x15d1, 0x6}) syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) r5 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$int_in(r5, 0x40000000af01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000400)) ioctl$VHOST_SET_FEATURES(r5, 0x4008af00, &(0x7f00000001c0)=0x304008000) ioctl$VHOST_NET_SET_BACKEND(r5, 0x4008af30, &(0x7f00000003c0)={0x1}) r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x4c, 0x2, 0x6, 0x5, 0x0, 0x0, {0x7}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x4c}}, 0x20004000) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) ioctl$TUNSETOFFLOAD(r8, 0x400454d0, 0x1b) 0s ago: executing program 2 (id=444): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x1) sched_setaffinity(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb47, 0x9, 0x8, 0x80000001, 0x3}, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539esp(adiantum(lrw(serpent),aes-asm,ghash-ce-sync),sha512_m'}, 0x58) ioctl$TIOCMGET(r3, 0x541e, &(0x7f0000000040)) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r5, 0xc0a85320, &(0x7f0000000180)={{0x80}, 'port0\x00', 0x7e, 0xa1c02, 0x6, 0x0, 0x3ff}) r6 = epoll_create(0x101) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000080)={0x40000014}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0) socket$inet(0x2, 0x2, 0x0) rt_sigqueueinfo(0x0, 0x15, &(0x7f00000004c0)={0x22, 0x6, 0x7}) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) fsopen(&(0x7f0000000000)='autofs\x00', 0x0) socket$alg(0x2d, 0x5, 0x0) clock_settime(0x0, &(0x7f0000000000)={0x77359400}) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[], 0x50}, 0x1, 0x0, 0x0, 0x3c01c014}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000002300)={'wlan1\x00'}) kernel console output (not intermixed with test programs): Product=2, SerialNumber=3 [ 112.385078][ T5893] usb 1-1: Product: syz [ 112.389278][ T5893] usb 1-1: Manufacturer: syz [ 112.393846][ T5893] usb 1-1: SerialNumber: syz [ 112.417067][ T5893] usb 1-1: config 0 descriptor?? [ 112.891562][ T6622] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 112.949365][ T5893] hso 1-1:0.0: Failed to find BULK IN ep [ 113.120088][ T5893] usb-storage 1-1:0.0: USB Mass Storage device detected [ 113.889950][ T5893] usb 1-1: USB disconnect, device number 8 [ 114.984440][ T6644] FAULT_INJECTION: forcing a failure. [ 114.984440][ T6644] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 114.997890][ T6644] CPU: 1 UID: 0 PID: 6644 Comm: syz.2.156 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) [ 114.997914][ T6644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 114.997923][ T6644] Call Trace: [ 114.997929][ T6644] [ 114.997936][ T6644] dump_stack_lvl+0x16c/0x1f0 [ 114.997964][ T6644] should_fail_ex+0x512/0x640 [ 114.997992][ T6644] core_sys_select+0x949/0xc10 [ 114.998022][ T6644] ? __pfx_core_sys_select+0x10/0x10 [ 114.998069][ T6644] ? set_user_sigmask+0x21b/0x2b0 [ 114.998090][ T6644] ? __pfx_set_user_sigmask+0x10/0x10 [ 114.998114][ T6644] do_pselect.constprop.0+0x19f/0x1e0 [ 114.998137][ T6644] ? __pfx_do_pselect.constprop.0+0x10/0x10 [ 114.998161][ T6644] ? __pfx___schedule+0x10/0x10 [ 114.998191][ T6644] __x64_sys_pselect6+0x182/0x240 [ 114.998216][ T6644] ? __pfx___x64_sys_pselect6+0x10/0x10 [ 114.998246][ T6644] do_syscall_64+0xcd/0x4c0 [ 114.998271][ T6644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.998288][ T6644] RIP: 0033:0x7f632418e929 [ 114.998302][ T6644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 114.998318][ T6644] RSP: 002b:00007f6321ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e [ 114.998334][ T6644] RAX: ffffffffffffffda RBX: 00007f63243b6160 RCX: 00007f632418e929 [ 114.998345][ T6644] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040 [ 114.998355][ T6644] RBP: 00007f6321ff6090 R08: 0000200000000300 R09: 0000000000000000 [ 114.998365][ T6644] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001 [ 114.998375][ T6644] R13: 0000000000000000 R14: 00007f63243b6160 R15: 00007ffd38a6ace8 [ 114.998397][ T6644] [ 115.729952][ T5886] usb 6-1: USB disconnect, device number 3 [ 115.864501][ T6652] kvm: apic: phys broadcast and lowest prio [ 116.104622][ T30] kauditd_printk_skb: 10 callbacks suppressed [ 116.104638][ T30] audit: type=1400 audit(1752330715.390:369): avc: denied { create } for pid=6649 comm="syz.0.157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 117.656375][ T6656] ceph: No mds server is up or the cluster is laggy [ 117.681530][ T5886] libceph: connect (1)[c::]:6789 error -101 [ 117.727810][ T5958] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 117.766003][ T5886] libceph: mon0 (1)[c::]:6789 connect error [ 118.410520][ T5958] usb 2-1: too many configurations: 9, using maximum allowed: 8 [ 118.537682][ T5958] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 118.546607][ T5958] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 118.594831][ T5958] usb 2-1: config 0 interface 0 has no altsetting 0 [ 118.656447][ T5958] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 118.695896][ T5958] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 118.710341][ T6677] netlink: 44 bytes leftover after parsing attributes in process `syz.5.164'. [ 118.719844][ T6677] netlink: 12 bytes leftover after parsing attributes in process `syz.5.164'. [ 118.740572][ T5958] usb 2-1: config 0 interface 0 has no altsetting 0 [ 118.749788][ T5958] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 118.764126][ T5958] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 118.778444][ T5958] usb 2-1: config 0 interface 0 has no altsetting 0 [ 118.793722][ T5958] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 118.806853][ T30] audit: type=1400 audit(1752330718.100:370): avc: denied { listen } for pid=6678 comm="syz.2.165" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 118.839661][ T5958] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 118.850852][ T5958] usb 2-1: config 0 interface 0 has no altsetting 0 [ 118.860876][ T5958] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 118.891870][ T5958] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 118.920162][ T6683] netlink: 8 bytes leftover after parsing attributes in process `syz.2.167'. [ 118.930194][ T5958] usb 2-1: config 0 interface 0 has no altsetting 0 [ 118.937947][ T5958] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 118.955967][ T6683] vlan2: entered allmulticast mode [ 118.962887][ T5958] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 118.982112][ T6683] macvtap0: entered allmulticast mode [ 118.987716][ T6683] veth0_macvtap: entered allmulticast mode [ 118.993657][ T5958] usb 2-1: config 0 interface 0 has no altsetting 0 [ 119.006816][ T5958] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 119.028686][ T5958] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 119.069766][ T5958] usb 2-1: config 0 interface 0 has no altsetting 0 [ 119.124311][ T5958] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 119.146447][ T5958] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 119.158224][ T5958] usb 2-1: config 0 interface 0 has no altsetting 0 [ 119.170514][ T5958] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 119.184760][ T6685] overlayfs: failed to resolve './file0': -2 [ 119.197800][ T5958] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 119.230660][ T5958] usb 2-1: Product: syz [ 119.258867][ T5958] usb 2-1: Manufacturer: syz [ 119.293407][ T5958] usb 2-1: SerialNumber: syz [ 119.317033][ T5958] usb 2-1: config 0 descriptor?? [ 119.368948][ T5958] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0 [ 119.791677][ T6688] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 119.807894][ T6693] FAULT_INJECTION: forcing a failure. [ 119.807894][ T6693] name failslab, interval 1, probability 0, space 0, times 0 [ 119.826006][ T6693] CPU: 1 UID: 0 PID: 6693 Comm: syz.2.171 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) [ 119.826037][ T6693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 119.826047][ T6693] Call Trace: [ 119.826053][ T6693] [ 119.826060][ T6693] dump_stack_lvl+0x16c/0x1f0 [ 119.826089][ T6693] should_fail_ex+0x512/0x640 [ 119.826111][ T6693] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 119.826136][ T6693] should_failslab+0xc2/0x120 [ 119.826161][ T6693] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 119.826183][ T6693] ? skb_clone+0x190/0x3f0 [ 119.826216][ T6693] skb_clone+0x190/0x3f0 [ 119.826237][ T6693] nfnetlink_rcv_batch+0x1cf/0x2330 [ 119.826264][ T6693] ? __lock_acquire+0x622/0x1c90 [ 119.826284][ T6693] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 119.826321][ T6693] ? avc_has_perm_noaudit+0x149/0x3b0 [ 119.826341][ T6693] ? __asan_memset+0x23/0x50 [ 119.826359][ T6693] ? __nla_validate_parse+0x600/0x2880 [ 119.826381][ T6693] ? __pfx___nla_validate_parse+0x10/0x10 [ 119.826399][ T6693] ? cap_capable+0xb3/0x250 [ 119.826424][ T6693] ? __nla_parse+0x40/0x60 [ 119.826442][ T6693] nfnetlink_rcv+0x3c1/0x430 [ 119.826462][ T6693] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 119.826488][ T6693] netlink_unicast+0x58a/0x850 [ 119.826509][ T6693] ? __pfx_netlink_unicast+0x10/0x10 [ 119.826530][ T6693] netlink_sendmsg+0x8d1/0xdd0 [ 119.826551][ T6693] ? __pfx_netlink_sendmsg+0x10/0x10 [ 119.826577][ T6693] ____sys_sendmsg+0xa95/0xc70 [ 119.826595][ T6693] ? copy_msghdr_from_user+0x10a/0x160 [ 119.826618][ T6693] ? __pfx_____sys_sendmsg+0x10/0x10 [ 119.826646][ T6693] ___sys_sendmsg+0x134/0x1d0 [ 119.826668][ T6693] ? __pfx____sys_sendmsg+0x10/0x10 [ 119.826688][ T6693] ? __lock_acquire+0x622/0x1c90 [ 119.826734][ T6693] __sys_sendmsg+0x16d/0x220 [ 119.826757][ T6693] ? __pfx___sys_sendmsg+0x10/0x10 [ 119.826795][ T6693] do_syscall_64+0xcd/0x4c0 [ 119.826821][ T6693] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.826838][ T6693] RIP: 0033:0x7f632418e929 [ 119.826852][ T6693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 119.826867][ T6693] RSP: 002b:00007f6324f30038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 119.826884][ T6693] RAX: ffffffffffffffda RBX: 00007f63243b5fa0 RCX: 00007f632418e929 [ 119.826894][ T6693] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 119.826904][ T6693] RBP: 00007f6324f30090 R08: 0000000000000000 R09: 0000000000000000 [ 119.826913][ T6693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 119.826923][ T6693] R13: 0000000000000000 R14: 00007f63243b5fa0 R15: 00007ffd38a6ace8 [ 119.826943][ T6693] [ 120.131539][ T10] usb 2-1: USB disconnect, device number 4 [ 120.139857][ T10] yurex 2-1:0.0: USB YUREX #0 now disconnected [ 120.487835][ T5986] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 120.561908][ T30] audit: type=1400 audit(1752330719.840:371): avc: denied { read } for pid=6695 comm="syz.4.172" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 120.653442][ T30] audit: type=1400 audit(1752330719.840:372): avc: denied { create } for pid=6695 comm="syz.4.172" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 120.709386][ T5986] usb 3-1: too many configurations: 9, using maximum allowed: 8 [ 120.744893][ T5986] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 120.784241][ T30] audit: type=1400 audit(1752330720.030:373): avc: denied { mount } for pid=6709 comm="syz.0.175" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 120.806266][ C0] vkms_vblank_simulate: vblank timer overrun [ 120.895627][ T5986] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 120.915934][ T5986] usb 3-1: config 0 interface 0 has no altsetting 0 [ 120.922851][ T5886] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 120.990343][ T5986] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 121.003999][ T6715] netlink: 20 bytes leftover after parsing attributes in process `syz.1.178'. [ 121.097686][ T5986] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 121.112909][ T5986] usb 3-1: config 0 interface 0 has no altsetting 0 [ 121.133693][ T6697] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 121.143253][ T6697] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 121.169395][ T5986] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 121.193530][ T5986] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 121.255139][ T5986] usb 3-1: config 0 interface 0 has no altsetting 0 [ 121.305929][ T30] audit: type=1400 audit(1752330720.590:374): avc: denied { load_policy } for pid=6720 comm="syz.1.179" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 121.410059][ T6725] netlink: 24 bytes leftover after parsing attributes in process `syz.1.179'. [ 122.301199][ T5986] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 122.336559][ T5986] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 122.361716][ T5986] usb 3-1: config 0 interface 0 has no altsetting 0 [ 122.378828][ T5986] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 122.540039][ T5986] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 122.561245][ T5986] usb 3-1: config 0 interface 0 has no altsetting 0 [ 122.571563][ T5986] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 122.604135][ T5986] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 122.625965][ T5986] usb 3-1: config 0 interface 0 has no altsetting 0 [ 122.652027][ T5986] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 122.661077][ T5986] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 122.675435][ T5986] usb 3-1: config 0 interface 0 has no altsetting 0 [ 122.683080][ T5986] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 122.702709][ T5986] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 122.716740][ T5986] usb 3-1: config 0 interface 0 has no altsetting 0 [ 122.729439][ T5986] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 122.740464][ T5986] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 122.749018][ T5986] usb 3-1: Product: syz [ 122.753276][ T5986] usb 3-1: Manufacturer: syz [ 122.757933][ T5986] usb 3-1: SerialNumber: syz [ 122.764718][ T5986] usb 3-1: config 0 descriptor?? [ 122.774138][ T5986] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0 [ 122.787665][ T10] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 122.874825][ T6731] overlayfs: failed to resolve './file0': -2 [ 122.952144][ T10] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 122.985299][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 123.010309][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 107, setting to 64 [ 123.027064][ T10] usb 2-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 123.056760][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 123.116772][ T5986] usb 3-1: USB disconnect, device number 4 [ 123.119810][ T10] usb 2-1: Product: syz [ 123.131772][ T5986] yurex 3-1:0.0: USB YUREX #0 now disconnected [ 123.139214][ T10] usb 2-1: Manufacturer: syz [ 123.143845][ T10] usb 2-1: SerialNumber: syz [ 123.190130][ T10] usb 2-1: config 0 descriptor?? [ 123.212737][ T6729] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 123.231104][ T10] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input13 [ 