80.163688][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 180.172261][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 180.181610][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 180.193088][ T8792] device veth1_vlan entered promiscuous mode [ 180.217298][ T9159] 8021q: adding VLAN 0 to HW filter on device bond0 [ 180.230213][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 180.238306][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 180.247743][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 180.256787][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 180.265583][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 180.273423][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 180.281487][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 180.291138][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 180.305336][ T8662] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 180.325317][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 180.334021][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 180.343198][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 180.351739][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 180.363454][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 180.372118][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 180.383787][ T9149] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 180.398474][ T8792] device veth0_macvtap entered promiscuous mode [ 180.408766][ T9031] device veth0_vlan entered promiscuous mode [ 180.418255][ T8662] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 180.428817][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 180.438171][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 180.446932][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 180.456103][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 180.464220][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 180.472945][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 180.483923][ T9159] 8021q: adding VLAN 0 to HW filter on device team0 [ 180.495760][ T9031] device veth1_vlan entered promiscuous mode [ 180.509321][ T8850] device veth0_vlan entered promiscuous mode [ 180.521863][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 180.531061][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 180.538989][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 180.548816][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 180.557614][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 180.564680][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 180.572483][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 180.581097][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 180.590196][ T8792] device veth1_macvtap entered promiscuous mode [ 180.662722][ T8850] device veth1_vlan entered promiscuous mode [ 180.673733][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 180.683359][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 180.692213][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 180.700709][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 180.708413][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 180.716596][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 180.724972][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 180.733499][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 180.742831][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 180.751236][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 180.758257][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 180.766176][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 180.848702][ T8792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 180.859249][ T8792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.870411][ T8792] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 180.934043][ T8850] device veth0_macvtap entered promiscuous mode [ 180.945802][ T8850] device veth1_macvtap entered promiscuous mode [ 180.954234][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 180.966747][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 180.975945][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 180.986210][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 180.995430][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 181.005154][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 181.014868][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 181.024251][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 181.033347][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 181.042642][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 181.051877][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 181.061051][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 181.071052][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 181.079008][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 181.091949][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 181.100852][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 181.111227][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 181.119740][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 181.130538][ T9031] device veth0_macvtap entered promiscuous mode [ 181.146960][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 181.155294][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 181.163734][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 181.172082][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 181.186322][ T8850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 181.197368][ T8850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.208397][ T8850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 181.219206][ T8850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.230752][ T8850] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 181.240646][ T9031] device veth1_macvtap entered promiscuous mode [ 181.251892][ T8792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 181.262356][ T8792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.273699][ T8792] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 181.285895][ T9159] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 181.296549][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 181.304536][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 181.312581][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 181.321168][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 181.330183][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 181.338708][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 181.348906][ T8850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 181.361379][ T8850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.371795][ T8850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 181.382370][ T8850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.393168][ T8850] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 181.452159][ T9149] device veth0_vlan entered promiscuous mode [ 181.459070][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 181.467989][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 181.521397][ T9031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 181.531893][ T9031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.543825][ T9031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 181.554832][ T9031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.565290][ T9031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 181.576160][ T9031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.587419][ T9031] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 181.667041][ T9149] device veth1_vlan entered promiscuous mode [ 181.675462][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 181.690018][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready 15:52:14 executing program 1: pipe(&(0x7f0000000100)) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x1, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="780000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="1b4fc9fe000000004800128009000100766c616e000000003800028006000100000000000c0002001a00000014000000040004801c0003800c00010068e3000008000500fbe306813e2118f0c62be4dd383463ba7e587d8c", @ANYRES32=r2, @ANYBLOB="08000a00ba930d872460a99cfa20ed8b72"], 0x78}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r4, 0xc0505350, &(0x7f0000000000)={{0x6, 0x1f}, {0xf0, 0x1}, 0x3, 0x1, 0x5a}) [ 181.710247][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 181.731595][ T9031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 15:52:15 executing program 0: syz_open_procfs(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x73cd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffefffffffffff, 0xffffffffffffffff, 0x9) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x3, 0x2) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(0xffffffffffffffff, 0x4008af23, &(0x7f0000000200)) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$sndctrl(0x0, 0x0, 0x0) r1 = memfd_create(&(0x7f0000000140)='\\vnet0?\'`/{,vi.et1eb0u_er\x00', 0x4) ftruncate(r1, 0x1000000) sendfile(r0, r1, &(0x7f00000000c0)=0xf18001, 0xeefffdef) r2 = creat(0x0, 0x0) ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f0000000680)="3b370c004e5121a6d9b11e067db0d3016e4e94273f26c64586ba6374c7ffd07de9d949ec292eec941d8b636dcd2d7741927506ca7d1a075c1bd8570ccaff1a47d684e17e15e05073ee917cb56eb729fd4f67cbc6e0da4a9d3ce3fda3994f4bae3c30497e56d8c9b805f8d2a9cf60e41caee5d0153b3152f60514741a27fc6812e3986f85f0d18c403c0d8c62077478e30f4f2bcf813724ed218c17b0c87563620e03bfce87491a61d697ed10c398d32ff89acb14673942a1a617c5ae086c435282ab5c44ee3645d1e7a43fbcb82ef28b8dd066bd46d7f35a548f01e4c84b5c0be63903785740d8e8371130590601220ce608ab26c44eb0a9d9e5fc3c7b5073e4") ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000440)={0x0, 0x0, @pic={0x9, 0xbe, 0x3f, 0x55, 0x1, 0x0, 0x4, 0x7, 0x0, 0x0, 0x8, 0x6, 0x81, 0x2c, 0x7d}}) fallocate(r2, 0x0, 0x0, 0x2000402) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(0xffffffffffffffff, 0x40bc5311, &(0x7f00000002c0)={0x20, 0x2, 'client1\x00', 0xffffffff80000000, "6411d6b8a2596800", "2a3efbd73b14150b0a8d20f50fc6f8b64fc3011d51cd53cf326f553628592589", 0x8, 0x10001}) close(0xffffffffffffffff) [ 181.760739][ T9031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.781064][ T9031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 181.801435][ T9031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.830992][ T9031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 181.850074][ T9031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.870466][ T9031] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 181.969235][ T9932] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 181.981268][ T9932] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 181.994360][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 182.003561][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready 15:52:15 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x20081, 0x0) mmap$dsp(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x2000008, 0x9953, r3, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ff9000/0x1000)=nil) ioctl$SNDCTL_DSP_GETBLKSIZE(r3, 0xc0045004, &(0x7f0000000440)) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, &(0x7f00000004c0)) r5 = syz_open_dev$vcsa(&(0x7f0000000500)='/dev/vcsa#\x00', 0x2, 0x1) ioctl$KVM_GET_SUPPORTED_CPUID(r5, 0xc008ae05, &(0x7f0000000540)=""/11) ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0) connect$rxrpc(0xffffffffffffffff, &(0x7f0000000580)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e23, 0x4cad, @empty, 0x998}}, 0x24) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000680), 0x4) [ 182.025622][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 15:52:15 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x20081, 0x0) mmap$dsp(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x2000008, 0x9953, r3, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ff9000/0x1000)=nil) ioctl$SNDCTL_DSP_GETBLKSIZE(r3, 0xc0045004, &(0x7f0000000440)) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, &(0x7f00000004c0)) r5 = syz_open_dev$vcsa(&(0x7f0000000500)='/dev/vcsa#\x00', 0x2, 0x1) ioctl$KVM_GET_SUPPORTED_CPUID(r5, 0xc008ae05, &(0x7f0000000540)=""/11) ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0) connect$rxrpc(0xffffffffffffffff, &(0x7f0000000580)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e23, 0x4cad, @empty, 0x998}}, 0x24) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000680), 0x4) [ 182.080126][ T9937] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 182.101858][ T9937] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. 15:52:15 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x20081, 0x0) mmap$dsp(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x2000008, 0x9953, r3, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ff9000/0x1000)=nil) ioctl$SNDCTL_DSP_GETBLKSIZE(r3, 0xc0045004, &(0x7f0000000440)) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, &(0x7f00000004c0)) r5 = syz_open_dev$vcsa(&(0x7f0000000500)='/dev/vcsa#\x00', 0x2, 0x1) ioctl$KVM_GET_SUPPORTED_CPUID(r5, 0xc008ae05, &(0x7f0000000540)=""/11) ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0) connect$rxrpc(0xffffffffffffffff, &(0x7f0000000580)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e23, 0x4cad, @empty, 0x998}}, 0x24) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000680), 0x4) 15:52:15 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x20081, 0x0) mmap$dsp(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x2000008, 0x9953, r3, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ff9000/0x1000)=nil) ioctl$SNDCTL_DSP_GETBLKSIZE(r3, 0xc0045004, &(0x7f0000000440)) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, &(0x7f00000004c0)) r5 = syz_open_dev$vcsa(&(0x7f0000000500)='/dev/vcsa#\x00', 0x2, 0x1) ioctl$KVM_GET_SUPPORTED_CPUID(r5, 0xc008ae05, &(0x7f0000000540)=""/11) ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0) connect$rxrpc(0xffffffffffffffff, &(0x7f0000000580)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e23, 0x4cad, @empty, 0x998}}, 0x24) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000680), 0x4) [ 182.125750][ T9159] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 182.142779][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 182.151210][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready 15:52:15 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x20081, 0x0) mmap$dsp(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x2000008, 0x9953, r3, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ff9000/0x1000)=nil) ioctl$SNDCTL_DSP_GETBLKSIZE(r3, 0xc0045004, &(0x7f0000000440)) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, &(0x7f00000004c0)) r5 = syz_open_dev$vcsa(&(0x7f0000000500)='/dev/vcsa#\x00', 0x2, 0x1) ioctl$KVM_GET_SUPPORTED_CPUID(r5, 0xc008ae05, &(0x7f0000000540)=""/11) ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0) connect$rxrpc(0xffffffffffffffff, &(0x7f0000000580)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e23, 0x4cad, @empty, 0x998}}, 0x24) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000680), 0x4) [ 182.216919][ T9149] device veth0_macvtap entered promiscuous mode [ 182.240150][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 182.261043][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready 15:52:15 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x20081, 0x0) mmap$dsp(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x2000008, 0x9953, r3, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ff9000/0x1000)=nil) ioctl$SNDCTL_DSP_GETBLKSIZE(r3, 0xc0045004, &(0x7f0000000440)) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, &(0x7f00000004c0)) r5 = syz_open_dev$vcsa(&(0x7f0000000500)='/dev/vcsa#\x00', 0x2, 0x1) ioctl$KVM_GET_SUPPORTED_CPUID(r5, 0xc008ae05, &(0x7f0000000540)=""/11) ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0) connect$rxrpc(0xffffffffffffffff, &(0x7f0000000580)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e23, 0x4cad, @empty, 0x998}}, 0x24) [ 182.299714][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 182.313026][ T9149] device veth1_macvtap entered promiscuous mode 15:52:15 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="d8000000000000000000000000000000740990094b6231648878fd746cb9aa8799b0ba6c51a786a8ec63402c1e19169142c72c12620bc19fd4cdcacef8db4365c3e0638aafed58373e04529913e64f269cd08b4c8ae74e57acba1929062cc891f677dec5c2c0b4f46c9db1c7f06f191ae40093ab156a47ce845f5589ae7c2b23b5083b6a776d190cfcd142dda5229ba18aa612da681f738e70308c8d16c2a54c5ea5d4637edc8097f4cf54f388940e262283ab22294664ed05273bcb87ce07e00b70627341e7b4306be9f589d982a27e3e00000000000000c0000000000000000000000000000000791550d5ae736a81015e174bce566a1aeb4707d7e50ecaad3c2ce75488846cf51bd23b13e63800c469ac3d7e00057b3670be21fcd81380592703a3658825624a0601848e9b15a0fa1e1a6185f72bff7fcf8be6f6f500cdb9b99a757e4dedbc0413d63480edf0b124d671157b2f056ef377173c269860447ac8513adac8a93c9eb81c5f5b8f359137dccbb83e30a598fdb443c9525fdde7b909d359cdeeddee02e51538539dde56ae2c000000000000001000000000000000000000000000000060000000000000000000000000000000119b3377a4f50fef1bb4771edc53f8db1cb094d21cbb0b6ebd99faf58f8a9a45de225fbb93fff84d2651c725b4491f3a38bed9bd6036b42d89d648031678443a0caef1ef4ae0d9ddc80000000000000088040000000000000000000000000000c04496f6de95dd90cf10809075ebc568773980031c13d40fc4935dfa3824587782348f90947a364ffcbd0f41ca588cc049f0e6c9e48d992c78b7e83fe730f30db90e5beff0e5bcc3e49e82c8f0e128acd143268aa5ed34107b52fc648adbb758466faa07074d0469145d56381d5c4650296d71fd093038a649fe2850eb95a34ad0bd7ac4c30651c56d9338f2ef4da49678b3b90f6b565ecb1b128c53d7747bbdeecd7f25f3a1105ba9ed8955e372007b45332b557f025c1cc75d4817bc019e0e456c721e8f12171f491e68a6212c1a9ed839d13ce909aece45a44f8cb0fa728e22cfef271b9ace552434057e18354fd56f66cb2ffb77d7f0ab5112692cca3c9f260b88485ab6cb32ef36a0d4e866d6d6e56db23df1a4802c48998a39c4c0ca6e622f18912c0ac74d1a74f89299069440e73c165a349a7aa3a8cdb792b3b40032ba0ee7f93bfeb1697985e5ef0630f213418d7176cf8de84e5c5c0703700d644c564fe4240390a8b11f338a6c8034d5b6926a8452d0bd6f1338b1aec47a83f53462247a4a3c55af75032b406bd93f622acd91bb68474ca4b796d2b37b40822a5ee971dbbe6b91f1da9fdb9535e4f83834872edcda36e6d2548c6aa8f61e485d2cd03c3189302d4140a9db529dbe9962de8aab166861bb38add353368f83a1a2780181a8c533f741c02bdc5aa24975839228a2756b97399c59051d697dafd4cfc377666f87a8904a7d34da9c23056041e19435faa4fdd2d5a785e811bc857d38f391f1db6fd6ec990fb6e2df685b247c5ebf2d4f95e2f42f7c9639ae305072c4f5769c6aa0317c9e911bed07c440a4a34b1294ebb02fc106ac7d25f855d3c272b357d7844f0bac1db75edced7def3575db86d7530137d7a06d447d2dc291d9ab58eb22fa19cd070c6bd147f2781d06433e2549ee5fd7d681282cec6a289bcd4c1c382980ac4d04108856199ba45d682ffca10ffb80ab9fa26d2c9c3f20109c517fa43136e3273a4fe6b2e2a3c55265988699413a3ab968d48a3ed12c3d3262e4329b0470d96eb280a5400b4526dd28371a2cba91131b91c35cd2b72f3116c5327260a7c7680da89446478e724defaf5015f7a2bcef8905ad12da7cf25824a46e874d07538ab614f11fc6ee8e33e99f1b112d632dc57984badfb4056f8f62cdb29e2d5d8398d9b04954b09cb7c766a448345b42cb6518086d4ae22d57348f7d44c9569bdc4667faf3f5e31df9e0bba99857200a1475f48cd86651e915b23ebaa3d80b9e697f0cff24bae13c0fc6c9251a9394017c2fb447aab53989d9a52c1e38fd4c0d42295d8840faad12db70588ee08daaaa9f503935526ce55d1d0bb2c1b5864c8634fe115450c1a0b608c054e652e3ea288406a0974e889761a71d48489afaab148b768f69ddd8b67f3c067d958db2c3566db82613691778f38786a80786208b0778fca50d6b623768ed132a4ff9baa13c81fd4fdffd21b1ef8591954cdb2052292cec1dca4556ee2d19b1f18782f833646fb545eec2c472fc7d12d58b181c93d52861bdba45e6bb0fa7b805e660da40a2c81ad2760a4e72191a679b3664bf9bcaca74f66286a1257e515c94d05ed8ff0000000000000028acf4a9f65e9afd68754e8d003944e6d4ca874b16ea16ef91bbdb397e496d3223c3344fda1c633df9a1fe7c353f18ee1b4a5537f413731def332ab15f0ff95c860692c12c3050bad00afff4b3b27ff8a767f9e2f09a73fd876714d823e017de91310fbbddf86eb6af7b9f05bde67c5519d9f3b046fee376facb4a54c103df7583f7ba5f990f024b210fc13783556a227412b166fea5ffa1fe69552476b89cf398835b04cf82b662b3d781f5d2d8a19d7c5b86acdc957f28ca0f35e089c17e1e7ec7ce91364e"], 0x690}, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) accept4$nfc_llcp(r1, &(0x7f0000000180), &(0x7f0000000200)=0x60, 0x0) r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) recvfrom$inet(r5, &(0x7f0000000080)=""/34, 0x22, 0x10000, &(0x7f0000000100)={0x2, 0x4e23, @multicast1}, 0x10) close(r4) write$binfmt_misc(r3, &(0x7f0000000580)=ANY=[], 0x4240a2a0) socket$inet(0x2, 0x80000, 0x7) bind$inet(r4, &(0x7f00000002c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) connect$inet(r4, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) ioctl$UFFDIO_UNREGISTER(r5, 0x8010aa01, &(0x7f0000000140)={&(0x7f0000ff9000/0x4000)=nil, 0x4000}) splice(r2, 0x0, r4, 0x0, 0x10005, 0x0) mkdirat$cgroup(r5, &(0x7f0000000240)='syz0\x00', 0x1ff) socket$inet6(0xa, 0x800, 0xa) [ 182.353023][ T9149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 15:52:15 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) r6 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000001d40)='/dev/video2\x00', 0x2, 0x0) write(r6, &(0x7f0000001d80)="95b777c30ab4effb1907c9e504d224d01b8660759f8d1e16f96c9de595c0bcaa06c3cb26fb7976294c70ca8a5c794bd48152b7b2ab801f4b55d631ce77363f5d513f464107a16725023be17628bf76b2a56847b053f0bf81f39a2b6bc73912bfec73978f246a222a9afc336eaac2c7c1c5506478800513669e542f71dda5f7189774381d3f8f06a1879a3caa71e9f42c9146af357134c37271eacd9abeb67c60ec2585739261e99b0400920f0d82d671000c13b47c873c1c78061f26d6f43c325a072325473893042d77cf44519db651c582056cd59179771ace08d095c658acb7d91414412169b4a7eaa31471a5712e9755ce78223f98159ab9f297064b3c9886dc9243af7a7125c3520219f03f2a3738417e31d9538e21ad97777b9c188487b84a449f48ca6e7e0925c5a7df7eb42f51780d8c1357f9ede0a0b2344887edb815b0b2d3f056dc4e46fb4b2b6e8090ca9b9280207bc9250f6e25352e34cfe9466b30059d2cf63c16a8a698ec53ce38003c14fef539db53f561643d09bac89653ee09ce45de0b30e70fde346b2c374d4560717cb329a74bafbb7d603c987a8f78aa416d99479f569c0425be51766344f9a680a5c28a01b9e3fb7fdd672ee411e71b201d68d7635a8c3320c93611d60b373609baee5648938107fdaf8779575ea2433190b0b0deb2ac2a8f52743226aad611563481364f076ab16b17c0421e01de0c3a39b22b9021a4db7347d877dfebd95f5cb663518f00cda756c5a2a39821013a69e4b13e596c44e038d566ed8959f4543018091df4c185ed4ee2a120bcdb8c49d4e8a4f6d9bd2d8ee63a21087cac15affde10db66254cc0dc10ad57a65d9258113568ad56bc43f16380b3a0059a005cccca5a52b4b0c3683468c2eac0f793ec4083bf96eaf049f652cee9a83059c18a6a6bb79c6fd5785bd41adaba26c949e85a7b2845491cd4deb9df389fb0f2c34e0f2f1c089072049363091858b8922306c3e10ca2dac2c53e02eed882af6a5d73780999e6eeacaf8e16292a7dc09efa3ac6f26fa7d5dea1b1c44a720716e83efe8f26601e473502496f829102bae8696fb96cac6e31feb0b6b437b2442198f01ea20efb53967ac9aabfa991ecdb41145e08282fd9be5932e45769b163f59e9e6843fd5ba42b7d18613e9086b2c453610cd68445a2a86a969709163544792ea73e1184c0ae48eef58e6817d406d441432f2414190872787181e0fdbfb15a59d126600442fdd638c72d68db3a75285e1584f116ced6f9ac9155c49ed6bad603ecab7d2954e51689de53f1761362171beb2c8587aabd0a24c9d81096c1b2b3236303105c72d4d7aa03b7321cb2859e5559864e6901eb6c61dc9f0cf1ce454c4895f446a3449a680a18eb81e38a750c04994e005c678aa9ed2d9d715cebede294f4f14282350a1c80da5987d80409b01e62e30558caea13b105549544aa0746fa72d17a15955c89d03e68a49aba9085400ab220889c61993f4e0ba7531abf4d8eb484f9a71d9462e679b2cf4fe156e9dfb2d1714f08699f564fb16665e3b91d61c476702ea7ba932f05bd48751a5724870f7ad1aca789b0532cacb2e5af51f581d738fa8a4921f88f42e6fe3b17e9437a6d77b4bb1828849a86dabacf3a030ac7a3589671a89e23120b7633eea0e2888ed889ea0768b280f952ccc793969b2ce866eb0a966300e256e595f8bdfe7810557b744878f9c9812b9b6737e5bcb81faea22640a8bbb69c3fca10f7cfdc9f3cd034e688064a2f9ab1f07baa6b8bcadedd9f03b9b7f8c750224901b84c1702b73c8d4f7c6ac78e26f16f8438b077c50c736c621221616b5c2854685dadad52997a0146c286c8602f4f1e41578d1d59fad2b382cbca7f7b1e48cd6424c1c0db5e37c97b87695ee36304a84dfd4157083f28de4207e16d5faea1afaf33f768aea186d18de32c9cd9b943e5c9f50ab93bf024a5b189dd003e0479fddc5654c27a9319efef611a54078b2b73aa50afaf1d77e1e2a175106f43a59d0bc56b41720e667bd479dcdc2450f8b9b9048c69331a113fbcea0ebab5b1918677cad49baa6aec70078aff13aee58953d8d693a87f58c1e17beb788b66d00258490442725ae5162533933d0f8fb5632d858eafce8ab293198ba20fdceb60b97905f1f1bddd92d6ca0a248b547502ec2a0a599889feca261a3fad9bef4faf282aa89190eb46161a5609bacb140cddcd38b7616a1be2e9ab3f6e57fa0721206a482a9024d202296e9410c3df234519583bd63eb110bfa37043391c0dbc737b743d5e3026015b0716a21be39ac2cb7110a3f634f3de0ebf9924685ba3787916b9e7bc9a54af9b4e7bfae6d63a163ea97d5275a53f61141009579ed9968eaec6fdf4de32ea420698fd3ab363e08d8a0e99e55e622b5efa9f703af244a88486b7800e76f17996c057a110aa9e96a6346604be333aa073edaffcc3b9020548459774dc4ad701ab81b2c32f69309690b3fb7a892303d37c7565acb97dca14e5ada2d76ea3b97d50b103316b9375b9789f7c6a1c35cd8588590a7b3da504cafe655759d1cff31786f20f2fa19e882695b8c0cac391e0874da355b4cc7c4a5386da990d9749af3136ab2fc9d015f65e4436bbd26ac3d50ba09cd0f70d97ca7bd7eaa54ba13d9e8ac82366e00d82a586c53a9a6ce3b196f0add6578a83042e050c3e1799651c53e29130a829aa6b2ad26be8a865c8390417720996113f7da290a9814ce24ab6aa66f04c6247c2d32642e56201cb9642db84314a35b1cb7ccb454ded28a03994826993fd9c1641b8e571356e400b75c86c0c32d2b08c56d2246b96e448d0029a898f72ee80b9dca32a1c694fc0c2e876ab76b0c90994a5c0ee5105d45998764e9e45557aebe171335a963936a66c80732022a07ac242fe55a2206f2a2102d1d70a693ff3357a82c8a42869e3febb32a853ab96dfb3f0ab8d17039d75bb2913c7d452d232b97ae85fb959d34c3dc68315f97dbbe94e49458225c349b4e024e85cb582d943739b0122232ef0dad6cf45fac618899259812fab2e94c66452b51585427236b3f0bd843ddf4201d9fb5040d6766fd58aebd797f26532038c42e090585dd6199b783a31f35cd5d5c2e988c88967cb26a3bca580ded0d2b660e63f29c668dcdf4860e7ddaf078e10cefdcca67e8860784386b08ead5c6dea5c1837b8002d1b97715eab732d0c3a9a30519b55a7c9fa9382e7d858b639a8bb203dc5a11b60ed8d59b6345819b16beb046e4ee6e879ed3fe4fb16d3c5dbef2cf0c6a4d381fcb6e3081bd2ed9cec4864c53eef360c877e56dfeff92384ddfc6e0158cb0609ba0f3d49a2e359dc23a7b798f0445c179b40d847df62f8b2649ef78623ac6a4c834a2ecf2ab9dcbb3b9e52b61efc5ab5e24debe3ceb14005fd21945834a89f39125d1a98b1fb1fa7d1c44d973f1657060c90258c78bd29de91661caad78299f007bd1b0544bbfd8e40a968bf6ebda465540e72fa9275c20c7f34c07b0e8ab657043fee8d83ba383665961d40cdc9e0b0b706a326c2f3fbfbb413cc386862e8fa6129a1106d311ba98fc84682b1d060bc279f153d928e2925cdb5cbe712ac42000eca36f5cabaab7f092f0abcfbd4187caf9237c30b81a1135f0f5903b4a7d379420ddacc0b3cdfc937014d6cfc3c7d3f8e2f89939472b511f8832cada53189cf9bfa5cd799ccac4da1373c3ed43141a1806ad836ee48b4383d297c11216692fa6cf0cbc429409643489dd59de2a41f9a6f33b4e102291f8eeb9ac883c8f0d3552f1231116e5179e42e570583036750e2d4a92cce895d8836ab6f4a08b052ee2b68eec2df07610cd32874b25a616aa8936dc3a6694e9a4e23519a5e48e4570a59f83d51e69593a7f52b601f974a44858c7f9dc2381ea36566cb2c0a6005e34f3332edca93d45721cb3db5edb788b9395f6a46b48cf7f52370eb835499735238be92413a9d67d48185fb9378b56feb25a9db356df3ab5b897c51bf8fe0ec15aa71597edaa8aad920b8a16fde46d05b266be9ca41617c89ea3c27115d6594a44caa4b25a0e84f079fb15c92b38e390ad943ca2f7d44aff282d5e65c677a04755ca29f0db48e7b365275a4183dea50185f0ce79cd5b6eb0d066222759e9c42b6360c41523bd0c3ffb5fbc7406ff762ff0d5ad375f2211a81e647d09c685e5e19710af201f2cfb1e339bbde62f83a5d1c7a897c31269241f01371622ffad5f6dba73bed8c82d1132b5589c1b4507d453f1ceca7d4112097d5a9a516cfc8444fd98da7d98a2684332e5b373b18c349865ce95bc3587a33510e25c3315a60b54a22a9410c854c0948e583742a4442b34717b78ccd054bdd1339d0f0cabc1e8730263239d9b9b2f1bde381ff126ef05dbadcd651880c95ad9c96d4e4cc6da836b9b95597858adabe92983379f46da41f35f560644960534366782d5d672879d62a7b0ae80e012547ff5b618c04f119535e1cf1fc44d6c0c0002c59b174fd2be2923391a11ab258e0f3bac63d737fe28ad8bff5c43bdaf5c0437911ae8ef3ee0538ecbe9955304d8bedb6df878f1ccb3c9fafbb0175ca48d118661b76e55a8429a0f006d77a48054fe2e8436c1f47bddd7a1666166fa26d94fa32aa31248a38196e18943c0ed8f57f7211c9d80c2c52cbbb90cc62510658afe1bb6506a6752183ac7478423a963771946de15e37e3a4d21ff2b60704b2fe8a938718d50e889d271a5171bfca2efbd170cb2f0c60da5368dbc5a2a1c7abe1d1a5235a4d1b2cdef630fa00094f42907a04ce6212aaba2520efe308cfde4a07c2b3c6091efd490717617eb3f2b5740dcb17f80e28f0efdde9b15024e61d7bf4d0a388d7c33b94e20568f89e4b6b2f8f6ba930e4fb215343fc4db89f7b6b5c23d56aede6ed5ed0d5773f155a40e9dcb334d7e32a7e4142721700023088c8d274fd7e609cc5e3e696dfa1ec425a0f2a58c4177adbcf9f1344e431f00cee645ffee04ce95a65d1add3f093b022b7789b733194a02e61718481ab086b7367a1f10a000158699a64647aa0d52cabce7443c60a932b6743699eaf7e90170df48351388971b7df537e22b9abadc72e9393978411a5e900da995ef5d266374e1993db4f93a72a6045cc291ea342597d7c3bee20250ff06a8565de6665532a45d361b985e1782a81936d0b7f7f43993415552a4350b8373a33633ffc5e3f28fb8107f15110f4e8f8c8d51f671e0ff389fe9fd06db2b42577fa323be29cd23f5a264800dd2c028e15b158c989fda593402506460ac66dae57db5af2e01b7c9f89a3b14d2029bcf5409196cb189c921afa4e89ee1a6448effc91c6fd39e4eca3d89730dffa68e0613c50bcbaf5d717d39117a0cd30f2ab1326cdd5b438acb099745e926e6bc6aaa65ead655f89ba97c704c8a7ff8ce7c6e0efe8b73f910a40903e1188bd24ee70be925cadfdb8506e96fe883c98a11b61b513fe9b2c0033b213ed8e46013c7e44501a2564d16863fafa734cf2895ab1b570f26c721ef4ca340ecbce82849e01d064f700fa875212e9cb6c8069993b2a5f5978b97701dd9f6209a038c843b4e6d7c11c48bbf06716afa0d8b5aff3c2c1dc23f55993388832e3a2a551aa81a212d61e72931701321396e2489968e87ad1ea6490b06b8dfa79e0be632e6f1e08be8c76cd4514621a518a30924f17bf083821bb2e418174a4d9fcb6f107ca7ecebdfd20b33826a8f2a2ed8aef43b6b04ba399c56c5da400b7339fa75f0c63d492abe081f0759ebb3b67c21ada6e3b559333b9d5249fe", 0x1000) pipe(&(0x7f0000002d80)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BLKRAGET(r7, 0x1263, &(0x7f0000002dc0)) ioctl$sock_inet_SIOCSIFNETMASK(r7, 0x891c, &(0x7f0000002e00)={'geneve1\x00', {0x2, 0x4e20, @loopback}}) bind$netrom(r0, &(0x7f0000002e40)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x6}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @null, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) r8 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000002ec0)='/dev/sequencer2\x00', 0x1c001, 0x0) sendmsg$TIPC_NL_NET_GET(r8, &(0x7f00000032c0)={&(0x7f0000002f00)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000003280)={&(0x7f0000002f80)={0x2e0, 0x0, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x48, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x7fff, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x48f, @private1={0xfc, 0x1, [], 0x1}, 0xffffffff}}}}]}, @TIPC_NLA_SOCK={0xf4, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8b4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7fff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xe5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7fffffff}]}, @TIPC_NLA_SOCK_CON={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0xf7cb}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1ff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffff73df}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}]}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1f}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x20}]}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x10001}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x10000}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xbb}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x4000000}]}]}, @TIPC_NLA_PUBL={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x400}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x48ff270d}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7605}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7fffffff}]}, @TIPC_NLA_SOCK={0xb0, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7fff}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x80000000}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xccf7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2e70}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x59}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x71aa}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffffff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x81}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}]}, @TIPC_NLA_SOCK_CON={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x101}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x80}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}]}]}, @TIPC_NLA_NODE={0x64, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x78d}, @TIPC_NLA_NODE_KEY={0x45, 