123.253224][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.261308][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.268651][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.275972][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.283388][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.291382][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.298769][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.306030][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.314000][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.321496][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.328757][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.336013][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.343262][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.350540][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.357836][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.365139][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.372450][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.380670][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.388290][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.395615][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.402985][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.410307][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.419388][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.426691][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.433963][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.441265][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.448536][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.455801][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.463055][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.470318][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.477563][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.484877][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.492194][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.499488][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.506767][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.514042][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.527867][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.535352][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.542678][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.549949][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.557204][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.564474][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.571750][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.579022][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.586294][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.593550][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.600830][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.608096][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.615357][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.627865][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.635370][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.642647][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.649938][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.657195][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.664489][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.671775][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.679036][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.686291][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.693550][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.700835][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.708088][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.715377][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.727865][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.735403][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.742675][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.749962][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.757231][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.764514][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.771818][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.779107][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.786377][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.793673][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.800935][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.808207][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.815488][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.822782][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.837927][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.845476][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.852783][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.860057][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.867343][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.874616][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.882003][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.889273][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.896525][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.903779][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.911050][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.918298][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.925850][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.937975][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.945252][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.952520][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.959767][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.967027][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.974298][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.981559][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.988808][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 123.996050][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.003300][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.010553][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.018114][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.025493][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.037855][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.045295][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.052547][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.059812][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.067067][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.074333][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.081612][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.088881][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.096141][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.103429][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.110665][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.117910][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.125157][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.137856][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.145301][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.152551][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.159816][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.167074][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.174319][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.181597][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.188864][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.196111][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.203373][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.210617][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.217869][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.225111][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.232363][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.247863][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.255334][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.262713][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.269963][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.277213][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.284475][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.291735][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.298993][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.306253][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.313505][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.320754][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.328016][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.337908][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.345238][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.352503][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.359742][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.366989][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.374238][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.381504][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.388755][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.396002][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.403266][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.410527][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.417792][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.425042][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.432308][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.447888][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.455223][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.462507][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.469758][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.477005][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.484263][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.491518][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.498767][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.506033][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.513292][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.520587][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.527879][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.535146][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.547896][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.555248][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.562497][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.569739][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.576995][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.584263][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.591546][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.598802][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.606058][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.613321][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.620589][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.627851][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.635125][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.647790][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.655153][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.662697][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.670057][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.677337][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.684638][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.691894][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.699219][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.706512][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.713779][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.721032][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.728301][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.735604][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.742877][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.758076][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.765768][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.773092][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.780455][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.787758][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.795064][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.802379][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.809684][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.816961][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.824299][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.831558][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.838825][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.846077][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.857922][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.865656][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.872965][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.880210][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.888067][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.895338][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.902604][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.909873][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.917177][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.924539][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.931841][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.939176][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.946497][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.954508][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.961926][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.969274][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.976572][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.983855][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.993138][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 124.995817][ T5188] usb 2-1: control msg error: -71 [ 125.002253][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.013648][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.021097][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.028590][ C1] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.036566][ C1] usb 2-1: pegasus_irq - usb_submit_urb failed with result -1 [ 125.246737][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.254032][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.261748][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.268971][ T5188] usb 2-1: control msg error: -71 [ 125.269014][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.281278][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.288549][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.295832][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.303921][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.311182][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.318428][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.325707][ C0] usb 2-1: pegasus_irq - urb shutting down with status: -2 [ 125.347188][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.354557][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.362846][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.370702][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.378539][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.385793][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.393046][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.400296][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.407541][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.414813][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.422068][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.429319][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.436572][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.443859][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.451133][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.458379][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.466137][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.473386][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.480634][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.487875][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.495760][ C0] usb 2-1: pegasus_irq - nonzero urb status received: -71 [ 125.502859][ C0] usb 2-1: pegasus_irq - usb_submit_urb failed with result -19 [ 125.514189][ T10] usb 2-1: USB disconnect, device number 5 [ 125.514568][ T5188] usb 2-1: control msg error: -19 [ 125.538443][ T6745] vivid-000: disconnect [ 126.363192][ T6734] vivid-000: reconnect [ 126.373122][ T5986] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 126.419062][ T6759] syz.1.191 uses obsolete (PF_INET,SOCK_PACKET) [ 126.528478][ T5986] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 126.541731][ T5986] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 126.551593][ T5986] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 126.562658][ T5986] usb 6-1: config 0 interface 0 has no altsetting 0 [ 126.570616][ T5986] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 126.584611][ T6763] FAULT_INJECTION: forcing a failure. [ 126.584611][ T6763] name failslab, interval 1, probability 0, space 0, times 0 [ 126.668047][ T5986] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 126.680649][ T6763] CPU: 0 UID: 0 PID: 6763 Comm: syz.1.192 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) [ 126.680675][ T6763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 126.680686][ T6763] Call Trace: [ 126.680692][ T6763] [ 126.680698][ T6763] dump_stack_lvl+0x16c/0x1f0 [ 126.680727][ T6763] should_fail_ex+0x512/0x640 [ 126.680748][ T6763] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 126.680773][ T6763] should_failslab+0xc2/0x120 [ 126.680795][ T6763] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 126.680818][ T6763] ? __alloc_skb+0x2b2/0x380 [ 126.680844][ T6763] __alloc_skb+0x2b2/0x380 [ 126.680865][ T6763] ? __pfx___alloc_skb+0x10/0x10 [ 126.680883][ T6763] ? __pfx_tc_modify_qdisc+0x10/0x10 [ 126.680914][ T6763] netlink_ack+0x15d/0xb80 [ 126.680938][ T6763] netlink_rcv_skb+0x332/0x420 [ 126.680954][ T6763] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 126.680980][ T6763] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 126.681007][ T6763] ? netlink_deliver_tap+0x1ae/0xd30 [ 126.681038][ T6763] netlink_unicast+0x58a/0x850 [ 126.681058][ T6763] ? __pfx_netlink_unicast+0x10/0x10 [ 126.681082][ T6763] netlink_sendmsg+0x8d1/0xdd0 [ 126.681103][ T6763] ? __pfx_netlink_sendmsg+0x10/0x10 [ 126.681130][ T6763] ____sys_sendmsg+0xa95/0xc70 [ 126.681148][ T6763] ? copy_msghdr_from_user+0x10a/0x160 [ 126.681171][ T6763] ? __pfx_____sys_sendmsg+0x10/0x10 [ 126.681192][ T6763] ? __pfx__kstrtoull+0x10/0x10 [ 126.681214][ T6763] ___sys_sendmsg+0x134/0x1d0 [ 126.681239][ T6763] ? __pfx____sys_sendmsg+0x10/0x10 [ 126.681274][ T6763] ? find_held_lock+0x2b/0x80 [ 126.681312][ T6763] __sys_sendmmsg+0x200/0x420 [ 126.681339][ T6763] ? __pfx___sys_sendmmsg+0x10/0x10 [ 126.681372][ T6763] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 126.681409][ T6763] ? fput+0x70/0xf0 [ 126.681424][ T6763] ? ksys_write+0x1ac/0x250 [ 126.681444][ T6763] ? __pfx_ksys_write+0x10/0x10 [ 126.681477][ T6763] __x64_sys_sendmmsg+0x9c/0x100 [ 126.681500][ T6763] ? lockdep_hardirqs_on+0x7c/0x110 [ 126.681523][ T6763] do_syscall_64+0xcd/0x4c0 [ 126.681549][ T6763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.681566][ T6763] RIP: 0033:0x7f34a798e929 [ 126.681581][ T6763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.681597][ T6763] RSP: 002b:00007f34a8718038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 126.681613][ T6763] RAX: ffffffffffffffda RBX: 00007f34a7bb5fa0 RCX: 00007f34a798e929 [ 126.681624][ T6763] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004 [ 126.681635][ T6763] RBP: 00007f34a8718090 R08: 0000000000000000 R09: 0000000000000000 [ 126.681645][ T6763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 126.681654][ T6763] R13: 0000000000000000 R14: 00007f34a7bb5fa0 R15: 00007ffebc79bf38 [ 126.681677][ T6763] [ 126.697644][ T5986] usb 6-1: config 0 interface 0 has no altsetting 0 [ 126.967725][ T5958] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 127.115509][ T5986] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 127.125916][ T5986] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 127.137806][ T5986] usb 6-1: config 0 interface 0 has no altsetting 0 [ 127.146045][ T5986] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 127.157059][ T5986] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 127.169663][ T5986] usb 6-1: config 0 interface 0 has no altsetting 0 [ 127.177707][ T5986] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 127.186856][ T5986] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 127.198533][ T5986] usb 6-1: config 0 interface 0 has no altsetting 0 [ 127.209830][ T5986] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 127.221931][ T5986] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 127.227694][ T5958] usb 1-1: Using ep0 maxpacket: 8 [ 127.233070][ T5986] usb 6-1: config 0 interface 0 has no altsetting 0 [ 127.262030][ T5986] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 127.262518][ T5958] usb 1-1: config 2 has an invalid interface number: 206 but max is 0 [ 127.273379][ T5986] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 127.291506][ T5986] usb 6-1: config 0 interface 0 has no altsetting 0 [ 127.306287][ T5986] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 127.318393][ T5986] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 127.330257][ T5958] usb 1-1: config 2 has no interface number 0 [ 127.331784][ T5986] usb 6-1: config 0 interface 0 has no altsetting 0 [ 127.343665][ T5958] usb 1-1: config 2 interface 206 has no altsetting 0 [ 127.345509][ T5986] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 127.378042][ T5986] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 127.386509][ T5986] usb 6-1: Product: syz [ 127.390967][ T5986] usb 6-1: Manufacturer: syz [ 127.398564][ T5986] usb 6-1: SerialNumber: syz [ 127.415539][ T5958] usb 1-1: New USB device found, idVendor=0ccd, idProduct=10b2, bcdDevice=b1.2a [ 127.424291][ T5986] usb 6-1: config 0 descriptor?? [ 127.433662][ T5958] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.438316][ T5986] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0 [ 128.197332][ T5986] usb 1-1: USB disconnect, device number 9 [ 128.246674][ T43] usb 6-1: USB disconnect, device number 4 [ 128.254441][ T43] yurex 6-1:0.0: USB YUREX #0 now disconnected [ 128.390837][ T30] audit: type=1400 audit(1752330727.680:375): avc: denied { create } for pid=6791 comm="syz.4.199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 129.043456][ T6799] netlink: 16 bytes leftover after parsing attributes in process `syz.0.202'. [ 129.175354][ T30] audit: type=1400 audit(1752330728.460:376): avc: denied { append } for pid=6803 comm="syz.1.204" name="system" dev="devtmpfs" ino=700 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 129.202649][ T30] audit: type=1400 audit(1752330728.490:377): avc: denied { create } for pid=6803 comm="syz.1.204" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 129.277724][ T5958] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 129.304500][ T30] audit: type=1400 audit(1752330728.580:378): avc: denied { write } for pid=6803 comm="syz.1.204" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 129.347760][ T43] usb 6-1: new full-speed USB device number 5 using dummy_hcd [ 129.459467][ T30] audit: type=1400 audit(1752330728.750:379): avc: denied { read } for pid=6803 comm="syz.1.204" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 129.503458][ T5958] usb 3-1: unable to get BOS descriptor or descriptor too short [ 129.514201][ T5958] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 129.530478][ T43] usb 6-1: config 4 has an invalid interface number: 44 but max is 0 [ 129.549802][ T43] usb 6-1: config 4 has no interface number 0 [ 129.555960][ T5958] usb 3-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 129.581947][ T43] usb 6-1: config 4 interface 44 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 129.599702][ T5958] usb 3-1: config 1 interface 0 has no altsetting 1 [ 129.619873][ T43] usb 6-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20 [ 129.643746][ T5958] usb 3-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75 [ 129.646974][ T43] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 129.668947][ T5958] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 129.706078][ T43] usb 6-1: Product: syz [ 129.743957][ T43] usb 6-1: Manufacturer: syz [ 129.790597][ T43] usb 6-1: SerialNumber: syz [ 130.188690][ T5958] usb 3-1: Product: syz [ 130.391244][ T5958] usb 3-1: Manufacturer: syz [ 130.408033][ T5958] usb 3-1: SerialNumber: syz [ 130.415399][ T30] audit: type=1400 audit(1752330729.700:380): avc: denied { bind } for pid=6796 comm="syz.5.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 130.453745][ T5958] smsusb:smsusb_probe: board id=8, interface number 0 [ 130.465793][ T30] audit: type=1400 audit(1752330729.700:381): avc: denied { listen } for pid=6796 comm="syz.5.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 130.515525][ T30] audit: type=1400 audit(1752330729.700:382): avc: denied { connect } for pid=6796 comm="syz.5.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 130.535505][ T30] audit: type=1400 audit(1752330729.730:383): avc: denied { accept } for pid=6796 comm="syz.5.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 130.777889][ T5958] smsusb:smsusb_probe: Device initialized with return code -19 [ 131.089579][ T6820] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 131.359608][ T5958] usb 3-1: USB disconnect, device number 5 [ 132.341950][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.354078][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.435822][ T43] dvb-usb: found a 'Gigabyte U7000' in cold state, will try to load a firmware [ 132.497787][ T6837] FAULT_INJECTION: forcing a failure. [ 132.497787][ T6837] name failslab, interval 1, probability 0, space 0, times 0 [ 132.519944][ T43] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [ 132.557745][ T43] dib0700: firmware download failed at 7 with -22 [ 132.597840][ T6837] CPU: 0 UID: 0 PID: 6837 Comm: syz.2.211 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) [ 132.597869][ T6837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 132.597879][ T6837] Call Trace: [ 132.597887][ T6837] [ 132.597894][ T6837] dump_stack_lvl+0x16c/0x1f0 [ 132.597924][ T6837] should_fail_ex+0x512/0x640 [ 132.597946][ T6837] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 132.597972][ T6837] should_failslab+0xc2/0x120 [ 132.597997][ T6837] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 132.598020][ T6837] ? __alloc_skb+0x2b2/0x380 [ 132.598047][ T6837] __alloc_skb+0x2b2/0x380 [ 132.598068][ T6837] ? __pfx___alloc_skb+0x10/0x10 [ 132.598087][ T6837] ? __pfx___mutex_trylock_common+0x10/0x10 [ 132.598109][ T6837] ? rcu_is_watching+0x12/0xc0 [ 132.598141][ T6837] netlink_dump+0x192/0xd00 [ 132.598167][ T6837] ? __rhashtable_lookup.constprop.0+0x3a5/0x760 [ 132.598196][ T6837] ? __pfx_netlink_dump+0x10/0x10 [ 132.598239][ T6837] __netlink_dump_start+0x6d6/0x990 [ 132.598268][ T6837] ? __pfx_rtm_dump_nexthop+0x10/0x10 [ 132.598293][ T6837] rtnetlink_rcv_msg+0xb3e/0xe90 [ 132.598318][ T6837] ? __pfx_rtm_dump_nexthop+0x10/0x10 [ 132.598345][ T6837] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 132.598369][ T6837] ? __pfx_rtnl_dumpit+0x10/0x10 [ 132.598386][ T6837] ? __pfx_rtm_dump_nexthop+0x10/0x10 [ 132.598414][ T6837] ? ref_tracker_free+0x37c/0x830 [ 132.598441][ T6837] netlink_rcv_skb+0x158/0x420 [ 132.598457][ T6837] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 132.598484][ T6837] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 132.598510][ T6837] ? netlink_deliver_tap+0x1ae/0xd30 [ 132.598541][ T6837] netlink_unicast+0x58a/0x850 [ 132.598561][ T6837] ? __pfx_netlink_unicast+0x10/0x10 [ 132.598585][ T6837] netlink_sendmsg+0x8d1/0xdd0 [ 132.598606][ T6837] ? __pfx_netlink_sendmsg+0x10/0x10 [ 132.598633][ T6837] ____sys_sendmsg+0xa95/0xc70 [ 132.598651][ T6837] ? copy_msghdr_from_user+0x10a/0x160 [ 132.598674][ T6837] ? __pfx_____sys_sendmsg+0x10/0x10 [ 132.598698][ T6837] ? rcu_is_watching+0x12/0xc0 [ 132.598721][ T6837] ___sys_sendmsg+0x134/0x1d0 [ 132.598745][ T6837] ? __pfx____sys_sendmsg+0x10/0x10 [ 132.598766][ T6837] ? __lock_acquire+0x622/0x1c90 [ 132.598813][ T6837] __sys_sendmsg+0x16d/0x220 [ 132.598837][ T6837] ? __pfx___sys_sendmsg+0x10/0x10 [ 132.598858][ T6837] ? ksys_write+0x17e/0x250 [ 132.598896][ T6837] do_syscall_64+0xcd/0x4c0 [ 132.598921][ T6837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.598939][ T6837] RIP: 0033:0x7f632418e929 [ 132.598952][ T6837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 132.598967][ T6837] RSP: 002b:00007f6324f30038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 132.598984][ T6837] RAX: ffffffffffffffda RBX: 00007f63243b5fa0 RCX: 00007f632418e929 [ 132.598995][ T6837] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003 [ 132.599005][ T6837] RBP: 00007f6324f30090 R08: 0000000000000000 R09: 0000000000000000 [ 132.599015][ T6837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 132.599024][ T6837] R13: 0000000000000000 R14: 00007f63243b5fa0 R15: 00007ffd38a6ace8 [ 132.599048][ T6837] [ 132.621948][ T43] usb 6-1: USB disconnect, device number 5 [ 133.165665][ T30] audit: type=1400 audit(1752330732.450:384): avc: denied { create } for pid=6840 comm="syz.4.213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 133.608302][ T43] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 133.616026][ T30] audit: type=1400 audit(1752330732.450:385): avc: denied { bind } for pid=6840 comm="syz.4.213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 133.700516][ T30] audit: type=1400 audit(1752330732.930:386): avc: denied { write } for pid=6840 comm="syz.4.213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 133.793703][ T30] audit: type=1400 audit(1752330733.080:387): avc: denied { bind } for pid=6849 comm="syz.1.216" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 133.832815][ T43] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 133.869304][ T43] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 133.894492][ T43] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 133.919732][ T6860] FAULT_INJECTION: forcing a failure. [ 133.919732][ T6860] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 133.920508][ T43] usb 6-1: config 0 interface 0 has no altsetting 0 [ 133.936488][ T6860] CPU: 0 UID: 0 PID: 6860 Comm: syz.1.218 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) [ 133.936513][ T6860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 133.936522][ T6860] Call Trace: [ 133.936527][ T6860] [ 133.936532][ T6860] dump_stack_lvl+0x16c/0x1f0 [ 133.936559][ T6860] should_fail_ex+0x512/0x640 [ 133.936582][ T6860] _copy_from_user+0x2e/0xd0 [ 133.936604][ T6860] kstrtouint_from_user+0xd6/0x1d0 [ 133.936620][ T6860] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 133.936635][ T6860] ? __lock_acquire+0xb8a/0x1c90 [ 133.936661][ T6860] proc_fail_nth_write+0x83/0x250 [ 133.936680][ T6860] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 133.936705][ T6860] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 133.936722][ T6860] vfs_write+0x29d/0x1150 [ 133.936744][ T6860] ? __pfx___mutex_lock+0x10/0x10 [ 133.936765][ T6860] ? __pfx_vfs_write+0x10/0x10 [ 133.936790][ T6860] ? __fget_files+0x20e/0x3c0 [ 133.936816][ T6860] ksys_write+0x12a/0x250 [ 133.936834][ T6860] ? __pfx_ksys_write+0x10/0x10 [ 133.936853][ T6860] ? fput+0x70/0xf0 [ 133.936870][ T6860] do_syscall_64+0xcd/0x4c0 [ 133.936893][ T6860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.936907][ T6860] RIP: 0033:0x7f34a798d3df [ 133.936919][ T6860] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 133.936933][ T6860] RSP: 002b:00007f34a8718030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 133.936948][ T6860] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f34a798d3df [ 133.936957][ T6860] RDX: 0000000000000001 RSI: 00007f34a87180a0 RDI: 0000000000000004 [ 133.936966][ T6860] RBP: 00007f34a8718090 R08: 0000000000000000 R09: 0000000000000000 [ 133.936975][ T6860] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 133.936983][ T6860] R13: 0000000000000000 R14: 00007f34a7bb5fa0 R15: 00007ffebc79bf38 [ 133.937005][ T6860] [ 133.956455][ T6858] bridge2: entered promiscuous mode [ 133.964238][ T43] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 134.153695][ T5914] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 134.161419][ T43] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 134.173674][ T43] usb 6-1: config 0 interface 0 has no altsetting 0 [ 134.181499][ T43] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 134.190461][ T43] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 134.202791][ T43] usb 6-1: config 0 interface 0 has no altsetting 0 [ 134.211235][ T43] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 134.221133][ T43] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 134.232537][ T43] usb 6-1: config 0 interface 0 has no altsetting 0 [ 134.240264][ T43] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 134.249360][ T43] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 134.261253][ T43] usb 6-1: config 0 interface 0 has no altsetting 0 [ 134.269916][ T43] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 134.278904][ T43] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 134.289953][ T5914] usb 3-1: device descriptor read/64, error -71 [ 134.296290][ T43] usb 6-1: config 0 interface 0 has no altsetting 0 [ 134.306073][ T43] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 134.315119][ T43] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 134.327470][ T43] usb 6-1: config 0 interface 0 has no altsetting 0 [ 134.335847][ T43] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 134.345014][ T43] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 134.355977][ T43] usb 6-1: config 0 interface 0 has no altsetting 0 [ 134.365078][ T43] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 134.374992][ T43] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 134.383775][ T43] usb 6-1: Product: syz [ 134.388097][ T43] usb 6-1: Manufacturer: syz [ 134.392834][ T43] usb 6-1: SerialNumber: syz [ 134.413133][ T43] usb 6-1: config 0 descriptor?? [ 134.423889][ T43] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0 [ 134.547737][ T5914] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 134.687685][ T5914] usb 3-1: device descriptor read/64, error -71 [ 134.703418][ T43] usb 6-1: USB disconnect, device number 6 [ 134.710909][ T43] yurex 6-1:0.0: USB YUREX #0 now disconnected [ 134.797914][ T5914] usb usb3-port1: attempt power cycle [ 135.297148][ T6883] netlink: 24 bytes leftover after parsing attributes in process `syz.0.225'. [ 135.643131][ T5914] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 135.688119][ T5914] usb 3-1: device descriptor read/8, error -71 [ 135.975160][ T6874] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 136.021982][ T5914] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 136.059279][ T30] audit: type=1400 audit(1752330735.330:388): avc: denied { getopt } for pid=6888 comm="syz.0.227" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 136.116993][ T5914] usb 3-1: device descriptor read/8, error -71 [ 136.250990][ T5914] usb usb3-port1: unable to enumerate USB device [ 137.671485][ T5153] Bluetooth: hci0: link tx timeout [ 137.677756][ T5153] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 137.834044][ T6910] FAULT_INJECTION: forcing a failure. [ 137.834044][ T6910] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 137.847484][ T6910] CPU: 0 UID: 0 PID: 6910 Comm: syz.1.233 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) [ 137.847508][ T6910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 137.847518][ T6910] Call Trace: [ 137.847523][ T6910] [ 137.847529][ T6910] dump_stack_lvl+0x16c/0x1f0 [ 137.847557][ T6910] should_fail_ex+0x512/0x640 [ 137.847586][ T6910] should_fail_alloc_page+0xe7/0x130 [ 137.847613][ T6910] prepare_alloc_pages+0x3c2/0x610 [ 137.847635][ T6910] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 137.847664][ T6910] ? __pfx___schedule+0x10/0x10 [ 137.847685][ T6910] ? lockdep_hardirqs_on+0x7c/0x110 [ 137.847710][ T6910] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 137.847735][ T6910] ? trace_irq_enable.constprop.0+0x2f/0x120 [ 137.847761][ T6910] ? lockdep_hardirqs_on+0x7c/0x110 [ 137.847790][ T6910] ? trace_mm_page_alloc+0x35/0x1a0 [ 137.847809][ T6910] alloc_pages_bulk_noprof+0x71c/0x1410 [ 137.847827][ T6910] ? policy_nodemask+0x3b0/0x4e0 [ 137.847850][ T6910] ? policy_nodemask+0xea/0x4e0 [ 137.847873][ T6910] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 137.847896][ T6910] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 137.847930][ T6910] kasan_populate_vmalloc+0xf1/0x1f0 [ 137.847955][ T6910] alloc_vmap_area+0x959/0x29c0 [ 137.847993][ T6910] ? __pfx_alloc_vmap_area+0x10/0x10 [ 137.848025][ T6910] __get_vm_area_node+0x1ca/0x330 [ 137.848048][ T6910] __vmalloc_node_range_noprof+0x271/0x14b0 [ 137.848078][ T6910] ? kernel_clone+0xfc/0x960 [ 137.848108][ T6910] ? kernel_clone+0xfc/0x960 [ 137.848131][ T6910] ? rcu_is_watching+0x12/0xc0 [ 137.848154][ T6910] ? lockdep_hardirqs_on+0x7c/0x110 [ 137.848177][ T6910] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 137.848205][ T6910] ? kernel_clone+0xfc/0x960 [ 137.848226][ T6910] __vmalloc_node_noprof+0xad/0xf0 [ 137.848243][ T6910] ? kernel_clone+0xfc/0x960 [ 137.848268][ T6910] copy_process+0x2c70/0x7650 [ 137.848289][ T6910] ? rcu_is_watching+0x12/0xc0 [ 137.848318][ T6910] ? __pfx_copy_process+0x10/0x10 [ 137.848347][ T6910] ? _copy_from_user+0x59/0xd0 [ 137.848373][ T6910] kernel_clone+0xfc/0x960 [ 137.848394][ T6910] ? kvm_sched_clock_read+0x11/0x20 [ 137.848413][ T6910] ? sched_clock+0x38/0x60 [ 137.848436][ T6910] ? __pfx_kernel_clone+0x10/0x10 [ 137.848463][ T6910] ? __resched_curr+0xfe/0x3a0 [ 137.848482][ T6910] ? find_held_lock+0x2b/0x80 [ 137.848501][ T6910] ? __schedule+0x3fff/0x5de0 [ 137.848524][ T6910] __do_sys_clone3+0x212/0x290 [ 137.848545][ T6910] ? __pfx___do_sys_clone3+0x10/0x10 [ 137.848564][ T6910] ? __schedule+0x1181/0x5de0 [ 137.848590][ T6910] ? __pfx___schedule+0x10/0x10 [ 137.848618][ T6910] do_syscall_64+0xcd/0x4c0 [ 137.848637][ T6910] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.848651][ T6910] RIP: 0033:0x7f34a798e929 [ 137.848662][ T6910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.848675][ T6910] RSP: 002b:00007f34a57f5f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 137.848689][ T6910] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f34a798e929 [ 137.848697][ T6910] RDX: 00007f34a57f5f20 RSI: 0000000000000058 RDI: 00007f34a57f5f20 [ 137.848705][ T6910] RBP: 00007f34a57f6090 R08: 0000000000000000 R09: 0000000000000058 [ 137.848712][ T6910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 137.848720][ T6910] R13: 0000000000000000 R14: 00007f34a7bb6080 R15: 00007ffebc79bf38 [ 137.848738][ T6910] [ 138.192010][ T6910] syz.1.233: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 138.208122][ T6910] CPU: 0 UID: 0 PID: 6910 Comm: syz.1.233 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) [ 138.208145][ T6910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 138.208154][ T6910] Call Trace: [ 138.208159][ T6910] [ 138.208165][ T6910] dump_stack_lvl+0x16c/0x1f0 [ 138.208192][ T6910] warn_alloc+0x248/0x3a0 [ 138.208215][ T6910] ? __pfx_warn_alloc+0x10/0x10 [ 138.208235][ T6910] ? kfree+0x2b4/0x4d0 [ 138.208261][ T6910] ? __get_vm_area_node+0x208/0x330 [ 138.208282][ T6910] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 138.208308][ T6910] ? kernel_clone+0xfc/0x960 [ 138.208329][ T6910] ? rcu_is_watching+0x12/0xc0 [ 138.208350][ T6910] ? lockdep_hardirqs_on+0x7c/0x110 [ 138.208371][ T6910] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 138.208395][ T6910] ? kernel_clone+0xfc/0x960 [ 138.208413][ T6910] __vmalloc_node_noprof+0xad/0xf0 [ 138.208430][ T6910] ? kernel_clone+0xfc/0x960 [ 138.208451][ T6910] copy_process+0x2c70/0x7650 [ 138.208472][ T6910] ? rcu_is_watching+0x12/0xc0 [ 138.208503][ T6910] ? __pfx_copy_process+0x10/0x10 [ 138.208537][ T6910] ? _copy_from_user+0x59/0xd0 [ 138.208563][ T6910] kernel_clone+0xfc/0x960 [ 138.208584][ T6910] ? kvm_sched_clock_read+0x11/0x20 [ 138.208604][ T6910] ? sched_clock+0x38/0x60 [ 138.208626][ T6910] ? __pfx_kernel_clone+0x10/0x10 [ 138.208651][ T6910] ? __resched_curr+0xfe/0x3a0 [ 138.208671][ T6910] ? find_held_lock+0x2b/0x80 [ 138.208691][ T6910] ? __schedule+0x3fff/0x5de0 [ 138.208715][ T6910] __do_sys_clone3+0x212/0x290 [ 138.208738][ T6910] ? __pfx___do_sys_clone3+0x10/0x10 [ 138.208759][ T6910] ? __schedule+0x1181/0x5de0 [ 138.208792][ T6910] ? __pfx___schedule+0x10/0x10 [ 138.208828][ T6910] do_syscall_64+0xcd/0x4c0 [ 138.208854][ T6910] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.208872][ T6910] RIP: 0033:0x7f34a798e929 [ 138.208885][ T6910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.208902][ T6910] RSP: 002b:00007f34a57f5f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 138.208919][ T6910] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f34a798e929 [ 138.208931][ T6910] RDX: 00007f34a57f5f20 RSI: 0000000000000058 RDI: 00007f34a57f5f20 [ 138.208941][ T6910] RBP: 00007f34a57f6090 R08: 0000000000000000 R09: 0000000000000058 [ 138.208951][ T6910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 138.208961][ T6910] R13: 0000000000000000 R14: 00007f34a7bb6080 R15: 00007ffebc79bf38 [ 138.208984][ T6910] [ 138.209015][ T6910] Mem-Info: [ 138.480901][ T6910] active_anon:6256 inactive_anon:0 isolated_anon:0 [ 138.480901][ T6910] active_file:14009 inactive_file:40576 isolated_file:0 [ 138.480901][ T6910] unevictable:768 dirty:370 writeback:0 [ 138.480901][ T6910] slab_reclaimable:11513 slab_unreclaimable:99583 [ 138.480901][ T6910] mapped:29351 shmem:3851 pagetables:979 [ 138.480901][ T6910] sec_pagetables:0 bounce:0 [ 138.480901][ T6910] kernel_misc_reclaimable:0 [ 138.480901][ T6910] free:1296473 free_pcp:20083 free_cma:0 [ 138.526513][ T6910] Node 0 active_anon:25024kB inactive_anon:0kB active_file:56036kB inactive_file:162104kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:117404kB dirty:1476kB writeback:0kB shmem:13868kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12792kB pagetables:3768kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 138.560143][ T6910] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 138.596190][ T6910] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 138.625245][ T6910] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 138.631202][ T6910] Node 0 DMA32 free:1268400kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:24964kB inactive_anon:0kB active_file:56036kB inactive_file:160792kB unevictable:1536kB writepending:1476kB present:3129332kB managed:2540076kB mlocked:0kB bounce:0kB free_pcp:64056kB local_pcp:44100kB free_cma:0kB [ 138.664054][ T6910] lowmem_reserve[]: 0 0 1 1 1 [ 138.669041][ T6910] Node 0 Normal free:0kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:60kB inactive_anon:0kB active_file:0kB inactive_file:1312kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 138.701374][ T6910] lowmem_reserve[]: 0 0 0 0 0 [ 138.706256][ T6910] Node 1 Normal free:3902132kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:16256kB local_pcp:5664kB free_cma:0kB [ 138.738556][ T6910] lowmem_reserve[]: 0 0 0 0 0 [ 138.743444][ T6910] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 138.756613][ T6910] Node 0 DMA32: 1420*4kB (UM) 688*8kB (UME) 116*16kB (UME) 42*32kB (UME) 128*64kB (UM) 57*128kB (UME) 14*256kB (UME) 24*512kB (UM) 8*1024kB (UM) 11*2048kB (UM) 291*4096kB (M) = 1268400kB [ 138.781221][ T6910] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 138.793224][ T6910] Node 1 Normal: 175*4kB (UME) 47*8kB (UME) 38*16kB (UME) 81*32kB (UME) 34*64kB (UME) 7*128kB (UME) 2*256kB (M) 4*512kB (UME) 3*1024kB (UME) 1*2048kB (E) 949*4096kB (M) = 3902132kB [ 138.812050][ T6910] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 138.821882][ T6910] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 138.831282][ T6910] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 138.840947][ T6910] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 138.850438][ T6910] 58433 total pagecache pages [ 138.855153][ T6910] 0 pages in swap cache [ 138.859373][ T6910] Free swap = 124996kB [ 138.863554][ T6910] Total swap = 124996kB [ 138.867913][ T6910] 2097051 pages RAM [ 138.871751][ T6910] 0 pages HighMem/MovableOnly [ 138.879211][ T6910] 430054 pages reserved [ 138.883404][ T6910] 0 pages cma reserved [ 139.579055][ T6929] FAULT_INJECTION: forcing a failure. [ 139.579055][ T6929] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 139.598308][ T6929] CPU: 0 UID: 0 PID: 6929 Comm: syz.5.238 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) [ 139.598336][ T6929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 139.598347][ T6929] Call Trace: [ 139.598353][ T6929] [ 139.598364][ T6929] dump_stack_lvl+0x16c/0x1f0 [ 139.598392][ T6929] should_fail_ex+0x512/0x640 [ 139.598416][ T6929] _copy_to_user+0x32/0xd0 [ 139.598440][ T6929] ioctl_standard_iw_point+0xa15/0xca0 [ 139.598465][ T6929] ? __pfx_cfg80211_wext_giwessid+0x10/0x10 [ 139.598486][ T6929] ? __pfx_ioctl_standard_iw_point+0x10/0x10 [ 139.598508][ T6929] ? wext_handle_ioctl+0x14d/0x2a0 [ 139.598530][ T6929] ? __pfx___mutex_lock+0x10/0x10 [ 139.598558][ T6929] ? __pfx_cfg80211_wext_giwessid+0x10/0x10 [ 139.598576][ T6929] ioctl_standard_call+0x166/0x1d0 [ 139.598601][ T6929] ? __pfx_ioctl_standard_call+0x10/0x10 [ 139.598623][ T6929] ? __pfx_cfg80211_wext_giwessid+0x10/0x10 [ 139.598640][ T6929] wireless_process_ioctl.constprop.0+0x28e/0x3d0 [ 139.598669][ T6929] wext_handle_ioctl+0x168/0x2a0 [ 139.598694][ T6929] ? __pfx_wext_handle_ioctl+0x10/0x10 [ 139.598721][ T6929] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 139.598745][ T6929] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 139.598772][ T6929] sock_ioctl+0x3a1/0x6b0 [ 139.598791][ T6929] ? __pfx_sock_ioctl+0x10/0x10 [ 139.598806][ T6929] ? hook_file_ioctl_common+0x145/0x410 [ 139.598830][ T6929] ? selinux_file_ioctl+0x180/0x270 [ 139.598851][ T6929] ? selinux_file_ioctl+0xb4/0x270 [ 139.598873][ T6929] ? __pfx_sock_ioctl+0x10/0x10 [ 139.598892][ T6929] __x64_sys_ioctl+0x18b/0x210 [ 139.598912][ T6929] do_syscall_64+0xcd/0x4c0 [ 139.598935][ T6929] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.598952][ T6929] RIP: 0033:0x7fa290d8e929 [ 139.598965][ T6929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.598979][ T6929] RSP: 002b:00007fa291b87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 139.598992][ T6929] RAX: ffffffffffffffda RBX: 00007fa290fb5fa0 RCX: 00007fa290d8e929 [ 139.599003][ T6929] RDX: 0000200000000040 RSI: 0000000000008b1b RDI: 0000000000000004 [ 139.599014][ T6929] RBP: 00007fa291b87090 R08: 0000000000000000 R09: 0000000000000000 [ 139.599029][ T6929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 139.599039][ T6929] R13: 0000000000000000 R14: 00007fa290fb5fa0 R15: 00007ffea23ebd18 [ 139.599060][ T6929] [ 139.857122][ T5153] Bluetooth: hci0: command 0x0406 tx timeout [ 140.127683][ T5941] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 141.118158][ T5941] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 141.130740][ T5941] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 141.148249][ T5941] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 141.163718][ T5941] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 141.183298][ T5941] usb 5-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 141.192564][ T5941] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.200685][ T5941] usb 5-1: Product: syz [ 141.204965][ T5941] usb 5-1: Manufacturer: syz [ 141.210414][ T5941] usb 5-1: SerialNumber: syz [ 141.224825][ T5941] usb 5-1: config 0 descriptor?? [ 141.250975][ T5941] ums-isd200 5-1:0.0: USB Mass Storage device detected [ 141.424516][ T30] audit: type=1400 audit(1752330740.710:389): avc: denied { ioctl } for pid=6946 comm="syz.0.244" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 ioctlcmd=0x671e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 141.455867][ T6927] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 141.483845][ T30] audit: type=1800 audit(1752330740.760:390): pid=6947 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.244" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 141.488877][ T6927] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 142.035060][ T30] audit: type=1400 audit(1752330741.260:391): avc: denied { ioctl } for pid=6951 comm="syz.0.245" path="socket:[12836]" dev="sockfs" ino=12836 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 142.061200][ T6953] validate_nla: 44 callbacks suppressed [ 142.061236][ T6953] netlink: 'syz.0.245': attribute type 4 has an invalid length. [ 144.118234][ T6962] FAULT_INJECTION: forcing a failure. [ 144.118234][ T6962] name failslab, interval 1, probability 0, space 0, times 0 [ 144.131349][ T6962] CPU: 0 UID: 0 PID: 6962 Comm: syz.2.247 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) [ 144.131374][ T6962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 144.131384][ T6962] Call Trace: [ 144.131390][ T6962] [ 144.131397][ T6962] dump_stack_lvl+0x16c/0x1f0 [ 144.131426][ T6962] should_fail_ex+0x512/0x640 [ 144.131453][ T6962] should_failslab+0xc2/0x120 [ 144.131479][ T6962] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 144.131550][ T6962] ? sidtab_sid2str_get+0x17a/0x680 [ 144.131581][ T6962] kmemdup_noprof+0x29/0x60 [ 144.131605][ T6962] sidtab_sid2str_get+0x17a/0x680 [ 144.131633][ T6962] sidtab_entry_to_string+0x33/0x110 [ 144.131659][ T6962] security_sid_to_context_core+0x35c/0x640 [ 144.131686][ T6962] avc_audit_post_callback+0x109/0x8f0 [ 144.131714][ T6962] ? __pfx_audit_log_lsm_data+0x10/0x10 [ 144.131739][ T6962] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 144.131764][ T6962] ? skb_put+0x138/0x1b0 [ 144.131784][ T6962] ? audit_log_n_string+0x253/0x540 [ 144.131809][ T6962] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 144.131840][ T6962] common_lsm_audit+0x24b/0x300 [ 144.131865][ T6962] ? __pfx_common_lsm_audit+0x10/0x10 [ 144.131890][ T6962] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 144.131913][ T6962] ? avc_update_node.isra.0+0x4c0/0xb60 [ 144.131943][ T6962] slow_avc_audit+0x186/0x210 [ 144.131961][ T6962] ? __pfx_slow_avc_audit+0x10/0x10 [ 144.131981][ T6962] ? avc_denied+0x14a/0x190 [ 144.132009][ T6962] ? avc_has_perm_noaudit+0x306/0x3b0 [ 144.132035][ T6962] avc_has_perm+0x18b/0x1c0 [ 144.132054][ T6962] ? __pfx_avc_has_perm+0x10/0x10 [ 144.132072][ T6962] ? is_bpf_text_address+0x94/0x1a0 [ 144.132093][ T6962] ? kernel_text_address+0x8d/0x100 [ 144.132118][ T6962] sock_has_perm+0x252/0x2f0 [ 144.132139][ T6962] ? __pfx_sock_has_perm+0x10/0x10 [ 144.132161][ T6962] ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10 [ 144.132192][ T6962] ? __import_iovec+0x1dd/0x650 [ 144.132216][ T6962] ? __might_fault+0xe3/0x190 [ 144.132247][ T6962] ? __might_fault+0x13b/0x190 [ 144.132282][ T6962] security_socket_sendmsg+0x9b/0x240 [ 144.132304][ T6962] ____sys_sendmsg+0x865/0xc70 [ 144.132323][ T6962] ? copy_msghdr_from_user+0x10a/0x160 [ 144.132347][ T6962] ? __pfx_____sys_sendmsg+0x10/0x10 [ 144.132377][ T6962] ___sys_sendmsg+0x134/0x1d0 [ 144.132402][ T6962] ? __pfx____sys_sendmsg+0x10/0x10 [ 144.132424][ T6962] ? __lock_acquire+0x622/0x1c90 [ 144.132472][ T6962] __sys_sendmsg+0x16d/0x220 [ 144.132497][ T6962] ? __pfx___sys_sendmsg+0x10/0x10 [ 144.132538][ T6962] do_syscall_64+0xcd/0x4c0 [ 144.132562][ T6962] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.132578][ T6962] RIP: 0033:0x7f632418e929 [ 144.132591][ T6962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.132606][ T6962] RSP: 002b:00007f6324f0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 144.132621][ T6962] RAX: ffffffffffffffda RBX: 00007f63243b6080 RCX: 00007f632418e929 [ 144.132632][ T6962] RDX: 0000000000000000 RSI: 0000200000002080 RDI: 0000000000000006 [ 144.132641][ T6962] RBP: 00007f6324f0f090 R08: 0000000000000000 R09: 0000000000000000 [ 144.132650][ T6962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 144.132658][ T6962] R13: 0000000000000000 R14: 00007f63243b6080 R15: 00007ffd38a6ace8 [ 144.132679][ T6962] [ 144.133799][ T30] audit: type=1400 audit(1752330743.410:392): avc: denied { write } for pid=6960 comm="syz.2.247" ssid=148 tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 144.688796][ T5941] scsi host1: usb-storage 5-1:0.0 [ 144.707940][ T5941] usb 5-1: USB disconnect, device number 5 [ 144.811824][ T6967] FAULT_INJECTION: forcing a failure. [ 144.811824][ T6967] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 144.868695][ T6967] CPU: 0 UID: 0 PID: 6967 Comm: syz.2.250 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) [ 144.868723][ T6967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 144.868732][ T6967] Call Trace: [ 144.868738][ T6967] [ 144.868745][ T6967] dump_stack_lvl+0x16c/0x1f0 [ 144.868774][ T6967] should_fail_ex+0x512/0x640 [ 144.868801][ T6967] _copy_from_iter+0x29f/0x16f0 [ 144.868828][ T6967] ? __alloc_skb+0x200/0x380 [ 144.868851][ T6967] ? __pfx__copy_from_iter+0x10/0x10 [ 144.868877][ T6967] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 144.868912][ T6967] netlink_sendmsg+0x829/0xdd0 [ 144.868933][ T6967] ? __pfx_netlink_sendmsg+0x10/0x10 [ 144.868959][ T6967] ____sys_sendmsg+0xa95/0xc70 [ 144.868976][ T6967] ? copy_msghdr_from_user+0x10a/0x160 [ 144.868999][ T6967] ? __pfx_____sys_sendmsg+0x10/0x10 [ 144.869028][ T6967] ___sys_sendmsg+0x134/0x1d0 [ 144.869052][ T6967] ? __pfx____sys_sendmsg+0x10/0x10 [ 144.869073][ T6967] ? __lock_acquire+0x622/0x1c90 [ 144.869119][ T6967] __sys_sendmsg+0x16d/0x220 [ 144.869142][ T6967] ? __pfx___sys_sendmsg+0x10/0x10 [ 144.869181][ T6967] do_syscall_64+0xcd/0x4c0 [ 144.869207][ T6967] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.869231][ T6967] RIP: 0033:0x7f632418e929 [ 144.869245][ T6967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.869261][ T6967] RSP: 002b:00007f6324f30038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 144.869277][ T6967] RAX: ffffffffffffffda RBX: 00007f63243b5fa0 RCX: 00007f632418e929 [ 144.869288][ T6967] RDX: 0000000000000004 RSI: 00002000000037c0 RDI: 0000000000000003 [ 144.869298][ T6967] RBP: 00007f6324f30090 R08: 0000000000000000 R09: 0000000000000000 [ 144.869308][ T6967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 144.869318][ T6967] R13: 0000000000000000 R14: 00007f63243b5fa0 R15: 00007ffd38a6ace8 [ 144.869341][ T6967] [ 145.353063][ T30] audit: type=1400 audit(1752330744.640:393): avc: denied { connect } for pid=6973 comm="syz.4.248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 146.215128][ T6971] bio_check_eod: 2 callbacks suppressed [ 146.215155][ T6971] syz.1.251: attempt to access beyond end of device [ 146.215155][ T6971] nbd1: rw=2048, sector=2, nr_sectors = 1 limit=0 [ 146.235058][ T6970] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 146.267688][ T30] audit: type=1400 audit(1752330745.550:394): avc: denied { shutdown } for pid=6973 comm="syz.4.248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 146.450101][ T30] audit: type=1400 audit(1752330745.640:395): avc: denied { read } for pid=6973 comm="syz.4.248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 146.700435][ T6991] netlink: 24 bytes leftover after parsing attributes in process `syz.0.255'. [ 146.917889][ T43] usb 5-1: new low-speed USB device number 6 using dummy_hcd [ 147.479484][ T43] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 147.492957][ T43] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 147.578877][ T43] usb 5-1: config 1 has no interface number 1 [ 147.586443][ T43] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 147.600280][ T43] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 16, setting to 0 [ 147.903360][ T6996] netlink: 24 bytes leftover after parsing attributes in process `syz.0.258'. [ 148.267267][ T30] audit: type=1400 audit(1752330747.550:396): avc: denied { create } for pid=6997 comm="syz.2.259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 148.288534][ T6998] netlink: 8 bytes leftover after parsing attributes in process `syz.2.259'. [ 148.311483][ T30] audit: type=1400 audit(1752330747.580:397): avc: denied { getopt } for pid=6997 comm="syz.2.259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 148.331830][ T30] audit: type=1400 audit(1752330747.600:398): avc: denied { create } for pid=6999 comm="syz.5.257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 148.355847][ T30] audit: type=1400 audit(1752330747.600:399): avc: denied { ioctl } for pid=6999 comm="syz.5.257" path="socket:[12908]" dev="sockfs" ino=12908 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 148.673325][ T7001] netlink: 12 bytes leftover after parsing attributes in process `syz.5.257'. [ 148.683252][ T7001] netlink: 12 bytes leftover after parsing attributes in process `syz.5.257'. [ 149.513412][ T43] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 149.524221][ T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 149.536352][ T43] usb 5-1: can't set config #1, error -71 [ 149.543866][ T43] usb 5-1: USB disconnect, device number 6 [ 149.605432][ T7025] netlink: 12 bytes leftover after parsing attributes in process `syz.5.265'. [ 149.633909][ T7027] FAULT_INJECTION: forcing a failure. [ 149.633909][ T7027] name failslab, interval 1, probability 0, space 0, times 0 [ 149.647899][ T7027] CPU: 0 UID: 0 PID: 7027 Comm: syz.4.267 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) [ 149.647924][ T7027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 149.647934][ T7027] Call Trace: [ 149.647939][ T7027] [ 149.647945][ T7027] dump_stack_lvl+0x16c/0x1f0 [ 149.647972][ T7027] should_fail_ex+0x512/0x640 [ 149.647994][ T7027] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 149.648015][ T7027] should_failslab+0xc2/0x120 [ 149.648037][ T7027] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 149.648056][ T7027] ? ktime_get_coarse_real_ts64_mg+0x240/0x300 [ 149.648074][ T7027] ? __d_alloc+0x31/0xaa0 [ 149.648103][ T7027] __d_alloc+0x31/0xaa0 [ 149.648131][ T7027] d_alloc_pseudo+0x1c/0xc0 [ 149.648156][ T7027] alloc_file_pseudo+0xcf/0x230 [ 149.648176][ T7027] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 149.648200][ T7027] ioctx_alloc+0x5ab/0x2120 [ 149.648225][ T7027] ? rcu_is_watching+0x12/0xc0 [ 149.648255][ T7027] ? __pfx_ioctx_alloc+0x10/0x10 [ 149.648280][ T7027] ? __x64_sys_io_setup+0x6b/0x210 [ 149.648305][ T7027] __x64_sys_io_setup+0xc9/0x210 [ 149.648330][ T7027] do_syscall_64+0xcd/0x4c0 [ 149.648356][ T7027] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.648373][ T7027] RIP: 0033:0x7fc9f0b8e929 [ 149.648386][ T7027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 149.648402][ T7027] RSP: 002b:00007fc9f1aa9038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 149.648418][ T7027] RAX: ffffffffffffffda RBX: 00007fc9f0db6080 RCX: 00007fc9f0b8e929 [ 149.648429][ T7027] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000202 [ 149.648439][ T7027] RBP: 00007fc9f1aa9090 R08: 0000000000000000 R09: 0000000000000000 [ 149.648449][ T7027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 149.648459][ T7027] R13: 0000000000000000 R14: 00007fc9f0db6080 R15: 00007ffcda52cd98 [ 149.648483][ T7027] [ 149.654395][ T30] audit: type=1400 audit(1752330748.940:400): avc: denied { open } for pid=7023 comm="syz.4.267" path="/dev/ptyqc" dev="devtmpfs" ino=131 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 150.282963][ T30] audit: type=1400 audit(1752330749.570:401): avc: denied { create } for pid=7030 comm="syz.2.268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 150.318096][ T7031] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 150.330895][ T30] audit: type=1400 audit(1752330749.570:402): avc: denied { setopt } for pid=7030 comm="syz.2.268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 150.403401][ T30] audit: type=1400 audit(1752330749.570:403): avc: denied { write } for pid=7030 comm="syz.2.268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 150.522594][ T30] audit: type=1400 audit(1752330749.800:404): avc: denied { ioctl } for pid=7039 comm="syz.4.271" path="/dev/ptyqc" dev="devtmpfs" ino=131 ioctlcmd=0x5431 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 150.647850][ T5958] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 151.318708][ T5958] usb 3-1: Using ep0 maxpacket: 8 [ 151.490210][ T5958] usb 3-1: New USB device found, idVendor=04b4, idProduct=8613, bcdDevice=95.8f [ 151.527801][ T5958] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=1 [ 151.558364][ T5958] usb 3-1: Product: syz [ 151.562601][ T5958] usb 3-1: Manufacturer: syz [ 151.609258][ T5958] usb 3-1: SerialNumber: syz [ 151.617102][ T5958] usb 3-1: config 0 descriptor?? [ 151.627846][ T5958] usbtest 3-1:0.0: FX2 device [ 151.632566][ T5958] usbtest 3-1:0.0: high-speed {control bulk-in bulk-out} tests (+alt) [ 151.654358][ T7048] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 151.668798][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 151.668809][ T30] audit: type=1400 audit(1752330750.960:406): avc: denied { shutdown } for pid=7050 comm="syz.4.276" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 152.157286][ T5958] usb 3-1: USB disconnect, device number 10 [ 152.287012][ T7058] CUSE: DEVNAME unspecified [ 152.399321][ T7058] netlink: 48 bytes leftover after parsing attributes in process `syz.5.277'. [ 152.409273][ T7058] netlink: 48 bytes leftover after parsing attributes in process `syz.5.277'. [ 152.481833][ T7059] netlink: 'syz.5.277': attribute type 4 has an invalid length. [ 152.732920][ T30] audit: type=1400 audit(1752330751.950:407): avc: denied { write } for pid=7061 comm="syz.0.278" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 152.832214][ T30] audit: type=1400 audit(1752330752.020:408): avc: denied { getopt } for pid=7060 comm="syz.4.279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 