0x4, {'gcm(aes)\x00', 0x1d, "26dec4ad6aa43cb4f2ac0a4bb9f5a9cd0b2b4cfe77536970979fd56e37"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x400}]}, @TIPC_NLA_NET={0x30, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x4}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x80}]}]}, 0x2e0}, 0x1, 0x0, 0x0, 0x4004001}, 0x40) [ 182.403411][ T9149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.414366][ T9149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 182.426510][ T9149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.438760][ T9149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 182.451612][ T9149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.461757][ T9149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 182.475937][ T9149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.488361][ T9149] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 182.500308][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 182.508280][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 182.518830][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 182.546723][ T9149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 182.561562][ T9149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.572849][ T9149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 182.583869][ T9149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.594254][ T9149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 182.606034][ T9149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.616468][ T9149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 182.627430][ T9149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.638890][ T9149] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 182.654582][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 182.664258][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 182.723047][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 182.732664][ T5033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 182.747234][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 182.755390][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 182.765682][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 182.773362][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 182.833872][ T9159] device veth0_vlan entered promiscuous mode [ 182.898186][ T9159] device veth1_vlan entered promiscuous mode [ 182.924438][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 182.934760][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready 15:52:16 executing program 4: socket$netlink(0x10, 0x3, 0x0) r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = dup(r1) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$EXT4_IOC_MIGRATE(r3, 0x6609) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @my=0x0}, 0x10) ioctl$int_in(r0, 0x800000c004500a, &(0x7f00000001c0)) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) [ 182.950845][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 182.960993][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 182.982396][ T9159] device veth0_macvtap entered promiscuous mode [ 182.997389][ T9159] device veth1_macvtap entered promiscuous mode [ 183.017842][ T9159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 183.031474][ T9159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.042189][ T9159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 183.056502][ T9159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.067257][ T9159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 183.079678][ T9159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.090265][ T9159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 183.101149][ T9159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.112006][ T9159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 183.122923][ T9159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.135190][ T9159] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 183.148504][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 183.158039][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 183.166374][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 183.175540][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 183.186837][ T9159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 183.198128][ T9159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.208351][ T9159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 183.219729][ T9159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.230589][ T9159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 183.241952][ T9159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.252964][ T9159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 183.263687][ T9159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.274034][ T9159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 183.284689][ T9159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.295752][ T9159] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 183.308993][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 183.318303][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 15:52:16 executing program 5: socket$netlink(0x10, 0x3, 0x0) r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = dup(r1) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$EXT4_IOC_MIGRATE(r3, 0x6609) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @my=0x0}, 0x10) ioctl$int_in(r0, 0x800000c004500a, &(0x7f00000001c0)) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) 15:52:16 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x20081, 0x0) mmap$dsp(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x2000008, 0x9953, r3, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ff9000/0x1000)=nil) ioctl$SNDCTL_DSP_GETBLKSIZE(r3, 0xc0045004, &(0x7f0000000440)) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, &(0x7f00000004c0)) r5 = syz_open_dev$vcsa(&(0x7f0000000500)='/dev/vcsa#\x00', 0x2, 0x1) ioctl$KVM_GET_SUPPORTED_CPUID(r5, 0xc008ae05, &(0x7f0000000540)=""/11) ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0) 15:52:16 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) r6 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000001d40)='/dev/video2\x00', 0x2, 0x0) write(r6, &(0x7f0000001d80)="95b777c30ab4effb1907c9e504d224d01b8660759f8d1e16f96c9de595c0bcaa06c3cb26fb7976294c70ca8a5c794bd48152b7b2ab801f4b55d631ce77363f5d513f464107a16725023be17628bf76b2a56847b053f0bf81f39a2b6bc73912bfec73978f246a222a9afc336eaac2c7c1c5506478800513669e542f71dda5f7189774381d3f8f06a1879a3caa71e9f42c9146af357134c37271eacd9abeb67c60ec2585739261e99b0400920f0d82d671000c13b47c873c1c78061f26d6f43c325a072325473893042d77cf44519db651c582056cd59179771ace08d095c658acb7d91414412169b4a7eaa31471a5712e9755ce78223f98159ab9f297064b3c9886dc9243af7a7125c3520219f03f2a3738417e31d9538e21ad97777b9c188487b84a449f48ca6e7e0925c5a7df7eb42f51780d8c1357f9ede0a0b2344887edb815b0b2d3f056dc4e46fb4b2b6e8090ca9b9280207bc9250f6e25352e34cfe9466b30059d2cf63c16a8a698ec53ce38003c14fef539db53f561643d09bac89653ee09ce45de0b30e70fde346b2c374d4560717cb329a74bafbb7d603c987a8f78aa416d99479f569c0425be51766344f9a680a5c28a01b9e3fb7fdd672ee411e71b201d68d7635a8c3320c93611d60b373609baee5648938107fdaf8779575ea2433190b0b0deb2ac2a8f52743226aad611563481364f076ab16b17c0421e01de0c3a39b22b9021a4db7347d877dfebd95f5cb663518f00cda756c5a2a39821013a69e4b13e596c44e038d566ed8959f4543018091df4c185ed4ee2a120bcdb8c49d4e8a4f6d9bd2d8ee63a21087cac15affde10db66254cc0dc10ad57a65d9258113568ad56bc43f16380b3a0059a005cccca5a52b4b0c3683468c2eac0f793ec4083bf96eaf049f652cee9a83059c18a6a6bb79c6fd5785bd41adaba26c949e85a7b2845491cd4deb9df389fb0f2c34e0f2f1c089072049363091858b8922306c3e10ca2dac2c53e02eed882af6a5d73780999e6eeacaf8e16292a7dc09efa3ac6f26fa7d5dea1b1c44a720716e83efe8f26601e473502496f829102bae8696fb96cac6e31feb0b6b437b2442198f01ea20efb53967ac9aabfa991ecdb41145e08282fd9be5932e45769b163f59e9e6843fd5ba42b7d18613e9086b2c453610cd68445a2a86a969709163544792ea73e1184c0ae48eef58e6817d406d441432f2414190872787181e0fdbfb15a59d126600442fdd638c72d68db3a75285e1584f116ced6f9ac9155c49ed6bad603ecab7d2954e51689de53f1761362171beb2c8587aabd0a24c9d81096c1b2b3236303105c72d4d7aa03b7321cb2859e5559864e6901eb6c61dc9f0cf1ce454c4895f446a3449a680a18eb81e38a750c04994e005c678aa9ed2d9d715cebede294f4f14282350a1c80da5987d80409b01e62e30558caea13b105549544aa0746fa72d17a15955c89d03e68a49aba9085400ab220889c61993f4e0ba7531abf4d8eb484f9a71d9462e679b2cf4fe156e9dfb2d1714f08699f564fb16665e3b91d61c476702ea7ba932f05bd48751a5724870f7ad1aca789b0532cacb2e5af51f581d738fa8a4921f88f42e6fe3b17e9437a6d77b4bb1828849a86dabacf3a030ac7a3589671a89e23120b7633eea0e2888ed889ea0768b280f952ccc793969b2ce866eb0a966300e256e595f8bdfe7810557b744878f9c9812b9b6737e5bcb81faea22640a8bbb69c3fca10f7cfdc9f3cd034e688064a2f9ab1f07baa6b8bcadedd9f03b9b7f8c750224901b84c1702b73c8d4f7c6ac78e26f16f8438b077c50c736c621221616b5c2854685dadad52997a0146c286c8602f4f1e41578d1d59fad2b382cbca7f7b1e48cd6424c1c0db5e37c97b87695ee36304a84dfd4157083f28de4207e16d5faea1afaf33f768aea186d18de32c9cd9b943e5c9f50ab93bf024a5b189dd003e0479fddc5654c27a9319efef611a54078b2b73aa50afaf1d77e1e2a175106f43a59d0bc56b41720e667bd479dcdc2450f8b9b9048c69331a113fbcea0ebab5b1918677cad49baa6aec70078aff13aee58953d8d693a87f58c1e17beb788b66d00258490442725ae5162533933d0f8fb5632d858eafce8ab293198ba20fdceb60b97905f1f1bddd92d6ca0a248b547502ec2a0a599889feca261a3fad9bef4faf282aa89190eb46161a5609bacb140cddcd38b7616a1be2e9ab3f6e57fa0721206a482a9024d202296e9410c3df234519583bd63eb110bfa37043391c0dbc737b743d5e3026015b0716a21be39ac2cb7110a3f634f3de0ebf9924685ba3787916b9e7bc9a54af9b4e7bfae6d63a163ea97d5275a53f61141009579ed9968eaec6fdf4de32ea420698fd3ab363e08d8a0e99e55e622b5efa9f703af244a88486b7800e76f17996c057a110aa9e96a6346604be333aa073edaffcc3b9020548459774dc4ad701ab81b2c32f69309690b3fb7a892303d37c7565acb97dca14e5ada2d76ea3b97d50b103316b9375b9789f7c6a1c35cd8588590a7b3da504cafe655759d1cff31786f20f2fa19e882695b8c0cac391e0874da355b4cc7c4a5386da990d9749af3136ab2fc9d015f65e4436bbd26ac3d50ba09cd0f70d97ca7bd7eaa54ba13d9e8ac82366e00d82a586c53a9a6ce3b196f0add6578a83042e050c3e1799651c53e29130a829aa6b2ad26be8a865c8390417720996113f7da290a9814ce24ab6aa66f04c6247c2d32642e56201cb9642db84314a35b1cb7ccb454ded28a03994826993fd9c1641b8e571356e400b75c86c0c32d2b08c56d2246b96e448d0029a898f72ee80b9dca32a1c694fc0c2e876ab76b0c90994a5c0ee5105d45998764e9e45557aebe171335a963936a66c80732022a07ac242fe55a2206f2a2102d1d70a693ff3357a82c8a42869e3febb32a853ab96dfb3f0ab8d17039d75bb2913c7d452d232b97ae85fb959d34c3dc68315f97dbbe94e49458225c349b4e024e85cb582d943739b0122232ef0dad6cf45fac618899259812fab2e94c66452b51585427236b3f0bd843ddf4201d9fb5040d6766fd58aebd797f26532038c42e090585dd6199b783a31f35cd5d5c2e988c88967cb26a3bca580ded0d2b660e63f29c668dcdf4860e7ddaf078e10cefdcca67e8860784386b08ead5c6dea5c1837b8002d1b97715eab732d0c3a9a30519b55a7c9fa9382e7d858b639a8bb203dc5a11b60ed8d59b6345819b16beb046e4ee6e879ed3fe4fb16d3c5dbef2cf0c6a4d381fcb6e3081bd2ed9cec4864c53eef360c877e56dfeff92384ddfc6e0158cb0609ba0f3d49a2e359dc23a7b798f0445c179b40d847df62f8b2649ef78623ac6a4c834a2ecf2ab9dcbb3b9e52b61efc5ab5e24debe3ceb14005fd21945834a89f39125d1a98b1fb1fa7d1c44d973f1657060c90258c78bd29de91661caad78299f007bd1b0544bbfd8e40a968bf6ebda465540e72fa9275c20c7f34c07b0e8ab657043fee8d83ba383665961d40cdc9e0b0b706a326c2f3fbfbb413cc386862e8fa6129a1106d311ba98fc84682b1d060bc279f153d928e2925cdb5cbe712ac42000eca36f5cabaab7f092f0abcfbd4187caf9237c30b81a1135f0f5903b4a7d379420ddacc0b3cdfc937014d6cfc3c7d3f8e2f89939472b511f8832cada53189cf9bfa5cd799ccac4da1373c3ed43141a1806ad836ee48b4383d297c11216692fa6cf0cbc429409643489dd59de2a41f9a6f33b4e102291f8eeb9ac883c8f0d3552f1231116e5179e42e570583036750e2d4a92cce895d8836ab6f4a08b052ee2b68eec2df07610cd32874b25a616aa8936dc3a6694e9a4e23519a5e48e4570a59f83d51e69593a7f52b601f974a44858c7f9dc2381ea36566cb2c0a6005e34f3332edca93d45721cb3db5edb788b9395f6a46b48cf7f52370eb835499735238be92413a9d67d48185fb9378b56feb25a9db356df3ab5b897c51bf8fe0ec15aa71597edaa8aad920b8a16fde46d05b266be9ca41617c89ea3c27115d6594a44caa4b25a0e84f079fb15c92b38e390ad943ca2f7d44aff282d5e65c677a04755ca29f0db48e7b365275a4183dea50185f0ce79cd5b6eb0d066222759e9c42b6360c41523bd0c3ffb5fbc7406ff762ff0d5ad375f2211a81e647d09c685e5e19710af201f2cfb1e339bbde62f83a5d1c7a897c31269241f01371622ffad5f6dba73bed8c82d1132b5589c1b4507d453f1ceca7d4112097d5a9a516cfc8444fd98da7d98a2684332e5b373b18c349865ce95bc3587a33510e25c3315a60b54a22a9410c854c0948e583742a4442b34717b78ccd054bdd1339d0f0cabc1e8730263239d9b9b2f1bde381ff126ef05dbadcd651880c95ad9c96d4e4cc6da836b9b95597858adabe92983379f46da41f35f560644960534366782d5d672879d62a7b0ae80e012547ff5b618c04f119535e1cf1fc44d6c0c0002c59b174fd2be2923391a11ab258e0f3bac63d737fe28ad8bff5c43bdaf5c0437911ae8ef3ee0538ecbe9955304d8bedb6df878f1ccb3c9fafbb0175ca48d118661b76e55a8429a0f006d77a48054fe2e8436c1f47bddd7a1666166fa26d94fa32aa31248a38196e18943c0ed8f57f7211c9d80c2c52cbbb90cc62510658afe1bb6506a6752183ac7478423a963771946de15e37e3a4d21ff2b60704b2fe8a938718d50e889d271a5171bfca2efbd170cb2f0c60da5368dbc5a2a1c7abe1d1a5235a4d1b2cdef630fa00094f42907a04ce6212aaba2520efe308cfde4a07c2b3c6091efd490717617eb3f2b5740dcb17f80e28f0efdde9b15024e61d7bf4d0a388d7c33b94e20568f89e4b6b2f8f6ba930e4fb215343fc4db89f7b6b5c23d56aede6ed5ed0d5773f155a40e9dcb334d7e32a7e4142721700023088c8d274fd7e609cc5e3e696dfa1ec425a0f2a58c4177adbcf9f1344e431f00cee645ffee04ce95a65d1add3f093b022b7789b733194a02e61718481ab086b7367a1f10a000158699a64647aa0d52cabce7443c60a932b6743699eaf7e90170df48351388971b7df537e22b9abadc72e9393978411a5e900da995ef5d266374e1993db4f93a72a6045cc291ea342597d7c3bee20250ff06a8565de6665532a45d361b985e1782a81936d0b7f7f43993415552a4350b8373a33633ffc5e3f28fb8107f15110f4e8f8c8d51f671e0ff389fe9fd06db2b42577fa323be29cd23f5a264800dd2c028e15b158c989fda593402506460ac66dae57db5af2e01b7c9f89a3b14d2029bcf5409196cb189c921afa4e89ee1a6448effc91c6fd39e4eca3d89730dffa68e0613c50bcbaf5d717d39117a0cd30f2ab1326cdd5b438acb099745e926e6bc6aaa65ead655f89ba97c704c8a7ff8ce7c6e0efe8b73f910a40903e1188bd24ee70be925cadfdb8506e96fe883c98a11b61b513fe9b2c0033b213ed8e46013c7e44501a2564d16863fafa734cf2895ab1b570f26c721ef4ca340ecbce82849e01d064f700fa875212e9cb6c8069993b2a5f5978b97701dd9f6209a038c843b4e6d7c11c48bbf06716afa0d8b5aff3c2c1dc23f55993388832e3a2a551aa81a212d61e72931701321396e2489968e87ad1ea6490b06b8dfa79e0be632e6f1e08be8c76cd4514621a518a30924f17bf083821bb2e418174a4d9fcb6f107ca7ecebdfd20b33826a8f2a2ed8aef43b6b04ba399c56c5da400b7339fa75f0c63d492abe081f0759ebb3b67c21ada6e3b559333b9d5249fe", 0x1000) pipe(&(0x7f0000002d80)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BLKRAGET(r7, 0x1263, &(0x7f0000002dc0)) ioctl$sock_inet_SIOCSIFNETMASK(r7, 0x891c, &(0x7f0000002e00)={'geneve1\x00', {0x2, 0x4e20, @loopback}}) bind$netrom(r0, &(0x7f0000002e40)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x6}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @null, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) r8 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000002ec0)='/dev/sequencer2\x00', 0x1c001, 0x0) sendmsg$TIPC_NL_NET_GET(r8, &(0x7f00000032c0)={&(0x7f0000002f00)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000003280)={&(0x7f0000002f80)={0x2e0, 0x0, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x48, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x7fff, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x48f, @private1={0xfc, 0x1, [], 0x1}, 0xffffffff}}}}]}, @TIPC_NLA_SOCK={0xf4, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8b4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7fff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xe5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7fffffff}]}, @TIPC_NLA_SOCK_CON={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0xf7cb}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1ff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffff73df}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}]}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1f}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x20}]}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x10001}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x10000}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xbb}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x4000000}]}]}, @TIPC_NLA_PUBL={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x400}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x48ff270d}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7605}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7fffffff}]}, @TIPC_NLA_SOCK={0xb0, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7fff}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x80000000}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xccf7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2e70}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x59}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x71aa}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffffff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x81}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}]}, @TIPC_NLA_SOCK_CON={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x101}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x80}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}]}]}, @TIPC_NLA_NODE={0x64, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x78d}, @TIPC_NLA_NODE_KEY={0x45, 0x4, {'gcm(aes)\x00', 0x1d, "26dec4ad6aa43cb4f2ac0a4bb9f5a9cd0b2b4cfe77536970979fd56e37"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x400}]}, @TIPC_NLA_NET={0x30, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x4}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x80}]}]}, 0x2e0}, 0x1, 0x0, 0x0, 0x4004001}, 0x40) 15:52:16 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bind$rds(r2, &(0x7f0000000000)={0x2, 0x4e20, @private=0xa010100}, 0x10) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:16 executing program 0: syz_open_procfs(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x73cd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffefffffffffff, 0xffffffffffffffff, 0x9) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x3, 0x2) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(0xffffffffffffffff, 0x4008af23, &(0x7f0000000200)) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$sndctrl(0x0, 0x0, 0x0) r1 = memfd_create(&(0x7f0000000140)='\\vnet0?\'`/{,vi.et1eb0u_er\x00', 0x4) ftruncate(r1, 0x1000000) sendfile(r0, r1, &(0x7f00000000c0)=0xf18001, 0xeefffdef) r2 = creat(0x0, 0x0) ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f0000000680)="3b370c004e5121a6d9b11e067db0d3016e4e94273f26c64586ba6374c7ffd07de9d949ec292eec941d8b636dcd2d7741927506ca7d1a075c1bd8570ccaff1a47d684e17e15e05073ee917cb56eb729fd4f67cbc6e0da4a9d3ce3fda3994f4bae3c30497e56d8c9b805f8d2a9cf60e41caee5d0153b3152f60514741a27fc6812e3986f85f0d18c403c0d8c62077478e30f4f2bcf813724ed218c17b0c87563620e03bfce87491a61d697ed10c398d32ff89acb14673942a1a617c5ae086c435282ab5c44ee3645d1e7a43fbcb82ef28b8dd066bd46d7f35a548f01e4c84b5c0be63903785740d8e8371130590601220ce608ab26c44eb0a9d9e5fc3c7b5073e4") ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000440)={0x0, 0x0, @pic={0x9, 0xbe, 0x3f, 0x55, 0x1, 0x0, 0x4, 0x7, 0x0, 0x0, 0x8, 0x6, 0x81, 0x2c, 0x7d}}) fallocate(r2, 0x0, 0x0, 0x2000402) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(0xffffffffffffffff, 0x40bc5311, &(0x7f00000002c0)={0x20, 0x2, 'client1\x00', 0xffffffff80000000, "6411d6b8a2596800", "2a3efbd73b14150b0a8d20f50fc6f8b64fc3011d51cd53cf326f553628592589", 0x8, 0x10001}) close(0xffffffffffffffff) 15:52:16 executing program 4: socket$netlink(0x10, 0x3, 0x0) r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = dup(r1) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$EXT4_IOC_MIGRATE(r3, 0x6609) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @my=0x0}, 0x10) ioctl$int_in(r0, 0x800000c004500a, &(0x7f00000001c0)) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) 15:52:16 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x20081, 0x0) mmap$dsp(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x2000008, 0x9953, r3, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ff9000/0x1000)=nil) ioctl$SNDCTL_DSP_GETBLKSIZE(r3, 0xc0045004, &(0x7f0000000440)) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, &(0x7f00000004c0)) r5 = syz_open_dev$vcsa(&(0x7f0000000500)='/dev/vcsa#\x00', 0x2, 0x1) ioctl$KVM_GET_SUPPORTED_CPUID(r5, 0xc008ae05, &(0x7f0000000540)=""/11) 15:52:16 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) r6 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000001d40)='/dev/video2\x00', 0x2, 0x0) write(r6, &(0x7f0000001d80)="95b777c30ab4effb1907c9e504d224d01b8660759f8d1e16f96c9de595c0bcaa06c3cb26fb7976294c70ca8a5c794bd48152b7b2ab801f4b55d631ce77363f5d513f464107a16725023be17628bf76b2a56847b053f0bf81f39a2b6bc73912bfec73978f246a222a9afc336eaac2c7c1c5506478800513669e542f71dda5f7189774381d3f8f06a1879a3caa71e9f42c9146af357134c37271eacd9abeb67c60ec2585739261e99b0400920f0d82d671000c13b47c873c1c78061f26d6f43c325a072325473893042d77cf44519db651c582056cd59179771ace08d095c658acb7d91414412169b4a7eaa31471a5712e9755ce78223f98159ab9f297064b3c9886dc9243af7a7125c3520219f03f2a3738417e31d9538e21ad97777b9c188487b84a449f48ca6e7e0925c5a7df7eb42f51780d8c1357f9ede0a0b2344887edb815b0b2d3f056dc4e46fb4b2b6e8090ca9b9280207bc9250f6e25352e34cfe9466b30059d2cf63c16a8a698ec53ce38003c14fef539db53f561643d09bac89653ee09ce45de0b30e70fde346b2c374d4560717cb329a74bafbb7d603c987a8f78aa416d99479f569c0425be51766344f9a680a5c28a01b9e3fb7fdd672ee411e71b201d68d7635a8c3320c93611d60b373609baee5648938107fdaf8779575ea2433190b0b0deb2ac2a8f52743226aad611563481364f076ab16b17c0421e01de0c3a39b22b9021a4db7347d877dfebd95f5cb663518f00cda756c5a2a39821013a69e4b13e596c44e038d566ed8959f4543018091df4c185ed4ee2a120bcdb8c49d4e8a4f6d9bd2d8ee63a21087cac15affde10db66254cc0dc10ad57a65d9258113568ad56bc43f16380b3a0059a005cccca5a52b4b0c3683468c2eac0f793ec4083bf96eaf049f652cee9a83059c18a6a6bb79c6fd5785bd41adaba26c949e85a7b2845491cd4deb9df389fb0f2c34e0f2f1c089072049363091858b8922306c3e10ca2dac2c53e02eed882af6a5d73780999e6eeacaf8e16292a7dc09efa3ac6f26fa7d5dea1b1c44a720716e83efe8f26601e473502496f829102bae8696fb96cac6e31feb0b6b437b2442198f01ea20efb53967ac9aabfa991ecdb41145e08282fd9be5932e45769b163f59e9e6843fd5ba42b7d18613e9086b2c453610cd68445a2a86a969709163544792ea73e1184c0ae48eef58e6817d406d441432f2414190872787181e0fdbfb15a59d126600442fdd638c72d68db3a75285e1584f116ced6f9ac9155c49ed6bad603ecab7d2954e51689de53f1761362171beb2c8587aabd0a24c9d81096c1b2b3236303105c72d4d7aa03b7321cb2859e5559864e6901eb6c61dc9f0cf1ce454c4895f446a3449a680a18eb81e38a750c04994e005c678aa9ed2d9d715cebede294f4f14282350a1c80da5987d80409b01e62e30558caea13b105549544aa0746fa72d17a15955c89d03e68a49aba9085400ab220889c61993f4e0ba7531abf4d8eb484f9a71d9462e679b2cf4fe156e9dfb2d1714f08699f564fb16665e3b91d61c476702ea7ba932f05bd48751a5724870f7ad1aca789b0532cacb2e5af51f581d738fa8a4921f88f42e6fe3b17e9437a6d77b4bb1828849a86dabacf3a030ac7a3589671a89e23120b7633eea0e2888ed889ea0768b280f952ccc793969b2ce866eb0a966300e256e595f8bdfe7810557b744878f9c9812b9b6737e5bcb81faea22640a8bbb69c3fca10f7cfdc9f3cd034e688064a2f9ab1f07baa6b8bcadedd9f03b9b7f8c750224901b84c1702b73c8d4f7c6ac78e26f16f8438b077c50c736c621221616b5c2854685dadad52997a0146c286c8602f4f1e41578d1d59fad2b382cbca7f7b1e48cd6424c1c0db5e37c97b87695ee36304a84dfd4157083f28de4207e16d5faea1afaf33f768aea186d18de32c9cd9b943e5c9f50ab93bf024a5b189dd003e0479fddc5654c27a9319efef611a54078b2b73aa50afaf1d77e1e2a175106f43a59d0bc56b41720e667bd479dcdc2450f8b9b9048c69331a113fbcea0ebab5b1918677cad49baa6aec70078aff13aee58953d8d693a87f58c1e17beb788b66d00258490442725ae5162533933d0f8fb5632d858eafce8ab293198ba20fdceb60b97905f1f1bddd92d6ca0a248b547502ec2a0a599889feca261a3fad9bef4faf282aa89190eb46161a5609bacb140cddcd38b7616a1be2e9ab3f6e57fa0721206a482a9024d202296e9410c3df234519583bd63eb110bfa37043391c0dbc737b743d5e3026015b0716a21be39ac2cb7110a3f634f3de0ebf9924685ba3787916b9e7bc9a54af9b4e7bfae6d63a163ea97d5275a53f61141009579ed9968eaec6fdf4de32ea420698fd3ab363e08d8a0e99e55e622b5efa9f703af244a88486b7800e76f17996c057a110aa9e96a6346604be333aa073edaffcc3b9020548459774dc4ad701ab81b2c32f69309690b3fb7a892303d37c7565acb97dca14e5ada2d76ea3b97d50b103316b9375b9789f7c6a1c35cd8588590a7b3da504cafe655759d1cff31786f20f2fa19e882695b8c0cac391e0874da355b4cc7c4a5386da990d9749af3136ab2fc9d015f65e4436bbd26ac3d50ba09cd0f70d97ca7bd7eaa54ba13d9e8ac82366e00d82a586c53a9a6ce3b196f0add6578a83042e050c3e1799651c53e29130a829aa6b2ad26be8a865c8390417720996113f7da290a9814ce24ab6aa66f04c6247c2d32642e56201cb9642db84314a35b1cb7ccb454ded28a03994826993fd9c1641b8e571356e400b75c86c0c32d2b08c56d2246b96e448d0029a898f72ee80b9dca32a1c694fc0c2e876ab76b0c90994a5c0ee5105d45998764e9e45557aebe171335a963936a66c80732022a07ac242fe55a2206f2a2102d1d70a693ff3357a82c8a42869e3febb32a853ab96dfb3f0ab8d17039d75bb2913c7d452d232b97ae85fb959d34c3dc68315f97dbbe94e49458225c349b4e024e85cb582d943739b0122232ef0dad6cf45fac618899259812fab2e94c66452b51585427236b3f0bd843ddf4201d9fb5040d6766fd58aebd797f26532038c42e090585dd6199b783a31f35cd5d5c2e988c88967cb26a3bca580ded0d2b660e63f29c668dcdf4860e7ddaf078e10cefdcca67e8860784386b08ead5c6dea5c1837b8002d1b97715eab732d0c3a9a30519b55a7c9fa9382e7d858b639a8bb203dc5a11b60ed8d59b6345819b16beb046e4ee6e879ed3fe4fb16d3c5dbef2cf0c6a4d381fcb6e3081bd2ed9cec4864c53eef360c877e56dfeff92384ddfc6e0158cb0609ba0f3d49a2e359dc23a7b798f0445c179b40d847df62f8b2649ef78623ac6a4c834a2ecf2ab9dcbb3b9e52b61efc5ab5e24debe3ceb14005fd21945834a89f39125d1a98b1fb1fa7d1c44d973f1657060c90258c78bd29de91661caad78299f007bd1b0544bbfd8e40a968bf6ebda465540e72fa9275c20c7f34c07b0e8ab657043fee8d83ba383665961d40cdc9e0b0b706a326c2f3fbfbb413cc386862e8fa6129a1106d311ba98fc84682b1d060bc279f153d928e2925cdb5cbe712ac42000eca36f5cabaab7f092f0abcfbd4187caf9237c30b81a1135f0f5903b4a7d379420ddacc0b3cdfc937014d6cfc3c7d3f8e2f89939472b511f8832cada53189cf9bfa5cd799ccac4da1373c3ed43141a1806ad836ee48b4383d297c11216692fa6cf0cbc429409643489dd59de2a41f9a6f33b4e102291f8eeb9ac883c8f0d3552f1231116e5179e42e570583036750e2d4a92cce895d8836ab6f4a08b052ee2b68eec2df07610cd32874b25a616aa8936dc3a6694e9a4e23519a5e48e4570a59f83d51e69593a7f52b601f974a44858c7f9dc2381ea36566cb2c0a6005e34f3332edca93d45721cb3db5edb788b9395f6a46b48cf7f52370eb835499735238be92413a9d67d48185fb9378b56feb25a9db356df3ab5b897c51bf8fe0ec15aa71597edaa8aad920b8a16fde46d05b266be9ca41617c89ea3c27115d6594a44caa4b25a0e84f079fb15c92b38e390ad943ca2f7d44aff282d5e65c677a04755ca29f0db48e7b365275a4183dea50185f0ce79cd5b6eb0d066222759e9c42b6360c41523bd0c3ffb5fbc7406ff762ff0d5ad375f2211a81e647d09c685e5e19710af201f2cfb1e339bbde62f83a5d1c7a897c31269241f01371622ffad5f6dba73bed8c82d1132b5589c1b4507d453f1ceca7d4112097d5a9a516cfc8444fd98da7d98a2684332e5b373b18c349865ce95bc3587a33510e25c3315a60b54a22a9410c854c0948e583742a4442b34717b78ccd054bdd1339d0f0cabc1e8730263239d9b9b2f1bde381ff126ef05dbadcd651880c95ad9c96d4e4cc6da836b9b95597858adabe92983379f46da41f35f560644960534366782d5d672879d62a7b0ae80e012547ff5b618c04f119535e1cf1fc44d6c0c0002c59b174fd2be2923391a11ab258e0f3bac63d737fe28ad8bff5c43bdaf5c0437911ae8ef3ee0538ecbe9955304d8bedb6df878f1ccb3c9fafbb0175ca48d118661b76e55a8429a0f006d77a48054fe2e8436c1f47bddd7a1666166fa26d94fa32aa31248a38196e18943c0ed8f57f7211c9d80c2c52cbbb90cc62510658afe1bb6506a6752183ac7478423a963771946de15e37e3a4d21ff2b60704b2fe8a938718d50e889d271a5171bfca2efbd170cb2f0c60da5368dbc5a2a1c7abe1d1a5235a4d1b2cdef630fa00094f42907a04ce6212aaba2520efe308cfde4a07c2b3c6091efd490717617eb3f2b5740dcb17f80e28f0efdde9b15024e61d7bf4d0a388d7c33b94e20568f89e4b6b2f8f6ba930e4fb215343fc4db89f7b6b5c23d56aede6ed5ed0d5773f155a40e9dcb334d7e32a7e4142721700023088c8d274fd7e609cc5e3e696dfa1ec425a0f2a58c4177adbcf9f1344e431f00cee645ffee04ce95a65d1add3f093b022b7789b733194a02e61718481ab086b7367a1f10a000158699a64647aa0d52cabce7443c60a932b6743699eaf7e90170df48351388971b7df537e22b9abadc72e9393978411a5e900da995ef5d266374e1993db4f93a72a6045cc291ea342597d7c3bee20250ff06a8565de6665532a45d361b985e1782a81936d0b7f7f43993415552a4350b8373a33633ffc5e3f28fb8107f15110f4e8f8c8d51f671e0ff389fe9fd06db2b42577fa323be29cd23f5a264800dd2c028e15b158c989fda593402506460ac66dae57db5af2e01b7c9f89a3b14d2029bcf5409196cb189c921afa4e89ee1a6448effc91c6fd39e4eca3d89730dffa68e0613c50bcbaf5d717d39117a0cd30f2ab1326cdd5b438acb099745e926e6bc6aaa65ead655f89ba97c704c8a7ff8ce7c6e0efe8b73f910a40903e1188bd24ee70be925cadfdb8506e96fe883c98a11b61b513fe9b2c0033b213ed8e46013c7e44501a2564d16863fafa734cf2895ab1b570f26c721ef4ca340ecbce82849e01d064f700fa875212e9cb6c8069993b2a5f5978b97701dd9f6209a038c843b4e6d7c11c48bbf06716afa0d8b5aff3c2c1dc23f55993388832e3a2a551aa81a212d61e72931701321396e2489968e87ad1ea6490b06b8dfa79e0be632e6f1e08be8c76cd4514621a518a30924f17bf083821bb2e418174a4d9fcb6f107ca7ecebdfd20b33826a8f2a2ed8aef43b6b04ba399c56c5da400b7339fa75f0c63d492abe081f0759ebb3b67c21ada6e3b559333b9d5249fe", 0x1000) pipe(&(0x7f0000002d80)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BLKRAGET(r7, 0x1263, &(0x7f0000002dc0)) ioctl$sock_inet_SIOCSIFNETMASK(r7, 0x891c, &(0x7f0000002e00)={'geneve1\x00', {0x2, 0x4e20, @loopback}}) bind$netrom(r0, &(0x7f0000002e40)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x6}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @null, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) r8 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000002ec0)='/dev/sequencer2\x00', 0x1c001, 0x0) sendmsg$TIPC_NL_NET_GET(r8, &(0x7f00000032c0)={&(0x7f0000002f00)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000003280)={&(0x7f0000002f80)={0x2e0, 0x0, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x48, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x7fff, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x48f, @private1={0xfc, 0x1, [], 0x1}, 0xffffffff}}}}]}, @TIPC_NLA_SOCK={0xf4, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8b4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7fff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xe5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7fffffff}]}, @TIPC_NLA_SOCK_CON={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0xf7cb}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1ff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffff73df}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}]}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1f}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x20}]}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x10001}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x10000}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xbb}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x4000000}]}]}, @TIPC_NLA_PUBL={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x400}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x48ff270d}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7605}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7fffffff}]}, @TIPC_NLA_SOCK={0xb0, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7fff}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x80000000}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xccf7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2e70}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x59}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x71aa}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffffff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x81}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}]}, @TIPC_NLA_SOCK_CON={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x101}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x80}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}]}]}, @TIPC_NLA_NODE={0x64, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x78d}, @TIPC_NLA_NODE_KEY={0x45, 0x4, {'gcm(aes)\x00', 0x1d, "26dec4ad6aa43cb4f2ac0a4bb9f5a9cd0b2b4cfe77536970979fd56e37"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x400}]}, @TIPC_NLA_NET={0x30, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x4}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x80}]}]}, 0x2e0}, 0x1, 0x0, 0x0, 0x4004001}, 0x40) [ 183.580948][ C1] hrtimer: interrupt took 24364 ns 15:52:16 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x20081, 0x0) mmap$dsp(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x2000008, 0x9953, r3, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ff9000/0x1000)=nil) ioctl$SNDCTL_DSP_GETBLKSIZE(r3, 0xc0045004, &(0x7f0000000440)) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, &(0x7f00000004c0)) syz_open_dev$vcsa(&(0x7f0000000500)='/dev/vcsa#\x00', 0x2, 0x1) 15:52:16 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) r6 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000001d40)='/dev/video2\x00', 0x2, 0x0) write(r6, &(0x7f0000001d80)="95b777c30ab4effb1907c9e504d224d01b8660759f8d1e16f96c9de595c0bcaa06c3cb26fb7976294c70ca8a5c794bd48152b7b2ab801f4b55d631ce77363f5d513f464107a16725023be17628bf76b2a56847b053f0bf81f39a2b6bc73912bfec73978f246a222a9afc336eaac2c7c1c5506478800513669e542f71dda5f7189774381d3f8f06a1879a3caa71e9f42c9146af357134c37271eacd9abeb67c60ec2585739261e99b0400920f0d82d671000c13b47c873c1c78061f26d6f43c325a072325473893042d77cf44519db651c582056cd59179771ace08d095c658acb7d91414412169b4a7eaa31471a5712e9755ce78223f98159ab9f297064b3c9886dc9243af7a7125c3520219f03f2a3738417e31d9538e21ad97777b9c188487b84a449f48ca6e7e0925c5a7df7eb42f51780d8c1357f9ede0a0b2344887edb815b0b2d3f056dc4e46fb4b2b6e8090ca9b9280207bc9250f6e25352e34cfe9466b30059d2cf63c16a8a698ec53ce38003c14fef539db53f561643d09bac89653ee09ce45de0b30e70fde346b2c374d4560717cb329a74bafbb7d603c987a8f78aa416d99479f569c0425be51766344f9a680a5c28a01b9e3fb7fdd672ee411e71b201d68d7635a8c3320c93611d60b373609baee5648938107fdaf8779575ea2433190b0b0deb2ac2a8f52743226aad611563481364f076ab16b17c0421e01de0c3a39b22b9021a4db7347d877dfebd95f5cb663518f00cda756c5a2a39821013a69e4b13e596c44e038d566ed8959f4543018091df4c185ed4ee2a120bcdb8c49d4e8a4f6d9bd2d8ee63a21087cac15affde10db66254cc0dc10ad57a65d9258113568ad56bc43f16380b3a0059a005cccca5a52b4b0c3683468c2eac0f793ec4083bf96eaf049f652cee9a83059c18a6a6bb79c6fd5785bd41adaba26c949e85a7b2845491cd4deb9df389fb0f2c34e0f2f1c089072049363091858b8922306c3e10ca2dac2c53e02eed882af6a5d73780999e6eeacaf8e16292a7dc09efa3ac6f26fa7d5dea1b1c44a720716e83efe8f26601e473502496f829102bae8696fb96cac6e31feb0b6b437b2442198f01ea20efb53967ac9aabfa991ecdb41145e08282fd9be5932e45769b163f59e9e6843fd5ba42b7d18613e9086b2c453610cd68445a2a86a969709163544792ea73e1184c0ae48eef58e6817d406d441432f2414190872787181e0fdbfb15a59d126600442fdd638c72d68db3a75285e1584f116ced6f9ac9155c49ed6bad603ecab7d2954e51689de53f1761362171beb2c8587aabd0a24c9d81096c1b2b3236303105c72d4d7aa03b7321cb2859e5559864e6901eb6c61dc9f0cf1ce454c4895f446a3449a680a18eb81e38a750c04994e005c678aa9ed2d9d715cebede294f4f14282350a1c80da5987d80409b01e62e30558caea13b105549544aa0746fa72d17a15955c89d03e68a49aba9085400ab220889c61993f4e0ba7531abf4d8eb484f9a71d9462e679b2cf4fe156e9dfb2d1714f08699f564fb16665e3b91d61c476702ea7ba932f05bd48751a5724870f7ad1aca789b0532cacb2e5af51f581d738fa8a4921f88f42e6fe3b17e9437a6d77b4bb1828849a86dabacf3a030ac7a3589671a89e23120b7633eea0e2888ed889ea0768b280f952ccc793969b2ce866eb0a966300e256e595f8bdfe7810557b744878f9c9812b9b6737e5bcb81faea22640a8bbb69c3fca10f7cfdc9f3cd034e688064a2f9ab1f07baa6b8bcadedd9f03b9b7f8c750224901b84c1702b73c8d4f7c6ac78e26f16f8438b077c50c736c621221616b5c2854685dadad52997a0146c286c8602f4f1e41578d1d59fad2b382cbca7f7b1e48cd6424c1c0db5e37c97b87695ee36304a84dfd4157083f28de4207e16d5faea1afaf33f768aea186d18de32c9cd9b943e5c9f50ab93bf024a5b189dd003e0479fddc5654c27a9319efef611a54078b2b73aa50afaf1d77e1e2a175106f43a59d0bc56b41720e667bd479dcdc2450f8b9b9048c69331a113fbcea0ebab5b1918677cad49baa6aec70078aff13aee58953d8d693a87f58c1e17beb788b66d00258490442725ae5162533933d0f8fb5632d858eafce8ab293198ba20fdceb60b97905f1f1bddd92d6ca0a248b547502ec2a0a599889feca261a3fad9bef4faf282aa89190eb46161a5609bacb140cddcd38b7616a1be2e9ab3f6e57fa0721206a482a9024d202296e9410c3df234519583bd63eb110bfa37043391c0dbc737b743d5e3026015b0716a21be39ac2cb7110a3f634f3de0ebf9924685ba3787916b9e7bc9a54af9b4e7bfae6d63a163ea97d5275a53f61141009579ed9968eaec6fdf4de32ea420698fd3ab363e08d8a0e99e55e622b5efa9f703af244a88486b7800e76f17996c057a110aa9e96a6346604be333aa073edaffcc3b9020548459774dc4ad701ab81b2c32f69309690b3fb7a892303d37c7565acb97dca14e5ada2d76ea3b97d50b103316b9375b9789f7c6a1c35cd8588590a7b3da504cafe655759d1cff31786f20f2fa19e882695b8c0cac391e0874da355b4cc7c4a5386da990d9749af3136ab2fc9d015f65e4436bbd26ac3d50ba09cd0f70d97ca7bd7eaa54ba13d9e8ac82366e00d82a586c53a9a6ce3b196f0add6578a83042e050c3e1799651c53e29130a829aa6b2ad26be8a865c8390417720996113f7da290a9814ce24ab6aa66f04c6247c2d32642e56201cb9642db84314a35b1cb7ccb454ded28a03994826993fd9c1641b8e571356e400b75c86c0c32d2b08c56d2246b96e448d0029a898f72ee80b9dca32a1c694fc0c2e876ab76b0c90994a5c0ee5105d45998764e9e45557aebe171335a963936a66c80732022a07ac242fe55a2206f2a2102d1d70a693ff3357a82c8a42869e3febb32a853ab96dfb3f0ab8d17039d75bb2913c7d452d232b97ae85fb959d34c3dc68315f97dbbe94e49458225c349b4e024e85cb582d943739b0122232ef0dad6cf45fac618899259812fab2e94c66452b51585427236b3f0bd843ddf4201d9fb5040d6766fd58aebd797f26532038c42e090585dd6199b783a31f35cd5d5c2e988c88967cb26a3bca580ded0d2b660e63f29c668dcdf4860e7ddaf078e10cefdcca67e8860784386b08ead5c6dea5c1837b8002d1b97715eab732d0c3a9a30519b55a7c9fa9382e7d858b639a8bb203dc5a11b60ed8d59b6345819b16beb046e4ee6e879ed3fe4fb16d3c5dbef2cf0c6a4d381fcb6e3081bd2ed9cec4864c53eef360c877e56dfeff92384ddfc6e0158cb0609ba0f3d49a2e359dc23a7b798f0445c179b40d847df62f8b2649ef78623ac6a4c834a2ecf2ab9dcbb3b9e52b61efc5ab5e24debe3ceb14005fd21945834a89f39125d1a98b1fb1fa7d1c44d973f1657060c90258c78bd29de91661caad78299f007bd1b0544bbfd8e40a968bf6ebda465540e72fa9275c20c7f34c07b0e8ab657043fee8d83ba383665961d40cdc9e0b0b706a326c2f3fbfbb413cc386862e8fa6129a1106d311ba98fc84682b1d060bc279f153d928e2925cdb5cbe712ac42000eca36f5cabaab7f092f0abcfbd4187caf9237c30b81a1135f0f5903b4a7d379420ddacc0b3cdfc937014d6cfc3c7d3f8e2f89939472b511f8832cada53189cf9bfa5cd799ccac4da1373c3ed43141a1806ad836ee48b4383d297c11216692fa6cf0cbc429409643489dd59de2a41f9a6f33b4e102291f8eeb9ac883c8f0d3552f1231116e5179e42e570583036750e2d4a92cce895d8836ab6f4a08b052ee2b68eec2df07610cd32874b25a616aa8936dc3a6694e9a4e23519a5e48e4570a59f83d51e69593a7f52b601f974a44858c7f9dc2381ea36566cb2c0a6005e34f3332edca93d45721cb3db5edb788b9395f6a46b48cf7f52370eb835499735238be92413a9d67d48185fb9378b56feb25a9db356df3ab5b897c51bf8fe0ec15aa71597edaa8aad920b8a16fde46d05b266be9ca41617c89ea3c27115d6594a44caa4b25a0e84f079fb15c92b38e390ad943ca2f7d44aff282d5e65c677a04755ca29f0db48e7b365275a4183dea50185f0ce79cd5b6eb0d066222759e9c42b6360c41523bd0c3ffb5fbc7406ff762ff0d5ad375f2211a81e647d09c685e5e19710af201f2cfb1e339bbde62f83a5d1c7a897c31269241f01371622ffad5f6dba73bed8c82d1132b5589c1b4507d453f1ceca7d4112097d5a9a516cfc8444fd98da7d98a2684332e5b373b18c349865ce95bc3587a33510e25c3315a60b54a22a9410c854c0948e583742a4442b34717b78ccd054bdd1339d0f0cabc1e8730263239d9b9b2f1bde381ff126ef05dbadcd651880c95ad9c96d4e4cc6da836b9b95597858adabe92983379f46da41f35f560644960534366782d5d672879d62a7b0ae80e012547ff5b618c04f119535e1cf1fc44d6c0c0002c59b174fd2be2923391a11ab258e0f3bac63d737fe28ad8bff5c43bdaf5c0437911ae8ef3ee0538ecbe9955304d8bedb6df878f1ccb3c9fafbb0175ca48d118661b76e55a8429a0f006d77a48054fe2e8436c1f47bddd7a1666166fa26d94fa32aa31248a38196e18943c0ed8f57f7211c9d80c2c52cbbb90cc62510658afe1bb6506a6752183ac7478423a963771946de15e37e3a4d21ff2b60704b2fe8a938718d50e889d271a5171bfca2efbd170cb2f0c60da5368dbc5a2a1c7abe1d1a5235a4d1b2cdef630fa00094f42907a04ce6212aaba2520efe308cfde4a07c2b3c6091efd490717617eb3f2b5740dcb17f80e28f0efdde9b15024e61d7bf4d0a388d7c33b94e20568f89e4b6b2f8f6ba930e4fb215343fc4db89f7b6b5c23d56aede6ed5ed0d5773f155a40e9dcb334d7e32a7e4142721700023088c8d274fd7e609cc5e3e696dfa1ec425a0f2a58c4177adbcf9f1344e431f00cee645ffee04ce95a65d1add3f093b022b7789b733194a02e61718481ab086b7367a1f10a000158699a64647aa0d52cabce7443c60a932b6743699eaf7e90170df48351388971b7df537e22b9abadc72e9393978411a5e900da995ef5d266374e1993db4f93a72a6045cc291ea342597d7c3bee20250ff06a8565de6665532a45d361b985e1782a81936d0b7f7f43993415552a4350b8373a33633ffc5e3f28fb8107f15110f4e8f8c8d51f671e0ff389fe9fd06db2b42577fa323be29cd23f5a264800dd2c028e15b158c989fda593402506460ac66dae57db5af2e01b7c9f89a3b14d2029bcf5409196cb189c921afa4e89ee1a6448effc91c6fd39e4eca3d89730dffa68e0613c50bcbaf5d717d39117a0cd30f2ab1326cdd5b438acb099745e926e6bc6aaa65ead655f89ba97c704c8a7ff8ce7c6e0efe8b73f910a40903e1188bd24ee70be925cadfdb8506e96fe883c98a11b61b513fe9b2c0033b213ed8e46013c7e44501a2564d16863fafa734cf2895ab1b570f26c721ef4ca340ecbce82849e01d064f700fa875212e9cb6c8069993b2a5f5978b97701dd9f6209a038c843b4e6d7c11c48bbf06716afa0d8b5aff3c2c1dc23f55993388832e3a2a551aa81a212d61e72931701321396e2489968e87ad1ea6490b06b8dfa79e0be632e6f1e08be8c76cd4514621a518a30924f17bf083821bb2e418174a4d9fcb6f107ca7ecebdfd20b33826a8f2a2ed8aef43b6b04ba399c56c5da400b7339fa75f0c63d492abe081f0759ebb3b67c21ada6e3b559333b9d5249fe", 0x1000) pipe(&(0x7f0000002d80)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BLKRAGET(r7, 0x1263, &(0x7f0000002dc0)) ioctl$sock_inet_SIOCSIFNETMASK(r7, 0x891c, &(0x7f0000002e00)={'geneve1\x00', {0x2, 0x4e20, @loopback}}) bind$netrom(r0, &(0x7f0000002e40)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x6}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @null, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000002ec0)='/dev/sequencer2\x00', 0x1c001, 0x0) 15:52:17 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bind$rds(r2, &(0x7f0000000000)={0x2, 0x4e20, @private=0xa010100}, 0x10) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:17 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x20081, 0x0) mmap$dsp(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x2000008, 0x9953, r3, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ff9000/0x1000)=nil) ioctl$SNDCTL_DSP_GETBLKSIZE(r3, 0xc0045004, &(0x7f0000000440)) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, &(0x7f00000004c0)) 15:52:17 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$inet(0xffffffffffffffff, &(0x7f000099e000)={0x2, 0x0, @dev}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20008005, 0x0, 0x0) setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x10, 0x0, 0x0) r1 = gettid() ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, &(0x7f0000000080)=r1) vmsplice(r0, &(0x7f00000014c0)=[{&(0x7f00000000c0)="94013f5f87ec621e9c0f1afd7a2b82ba08923ef6cf8ea7295a9cb4cea79754a8f55416858a018ad5f4f88a4529adf3fc41e4b7de6931420734be02bc14ae69a760f5247a4be84ba79bac86611766545cfc000fd59365bc840a52b931edefe15dbad3898728f30d07c7ff0ae3dc8512cf084173481186be0ee6bedfc5fb2dfd3dad0010231f6ec0a62b920a718f5b556ec6ba12f3223e497555bf0f3f471f938ed52564ed4edebf1f38eb518c2f3780302df9335ba8d7ec2010e1323cf1ec93da5e8f3e255dac381af3fa90286a60ff3ba49ddd9f370de80a4d1a5d6981838d414cd89d999b2c09c32523b09ae07996b1ea115bc31e0b897b6eb6296b71c5a96c2021c845e6113361f0e7db89196ee06f84f8ee2693e5874ba575fed3628a40254f77767e1463a313c1db2bbfdeaf0dfd28fdddfc432facac46444681efcf47b5aebc7abe85d73c63d9947da7010806e5b8618623d00100073c078fd6b28ec356cc91297d0cff67dd5ecf56f8c2eff4f899bee07121261f3c6bfe03a6d48f032971594d62036e88fde4c0fe529ecaa6a461181626705889a25ee46a216553d2f667b6f261e8f7a5edfde263c30807a0bae4d82643bef5a10dc68944b119ed3e748d2929d8c0a212502923487d5c838f6b16e8cb6716ddcc9c82a561b359368678922a654e6d29e431f2971f39f2d274ccb213d2369c646c142d1eed2be283013ae698a2c28acf0b16d67521081cb521fda47a249b0363bf69b1e29c114bdec47b8e2ab4fa77c8216979e6f7ecd673d46c00ad35c290ca383335799c26fb0ff4027bfdc7b8fa6945ecb9b8744157c3e595f2d8190ba19fa68c54b659f67448d39ae7f8c10d10331f9d16560409023548cce80b88f80bb429c279139dfd8f1697ea4cb0446a73acfb1434f5432c53c78c450e2838b6934575bcbbe77c1200087206998693620ebc00244ee4468288b9b0cff6768c85c7a57caf40b61350b3e9645b8e6e604f36ccfc680dd16c20362bbc46b500713b5f7fb0f80e08e943aa5ac13c6b260cead5d784f72e8c17f10eaea44d33a41e888db79e39f101d66659866149f1160120145c84a4ff7faa1d6262b32f3419f34a9a77ef1bf709b112f4af907f8ce2a082483b7eb264420a06714b1968186cc9eb075fd36e83d64f787063b420449e46d1ee9a8d5e56e5147da092c1df14d7c0e5c484e4b3a2e324e507012f06b7bb1d001dd50096732f40726455b85793d51f54f3977fc513152a6694425a98435e899c5baec7eb9ea4d37cad9d13bfe82aad879a1f5941597a7733fb9a7d3a0189e7be8ed0a84e51388e7e1a07ee2a681fa963630fc33c2bdebbf9104c107d601ff398852f82da7f96afd63fa8e1fd1a6ee0817556086766107741b03a552ea0026374a9e77c95b80c5a880e50fe2255824c7d435e7ae3dc99ae7c44e1a40c032606068032a49c1c54c5df6dfa4146221859bf15b66a4a2e4330c40aa1d740585ef2b4ecadc7183e40860d95841ba768584ab66014d80057c6f5643df8c4ab937dba3714eb91c506a210424be430673417d4e3355baebb7c4410f600a2cda777b69a4ab5cf9abb29c4ec409b28fed381db562063dd3eb27810408c5029d0468147cf961d1401f9ab0a0101da69af5b457921196694e2fc653bcbcf8ca2a08fbdb0e3a7f1e00c13facdbbcff6e12f6f131b94895d345cfc04aa2f02c7eda2d5232a2dba9683acda9330e8bd2e5918f888e818ff4caff2fcee1d933eecd7932eae5ed9532e706a3c5daa3ccb093c7f6456d8b9f7ba1ea4377c351f5b90805797a9e8e45b394383c9c7221b3636f5b09a828faccdabfce2e55330a579c9d156cfb48267908c121e771c9b6367efc7e78d41ca9952339da5d6212883316756c186cd7443208ee50b078c6fb70312e246f84fb20647efb32582c7dd096ac8ac2e227d3538e840b900ad3a27617358b3d102c06a0134c2a4ea92c5dad7e1f02ca78bb6215e9e5ce18fa2f48317b2d76a91e9b24b32d7f6f08385d0fb8371658f89f3f98c4b0fb3f4f239e279b86c614d81b4667d96a82cd694aff61fb3c3d026e8e62a301bb25e5dcbd02c451d94577f4535ab427f20521648bfefbd977cff89f25b57128474ae149a90a1c19a40dbff977c595ce6737387b2c4b6d4dd3866867781ed3e9648c7636cf5700ab439627eabbfb7534c476afd7fafa7831b2c82477211ba762832fd2ed7617b0206e521aacf703d9504dce7947a858894dc13a145f58790a53f4239af325ee37cb092826579160919f1867f08c8e7a03aecfce5b7ef491e55b8867a944f41d78dbc776509f3503bd6f54e9faa042ef06beb6c1430f42a60b31fede189bd29d24ce76d650bd310e301d8beb334e1e768e9e855ab9c1625666d8247c387b68928e03ece5696f6bd0bcd6f816b62b06f7ef26fb80e2ff5f96b01c84b78c691bd74e25f4eebcefa69c281517e8f9d1044e06dd16ebd28c5c67d7bd89c35530ff4c9f0bf71e5aee538d5792beb08911100cc6d9026e27c8f542c3c03d7537f9aad9172a3d41a96f68a9c82c7f47c246071a0a00d7b270454ceeae40de3ca16d713df8f404a869a3ffaf9d27675e1f02ac57f0f41f2bdb4d97ecf16e8334d51d0d730c45fe65021a94c60499cf961dee7ae9402d74112d9fd22feed752bca02d28f0abb7122f1965271d9cb2364825c79a2727c068548bbd9a8d3a2678161be2120ca54d2db33fcbd36f5fa05528a8760df52567d4fc42692a084262166a3be3b6e5720edfa38f19465d76cb472fae90a7d67314b077b84b873f344b6b03a6b0feb96e066c86ce031b5646c368aef625857974bc4507a9359b08a2020ad601f4004c7f71fa8d84e117812af52cf8db8d9dff04c6225016fa2dfc42088dfe0fbcaf37984d9f2746430f6d2c2e430ade72f91cc453574fa027d20bab834265147f48cb7bd3465fb6c39ff1169055ff913d6c6d1770c40d478f6970d7e4624897c81cc8719501df2543032dab5895cbb001587ac0efdc56cc7a2968af692635dcdd358b8483c3ac0be99b4754b35df284ab2791325e8f36963a70ce801fd219359bef4a578622730182c163dd77f4e15db43a9b4a768742028844ddb343c3f02bce6435b03e8ffb53d3d9bba76ada06f6ba6dca9431cd3b1273ab2bb90f32f06492ae20a24a8b1116ed5f34ae992565a3f9a0056814c7bf8610b916983591814ad8c2aa37fb8295b4ea33db263dfd3e24107a9eeb04dca45ee7478e595f71557444201c02e1bb8bbf72caead34a1f441906a48e6e83de721695d9cf79a0d5cf63fa4a3742c932142f46b3fa20c37c4c4628bd5f9882bf18dc133b67aea063ab30808a0b790e8f2efb9b0cb1038694fb59b7c4d39173f339981a95d6fde8cdddc56aea7fa50e2175b62523f1852ea0e88bd3f73f8c5c4633e148d8399832e00f6005d910954706e8ea95ea1df5f76df11be1f3d03e66a1fdc0a96fb2c260bcda0e6b3746e148db895ca74e497772e9d1de96b7b453344fbd9b3603c892fa178a341fbb0971a650d690499147edff5758b7fec9d5e10a9f16dea16a996b16af4147c606554295c8077b697008c6ed5e49f748cdf8120ce7c50edee2864d3c982911daf5ec9dbaa85bbd9544ce59a07f1fe62c1aa320b36973d736b20f263e4dc60517c01294db1a9c8521fc1082d25fdbf4e963cef387c0eb49ca5f660c2b997e4046753cc193104409f394566cdb993f38ce7f8ed19b5ea62929975ec99184a4a808ef6d1130ab497ca777b20540e39c40be77aec30c4dd1ad9830df84d793c567c4af6302c2bbfcf78149eed9ee22713cdc62e08169444e784416b1f2584005c938aa65653035c730d3c70b0b682c6cdb66e60826cdafa803861fedb29db8b6bf04223c4816d05ba7367d687be0fcac255bb0ed6800dcf71111081167b0088ce49739215c138da0a99005481160080cf5825150cbd9d7da8fb037335c9add8a186b8e7e2692084ba8d89a99e117439ed38f958a1e5ae5cacf68c10dcd8c90d3b2944cccedbbd47051267b60985ba3e1bfb52d28276c8a90ad3e4884562453aaa4c7939bba862d85d57d957593f969cd9ebad55041ae376f3b4171fda5de310d7368ea72709d270e28f4146a98e8e5adab5c975de0efb2b1ef5666f162eb0047869af5ca7805107d1861826192f123d9fe251437e5c1eb880032f8f89f3d9962f1b6d7dbff10984fe985052a489753a9bd9e0c4bd96879cde1d6aac4f3d935e1c7c5d68b16484365cd2787a51c5386449ab643ae988e5ac1a47f60159b5be05ca20e7c56246ef9c79d0b2efe18c5a1246ed8777787fe015e4a0952d7a8ce3a06783cc94299a7633481ddf9beb6466cbc20c01fe1b2765fa371bc912d93f89187be9e8917307f31860450b0aefd14d558c28c6a3dd78cd2a321cbcfe68747aceba7b60a7fbdff63f5fa2d470f71b47e5af372bfa5a8925b2c64b7f3e2b23c228b989497631ae9f9f4f4701fdbae24fe17399e0c1b35da00fe44eaf34aa8e6aeeac56b6f2c28fb8c37e3db66f9c3c2b70530ea59f94248f05a4777c79e8d3c7f64106361e5cb0605e57ba48965c4287cc2316145b9775dc6b17970d3decbdd3bfba2acfb2d7c84a1e6655988a005d76586a04f74a9876429e0fe0df70c7ca028ee093a195671448b5242ee6e3a03cdcd2d2904ff0dbf78bd720ba3bd115658db7a5d194ddcb7cdc5422211145e3fd52b156d5e44e000494f66ba91cbac4c7f0d2bc0430c57f892c1f6d9ff250d1e80a4c6e36f7bf1281d7642971c72185ef5a1c9f00badc641552d7c432713d1568f44a26e0916d64985d9e3b63150939a5f3e86b671e0d647b0ee0404ff51e4fa05caf60b3e2ea5ce00b4b96db57ddd583ef8a0bb766ae9c70a5a6224c04b8ba64cd86e9fe2939688b39c39762c6fbd1e276d6bdcc486147f7fcec5d7eced6b97f6fa0e1ee5b3a38402654136fd923f43f535f02b1be3b6469e5befa58ddb7cb7a18ae74849fadc1d2f36913cdc5afb8b161efc21a609ecbea7d14242806f9a0d907a17032d720f185cdc9b853be6fd779d20bee400e0ee2e47b8a6f710de05b8a9f2890869552745218ba718dcd6082775b6f2eb43e95b3843af1c9e4246d80fc2b397d203e194e6535466664a04b0690eed46d55fb5a06011d5034dc61a8aee002a10a2677325b442a37775960ebc9f8085ccdf275ba07dacca5bb1bfe016ea070b5f46d653a35c97545fb0a62ce5ed9b8d799484555f24ff86c90a1e546af23d97cb2d25a4326699bd7c3de4b6c2c343288024aa524195fcb99656bd3bd1618c7260de9c6a3eb6caac238ddbcfaf97ba729292a658ce9d8e0769b146c93054321c6f8e27271990478ca0ca98c88463569c4042b77623d799671a7ca3c61ebe421b4fe68b9f5c25bf0218ba1a2efcc67d049a7a75134d052e3258301e91bb25e45f622039ba683be5093227daef99e2e4a5a525f386d1abf717f100a18cdbef9d0c67325ffd70bf5234ad2a954eb38838b0bcd1fb5a62e961a59754c484088e262c165bc46d75191d83e0b70ae760e3b97a7729e0443ae38984d59899e43e81caa5f31b14175be9cd1374fd8d6c2c85e732cb92432e5c361e8e2e4ed5b33b76826260e900858d6c9b422de58c36b360a40787c6caebe5979405f0a341b60d4217e586893b809bd76fe06fc7b750c620a01338d2cf72b1ef94cea122efc0c9a552b07dd0c15c16cf4237651f3f24217f5cd2d7d5e910fe23fab9b17106246ec13bc53c32e64e0ee773c2dd46dc60d", 0x1000}, {&(0x7f00000010c0)="df8146c900ecbf484ea05a775b6f3b07b13803e18a75f7a6f7955d24de5a05bd48a7e03e000f697d4aeb00357973b6dcbedef20df9400d28844cd6b9d17e1fe892e1d3c3cbc189094772d9a2f4c54024fc3ea440a72cfc5fd2ad33bc1fb95bee510174cb28bccd1c48af18510900ad63282e08f07895c7f309da26ea21bb448bd8136f47f4faf98d9a1b734556bff397f04df83e814af8a84f46853961c3a53c937c0aeb0e59f319e9fe3f00714c38ab4a9ff49f0a0284b0b8b86a", 0xbb}, {&(0x7f0000001180)="dc7d4b4bdd4ebfe4891cba21fa7de4add3bff5a1f3662cf4943e48f574fc5ae5522dc450226107116561b418373aa165f17180ffd8a2b7797d166e79627d8f7a1e9bbe9d68537e3fb910a299a72bdd260c88c9c848e9b46d96", 0x59}, {&(0x7f0000001200)="5c5470d6166431dc9e8fca62556d420b01f12a217cccb62b1a52d805883489f477887bafdc7be1ea55554b", 0x2b}, {&(0x7f0000001240)="cf4f8837a5b5a0d4e6fa9ac88626b1ab94e814c86e5b9689cca38fd811fa0f22e3d4974e6e7eff5110549d1a4ee70c603ec65d11ef374a08b68766750a3806470414f2f4a81b8b0bfffd134652e91d436044705f7dda4aff6410029f6d1765521d9c8ec5c2442666a250c3e13c9f32312559acb50eace4e01de9a3374e429b", 0x7f}, {&(0x7f00000012c0)="57ae0801043caffd8c530d5cb5c16c92f8bd454220ff791ad3d92a8ddd76223650a7b4c20c793c55587a38d1c5873f0cdba371aba569ededae96fb31badc20a295c3", 0x42}, {&(0x7f0000001340)="770452557210f53dbf0d1e0fb38de8273f15f5bf7308adb98194ae2768eec6021e413df260fcbf85ccbf36fd43091fefa94a15bc2a3517b0234b9a56be748e6b2f3e0f4f3543c2af04533c16967c077180552dc49bb5456f004bef5f7037aa6347c2cf84194d08a007b740f875a9743c47f9f1939e29b865574c3efbd785a51409e6a9945fb518608b94dacdc473c8031decd2c1de08dcf365b639e66425beff473d0950aacb6a7738ff5058ae7f1d327768161beb9e0abc7be13dabb5b6bc100c0e25d91ccd1636a5ac312d78694c8cdd4f1f45804e06ea4fdde0d74e7d38d9114c7259542422352cbda76fb26b59ff9ff6464066d42beb", 0xf8}, {&(0x7f0000001440)="0d4defaa56f008e28db89980e273958bc27a1c2e2f44c2e1a015569a11f7e1079bf36061a71de0095ceb679cec027609ab824e41f4c66e649ff97161203ae4f7719fa9fa906fa922b873a4b32e1e9dad18e63893292acda662cd75fcd2529dfa68f4bc888f3a489e1778084bc7ef2ba743d0464e0e9424605f4e7ba376e3", 0x7e}], 0x8, 0x8) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2c6, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$tun(0xffffffffffffffff, 0x0, 0x1) clone(0xc75e43cfae22dd4, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 15:52:17 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) r6 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000001d40)='/dev/video2\x00', 0x2, 0x0) write(r6, &(0x7f0000001d80)="95b777c30ab4effb1907c9e504d224d01b8660759f8d1e16f96c9de595c0bcaa06c3cb26fb7976294c70ca8a5c794bd48152b7b2ab801f4b55d631ce77363f5d513f464107a16725023be17628bf76b2a56847b053f0bf81f39a2b6bc73912bfec73978f246a222a9afc336eaac2c7c1c5506478800513669e542f71dda5f7189774381d3f8f06a1879a3caa71e9f42c9146af357134c37271eacd9abeb67c60ec2585739261e99b0400920f0d82d671000c13b47c873c1c78061f26d6f43c325a072325473893042d77cf44519db651c582056cd59179771ace08d095c658acb7d91414412169b4a7eaa31471a5712e9755ce78223f98159ab9f297064b3c9886dc9243af7a7125c3520219f03f2a3738417e31d9538e21ad97777b9c188487b84a449f48ca6e7e0925c5a7df7eb42f51780d8c1357f9ede0a0b2344887edb815b0b2d3f056dc4e46fb4b2b6e8090ca9b9280207bc9250f6e25352e34cfe9466b30059d2cf63c16a8a698ec53ce38003c14fef539db53f561643d09bac89653ee09ce45de0b30e70fde346b2c374d4560717cb329a74bafbb7d603c987a8f78aa416d99479f569c0425be51766344f9a680a5c28a01b9e3fb7fdd672ee411e71b201d68d7635a8c3320c93611d60b373609baee5648938107fdaf8779575ea2433190b0b0deb2ac2a8f52743226aad611563481364f076ab16b17c0421e01de0c3a39b22b9021a4db7347d877dfebd95f5cb663518f00cda756c5a2a39821013a69e4b13e596c44e038d566ed8959f4543018091df4c185ed4ee2a120bcdb8c49d4e8a4f6d9bd2d8ee63a21087cac15affde10db66254cc0dc10ad57a65d9258113568ad56bc43f16380b3a0059a005cccca5a52b4b0c3683468c2eac0f793ec4083bf96eaf049f652cee9a83059c18a6a6bb79c6fd5785bd41adaba26c949e85a7b2845491cd4deb9df389fb0f2c34e0f2f1c089072049363091858b8922306c3e10ca2dac2c53e02eed882af6a5d73780999e6eeacaf8e16292a7dc09efa3ac6f26fa7d5dea1b1c44a720716e83efe8f26601e473502496f829102bae8696fb96cac6e31feb0b6b437b2442198f01ea20efb53967ac9aabfa991ecdb41145e08282fd9be5932e45769b163f59e9e6843fd5ba42b7d18613e9086b2c453610cd68445a2a86a969709163544792ea73e1184c0ae48eef58e6817d406d441432f2414190872787181e0fdbfb15a59d126600442fdd638c72d68db3a75285e1584f116ced6f9ac9155c49ed6bad603ecab7d2954e51689de53f1761362171beb2c8587aabd0a24c9d81096c1b2b3236303105c72d4d7aa03b7321cb2859e5559864e6901eb6c61dc9f0cf1ce454c4895f446a3449a680a18eb81e38a750c04994e005c678aa9ed2d9d715cebede294f4f14282350a1c80da5987d80409b01e62e30558caea13b105549544aa0746fa72d17a15955c89d03e68a49aba9085400ab220889c61993f4e0ba7531abf4d8eb484f9a71d9462e679b2cf4fe156e9dfb2d1714f08699f564fb16665e3b91d61c476702ea7ba932f05bd48751a5724870f7ad1aca789b0532cacb2e5af51f581d738fa8a4921f88f42e6fe3b17e9437a6d77b4bb1828849a86dabacf3a030ac7a3589671a89e23120b7633eea0e2888ed889ea0768b280f952ccc793969b2ce866eb0a966300e256e595f8bdfe7810557b744878f9c9812b9b6737e5bcb81faea22640a8bbb69c3fca10f7cfdc9f3cd034e688064a2f9ab1f07baa6b8bcadedd9f03b9b7f8c750224901b84c1702b73c8d4f7c6ac78e26f16f8438b077c50c736c621221616b5c2854685dadad52997a0146c286c8602f4f1e41578d1d59fad2b382cbca7f7b1e48cd6424c1c0db5e37c97b87695ee36304a84dfd4157083f28de4207e16d5faea1afaf33f768aea186d18de32c9cd9b943e5c9f50ab93bf024a5b189dd003e0479fddc5654c27a9319efef611a54078b2b73aa50afaf1d77e1e2a175106f43a59d0bc56b41720e667bd479dcdc2450f8b9b9048c69331a113fbcea0ebab5b1918677cad49baa6aec70078aff13aee58953d8d693a87f58c1e17beb788b66d00258490442725ae5162533933d0f8fb5632d858eafce8ab293198ba20fdceb60b97905f1f1bddd92d6ca0a248b547502ec2a0a599889feca261a3fad9bef4faf282aa89190eb46161a5609bacb140cddcd38b7616a1be2e9ab3f6e57fa0721206a482a9024d202296e9410c3df234519583bd63eb110bfa37043391c0dbc737b743d5e3026015b0716a21be39ac2cb7110a3f634f3de0ebf9924685ba3787916b9e7bc9a54af9b4e7bfae6d63a163ea97d5275a53f61141009579ed9968eaec6fdf4de32ea420698fd3ab363e08d8a0e99e55e622b5efa9f703af244a88486b7800e76f17996c057a110aa9e96a6346604be333aa073edaffcc3b9020548459774dc4ad701ab81b2c32f69309690b3fb7a892303d37c7565acb97dca14e5ada2d76ea3b97d50b103316b9375b9789f7c6a1c35cd8588590a7b3da504cafe655759d1cff31786f20f2fa19e882695b8c0cac391e0874da355b4cc7c4a5386da990d9749af3136ab2fc9d015f65e4436bbd26ac3d50ba09cd0f70d97ca7bd7eaa54ba13d9e8ac82366e00d82a586c53a9a6ce3b196f0add6578a83042e050c3e1799651c53e29130a829aa6b2ad26be8a865c8390417720996113f7da290a9814ce24ab6aa66f04c6247c2d32642e56201cb9642db84314a35b1cb7ccb454ded28a03994826993fd9c1641b8e571356e400b75c86c0c32d2b08c56d2246b96e448d0029a898f72ee80b9dca32a1c694fc0c2e876ab76b0c90994a5c0ee5105d45998764e9e45557aebe171335a963936a66c80732022a07ac242fe55a2206f2a2102d1d70a693ff3357a82c8a42869e3febb32a853ab96dfb3f0ab8d17039d75bb2913c7d452d232b97ae85fb959d34c3dc68315f97dbbe94e49458225c349b4e024e85cb582d943739b0122232ef0dad6cf45fac618899259812fab2e94c66452b51585427236b3f0bd843ddf4201d9fb5040d6766fd58aebd797f26532038c42e090585dd6199b783a31f35cd5d5c2e988c88967cb26a3bca580ded0d2b660e63f29c668dcdf4860e7ddaf078e10cefdcca67e8860784386b08ead5c6dea5c1837b8002d1b97715eab732d0c3a9a30519b55a7c9fa9382e7d858b639a8bb203dc5a11b60ed8d59b6345819b16beb046e4ee6e879ed3fe4fb16d3c5dbef2cf0c6a4d381fcb6e3081bd2ed9cec4864c53eef360c877e56dfeff92384ddfc6e0158cb0609ba0f3d49a2e359dc23a7b798f0445c179b40d847df62f8b2649ef78623ac6a4c834a2ecf2ab9dcbb3b9e52b61efc5ab5e24debe3ceb14005fd21945834a89f39125d1a98b1fb1fa7d1c44d973f1657060c90258c78bd29de91661caad78299f007bd1b0544bbfd8e40a968bf6ebda465540e72fa9275c20c7f34c07b0e8ab657043fee8d83ba383665961d40cdc9e0b0b706a326c2f3fbfbb413cc386862e8fa6129a1106d311ba98fc84682b1d060bc279f153d928e2925cdb5cbe712ac42000eca36f5cabaab7f092f0abcfbd4187caf9237c30b81a1135f0f5903b4a7d379420ddacc0b3cdfc937014d6cfc3c7d3f8e2f89939472b511f8832cada53189cf9bfa5cd799ccac4da1373c3ed43141a1806ad836ee48b4383d297c11216692fa6cf0cbc429409643489dd59de2a41f9a6f33b4e102291f8eeb9ac883c8f0d3552f1231116e5179e42e570583036750e2d4a92cce895d8836ab6f4a08b052ee2b68eec2df07610cd32874b25a616aa8936dc3a6694e9a4e23519a5e48e4570a59f83d51e69593a7f52b601f974a44858c7f9dc2381ea36566cb2c0a6005e34f3332edca93d45721cb3db5edb788b9395f6a46b48cf7f52370eb835499735238be92413a9d67d48185fb9378b56feb25a9db356df3ab5b897c51bf8fe0ec15aa71597edaa8aad920b8a16fde46d05b266be9ca41617c89ea3c27115d6594a44caa4b25a0e84f079fb15c92b38e390ad943ca2f7d44aff282d5e65c677a04755ca29f0db48e7b365275a4183dea50185f0ce79cd5b6eb0d066222759e9c42b6360c41523bd0c3ffb5fbc7406ff762ff0d5ad375f2211a81e647d09c685e5e19710af201f2cfb1e339bbde62f83a5d1c7a897c31269241f01371622ffad5f6dba73bed8c82d1132b5589c1b4507d453f1ceca7d4112097d5a9a516cfc8444fd98da7d98a2684332e5b373b18c349865ce95bc3587a33510e25c3315a60b54a22a9410c854c0948e583742a4442b34717b78ccd054bdd1339d0f0cabc1e8730263239d9b9b2f1bde381ff126ef05dbadcd651880c95ad9c96d4e4cc6da836b9b95597858adabe92983379f46da41f35f560644960534366782d5d672879d62a7b0ae80e012547ff5b618c04f119535e1cf1fc44d6c0c0002c59b174fd2be2923391a11ab258e0f3bac63d737fe28ad8bff5c43bdaf5c0437911ae8ef3ee0538ecbe9955304d8bedb6df878f1ccb3c9fafbb0175ca48d118661b76e55a8429a0f006d77a48054fe2e8436c1f47bddd7a1666166fa26d94fa32aa31248a38196e18943c0ed8f57f7211c9d80c2c52cbbb90cc62510658afe1bb6506a6752183ac7478423a963771946de15e37e3a4d21ff2b60704b2fe8a938718d50e889d271a5171bfca2efbd170cb2f0c60da5368dbc5a2a1c7abe1d1a5235a4d1b2cdef630fa00094f42907a04ce6212aaba2520efe308cfde4a07c2b3c6091efd490717617eb3f2b5740dcb17f80e28f0efdde9b15024e61d7bf4d0a388d7c33b94e20568f89e4b6b2f8f6ba930e4fb215343fc4db89f7b6b5c23d56aede6ed5ed0d5773f155a40e9dcb334d7e32a7e4142721700023088c8d274fd7e609cc5e3e696dfa1ec425a0f2a58c4177adbcf9f1344e431f00cee645ffee04ce95a65d1add3f093b022b7789b733194a02e61718481ab086b7367a1f10a000158699a64647aa0d52cabce7443c60a932b6743699eaf7e90170df48351388971b7df537e22b9abadc72e9393978411a5e900da995ef5d266374e1993db4f93a72a6045cc291ea342597d7c3bee20250ff06a8565de6665532a45d361b985e1782a81936d0b7f7f43993415552a4350b8373a33633ffc5e3f28fb8107f15110f4e8f8c8d51f671e0ff389fe9fd06db2b42577fa323be29cd23f5a264800dd2c028e15b158c989fda593402506460ac66dae57db5af2e01b7c9f89a3b14d2029bcf5409196cb189c921afa4e89ee1a6448effc91c6fd39e4eca3d89730dffa68e0613c50bcbaf5d717d39117a0cd30f2ab1326cdd5b438acb099745e926e6bc6aaa65ead655f89ba97c704c8a7ff8ce7c6e0efe8b73f910a40903e1188bd24ee70be925cadfdb8506e96fe883c98a11b61b513fe9b2c0033b213ed8e46013c7e44501a2564d16863fafa734cf2895ab1b570f26c721ef4ca340ecbce82849e01d064f700fa875212e9cb6c8069993b2a5f5978b97701dd9f6209a038c843b4e6d7c11c48bbf06716afa0d8b5aff3c2c1dc23f55993388832e3a2a551aa81a212d61e72931701321396e2489968e87ad1ea6490b06b8dfa79e0be632e6f1e08be8c76cd4514621a518a30924f17bf083821bb2e418174a4d9fcb6f107ca7ecebdfd20b33826a8f2a2ed8aef43b6b04ba399c56c5da400b7339fa75f0c63d492abe081f0759ebb3b67c21ada6e3b559333b9d5249fe", 0x1000) pipe(&(0x7f0000002d80)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BLKRAGET(r7, 0x1263, &(0x7f0000002dc0)) ioctl$sock_inet_SIOCSIFNETMASK(r7, 0x891c, &(0x7f0000002e00)={'geneve1\x00', {0x2, 0x4e20, @loopback}}) bind$netrom(r0, &(0x7f0000002e40)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x6}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @null, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) 15:52:17 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x20081, 0x0) mmap$dsp(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x2000008, 0x9953, r3, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ff9000/0x1000)=nil) ioctl$SNDCTL_DSP_GETBLKSIZE(r3, 0xc0045004, &(0x7f0000000440)) ioctl$SNDCTL_DSP_GETOSPACE(0xffffffffffffffff, 0x8010500c, &(0x7f00000004c0)) 15:52:17 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bind$rds(r2, &(0x7f0000000000)={0x2, 0x4e20, @private=0xa010100}, 0x10) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:17 executing program 0: syz_open_procfs(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x73cd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffefffffffffff, 0xffffffffffffffff, 0x9) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x3, 0x2) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(0xffffffffffffffff, 0x4008af23, &(0x7f0000000200)) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$sndctrl(0x0, 0x0, 0x0) r1 = memfd_create(&(0x7f0000000140)='\\vnet0?