153.026171][ T30] audit: type=1400 audit(1752330752.110:409): avc: denied { append } for pid=7060 comm="syz.4.279" name="event2" dev="devtmpfs" ino=922 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 153.049346][ C0] vkms_vblank_simulate: vblank timer overrun [ 153.167316][ T30] audit: type=1400 audit(1752330752.110:410): avc: denied { read } for pid=7060 comm="syz.4.279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 153.451217][ T30] audit: type=1400 audit(1752330752.730:411): avc: denied { create } for pid=7075 comm="syz.1.282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 153.518797][ T30] audit: type=1400 audit(1752330752.730:412): avc: denied { getopt } for pid=7075 comm="syz.1.282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 153.547981][ T7076] netlink: 12 bytes leftover after parsing attributes in process `syz.1.282'. [ 153.568566][ T7081] tmpfs: Unknown parameter 'u[d' [ 153.640970][ T7084] tmpfs: Bad value for 'mpol' [ 153.742843][ T7087] overlayfs: failed to resolve './file1': -2 [ 153.848462][ T30] audit: type=1400 audit(1752330753.130:413): avc: denied { read } for pid=7085 comm="syz.0.285" name="file0" dev="fuse" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 153.909239][ T7088] block device autoloading is deprecated and will be removed. [ 154.068215][ T30] audit: type=1400 audit(1752330753.130:414): avc: denied { open } for pid=7085 comm="syz.0.285" path="/69/bus/file0/file0" dev="fuse" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 154.398264][ T30] audit: type=1400 audit(1752330753.680:415): avc: denied { ioctl } for pid=7085 comm="syz.0.285" path="/69/bus/file0/file0" dev="fuse" ino=4 ioctlcmd=0x929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 157.634448][ T7143] ip6erspan0: entered allmulticast mode [ 158.358016][ T7153] 9pnet_fd: Insufficient options for proto=fd [ 159.152749][ T30] kauditd_printk_skb: 6 callbacks suppressed [ 159.152765][ T30] audit: type=1400 audit(1752330758.430:422): avc: denied { map } for pid=7156 comm="syz.5.307" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 160.709168][ T30] audit: type=1400 audit(1752330759.880:423): avc: denied { write } for pid=7173 comm="syz.1.310" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 160.744114][ T30] audit: type=1400 audit(1752330759.900:424): avc: denied { listen } for pid=7173 comm="syz.1.310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 161.975550][ T30] audit: type=1400 audit(1752330761.260:425): avc: denied { create } for pid=7202 comm="syz.5.320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 162.133867][ T7209] netlink: 4 bytes leftover after parsing attributes in process `syz.5.320'. [ 162.155408][ T30] audit: type=1400 audit(1752330761.260:426): avc: denied { ioctl } for pid=7202 comm="syz.5.320" path="socket:[14545]" dev="sockfs" ino=14545 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 162.280891][ T7209] bridge_slave_1: left allmulticast mode [ 162.286545][ T7209] bridge_slave_1: left promiscuous mode [ 162.394429][ T30] audit: type=1400 audit(1752330761.260:427): avc: denied { write } for pid=7202 comm="syz.5.320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 162.481439][ T7209] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.221471][ T7216] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 163.240314][ T7209] bridge_slave_0: left allmulticast mode [ 163.245994][ T7209] bridge_slave_0: left promiscuous mode [ 163.260521][ T7209] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.410457][ T30] audit: type=1400 audit(1752330762.700:428): avc: denied { unlink } for pid=7225 comm="syz.4.326" name="#1" dev="tmpfs" ino=372 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 163.439068][ T30] audit: type=1400 audit(1752330762.700:429): avc: denied { mount } for pid=7225 comm="syz.4.326" name="/" dev="overlay" ino=367 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 163.470365][ T30] audit: type=1400 audit(1752330762.720:430): avc: denied { unmount } for pid=5834 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 163.637694][ T5886] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 164.129435][ T5886] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 164.140711][ T5886] usb 2-1: config 0 has no interface number 0 [ 164.150371][ T5886] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 164.159760][ T5886] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.167951][ T5886] usb 2-1: Product: syz [ 164.173008][ T5886] usb 2-1: Manufacturer: syz [ 164.179041][ T5886] usb 2-1: SerialNumber: syz [ 164.197430][ T5886] usb 2-1: config 0 descriptor?? [ 164.436417][ T30] audit: type=1400 audit(1752330763.720:431): avc: denied { read } for pid=7224 comm="syz.1.325" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 164.475008][ T30] audit: type=1400 audit(1752330763.720:432): avc: denied { open } for pid=7224 comm="syz.1.325" path="/dev/input/mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 164.508767][ T30] audit: type=1400 audit(1752330763.720:433): avc: denied { write } for pid=7224 comm="syz.1.325" name="mouse0" dev="devtmpfs" ino=976 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 165.298040][ T5886] dvb_usb_ec168 2-1:0.1: probe with driver dvb_usb_ec168 failed with error -110 [ 165.452341][ T7251] FAULT_INJECTION: forcing a failure. [ 165.452341][ T7251] name failslab, interval 1, probability 0, space 0, times 0 [ 165.465338][ T7251] CPU: 1 UID: 0 PID: 7251 Comm: syz.2.332 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) [ 165.465362][ T7251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 165.465372][ T7251] Call Trace: [ 165.465378][ T7251] [ 165.465385][ T7251] dump_stack_lvl+0x16c/0x1f0 [ 165.465414][ T7251] should_fail_ex+0x512/0x640 [ 165.465436][ T7251] ? fs_reclaim_acquire+0xae/0x150 [ 165.465457][ T7251] ? posix_acl_alloc+0x20/0xb0 [ 165.465481][ T7251] should_failslab+0xc2/0x120 [ 165.465506][ T7251] __kmalloc_noprof+0xd2/0x510 [ 165.465531][ T7251] ? lockdep_hardirqs_on+0x7c/0x110 [ 165.465557][ T7251] posix_acl_alloc+0x20/0xb0 [ 165.465582][ T7251] posix_acl_from_xattr+0xf3/0x4d0 [ 165.465603][ T7251] do_set_acl+0xa4/0x1a0 [ 165.465622][ T7251] do_setxattr+0xeb/0x180 [ 165.465648][ T7251] filename_setxattr+0x16b/0x1d0 [ 165.465672][ T7251] ? __pfx_filename_setxattr+0x10/0x10 [ 165.465696][ T7251] ? getname_flags.part.0+0x1c5/0x550 [ 165.465721][ T7251] path_setxattrat+0x1de/0x2a0 [ 165.465743][ T7251] ? __pfx_path_setxattrat+0x10/0x10 [ 165.465767][ T7251] ? trace_sched_exit_tp+0xde/0x130 [ 165.465795][ T7251] ? ksys_write+0x190/0x250 [ 165.465838][ T7251] ? fput+0x70/0xf0 [ 165.465853][ T7251] ? ksys_write+0x1ac/0x250 [ 165.465879][ T7251] __x64_sys_lsetxattr+0xc9/0x140 [ 165.465902][ T7251] ? do_syscall_64+0x91/0x4c0 [ 165.465925][ T7251] ? lockdep_hardirqs_on+0x7c/0x110 [ 165.465948][ T7251] do_syscall_64+0xcd/0x4c0 [ 165.465973][ T7251] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.465995][ T7251] RIP: 0033:0x7f632418e929 [ 165.466010][ T7251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 165.466026][ T7251] RSP: 002b:00007f6321ff6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 165.466042][ T7251] RAX: ffffffffffffffda RBX: 00007f63243b6160 RCX: 00007f632418e929 [ 165.466053][ T7251] RDX: 0000200000000000 RSI: 0000200000000040 RDI: 0000200000000140 [ 165.466063][ T7251] RBP: 00007f6321ff6090 R08: 0000000000000001 R09: 0000000000000000 [ 165.466073][ T7251] R10: 000000000000001c R11: 0000000000000246 R12: 0000000000000001 [ 165.466083][ T7251] R13: 0000000000000000 R14: 00007f63243b6160 R15: 00007ffd38a6ace8 [ 165.466106][ T7251] [ 165.987800][ T5958] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 166.677701][ T5958] usb 6-1: Using ep0 maxpacket: 16 [ 166.818413][ T5958] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 166.828781][ T5958] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 166.841205][ T5958] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 166.851033][ T5958] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 166.861377][ T5958] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 166.875441][ T5958] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 166.884794][ T5958] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 166.892886][ T5958] usb 6-1: Manufacturer: syz [ 166.940097][ T5958] usb 6-1: config 0 descriptor?? [ 167.254153][ T30] audit: type=1400 audit(1752330766.470:434): avc: denied { execmod } for pid=7252 comm="syz.5.334" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=14105 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 167.695104][ T30] audit: type=1400 audit(1752330766.470:435): avc: denied { execute } for pid=7252 comm="syz.5.334" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=14105 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 167.748047][ T10] usb 2-1: USB disconnect, device number 6 [ 168.522347][ T7276] netlink: 'syz.0.339': attribute type 15 has an invalid length. [ 168.530648][ T7276] netlink: 24 bytes leftover after parsing attributes in process `syz.0.339'. [ 169.043347][ T30] audit: type=1400 audit(1752330768.320:436): avc: denied { getopt } for pid=7282 comm="syz.4.341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 169.077072][ T5941] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 169.488797][ T7277] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 169.857813][ T5958] rc_core: IR keymap rc-hauppauge not found [ 169.863757][ T5958] Registered IR keymap rc-empty [ 169.868990][ T5958] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 169.896513][ T5958] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 169.919940][ T5958] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0 [ 169.933124][ T5958] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input20 [ 169.950386][ T5958] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 169.978220][ T5941] usb 1-1: Using ep0 maxpacket: 32 [ 169.983540][ T5958] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 170.000483][ T5941] usb 1-1: config 0 has an invalid interface number: 51 but max is 0 [ 170.025273][ T5941] usb 1-1: config 0 has no interface number 0 [ 170.035222][ T5958] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 170.056606][ T5941] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 170.665879][ T5958] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 170.773536][ T5941] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 170.815215][ T5958] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 170.872027][ T5941] usb 1-1: Product: syz [ 170.914748][ T5941] usb 1-1: Manufacturer: syz [ 170.931482][ T5958] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 170.964694][ T5941] usb 1-1: SerialNumber: syz [ 171.042044][ T5958] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 171.077735][ T5958] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 171.088469][ T5941] usb 1-1: config 0 descriptor?? [ 171.109976][ T5941] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 171.119028][ T5958] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 171.160293][ T5958] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 171.184337][ T5958] mceusb 6-1:0.0: Registered with mce emulator interface version 1 [ 171.202822][ T5958] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 171.722228][ T5958] usb 6-1: USB disconnect, device number 7 [ 171.830843][ T5941] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 171.933456][ T5941] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 171.994637][ T30] audit: type=1400 audit(1752330771.280:437): avc: denied { execute } for pid=7308 comm="syz.2.348" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 172.101735][ T7276] overlay: Unknown parameter 'fsmagic' [ 172.142507][ C0] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 172.143154][ T5886] usb 1-1: USB disconnect, device number 10 [ 172.270336][ T5886] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 172.747209][ T5886] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 172.784037][ T5886] quatech2 1-1:0.51: device disconnected [ 175.887523][ T30] audit: type=1400 audit(1752330775.170:438): avc: denied { getopt } for pid=7340 comm="syz.4.356" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 175.887536][ T7342] FAULT_INJECTION: forcing a failure. [ 175.887536][ T7342] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 176.001253][ T7342] CPU: 1 UID: 0 PID: 7342 Comm: syz.4.356 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) [ 176.001282][ T7342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 176.001291][ T7342] Call Trace: [ 176.001296][ T7342] [ 176.001303][ T7342] dump_stack_lvl+0x16c/0x1f0 [ 176.001331][ T7342] should_fail_ex+0x512/0x640 [ 176.001357][ T7342] _copy_to_user+0x32/0xd0 [ 176.001382][ T7342] simple_read_from_buffer+0xcb/0x170 [ 176.001406][ T7342] proc_fail_nth_read+0x197/0x270 [ 176.001427][ T7342] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 176.001449][ T7342] ? rw_verify_area+0xcf/0x680 [ 176.001467][ T7342] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 176.001487][ T7342] vfs_read+0x1e4/0xc60 [ 176.001511][ T7342] ? __pfx___mutex_lock+0x10/0x10 [ 176.001533][ T7342] ? __pfx_vfs_read+0x10/0x10 [ 176.001560][ T7342] ? __fget_files+0x20e/0x3c0 [ 176.001589][ T7342] ksys_read+0x12a/0x250 [ 176.001608][ T7342] ? __pfx_ksys_read+0x10/0x10 [ 176.001636][ T7342] do_syscall_64+0xcd/0x4c0 [ 176.001671][ T7342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 176.001688][ T7342] RIP: 0033:0x7fc9f0b8d33c [ 176.001701][ T7342] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 176.001717][ T7342] RSP: 002b:00007fc9f1aca030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 176.001734][ T7342] RAX: ffffffffffffffda RBX: 00007fc9f0db5fa0 RCX: 00007fc9f0b8d33c [ 176.001745][ T7342] RDX: 000000000000000f RSI: 00007fc9f1aca0a0 RDI: 0000000000000003 [ 176.001755][ T7342] RBP: 00007fc9f1aca090 R08: 0000000000000000 R09: 0000000000000000 [ 176.001764][ T7342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 176.001773][ T7342] R13: 0000000000000000 R14: 00007fc9f0db5fa0 R15: 00007ffcda52cd98 [ 176.001796][ T7342] [ 176.231613][ T7334] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 179.328476][ T7395] process 'syz.0.366' launched './file0' with NULL argv: empty string added [ 179.647810][ T30] audit: type=1400 audit(1752330778.620:439): avc: denied { execute_no_trans } for pid=7370 comm="syz.0.366" path="/83/file0" dev="tmpfs" ino=448 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 180.225904][ T5830] Bluetooth: hci0: link tx timeout [ 180.287821][ T7404] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 180.295260][ T7404] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 180.471715][ T7409] FAULT_INJECTION: forcing a failure. [ 180.471715][ T7409] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 180.507729][ T5886] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 180.526859][ T43] IPVS: starting estimator thread 0... [ 180.527772][ T7409] CPU: 0 UID: 0 PID: 7409 Comm: syz.1.377 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) [ 180.527794][ T7409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 180.527802][ T7409] Call Trace: [ 180.527807][ T7409] [ 180.527813][ T7409] dump_stack_lvl+0x16c/0x1f0 [ 180.527838][ T7409] should_fail_ex+0x512/0x640 [ 180.527861][ T7409] _copy_from_user+0x2e/0xd0 [ 180.527882][ T7409] __sys_bpf+0x21d/0x4d80 [ 180.527906][ T7409] ? __pfx___sys_bpf+0x10/0x10 [ 180.527926][ T7409] ? ksys_write+0x190/0x250 [ 180.527948][ T7409] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 180.527982][ T7409] ? fput+0x70/0xf0 [ 180.527995][ T7409] ? ksys_write+0x1ac/0x250 [ 180.528012][ T7409] ? __pfx_ksys_write+0x10/0x10 [ 180.528034][ T7409] __x64_sys_bpf+0x78/0xc0 [ 180.528053][ T7409] ? lockdep_hardirqs_on+0x7c/0x110 [ 180.528073][ T7409] do_syscall_64+0xcd/0x4c0 [ 180.528094][ T7409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.528109][ T7409] RIP: 0033:0x7f34a798e929 [ 180.528121][ T7409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.528134][ T7409] RSP: 002b:00007f34a8718038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 180.528149][ T7409] RAX: ffffffffffffffda RBX: 00007f34a7bb5fa0 RCX: 00007f34a798e929 [ 180.528159][ T7409] RDX: 0000000000000094 RSI: 0000200000000840 RDI: 0000000000000005 [ 180.528167][ T7409] RBP: 00007f34a8718090 R08: 0000000000000000 R09: 0000000000000000 [ 180.528176][ T7409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 180.528184][ T7409] R13: 0000000000000000 R14: 00007f34a7bb5fa0 R15: 00007ffebc79bf38 [ 180.528204][ T7409] [ 180.858109][ T7411] IPVS: using max 38 ests per chain, 91200 per kthread [ 180.937745][ T5886] usb 3-1: Using ep0 maxpacket: 32 [ 180.947639][ T5886] usb 3-1: config 0 has an invalid interface number: 67 but max is 0 [ 180.956197][ T5886] usb 3-1: config 0 has no interface number 0 [ 180.974309][ T5886] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 180.983421][ T30] audit: type=1400 audit(1752330780.260:440): avc: denied { getopt } for pid=7420 comm="syz.5.383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 181.077920][ T7424] netlink: 24 bytes leftover after parsing attributes in process `syz.0.382'. [ 181.512087][ T5886] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 181.804777][ T5886] usb 3-1: Product: syz [ 181.809050][ T5886] usb 3-1: Manufacturer: syz [ 181.813650][ T5886] usb 3-1: SerialNumber: syz [ 181.821732][ T5886] usb 3-1: config 0 descriptor?? [ 181.913642][ T5886] smsc95xx v2.0.0 [ 182.089920][ T30] audit: type=1400 audit(1752330781.380:441): avc: denied { create } for pid=7431 comm="syz.0.387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 182.113053][ T7433] random: crng reseeded on system resumption [ 182.167919][ T30] audit: type=1400 audit(1752330781.380:442): avc: denied { bind } for pid=7431 comm="syz.0.387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 182.187218][ T30] audit: type=1400 audit(1752330781.400:443): avc: denied { append } for pid=7431 comm="syz.0.387" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 182.192943][ T5986] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 182.211432][ T30] audit: type=1400 audit(1752330781.400:444): avc: denied { open } for pid=7431 comm="syz.0.387" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 182.257897][ T5886] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 182.309355][ T5886] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 182.385526][ T5886] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32 [ 182.449516][ T5886] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -32 [ 182.466701][ T5986] usb 5-1: config 0 has an invalid interface number: 239 but max is 0 [ 182.481361][ T5986] usb 5-1: config 0 has no interface number 0 [ 182.527402][ T5986] usb 5-1: New USB device found, idVendor=2201, idProduct=012c, bcdDevice=60.d9 [ 182.574583][ T5986] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 182.667240][ T5986] usb 5-1: Product: syz [ 182.715575][ T5986] usb 5-1: Manufacturer: syz [ 182.734814][ T5986] usb 5-1: SerialNumber: syz [ 182.756958][ T5986] usb 5-1: config 0 descriptor?? [ 183.515908][ T7443] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 183.520096][ T5886] usb 3-1: USB disconnect, device number 11 [ 183.603163][ T5986] usb 5-1: probing VID:PID(2201:012C) [ 183.621855][ T5986] usb 5-1: Could not find two sets of bulk-in/out endpoint pairs [ 183.655992][ T5986] vub300 5-1:0.239: probe with driver vub300 failed with error -22 [ 183.680596][ T5986] usb 5-1: USB disconnect, device number 7 [ 183.696411][ T7460] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1825 sclass=netlink_route_socket pid=7460 comm=syz.5.394 [ 185.037528][ T5958] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 185.052434][ T30] audit: type=1400 audit(1752330784.330:445): avc: denied { setopt } for pid=7456 comm="syz.2.392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 185.091748][ T30] audit: type=1400 audit(1752330784.340:446): avc: denied { write } for pid=7456 comm="syz.2.392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 185.218195][ T5958] usb 5-1: too many configurations: 9, using maximum allowed: 8 [ 185.226901][ T5958] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 185.239036][ T5958] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 185.340493][ T5958] usb 5-1: config 0 interface 0 has no altsetting 0 [ 185.727744][ T5835] Bluetooth: hci1: command 0x0406 tx timeout [ 185.734567][ T5847] Bluetooth: hci2: command 0x0406 tx timeout [ 185.744278][ T5835] Bluetooth: hci3: command 0x0406 tx timeout [ 185.757271][ T5958] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 185.801661][ T5958] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 185.859323][ T5958] usb 5-1: config 0 interface 0 has no altsetting 0 [ 185.918837][ T5958] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 185.930907][ T5958] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 185.941977][ T5958] usb 5-1: config 0 interface 0 has no altsetting 0 [ 186.025525][ T30] audit: type=1400 audit(1752330785.260:447): avc: denied { append } for pid=7480 comm="syz.5.400" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 186.048176][ C0] vkms_vblank_simulate: vblank timer overrun [ 186.085973][ T5958] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 186.104486][ T5958] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 186.130355][ T5958] usb 5-1: config 0 interface 0 has no altsetting 0 [ 186.156944][ T5958] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 186.175030][ T5958] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 186.203729][ T7484] ubi31: attaching mtd0 [ 186.204070][ T5958] usb 5-1: config 0 interface 0 has no altsetting 0 [ 186.209707][ T7484] ubi31: scanning is finished [ 186.219557][ T7484] ubi31: empty MTD device detected [ 186.222192][ T5958] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 186.243348][ T5958] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 186.264106][ T30] audit: type=1400 audit(1752330785.530:448): avc: denied { map } for pid=7485 comm="syz.0.402" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=736 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 186.304372][ T5958] usb 5-1: config 0 interface 0 has no altsetting 0 [ 186.305235][ T7484] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 186.318723][ T7484] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 186.322652][ T5958] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 186.326067][ T7484] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 186.342037][ T7484] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 186.345617][ T5958] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 186.349673][ T7484] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 186.349693][ T7484] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 186.375805][ T7484] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 24549328 [ 186.385808][ T7484] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 186.387410][ T5958] usb 5-1: config 0 interface 0 has no altsetting 0 [ 186.398101][ T7488] ubi31: background thread "ubi_bgt31d" started, PID 7488 [ 186.442795][ T5958] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 186.452529][ T5958] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 186.476372][ T5958] usb 5-1: config 0 interface 0 has no altsetting 0 [ 186.497244][ T5958] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 186.509464][ T5958] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 186.530846][ T5958] usb 5-1: Product: syz [ 186.538923][ T5958] usb 5-1: Manufacturer: syz [ 186.549676][ T5958] usb 5-1: SerialNumber: syz [ 186.562247][ T5958] usb 5-1: config 0 descriptor?? [ 186.581398][ T5958] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0 [ 187.128417][ T30] audit: type=1400 audit(1752330786.410:449): avc: denied { write } for pid=7499 comm="syz.1.405" path="socket:[16665]" dev="sockfs" ino=16665 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 187.152239][ C0] vkms_vblank_simulate: vblank timer overrun [ 187.214472][ T7503] netlink: 'syz.0.406': attribute type 10 has an invalid length. [ 187.246490][ T5886] usb 5-1: USB disconnect, device number 8 [ 187.256743][ T5886] yurex 5-1:0.0: USB YUREX #0 now disconnected [ 187.603040][ T7503] team0: Port device wlan1 added [ 187.734912][ T7512] fuse: Bad value for 'user_id' [ 187.747449][ T7513] fuse: Bad value for 'user_id' [ 187.747734][ T7512] fuse: Bad value for 'user_id' [ 187.754392][ T7513] fuse: Bad value for 'user_id' [ 187.974339][ T7510] gfs2: Unknown parameter 'barriermx' [ 188.010987][ T30] audit: type=1400 audit(1752330787.290:450): avc: denied { write } for pid=7520 comm="syz.4.411" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 188.697686][ T5958] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 188.857639][ T5958] usb 3-1: Using ep0 maxpacket: 16 [ 188.869296][ T5958] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 188.890431][ T5958] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 188.899798][ T5958] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.544221][ T5958] usb 3-1: config 0 descriptor?? [ 189.645794][ T7547] kernel profiling enabled (shift: 63) [ 189.690062][ T7547] profiling shift: 63 too large [ 190.122311][ T7555] netlink: 8 bytes leftover after parsing attributes in process `syz.5.420'. [ 190.143429][ T7555] netlink: 8 bytes leftover after parsing attributes in process `syz.5.420'. [ 190.498357][ T5958] usbhid 3-1:0.0: can't add hid device: -71 [ 190.504448][ T5958] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 190.518025][ T7556] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 190.529206][ T5958] usb 3-1: USB disconnect, device number 12 [ 190.911966][ T7563] block device autoloading is deprecated and will be removed. [ 191.801804][ T7574] netlink: 24 bytes leftover after parsing attributes in process `syz.2.424'. [ 193.152707][ T30] audit: type=1400 audit(1752330792.440:451): avc: denied { write } for pid=7569 comm="syz.1.425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 193.313309][ T7597] syz.0.433: attempt to access beyond end of device [ 193.313309][ T7597] nbd0: rw=0, sector=64, nr_sectors = 1 limit=0 [ 193.327301][ T7597] syz.0.433: attempt to access beyond end of device [ 193.327301][ T7597] nbd0: rw=0, sector=256, nr_sectors = 1 limit=0 [ 193.340472][ T7597] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 193.355981][ T7597] syz.0.433: attempt to access beyond end of device [ 193.355981][ T7597] nbd0: rw=0, sector=512, nr_sectors = 1 limit=0 [ 193.376555][ T7597] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 193.396289][ T7597] syz.0.433: attempt to access beyond end of device [ 193.396289][ T7597] nbd0: rw=0, sector=64, nr_sectors = 2 limit=0 [ 193.410638][ T7597] syz.0.433: attempt to access beyond end of device [ 193.410638][ T7597] nbd0: rw=0, sector=512, nr_sectors = 2 limit=0 [ 193.423879][ T7597] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 193.443639][ T7597] syz.0.433: attempt to access beyond end of device [ 193.443639][ T7597] nbd0: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 193.461114][ T7597] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 193.475500][ T7597] syz.0.433: attempt to access beyond end of device [ 193.475500][ T7597] nbd0: rw=0, sector=64, nr_sectors = 4 limit=0 [ 193.490910][ T7597] syz.0.433: attempt to access beyond end of device [ 193.490910][ T7597] nbd0: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 193.497828][ T5986] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 193.504954][ T7597] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 193.521366][ T7597] syz.0.433: attempt to access beyond end of device [ 193.521366][ T7597] nbd0: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 193.534479][ T7597] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 193.545458][ T7597] syz.0.433: attempt to access beyond end of device [ 193.545458][ T7597] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0 [ 193.559588][ T5893] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 193.567507][ T7597] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 193.577818][ T7597] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 193.587325][ T7597] UDF-fs: warning (device nbd0): udf_fill_super: No partition found (1) [ 193.696719][ T5986] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 193.709149][ T5986] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 193.747792][ T10] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 193.777245][ T5893] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 193.779075][ T5986] usb 5-1: config 0 descriptor?? [ 193.806483][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.814521][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.842725][ T5893] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 193.843262][ T5986] cp210x 5-1:0.0: cp210x converter detected [ 193.876951][ T5893] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 193.928530][ T7607] tmpfs: Unknown parameter 'usrquota_blochavdlimit' [ 193.937463][ T5893] usb 6-1: config 0 descriptor?? [ 193.995826][ T30] audit: type=1400 audit(1752330793.260:452): avc: denied { bind } for pid=7605 comm="syz.0.437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 194.027176][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 194.097322][ T5893] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 194.105456][ T10] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 194.140191][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 194.200723][ T10] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 194.218298][ T10] usb 3-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 194.233599][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.242090][ T10] usb 3-1: Product: syz [ 194.246925][ T10] usb 3-1: Manufacturer: syz [ 194.252903][ T10] usb 3-1: SerialNumber: syz [ 194.260284][ T10] usb 3-1: config 0 descriptor?? [ 194.268524][ T10] ums-isd200 3-1:0.0: USB Mass Storage device detected [ 194.281479][ T7613] overlay: filesystem on ./bus not supported as upperdir [ 194.351992][ T5893] usb 6-1: USB disconnect, device number 8 [ 194.362036][ T5986] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 194.470967][ T7602] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 194.481846][ T7602] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 194.507659][ T43] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 194.548195][ T5886] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 194.832355][ T30] audit: type=1400 audit(1752330794.120:453): avc: denied { setopt } for pid=7591 comm="syz.4.431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 195.023497][ T30] audit: type=1400 audit(1752330794.200:454): avc: denied { map } for pid=7591 comm="syz.4.431" path="/dev/sg0" dev="devtmpfs" ino=747 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 195.121920][ T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 195.165831][ T30] audit: type=1400 audit(1752330794.200:455): avc: denied { execute } for pid=7591 comm="syz.4.431" path="/dev/sg0" dev="devtmpfs" ino=747 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 195.190132][ C0] vkms_vblank_simulate: vblank timer overrun [ 195.683409][ T30] audit: type=1400 audit(1752330794.970:456): avc: denied { setopt } for pid=7619 comm="syz.5.441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 195.692785][ T5986] usb 5-1: cp210x converter now attached to ttyUSB0 [ 195.862648][ T5830] Bluetooth: hci4: command 0x0406 tx timeout [ 196.489429][ T43] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 196.502995][ T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 196.515212][ T5986] usb 5-1: USB disconnect, device number 9 [ 196.523369][ T43] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 196.534756][ T5986] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 196.545780][ T5986] cp210x 5-1:0.0: device disconnected [ 196.551685][ T43] usb 2-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 196.560961][ T5886] usb 1-1: device descriptor read/64, error -71 [ 196.567263][ T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 196.576293][ T43] usb 2-1: Product: syz [ 196.582736][ T43] usb 2-1: Manufacturer: syz [ 196.587622][ T43] usb 2-1: SerialNumber: syz [ 196.594683][ T43] usb 2-1: config 0 descriptor?? [ 196.608222][ T43] ums-isd200 2-1:0.0: USB Mass Storage device detected [ 196.654437][ T10] scsi host1: usb-storage 3-1:0.0 [ 196.673656][ T10] usb 3-1: USB disconnect, device number 13 [ 196.882768][ T5886] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 197.045765][ T7611] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 197.088942][ T7611] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 197.147858][ T5886] usb 1-1: device descriptor read/64, error -71 [ 306.427667][ C0] ------------[ cut here ]------------ [ 306.433757][ C0] WARNING: CPU: 0 PID: 7636 at kernel/rcu/tree_stall.h:1015 rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 306.444892][ C0] Modules linked in: [ 306.449099][ C0] CPU: 0 UID: 0 PID: 7636 Comm: syz.2.444 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) [ 306.460988][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 306.471042][ C0] RIP: 0010:rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 306.477990][ C0] Code: 88 61 01 00 00 be 04 00 00 00 48 c7 c7 80 5f e0 9a e8 40 f1 80 00 b8 01 00 00 00 87 05 05 76 3e 19 85 c0 0f 85 3d 01 00 00 90 <0f> 0b 90 48 c7 c3 44 bb a9 90 48 81 fd 00 fd 5c 8e 74 5a 48 b8 00 [ 306.497599][ C0] RSP: 0018:ffffc90000007df0 EFLAGS: 00010046 [ 306.503665][ C0] RAX: 0000000000000000 RBX: 0000000000002904 RCX: ffffffff81a1e970 [ 306.511635][ C0] RDX: fffffbfff35c0bf0 RSI: 0000000000000004 RDI: ffffffff9ae05f80 [ 306.519602][ C0] RBP: ffffffff8e5cfd00 R08: 0000000000000001 R09: fffffbfff35c0bf0 [ 306.527570][ C0] R10: 0000000000000003 R11: 0000000000000001 R12: 1ffffffff1c42240 [ 306.535557][ C0] R13: 0000000000000246 R14: ffffffff8e5cfd00 R15: ffff8880b843b2d2 [ 306.543554][ C0] FS: 00007f6324f0f6c0(0000) GS:ffff888124713000(0000) knlGS:0000000000000000 [ 306.552487][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 306.559069][ C0] CR2: 0000200000061030 CR3: 0000000052fe7000 CR4: 00000000003526f0 [ 306.567044][ C0] Call Trace: [ 306.570327][ C0] [ 306.573171][ C0] rcu_core+0x4cf/0x14e0 [ 306.577428][ C0] ? tmigr_handle_remote+0x132/0x380 [ 306.582715][ C0] ? __pfx_tmigr_handle_remote+0x10/0x10 [ 306.588352][ C0] ? __pfx_rcu_core+0x10/0x10 [ 306.593038][ C0] ? run_timer_base+0x121/0x190 [ 306.597894][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 306.603104][ C0] handle_softirqs+0x219/0x8e0 [ 306.607883][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 306.613787][ C0] __irq_exit_rcu+0x109/0x170 [ 306.618473][ C0] irq_exit_rcu+0x9/0x30 [ 306.622723][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 306.628361][ C0] [ 306.631289][ C0] [ 306.634225][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 306.640204][ C0] RIP: 0010:smp_call_function_many_cond+0xd94/0x1510 [ 306.646881][ C0] Code: 83 e5 07 4d 01 e6 41 83 c5 03 e8 07 1e 0c 00 f3 90 41 0f b6 06 41 38 c5 7c 08 84 c0 0f 85 6f 05 00 00 8b 43 08 31 ff 83 e0 01 <89> c5 89 c6 e8 23 19 0c 00 85 ed 75 d3 e8 da 1d 0c 00 e8 d5 1d 0c [ 306.666486][ C0] RSP: 0018:ffffc900129372b8 EFLAGS: 00000202 [ 306.672552][ C0] RAX: 0000000000000001 RBX: ffff8880b853fe20 RCX: ffffc9000d86c000 [ 306.680605][ C0] RDX: 0000000000080000 RSI: ffffffff81afd909 RDI: 0000000000000000 [ 306.688584][ C0] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000 [ 306.696552][ C0] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000 [ 306.704519][ C0] R13: 0000000000000003 R14: ffffed10170a7fc5 R15: ffff8880b843b580 [ 306.712499][ C0] ? smp_call_function_many_cond+0xd79/0x1510 [ 306.718585][ C0] ? smp_call_function_many_cond+0xd79/0x1510 [ 306.724677][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 306.729896][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 306.736238][ C0] ? lock_acquire+0x179/0x350 [ 306.740920][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 306.746122][ C0] ? __pfx_should_flush_tlb+0x10/0x10 [ 306.751499][ C0] on_each_cpu_cond_mask+0x40/0x90 [ 306.756619][ C0] flush_tlb_mm_range+0x4a0/0x1790 [ 306.761735][ C0] ? page_table_check_clear+0x362/0x740 [ 306.767291][ C0] ? __page_table_check_pte_clear+0xa9/0x100 [ 306.773275][ C0] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 306.778823][ C0] ? __pfx_pte_mkwrite+0x10/0x10 [ 306.783762][ C0] ptep_clear_flush+0x136/0x180 [ 306.788640][ C0] do_wp_page+0x1683/0x4f20 [ 306.793179][ C0] ? __pfx_do_wp_page+0x10/0x10 [ 306.798040][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 306.803429][ C0] __handle_mm_fault+0x2223/0x5490 [ 306.808554][ C0] ? __pfx___handle_mm_fault+0x10/0x10 [ 306.814012][ C0] ? __pfx_mt_find+0x10/0x10 [ 306.818642][ C0] ? find_vma+0xbf/0x140 [ 306.822919][ C0] ? __pfx_find_vma+0x10/0x10 [ 306.827625][ C0] handle_mm_fault+0x589/0xd10 [ 306.832403][ C0] ? __pkru_allows_pkey+0x51/0xb0 [ 306.837435][ C0] do_user_addr_fault+0x7a6/0x1370 [ 306.842573][ C0] ? rcu_is_watching+0x12/0xc0 [ 306.847348][ C0] exc_page_fault+0x5c/0xb0 [ 306.851866][ C0] asm_exc_page_fault+0x26/0x30 [ 306.856716][ C0] RIP: 0010:__put_user_nocheck_4+0x3/0x10 [ 306.862442][ C0] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 01 cb <89> 01 31 c9 0f 01 ca e9 41 5b 03 00 90 90 90 90 90 90 90 90 90 90 [ 306.882057][ C0] RSP: 0018:ffffc900129379f8 EFLAGS: 00050246 [ 306.888120][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000200000061030 [ 306.896087][ C0] RDX: 0000000000080000 RSI: ffffffff89564ab3 RDI: 0000000000000005 [ 306.904059][ C0] RBP: ffffc90012937d98 R08: 0000000000000005 R09: 0000000000000000 [ 306.912026][ C0] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000000 [ 306.920018][ C0] R13: 0000200000061000 R14: ffffc90012937ddc R15: 0000000000000002 [ 306.928109][ C0] ? ____sys_recvmsg+0x2e3/0x6b0 [ 306.933064][ C0] ____sys_recvmsg+0x2ee/0x6b0 [ 306.937839][ C0] ? __pfx_____sys_recvmsg+0x10/0x10 [ 306.943138][ C0] ? kfree+0x24f/0x4d0 [ 306.947218][ C0] ? rcu_is_watching+0x12/0xc0 [ 306.951994][ C0] ? irqentry_exit+0x3b/0x90 [ 306.956591][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 306.961797][ C0] ___sys_recvmsg+0x114/0x1a0 [ 306.966480][ C0] ? __pfx____sys_recvmsg+0x10/0x10 [ 306.971697][ C0] ? __pfx___might_resched+0x10/0x10 [ 306.976991][ C0] do_recvmmsg+0x2fe/0x750 [ 306.981414][ C0] ? __pfx_do_recvmmsg+0x10/0x10 [ 306.986363][ C0] ? do_futex+0x122/0x350 [ 306.990714][ C0] ? __x64_sys_futex+0x1e0/0x4c0 [ 306.995659][ C0] __x64_sys_recvmmsg+0x22a/0x280 [ 307.000706][ C0] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 307.006279][ C0] do_syscall_64+0xcd/0x4c0 [ 307.010804][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.016702][ C0] RIP: 0033:0x7f632418e929 [ 307.021114][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 307.040727][ C0] RSP: 002b:00007f6324f0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 307.049139][ C0] RAX: ffffffffffffffda RBX: 00007f63243b6080 RCX: 00007f632418e929 [ 307.057106][ C0] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000004 [ 307.065076][ C0] RBP: 00007f6324210b39 R08: 0000000000000000 R09: 0000000000000000 [ 307.073045][ C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 307.081010][ C0] R13: 0000000000000000 R14: 00007f63243b6080 R15: 00007ffd38a6ace8 [ 307.088996][ C0] [ 307.092012][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 307.099283][ C0] CPU: 0 UID: 0 PID: 7636 Comm: syz.2.444 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) [ 307.111168][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 307.121216][ C0] Call Trace: [ 307.124492][ C0] [ 307.127330][ C0] dump_stack_lvl+0x3d/0x1f0 [ 307.131927][ C0] panic+0x71c/0x800 [ 307.135828][ C0] ? __pfx_panic+0x10/0x10 [ 307.140249][ C0] ? show_trace_log_lvl+0x29b/0x3e0 [ 307.145461][ C0] ? check_panic_on_warn+0x1f/0xb0 [ 307.150571][ C0] ? rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 307.156911][ C0] check_panic_on_warn+0xab/0xb0 [ 307.161845][ C0] __warn+0xf6/0x3c0 [ 307.165735][ C0] ? rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 307.172070][ C0] report_bug+0x3c3/0x580 [ 307.176583][ C0] ? rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 307.182925][ C0] handle_bug+0x184/0x210 [ 307.187260][ C0] exc_invalid_op+0x17/0x50 [ 307.191764][ C0] asm_exc_invalid_op+0x1a/0x20 [ 307.196612][ C0] RIP: 0010:rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 307.203554][ C0] Code: 88 61 01 00 00 be 04 00 00 00 48 c7 c7 80 5f e0 9a e8 40 f1 80 00 b8 01 00 00 00 87 05 05 76 3e 19 85 c0 0f 85 3d 01 00 00 90 <0f> 0b 90 48 c7 c3 44 bb a9 90 48 81 fd 00 fd 5c 8e 74 5a 48 b8 00 [ 307.223185][ C0] RSP: 0018:ffffc90000007df0 EFLAGS: 00010046 [ 307.229255][ C0] RAX: 0000000000000000 RBX: 0000000000002904 RCX: ffffffff81a1e970 [ 307.237224][ C0] RDX: fffffbfff35c0bf0 RSI: 0000000000000004 RDI: ffffffff9ae05f80 [ 307.245196][ C0] RBP: ffffffff8e5cfd00 R08: 0000000000000001 R09: fffffbfff35c0bf0 [ 307.253163][ C0] R10: 0000000000000003 R11: 0000000000000001 R12: 1ffffffff1c42240 [ 307.261131][ C0] R13: 0000000000000246 R14: ffffffff8e5cfd00 R15: ffff8880b843b2d2 [ 307.269106][ C0] ? rcu_check_gp_start_stall.part.0+0x1b0/0x4b0 [ 307.275452][ C0] rcu_core+0x4cf/0x14e0 [ 307.279698][ C0] ? tmigr_handle_remote+0x132/0x380 [ 307.284986][ C0] ? __pfx_tmigr_handle_remote+0x10/0x10 [ 307.290622][ C0] ? __pfx_rcu_core+0x10/0x10 [ 307.295304][ C0] ? run_timer_base+0x121/0x190 [ 307.300161][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 307.305384][ C0] handle_softirqs+0x219/0x8e0 [ 307.310157][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 307.315455][ C0] __irq_exit_rcu+0x109/0x170 [ 307.320136][ C0] irq_exit_rcu+0x9/0x30 [ 307.324383][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 307.330028][ C0] [ 307.332955][ C0] [ 307.335883][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 307.341870][ C0] RIP: 0010:smp_call_function_many_cond+0xd94/0x1510 [ 307.348546][ C0] Code: 83 e5 07 4d 01 e6 41 83 c5 03 e8 07 1e 0c 00 f3 90 41 0f b6 06 41 38 c5 7c 08 84 c0 0f 85 6f 05 00 00 8b 43 08 31 ff 83 e0 01 <89> c5 89 c6 e8 23 19 0c 00 85 ed 75 d3 e8 da 1d 0c 00 e8 d5 1d 0c [ 307.368155][ C0] RSP: 0018:ffffc900129372b8 EFLAGS: 00000202 [ 307.374221][ C0] RAX: 0000000000000001 RBX: ffff8880b853fe20 RCX: ffffc9000d86c000 [ 307.382204][ C0] RDX: 0000000000080000 RSI: ffffffff81afd909 RDI: 0000000000000000 [ 307.390176][ C0] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000 [ 307.398149][ C0] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000 [ 307.406233][ C0] R13: 0000000000000003 R14: ffffed10170a7fc5 R15: ffff8880b843b580 [ 307.414213][ C0] ? smp_call_function_many_cond+0xd79/0x1510 [ 307.420290][ C0] ? smp_call_function_many_cond+0xd79/0x1510 [ 307.426360][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 307.431572][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 307.437916][ C0] ? lock_acquire+0x179/0x350 [ 307.442601][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 307.447799][ C0] ? __pfx_should_flush_tlb+0x10/0x10 [ 307.453178][ C0] on_each_cpu_cond_mask+0x40/0x90 [ 307.458292][ C0] flush_tlb_mm_range+0x4a0/0x1790 [ 307.463424][ C0] ? page_table_check_clear+0x362/0x740 [ 307.468979][ C0] ? __page_table_check_pte_clear+0xa9/0x100 [ 307.474963][ C0] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 307.480520][ C0] ? __pfx_pte_mkwrite+0x10/0x10 [ 307.485461][ C0] ptep_clear_flush+0x136/0x180 [ 307.490321][ C0] do_wp_page+0x1683/0x4f20 [ 307.494842][ C0] ? __pfx_do_wp_page+0x10/0x10 [ 307.499717][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 307.505113][ C0] __handle_mm_fault+0x2223/0x5490 [ 307.510235][ C0] ? __pfx___handle_mm_fault+0x10/0x10 [ 307.515696][ C0] ? __pfx_mt_find+0x10/0x10 [ 307.520314][ C0] ? find_vma+0xbf/0x140 [ 307.524576][ C0] ? __pfx_find_vma+0x10/0x10 [ 307.529263][ C0] handle_mm_fault+0x589/0xd10 [ 307.534031][ C0] ? __pkru_allows_pkey+0x51/0xb0 [ 307.539064][ C0] do_user_addr_fault+0x7a6/0x1370 [ 307.544189][ C0] ? rcu_is_watching+0x12/0xc0 [ 307.548963][ C0] exc_page_fault+0x5c/0xb0 [ 307.553473][ C0] asm_exc_page_fault+0x26/0x30 [ 307.558342][ C0] RIP: 0010:__put_user_nocheck_4+0x3/0x10 [ 307.564079][ C0] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 01 cb <89> 01 31 c9 0f 01 ca e9 41 5b 03 00 90 90 90 90 90 90 90 90 90 90 [ 307.583711][ C0] RSP: 0018:ffffc900129379f8 EFLAGS: 00050246 [ 307.589796][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000200000061030 [ 307.597787][ C0] RDX: 0000000000080000 RSI: ffffffff89564ab3 RDI: 0000000000000005 [ 307.605768][ C0] RBP: ffffc90012937d98 R08: 0000000000000005 R09: 0000000000000000 [ 307.613757][ C0] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000000 [ 307.621734][ C0] R13: 0000200000061000 R14: ffffc90012937ddc R15: 0000000000000002 [ 307.629716][ C0] ? ____sys_recvmsg+0x2e3/0x6b0 [ 307.634662][ C0] ____sys_recvmsg+0x2ee/0x6b0 [ 307.639432][ C0] ? __pfx_____sys_recvmsg+0x10/0x10 [ 307.644724][ C0] ? kfree+0x24f/0x4d0 [ 307.648795][ C0] ? rcu_is_watching+0x12/0xc0 [ 307.653579][ C0] ? irqentry_exit+0x3b/0x90 [ 307.658183][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 307.663399][ C0] ___sys_recvmsg+0x114/0x1a0 [ 307.668082][ C0] ? __pfx____sys_recvmsg+0x10/0x10 [ 307.673300][ C0] ? __pfx___might_resched+0x10/0x10 [ 307.678600][ C0] do_recvmmsg+0x2fe/0x750 [ 307.683030][ C0] ? __pfx_do_recvmmsg+0x10/0x10 [ 307.687980][ C0] ? do_futex+0x122/0x350 [ 307.692338][ C0] ? __x64_sys_futex+0x1e0/0x4c0 [ 307.697288][ C0] __x64_sys_recvmmsg+0x22a/0x280 [ 307.702333][ C0] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 307.707899][ C0] do_syscall_64+0xcd/0x4c0 [ 307.712419][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.718322][ C0] RIP: 0033:0x7f632418e929 [ 307.723525][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 307.743144][ C0] RSP: 002b:00007f6324f0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 307.751588][ C0] RAX: ffffffffffffffda RBX: 00007f63243b6080 RCX: 00007f632418e929 [ 307.759741][ C0] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000004 [ 307.767714][ C0] RBP: 00007f6324210b39 R08: 0000000000000000 R09: 0000000000000000 [ 307.775683][ C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 307.784348][ C0] R13: 0000000000000000 R14: 00007f63243b6080 R15: 00007ffd38a6ace8 [ 307.792343][ C0] [ 308.889979][ C0] Shutting down cpus with NMI [ 308.894899][ C0] Kernel Offset: disabled [ 308.899213][ C0] Rebooting in 86400 seconds..