\'`/{,vi.et1eb0u_er\x00', 0x4) ftruncate(r1, 0x1000000) sendfile(r0, r1, &(0x7f00000000c0)=0xf18001, 0xeefffdef) r2 = creat(0x0, 0x0) ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f0000000680)="3b370c004e5121a6d9b11e067db0d3016e4e94273f26c64586ba6374c7ffd07de9d949ec292eec941d8b636dcd2d7741927506ca7d1a075c1bd8570ccaff1a47d684e17e15e05073ee917cb56eb729fd4f67cbc6e0da4a9d3ce3fda3994f4bae3c30497e56d8c9b805f8d2a9cf60e41caee5d0153b3152f60514741a27fc6812e3986f85f0d18c403c0d8c62077478e30f4f2bcf813724ed218c17b0c87563620e03bfce87491a61d697ed10c398d32ff89acb14673942a1a617c5ae086c435282ab5c44ee3645d1e7a43fbcb82ef28b8dd066bd46d7f35a548f01e4c84b5c0be63903785740d8e8371130590601220ce608ab26c44eb0a9d9e5fc3c7b5073e4") ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000440)={0x0, 0x0, @pic={0x9, 0xbe, 0x3f, 0x55, 0x1, 0x0, 0x4, 0x7, 0x0, 0x0, 0x8, 0x6, 0x81, 0x2c, 0x7d}}) fallocate(r2, 0x0, 0x0, 0x2000402) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(0xffffffffffffffff, 0x40bc5311, &(0x7f00000002c0)={0x20, 0x2, 'client1\x00', 0xffffffff80000000, "6411d6b8a2596800", "2a3efbd73b14150b0a8d20f50fc6f8b64fc3011d51cd53cf326f553628592589", 0x8, 0x10001}) close(0xffffffffffffffff) 15:52:17 executing program 4: socket$netlink(0x10, 0x3, 0x0) r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = dup(r1) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$EXT4_IOC_MIGRATE(r3, 0x6609) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @my=0x0}, 0x10) ioctl$int_in(r0, 0x800000c004500a, &(0x7f00000001c0)) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) 15:52:17 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) r6 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000001d40)='/dev/video2\x00', 0x2, 0x0) write(r6, &(0x7f0000001d80)="95b777c30ab4effb1907c9e504d224d01b8660759f8d1e16f96c9de595c0bcaa06c3cb26fb7976294c70ca8a5c794bd48152b7b2ab801f4b55d631ce77363f5d513f464107a16725023be17628bf76b2a56847b053f0bf81f39a2b6bc73912bfec73978f246a222a9afc336eaac2c7c1c5506478800513669e542f71dda5f7189774381d3f8f06a1879a3caa71e9f42c9146af357134c37271eacd9abeb67c60ec2585739261e99b0400920f0d82d671000c13b47c873c1c78061f26d6f43c325a072325473893042d77cf44519db651c582056cd59179771ace08d095c658acb7d91414412169b4a7eaa31471a5712e9755ce78223f98159ab9f297064b3c9886dc9243af7a7125c3520219f03f2a3738417e31d9538e21ad97777b9c188487b84a449f48ca6e7e0925c5a7df7eb42f51780d8c1357f9ede0a0b2344887edb815b0b2d3f056dc4e46fb4b2b6e8090ca9b9280207bc9250f6e25352e34cfe9466b30059d2cf63c16a8a698ec53ce38003c14fef539db53f561643d09bac89653ee09ce45de0b30e70fde346b2c374d4560717cb329a74bafbb7d603c987a8f78aa416d99479f569c0425be51766344f9a680a5c28a01b9e3fb7fdd672ee411e71b201d68d7635a8c3320c93611d60b373609baee5648938107fdaf8779575ea2433190b0b0deb2ac2a8f52743226aad611563481364f076ab16b17c0421e01de0c3a39b22b9021a4db7347d877dfebd95f5cb663518f00cda756c5a2a39821013a69e4b13e596c44e038d566ed8959f4543018091df4c185ed4ee2a120bcdb8c49d4e8a4f6d9bd2d8ee63a21087cac15affde10db66254cc0dc10ad57a65d9258113568ad56bc43f16380b3a0059a005cccca5a52b4b0c3683468c2eac0f793ec4083bf96eaf049f652cee9a83059c18a6a6bb79c6fd5785bd41adaba26c949e85a7b2845491cd4deb9df389fb0f2c34e0f2f1c089072049363091858b8922306c3e10ca2dac2c53e02eed882af6a5d73780999e6eeacaf8e16292a7dc09efa3ac6f26fa7d5dea1b1c44a720716e83efe8f26601e473502496f829102bae8696fb96cac6e31feb0b6b437b2442198f01ea20efb53967ac9aabfa991ecdb41145e08282fd9be5932e45769b163f59e9e6843fd5ba42b7d18613e9086b2c453610cd68445a2a86a969709163544792ea73e1184c0ae48eef58e6817d406d441432f2414190872787181e0fdbfb15a59d126600442fdd638c72d68db3a75285e1584f116ced6f9ac9155c49ed6bad603ecab7d2954e51689de53f1761362171beb2c8587aabd0a24c9d81096c1b2b3236303105c72d4d7aa03b7321cb2859e5559864e6901eb6c61dc9f0cf1ce454c4895f446a3449a680a18eb81e38a750c04994e005c678aa9ed2d9d715cebede294f4f14282350a1c80da5987d80409b01e62e30558caea13b105549544aa0746fa72d17a15955c89d03e68a49aba9085400ab220889c61993f4e0ba7531abf4d8eb484f9a71d9462e679b2cf4fe156e9dfb2d1714f08699f564fb16665e3b91d61c476702ea7ba932f05bd48751a5724870f7ad1aca789b0532cacb2e5af51f581d738fa8a4921f88f42e6fe3b17e9437a6d77b4bb1828849a86dabacf3a030ac7a3589671a89e23120b7633eea0e2888ed889ea0768b280f952ccc793969b2ce866eb0a966300e256e595f8bdfe7810557b744878f9c9812b9b6737e5bcb81faea22640a8bbb69c3fca10f7cfdc9f3cd034e688064a2f9ab1f07baa6b8bcadedd9f03b9b7f8c750224901b84c1702b73c8d4f7c6ac78e26f16f8438b077c50c736c621221616b5c2854685dadad52997a0146c286c8602f4f1e41578d1d59fad2b382cbca7f7b1e48cd6424c1c0db5e37c97b87695ee36304a84dfd4157083f28de4207e16d5faea1afaf33f768aea186d18de32c9cd9b943e5c9f50ab93bf024a5b189dd003e0479fddc5654c27a9319efef611a54078b2b73aa50afaf1d77e1e2a175106f43a59d0bc56b41720e667bd479dcdc2450f8b9b9048c69331a113fbcea0ebab5b1918677cad49baa6aec70078aff13aee58953d8d693a87f58c1e17beb788b66d00258490442725ae5162533933d0f8fb5632d858eafce8ab293198ba20fdceb60b97905f1f1bddd92d6ca0a248b547502ec2a0a599889feca261a3fad9bef4faf282aa89190eb46161a5609bacb140cddcd38b7616a1be2e9ab3f6e57fa0721206a482a9024d202296e9410c3df234519583bd63eb110bfa37043391c0dbc737b743d5e3026015b0716a21be39ac2cb7110a3f634f3de0ebf9924685ba3787916b9e7bc9a54af9b4e7bfae6d63a163ea97d5275a53f61141009579ed9968eaec6fdf4de32ea420698fd3ab363e08d8a0e99e55e622b5efa9f703af244a88486b7800e76f17996c057a110aa9e96a6346604be333aa073edaffcc3b9020548459774dc4ad701ab81b2c32f69309690b3fb7a892303d37c7565acb97dca14e5ada2d76ea3b97d50b103316b9375b9789f7c6a1c35cd8588590a7b3da504cafe655759d1cff31786f20f2fa19e882695b8c0cac391e0874da355b4cc7c4a5386da990d9749af3136ab2fc9d015f65e4436bbd26ac3d50ba09cd0f70d97ca7bd7eaa54ba13d9e8ac82366e00d82a586c53a9a6ce3b196f0add6578a83042e050c3e1799651c53e29130a829aa6b2ad26be8a865c8390417720996113f7da290a9814ce24ab6aa66f04c6247c2d32642e56201cb9642db84314a35b1cb7ccb454ded28a03994826993fd9c1641b8e571356e400b75c86c0c32d2b08c56d2246b96e448d0029a898f72ee80b9dca32a1c694fc0c2e876ab76b0c90994a5c0ee5105d45998764e9e45557aebe171335a963936a66c80732022a07ac242fe55a2206f2a2102d1d70a693ff3357a82c8a42869e3febb32a853ab96dfb3f0ab8d17039d75bb2913c7d452d232b97ae85fb959d34c3dc68315f97dbbe94e49458225c349b4e024e85cb582d943739b0122232ef0dad6cf45fac618899259812fab2e94c66452b51585427236b3f0bd843ddf4201d9fb5040d6766fd58aebd797f26532038c42e090585dd6199b783a31f35cd5d5c2e988c88967cb26a3bca580ded0d2b660e63f29c668dcdf4860e7ddaf078e10cefdcca67e8860784386b08ead5c6dea5c1837b8002d1b97715eab732d0c3a9a30519b55a7c9fa9382e7d858b639a8bb203dc5a11b60ed8d59b6345819b16beb046e4ee6e879ed3fe4fb16d3c5dbef2cf0c6a4d381fcb6e3081bd2ed9cec4864c53eef360c877e56dfeff92384ddfc6e0158cb0609ba0f3d49a2e359dc23a7b798f0445c179b40d847df62f8b2649ef78623ac6a4c834a2ecf2ab9dcbb3b9e52b61efc5ab5e24debe3ceb14005fd21945834a89f39125d1a98b1fb1fa7d1c44d973f1657060c90258c78bd29de91661caad78299f007bd1b0544bbfd8e40a968bf6ebda465540e72fa9275c20c7f34c07b0e8ab657043fee8d83ba383665961d40cdc9e0b0b706a326c2f3fbfbb413cc386862e8fa6129a1106d311ba98fc84682b1d060bc279f153d928e2925cdb5cbe712ac42000eca36f5cabaab7f092f0abcfbd4187caf9237c30b81a1135f0f5903b4a7d379420ddacc0b3cdfc937014d6cfc3c7d3f8e2f89939472b511f8832cada53189cf9bfa5cd799ccac4da1373c3ed43141a1806ad836ee48b4383d297c11216692fa6cf0cbc429409643489dd59de2a41f9a6f33b4e102291f8eeb9ac883c8f0d3552f1231116e5179e42e570583036750e2d4a92cce895d8836ab6f4a08b052ee2b68eec2df07610cd32874b25a616aa8936dc3a6694e9a4e23519a5e48e4570a59f83d51e69593a7f52b601f974a44858c7f9dc2381ea36566cb2c0a6005e34f3332edca93d45721cb3db5edb788b9395f6a46b48cf7f52370eb835499735238be92413a9d67d48185fb9378b56feb25a9db356df3ab5b897c51bf8fe0ec15aa71597edaa8aad920b8a16fde46d05b266be9ca41617c89ea3c27115d6594a44caa4b25a0e84f079fb15c92b38e390ad943ca2f7d44aff282d5e65c677a04755ca29f0db48e7b365275a4183dea50185f0ce79cd5b6eb0d066222759e9c42b6360c41523bd0c3ffb5fbc7406ff762ff0d5ad375f2211a81e647d09c685e5e19710af201f2cfb1e339bbde62f83a5d1c7a897c31269241f01371622ffad5f6dba73bed8c82d1132b5589c1b4507d453f1ceca7d4112097d5a9a516cfc8444fd98da7d98a2684332e5b373b18c349865ce95bc3587a33510e25c3315a60b54a22a9410c854c0948e583742a4442b34717b78ccd054bdd1339d0f0cabc1e8730263239d9b9b2f1bde381ff126ef05dbadcd651880c95ad9c96d4e4cc6da836b9b95597858adabe92983379f46da41f35f560644960534366782d5d672879d62a7b0ae80e012547ff5b618c04f119535e1cf1fc44d6c0c0002c59b174fd2be2923391a11ab258e0f3bac63d737fe28ad8bff5c43bdaf5c0437911ae8ef3ee0538ecbe9955304d8bedb6df878f1ccb3c9fafbb0175ca48d118661b76e55a8429a0f006d77a48054fe2e8436c1f47bddd7a1666166fa26d94fa32aa31248a38196e18943c0ed8f57f7211c9d80c2c52cbbb90cc62510658afe1bb6506a6752183ac7478423a963771946de15e37e3a4d21ff2b60704b2fe8a938718d50e889d271a5171bfca2efbd170cb2f0c60da5368dbc5a2a1c7abe1d1a5235a4d1b2cdef630fa00094f42907a04ce6212aaba2520efe308cfde4a07c2b3c6091efd490717617eb3f2b5740dcb17f80e28f0efdde9b15024e61d7bf4d0a388d7c33b94e20568f89e4b6b2f8f6ba930e4fb215343fc4db89f7b6b5c23d56aede6ed5ed0d5773f155a40e9dcb334d7e32a7e4142721700023088c8d274fd7e609cc5e3e696dfa1ec425a0f2a58c4177adbcf9f1344e431f00cee645ffee04ce95a65d1add3f093b022b7789b733194a02e61718481ab086b7367a1f10a000158699a64647aa0d52cabce7443c60a932b6743699eaf7e90170df48351388971b7df537e22b9abadc72e9393978411a5e900da995ef5d266374e1993db4f93a72a6045cc291ea342597d7c3bee20250ff06a8565de6665532a45d361b985e1782a81936d0b7f7f43993415552a4350b8373a33633ffc5e3f28fb8107f15110f4e8f8c8d51f671e0ff389fe9fd06db2b42577fa323be29cd23f5a264800dd2c028e15b158c989fda593402506460ac66dae57db5af2e01b7c9f89a3b14d2029bcf5409196cb189c921afa4e89ee1a6448effc91c6fd39e4eca3d89730dffa68e0613c50bcbaf5d717d39117a0cd30f2ab1326cdd5b438acb099745e926e6bc6aaa65ead655f89ba97c704c8a7ff8ce7c6e0efe8b73f910a40903e1188bd24ee70be925cadfdb8506e96fe883c98a11b61b513fe9b2c0033b213ed8e46013c7e44501a2564d16863fafa734cf2895ab1b570f26c721ef4ca340ecbce82849e01d064f700fa875212e9cb6c8069993b2a5f5978b97701dd9f6209a038c843b4e6d7c11c48bbf06716afa0d8b5aff3c2c1dc23f55993388832e3a2a551aa81a212d61e72931701321396e2489968e87ad1ea6490b06b8dfa79e0be632e6f1e08be8c76cd4514621a518a30924f17bf083821bb2e418174a4d9fcb6f107ca7ecebdfd20b33826a8f2a2ed8aef43b6b04ba399c56c5da400b7339fa75f0c63d492abe081f0759ebb3b67c21ada6e3b559333b9d5249fe", 0x1000) pipe(&(0x7f0000002d80)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BLKRAGET(r7, 0x1263, &(0x7f0000002dc0)) ioctl$sock_inet_SIOCSIFNETMASK(r7, 0x891c, &(0x7f0000002e00)={'geneve1\x00', {0x2, 0x4e20, @loopback}}) 15:52:17 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x20081, 0x0) mmap$dsp(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x2000008, 0x9953, r3, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ff9000/0x1000)=nil) ioctl$SNDCTL_DSP_GETBLKSIZE(r3, 0xc0045004, &(0x7f0000000440)) ioctl$SNDCTL_DSP_GETOSPACE(0xffffffffffffffff, 0x8010500c, &(0x7f00000004c0)) [ 184.492899][T10063] IPVS: ftp: loaded support on port[0] = 21 15:52:17 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) r6 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000001d40)='/dev/video2\x00', 0x2, 0x0) write(r6, &(0x7f0000001d80)="95b777c30ab4effb1907c9e504d224d01b8660759f8d1e16f96c9de595c0bcaa06c3cb26fb7976294c70ca8a5c794bd48152b7b2ab801f4b55d631ce77363f5d513f464107a16725023be17628bf76b2a56847b053f0bf81f39a2b6bc73912bfec73978f246a222a9afc336eaac2c7c1c5506478800513669e542f71dda5f7189774381d3f8f06a1879a3caa71e9f42c9146af357134c37271eacd9abeb67c60ec2585739261e99b0400920f0d82d671000c13b47c873c1c78061f26d6f43c325a072325473893042d77cf44519db651c582056cd59179771ace08d095c658acb7d91414412169b4a7eaa31471a5712e9755ce78223f98159ab9f297064b3c9886dc9243af7a7125c3520219f03f2a3738417e31d9538e21ad97777b9c188487b84a449f48ca6e7e0925c5a7df7eb42f51780d8c1357f9ede0a0b2344887edb815b0b2d3f056dc4e46fb4b2b6e8090ca9b9280207bc9250f6e25352e34cfe9466b30059d2cf63c16a8a698ec53ce38003c14fef539db53f561643d09bac89653ee09ce45de0b30e70fde346b2c374d4560717cb329a74bafbb7d603c987a8f78aa416d99479f569c0425be51766344f9a680a5c28a01b9e3fb7fdd672ee411e71b201d68d7635a8c3320c93611d60b373609baee5648938107fdaf8779575ea2433190b0b0deb2ac2a8f52743226aad611563481364f076ab16b17c0421e01de0c3a39b22b9021a4db7347d877dfebd95f5cb663518f00cda756c5a2a39821013a69e4b13e596c44e038d566ed8959f4543018091df4c185ed4ee2a120bcdb8c49d4e8a4f6d9bd2d8ee63a21087cac15affde10db66254cc0dc10ad57a65d9258113568ad56bc43f16380b3a0059a005cccca5a52b4b0c3683468c2eac0f793ec4083bf96eaf049f652cee9a83059c18a6a6bb79c6fd5785bd41adaba26c949e85a7b2845491cd4deb9df389fb0f2c34e0f2f1c089072049363091858b8922306c3e10ca2dac2c53e02eed882af6a5d73780999e6eeacaf8e16292a7dc09efa3ac6f26fa7d5dea1b1c44a720716e83efe8f26601e473502496f829102bae8696fb96cac6e31feb0b6b437b2442198f01ea20efb53967ac9aabfa991ecdb41145e08282fd9be5932e45769b163f59e9e6843fd5ba42b7d18613e9086b2c453610cd68445a2a86a969709163544792ea73e1184c0ae48eef58e6817d406d441432f2414190872787181e0fdbfb15a59d126600442fdd638c72d68db3a75285e1584f116ced6f9ac9155c49ed6bad603ecab7d2954e51689de53f1761362171beb2c8587aabd0a24c9d81096c1b2b3236303105c72d4d7aa03b7321cb2859e5559864e6901eb6c61dc9f0cf1ce454c4895f446a3449a680a18eb81e38a750c04994e005c678aa9ed2d9d715cebede294f4f14282350a1c80da5987d80409b01e62e30558caea13b105549544aa0746fa72d17a15955c89d03e68a49aba9085400ab220889c61993f4e0ba7531abf4d8eb484f9a71d9462e679b2cf4fe156e9dfb2d1714f08699f564fb16665e3b91d61c476702ea7ba932f05bd48751a5724870f7ad1aca789b0532cacb2e5af51f581d738fa8a4921f88f42e6fe3b17e9437a6d77b4bb1828849a86dabacf3a030ac7a3589671a89e23120b7633eea0e2888ed889ea0768b280f952ccc793969b2ce866eb0a966300e256e595f8bdfe7810557b744878f9c9812b9b6737e5bcb81faea22640a8bbb69c3fca10f7cfdc9f3cd034e688064a2f9ab1f07baa6b8bcadedd9f03b9b7f8c750224901b84c1702b73c8d4f7c6ac78e26f16f8438b077c50c736c621221616b5c2854685dadad52997a0146c286c8602f4f1e41578d1d59fad2b382cbca7f7b1e48cd6424c1c0db5e37c97b87695ee36304a84dfd4157083f28de4207e16d5faea1afaf33f768aea186d18de32c9cd9b943e5c9f50ab93bf024a5b189dd003e0479fddc5654c27a9319efef611a54078b2b73aa50afaf1d77e1e2a175106f43a59d0bc56b41720e667bd479dcdc2450f8b9b9048c69331a113fbcea0ebab5b1918677cad49baa6aec70078aff13aee58953d8d693a87f58c1e17beb788b66d00258490442725ae5162533933d0f8fb5632d858eafce8ab293198ba20fdceb60b97905f1f1bddd92d6ca0a248b547502ec2a0a599889feca261a3fad9bef4faf282aa89190eb46161a5609bacb140cddcd38b7616a1be2e9ab3f6e57fa0721206a482a9024d202296e9410c3df234519583bd63eb110bfa37043391c0dbc737b743d5e3026015b0716a21be39ac2cb7110a3f634f3de0ebf9924685ba3787916b9e7bc9a54af9b4e7bfae6d63a163ea97d5275a53f61141009579ed9968eaec6fdf4de32ea420698fd3ab363e08d8a0e99e55e622b5efa9f703af244a88486b7800e76f17996c057a110aa9e96a6346604be333aa073edaffcc3b9020548459774dc4ad701ab81b2c32f69309690b3fb7a892303d37c7565acb97dca14e5ada2d76ea3b97d50b103316b9375b9789f7c6a1c35cd8588590a7b3da504cafe655759d1cff31786f20f2fa19e882695b8c0cac391e0874da355b4cc7c4a5386da990d9749af3136ab2fc9d015f65e4436bbd26ac3d50ba09cd0f70d97ca7bd7eaa54ba13d9e8ac82366e00d82a586c53a9a6ce3b196f0add6578a83042e050c3e1799651c53e29130a829aa6b2ad26be8a865c8390417720996113f7da290a9814ce24ab6aa66f04c6247c2d32642e56201cb9642db84314a35b1cb7ccb454ded28a03994826993fd9c1641b8e571356e400b75c86c0c32d2b08c56d2246b96e448d0029a898f72ee80b9dca32a1c694fc0c2e876ab76b0c90994a5c0ee5105d45998764e9e45557aebe171335a963936a66c80732022a07ac242fe55a2206f2a2102d1d70a693ff3357a82c8a42869e3febb32a853ab96dfb3f0ab8d17039d75bb2913c7d452d232b97ae85fb959d34c3dc68315f97dbbe94e49458225c349b4e024e85cb582d943739b0122232ef0dad6cf45fac618899259812fab2e94c66452b51585427236b3f0bd843ddf4201d9fb5040d6766fd58aebd797f26532038c42e090585dd6199b783a31f35cd5d5c2e988c88967cb26a3bca580ded0d2b660e63f29c668dcdf4860e7ddaf078e10cefdcca67e8860784386b08ead5c6dea5c1837b8002d1b97715eab732d0c3a9a30519b55a7c9fa9382e7d858b639a8bb203dc5a11b60ed8d59b6345819b16beb046e4ee6e879ed3fe4fb16d3c5dbef2cf0c6a4d381fcb6e3081bd2ed9cec4864c53eef360c877e56dfeff92384ddfc6e0158cb0609ba0f3d49a2e359dc23a7b798f0445c179b40d847df62f8b2649ef78623ac6a4c834a2ecf2ab9dcbb3b9e52b61efc5ab5e24debe3ceb14005fd21945834a89f39125d1a98b1fb1fa7d1c44d973f1657060c90258c78bd29de91661caad78299f007bd1b0544bbfd8e40a968bf6ebda465540e72fa9275c20c7f34c07b0e8ab657043fee8d83ba383665961d40cdc9e0b0b706a326c2f3fbfbb413cc386862e8fa6129a1106d311ba98fc84682b1d060bc279f153d928e2925cdb5cbe712ac42000eca36f5cabaab7f092f0abcfbd4187caf9237c30b81a1135f0f5903b4a7d379420ddacc0b3cdfc937014d6cfc3c7d3f8e2f89939472b511f8832cada53189cf9bfa5cd799ccac4da1373c3ed43141a1806ad836ee48b4383d297c11216692fa6cf0cbc429409643489dd59de2a41f9a6f33b4e102291f8eeb9ac883c8f0d3552f1231116e5179e42e570583036750e2d4a92cce895d8836ab6f4a08b052ee2b68eec2df07610cd32874b25a616aa8936dc3a6694e9a4e23519a5e48e4570a59f83d51e69593a7f52b601f974a44858c7f9dc2381ea36566cb2c0a6005e34f3332edca93d45721cb3db5edb788b9395f6a46b48cf7f52370eb835499735238be92413a9d67d48185fb9378b56feb25a9db356df3ab5b897c51bf8fe0ec15aa71597edaa8aad920b8a16fde46d05b266be9ca41617c89ea3c27115d6594a44caa4b25a0e84f079fb15c92b38e390ad943ca2f7d44aff282d5e65c677a04755ca29f0db48e7b365275a4183dea50185f0ce79cd5b6eb0d066222759e9c42b6360c41523bd0c3ffb5fbc7406ff762ff0d5ad375f2211a81e647d09c685e5e19710af201f2cfb1e339bbde62f83a5d1c7a897c31269241f01371622ffad5f6dba73bed8c82d1132b5589c1b4507d453f1ceca7d4112097d5a9a516cfc8444fd98da7d98a2684332e5b373b18c349865ce95bc3587a33510e25c3315a60b54a22a9410c854c0948e583742a4442b34717b78ccd054bdd1339d0f0cabc1e8730263239d9b9b2f1bde381ff126ef05dbadcd651880c95ad9c96d4e4cc6da836b9b95597858adabe92983379f46da41f35f560644960534366782d5d672879d62a7b0ae80e012547ff5b618c04f119535e1cf1fc44d6c0c0002c59b174fd2be2923391a11ab258e0f3bac63d737fe28ad8bff5c43bdaf5c0437911ae8ef3ee0538ecbe9955304d8bedb6df878f1ccb3c9fafbb0175ca48d118661b76e55a8429a0f006d77a48054fe2e8436c1f47bddd7a1666166fa26d94fa32aa31248a38196e18943c0ed8f57f7211c9d80c2c52cbbb90cc62510658afe1bb6506a6752183ac7478423a963771946de15e37e3a4d21ff2b60704b2fe8a938718d50e889d271a5171bfca2efbd170cb2f0c60da5368dbc5a2a1c7abe1d1a5235a4d1b2cdef630fa00094f42907a04ce6212aaba2520efe308cfde4a07c2b3c6091efd490717617eb3f2b5740dcb17f80e28f0efdde9b15024e61d7bf4d0a388d7c33b94e20568f89e4b6b2f8f6ba930e4fb215343fc4db89f7b6b5c23d56aede6ed5ed0d5773f155a40e9dcb334d7e32a7e4142721700023088c8d274fd7e609cc5e3e696dfa1ec425a0f2a58c4177adbcf9f1344e431f00cee645ffee04ce95a65d1add3f093b022b7789b733194a02e61718481ab086b7367a1f10a000158699a64647aa0d52cabce7443c60a932b6743699eaf7e90170df48351388971b7df537e22b9abadc72e9393978411a5e900da995ef5d266374e1993db4f93a72a6045cc291ea342597d7c3bee20250ff06a8565de6665532a45d361b985e1782a81936d0b7f7f43993415552a4350b8373a33633ffc5e3f28fb8107f15110f4e8f8c8d51f671e0ff389fe9fd06db2b42577fa323be29cd23f5a264800dd2c028e15b158c989fda593402506460ac66dae57db5af2e01b7c9f89a3b14d2029bcf5409196cb189c921afa4e89ee1a6448effc91c6fd39e4eca3d89730dffa68e0613c50bcbaf5d717d39117a0cd30f2ab1326cdd5b438acb099745e926e6bc6aaa65ead655f89ba97c704c8a7ff8ce7c6e0efe8b73f910a40903e1188bd24ee70be925cadfdb8506e96fe883c98a11b61b513fe9b2c0033b213ed8e46013c7e44501a2564d16863fafa734cf2895ab1b570f26c721ef4ca340ecbce82849e01d064f700fa875212e9cb6c8069993b2a5f5978b97701dd9f6209a038c843b4e6d7c11c48bbf06716afa0d8b5aff3c2c1dc23f55993388832e3a2a551aa81a212d61e72931701321396e2489968e87ad1ea6490b06b8dfa79e0be632e6f1e08be8c76cd4514621a518a30924f17bf083821bb2e418174a4d9fcb6f107ca7ecebdfd20b33826a8f2a2ed8aef43b6b04ba399c56c5da400b7339fa75f0c63d492abe081f0759ebb3b67c21ada6e3b559333b9d5249fe", 0x1000) pipe(&(0x7f0000002d80)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BLKRAGET(r7, 0x1263, &(0x7f0000002dc0)) 15:52:17 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x20081, 0x0) mmap$dsp(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x2000008, 0x9953, r3, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ff9000/0x1000)=nil) ioctl$SNDCTL_DSP_GETBLKSIZE(r3, 0xc0045004, &(0x7f0000000440)) ioctl$SNDCTL_DSP_GETOSPACE(0xffffffffffffffff, 0x8010500c, &(0x7f00000004c0)) 15:52:17 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) r6 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000001d40)='/dev/video2\x00', 0x2, 0x0) write(r6, &(0x7f0000001d80)="95b777c30ab4effb1907c9e504d224d01b8660759f8d1e16f96c9de595c0bcaa06c3cb26fb7976294c70ca8a5c794bd48152b7b2ab801f4b55d631ce77363f5d513f464107a16725023be17628bf76b2a56847b053f0bf81f39a2b6bc73912bfec73978f246a222a9afc336eaac2c7c1c5506478800513669e542f71dda5f7189774381d3f8f06a1879a3caa71e9f42c9146af357134c37271eacd9abeb67c60ec2585739261e99b0400920f0d82d671000c13b47c873c1c78061f26d6f43c325a072325473893042d77cf44519db651c582056cd59179771ace08d095c658acb7d91414412169b4a7eaa31471a5712e9755ce78223f98159ab9f297064b3c9886dc9243af7a7125c3520219f03f2a3738417e31d9538e21ad97777b9c188487b84a449f48ca6e7e0925c5a7df7eb42f51780d8c1357f9ede0a0b2344887edb815b0b2d3f056dc4e46fb4b2b6e8090ca9b9280207bc9250f6e25352e34cfe9466b30059d2cf63c16a8a698ec53ce38003c14fef539db53f561643d09bac89653ee09ce45de0b30e70fde346b2c374d4560717cb329a74bafbb7d603c987a8f78aa416d99479f569c0425be51766344f9a680a5c28a01b9e3fb7fdd672ee411e71b201d68d7635a8c3320c93611d60b373609baee5648938107fdaf8779575ea2433190b0b0deb2ac2a8f52743226aad611563481364f076ab16b17c0421e01de0c3a39b22b9021a4db7347d877dfebd95f5cb663518f00cda756c5a2a39821013a69e4b13e596c44e038d566ed8959f4543018091df4c185ed4ee2a120bcdb8c49d4e8a4f6d9bd2d8ee63a21087cac15affde10db66254cc0dc10ad57a65d9258113568ad56bc43f16380b3a0059a005cccca5a52b4b0c3683468c2eac0f793ec4083bf96eaf049f652cee9a83059c18a6a6bb79c6fd5785bd41adaba26c949e85a7b2845491cd4deb9df389fb0f2c34e0f2f1c089072049363091858b8922306c3e10ca2dac2c53e02eed882af6a5d73780999e6eeacaf8e16292a7dc09efa3ac6f26fa7d5dea1b1c44a720716e83efe8f26601e473502496f829102bae8696fb96cac6e31feb0b6b437b2442198f01ea20efb53967ac9aabfa991ecdb41145e08282fd9be5932e45769b163f59e9e6843fd5ba42b7d18613e9086b2c453610cd68445a2a86a969709163544792ea73e1184c0ae48eef58e6817d406d441432f2414190872787181e0fdbfb15a59d126600442fdd638c72d68db3a75285e1584f116ced6f9ac9155c49ed6bad603ecab7d2954e51689de53f1761362171beb2c8587aabd0a24c9d81096c1b2b3236303105c72d4d7aa03b7321cb2859e5559864e6901eb6c61dc9f0cf1ce454c4895f446a3449a680a18eb81e38a750c04994e005c678aa9ed2d9d715cebede294f4f14282350a1c80da5987d80409b01e62e30558caea13b105549544aa0746fa72d17a15955c89d03e68a49aba9085400ab220889c61993f4e0ba7531abf4d8eb484f9a71d9462e679b2cf4fe156e9dfb2d1714f08699f564fb16665e3b91d61c476702ea7ba932f05bd48751a5724870f7ad1aca789b0532cacb2e5af51f581d738fa8a4921f88f42e6fe3b17e9437a6d77b4bb1828849a86dabacf3a030ac7a3589671a89e23120b7633eea0e2888ed889ea0768b280f952ccc793969b2ce866eb0a966300e256e595f8bdfe7810557b744878f9c9812b9b6737e5bcb81faea22640a8bbb69c3fca10f7cfdc9f3cd034e688064a2f9ab1f07baa6b8bcadedd9f03b9b7f8c750224901b84c1702b73c8d4f7c6ac78e26f16f8438b077c50c736c621221616b5c2854685dadad52997a0146c286c8602f4f1e41578d1d59fad2b382cbca7f7b1e48cd6424c1c0db5e37c97b87695ee36304a84dfd4157083f28de4207e16d5faea1afaf33f768aea186d18de32c9cd9b943e5c9f50ab93bf024a5b189dd003e0479fddc5654c27a9319efef611a54078b2b73aa50afaf1d77e1e2a175106f43a59d0bc56b41720e667bd479dcdc2450f8b9b9048c69331a113fbcea0ebab5b1918677cad49baa6aec70078aff13aee58953d8d693a87f58c1e17beb788b66d00258490442725ae5162533933d0f8fb5632d858eafce8ab293198ba20fdceb60b97905f1f1bddd92d6ca0a248b547502ec2a0a599889feca261a3fad9bef4faf282aa89190eb46161a5609bacb140cddcd38b7616a1be2e9ab3f6e57fa0721206a482a9024d202296e9410c3df234519583bd63eb110bfa37043391c0dbc737b743d5e3026015b0716a21be39ac2cb7110a3f634f3de0ebf9924685ba3787916b9e7bc9a54af9b4e7bfae6d63a163ea97d5275a53f61141009579ed9968eaec6fdf4de32ea420698fd3ab363e08d8a0e99e55e622b5efa9f703af244a88486b7800e76f17996c057a110aa9e96a6346604be333aa073edaffcc3b9020548459774dc4ad701ab81b2c32f69309690b3fb7a892303d37c7565acb97dca14e5ada2d76ea3b97d50b103316b9375b9789f7c6a1c35cd8588590a7b3da504cafe655759d1cff31786f20f2fa19e882695b8c0cac391e0874da355b4cc7c4a5386da990d9749af3136ab2fc9d015f65e4436bbd26ac3d50ba09cd0f70d97ca7bd7eaa54ba13d9e8ac82366e00d82a586c53a9a6ce3b196f0add6578a83042e050c3e1799651c53e29130a829aa6b2ad26be8a865c8390417720996113f7da290a9814ce24ab6aa66f04c6247c2d32642e56201cb9642db84314a35b1cb7ccb454ded28a03994826993fd9c1641b8e571356e400b75c86c0c32d2b08c56d2246b96e448d0029a898f72ee80b9dca32a1c694fc0c2e876ab76b0c90994a5c0ee5105d45998764e9e45557aebe171335a963936a66c80732022a07ac242fe55a2206f2a2102d1d70a693ff3357a82c8a42869e3febb32a853ab96dfb3f0ab8d17039d75bb2913c7d452d232b97ae85fb959d34c3dc68315f97dbbe94e49458225c349b4e024e85cb582d943739b0122232ef0dad6cf45fac618899259812fab2e94c66452b51585427236b3f0bd843ddf4201d9fb5040d6766fd58aebd797f26532038c42e090585dd6199b783a31f35cd5d5c2e988c88967cb26a3bca580ded0d2b660e63f29c668dcdf4860e7ddaf078e10cefdcca67e8860784386b08ead5c6dea5c1837b8002d1b97715eab732d0c3a9a30519b55a7c9fa9382e7d858b639a8bb203dc5a11b60ed8d59b6345819b16beb046e4ee6e879ed3fe4fb16d3c5dbef2cf0c6a4d381fcb6e3081bd2ed9cec4864c53eef360c877e56dfeff92384ddfc6e0158cb0609ba0f3d49a2e359dc23a7b798f0445c179b40d847df62f8b2649ef78623ac6a4c834a2ecf2ab9dcbb3b9e52b61efc5ab5e24debe3ceb14005fd21945834a89f39125d1a98b1fb1fa7d1c44d973f1657060c90258c78bd29de91661caad78299f007bd1b0544bbfd8e40a968bf6ebda465540e72fa9275c20c7f34c07b0e8ab657043fee8d83ba383665961d40cdc9e0b0b706a326c2f3fbfbb413cc386862e8fa6129a1106d311ba98fc84682b1d060bc279f153d928e2925cdb5cbe712ac42000eca36f5cabaab7f092f0abcfbd4187caf9237c30b81a1135f0f5903b4a7d379420ddacc0b3cdfc937014d6cfc3c7d3f8e2f89939472b511f8832cada53189cf9bfa5cd799ccac4da1373c3ed43141a1806ad836ee48b4383d297c11216692fa6cf0cbc429409643489dd59de2a41f9a6f33b4e102291f8eeb9ac883c8f0d3552f1231116e5179e42e570583036750e2d4a92cce895d8836ab6f4a08b052ee2b68eec2df07610cd32874b25a616aa8936dc3a6694e9a4e23519a5e48e4570a59f83d51e69593a7f52b601f974a44858c7f9dc2381ea36566cb2c0a6005e34f3332edca93d45721cb3db5edb788b9395f6a46b48cf7f52370eb835499735238be92413a9d67d48185fb9378b56feb25a9db356df3ab5b897c51bf8fe0ec15aa71597edaa8aad920b8a16fde46d05b266be9ca41617c89ea3c27115d6594a44caa4b25a0e84f079fb15c92b38e390ad943ca2f7d44aff282d5e65c677a04755ca29f0db48e7b365275a4183dea50185f0ce79cd5b6eb0d066222759e9c42b6360c41523bd0c3ffb5fbc7406ff762ff0d5ad375f2211a81e647d09c685e5e19710af201f2cfb1e339bbde62f83a5d1c7a897c31269241f01371622ffad5f6dba73bed8c82d1132b5589c1b4507d453f1ceca7d4112097d5a9a516cfc8444fd98da7d98a2684332e5b373b18c349865ce95bc3587a33510e25c3315a60b54a22a9410c854c0948e583742a4442b34717b78ccd054bdd1339d0f0cabc1e8730263239d9b9b2f1bde381ff126ef05dbadcd651880c95ad9c96d4e4cc6da836b9b95597858adabe92983379f46da41f35f560644960534366782d5d672879d62a7b0ae80e012547ff5b618c04f119535e1cf1fc44d6c0c0002c59b174fd2be2923391a11ab258e0f3bac63d737fe28ad8bff5c43bdaf5c0437911ae8ef3ee0538ecbe9955304d8bedb6df878f1ccb3c9fafbb0175ca48d118661b76e55a8429a0f006d77a48054fe2e8436c1f47bddd7a1666166fa26d94fa32aa31248a38196e18943c0ed8f57f7211c9d80c2c52cbbb90cc62510658afe1bb6506a6752183ac7478423a963771946de15e37e3a4d21ff2b60704b2fe8a938718d50e889d271a5171bfca2efbd170cb2f0c60da5368dbc5a2a1c7abe1d1a5235a4d1b2cdef630fa00094f42907a04ce6212aaba2520efe308cfde4a07c2b3c6091efd490717617eb3f2b5740dcb17f80e28f0efdde9b15024e61d7bf4d0a388d7c33b94e20568f89e4b6b2f8f6ba930e4fb215343fc4db89f7b6b5c23d56aede6ed5ed0d5773f155a40e9dcb334d7e32a7e4142721700023088c8d274fd7e609cc5e3e696dfa1ec425a0f2a58c4177adbcf9f1344e431f00cee645ffee04ce95a65d1add3f093b022b7789b733194a02e61718481ab086b7367a1f10a000158699a64647aa0d52cabce7443c60a932b6743699eaf7e90170df48351388971b7df537e22b9abadc72e9393978411a5e900da995ef5d266374e1993db4f93a72a6045cc291ea342597d7c3bee20250ff06a8565de6665532a45d361b985e1782a81936d0b7f7f43993415552a4350b8373a33633ffc5e3f28fb8107f15110f4e8f8c8d51f671e0ff389fe9fd06db2b42577fa323be29cd23f5a264800dd2c028e15b158c989fda593402506460ac66dae57db5af2e01b7c9f89a3b14d2029bcf5409196cb189c921afa4e89ee1a6448effc91c6fd39e4eca3d89730dffa68e0613c50bcbaf5d717d39117a0cd30f2ab1326cdd5b438acb099745e926e6bc6aaa65ead655f89ba97c704c8a7ff8ce7c6e0efe8b73f910a40903e1188bd24ee70be925cadfdb8506e96fe883c98a11b61b513fe9b2c0033b213ed8e46013c7e44501a2564d16863fafa734cf2895ab1b570f26c721ef4ca340ecbce82849e01d064f700fa875212e9cb6c8069993b2a5f5978b97701dd9f6209a038c843b4e6d7c11c48bbf06716afa0d8b5aff3c2c1dc23f55993388832e3a2a551aa81a212d61e72931701321396e2489968e87ad1ea6490b06b8dfa79e0be632e6f1e08be8c76cd4514621a518a30924f17bf083821bb2e418174a4d9fcb6f107ca7ecebdfd20b33826a8f2a2ed8aef43b6b04ba399c56c5da400b7339fa75f0c63d492abe081f0759ebb3b67c21ada6e3b559333b9d5249fe", 0x1000) pipe(&(0x7f0000002d80)) 15:52:17 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x20081, 0x0) mmap$dsp(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x2000008, 0x9953, r3, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ff9000/0x1000)=nil) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, &(0x7f00000004c0)) [ 184.928599][T10063] IPVS: ftp: loaded support on port[0] = 21 15:52:18 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$inet(0xffffffffffffffff, &(0x7f000099e000)={0x2, 0x0, @dev}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20008005, 0x0, 0x0) setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x10, 0x0, 0x0) r1 = gettid() ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, &(0x7f0000000080)=r1) vmsplice(r0, &(0x7f00000014c0)=[{&(0x7f00000000c0)="94013f5f87ec621e9c0f1afd7a2b82ba08923ef6cf8ea7295a9cb4cea79754a8f55416858a018ad5f4f88a4529adf3fc41e4b7de6931420734be02bc14ae69a760f5247a4be84ba79bac86611766545cfc000fd59365bc840a52b931edefe15dbad3898728f30d07c7ff0ae3dc8512cf084173481186be0ee6bedfc5fb2dfd3dad0010231f6ec0a62b920a718f5b556ec6ba12f3223e497555bf0f3f471f938ed52564ed4edebf1f38eb518c2f3780302df9335ba8d7ec2010e1323cf1ec93da5e8f3e255dac381af3fa90286a60ff3ba49ddd9f370de80a4d1a5d6981838d414cd89d999b2c09c32523b09ae07996b1ea115bc31e0b897b6eb6296b71c5a96c2021c845e6113361f0e7db89196ee06f84f8ee2693e5874ba575fed3628a40254f77767e1463a313c1db2bbfdeaf0dfd28fdddfc432facac46444681efcf47b5aebc7abe85d73c63d9947da7010806e5b8618623d00100073c078fd6b28ec356cc91297d0cff67dd5ecf56f8c2eff4f899bee07121261f3c6bfe03a6d48f032971594d62036e88fde4c0fe529ecaa6a461181626705889a25ee46a216553d2f667b6f261e8f7a5edfde263c30807a0bae4d82643bef5a10dc68944b119ed3e748d2929d8c0a212502923487d5c838f6b16e8cb6716ddcc9c82a561b359368678922a654e6d29e431f2971f39f2d274ccb213d2369c646c142d1eed2be283013ae698a2c28acf0b16d67521081cb521fda47a249b0363bf69b1e29c114bdec47b8e2ab4fa77c8216979e6f7ecd673d46c00ad35c290ca383335799c26fb0ff4027bfdc7b8fa6945ecb9b8744157c3e595f2d8190ba19fa68c54b659f67448d39ae7f8c10d10331f9d16560409023548cce80b88f80bb429c279139dfd8f1697ea4cb0446a73acfb1434f5432c53c78c450e2838b6934575bcbbe77c1200087206998693620ebc00244ee4468288b9b0cff6768c85c7a57caf40b61350b3e9645b8e6e604f36ccfc680dd16c20362bbc46b500713b5f7fb0f80e08e943aa5ac13c6b260cead5d784f72e8c17f10eaea44d33a41e888db79e39f101d66659866149f1160120145c84a4ff7faa1d6262b32f3419f34a9a77ef1bf709b112f4af907f8ce2a082483b7eb264420a06714b1968186cc9eb075fd36e83d64f787063b420449e46d1ee9a8d5e56e5147da092c1df14d7c0e5c484e4b3a2e324e507012f06b7bb1d001dd50096732f40726455b85793d51f54f3977fc513152a6694425a98435e899c5baec7eb9ea4d37cad9d13bfe82aad879a1f5941597a7733fb9a7d3a0189e7be8ed0a84e51388e7e1a07ee2a681fa963630fc33c2bdebbf9104c107d601ff398852f82da7f96afd63fa8e1fd1a6ee0817556086766107741b03a552ea0026374a9e77c95b80c5a880e50fe2255824c7d435e7ae3dc99ae7c44e1a40c032606068032a49c1c54c5df6dfa4146221859bf15b66a4a2e4330c40aa1d740585ef2b4ecadc7183e40860d95841ba768584ab66014d80057c6f5643df8c4ab937dba3714eb91c506a210424be430673417d4e3355baebb7c4410f600a2cda777b69a4ab5cf9abb29c4ec409b28fed381db562063dd3eb27810408c5029d0468147cf961d1401f9ab0a0101da69af5b457921196694e2fc653bcbcf8ca2a08fbdb0e3a7f1e00c13facdbbcff6e12f6f131b94895d345cfc04aa2f02c7eda2d5232a2dba9683acda9330e8bd2e5918f888e818ff4caff2fcee1d933eecd7932eae5ed9532e706a3c5daa3ccb093c7f6456d8b9f7ba1ea4377c351f5b90805797a9e8e45b394383c9c7221b3636f5b09a828faccdabfce2e55330a579c9d156cfb48267908c121e771c9b6367efc7e78d41ca9952339da5d6212883316756c186cd7443208ee50b078c6fb70312e246f84fb20647efb32582c7dd096ac8ac2e227d3538e840b900ad3a27617358b3d102c06a0134c2a4ea92c5dad7e1f02ca78bb6215e9e5ce18fa2f48317b2d76a91e9b24b32d7f6f08385d0fb8371658f89f3f98c4b0fb3f4f239e279b86c614d81b4667d96a82cd694aff61fb3c3d026e8e62a301bb25e5dcbd02c451d94577f4535ab427f20521648bfefbd977cff89f25b57128474ae149a90a1c19a40dbff977c595ce6737387b2c4b6d4dd3866867781ed3e9648c7636cf5700ab439627eabbfb7534c476afd7fafa7831b2c82477211ba762832fd2ed7617b0206e521aacf703d9504dce7947a858894dc13a145f58790a53f4239af325ee37cb092826579160919f1867f08c8e7a03aecfce5b7ef491e55b8867a944f41d78dbc776509f3503bd6f54e9faa042ef06beb6c1430f42a60b31fede189bd29d24ce76d650bd310e301d8beb334e1e768e9e855ab9c1625666d8247c387b68928e03ece5696f6bd0bcd6f816b62b06f7ef26fb80e2ff5f96b01c84b78c691bd74e25f4eebcefa69c281517e8f9d1044e06dd16ebd28c5c67d7bd89c35530ff4c9f0bf71e5aee538d5792beb08911100cc6d9026e27c8f542c3c03d7537f9aad9172a3d41a96f68a9c82c7f47c246071a0a00d7b270454ceeae40de3ca16d713df8f404a869a3ffaf9d27675e1f02ac57f0f41f2bdb4d97ecf16e8334d51d0d730c45fe65021a94c60499cf961dee7ae9402d74112d9fd22feed752bca02d28f0abb7122f1965271d9cb2364825c79a2727c068548bbd9a8d3a2678161be2120ca54d2db33fcbd36f5fa05528a8760df52567d4fc42692a084262166a3be3b6e5720edfa38f19465d76cb472fae90a7d67314b077b84b873f344b6b03a6b0feb96e066c86ce031b5646c368aef625857974bc4507a9359b08a2020ad601f4004c7f71fa8d84e117812af52cf8db8d9dff04c6225016fa2dfc42088dfe0fbcaf37984d9f2746430f6d2c2e430ade72f91cc453574fa027d20bab834265147f48cb7bd3465fb6c39ff1169055ff913d6c6d1770c40d478f6970d7e4624897c81cc8719501df2543032dab5895cbb001587ac0efdc56cc7a2968af692635dcdd358b8483c3ac0be99b4754b35df284ab2791325e8f36963a70ce801fd219359bef4a578622730182c163dd77f4e15db43a9b4a768742028844ddb343c3f02bce6435b03e8ffb53d3d9bba76ada06f6ba6dca9431cd3b1273ab2bb90f32f06492ae20a24a8b1116ed5f34ae992565a3f9a0056814c7bf8610b916983591814ad8c2aa37fb8295b4ea33db263dfd3e24107a9eeb04dca45ee7478e595f71557444201c02e1bb8bbf72caead34a1f441906a48e6e83de721695d9cf79a0d5cf63fa4a3742c932142f46b3fa20c37c4c4628bd5f9882bf18dc133b67aea063ab30808a0b790e8f2efb9b0cb1038694fb59b7c4d39173f339981a95d6fde8cdddc56aea7fa50e2175b62523f1852ea0e88bd3f73f8c5c4633e148d8399832e00f6005d910954706e8ea95ea1df5f76df11be1f3d03e66a1fdc0a96fb2c260bcda0e6b3746e148db895ca74e497772e9d1de96b7b453344fbd9b3603c892fa178a341fbb0971a650d690499147edff5758b7fec9d5e10a9f16dea16a996b16af4147c606554295c8077b697008c6ed5e49f748cdf8120ce7c50edee2864d3c982911daf5ec9dbaa85bbd9544ce59a07f1fe62c1aa320b36973d736b20f263e4dc60517c01294db1a9c8521fc1082d25fdbf4e963cef387c0eb49ca5f660c2b997e4046753cc193104409f394566cdb993f38ce7f8ed19b5ea62929975ec99184a4a808ef6d1130ab497ca777b20540e39c40be77aec30c4dd1ad9830df84d793c567c4af6302c2bbfcf78149eed9ee22713cdc62e08169444e784416b1f2584005c938aa65653035c730d3c70b0b682c6cdb66e60826cdafa803861fedb29db8b6bf04223c4816d05ba7367d687be0fcac255bb0ed6800dcf71111081167b0088ce49739215c138da0a99005481160080cf5825150cbd9d7da8fb037335c9add8a186b8e7e2692084ba8d89a99e117439ed38f958a1e5ae5cacf68c10dcd8c90d3b2944cccedbbd47051267b60985ba3e1bfb52d28276c8a90ad3e4884562453aaa4c7939bba862d85d57d957593f969cd9ebad55041ae376f3b4171fda5de310d7368ea72709d270e28f4146a98e8e5adab5c975de0efb2b1ef5666f162eb0047869af5ca7805107d1861826192f123d9fe251437e5c1eb880032f8f89f3d9962f1b6d7dbff10984fe985052a489753a9bd9e0c4bd96879cde1d6aac4f3d935e1c7c5d68b16484365cd2787a51c5386449ab643ae988e5ac1a47f60159b5be05ca20e7c56246ef9c79d0b2efe18c5a1246ed8777787fe015e4a0952d7a8ce3a06783cc94299a7633481ddf9beb6466cbc20c01fe1b2765fa371bc912d93f89187be9e8917307f31860450b0aefd14d558c28c6a3dd78cd2a321cbcfe68747aceba7b60a7fbdff63f5fa2d470f71b47e5af372bfa5a8925b2c64b7f3e2b23c228b989497631ae9f9f4f4701fdbae24fe17399e0c1b35da00fe44eaf34aa8e6aeeac56b6f2c28fb8c37e3db66f9c3c2b70530ea59f94248f05a4777c79e8d3c7f64106361e5cb0605e57ba48965c4287cc2316145b9775dc6b17970d3decbdd3bfba2acfb2d7c84a1e6655988a005d76586a04f74a9876429e0fe0df70c7ca028ee093a195671448b5242ee6e3a03cdcd2d2904ff0dbf78bd720ba3bd115658db7a5d194ddcb7cdc5422211145e3fd52b156d5e44e000494f66ba91cbac4c7f0d2bc0430c57f892c1f6d9ff250d1e80a4c6e36f7bf1281d7642971c72185ef5a1c9f00badc641552d7c432713d1568f44a26e0916d64985d9e3b63150939a5f3e86b671e0d647b0ee0404ff51e4fa05caf60b3e2ea5ce00b4b96db57ddd583ef8a0bb766ae9c70a5a6224c04b8ba64cd86e9fe2939688b39c39762c6fbd1e276d6bdcc486147f7fcec5d7eced6b97f6fa0e1ee5b3a38402654136fd923f43f535f02b1be3b6469e5befa58ddb7cb7a18ae74849fadc1d2f36913cdc5afb8b161efc21a609ecbea7d14242806f9a0d907a17032d720f185cdc9b853be6fd779d20bee400e0ee2e47b8a6f710de05b8a9f2890869552745218ba718dcd6082775b6f2eb43e95b3843af1c9e4246d80fc2b397d203e194e6535466664a04b0690eed46d55fb5a06011d5034dc61a8aee002a10a2677325b442a37775960ebc9f8085ccdf275ba07dacca5bb1bfe016ea070b5f46d653a35c97545fb0a62ce5ed9b8d799484555f24ff86c90a1e546af23d97cb2d25a4326699bd7c3de4b6c2c343288024aa524195fcb99656bd3bd1618c7260de9c6a3eb6caac238ddbcfaf97ba729292a658ce9d8e0769b146c93054321c6f8e27271990478ca0ca98c88463569c4042b77623d799671a7ca3c61ebe421b4fe68b9f5c25bf0218ba1a2efcc67d049a7a75134d052e3258301e91bb25e45f622039ba683be5093227daef99e2e4a5a525f386d1abf717f100a18cdbef9d0c67325ffd70bf5234ad2a954eb38838b0bcd1fb5a62e961a59754c484088e262c165bc46d75191d83e0b70ae760e3b97a7729e0443ae38984d59899e43e81caa5f31b14175be9cd1374fd8d6c2c85e732cb92432e5c361e8e2e4ed5b33b76826260e900858d6c9b422de58c36b360a40787c6caebe5979405f0a341b60d4217e586893b809bd76fe06fc7b750c620a01338d2cf72b1ef94cea122efc0c9a552b07dd0c15c16cf4237651f3f24217f5cd2d7d5e910fe23fab9b17106246ec13bc53c32e64e0ee773c2dd46dc60d", 0x1000}, {&(0x7f00000010c0)="df8146c900ecbf484ea05a775b6f3b07b13803e18a75f7a6f7955d24de5a05bd48a7e03e000f697d4aeb00357973b6dcbedef20df9400d28844cd6b9d17e1fe892e1d3c3cbc189094772d9a2f4c54024fc3ea440a72cfc5fd2ad33bc1fb95bee510174cb28bccd1c48af18510900ad63282e08f07895c7f309da26ea21bb448bd8136f47f4faf98d9a1b734556bff397f04df83e814af8a84f46853961c3a53c937c0aeb0e59f319e9fe3f00714c38ab4a9ff49f0a0284b0b8b86a", 0xbb}, {&(0x7f0000001180)="dc7d4b4bdd4ebfe4891cba21fa7de4add3bff5a1f3662cf4943e48f574fc5ae5522dc450226107116561b418373aa165f17180ffd8a2b7797d166e79627d8f7a1e9bbe9d68537e3fb910a299a72bdd260c88c9c848e9b46d96", 0x59}, {&(0x7f0000001200)="5c5470d6166431dc9e8fca62556d420b01f12a217cccb62b1a52d805883489f477887bafdc7be1ea55554b", 0x2b}, {&(0x7f0000001240)="cf4f8837a5b5a0d4e6fa9ac88626b1ab94e814c86e5b9689cca38fd811fa0f22e3d4974e6e7eff5110549d1a4ee70c603ec65d11ef374a08b68766750a3806470414f2f4a81b8b0bfffd134652e91d436044705f7dda4aff6410029f6d1765521d9c8ec5c2442666a250c3e13c9f32312559acb50eace4e01de9a3374e429b", 0x7f}, {&(0x7f00000012c0)="57ae0801043caffd8c530d5cb5c16c92f8bd454220ff791ad3d92a8ddd76223650a7b4c20c793c55587a38d1c5873f0cdba371aba569ededae96fb31badc20a295c3", 0x42}, {&(0x7f0000001340)="770452557210f53dbf0d1e0fb38de8273f15f5bf7308adb98194ae2768eec6021e413df260fcbf85ccbf36fd43091fefa94a15bc2a3517b0234b9a56be748e6b2f3e0f4f3543c2af04533c16967c077180552dc49bb5456f004bef5f7037aa6347c2cf84194d08a007b740f875a9743c47f9f1939e29b865574c3efbd785a51409e6a9945fb518608b94dacdc473c8031decd2c1de08dcf365b639e66425beff473d0950aacb6a7738ff5058ae7f1d327768161beb9e0abc7be13dabb5b6bc100c0e25d91ccd1636a5ac312d78694c8cdd4f1f45804e06ea4fdde0d74e7d38d9114c7259542422352cbda76fb26b59ff9ff6464066d42beb", 0xf8}, {&(0x7f0000001440)="0d4defaa56f008e28db89980e273958bc27a1c2e2f44c2e1a015569a11f7e1079bf36061a71de0095ceb679cec027609ab824e41f4c66e649ff97161203ae4f7719fa9fa906fa922b873a4b32e1e9dad18e63893292acda662cd75fcd2529dfa68f4bc888f3a489e1778084bc7ef2ba743d0464e0e9424605f4e7ba376e3", 0x7e}], 0x8, 0x8) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2c6, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$tun(0xffffffffffffffff, 0x0, 0x1) clone(0xc75e43cfae22dd4, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 15:52:18 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) r6 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000001d40)='/dev/video2\x00', 0x2, 0x0) write(r6, &(0x7f0000001d80)="95b777c30ab4effb1907c9e504d224d01b8660759f8d1e16f96c9de595c0bcaa06c3cb26fb7976294c70ca8a5c794bd48152b7b2ab801f4b55d631ce77363f5d513f464107a16725023be17628bf76b2a56847b053f0bf81f39a2b6bc73912bfec73978f246a222a9afc336eaac2c7c1c5506478800513669e542f71dda5f7189774381d3f8f06a1879a3caa71e9f42c9146af357134c37271eacd9abeb67c60ec2585739261e99b0400920f0d82d671000c13b47c873c1c78061f26d6f43c325a072325473893042d77cf44519db651c582056cd59179771ace08d095c658acb7d91414412169b4a7eaa31471a5712e9755ce78223f98159ab9f297064b3c9886dc9243af7a7125c3520219f03f2a3738417e31d9538e21ad97777b9c188487b84a449f48ca6e7e0925c5a7df7eb42f51780d8c1357f9ede0a0b2344887edb815b0b2d3f056dc4e46fb4b2b6e8090ca9b9280207bc9250f6e25352e34cfe9466b30059d2cf63c16a8a698ec53ce38003c14fef539db53f561643d09bac89653ee09ce45de0b30e70fde346b2c374d4560717cb329a74bafbb7d603c987a8f78aa416d99479f569c0425be51766344f9a680a5c28a01b9e3fb7fdd672ee411e71b201d68d7635a8c3320c93611d60b373609baee5648938107fdaf8779575ea2433190b0b0deb2ac2a8f52743226aad611563481364f076ab16b17c0421e01de0c3a39b22b9021a4db7347d877dfebd95f5cb663518f00cda756c5a2a39821013a69e4b13e596c44e038d566ed8959f4543018091df4c185ed4ee2a120bcdb8c49d4e8a4f6d9bd2d8ee63a21087cac15affde10db66254cc0dc10ad57a65d9258113568ad56bc43f16380b3a0059a005cccca5a52b4b0c3683468c2eac0f793ec4083bf96eaf049f652cee9a83059c18a6a6bb79c6fd5785bd41adaba26c949e85a7b2845491cd4deb9df389fb0f2c34e0f2f1c089072049363091858b8922306c3e10ca2dac2c53e02eed882af6a5d73780999e6eeacaf8e16292a7dc09efa3ac6f26fa7d5dea1b1c44a720716e83efe8f26601e473502496f829102bae8696fb96cac6e31feb0b6b437b2442198f01ea20efb53967ac9aabfa991ecdb41145e08282fd9be5932e45769b163f59e9e6843fd5ba42b7d18613e9086b2c453610cd68445a2a86a969709163544792ea73e1184c0ae48eef58e6817d406d441432f2414190872787181e0fdbfb15a59d126600442fdd638c72d68db3a75285e1584f116ced6f9ac9155c49ed6bad603ecab7d2954e51689de53f1761362171beb2c8587aabd0a24c9d81096c1b2b3236303105c72d4d7aa03b7321cb2859e5559864e6901eb6c61dc9f0cf1ce454c4895f446a3449a680a18eb81e38a750c04994e005c678aa9ed2d9d715cebede294f4f14282350a1c80da5987d80409b01e62e30558caea13b105549544aa0746fa72d17a15955c89d03e68a49aba9085400ab220889c61993f4e0ba7531abf4d8eb484f9a71d9462e679b2cf4fe156e9dfb2d1714f08699f564fb16665e3b91d61c476702ea7ba932f05bd48751a5724870f7ad1aca789b0532cacb2e5af51f581d738fa8a4921f88f42e6fe3b17e9437a6d77b4bb1828849a86dabacf3a030ac7a3589671a89e23120b7633eea0e2888ed889ea0768b280f952ccc793969b2ce866eb0a966300e256e595f8bdfe7810557b744878f9c9812b9b6737e5bcb81faea22640a8bbb69c3fca10f7cfdc9f3cd034e688064a2f9ab1f07baa6b8bcadedd9f03b9b7f8c750224901b84c1702b73c8d4f7c6ac78e26f16f8438b077c50c736c621221616b5c2854685dadad52997a0146c286c8602f4f1e41578d1d59fad2b382cbca7f7b1e48cd6424c1c0db5e37c97b87695ee36304a84dfd4157083f28de4207e16d5faea1afaf33f768aea186d18de32c9cd9b943e5c9f50ab93bf024a5b189dd003e0479fddc5654c27a9319efef611a54078b2b73aa50afaf1d77e1e2a175106f43a59d0bc56b41720e667bd479dcdc2450f8b9b9048c69331a113fbcea0ebab5b1918677cad49baa6aec70078aff13aee58953d8d693a87f58c1e17beb788b66d00258490442725ae5162533933d0f8fb5632d858eafce8ab293198ba20fdceb60b97905f1f1bddd92d6ca0a248b547502ec2a0a599889feca261a3fad9bef4faf282aa89190eb46161a5609bacb140cddcd38b7616a1be2e9ab3f6e57fa0721206a482a9024d202296e9410c3df234519583bd63eb110bfa37043391c0dbc737b743d5e3026015b0716a21be39ac2cb7110a3f634f3de0ebf9924685ba3787916b9e7bc9a54af9b4e7bfae6d63a163ea97d5275a53f61141009579ed9968eaec6fdf4de32ea420698fd3ab363e08d8a0e99e55e622b5efa9f703af244a88486b7800e76f17996c057a110aa9e96a6346604be333aa073edaffcc3b9020548459774dc4ad701ab81b2c32f69309690b3fb7a892303d37c7565acb97dca14e5ada2d76ea3b97d50b103316b9375b9789f7c6a1c35cd8588590a7b3da504cafe655759d1cff31786f20f2fa19e882695b8c0cac391e0874da355b4cc7c4a5386da990d9749af3136ab2fc9d015f65e4436bbd26ac3d50ba09cd0f70d97ca7bd7eaa54ba13d9e8ac82366e00d82a586c53a9a6ce3b196f0add6578a83042e050c3e1799651c53e29130a829aa6b2ad26be8a865c8390417720996113f7da290a9814ce24ab6aa66f04c6247c2d32642e56201cb9642db84314a35b1cb7ccb454ded28a03994826993fd9c1641b8e571356e400b75c86c0c32d2b08c56d2246b96e448d0029a898f72ee80b9dca32a1c694fc0c2e876ab76b0c90994a5c0ee5105d45998764e9e45557aebe171335a963936a66c80732022a07ac242fe55a2206f2a2102d1d70a693ff3357a82c8a42869e3febb32a853ab96dfb3f0ab8d17039d75bb2913c7d452d232b97ae85fb959d34c3dc68315f97dbbe94e49458225c349b4e024e85cb582d943739b0122232ef0dad6cf45fac618899259812fab2e94c66452b51585427236b3f0bd843ddf4201d9fb5040d6766fd58aebd797f26532038c42e090585dd6199b783a31f35cd5d5c2e988c88967cb26a3bca580ded0d2b660e63f29c668dcdf4860e7ddaf078e10cefdcca67e8860784386b08ead5c6dea5c1837b8002d1b97715eab732d0c3a9a30519b55a7c9fa9382e7d858b639a8bb203dc5a11b60ed8d59b6345819b16beb046e4ee6e879ed3fe4fb16d3c5dbef2cf0c6a4d381fcb6e3081bd2ed9cec4864c53eef360c877e56dfeff92384ddfc6e0158cb0609ba0f3d49a2e359dc23a7b798f0445c179b40d847df62f8b2649ef78623ac6a4c834a2ecf2ab9dcbb3b9e52b61efc5ab5e24debe3ceb14005fd21945834a89f39125d1a98b1fb1fa7d1c44d973f1657060c90258c78bd29de91661caad78299f007bd1b0544bbfd8e40a968bf6ebda465540e72fa9275c20c7f34c07b0e8ab657043fee8d83ba383665961d40cdc9e0b0b706a326c2f3fbfbb413cc386862e8fa6129a1106d311ba98fc84682b1d060bc279f153d928e2925cdb5cbe712ac42000eca36f5cabaab7f092f0abcfbd4187caf9237c30b81a1135f0f5903b4a7d379420ddacc0b3cdfc937014d6cfc3c7d3f8e2f89939472b511f8832cada53189cf9bfa5cd799ccac4da1373c3ed43141a1806ad836ee48b4383d297c11216692fa6cf0cbc429409643489dd59de2a41f9a6f33b4e102291f8eeb9ac883c8f0d3552f1231116e5179e42e570583036750e2d4a92cce895d8836ab6f4a08b052ee2b68eec2df07610cd32874b25a616aa8936dc3a6694e9a4e23519a5e48e4570a59f83d51e69593a7f52b601f974a44858c7f9dc2381ea36566cb2c0a6005e34f3332edca93d45721cb3db5edb788b9395f6a46b48cf7f52370eb835499735238be92413a9d67d48185fb9378b56feb25a9db356df3ab5b897c51bf8fe0ec15aa71597edaa8aad920b8a16fde46d05b266be9ca41617c89ea3c27115d6594a44caa4b25a0e84f079fb15c92b38e390ad943ca2f7d44aff282d5e65c677a04755ca29f0db48e7b365275a4183dea50185f0ce79cd5b6eb0d066222759e9c42b6360c41523bd0c3ffb5fbc7406ff762ff0d5ad375f2211a81e647d09c685e5e19710af201f2cfb1e339bbde62f83a5d1c7a897c31269241f01371622ffad5f6dba73bed8c82d1132b5589c1b4507d453f1ceca7d4112097d5a9a516cfc8444fd98da7d98a2684332e5b373b18c349865ce95bc3587a33510e25c3315a60b54a22a9410c854c0948e583742a4442b34717b78ccd054bdd1339d0f0cabc1e8730263239d9b9b2f1bde381ff126ef05dbadcd651880c95ad9c96d4e4cc6da836b9b95597858adabe92983379f46da41f35f560644960534366782d5d672879d62a7b0ae80e012547ff5b618c04f119535e1cf1fc44d6c0c0002c59b174fd2be2923391a11ab258e0f3bac63d737fe28ad8bff5c43bdaf5c0437911ae8ef3ee0538ecbe9955304d8bedb6df878f1ccb3c9fafbb0175ca48d118661b76e55a8429a0f006d77a48054fe2e8436c1f47bddd7a1666166fa26d94fa32aa31248a38196e18943c0ed8f57f7211c9d80c2c52cbbb90cc62510658afe1bb6506a6752183ac7478423a963771946de15e37e3a4d21ff2b60704b2fe8a938718d50e889d271a5171bfca2efbd170cb2f0c60da5368dbc5a2a1c7abe1d1a5235a4d1b2cdef630fa00094f42907a04ce6212aaba2520efe308cfde4a07c2b3c6091efd490717617eb3f2b5740dcb17f80e28f0efdde9b15024e61d7bf4d0a388d7c33b94e20568f89e4b6b2f8f6ba930e4fb215343fc4db89f7b6b5c23d56aede6ed5ed0d5773f155a40e9dcb334d7e32a7e4142721700023088c8d274fd7e609cc5e3e696dfa1ec425a0f2a58c4177adbcf9f1344e431f00cee645ffee04ce95a65d1add3f093b022b7789b733194a02e61718481ab086b7367a1f10a000158699a64647aa0d52cabce7443c60a932b6743699eaf7e90170df48351388971b7df537e22b9abadc72e9393978411a5e900da995ef5d266374e1993db4f93a72a6045cc291ea342597d7c3bee20250ff06a8565de6665532a45d361b985e1782a81936d0b7f7f43993415552a4350b8373a33633ffc5e3f28fb8107f15110f4e8f8c8d51f671e0ff389fe9fd06db2b42577fa323be29cd23f5a264800dd2c028e15b158c989fda593402506460ac66dae57db5af2e01b7c9f89a3b14d2029bcf5409196cb189c921afa4e89ee1a6448effc91c6fd39e4eca3d89730dffa68e0613c50bcbaf5d717d39117a0cd30f2ab1326cdd5b438acb099745e926e6bc6aaa65ead655f89ba97c704c8a7ff8ce7c6e0efe8b73f910a40903e1188bd24ee70be925cadfdb8506e96fe883c98a11b61b513fe9b2c0033b213ed8e46013c7e44501a2564d16863fafa734cf2895ab1b570f26c721ef4ca340ecbce82849e01d064f700fa875212e9cb6c8069993b2a5f5978b97701dd9f6209a038c843b4e6d7c11c48bbf06716afa0d8b5aff3c2c1dc23f55993388832e3a2a551aa81a212d61e72931701321396e2489968e87ad1ea6490b06b8dfa79e0be632e6f1e08be8c76cd4514621a518a30924f17bf083821bb2e418174a4d9fcb6f107ca7ecebdfd20b33826a8f2a2ed8aef43b6b04ba399c56c5da400b7339fa75f0c63d492abe081f0759ebb3b67c21ada6e3b559333b9d5249fe", 0x1000) 15:52:18 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bind$rds(r2, &(0x7f0000000000)={0x2, 0x4e20, @private=0xa010100}, 0x10) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:18 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x20081, 0x0) mmap$dsp(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x2000008, 0x9953, r3, 0x0) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, &(0x7f00000004c0)) [ 184.969864][ T25] tipc: TX() has been purged, node left! 15:52:18 executing program 0: syz_open_procfs(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x73cd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffefffffffffff, 0xffffffffffffffff, 0x9) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x3, 0x2) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(0xffffffffffffffff, 0x4008af23, &(0x7f0000000200)) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$sndctrl(0x0, 0x0, 0x0) r1 = memfd_create(&(0x7f0000000140)='\\vnet0?\'`/{,vi.et1eb0u_er\x00', 0x4) ftruncate(r1, 0x1000000) sendfile(r0, r1, &(0x7f00000000c0)=0xf18001, 0xeefffdef) r2 = creat(0x0, 0x0) ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f0000000680)="3b370c004e5121a6d9b11e067db0d3016e4e94273f26c64586ba6374c7ffd07de9d949ec292eec941d8b636dcd2d7741927506ca7d1a075c1bd8570ccaff1a47d684e17e15e05073ee917cb56eb729fd4f67cbc6e0da4a9d3ce3fda3994f4bae3c30497e56d8c9b805f8d2a9cf60e41caee5d0153b3152f60514741a27fc6812e3986f85f0d18c403c0d8c62077478e30f4f2bcf813724ed218c17b0c87563620e03bfce87491a61d697ed10c398d32ff89acb14673942a1a617c5ae086c435282ab5c44ee3645d1e7a43fbcb82ef28b8dd066bd46d7f35a548f01e4c84b5c0be63903785740d8e8371130590601220ce608ab26c44eb0a9d9e5fc3c7b5073e4") ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000440)={0x0, 0x0, @pic={0x9, 0xbe, 0x3f, 0x55, 0x1, 0x0, 0x4, 0x7, 0x0, 0x0, 0x8, 0x6, 0x81, 0x2c, 0x7d}}) fallocate(r2, 0x0, 0x0, 0x2000402) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(0xffffffffffffffff, 0x40bc5311, &(0x7f00000002c0)={0x20, 0x2, 'client1\x00', 0xffffffff80000000, "6411d6b8a2596800", "2a3efbd73b14150b0a8d20f50fc6f8b64fc3011d51cd53cf326f553628592589", 0x8, 0x10001}) close(0xffffffffffffffff) [ 185.123294][T10134] IPVS: ftp: loaded support on port[0] = 21 15:52:18 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) r6 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000001d40)='/dev/video2\x00', 0x2, 0x0) write(r6, &(0x7f0000001d80)="95b777c30ab4effb1907c9e504d224d01b8660759f8d1e16f96c9de595c0bcaa06c3cb26fb7976294c70ca8a5c794bd48152b7b2ab801f4b55d631ce77363f5d513f464107a16725023be17628bf76b2a56847b053f0bf81f39a2b6bc73912bfec73978f246a222a9afc336eaac2c7c1c5506478800513669e542f71dda5f7189774381d3f8f06a1879a3caa71e9f42c9146af357134c37271eacd9abeb67c60ec2585739261e99b0400920f0d82d671000c13b47c873c1c78061f26d6f43c325a072325473893042d77cf44519db651c582056cd59179771ace08d095c658acb7d91414412169b4a7eaa31471a5712e9755ce78223f98159ab9f297064b3c9886dc9243af7a7125c3520219f03f2a3738417e31d9538e21ad97777b9c188487b84a449f48ca6e7e0925c5a7df7eb42f51780d8c1357f9ede0a0b2344887edb815b0b2d3f056dc4e46fb4b2b6e8090ca9b9280207bc9250f6e25352e34cfe9466b30059d2cf63c16a8a698ec53ce38003c14fef539db53f561643d09bac89653ee09ce45de0b30e70fde346b2c374d4560717cb329a74bafbb7d603c987a8f78aa416d99479f569c0425be51766344f9a680a5c28a01b9e3fb7fdd672ee411e71b201d68d7635a8c3320c93611d60b373609baee5648938107fdaf8779575ea2433190b0b0deb2ac2a8f52743226aad611563481364f076ab16b17c0421e01de0c3a39b22b9021a4db7347d877dfebd95f5cb663518f00cda756c5a2a39821013a69e4b13e596c44e038d566ed8959f4543018091df4c185ed4ee2a120bcdb8c49d4e8a4f6d9bd2d8ee63a21087cac15affde10db66254cc0dc10ad57a65d9258113568ad56bc43f16380b3a0059a005cccca5a52b4b0c3683468c2eac0f793ec4083bf96eaf049f652cee9a83059c18a6a6bb79c6fd5785bd41adaba26c949e85a7b2845491cd4deb9df389fb0f2c34e0f2f1c089072049363091858b8922306c3e10ca2dac2c53e02eed882af6a5d73780999e6eeacaf8e16292a7dc09efa3ac6f26fa7d5dea1b1c44a720716e83efe8f26601e473502496f829102bae8696fb96cac6e31feb0b6b437b2442198f01ea20efb53967ac9aabfa991ecdb41145e08282fd9be5932e45769b163f59e9e6843fd5ba42b7d18613e9086b2c453610cd68445a2a86a969709163544792ea73e1184c0ae48eef58e6817d406d441432f2414190872787181e0fdbfb15a59d126600442fdd638c72d68db3a75285e1584f116ced6f9ac9155c49ed6bad603ecab7d2954e51689de53f1761362171beb2c8587aabd0a24c9d81096c1b2b3236303105c72d4d7aa03b7321cb2859e5559864e6901eb6c61dc9f0cf1ce454c4895f446a3449a680a18eb81e38a750c04994e005c678aa9ed2d9d715cebede294f4f14282350a1c80da5987d80409b01e62e30558caea13b105549544aa0746fa72d17a15955c89d03e68a49aba9085400ab220889c61993f4e0ba7531abf4d8eb484f9a71d9462e679b2cf4fe156e9dfb2d1714f08699f564fb16665e3b91d61c476702ea7ba932f05bd48751a5724870f7ad1aca789b0532cacb2e5af51f581d738fa8a4921f88f42e6fe3b17e9437a6d77b4bb1828849a86dabacf3a030ac7a3589671a89e23120b7633eea0e2888ed889ea0768b280f952ccc793969b2ce866eb0a966300e256e595f8bdfe7810557b744878f9c9812b9b6737e5bcb81faea22640a8bbb69c3fca10f7cfdc9f3cd034e688064a2f9ab1f07baa6b8bcadedd9f03b9b7f8c750224901b84c1702b73c8d4f7c6ac78e26f16f8438b077c50c736c621221616b5c2854685dadad52997a0146c286c8602f4f1e41578d1d59fad2b382cbca7f7b1e48cd6424c1c0db5e37c97b87695ee36304a84dfd4157083f28de4207e16d5faea1afaf33f768aea186d18de32c9cd9b943e5c9f50ab93bf024a5b189dd003e0479fddc5654c27a9319efef611a54078b2b73aa50afaf1d77e1e2a175106f43a59d0bc56b41720e667bd479dcdc2450f8b9b9048c69331a113fbcea0ebab5b1918677cad49baa6aec70078aff13aee58953d8d693a87f58c1e17beb788b66d00258490442725ae5162533933d0f8fb5632d858eafce8ab293198ba20fdceb60b97905f1f1bddd92d6ca0a248b547502ec2a0a599889feca261a3fad9bef4faf282aa89190eb46161a5609bacb140cddcd38b7616a1be2e9ab3f6e57fa0721206a482a9024d202296e9410c3df234519583bd63eb110bfa37043391c0dbc737b743d5e3026015b0716a21be39ac2cb7110a3f634f3de0ebf9924685ba3787916b9e7bc9a54af9b4e7bfae6d63a163ea97d5275a53f61141009579ed9968eaec6fdf4de32ea420698fd3ab363e08d8a0e99e55e622b5efa9f703af244a88486b7800e76f17996c057a110aa9e96a6346604be333aa073edaffcc3b9020548459774dc4ad701ab81b2c32f69309690b3fb7a892303d37c7565acb97dca14e5ada2d76ea3b97d50b103316b9375b9789f7c6a1c35cd8588590a7b3da504cafe655759d1cff31786f20f2fa19e882695b8c0cac391e0874da355b4cc7c4a5386da990d9749af3136ab2fc9d015f65e4436bbd26ac3d50ba09cd0f70d97ca7bd7eaa54ba13d9e8ac82366e00d82a586c53a9a6ce3b196f0add6578a83042e050c3e1799651c53e29130a829aa6b2ad26be8a865c8390417720996113f7da290a9814ce24ab6aa66f04c6247c2d32642e56201cb9642db84314a35b1cb7ccb454ded28a03994826993fd9c1641b8e571356e400b75c86c0c32d2b08c56d2246b96e448d0029a898f72ee80b9dca32a1c694fc0c2e876ab76b0c90994a5c0ee5105d45998764e9e45557aebe171335a963936a66c80732022a07ac242fe55a2206f2a2102d1d70a693ff3357a82c8a42869e3febb32a853ab96dfb3f0ab8d17039d75bb2913c7d452d232b97ae85fb959d34c3dc68315f97dbbe94e49458225c349b4e024e85cb582d943739b0122232ef0dad6cf45fac618899259812fab2e94c66452b51585427236b3f0bd843ddf4201d9fb5040d6766fd58aebd797f26532038c42e090585dd6199b783a31f35cd5d5c2e988c88967cb26a3bca580ded0d2b660e63f29c668dcdf4860e7ddaf078e10cefdcca67e8860784386b08ead5c6dea5c1837b8002d1b97715eab732d0c3a9a30519b55a7c9fa9382e7d858b639a8bb203dc5a11b60ed8d59b6345819b16beb046e4ee6e879ed3fe4fb16d3c5dbef2cf0c6a4d381fcb6e3081bd2ed9cec4864c53eef360c877e56dfeff92384ddfc6e0158cb0609ba0f3d49a2e359dc23a7b798f0445c179b40d847df62f8b2649ef78623ac6a4c834a2ecf2ab9dcbb3b9e52b61efc5ab5e24debe3ceb14005fd21945834a89f39125d1a98b1fb1fa7d1c44d973f1657060c90258c78bd29de91661caad78299f007bd1b0544bbfd8e40a968bf6ebda465540e72fa9275c20c7f34c07b0e8ab657043fee8d83ba383665961d40cdc9e0b0b706a326c2f3fbfbb413cc386862e8fa6129a1106d311ba98fc84682b1d060bc279f153d928e2925cdb5cbe712ac42000eca36f5cabaab7f092f0abcfbd4187caf9237c30b81a1135f0f5903b4a7d379420ddacc0b3cdfc937014d6cfc3c7d3f8e2f89939472b511f8832cada53189cf9bfa5cd799ccac4da1373c3ed43141a1806ad836ee48b4383d297c11216692fa6cf0cbc429409643489dd59de2a41f9a6f33b4e102291f8eeb9ac883c8f0d3552f1231116e5179e42e570583036750e2d4a92cce895d8836ab6f4a08b052ee2b68eec2df07610cd32874b25a616aa8936dc3a6694e9a4e23519a5e48e4570a59f83d51e69593a7f52b601f974a44858c7f9dc2381ea36566cb2c0a6005e34f3332edca93d45721cb3db5edb788b9395f6a46b48cf7f52370eb835499735238be92413a9d67d48185fb9378b56feb25a9db356df3ab5b897c51bf8fe0ec15aa71597edaa8aad920b8a16fde46d05b266be9ca41617c89ea3c27115d6594a44caa4b25a0e84f079fb15c92b38e390ad943ca2f7d44aff282d5e65c677a04755ca29f0db48e7b365275a4183dea50185f0ce79cd5b6eb0d066222759e9c42b6360c41523bd0c3ffb5fbc7406ff762ff0d5ad375f2211a81e647d09c685e5e19710af201f2cfb1e339bbde62f83a5d1c7a897c31269241f01371622ffad5f6dba73bed8c82d1132b5589c1b4507d453f1ceca7d4112097d5a9a516cfc8444fd98da7d98a2684332e5b373b18c349865ce95bc3587a33510e25c3315a60b54a22a9410c854c0948e583742a4442b34717b78ccd054bdd1339d0f0cabc1e8730263239d9b9b2f1bde381ff126ef05dbadcd651880c95ad9c96d4e4cc6da836b9b95597858adabe92983379f46da41f35f560644960534366782d5d672879d62a7b0ae80e012547ff5b618c04f119535e1cf1fc44d6c0c0002c59b174fd2be2923391a11ab258e0f3bac63d737fe28ad8bff5c43bdaf5c0437911ae8ef3ee0538ecbe9955304d8bedb6df878f1ccb3c9fafbb0175ca48d118661b76e55a8429a0f006d77a48054fe2e8436c1f47bddd7a1666166fa26d94fa32aa31248a38196e18943c0ed8f57f7211c9d80c2c52cbbb90cc62510658afe1bb6506a6752183ac7478423a963771946de15e37e3a4d21ff2b60704b2fe8a938718d50e889d271a5171bfca2efbd170cb2f0c60da5368dbc5a2a1c7abe1d1a5235a4d1b2cdef630fa00094f42907a04ce6212aaba2520efe308cfde4a07c2b3c6091efd490717617eb3f2b5740dcb17f80e28f0efdde9b15024e61d7bf4d0a388d7c33b94e20568f89e4b6b2f8f6ba930e4fb215343fc4db89f7b6b5c23d56aede6ed5ed0d5773f155a40e9dcb334d7e32a7e4142721700023088c8d274fd7e609cc5e3e696dfa1ec425a0f2a58c4177adbcf9f1344e431f00cee645ffee04ce95a65d1add3f093b022b7789b733194a02e61718481ab086b7367a1f10a000158699a64647aa0d52cabce7443c60a932b6743699eaf7e90170df48351388971b7df537e22b9abadc72e9393978411a5e900da995ef5d266374e1993db4f93a72a6045cc291ea342597d7c3bee20250ff06a8565de6665532a45d361b985e1782a81936d0b7f7f43993415552a4350b8373a33633ffc5e3f28fb8107f15110f4e8f8c8d51f671e0ff389fe9fd06db2b42577fa323be29cd23f5a264800dd2c028e15b158c989fda593402506460ac66dae57db5af2e01b7c9f89a3b14d2029bcf5409196cb189c921afa4e89ee1a6448effc91c6fd39e4eca3d89730dffa68e0613c50bcbaf5d717d39117a0cd30f2ab1326cdd5b438acb099745e926e6bc6aaa65ead655f89ba97c704c8a7ff8ce7c6e0efe8b73f910a40903e1188bd24ee70be925cadfdb8506e96fe883c98a11b61b513fe9b2c0033b213ed8e46013c7e44501a2564d16863fafa734cf2895ab1b570f26c721ef4ca340ecbce82849e01d064f700fa875212e9cb6c8069993b2a5f5978b97701dd9f6209a038c843b4e6d7c11c48bbf06716afa0d8b5aff3c2c1dc23f55993388832e3a2a551aa81a212d61e72931701321396e2489968e87ad1ea6490b06b8dfa79e0be632e6f1e08be8c76cd4514621a518a30924f17bf083821bb2e418174a4d9fcb6f107ca7ecebdfd20b33826a8f2a2ed8aef43b6b04ba399c56c5da400b7339fa75f0c63d492abe081f0759ebb3b67c21ada6e3b559333b9d5249fe", 0x1000) 15:52:18 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2) openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x20081, 0x0) r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r3, 0x8010500c, &(0x7f00000004c0)) 15:52:18 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:18 executing program 4: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) r6 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000001d40)='/dev/video2\x00', 0x2, 0x0) write(r6, &(0x7f0000001d80)="95b777c30ab4effb1907c9e504d224d01b8660759f8d1e16f96c9de595c0bcaa06c3cb26fb7976294c70ca8a5c794bd48152b7b2ab801f4b55d631ce77363f5d513f464107a16725023be17628bf76b2a56847b053f0bf81f39a2b6bc73912bfec73978f246a222a9afc336eaac2c7c1c5506478800513669e542f71dda5f7189774381d3f8f06a1879a3caa71e9f42c9146af357134c37271eacd9abeb67c60ec2585739261e99b0400920f0d82d671000c13b47c873c1c78061f26d6f43c325a072325473893042d77cf44519db651c582056cd59179771ace08d095c658acb7d91414412169b4a7eaa31471a5712e9755ce78223f98159ab9f297064b3c9886dc9243af7a7125c3520219f03f2a3738417e31d9538e21ad97777b9c188487b84a449f48ca6e7e0925c5a7df7eb42f51780d8c1357f9ede0a0b2344887edb815b0b2d3f056dc4e46fb4b2b6e8090ca9b9280207bc9250f6e25352e34cfe9466b30059d2cf63c16a8a698ec53ce38003c14fef539db53f561643d09bac89653ee09ce45de0b30e70fde346b2c374d4560717cb329a74bafbb7d603c987a8f78aa416d99479f569c0425be51766344f9a680a5c28a01b9e3fb7fdd672ee411e71b201d68d7635a8c3320c93611d60b373609baee5648938107fdaf8779575ea2433190b0b0deb2ac2a8f52743226aad611563481364f076ab16b17c0421e01de0c3a39b22b9021a4db7347d877dfebd95f5cb663518f00cda756c5a2a39821013a69e4b13e596c44e038d566ed8959f4543018091df4c185ed4ee2a120bcdb8c49d4e8a4f6d9bd2d8ee63a21087cac15affde10db66254cc0dc10ad57a65d9258113568ad56bc43f16380b3a0059a005cccca5a52b4b0c3683468c2eac0f793ec4083bf96eaf049f652cee9a83059c18a6a6bb79c6fd5785bd41adaba26c949e85a7b2845491cd4deb9df389fb0f2c34e0f2f1c089072049363091858b8922306c3e10ca2dac2c53e02eed882af6a5d73780999e6eeacaf8e16292a7dc09efa3ac6f26fa7d5dea1b1c44a720716e83efe8f26601e473502496f829102bae8696fb96cac6e31feb0b6b437b2442198f01ea20efb53967ac9aabfa991ecdb41145e08282fd9be5932e45769b163f59e9e6843fd5ba42b7d18613e9086b2c453610cd68445a2a86a969709163544792ea73e1184c0ae48eef58e6817d406d441432f2414190872787181e0fdbfb15a59d126600442fdd638c72d68db3a75285e1584f116ced6f9ac9155c49ed6bad603ecab7d2954e51689de53f1761362171beb2c8587aabd0a24c9d81096c1b2b3236303105c72d4d7aa03b7321cb2859e5559864e6901eb6c61dc9f0cf1ce454c4895f446a3449a680a18eb81e38a750c04994e005c678aa9ed2d9d715cebede294f4f14282350a1c80da5987d80409b01e62e30558caea13b105549544aa0746fa72d17a15955c89d03e68a49aba9085400ab220889c61993f4e0ba7531abf4d8eb484f9a71d9462e679b2cf4fe156e9dfb2d1714f08699f564fb16665e3b91d61c476702ea7ba932f05bd48751a5724870f7ad1aca789b0532cacb2e5af51f581d738fa8a4921f88f42e6fe3b17e9437a6d77b4bb1828849a86dabacf3a030ac7a3589671a89e23120b7633eea0e2888ed889ea0768b280f952ccc793969b2ce866eb0a966300e256e595f8bdfe7810557b744878f9c9812b9b6737e5bcb81faea22640a8bbb69c3fca10f7cfdc9f3cd034e688064a2f9ab1f07baa6b8bcadedd9f03b9b7f8c750224901b84c1702b73c8d4f7c6ac78e26f16f8438b077c50c736c621221616b5c2854685dadad52997a0146c286c8602f4f1e41578d1d59fad2b382cbca7f7b1e48cd6424c1c0db5e37c97b87695ee36304a84dfd4157083f28de4207e16d5faea1afaf33f768aea186d18de32c9cd9b943e5c9f50ab93bf024a5b189dd003e0479fddc5654c27a9319efef611a54078b2b73aa50afaf1d77e1e2a175106f43a59d0bc56b41720e667bd479dcdc2450f8b9b9048c69331a113fbcea0ebab5b1918677cad49baa6aec70078aff13aee58953d8d693a87f58c1e17beb788b66d00258490442725ae5162533933d0f8fb5632d858eafce8ab293198ba20fdceb60b97905f1f1bddd92d6ca0a248b547502ec2a0a599889feca261a3fad9bef4faf282aa89190eb46161a5609bacb140cddcd38b7616a1be2e9ab3f6e57fa0721206a482a9024d202296e9410c3df234519583bd63eb110bfa37043391c0dbc737b743d5e3026015b0716a21be39ac2cb7110a3f634f3de0ebf9924685ba3787916b9e7bc9a54af9b4e7bfae6d63a163ea97d5275a53f61141009579ed9968eaec6fdf4de32ea420698fd3ab363e08d8a0e99e55e622b5efa9f703af244a88486b7800e76f17996c057a110aa9e96a6346604be333aa073edaffcc3b9020548459774dc4ad701ab81b2c32f69309690b3fb7a892303d37c7565acb97dca14e5ada2d76ea3b97d50b103316b9375b9789f7c6a1c35cd8588590a7b3da504cafe655759d1cff31786f20f2fa19e882695b8c0cac391e0874da355b4cc7c4a5386da990d9749af3136ab2fc9d015f65e4436bbd26ac3d50ba09cd0f70d97ca7bd7eaa54ba13d9e8ac82366e00d82a586c53a9a6ce3b196f0add6578a83042e050c3e1799651c53e29130a829aa6b2ad26be8a865c8390417720996113f7da290a9814ce24ab6aa66f04c6247c2d32642e56201cb9642db84314a35b1cb7ccb454ded28a03994826993fd9c1641b8e571356e400b75c86c0c32d2b08c56d2246b96e448d0029a898f72ee80b9dca32a1c694fc0c2e876ab76b0c90994a5c0ee5105d45998764e9e45557aebe171335a963936a66c80732022a07ac242fe55a2206f2a2102d1d70a693ff3357a82c8a42869e3febb32a853ab96dfb3f0ab8d17039d75bb2913c7d452d232b97ae85fb959d34c3dc68315f97dbbe94e49458225c349b4e024e85cb582d943739b0122232ef0dad6cf45fac618899259812fab2e94c66452b51585427236b3f0bd843ddf4201d9fb5040d6766fd58aebd797f26532038c42e090585dd6199b783a31f35cd5d5c2e988c88967cb26a3bca580ded0d2b660e63f29c668dcdf4860e7ddaf078e10cefdcca67e8860784386b08ead5c6dea5c1837b8002d1b97715eab732d0c3a9a30519b55a7c9fa9382e7d858b639a8bb203dc5a11b60ed8d59b6345819b16beb046e4ee6e879ed3fe4fb16d3c5dbef2cf0c6a4d381fcb6e3081bd2ed9cec4864c53eef360c877e56dfeff92384ddfc6e0158cb0609ba0f3d49a2e359dc23a7b798f0445c179b40d847df62f8b2649ef78623ac6a4c834a2ecf2ab9dcbb3b9e52b61efc5ab5e24debe3ceb14005fd21945834a89f39125d1a98b1fb1fa7d1c44d973f1657060c90258c78bd29de91661caad78299f007bd1b0544bbfd8e40a968bf6ebda465540e72fa9275c20c7f34c07b0e8ab657043fee8d83ba383665961d40cdc9e0b0b706a326c2f3fbfbb413cc386862e8fa6129a1106d311ba98fc84682b1d060bc279f153d928e2925cdb5cbe712ac42000eca36f5cabaab7f092f0abcfbd4187caf9237c30b81a1135f0f5903b4a7d379420ddacc0b3cdfc937014d6cfc3c7d3f8e2f89939472b511f8832cada53189cf9bfa5cd799ccac4da1373c3ed43141a1806ad836ee48b4383d297c11216692fa6cf0cbc429409643489dd59de2a41f9a6f33b4e102291f8eeb9ac883c8f0d3552f1231116e5179e42e570583036750e2d4a92cce895d8836ab6f4a08b052ee2b68eec2df07610cd32874b25a616aa8936dc3a6694e9a4e23519a5e48e4570a59f83d51e69593a7f52b601f974a44858c7f9dc2381ea36566cb2c0a6005e34f3332edca93d45721cb3db5edb788b9395f6a46b48cf7f52370eb835499735238be92413a9d67d48185fb9378b56feb25a9db356df3ab5b897c51bf8fe0ec15aa71597edaa8aad920b8a16fde46d05b266be9ca41617c89ea3c27115d6594a44caa4b25a0e84f079fb15c92b38e390ad943ca2f7d44aff282d5e65c677a04755ca29f0db48e7b365275a4183dea50185f0ce79cd5b6eb0d066222759e9c42b6360c41523bd0c3ffb5fbc7406ff762ff0d5ad375f2211a81e647d09c685e5e19710af201f2cfb1e339bbde62f83a5d1c7a897c31269241f01371622ffad5f6dba73bed8c82d1132b5589c1b4507d453f1ceca7d4112097d5a9a516cfc8444fd98da7d98a2684332e5b373b18c349865ce95bc3587a33510e25c3315a60b54a22a9410c854c0948e583742a4442b34717b78ccd054bdd1339d0f0cabc1e8730263239d9b9b2f1bde381ff126ef05dbadcd651880c95ad9c96d4e4cc6da836b9b95597858adabe92983379f46da41f35f560644960534366782d5d672879d62a7b0ae80e012547ff5b618c04f119535e1cf1fc44d6c0c0002c59b174fd2be2923391a11ab258e0f3bac63d737fe28ad8bff5c43bdaf5c0437911ae8ef3ee0538ecbe9955304d8bedb6df878f1ccb3c9fafbb0175ca48d118661b76e55a8429a0f006d77a48054fe2e8436c1f47bddd7a1666166fa26d94fa32aa31248a38196e18943c0ed8f57f7211c9d80c2c52cbbb90cc62510658afe1bb6506a6752183ac7478423a963771946de15e37e3a4d21ff2b60704b2fe8a938718d50e889d271a5171bfca2efbd170cb2f0c60da5368dbc5a2a1c7abe1d1a5235a4d1b2cdef630fa00094f42907a04ce6212aaba2520efe308cfde4a07c2b3c6091efd490717617eb3f2b5740dcb17f80e28f0efdde9b15024e61d7bf4d0a388d7c33b94e20568f89e4b6b2f8f6ba930e4fb215343fc4db89f7b6b5c23d56aede6ed5ed0d5773f155a40e9dcb334d7e32a7e4142721700023088c8d274fd7e609cc5e3e696dfa1ec425a0f2a58c4177adbcf9f1344e431f00cee645ffee04ce95a65d1add3f093b022b7789b733194a02e61718481ab086b7367a1f10a000158699a64647aa0d52cabce7443c60a932b6743699eaf7e90170df48351388971b7df537e22b9abadc72e9393978411a5e900da995ef5d266374e1993db4f93a72a6045cc291ea342597d7c3bee20250ff06a8565de6665532a45d361b985e1782a81936d0b7f7f43993415552a4350b8373a33633ffc5e3f28fb8107f15110f4e8f8c8d51f671e0ff389fe9fd06db2b42577fa323be29cd23f5a264800dd2c028e15b158c989fda593402506460ac66dae57db5af2e01b7c9f89a3b14d2029bcf5409196cb189c921afa4e89ee1a6448effc91c6fd39e4eca3d89730dffa68e0613c50bcbaf5d717d39117a0cd30f2ab1326cdd5b438acb099745e926e6bc6aaa65ead655f89ba97c704c8a7ff8ce7c6e0efe8b73f910a40903e1188bd24ee70be925cadfdb8506e96fe883c98a11b61b513fe9b2c0033b213ed8e46013c7e44501a2564d16863fafa734cf2895ab1b570f26c721ef4ca340ecbce82849e01d064f700fa875212e9cb6c8069993b2a5f5978b97701dd9f6209a038c843b4e6d7c11c48bbf06716afa0d8b5aff3c2c1dc23f55993388832e3a2a551aa81a212d61e72931701321396e2489968e87ad1ea6490b06b8dfa79e0be632e6f1e08be8c76cd4514621a518a30924f17bf083821bb2e418174a4d9fcb6f107ca7ecebdfd20b33826a8f2a2ed8aef43b6b04ba399c56c5da400b7339fa75f0c63d492abe081f0759ebb3b67c21ada6e3b559333b9d5249fe", 0x1000) pipe(&(0x7f0000002d80)) 15:52:18 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) openat$vimc2(0xffffffffffffff9c, &(0x7f0000001d40)='/dev/video2\x00', 0x2, 0x0) 15:52:18 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2) r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r3, 0x8010500c, &(0x7f00000004c0)) 15:52:18 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) r6 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000001d40)='/dev/video2\x00', 0x2, 0x0) write(r6, &(0x7f0000001d80)="95b777c30ab4effb1907c9e504d224d01b8660759f8d1e16f96c9de595c0bcaa06c3cb26fb7976294c70ca8a5c794bd48152b7b2ab801f4b55d631ce77363f5d513f464107a16725023be17628bf76b2a56847b053f0bf81f39a2b6bc73912bfec73978f246a222a9afc336eaac2c7c1c5506478800513669e542f71dda5f7189774381d3f8f06a1879a3caa71e9f42c9146af357134c37271eacd9abeb67c60ec2585739261e99b0400920f0d82d671000c13b47c873c1c78061f26d6f43c325a072325473893042d77cf44519db651c582056cd59179771ace08d095c658acb7d91414412169b4a7eaa31471a5712e9755ce78223f98159ab9f297064b3c9886dc9243af7a7125c3520219f03f2a3738417e31d9538e21ad97777b9c188487b84a449f48ca6e7e0925c5a7df7eb42f51780d8c1357f9ede0a0b2344887edb815b0b2d3f056dc4e46fb4b2b6e8090ca9b9280207bc9250f6e25352e34cfe9466b30059d2cf63c16a8a698ec53ce38003c14fef539db53f561643d09bac89653ee09ce45de0b30e70fde346b2c374d4560717cb329a74bafbb7d603c987a8f78aa416d99479f569c0425be51766344f9a680a5c28a01b9e3fb7fdd672ee411e71b201d68d7635a8c3320c93611d60b373609baee5648938107fdaf8779575ea2433190b0b0deb2ac2a8f52743226aad611563481364f076ab16b17c0421e01de0c3a39b22b9021a4db7347d877dfebd95f5cb663518f00cda756c5a2a39821013a69e4b13e596c44e038d566ed8959f4543018091df4c185ed4ee2a120bcdb8c49d4e8a4f6d9bd2d8ee63a21087cac15affde10db66254cc0dc10ad57a65d9258113568ad56bc43f16380b3a0059a005cccca5a52b4b0c3683468c2eac0f793ec4083bf96eaf049f652cee9a83059c18a6a6bb79c6fd5785bd41adaba26c949e85a7b2845491cd4deb9df389fb0f2c34e0f2f1c089072049363091858b8922306c3e10ca2dac2c53e02eed882af6a5d73780999e6eeacaf8e16292a7dc09efa3ac6f26fa7d5dea1b1c44a720716e83efe8f26601e473502496f829102bae8696fb96cac6e31feb0b6b437b2442198f01ea20efb53967ac9aabfa991ecdb41145e08282fd9be5932e45769b163f59e9e6843fd5ba42b7d18613e9086b2c453610cd68445a2a86a969709163544792ea73e1184c0ae48eef58e6817d406d441432f2414190872787181e0fdbfb15a59d126600442fdd638c72d68db3a75285e1584f116ced6f9ac9155c49ed6bad603ecab7d2954e51689de53f1761362171beb2c8587aabd0a24c9d81096c1b2b3236303105c72d4d7aa03b7321cb2859e5559864e6901eb6c61dc9f0cf1ce454c4895f446a3449a680a18eb81e38a750c04994e005c678aa9ed2d9d715cebede294f4f14282350a1c80da5987d80409b01e62e30558caea13b105549544aa0746fa72d17a15955c89d03e68a49aba9085400ab220889c61993f4e0ba7531abf4d8eb484f9a71d9462e679b2cf4fe156e9dfb2d1714f08699f564fb16665e3b91d61c476702ea7ba932f05bd48751a5724870f7ad1aca789b0532cacb2e5af51f581d738fa8a4921f88f42e6fe3b17e9437a6d77b4bb1828849a86dabacf3a030ac7a3589671a89e23120b7633eea0e2888ed889ea0768b280f952ccc793969b2ce866eb0a966300e256e595f8bdfe7810557b744878f9c9812b9b6737e5bcb81faea22640a8bbb69c3fca10f7cfdc9f3cd034e688064a2f9ab1f07baa6b8bcadedd9f03b9b7f8c750224901b84c1702b73c8d4f7c6ac78e26f16f8438b077c50c736c621221616b5c2854685dadad52997a0146c286c8602f4f1e41578d1d59fad2b382cbca7f7b1e48cd6424c1c0db5e37c97b87695ee36304a84dfd4157083f28de4207e16d5faea1afaf33f768aea186d18de32c9cd9b943e5c9f50ab93bf024a5b189dd003e0479fddc5654c27a9319efef611a54078b2b73aa50afaf1d77e1e2a175106f43a59d0bc56b41720e667bd479dcdc2450f8b9b9048c69331a113fbcea0ebab5b1918677cad49baa6aec70078aff13aee58953d8d693a87f58c1e17beb788b66d00258490442725ae5162533933d0f8fb5632d858eafce8ab293198ba20fdceb60b97905f1f1bddd92d6ca0a248b547502ec2a0a599889feca261a3fad9bef4faf282aa89190eb46161a5609bacb140cddcd38b7616a1be2e9ab3f6e57fa0721206a482a9024d202296e9410c3df234519583bd63eb110bfa37043391c0dbc737b743d5e3026015b0716a21be39ac2cb7110a3f634f3de0ebf9924685ba3787916b9e7bc9a54af9b4e7bfae6d63a163ea97d5275a53f61141009579ed9968eaec6fdf4de32ea420698fd3ab363e08d8a0e99e55e622b5efa9f703af244a88486b7800e76f17996c057a110aa9e96a6346604be333aa073edaffcc3b9020548459774dc4ad701ab81b2c32f69309690b3fb7a892303d37c7565acb97dca14e5ada2d76ea3b97d50b103316b9375b9789f7c6a1c35cd8588590a7b3da504cafe655759d1cff31786f20f2fa19e882695b8c0cac391e0874da355b4cc7c4a5386da990d9749af3136ab2fc9d015f65e4436bbd26ac3d50ba09cd0f70d97ca7bd7eaa54ba13d9e8ac82366e00d82a586c53a9a6ce3b196f0add6578a83042e050c3e1799651c53e29130a829aa6b2ad26be8a865c8390417720996113f7da290a9814ce24ab6aa66f04c6247c2d32642e56201cb9642db84314a35b1cb7ccb454ded28a03994826993fd9c1641b8e571356e400b75c86c0c32d2b08c56d2246b96e448d0029a898f72ee80b9dca32a1c694fc0c2e876ab76b0c90994a5c0ee5105d45998764e9e45557aebe171335a963936a66c80732022a07ac242fe55a2206f2a2102d1d70a693ff3357a82c8a42869e3febb32a853ab96dfb3f0ab8d17039d75bb2913c7d452d232b97ae85fb959d34c3dc68315f97dbbe94e49458225c349b4e024e85cb582d943739b0122232ef0dad6cf45fac618899259812fab2e94c66452b51585427236b3f0bd843ddf4201d9fb5040d6766fd58aebd797f26532038c42e090585dd6199b783a31f35cd5d5c2e988c88967cb26a3bca580ded0d2b660e63f29c668dcdf4860e7ddaf078e10cefdcca67e8860784386b08ead5c6dea5c1837b8002d1b97715eab732d0c3a9a30519b55a7c9fa9382e7d858b639a8bb203dc5a11b60ed8d59b6345819b16beb046e4ee6e879ed3fe4fb16d3c5dbef2cf0c6a4d381fcb6e3081bd2ed9cec4864c53eef360c877e56dfeff92384ddfc6e0158cb0609ba0f3d49a2e359dc23a7b798f0445c179b40d847df62f8b2649ef78623ac6a4c834a2ecf2ab9dcbb3b9e52b61efc5ab5e24debe3ceb14005fd21945834a89f39125d1a98b1fb1fa7d1c44d973f1657060c90258c78bd29de91661caad78299f007bd1b0544bbfd8e40a968bf6ebda465540e72fa9275c20c7f34c07b0e8ab657043fee8d83ba383665961d40cdc9e0b0b706a326c2f3fbfbb413cc386862e8fa6129a1106d311ba98fc84682b1d060bc279f153d928e2925cdb5cbe712ac42000eca36f5cabaab7f092f0abcfbd4187caf9237c30b81a1135f0f5903b4a7d379420ddacc0b3cdfc937014d6cfc3c7d3f8e2f89939472b511f8832cada53189cf9bfa5cd799ccac4da1373c3ed43141a1806ad836ee48b4383d297c11216692fa6cf0cbc429409643489dd59de2a41f9a6f33b4e102291f8eeb9ac883c8f0d3552f1231116e5179e42e570583036750e2d4a92cce895d8836ab6f4a08b052ee2b68eec2df07610cd32874b25a616aa8936dc3a6694e9a4e23519a5e48e4570a59f83d51e69593a7f52b601f974a44858c7f9dc2381ea36566cb2c0a6005e34f3332edca93d45721cb3db5edb788b9395f6a46b48cf7f52370eb835499735238be92413a9d67d48185fb9378b56feb25a9db356df3ab5b897c51bf8fe0ec15aa71597edaa8aad920b8a16fde46d05b266be9ca41617c89ea3c27115d6594a44caa4b25a0e84f079fb15c92b38e390ad943ca2f7d44aff282d5e65c677a04755ca29f0db48e7b365275a4183dea50185f0ce79cd5b6eb0d066222759e9c42b6360c41523bd0c3ffb5fbc7406ff762ff0d5ad375f2211a81e647d09c685e5e19710af201f2cfb1e339bbde62f83a5d1c7a897c31269241f01371622ffad5f6dba73bed8c82d1132b5589c1b4507d453f1ceca7d4112097d5a9a516cfc8444fd98da7d98a2684332e5b373b18c349865ce95bc3587a33510e25c3315a60b54a22a9410c854c0948e583742a4442b34717b78ccd054bdd1339d0f0cabc1e8730263239d9b9b2f1bde381ff126ef05dbadcd651880c95ad9c96d4e4cc6da836b9b95597858adabe92983379f46da41f35f560644960534366782d5d672879d62a7b0ae80e012547ff5b618c04f119535e1cf1fc44d6c0c0002c59b174fd2be2923391a11ab258e0f3bac63d737fe28ad8bff5c43bdaf5c0437911ae8ef3ee0538ecbe9955304d8bedb6df878f1ccb3c9fafbb0175ca48d118661b76e55a8429a0f006d77a48054fe2e8436c1f47bddd7a1666166fa26d94fa32aa31248a38196e18943c0ed8f57f7211c9d80c2c52cbbb90cc62510658afe1bb6506a6752183ac7478423a963771946de15e37e3a4d21ff2b60704b2fe8a938718d50e889d271a5171bfca2efbd170cb2f0c60da5368dbc5a2a1c7abe1d1a5235a4d1b2cdef630fa00094f42907a04ce6212aaba2520efe308cfde4a07c2b3c6091efd490717617eb3f2b5740dcb17f80e28f0efdde9b15024e61d7bf4d0a388d7c33b94e20568f89e4b6b2f8f6ba930e4fb215343fc4db89f7b6b5c23d56aede6ed5ed0d5773f155a40e9dcb334d7e32a7e4142721700023088c8d274fd7e609cc5e3e696dfa1ec425a0f2a58c4177adbcf9f1344e431f00cee645ffee04ce95a65d1add3f093b022b7789b733194a02e61718481ab086b7367a1f10a000158699a64647aa0d52cabce7443c60a932b6743699eaf7e90170df48351388971b7df537e22b9abadc72e9393978411a5e900da995ef5d266374e1993db4f93a72a6045cc291ea342597d7c3bee20250ff06a8565de6665532a45d361b985e1782a81936d0b7f7f43993415552a4350b8373a33633ffc5e3f28fb8107f15110f4e8f8c8d51f671e0ff389fe9fd06db2b42577fa323be29cd23f5a264800dd2c028e15b158c989fda593402506460ac66dae57db5af2e01b7c9f89a3b14d2029bcf5409196cb189c921afa4e89ee1a6448effc91c6fd39e4eca3d89730dffa68e0613c50bcbaf5d717d39117a0cd30f2ab1326cdd5b438acb099745e926e6bc6aaa65ead655f89ba97c704c8a7ff8ce7c6e0efe8b73f910a40903e1188bd24ee70be925cadfdb8506e96fe883c98a11b61b513fe9b2c0033b213ed8e46013c7e44501a2564d16863fafa734cf2895ab1b570f26c721ef4ca340ecbce82849e01d064f700fa875212e9cb6c8069993b2a5f5978b97701dd9f6209a038c843b4e6d7c11c48bbf06716afa0d8b5aff3c2c1dc23f55993388832e3a2a551aa81a212d61e72931701321396e2489968e87ad1ea6490b06b8dfa79e0be632e6f1e08be8c76cd4514621a518a30924f17bf083821bb2e418174a4d9fcb6f107ca7ecebdfd20b33826a8f2a2ed8aef43b6b04ba399c56c5da400b7339fa75f0c63d492abe081f0759ebb3b67c21ada6e3b559333b9d5249fe", 0x1000) 15:52:18 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) r6 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000001d40)='/dev/video2\x00', 0x2, 0x0) write(r6, &(0x7f0000001d80)="95b777c30ab4effb1907c9e504d224d01b8660759f8d1e16f96c9de595c0bcaa06c3cb26fb7976294c70ca8a5c794bd48152b7b2ab801f4b55d631ce77363f5d513f464107a16725023be17628bf76b2a56847b053f0bf81f39a2b6bc73912bfec73978f246a222a9afc336eaac2c7c1c5506478800513669e542f71dda5f7189774381d3f8f06a1879a3caa71e9f42c9146af357134c37271eacd9abeb67c60ec2585739261e99b0400920f0d82d671000c13b47c873c1c78061f26d6f43c325a072325473893042d77cf44519db651c582056cd59179771ace08d095c658acb7d91414412169b4a7eaa31471a5712e9755ce78223f98159ab9f297064b3c9886dc9243af7a7125c3520219f03f2a3738417e31d9538e21ad97777b9c188487b84a449f48ca6e7e0925c5a7df7eb42f51780d8c1357f9ede0a0b2344887edb815b0b2d3f056dc4e46fb4b2b6e8090ca9b9280207bc9250f6e25352e34cfe9466b30059d2cf63c16a8a698ec53ce38003c14fef539db53f561643d09bac89653ee09ce45de0b30e70fde346b2c374d4560717cb329a74bafbb7d603c987a8f78aa416d99479f569c0425be51766344f9a680a5c28a01b9e3fb7fdd672ee411e71b201d68d7635a8c3320c93611d60b373609baee5648938107fdaf8779575ea2433190b0b0deb2ac2a8f52743226aad611563481364f076ab16b17c0421e01de0c3a39b22b9021a4db7347d877dfebd95f5cb663518f00cda756c5a2a39821013a69e4b13e596c44e038d566ed8959f4543018091df4c185ed4ee2a120bcdb8c49d4e8a4f6d9bd2d8ee63a21087cac15affde10db66254cc0dc10ad57a65d9258113568ad56bc43f16380b3a0059a005cccca5a52b4b0c3683468c2eac0f793ec4083bf96eaf049f652cee9a83059c18a6a6bb79c6fd5785bd41adaba26c949e85a7b2845491cd4deb9df389fb0f2c34e0f2f1c089072049363091858b8922306c3e10ca2dac2c53e02eed882af6a5d73780999e6eeacaf8e16292a7dc09efa3ac6f26fa7d5dea1b1c44a720716e83efe8f26601e473502496f829102bae8696fb96cac6e31feb0b6b437b2442198f01ea20efb53967ac9aabfa991ecdb41145e08282fd9be5932e45769b163f59e9e6843fd5ba42b7d18613e9086b2c453610cd68445a2a86a969709163544792ea73e1184c0ae48eef58e6817d406d441432f2414190872787181e0fdbfb15a59d126600442fdd638c72d68db3a75285e1584f116ced6f9ac9155c49ed6bad603ecab7d2954e51689de53f1761362171beb2c8587aabd0a24c9d81096c1b2b3236303105c72d4d7aa03b7321cb2859e5559864e6901eb6c61dc9f0cf1ce454c4895f446a3449a680a18eb81e38a750c04994e005c678aa9ed2d9d715cebede294f4f14282350a1c80da5987d80409b01e62e30558caea13b105549544aa0746fa72d17a15955c89d03e68a49aba9085400ab220889c61993f4e0ba7531abf4d8eb484f9a71d9462e679b2cf4fe156e9dfb2d1714f08699f564fb16665e3b91d61c476702ea7ba932f05bd48751a5724870f7ad1aca789b0532cacb2e5af51f581d738fa8a4921f88f42e6fe3b17e9437a6d77b4bb1828849a86dabacf3a030ac7a3589671a89e23120b7633eea0e2888ed889ea0768b280f952ccc793969b2ce866eb0a966300e256e595f8bdfe7810557b744878f9c9812b9b6737e5bcb81faea22640a8bbb69c3fca10f7cfdc9f3cd034e688064a2f9ab1f07baa6b8bcadedd9f03b9b7f8c750224901b84c1702b73c8d4f7c6ac78e26f16f8438b077c50c736c621221616b5c2854685dadad52997a0146c286c8602f4f1e41578d1d59fad2b382cbca7f7b1e48cd6424c1c0db5e37c97b87695ee36304a84dfd4157083f28de4207e16d5faea1afaf33f768aea186d18de32c9cd9b943e5c9f50ab93bf024a5b189dd003e0479fddc5654c27a9319efef611a54078b2b73aa50afaf1d77e1e2a175106f43a59d0bc56b41720e667bd479dcdc2450f8b9b9048c69331a113fbcea0ebab5b1918677cad49baa6aec70078aff13aee58953d8d693a87f58c1e17beb788b66d00258490442725ae5162533933d0f8fb5632d858eafce8ab293198ba20fdceb60b97905f1f1bddd92d6ca0a248b547502ec2a0a599889feca261a3fad9bef4faf282aa89190eb46161a5609bacb140cddcd38b7616a1be2e9ab3f6e57fa0721206a482a9024d202296e9410c3df234519583bd63eb110bfa37043391c0dbc737b743d5e3026015b0716a21be39ac2cb7110a3f634f3de0ebf9924685ba3787916b9e7bc9a54af9b4e7bfae6d63a163ea97d5275a53f61141009579ed9968eaec6fdf4de32ea420698fd3ab363e08d8a0e99e55e622b5efa9f703af244a88486b7800e76f17996c057a110aa9e96a6346604be333aa073edaffcc3b9020548459774dc4ad701ab81b2c32f69309690b3fb7a892303d37c7565acb97dca14e5ada2d76ea3b97d50b103316b9375b9789f7c6a1c35cd8588590a7b3da504cafe655759d1cff31786f20f2fa19e882695b8c0cac391e0874da355b4cc7c4a5386da990d9749af3136ab2fc9d015f65e4436bbd26ac3d50ba09cd0f70d97ca7bd7eaa54ba13d9e8ac82366e00d82a586c53a9a6ce3b196f0add6578a83042e050c3e1799651c53e29130a829aa6b2ad26be8a865c8390417720996113f7da290a9814ce24ab6aa66f04c6247c2d32642e56201cb9642db84314a35b1cb7ccb454ded28a03994826993fd9c1641b8e571356e400b75c86c0c32d2b08c56d2246b96e448d0029a898f72ee80b9dca32a1c694fc0c2e876ab76b0c90994a5c0ee5105d45998764e9e45557aebe171335a963936a66c80732022a07ac242fe55a2206f2a2102d1d70a693ff3357a82c8a42869e3febb32a853ab96dfb3f0ab8d17039d75bb2913c7d452d232b97ae85fb959d34c3dc68315f97dbbe94e49458225c349b4e024e85cb582d943739b0122232ef0dad6cf45fac618899259812fab2e94c66452b51585427236b3f0bd843ddf4201d9fb5040d6766fd58aebd797f26532038c42e090585dd6199b783a31f35cd5d5c2e988c88967cb26a3bca580ded0d2b660e63f29c668dcdf4860e7ddaf078e10cefdcca67e8860784386b08ead5c6dea5c1837b8002d1b97715eab732d0c3a9a30519b55a7c9fa9382e7d858b639a8bb203dc5a11b60ed8d59b6345819b16beb046e4ee6e879ed3fe4fb16d3c5dbef2cf0c6a4d381fcb6e3081bd2ed9cec4864c53eef360c877e56dfeff92384ddfc6e0158cb0609ba0f3d49a2e359dc23a7b798f0445c179b40d847df62f8b2649ef78623ac6a4c834a2ecf2ab9dcbb3b9e52b61efc5ab5e24debe3ceb14005fd21945834a89f39125d1a98b1fb1fa7d1c44d973f1657060c90258c78bd29de91661caad78299f007bd1b0544bbfd8e40a968bf6ebda465540e72fa9275c20c7f34c07b0e8ab657043fee8d83ba383665961d40cdc9e0b0b706a326c2f3fbfbb413cc386862e8fa6129a1106d311ba98fc84682b1d060bc279f153d928e2925cdb5cbe712ac42000eca36f5cabaab7f092f0abcfbd4187caf9237c30b81a1135f0f5903b4a7d379420ddacc0b3cdfc937014d6cfc3c7d3f8e2f89939472b511f8832cada53189cf9bfa5cd799ccac4da1373c3ed43141a1806ad836ee48b4383d297c11216692fa6cf0cbc429409643489dd59de2a41f9a6f33b4e102291f8eeb9ac883c8f0d3552f1231116e5179e42e570583036750e2d4a92cce895d8836ab6f4a08b052ee2b68eec2df07610cd32874b25a616aa8936dc3a6694e9a4e23519a5e48e4570a59f83d51e69593a7f52b601f974a44858c7f9dc2381ea36566cb2c0a6005e34f3332edca93d45721cb3db5edb788b9395f6a46b48cf7f52370eb835499735238be92413a9d67d48185fb9378b56feb25a9db356df3ab5b897c51bf8fe0ec15aa71597edaa8aad920b8a16fde46d05b266be9ca41617c89ea3c27115d6594a44caa4b25a0e84f079fb15c92b38e390ad943ca2f7d44aff282d5e65c677a04755ca29f0db48e7b365275a4183dea50185f0ce79cd5b6eb0d066222759e9c42b6360c41523bd0c3ffb5fbc7406ff762ff0d5ad375f2211a81e647d09c685e5e19710af201f2cfb1e339bbde62f83a5d1c7a897c31269241f01371622ffad5f6dba73bed8c82d1132b5589c1b4507d453f1ceca7d4112097d5a9a516cfc8444fd98da7d98a2684332e5b373b18c349865ce95bc3587a33510e25c3315a60b54a22a9410c854c0948e583742a4442b34717b78ccd054bdd1339d0f0cabc1e8730263239d9b9b2f1bde381ff126ef05dbadcd651880c95ad9c96d4e4cc6da836b9b95597858adabe92983379f46da41f35f560644960534366782d5d672879d62a7b0ae80e012547ff5b618c04f119535e1cf1fc44d6c0c0002c59b174fd2be2923391a11ab258e0f3bac63d737fe28ad8bff5c43bdaf5c0437911ae8ef3ee0538ecbe9955304d8bedb6df878f1ccb3c9fafbb0175ca48d118661b76e55a8429a0f006d77a48054fe2e8436c1f47bddd7a1666166fa26d94fa32aa31248a38196e18943c0ed8f57f7211c9d80c2c52cbbb90cc62510658afe1bb6506a6752183ac7478423a963771946de15e37e3a4d21ff2b60704b2fe8a938718d50e889d271a5171bfca2efbd170cb2f0c60da5368dbc5a2a1c7abe1d1a5235a4d1b2cdef630fa00094f42907a04ce6212aaba2520efe308cfde4a07c2b3c6091efd490717617eb3f2b5740dcb17f80e28f0efdde9b15024e61d7bf4d0a388d7c33b94e20568f89e4b6b2f8f6ba930e4fb215343fc4db89f7b6b5c23d56aede6ed5ed0d5773f155a40e9dcb334d7e32a7e4142721700023088c8d274fd7e609cc5e3e696dfa1ec425a0f2a58c4177adbcf9f1344e431f00cee645ffee04ce95a65d1add3f093b022b7789b733194a02e61718481ab086b7367a1f10a000158699a64647aa0d52cabce7443c60a932b6743699eaf7e90170df48351388971b7df537e22b9abadc72e9393978411a5e900da995ef5d266374e1993db4f93a72a6045cc291ea342597d7c3bee20250ff06a8565de6665532a45d361b985e1782a81936d0b7f7f43993415552a4350b8373a33633ffc5e3f28fb8107f15110f4e8f8c8d51f671e0ff389fe9fd06db2b42577fa323be29cd23f5a264800dd2c028e15b158c989fda593402506460ac66dae57db5af2e01b7c9f89a3b14d2029bcf5409196cb189c921afa4e89ee1a6448effc91c6fd39e4eca3d89730dffa68e0613c50bcbaf5d717d39117a0cd30f2ab1326cdd5b438acb099745e926e6bc6aaa65ead655f89ba97c704c8a7ff8ce7c6e0efe8b73f910a40903e1188bd24ee70be925cadfdb8506e96fe883c98a11b61b513fe9b2c0033b213ed8e46013c7e44501a2564d16863fafa734cf2895ab1b570f26c721ef4ca340ecbce82849e01d064f700fa875212e9cb6c8069993b2a5f5978b97701dd9f6209a038c843b4e6d7c11c48bbf06716afa0d8b5aff3c2c1dc23f55993388832e3a2a551aa81a212d61e72931701321396e2489968e87ad1ea6490b06b8dfa79e0be632e6f1e08be8c76cd4514621a518a30924f17bf083821bb2e418174a4d9fcb6f107ca7ecebdfd20b33826a8f2a2ed8aef43b6b04ba399c56c5da400b7339fa75f0c63d492abe081f0759ebb3b67c21ada6e3b559333b9d5249fe", 0x1000) 15:52:18 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:18 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_buf(r0, 0x0, 0x2b, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$VIDIOC_S_EXT_CTRLS(r2, 0xc0205648, &(0x7f0000000080)={0x9b0000, 0x101, 0x40, r3, 0x0, &(0x7f0000000040)={0x9b0905, 0x401, [], @p_u8=&(0x7f0000000000)=0x2}}) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000140)=@mangle={'mangle\x00', 0x1f, 0x6, 0x498, 0x130, 0x0, 0x1f0, 0x1f0, 0x0, 0x400, 0x400, 0x400, 0x400, 0x400, 0x6, &(0x7f00000000c0), {[{{@ip={@multicast1, @remote, 0xff000000, 0x0, 'veth1\x00', 'syzkaller0\x00', {}, {0xff}, 0x11, 0x1, 0x41}, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x0, 0x2}}}, {{@ip={@rand_addr=0x64010100, @rand_addr=0x64010100, 0xff, 0xffffff00, 'bridge_slave_1\x00', 'hsr0\x00', {}, {}, 0x89, 0x3, 0x20}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00'}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}, {0x3}}]}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00'}}, {{@ip={@private=0xa010102, @multicast1, 0xffffff00, 0xff, 'bridge_slave_1\x00', 'vxcan1\x00', {0xff}, {}, 0x21, 0x3, 0x1}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@socket0={{0x20, 'socket\x00'}}, @common=@set={{0x40, 'set\x00'}, {{0x1, [0x6, 0x1, 0x3, 0x0, 0x0, 0x6], 0x1, 0x5}}}]}, @TTL={0x28, 'TTL\x00', 0x0, {0x3, 0x9}}}, {{@uncond, 0x0, 0xe8, 0x118, 0x0, {}, [@common=@inet=@set3={{0x50, 'set\x00'}, {{0x2, 0x6, 0x7}, {0x7f, 0x7}, {0x1f, 0xa2a3}, 0x1f}}, @inet=@rpfilter={{0x28, 'rpfilter\x00'}, {0x8}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x4, 0x1, 0x5}, {0x1, 0x3, 0x1}, 0x79eb, 0x9}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x4f8) 15:52:18 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) 15:52:19 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:19 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000002c0)={0x3, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e23, @private=0xa010101}}}, 0x108) r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r3, 0x8010500c, &(0x7f00000004c0)) 15:52:19 executing program 0: semop(0x0, &(0x7f0000000040)=[{0x0, 0xfff, 0x800}], 0x1) r0 = syz_open_dev$video4linux(&(0x7f0000000100)='/dev/v4l-subdev#\x00', 0x8, 0x82000) ioctl$VIDIOC_G_DV_TIMINGS(r0, 0xc0845658, &(0x7f0000000140)={0x0, @reserved}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005740)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$SO_BINDTODEVICE_wg(r4, 0x1, 0x19, &(0x7f0000000080)='wg0\x00', 0x4) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 15:52:19 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) r6 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000001d40)='/dev/video2\x00', 0x2, 0x0) write(r6, &(0x7f0000001d80)="95b777c30ab4effb1907c9e504d224d01b8660759f8d1e16f96c9de595c0bcaa06c3cb26fb7976294c70ca8a5c794bd48152b7b2ab801f4b55d631ce77363f5d513f464107a16725023be17628bf76b2a56847b053f0bf81f39a2b6bc73912bfec73978f246a222a9afc336eaac2c7c1c5506478800513669e542f71dda5f7189774381d3f8f06a1879a3caa71e9f42c9146af357134c37271eacd9abeb67c60ec2585739261e99b0400920f0d82d671000c13b47c873c1c78061f26d6f43c325a072325473893042d77cf44519db651c582056cd59179771ace08d095c658acb7d91414412169b4a7eaa31471a5712e9755ce78223f98159ab9f297064b3c9886dc9243af7a7125c3520219f03f2a3738417e31d9538e21ad97777b9c188487b84a449f48ca6e7e0925c5a7df7eb42f51780d8c1357f9ede0a0b2344887edb815b0b2d3f056dc4e46fb4b2b6e8090ca9b9280207bc9250f6e25352e34cfe9466b30059d2cf63c16a8a698ec53ce38003c14fef539db53f561643d09bac89653ee09ce45de0b30e70fde346b2c374d4560717cb329a74bafbb7d603c987a8f78aa416d99479f569c0425be51766344f9a680a5c28a01b9e3fb7fdd672ee411e71b201d68d7635a8c3320c93611d60b373609baee5648938107fdaf8779575ea2433190b0b0deb2ac2a8f52743226aad611563481364f076ab16b17c0421e01de0c3a39b22b9021a4db7347d877dfebd95f5cb663518f00cda756c5a2a39821013a69e4b13e596c44e038d566ed8959f4543018091df4c185ed4ee2a120bcdb8c49d4e8a4f6d9bd2d8ee63a21087cac15affde10db66254cc0dc10ad57a65d9258113568ad56bc43f16380b3a0059a005cccca5a52b4b0c3683468c2eac0f793ec4083bf96eaf049f652cee9a83059c18a6a6bb79c6fd5785bd41adaba26c949e85a7b2845491cd4deb9df389fb0f2c34e0f2f1c089072049363091858b8922306c3e10ca2dac2c53e02eed882af6a5d73780999e6eeacaf8e16292a7dc09efa3ac6f26fa7d5dea1b1c44a720716e83efe8f26601e473502496f829102bae8696fb96cac6e31feb0b6b437b2442198f01ea20efb53967ac9aabfa991ecdb41145e08282fd9be5932e45769b163f59e9e6843fd5ba42b7d18613e9086b2c453610cd68445a2a86a969709163544792ea73e1184c0ae48eef58e6817d406d441432f2414190872787181e0fdbfb15a59d126600442fdd638c72d68db3a75285e1584f116ced6f9ac9155c49ed6bad603ecab7d2954e51689de53f1761362171beb2c8587aabd0a24c9d81096c1b2b3236303105c72d4d7aa03b7321cb2859e5559864e6901eb6c61dc9f0cf1ce454c4895f446a3449a680a18eb81e38a750c04994e005c678aa9ed2d9d715cebede294f4f14282350a1c80da5987d80409b01e62e30558caea13b105549544aa0746fa72d17a15955c89d03e68a49aba9085400ab220889c61993f4e0ba7531abf4d8eb484f9a71d9462e679b2cf4fe156e9dfb2d1714f08699f564fb16665e3b91d61c476702ea7ba932f05bd48751a5724870f7ad1aca789b0532cacb2e5af51f581d738fa8a4921f88f42e6fe3b17e9437a6d77b4bb1828849a86dabacf3a030ac7a3589671a89e23120b7633eea0e2888ed889ea0768b280f952ccc793969b2ce866eb0a966300e256e595f8bdfe7810557b744878f9c9812b9b6737e5bcb81faea22640a8bbb69c3fca10f7cfdc9f3cd034e688064a2f9ab1f07baa6b8bcadedd9f03b9b7f8c750224901b84c1702b73c8d4f7c6ac78e26f16f8438b077c50c736c621221616b5c2854685dadad52997a0146c286c8602f4f1e41578d1d59fad2b382cbca7f7b1e48cd6424c1c0db5e37c97b87695ee36304a84dfd4157083f28de4207e16d5faea1afaf33f768aea186d18de32c9cd9b943e5c9f50ab93bf024a5b189dd003e0479fddc5654c27a9319efef611a54078b2b73aa50afaf1d77e1e2a175106f43a59d0bc56b41720e667bd479dcdc2450f8b9b9048c69331a113fbcea0ebab5b1918677cad49baa6aec70078aff13aee58953d8d693a87f58c1e17beb788b66d00258490442725ae5162533933d0f8fb5632d858eafce8ab293198ba20fdceb60b97905f1f1bddd92d6ca0a248b547502ec2a0a599889feca261a3fad9bef4faf282aa89190eb46161a5609bacb140cddcd38b7616a1be2e9ab3f6e57fa0721206a482a9024d202296e9410c3df234519583bd63eb110bfa37043391c0dbc737b743d5e3026015b0716a21be39ac2cb7110a3f634f3de0ebf9924685ba3787916b9e7bc9a54af9b4e7bfae6d63a163ea97d5275a53f61141009579ed9968eaec6fdf4de32ea420698fd3ab363e08d8a0e99e55e622b5efa9f703af244a88486b7800e76f17996c057a110aa9e96a6346604be333aa073edaffcc3b9020548459774dc4ad701ab81b2c32f69309690b3fb7a892303d37c7565acb97dca14e5ada2d76ea3b97d50b103316b9375b9789f7c6a1c35cd8588590a7b3da504cafe655759d1cff31786f20f2fa19e882695b8c0cac391e0874da355b4cc7c4a5386da990d9749af3136ab2fc9d015f65e4436bbd26ac3d50ba09cd0f70d97ca7bd7eaa54ba13d9e8ac82366e00d82a586c53a9a6ce3b196f0add6578a83042e050c3e1799651c53e29130a829aa6b2ad26be8a865c8390417720996113f7da290a9814ce24ab6aa66f04c6247c2d32642e56201cb9642db84314a35b1cb7ccb454ded28a03994826993fd9c1641b8e571356e400b75c86c0c32d2b08c56d2246b96e448d0029a898f72ee80b9dca32a1c694fc0c2e876ab76b0c90994a5c0ee5105d45998764e9e45557aebe171335a963936a66c80732022a07ac242fe55a2206f2a2102d1d70a693ff3357a82c8a42869e3febb32a853ab96dfb3f0ab8d17039d75bb2913c7d452d232b97ae85fb959d34c3dc68315f97dbbe94e49458225c349b4e024e85cb582d943739b0122232ef0dad6cf45fac618899259812fab2e94c66452b51585427236b3f0bd843ddf4201d9fb5040d6766fd58aebd797f26532038c42e090585dd6199b783a31f35cd5d5c2e988c88967cb26a3bca580ded0d2b660e63f29c668dcdf4860e7ddaf078e10cefdcca67e8860784386b08ead5c6dea5c1837b8002d1b97715eab732d0c3a9a30519b55a7c9fa9382e7d858b639a8bb203dc5a11b60ed8d59b6345819b16beb046e4ee6e879ed3fe4fb16d3c5dbef2cf0c6a4d381fcb6e3081bd2ed9cec4864c53eef360c877e56dfeff92384ddfc6e0158cb0609ba0f3d49a2e359dc23a7b798f0445c179b40d847df62f8b2649ef78623ac6a4c834a2ecf2ab9dcbb3b9e52b61efc5ab5e24debe3ceb14005fd21945834a89f39125d1a98b1fb1fa7d1c44d973f1657060c90258c78bd29de91661caad78299f007bd1b0544bbfd8e40a968bf6ebda465540e72fa9275c20c7f34c07b0e8ab657043fee8d83ba383665961d40cdc9e0b0b706a326c2f3fbfbb413cc386862e8fa6129a1106d311ba98fc84682b1d060bc279f153d928e2925cdb5cbe712ac42000eca36f5cabaab7f092f0abcfbd4187caf9237c30b81a1135f0f5903b4a7d379420ddacc0b3cdfc937014d6cfc3c7d3f8e2f89939472b511f8832cada53189cf9bfa5cd799ccac4da1373c3ed43141a1806ad836ee48b4383d297c11216692fa6cf0cbc429409643489dd59de2a41f9a6f33b4e102291f8eeb9ac883c8f0d3552f1231116e5179e42e570583036750e2d4a92cce895d8836ab6f4a08b052ee2b68eec2df07610cd32874b25a616aa8936dc3a6694e9a4e23519a5e48e4570a59f83d51e69593a7f52b601f974a44858c7f9dc2381ea36566cb2c0a6005e34f3332edca93d45721cb3db5edb788b9395f6a46b48cf7f52370eb835499735238be92413a9d67d48185fb9378b56feb25a9db356df3ab5b897c51bf8fe0ec15aa71597edaa8aad920b8a16fde46d05b266be9ca41617c89ea3c27115d6594a44caa4b25a0e84f079fb15c92b38e390ad943ca2f7d44aff282d5e65c677a04755ca29f0db48e7b365275a4183dea50185f0ce79cd5b6eb0d066222759e9c42b6360c41523bd0c3ffb5fbc7406ff762ff0d5ad375f2211a81e647d09c685e5e19710af201f2cfb1e339bbde62f83a5d1c7a897c31269241f01371622ffad5f6dba73bed8c82d1132b5589c1b4507d453f1ceca7d4112097d5a9a516cfc8444fd98da7d98a2684332e5b373b18c349865ce95bc3587a33510e25c3315a60b54a22a9410c854c0948e583742a4442b34717b78ccd054bdd1339d0f0cabc1e8730263239d9b9b2f1bde381ff126ef05dbadcd651880c95ad9c96d4e4cc6da836b9b95597858adabe92983379f46da41f35f560644960534366782d5d672879d62a7b0ae80e012547ff5b618c04f119535e1cf1fc44d6c0c0002c59b174fd2be2923391a11ab258e0f3bac63d737fe28ad8bff5c43bdaf5c0437911ae8ef3ee0538ecbe9955304d8bedb6df878f1ccb3c9fafbb0175ca48d118661b76e55a8429a0f006d77a48054fe2e8436c1f47bddd7a1666166fa26d94fa32aa31248a38196e18943c0ed8f57f7211c9d80c2c52cbbb90cc62510658afe1bb6506a6752183ac7478423a963771946de15e37e3a4d21ff2b60704b2fe8a938718d50e889d271a5171bfca2efbd170cb2f0c60da5368dbc5a2a1c7abe1d1a5235a4d1b2cdef630fa00094f42907a04ce6212aaba2520efe308cfde4a07c2b3c6091efd490717617eb3f2b5740dcb17f80e28f0efdde9b15024e61d7bf4d0a388d7c33b94e20568f89e4b6b2f8f6ba930e4fb215343fc4db89f7b6b5c23d56aede6ed5ed0d5773f155a40e9dcb334d7e32a7e4142721700023088c8d274fd7e609cc5e3e696dfa1ec425a0f2a58c4177adbcf9f1344e431f00cee645ffee04ce95a65d1add3f093b022b7789b733194a02e61718481ab086b7367a1f10a000158699a64647aa0d52cabce7443c60a932b6743699eaf7e90170df48351388971b7df537e22b9abadc72e9393978411a5e900da995ef5d266374e1993db4f93a72a6045cc291ea342597d7c3bee20250ff06a8565de6665532a45d361b985e1782a81936d0b7f7f43993415552a4350b8373a33633ffc5e3f28fb8107f15110f4e8f8c8d51f671e0ff389fe9fd06db2b42577fa323be29cd23f5a264800dd2c028e15b158c989fda593402506460ac66dae57db5af2e01b7c9f89a3b14d2029bcf5409196cb189c921afa4e89ee1a6448effc91c6fd39e4eca3d89730dffa68e0613c50bcbaf5d717d39117a0cd30f2ab1326cdd5b438acb099745e926e6bc6aaa65ead655f89ba97c704c8a7ff8ce7c6e0efe8b73f910a40903e1188bd24ee70be925cadfdb8506e96fe883c98a11b61b513fe9b2c0033b213ed8e46013c7e44501a2564d16863fafa734cf2895ab1b570f26c721ef4ca340ecbce82849e01d064f700fa875212e9cb6c8069993b2a5f5978b97701dd9f6209a038c843b4e6d7c11c48bbf06716afa0d8b5aff3c2c1dc23f55993388832e3a2a551aa81a212d61e72931701321396e2489968e87ad1ea6490b06b8dfa79e0be632e6f1e08be8c76cd4514621a518a30924f17bf083821bb2e418174a4d9fcb6f107ca7ecebdfd20b33826a8f2a2ed8aef43b6b04ba399c56c5da400b7339fa75f0c63d492abe081f0759ebb3b67c21ada6e3b559333b9d5249fe", 0x1000) 15:52:19 executing program 4: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) openat$vimc2(0xffffffffffffff9c, &(0x7f0000001d40)='/dev/video2\x00', 0x2, 0x0) 15:52:19 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) 15:52:19 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) openat$vimc2(0xffffffffffffff9c, &(0x7f0000001d40)='/dev/video2\x00', 0x2, 0x0) 15:52:19 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) keyctl$assume_authority(0x10, r2) r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r3, 0x8010500c, &(0x7f00000004c0)) 15:52:19 executing program 4: ioperm(0x0, 0xff, 0x80000001) io_setup(0x1f5, &(0x7f0000000000)=0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) connect$rds(r2, &(0x7f0000000040)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) io_pgetevents(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 15:52:19 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) [ 185.972548][T10205] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. 15:52:19 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) 15:52:19 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) tee(r0, r1, 0x42ff, 0xa) timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) mknod(&(0x7f0000000100)='./file0\x00', 0x1040, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='trusted.overlay.upper\x00', &(0x7f0000000580)=ANY=[], 0x39, 0x0) r2 = gettid() r3 = creat(&(0x7f0000000000)='./file0\x00', 0x83) unlink(&(0x7f0000000180)='./file0\x00') tkill(r2, 0x1000000000016) ioctl$FS_IOC_SETVERSION(r3, 0x40087602, &(0x7f0000000140)=0x1) 15:52:19 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:19 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) ioctl$VFIO_GET_API_VERSION(r3, 0x3b64) 15:52:19 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) add_key$fscrypt_provisioning(&(0x7f00000001c0)='fscrypt-provisioning\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)={0x2, 0x0, "9ff83ea6f45f3b7d7eaeb642e01e063aaee8ef5a82f347c7b0d5995f9eb25caebb6ac1961b5e4c499eedd662952d38167239ad66fc29b99b7347e20f93503b081644461b392a"}, 0x4e, 0xfffffffffffffff9) r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f00000004c0)) 15:52:19 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:19 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) socket$netlink(0x10, 0x3, 0x6) syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') 15:52:19 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x58080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'geneve1\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x1) r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f00000004c0)) 15:52:19 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) 15:52:19 executing program 0: perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, @perf_bp={&(0x7f00000000c0)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0xfffffffffffffce8}, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f1, &(0x7f0000000580)='ip6_vti0\x00') r2 = socket$packet(0x11, 0x3, 0x300) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000001300)={r4, 0x2, 0x6, @dev}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000000)={r4, 0x1, 0x6, @dev}, 0x10) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000580)='ip6_vti0\x00') 15:52:19 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) socket$netlink(0x10, 0x3, 0x6) 15:52:19 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f00000004c0)) 15:52:19 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000001d00)={0xa10000, 0x67, 0x1f, r0, 0x0, &(0x7f0000001cc0)={0x990af4, 0x8, [], @ptr=0x4}}) 15:52:19 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 186.388343][T10243] device lo entered promiscuous mode [ 186.393746][ T25] tipc: TX() has been purged, node left! [ 186.399670][ T25] tipc: TX() has been purged, node left! 15:52:19 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:19 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) socket$nl_xfrm(0x10, 0x3, 0x6) r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f00000004c0)) [ 186.440868][T10239] device lo left promiscuous mode 15:52:19 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:19 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) r3 = socket$netlink(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x24, r4, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x20000000}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0xc080) 15:52:19 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) [ 186.539158][T10243] device lo entered promiscuous mode 15:52:19 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x77) r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f00000004c0)) [ 186.592590][T10239] device lo left promiscuous mode 15:52:19 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) socket$netlink(0x10, 0x3, 0x6) syz_genetlink_get_family_id$tipc(&(0x7f0000001bc0)='TIPC\x00') 15:52:19 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:19 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:19 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:19 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) socket$netlink(0x10, 0x3, 0x6) 15:52:20 executing program 2: syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:52:20 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:20 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:20 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) r2 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:20 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:52:20 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) r1 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:20 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) read$fb(r1, &(0x7f0000000000)=""/4096, 0x1000) 15:52:20 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:20 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:20 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:20 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, 0x0, 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:52:20 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:20 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:20 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:20 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, 0x0, 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:52:20 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) dup(r1) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:20 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:20 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:21 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:21 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, 0x0, 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:52:21 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) r1 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:21 executing program 3: r0 = syz_open_dev$video4linux(0x0, 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:21 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:21 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:21 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:21 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:52:21 executing program 3: r0 = syz_open_dev$video4linux(0x0, 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:21 executing program 5: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:21 executing program 3: r0 = syz_open_dev$video4linux(0x0, 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:21 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:52:21 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000016000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) inotify_init1(0x800) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000800, 0x20000000fb], 0x100000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 15:52:21 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:21 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:21 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:21 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:21 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:52:21 executing program 3: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:21 executing program 5: r0 = syz_open_dev$video4linux(0x0, 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:21 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:21 executing program 2: openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(0xffffffffffffffff, 0x8010500c, &(0x7f00000004c0)) 15:52:21 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:21 executing program 3: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:21 executing program 0: r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000040)={{0x87, @remote, 0x4e21, 0x0, 'rr\x00', 0x0, 0xb, 0x70}, {@multicast2, 0x4e24, 0x2000, 0x2, 0x80, 0x2}}, 0x44) 15:52:21 executing program 5: r0 = syz_open_dev$video4linux(0x0, 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:21 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:21 executing program 2: openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(0xffffffffffffffff, 0x8010500c, &(0x7f00000004c0)) 15:52:21 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:21 executing program 5: r0 = syz_open_dev$video4linux(0x0, 0x0, 0xc0240) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:21 executing program 3: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:21 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:21 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x55f) close(r2) execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000001ac0)=[&(0x7f0000002100)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac', &(0x7f0000000840)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a', &(0x7f0000001000)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfE\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4\xb5\x05\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x95\x03\xf30\n^\xb1~\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbcT\xf9_\xd4\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\x06\x06\xe8\x80\xef\xdf\x87\xd8S\xcca\xb9\xb4:\x19t\xa2`Li\xe4\xe3\xa6P\xbc\xc6 \xfaoD\xf7TlC:p\xf3\xc1\td\vO\xcc\xcf\x89\xcb\xd7\xca\xfa\x12B\xa5\x87\x7f\xb4Kh^\xcdO\xb8\xd86j\x93A\x95\x00\x8d\x1dX\xf8\x19\xd7\x8f$\xad3l\xdc\f\xed\xb5NP\x1f\f\xfc\x83C\xa8\xbbA\x87\xcfiT]w\x8b\x06>', &(0x7f0000001240)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a', &(0x7f0000000180)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac', &(0x7f0000000440)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac\xe6,\xf9\xec\x84R\xc2\x02\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=f\xf3\xca\'\xa8\x1b\xae\xff\xbe\xf9\xe7\xed34\x1c\xd1\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac']) 15:52:21 executing program 2: openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(0xffffffffffffffff, 0x8010500c, &(0x7f00000004c0)) 15:52:21 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, 0x0) 15:52:21 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:21 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:21 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, 0x0) 15:52:22 executing program 5: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:22 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, 0x0) 15:52:22 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:22 executing program 4: sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0x0, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) socket(0x10, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0400b20000000000"], 0x48}}, 0x0) 15:52:22 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, 0x0) 15:52:22 executing program 5: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:22 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, 0x0) 15:52:22 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:22 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, 0x0) 15:52:22 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:22 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:22 executing program 5: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:22 executing program 2 (fault-call:1 fault-nth:0): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:52:22 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 189.116186][T10439] syz-executor.4 (10439) used greatest stack depth: 9864 bytes left [ 189.204420][T10461] FAULT_INJECTION: forcing a failure. [ 189.204420][T10461] name failslab, interval 1, probability 0, space 0, times 1 [ 189.218464][T10461] CPU: 1 PID: 10461 Comm: syz-executor.2 Not tainted 5.8.0-rc4-syzkaller #0 [ 189.227227][T10461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 189.237378][T10461] Call Trace: [ 189.240666][T10461] dump_stack+0x10f/0x19d [ 189.245034][T10461] should_fail+0x23c/0x250 [ 189.249445][T10461] __should_failslab+0x81/0x90 [ 189.254214][T10461] ? tomoyo_realpath_from_path+0x98/0x3c0 [ 189.259938][T10461] should_failslab+0x5/0x20 [ 189.264435][T10461] __kmalloc+0x43/0x2d0 [ 189.268621][T10461] tomoyo_realpath_from_path+0x98/0x3c0 [ 189.274222][T10461] tomoyo_path_number_perm+0xc1/0x2d0 [ 189.279624][T10461] ? __rcu_read_unlock+0x4b/0x260 [ 189.284656][T10461] tomoyo_file_ioctl+0x1c/0x20 [ 189.289423][T10461] security_file_ioctl+0x45/0x90 [ 189.294360][T10461] __se_sys_ioctl+0x48/0x130 [ 189.299735][T10461] __x64_sys_ioctl+0x3f/0x50 [ 189.304362][T10461] do_syscall_64+0x51/0xb0 [ 189.308778][T10461] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 189.314664][T10461] RIP: 0033:0x45cb29 [ 189.318594][T10461] Code: Bad RIP value. [ 189.322655][T10461] RSP: 002b:00007ff4f2fcec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 189.331089][T10461] RAX: ffffffffffffffda RBX: 00000000004ecbc0 RCX: 000000000045cb29 [ 189.339088][T10461] RDX: 00000000200004c0 RSI: 000000008010500c RDI: 0000000000000003 [ 189.347056][T10461] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 15:52:22 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:22 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, 0x0) 15:52:22 executing program 4: sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0x0, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) socket(0x10, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0400b20000000000"], 0x48}}, 0x0) 15:52:22 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:22 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:22 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) [ 189.355024][T10461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 189.362993][T10461] R13: 00000000000004d2 R14: 00000000004c7d77 R15: 00007ff4f2fcf6d4 15:52:22 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:22 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:22 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, 0x0) 15:52:22 executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000200), 0x43400) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r1, &(0x7f0000000440)=ANY=[], 0x32600) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_PERIOD(r5, 0xc028660f, &(0x7f0000000000)=0x4200000008008001) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000040), 0x43) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x100002, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r6, 0xc028660f, &(0x7f00000005c0)=0x3fffffffe) [ 189.574627][T10478] syz-executor.4 (10478) used greatest stack depth: 9736 bytes left 15:52:23 executing program 2 (fault-call:1 fault-nth:1): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:52:23 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:23 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:23 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, 0x0) 15:52:23 executing program 0: perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/fib_triestat\x00') r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='cgroup.events\x00', 0x0, 0x0) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff) r2 = socket(0x11, 0xa, 0x0) ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f00000001c0)) ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000200)={'ipvlan1\x00'}) sendmsg$RDMA_NLDEV_CMD_SYS_SET(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000000714000125bd7000ffdbdf2505f0cd00010000000d00540000000000050009000000000008000100ff40000008000100020000000900020073797a410000000009000273797a310000000000"], 0x50}, 0x1, 0x0, 0x0, 0x40c0800}, 0x8014) r3 = getpid() sched_setattr(r3, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) perf_event_open(&(0x7f0000000300)={0x2, 0x70, 0xc1, 0x9, 0x9, 0x38, 0x0, 0x9, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0x2, 0x7fff}, 0x10098, 0x8, 0x4, 0x5, 0x100, 0x8ec2, 0x800}, r3, 0x8, r5, 0x2) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00', 0x19, 0x4, 0x510, [0x20000780, 0x0, 0x0, 0x200007b0, 0x200009d4], 0x0, &(0x7f0000000240), &(0x7f0000000780)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{0x9, 0x0, 0x88f7, 'veth1_to_bond\x00', 'veth1_macvtap\x00', 'bond0\x00', 'hsr0\x00', @multicast, [0x0, 0xff], @empty, [0x0, 0xff, 0x0, 0x0, 0x0, 0xff], 0xa6, 0xa6, 0xde, [@realm={{'realm\x00', 0x0, 0x10}, {{0xc30, 0x3, 0x1}}}], [], @snat={'snat\x00', 0x10, {{@multicast, 0xffffffffffffffff}}}}, {0x5, 0x0, 0xcaaf, 'sit0\x00', 'netdevsim0\x00', 'virt_wifi0\x00', 'veth0_vlan\x00', @broadcast, [0x0, 0xff, 0xff, 0xff], @multicast, [0x0, 0x0, 0x0, 0x0, 0xff, 0xff], 0x6e, 0xde, 0x116, [], [@snat={'snat\x00', 0x10, {{@random="f5676d546e72", 0xffffffffffffffff}}}, @arpreply={'arpreply\x00', 0x10, {{@multicast, 0xffffffffffffffff}}}], @snat={'snat\x00', 0x10, {{@multicast, 0xfffffffffffffffe}}}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffc, 0x2, [{0x3, 0x1, 0x8848, 'veth0\x00', 'batadv_slave_0\x00', 'macsec0\x00', 'veth0_to_team\x00', @random="d97c9875a4fd", [0xff, 0xff, 0xff, 0xff], @remote, [0x0, 0x0, 0xff], 0x6e, 0xde, 0x10e, [], [@arpreply={'arpreply\x00', 0x10, {{@multicast, 0xffffffffffffffff}}}, @snat={'snat\x00', 0x10, {{@remote, 0xfffffffffffffffe}}}], @common=@CLASSIFY={'CLASSIFY\x00', 0x8, {{0x400}}}}, {0x5, 0xc, 0x88fb, 'bond_slave_1\x00', 'bridge_slave_1\x00', 'virt_wifi0\x00', 'vlan0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, [0xff, 0xff, 0x0, 0xff, 0x0, 0xff], @dev={[], 0x30}, [0xff, 0xff, 0xff, 0x0, 0xff, 0xff], 0xb6, 0x12e, 0x17e, [@ip={{'ip\x00', 0x0, 0x20}, {{@initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x2a}, 0xffffff00, 0xff, 0x3, 0x0, 0x1, 0x10, 0x4e20, 0x4e20, 0x4e21, 0x4e23}}}], [@common=@NFLOG={'NFLOG\x00', 0x50, {{0x800, 0x6e, 0x566, 0x1, 0x0, "d4957ed5c962e8dc356729be35eee459b1d04e722af69f1100872bdee240d695f7d7e27c261e96c1836e047d1ea443fb736058a48244dda4f80acf7391fd48e8"}}}], @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00', {0x1ff}}}}}]}]}, 0x588) [ 189.752694][T10461] ERROR: Out of memory at tomoyo_realpath_from_path. 15:52:23 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x5, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:23 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x0, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) [ 189.886924][T10510] FAULT_INJECTION: forcing a failure. [ 189.886924][T10510] name failslab, interval 1, probability 0, space 0, times 0 [ 189.946434][T10510] CPU: 0 PID: 10510 Comm: syz-executor.2 Not tainted 5.8.0-rc4-syzkaller #0 [ 189.955255][T10510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 189.965304][T10510] Call Trace: [ 189.968589][T10510] dump_stack+0x10f/0x19d [ 189.972938][T10510] should_fail+0x23c/0x250 [ 189.977429][T10510] __should_failslab+0x81/0x90 [ 189.982186][T10510] ? tomoyo_encode2+0x1e2/0x350 [ 189.987031][T10510] should_failslab+0x5/0x20 [ 189.991524][T10510] __kmalloc+0x43/0x2d0 15:52:23 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xffffffff, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) [ 189.995676][T10510] tomoyo_encode2+0x1e2/0x350 [ 190.000351][T10510] tomoyo_realpath_from_path+0x36e/0x3c0 [ 190.005994][T10510] tomoyo_path_number_perm+0xc1/0x2d0 [ 190.011378][T10510] ? __rcu_read_unlock+0x4b/0x260 [ 190.016458][T10510] tomoyo_file_ioctl+0x1c/0x20 [ 190.021221][T10510] security_file_ioctl+0x45/0x90 [ 190.026159][T10510] __se_sys_ioctl+0x48/0x130 [ 190.030744][T10510] __x64_sys_ioctl+0x3f/0x50 [ 190.035336][T10510] do_syscall_64+0x51/0xb0 [ 190.039750][T10510] entry_SYSCALL_64_after_hwframe+0x44/0xa9 15:52:23 executing program 1: preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 190.045632][T10510] RIP: 0033:0x45cb29 [ 190.049522][T10510] Code: Bad RIP value. [ 190.053581][T10510] RSP: 002b:00007ff4f2fcec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 190.061982][T10510] RAX: ffffffffffffffda RBX: 00000000004ecbc0 RCX: 000000000045cb29 [ 190.070035][T10510] RDX: 00000000200004c0 RSI: 000000008010500c RDI: 0000000000000003 [ 190.078098][T10510] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 190.086061][T10510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 190.094025][T10510] R13: 00000000000004d2 R14: 00000000004c7d77 R15: 00007ff4f2fcf6d4 15:52:23 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x0, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:23 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x50313459, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:23 executing program 1: preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:23 executing program 2 (fault-call:1 fault-nth:2): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:52:23 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) [ 190.218455][T10510] ERROR: Out of memory at tomoyo_realpath_from_path. 15:52:23 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x4, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:23 executing program 0: perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/fib_triestat\x00') r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='cgroup.events\x00', 0x0, 0x0) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff) r2 = socket(0x11, 0xa, 0x0) ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f00000001c0)) ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000200)={'ipvlan1\x00'}) sendmsg$RDMA_NLDEV_CMD_SYS_SET(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000000714000125bd7000ffdbdf2505f0cd00010000000d00540000000000050009000000000008000100ff40000008000100020000000900020073797a410000000009000273797a310000000000"], 0x50}, 0x1, 0x0, 0x0, 0x40c0800}, 0x8014) r3 = getpid() sched_setattr(r3, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) perf_event_open(&(0x7f0000000300)={0x2, 0x70, 0xc1, 0x9, 0x9, 0x38, 0x0, 0x9, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0x2, 0x7fff}, 0x10098, 0x8, 0x4, 0x5, 0x100, 0x8ec2, 0x800}, r3, 0x8, r5, 0x2) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00', 0x19, 0x4, 0x510, [0x20000780, 0x0, 0x0, 0x200007b0, 0x200009d4], 0x0, &(0x7f0000000240), &(0x7f0000000780)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{0x9, 0x0, 0x88f7, 'veth1_to_bond\x00', 'veth1_macvtap\x00', 'bond0\x00', 'hsr0\x00', @multicast, [0x0, 0xff], @empty, [0x0, 0xff, 0x0, 0x0, 0x0, 0xff], 0xa6, 0xa6, 0xde, [@realm={{'realm\x00', 0x0, 0x10}, {{0xc30, 0x3, 0x1}}}], [], @snat={'snat\x00', 0x10, {{@multicast, 0xffffffffffffffff}}}}, {0x5, 0x0, 0xcaaf, 'sit0\x00', 'netdevsim0\x00', 'virt_wifi0\x00', 'veth0_vlan\x00', @broadcast, [0x0, 0xff, 0xff, 0xff], @multicast, [0x0, 0x0, 0x0, 0x0, 0xff, 0xff], 0x6e, 0xde, 0x116, [], [@snat={'snat\x00', 0x10, {{@random="f5676d546e72", 0xffffffffffffffff}}}, @arpreply={'arpreply\x00', 0x10, {{@multicast, 0xffffffffffffffff}}}], @snat={'snat\x00', 0x10, {{@multicast, 0xfffffffffffffffe}}}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffc, 0x2, [{0x3, 0x1, 0x8848, 'veth0\x00', 'batadv_slave_0\x00', 'macsec0\x00', 'veth0_to_team\x00', @random="d97c9875a4fd", [0xff, 0xff, 0xff, 0xff], @remote, [0x0, 0x0, 0xff], 0x6e, 0xde, 0x10e, [], [@arpreply={'arpreply\x00', 0x10, {{@multicast, 0xffffffffffffffff}}}, @snat={'snat\x00', 0x10, {{@remote, 0xfffffffffffffffe}}}], @common=@CLASSIFY={'CLASSIFY\x00', 0x8, {{0x400}}}}, {0x5, 0xc, 0x88fb, 'bond_slave_1\x00', 'bridge_slave_1\x00', 'virt_wifi0\x00', 'vlan0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, [0xff, 0xff, 0x0, 0xff, 0x0, 0xff], @dev={[], 0x30}, [0xff, 0xff, 0xff, 0x0, 0xff, 0xff], 0xb6, 0x12e, 0x17e, [@ip={{'ip\x00', 0x0, 0x20}, {{@initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x2a}, 0xffffff00, 0xff, 0x3, 0x0, 0x1, 0x10, 0x4e20, 0x4e20, 0x4e21, 0x4e23}}}], [@common=@NFLOG={'NFLOG\x00', 0x50, {{0x800, 0x6e, 0x566, 0x1, 0x0, "d4957ed5c962e8dc356729be35eee459b1d04e722af69f1100872bdee240d695f7d7e27c261e96c1836e047d1ea443fb736058a48244dda4f80acf7391fd48e8"}}}], @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00', {0x1ff}}}}}]}]}, 0x588) 15:52:23 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x0, 0x6}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:23 executing program 1: preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:23 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) [ 190.391566][T10540] FAULT_INJECTION: forcing a failure. [ 190.391566][T10540] name failslab, interval 1, probability 0, space 0, times 0 15:52:23 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400), 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 190.432736][T10540] CPU: 0 PID: 10540 Comm: syz-executor.2 Not tainted 5.8.0-rc4-syzkaller #0 [ 190.441528][T10540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 190.451579][T10540] Call Trace: [ 190.454891][T10540] dump_stack+0x10f/0x19d [ 190.459282][T10540] should_fail+0x23c/0x250 [ 190.463701][T10540] __should_failslab+0x81/0x90 [ 190.468527][T10540] should_failslab+0x5/0x20 [ 190.473020][T10540] kmem_cache_alloc_trace+0x32/0x2c0 [ 190.478328][T10540] ? snd_pcm_oss_change_params_locked+0xa9/0x2730 [ 190.484739][T10540] snd_pcm_oss_change_params_locked+0xa9/0x2730 [ 190.490979][T10540] snd_pcm_oss_ioctl+0x169f/0x2970 [ 190.496081][T10540] ? tomoyo_file_ioctl+0x1c/0x20 [ 190.501013][T10540] ? snd_pcm_oss_poll+0x520/0x520 [ 190.506041][T10540] __se_sys_ioctl+0xc9/0x130 [ 190.510621][T10540] __x64_sys_ioctl+0x3f/0x50 [ 190.515199][T10540] do_syscall_64+0x51/0xb0 [ 190.519639][T10540] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 190.525517][T10540] RIP: 0033:0x45cb29 [ 190.529420][T10540] Code: Bad RIP value. [ 190.533648][T10540] RSP: 002b:00007ff4f2fcec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 190.542046][T10540] RAX: ffffffffffffffda RBX: 00000000004ecbc0 RCX: 000000000045cb29 [ 190.550110][T10540] RDX: 00000000200004c0 RSI: 000000008010500c RDI: 0000000000000003 [ 190.558077][T10540] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 190.566384][T10540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 190.574356][T10540] R13: 00000000000004d2 R14: 00000000004c7d77 R15: 00007ff4f2fcf6d4 15:52:23 executing program 2 (fault-call:1 fault-nth:3): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:52:23 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) accept$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000003c0)=0xfffffffffffffe6f) bind$unix(0xffffffffffffffff, 0x0, 0xb1) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x4) socket$inet_udp(0x2, 0x2, 0x0) sendmsg$TIPC_CMD_GET_MAX_PORTS(0xffffffffffffffff, 0x0, 0x0) r2 = socket(0x23, 0x3, 0xfffffffe) sendmsg$AUDIT_USER_TTY(0xffffffffffffffff, 0x0, 0x10) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005680), 0x0, 0x4010) bind$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000980)=ANY=[@ANYBLOB="1f00ffffff7f0000000003000000540300000800000000000000055d00400000000006000000000005000000000000000000000000000000000000000000000000000000000000000003000000000000060000000000000000000080000000007f00000000000000000000008008000000f8ffffffffffffff000000060000000000000007030000000000000200000000000000000000000000000000000000000000000402000000000000000000000000000017093ac811421330510000010000000000ff01000000000000000000003a6125f80000000000fbffffff0000000000fc8c000c68eb000000000000000000129aeb2dd7166d3600000006000000000000000900000000000000000000000400000000000000000000004bf5b6646a8812000000000000000000ffdb0000deffff04000000002e76fc06000000000000000004000000000000000100000010000000000000080000000000000000000080080000e2b35ae300000000976b0000040000000000000009000000570000000010000000000000000000000000e5cec5b013c5006b0000000000000001000000fdffffffffffffff00000000010000000000000000000000000000000000000023a796870000000000000000000000002ba311d30f4e9a6cedc53947a78ad1fbc2a2e07eca1ebe6c7083934495e672e82fe45ef577d872767af54ac48b0446d220e701ce8a21425a0462693e6c394e8066fac0137e208a8f80b45ef2e26095e87769e725b14fb21aa790b3fdb7d6c0d7935a454251d25666a6809611b65554cff4f8ca8b7e9974f30d38299bdc7e7e704c6a00307d5a152fc4462da4f0d7819a07e008f52a85280412659e8cbd992b16f771873b8e7af1efd78463505b6720c662a5f99f1e9a3cf0fb97c5d996595a56045cc6d231e31aa910879bd642eb9e1a869d7d10f973976c1ea188e2a6796b5798619e12992be11794c8eba376794dc01df03718a66bfc3f1c6bcafcaf18acbad69f0e3ba3b954ac620449b8787a6aa04d7b000000000100000075d545766b0376e3c5b8c53d29a8ee6101a09556f60b24ab50fef3a179cfeef06cde394abbde6e0601b3b2a807e4a54ae0842c039656c2559e7d7c97f74eb72cace864aee9ff518261a83c6ed28111d277da6a50a0a3ca42314c816df55071a77054c6c7512f16c2bd1e4c2ae39c16ed78d53d57f41dd5061016ccdc9833dbce78d12d88c9824237cd3e654b4c9e7f42b76f0fb4ed4aa346dd10709c1412912a8f536adc92a7b57bb38e77419b095200000000000000000000000000df439b05b1bd546d8c77c043bf722fd97f18383e560418c3a71dccbcf176462de5d2c83af7bf1f32bf3107a2ecb253c2607e1f0e91682b5971380ab1115d4b2e06b0dc19b4bd72edea2f0770558f5fe0e97ba488eb2857596cb29f3af017940844ce687584537ae61c91495bd5d04345df5821614cfb0c89b01459ab8e3a192fc1c0bcdd1b150a821a40e5947d10e5875a9a41b0398dbe94045ac702eeade17d3fee6e58b6a5be5dee37f8cde5b3f25cc64999b620f6219ec5cc030000009500bf6b1d4a0215bcee06d11d0ed76011c4ee8e38b4c31b224df2d8d6e2de75733a3947bb184bdbca73042c5dab623dee0de2c28061c0c56b074de63a4aa38cb4594ed4cce6b7c122ddfdf877e0f666e5f2cecf446cc9c164066d04ffbf3411a0f2e6210c0f24b8c0ac06bfff5a55035d3e4c5ff67bf10805cc4541719a6d6b09262ee782675a877854ce718229b7d1cc2f3d3779cc1d86af05b717eb58c6e42d16cac09d99c348edeb283619a98b000fe2077c08d1257c2008c7fea89583993527471213b6da2ee903c6c10c4eb4b1f9f88dad5b2f", @ANYRESDEC, @ANYRES32=r2]) read(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000100)=0x79, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000001c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x8000000006}]}, 0x10) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x0, 0x6}, 0x8) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x200040c3, &(0x7f0000000380)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d) 15:52:23 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400), 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:23 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x2, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:23 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) [ 190.683032][T10556] FAULT_INJECTION: forcing a failure. [ 190.683032][T10556] name failslab, interval 1, probability 0, space 0, times 0 [ 190.707609][T10556] CPU: 1 PID: 10556 Comm: syz-executor.2 Not tainted 5.8.0-rc4-syzkaller #0 [ 190.717171][T10556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 190.727237][T10556] Call Trace: [ 190.730519][T10556] dump_stack+0x10f/0x19d [ 190.734839][T10556] should_fail+0x23c/0x250 [ 190.739333][T10556] __should_failslab+0x81/0x90 [ 190.744098][T10556] should_failslab+0x5/0x20 [ 190.748945][T10556] kmem_cache_alloc_trace+0x32/0x2c0 [ 190.754295][T10556] ? snd_pcm_oss_change_params_locked+0xce/0x2730 [ 190.760706][T10556] snd_pcm_oss_change_params_locked+0xce/0x2730 [ 190.766970][T10556] snd_pcm_oss_ioctl+0x169f/0x2970 [ 190.772079][T10556] ? tomoyo_file_ioctl+0x1c/0x20 [ 190.777011][T10556] ? snd_pcm_oss_poll+0x520/0x520 [ 190.782029][T10556] __se_sys_ioctl+0xc9/0x130 [ 190.786623][T10556] __x64_sys_ioctl+0x3f/0x50 [ 190.791271][T10556] do_syscall_64+0x51/0xb0 [ 190.795797][T10556] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 190.801677][T10556] RIP: 0033:0x45cb29 [ 190.805554][T10556] Code: Bad RIP value. [ 190.809606][T10556] RSP: 002b:00007ff4f2fcec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 190.818199][T10556] RAX: ffffffffffffffda RBX: 00000000004ecbc0 RCX: 000000000045cb29 15:52:24 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400), 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:24 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x7, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) [ 190.826267][T10556] RDX: 00000000200004c0 RSI: 000000008010500c RDI: 0000000000000003 [ 190.834229][T10556] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 190.842199][T10556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 190.850162][T10556] R13: 00000000000004d2 R14: 00000000004c7d77 R15: 00007ff4f2fcf6d4 15:52:24 executing program 0: socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x100, 0x0, 0x1000000, {{}, {}, {0x14, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'wg1\x00'}}}}}, 0x30}, 0x1, 0x0, 0x0, 0x20008894}, 0x40000) sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000540)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fbdbdf2501000000000000000b000000000c001473797a3100000000"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000) socketpair(0xf, 0x1, 0x77, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair(0x25, 0x2, 0x1, &(0x7f0000000300)) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=@newlink={0x44, 0x10, 0xc362e63b3f31ba5f, 0xffffffff, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x8805}, [@IFLA_GROUP={0x8, 0x1b, 0x3}, @IFLA_PORT_SELF={0x4}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x40a1}, @IFLA_LINK={0x8}, @IFLA_OPERSTATE={0x5, 0x10, 0x9}]}, 0x44}}, 0x0) ioctl$sock_SIOCSIFBR(r2, 0x8941, &(0x7f0000000340)=@get={0x1, &(0x7f0000000440)=""/219, 0x5}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000640)='cgroup.controllers\x00', 0x275a, 0x0) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000140), &(0x7f00000002c0)=0x4) write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x65c15bf2) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r3, 0x660c) getsockopt$ax25_int(r3, 0x101, 0xc, &(0x7f0000000000), &(0x7f0000000100)=0x4) accept$nfc_llcp(r1, &(0x7f0000000200), &(0x7f0000000280)=0x60) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000380), 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f00000018c0)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=@newlink={0x5c, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x24000}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0x18, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ENCODING_SA={0x5}, @IFLA_MACSEC_SCI={0xc}]}}}, @IFLA_ADDRESS={0xa, 0x5, @empty=[0x14]}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x5c}}, 0x0) 15:52:24 executing program 2 (fault-call:1 fault-nth:4): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:52:24 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}, {0x0, 0x4}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:24 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:24 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{0x0}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 191.007438][T10576] FAULT_INJECTION: forcing a failure. [ 191.007438][T10576] name failslab, interval 1, probability 0, space 0, times 0 [ 191.057737][T10581] netlink: 'syz-executor.0': attribute type 5 has an invalid length. [ 191.072165][T10576] CPU: 1 PID: 10576 Comm: syz-executor.2 Not tainted 5.8.0-rc4-syzkaller #0 [ 191.080864][T10576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 191.090953][T10576] Call Trace: [ 191.094301][T10576] dump_stack+0x10f/0x19d [ 191.098626][T10576] should_fail+0x23c/0x250 [ 191.103043][T10576] __should_failslab+0x81/0x90 [ 191.107805][T10576] should_failslab+0x5/0x20 [ 191.112314][T10576] kmem_cache_alloc_trace+0x32/0x2c0 [ 191.117599][T10576] ? snd_pcm_oss_change_params_locked+0xf3/0x2730 [ 191.124064][T10576] snd_pcm_oss_change_params_locked+0xf3/0x2730 [ 191.130978][T10576] snd_pcm_oss_ioctl+0x169f/0x2970 [ 191.136083][T10576] ? tomoyo_file_ioctl+0x1c/0x20 [ 191.141030][T10576] ? snd_pcm_oss_poll+0x520/0x520 [ 191.146046][T10576] __se_sys_ioctl+0xc9/0x130 [ 191.150631][T10576] __x64_sys_ioctl+0x3f/0x50 [ 191.155225][T10576] do_syscall_64+0x51/0xb0 [ 191.159642][T10576] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 191.165529][T10576] RIP: 0033:0x45cb29 [ 191.169405][T10576] Code: Bad RIP value. [ 191.173473][T10576] RSP: 002b:00007ff4f2fcec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 191.182073][T10576] RAX: ffffffffffffffda RBX: 00000000004ecbc0 RCX: 000000000045cb29 [ 191.190123][T10576] RDX: 00000000200004c0 RSI: 000000008010500c RDI: 0000000000000003 [ 191.198085][T10576] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 15:52:24 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x0, 0x367}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:24 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:24 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x9, 0x6}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) [ 191.206066][T10576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 191.214051][T10576] R13: 00000000000004d2 R14: 00000000004c7d77 R15: 00007ff4f2fcf6d4 15:52:24 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}, {0x0, 0x6}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:24 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{0x0}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:24 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x0, 0xfff}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:24 executing program 2 (fault-call:1 fault-nth:5): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) [ 191.404957][T10603] FAULT_INJECTION: forcing a failure. [ 191.404957][T10603] name failslab, interval 1, probability 0, space 0, times 0 [ 191.436646][T10603] CPU: 1 PID: 10603 Comm: syz-executor.2 Not tainted 5.8.0-rc4-syzkaller #0 [ 191.445476][T10603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 191.455526][T10603] Call Trace: [ 191.458863][T10603] dump_stack+0x10f/0x19d [ 191.463206][T10603] should_fail+0x23c/0x250 [ 191.467619][T10603] __should_failslab+0x81/0x90 [ 191.472379][T10603] ? kmalloc_array+0x2d/0x40 [ 191.476971][T10603] should_failslab+0x5/0x20 [ 191.481532][T10603] __kmalloc+0x43/0x2d0 [ 191.485684][T10603] kmalloc_array+0x2d/0x40 [ 191.490094][T10603] constrain_params_by_rules+0x70/0x860 [ 191.495636][T10603] ? tomoyo_supervisor+0x105/0xb30 [ 191.500749][T10603] ? snd_interval_refine+0x3d2/0x400 [ 191.506035][T10603] ? constrain_interval_params+0x275/0x2b0 [ 191.511865][T10603] snd_pcm_hw_refine+0x11b/0x160 [ 191.516825][T10603] snd_pcm_oss_change_params_locked+0x5ac/0x2730 [ 191.523156][T10603] snd_pcm_oss_ioctl+0x169f/0x2970 [ 191.528261][T10603] ? tomoyo_file_ioctl+0x1c/0x20 [ 191.533259][T10603] ? snd_pcm_oss_poll+0x520/0x520 [ 191.538296][T10603] __se_sys_ioctl+0xc9/0x130 [ 191.542910][T10603] __x64_sys_ioctl+0x3f/0x50 [ 191.547647][T10603] do_syscall_64+0x51/0xb0 [ 191.552181][T10603] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 191.558089][T10603] RIP: 0033:0x45cb29 [ 191.561995][T10603] Code: Bad RIP value. [ 191.566136][T10603] RSP: 002b:00007ff4f2fcec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 191.574539][T10603] RAX: ffffffffffffffda RBX: 00000000004ecbc0 RCX: 000000000045cb29 [ 191.582506][T10603] RDX: 00000000200004c0 RSI: 000000008010500c RDI: 0000000000000003 [ 191.586511][ T28] audit: type=1800 audit(1594137144.660:2): pid=10581 uid=0 auid=0 ses=4 subj==unconfined op=collect_data cause=failed comm="syz-executor.0" name="cgroup.controllers" dev="sda1" ino=15795 res=0 [ 191.590499][T10603] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 191.590507][T10603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 191.590514][T10603] R13: 00000000000004d2 R14: 00000000004c7d77 R15: 00007ff4f2fcf6d4 15:52:25 executing program 0: socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x100, 0x0, 0x1000000, {{}, {}, {0x14, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'wg1\x00'}}}}}, 0x30}, 0x1, 0x0, 0x0, 0x20008894}, 0x40000) sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000540)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fbdbdf2501000000000000000b000000000c001473797a3100000000"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000) socketpair(0xf, 0x1, 0x77, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair(0x25, 0x2, 0x1, &(0x7f0000000300)) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=@newlink={0x44, 0x10, 0xc362e63b3f31ba5f, 0xffffffff, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x8805}, [@IFLA_GROUP={0x8, 0x1b, 0x3}, @IFLA_PORT_SELF={0x4}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x40a1}, @IFLA_LINK={0x8}, @IFLA_OPERSTATE={0x5, 0x10, 0x9}]}, 0x44}}, 0x0) ioctl$sock_SIOCSIFBR(r2, 0x8941, &(0x7f0000000340)=@get={0x1, &(0x7f0000000440)=""/219, 0x5}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000640)='cgroup.controllers\x00', 0x275a, 0x0) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000140), &(0x7f00000002c0)=0x4) write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x65c15bf2) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r3, 0x660c) getsockopt$ax25_int(r3, 0x101, 0xc, &(0x7f0000000000), &(0x7f0000000100)=0x4) accept$nfc_llcp(r1, &(0x7f0000000200), &(0x7f0000000280)=0x60) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000380), 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f00000018c0)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=@newlink={0x5c, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x24000}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0x18, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ENCODING_SA={0x5}, @IFLA_MACSEC_SCI={0xc}]}}}, @IFLA_ADDRESS={0xa, 0x5, @empty=[0x14]}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x5c}}, 0x0) 15:52:25 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:25 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{0x0}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:25 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}, {0x0, 0x40}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:25 executing program 2 (fault-call:1 fault-nth:6): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:52:25 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) [ 191.845280][T10617] FAULT_INJECTION: forcing a failure. [ 191.845280][T10617] name failslab, interval 1, probability 0, space 0, times 0 15:52:25 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x5, 0x367}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:25 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 191.897880][T10617] CPU: 0 PID: 10617 Comm: syz-executor.2 Not tainted 5.8.0-rc4-syzkaller #0 [ 191.906576][T10617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 191.916715][T10617] Call Trace: [ 191.920033][T10617] dump_stack+0x10f/0x19d [ 191.924381][T10617] should_fail+0x23c/0x250 [ 191.928790][T10617] __should_failslab+0x81/0x90 [ 191.933548][T10617] should_failslab+0x5/0x20 [ 191.938041][T10617] kmem_cache_alloc_trace+0x32/0x2c0 15:52:25 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}, {0x0, 0x367}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) [ 191.943603][T10617] ? snd_pcm_oss_change_params_locked+0x665/0x2730 [ 191.950148][T10617] snd_pcm_oss_change_params_locked+0x665/0x2730 [ 191.956715][T10617] snd_pcm_oss_ioctl+0x169f/0x2970 [ 191.961818][T10617] ? tomoyo_file_ioctl+0x1c/0x20 [ 191.966770][T10617] ? snd_pcm_oss_poll+0x520/0x520 [ 191.971790][T10617] __se_sys_ioctl+0xc9/0x130 [ 191.976393][T10617] __x64_sys_ioctl+0x3f/0x50 [ 191.980974][T10617] do_syscall_64+0x51/0xb0 [ 191.987386][T10617] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 191.993290][T10617] RIP: 0033:0x45cb29 [ 191.997166][T10617] Code: Bad RIP value. [ 192.001239][T10617] RSP: 002b:00007ff4f2fcec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 192.009646][T10617] RAX: ffffffffffffffda RBX: 00000000004ecbc0 RCX: 000000000045cb29 [ 192.017627][T10617] RDX: 00000000200004c0 RSI: 000000008010500c RDI: 0000000000000003 [ 192.027675][T10617] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 192.035642][T10617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 15:52:25 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x6, 0xfff}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) [ 192.043716][T10617] R13: 00000000000004d2 R14: 00000000004c7d77 R15: 00007ff4f2fcf6d4 15:52:25 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 192.118442][T10629] netlink: 'syz-executor.0': attribute type 5 has an invalid length. 15:52:25 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}, {0x0, 0xfff}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:25 executing program 2 (fault-call:1 fault-nth:7): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:52:25 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x0, 0x7}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:25 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:25 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}, {0x0, 0x7fffffff}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:25 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:25 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) [ 192.539567][T10651] FAULT_INJECTION: forcing a failure. [ 192.539567][T10651] name failslab, interval 1, probability 0, space 0, times 0 15:52:25 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) [ 192.607621][T10651] CPU: 0 PID: 10651 Comm: syz-executor.2 Not tainted 5.8.0-rc4-syzkaller #0 [ 192.616886][T10651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 192.627229][T10651] Call Trace: [ 192.630532][T10651] dump_stack+0x10f/0x19d [ 192.634955][T10651] should_fail+0x23c/0x250 [ 192.639476][T10651] __should_failslab+0x81/0x90 [ 192.644417][T10651] ? kmalloc_array+0x2d/0x40 [ 192.649100][T10651] should_failslab+0x5/0x20 [ 192.653613][T10651] __kmalloc+0x43/0x2d0 [ 192.657762][T10651] kmalloc_array+0x2d/0x40 [ 192.662175][T10651] constrain_params_by_rules+0x70/0x860 [ 192.667877][T10651] ? snd_interval_refine+0x3d9/0x400 [ 192.673191][T10651] ? constrain_interval_params+0x275/0x2b0 [ 192.682475][T10651] snd_pcm_hw_refine+0x11b/0x160 [ 192.687490][T10651] snd_pcm_oss_change_params_locked+0x7f4/0x2730 [ 192.694828][T10651] snd_pcm_oss_ioctl+0x169f/0x2970 [ 192.699955][T10651] ? tomoyo_file_ioctl+0x1c/0x20 [ 192.704939][T10651] ? snd_pcm_oss_poll+0x520/0x520 [ 192.710660][T10651] __se_sys_ioctl+0xc9/0x130 [ 192.717360][T10651] __x64_sys_ioctl+0x3f/0x50 [ 192.721951][T10651] do_syscall_64+0x51/0xb0 [ 192.726409][T10651] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 192.732295][T10651] RIP: 0033:0x45cb29 [ 192.736173][T10651] Code: Bad RIP value. [ 192.740228][T10651] RSP: 002b:00007ff4f2fcec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 192.748724][T10651] RAX: ffffffffffffffda RBX: 00000000004ecbc0 RCX: 000000000045cb29 15:52:26 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 192.756813][T10651] RDX: 00000000200004c0 RSI: 000000008010500c RDI: 0000000000000003 [ 192.764786][T10651] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 192.772820][T10651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 192.783942][T10651] R13: 00000000000004d2 R14: 00000000004c7d77 R15: 00007ff4f2fcf6d4 15:52:26 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x80000001, 0x7}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:26 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x8}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:26 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:26 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}, {0x0, 0x7}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:26 executing program 2 (fault-call:1 fault-nth:8): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:52:26 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:26 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x8}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:26 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, 0x0) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 193.280497][T10679] FAULT_INJECTION: forcing a failure. [ 193.280497][T10679] name failslab, interval 1, probability 0, space 0, times 0 [ 193.327414][T10679] CPU: 0 PID: 10679 Comm: syz-executor.2 Not tainted 5.8.0-rc4-syzkaller #0 [ 193.336110][T10679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 193.346257][T10679] Call Trace: [ 193.349542][T10679] dump_stack+0x10f/0x19d [ 193.353873][T10679] should_fail+0x23c/0x250 [ 193.358321][T10679] __should_failslab+0x81/0x90 [ 193.363090][T10679] should_failslab+0x5/0x20 [ 193.367592][T10679] kmem_cache_alloc_trace+0x32/0x2c0 [ 193.372880][T10679] ? snd_pcm_hw_param_near+0x7c/0x4a0 [ 193.378255][T10679] snd_pcm_hw_param_near+0x7c/0x4a0 [ 193.383463][T10679] snd_pcm_oss_change_params_locked+0x9b9/0x2730 [ 193.389835][T10679] snd_pcm_oss_ioctl+0x169f/0x2970 [ 193.394944][T10679] ? tomoyo_file_ioctl+0x1c/0x20 [ 193.399964][T10679] ? snd_pcm_oss_poll+0x520/0x520 [ 193.404989][T10679] __se_sys_ioctl+0xc9/0x130 [ 193.409597][T10679] __x64_sys_ioctl+0x3f/0x50 [ 193.414287][T10679] do_syscall_64+0x51/0xb0 [ 193.418713][T10679] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 193.424606][T10679] RIP: 0033:0x45cb29 [ 193.428487][T10679] Code: Bad RIP value. [ 193.432693][T10679] RSP: 002b:00007ff4f2fcec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 193.441105][T10679] RAX: ffffffffffffffda RBX: 00000000004ecbc0 RCX: 000000000045cb29 [ 193.449075][T10679] RDX: 00000000200004c0 RSI: 000000008010500c RDI: 0000000000000003 [ 193.457053][T10679] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 193.465021][T10679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 15:52:26 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, 0x0) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 193.472993][T10679] R13: 00000000000004d2 R14: 00000000004c7d77 R15: 00007ff4f2fcf6d4 15:52:26 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x4, 0x2, 0x0, 0x5}}) 15:52:26 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x8}], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:26 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x2, 0x0, 0x5}}) 15:52:26 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [], 0x3c, 0x4, 0x2, 0x0, 0x5}}) 15:52:26 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, 0x0) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:26 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0, 0x0, 0x5}}) 15:52:26 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x4, 0x2, 0x0, 0x5}}) 15:52:27 executing program 2 (fault-call:1 fault-nth:9): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:52:27 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:27 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:27 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x2, 0x0, 0x5}}) 15:52:27 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0, 0x0, 0x5}}) [ 193.962791][T10710] FAULT_INJECTION: forcing a failure. [ 193.962791][T10710] name failslab, interval 1, probability 0, space 0, times 0 [ 194.033496][T10710] CPU: 1 PID: 10710 Comm: syz-executor.2 Not tainted 5.8.0-rc4-syzkaller #0 [ 194.042292][T10710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 194.052342][T10710] Call Trace: [ 194.055630][T10710] dump_stack+0x10f/0x19d [ 194.059955][T10710] should_fail+0x23c/0x250 [ 194.064381][T10710] __should_failslab+0x81/0x90 [ 194.069148][T10710] ? kmalloc_array+0x2d/0x40 [ 194.073832][T10710] should_failslab+0x5/0x20 [ 194.078332][T10710] __kmalloc+0x43/0x2d0 [ 194.082616][T10710] kmalloc_array+0x2d/0x40 [ 194.087043][T10710] constrain_params_by_rules+0x70/0x860 [ 194.092591][T10710] ? check_preemption_disabled+0x51/0x140 [ 194.098340][T10710] ? debug_smp_processor_id+0x18/0x20 [ 194.104344][T10710] ? snd_interval_refine+0x3d9/0x400 [ 194.109663][T10710] ? constrain_interval_params+0x275/0x2b0 [ 194.116436][T10710] snd_pcm_hw_refine+0x11b/0x160 [ 194.121528][T10710] snd_pcm_hw_param_first+0x33a/0x3f0 [ 194.126934][T10710] snd_pcm_hw_param_near+0x48f/0x4a0 [ 194.132306][T10710] snd_pcm_oss_change_params_locked+0x9b9/0x2730 [ 194.138649][T10710] snd_pcm_oss_ioctl+0x169f/0x2970 [ 194.143858][T10710] ? tomoyo_file_ioctl+0x1c/0x20 [ 194.148806][T10710] ? snd_pcm_oss_poll+0x520/0x520 [ 194.153836][T10710] __se_sys_ioctl+0xc9/0x130 [ 194.158437][T10710] __x64_sys_ioctl+0x3f/0x50 [ 194.163028][T10710] do_syscall_64+0x51/0xb0 [ 194.167527][T10710] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 194.173419][T10710] RIP: 0033:0x45cb29 [ 194.177301][T10710] Code: Bad RIP value. 15:52:27 executing program 3: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:27 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r3, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040)='gtp\x00') r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r8, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002e40)=@newtfilter={0x74, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0x10}, {}, {0x3}}, [@filter_kind_options=@f_cgroup={{0xb, 0x1, 'cgroup\x00'}, {0x44, 0x2, [@TCA_CGROUP_POLICE={0x40, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}}]}]}}]}, 0x74}}, 0x0) sendmsg$GTP_CMD_NEWPDP(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x50, r5, 0x1, 0x0, 0x0, {}, [@GTPA_MS_ADDRESS={0x8, 0x5, @dev}, @GTPA_VERSION={0x8}, @GTPA_LINK={0x8, 0x1, r8}, @GTPA_TID={0xc}, @GTPA_FLOW={0x6}, @GTPA_LINK={0x8}, @GTPA_NET_NS_FD={0x8}]}, 0x50}}, 0x0) sendmsg$GTP_CMD_DELPDP(r1, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f0000000300)={0x4c, r5, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@GTPA_VERSION={0x8}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_VERSION={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @local}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_I_TEI={0x8}, @GTPA_O_TEI={0x8, 0x9, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x10}, 0x8800) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002e40)=@newtfilter={0x74, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x10}, {}, {0x3}}, [@filter_kind_options=@f_cgroup={{0xb, 0x1, 'cgroup\x00'}, {0x44, 0x2, [@TCA_CGROUP_POLICE={0x40, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}}]}]}}]}, 0x74}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@ipv6_getaddr={0x5c, 0x16, 0x2, 0x70bd27, 0x25dfdbff, {0xa, 0x3f, 0xc2, 0xfe, r3}, [@IFA_LOCAL={0x14, 0x2, @mcast2}, @IFA_CACHEINFO={0x14, 0x6, {0x4, 0x2, 0xfffeffff, 0xfffffff7}}, @IFA_FLAGS={0x8, 0x8, 0x349}, @IFA_ADDRESS={0x14, 0x1, @private0={0xfc, 0x0, [], 0x1}}]}, 0x5c}}, 0x0) [ 194.181439][T10710] RSP: 002b:00007ff4f2fcec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 194.189850][T10710] RAX: ffffffffffffffda RBX: 00000000004ecbc0 RCX: 000000000045cb29 [ 194.197835][T10710] RDX: 00000000200004c0 RSI: 000000008010500c RDI: 0000000000000003 [ 194.205982][T10710] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 194.213951][T10710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 194.221915][T10710] R13: 00000000000004d2 R14: 00000000004c7d77 R15: 00007ff4f2fcf6d4 15:52:27 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:27 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:27 executing program 2 (fault-call:1 fault-nth:10): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) [ 194.302136][T10720] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 194.365711][T10720] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 194.408184][T10727] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 194.427912][T10732] FAULT_INJECTION: forcing a failure. [ 194.427912][T10732] name failslab, interval 1, probability 0, space 0, times 0 15:52:27 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:27 executing program 5 (fault-call:1 fault-nth:0): r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp}) [ 194.450480][T10735] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 194.483216][T10732] CPU: 1 PID: 10732 Comm: syz-executor.2 Not tainted 5.8.0-rc4-syzkaller #0 [ 194.491928][T10732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 194.502059][T10732] Call Trace: [ 194.505346][T10732] dump_stack+0x10f/0x19d [ 194.509665][T10732] should_fail+0x23c/0x250 [ 194.514076][T10732] __should_failslab+0x81/0x90 [ 194.518922][T10732] should_failslab+0x5/0x20 [ 194.523422][T10732] kmem_cache_alloc_trace+0x32/0x2c0 [ 194.528801][T10732] ? snd_pcm_hw_param_near+0x7c/0x4a0 [ 194.539406][T10732] snd_pcm_hw_param_near+0x7c/0x4a0 [ 194.544642][T10732] ? snd_interval_refine+0x3d9/0x400 [ 194.549933][T10732] snd_pcm_oss_change_params_locked+0x1c53/0x2730 [ 194.556951][T10732] snd_pcm_oss_ioctl+0x169f/0x2970 [ 194.562684][T10732] ? tomoyo_file_ioctl+0x1c/0x20 [ 194.567712][T10732] ? snd_pcm_oss_poll+0x520/0x520 [ 194.572727][T10732] __se_sys_ioctl+0xc9/0x130 [ 194.577313][T10732] __x64_sys_ioctl+0x3f/0x50 [ 194.581895][T10732] do_syscall_64+0x51/0xb0 [ 194.586333][T10732] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 194.592214][T10732] RIP: 0033:0x45cb29 [ 194.596090][T10732] Code: Bad RIP value. [ 194.600171][T10732] RSP: 002b:00007ff4f2fcec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 194.608575][T10732] RAX: ffffffffffffffda RBX: 00000000004ecbc0 RCX: 000000000045cb29 [ 194.616716][T10732] RDX: 00000000200004c0 RSI: 000000008010500c RDI: 0000000000000003 [ 194.624682][T10732] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 15:52:27 executing program 0 (fault-call:1 fault-nth:0): r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp}) [ 194.632821][T10732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 194.640898][T10732] R13: 00000000000004d2 R14: 00000000004c7d77 R15: 00007ff4f2fcf6d4 15:52:27 executing program 3: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 194.681008][T10750] FAULT_INJECTION: forcing a failure. [ 194.681008][T10750] name failslab, interval 1, probability 0, space 0, times 0 [ 194.710413][T10751] FAULT_INJECTION: forcing a failure. [ 194.710413][T10751] name failslab, interval 1, probability 0, space 0, times 0 [ 194.735196][T10750] CPU: 1 PID: 10750 Comm: syz-executor.0 Not tainted 5.8.0-rc4-syzkaller #0 [ 194.743877][T10750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 194.754353][T10750] Call Trace: [ 194.757667][T10750] dump_stack+0x10f/0x19d [ 194.762076][T10750] should_fail+0x23c/0x250 [ 194.766489][T10750] __should_failslab+0x81/0x90 [ 194.771263][T10750] ? tomoyo_realpath_from_path+0x98/0x3c0 [ 194.777069][T10750] should_failslab+0x5/0x20 [ 194.781562][T10750] __kmalloc+0x43/0x2d0 [ 194.785710][T10750] tomoyo_realpath_from_path+0x98/0x3c0 [ 194.791288][T10750] tomoyo_path_number_perm+0xc1/0x2d0 [ 194.796842][T10750] ? __rcu_read_unlock+0x4b/0x260 [ 194.801862][T10750] tomoyo_file_ioctl+0x1c/0x20 [ 194.806671][T10750] security_file_ioctl+0x45/0x90 [ 194.811605][T10750] __se_sys_ioctl+0x48/0x130 [ 194.816192][T10750] __x64_sys_ioctl+0x3f/0x50 [ 194.820777][T10750] do_syscall_64+0x51/0xb0 [ 194.825247][T10750] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 194.831134][T10750] RIP: 0033:0x45cb29 [ 194.835010][T10750] Code: Bad RIP value. [ 194.839069][T10750] RSP: 002b:00007fefdb6ebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 194.847681][T10750] RAX: ffffffffffffffda RBX: 00000000004f3140 RCX: 000000000045cb29 [ 194.855674][T10750] RDX: 0000000020000740 RSI: 00000000c0d05605 RDI: 0000000000000003 [ 194.863656][T10750] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 194.871618][T10750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 15:52:27 executing program 2 (fault-call:1 fault-nth:11): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) [ 194.879604][T10750] R13: 0000000000000668 R14: 00000000004c968d R15: 00007fefdb6ec6d4 [ 194.909643][T10751] CPU: 0 PID: 10751 Comm: syz-executor.5 Not tainted 5.8.0-rc4-syzkaller #0 [ 194.918340][T10751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 194.928390][T10751] Call Trace: [ 194.931670][T10751] dump_stack+0x10f/0x19d [ 194.935988][T10751] should_fail+0x23c/0x250 [ 194.938430][T10750] ERROR: Out of memory at tomoyo_realpath_from_path. [ 194.940486][T10751] __should_failslab+0x81/0x90 [ 194.940532][T10751] ? tomoyo_realpath_from_path+0x98/0x3c0 [ 194.957643][T10751] should_failslab+0x5/0x20 [ 194.962135][T10751] __kmalloc+0x43/0x2d0 [ 194.966286][T10751] tomoyo_realpath_from_path+0x98/0x3c0 [ 194.971858][T10751] tomoyo_path_number_perm+0xc1/0x2d0 [ 194.977283][T10751] ? __rcu_read_unlock+0x4b/0x260 [ 194.982302][T10751] tomoyo_file_ioctl+0x1c/0x20 [ 194.987061][T10751] security_file_ioctl+0x45/0x90 [ 194.991989][T10751] __se_sys_ioctl+0x48/0x130 [ 194.996581][T10751] __x64_sys_ioctl+0x3f/0x50 [ 195.001172][T10751] do_syscall_64+0x51/0xb0 [ 195.005590][T10751] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 195.011475][T10751] RIP: 0033:0x45cb29 [ 195.015353][T10751] Code: Bad RIP value. [ 195.020275][T10751] RSP: 002b:00007fc4b6a8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 195.028674][T10751] RAX: ffffffffffffffda RBX: 00000000004f3140 RCX: 000000000045cb29 [ 195.036646][T10751] RDX: 0000000020000740 RSI: 00000000c0d05605 RDI: 0000000000000003 [ 195.044720][T10751] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 15:52:28 executing program 0 (fault-call:1 fault-nth:1): r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:28 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:28 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000000)=0xffffffff, 0x4) 15:52:28 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) [ 195.052685][T10751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 195.060688][T10751] R13: 0000000000000668 R14: 00000000004c968d R15: 00007fc4b6a8f6d4 15:52:28 executing program 3: openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x88500, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x2, 0x3, 0x1f, 0x6, 0x4, 0x2, 0x3e, 0x3, 0x64, 0x38, 0x2f8, 0x20, 0x9, 0x20, 0x2, 0xcf8}, [{0x70000000, 0x7b, 0x6, 0x0, 0x2, 0x5, 0x1000, 0x7b1}, {0x6474e551, 0x7f, 0x7f, 0x81, 0x0, 0x4, 0x3, 0x4}], "2230e3c51919bc1117a4331021914c66d81d0c621f9f988afd38fbd0b6612b0f6d84cf55023c68d15f77df24c112f1e502ab78908bb6668d5902aaacc7ed2a4bdb3cf2349e464a384979cb8fe51cffcdb19761be7762", [[], []]}, 0x2ce) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000040)={0x80005, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x4]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, &(0x7f0000000000)="ea0010e800440f20c066350e000000440f22c00f21720f21c1c3f40f3803760f650f01c26a06ea00005600", 0x2b}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x22406, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0xffffffffffffffff, r4, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl(0xffffffffffffffff, 0x6681, 0x0) [ 195.144509][T10767] FAULT_INJECTION: forcing a failure. [ 195.144509][T10767] name failslab, interval 1, probability 0, space 0, times 0 [ 195.190924][T10767] CPU: 1 PID: 10767 Comm: syz-executor.0 Not tainted 5.8.0-rc4-syzkaller #0 [ 195.199665][T10767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 195.209714][T10767] Call Trace: [ 195.212998][T10767] dump_stack+0x10f/0x19d [ 195.217320][T10767] should_fail+0x23c/0x250 [ 195.221772][T10767] __should_failslab+0x81/0x90 [ 195.226553][T10767] ? tomoyo_encode2+0x1e2/0x350 [ 195.231396][T10767] should_failslab+0x5/0x20 [ 195.235886][T10767] __kmalloc+0x43/0x2d0 [ 195.240031][T10767] tomoyo_encode2+0x1e2/0x350 [ 195.244704][T10767] tomoyo_realpath_from_path+0x36e/0x3c0 [ 195.250367][T10767] tomoyo_path_number_perm+0xc1/0x2d0 [ 195.255743][T10767] ? __rcu_read_unlock+0x4b/0x260 [ 195.260781][T10767] tomoyo_file_ioctl+0x1c/0x20 [ 195.265602][T10767] security_file_ioctl+0x45/0x90 [ 195.270598][T10767] __se_sys_ioctl+0x48/0x130 [ 195.275178][T10767] __x64_sys_ioctl+0x3f/0x50 [ 195.279760][T10767] do_syscall_64+0x51/0xb0 [ 195.284221][T10767] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 195.290101][T10767] RIP: 0033:0x45cb29 [ 195.293976][T10767] Code: Bad RIP value. [ 195.298064][T10767] RSP: 002b:00007fefdb6ebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 195.306465][T10767] RAX: ffffffffffffffda RBX: 00000000004f3140 RCX: 000000000045cb29 [ 195.314534][T10767] RDX: 0000000020000740 RSI: 00000000c0d05605 RDI: 0000000000000003 [ 195.322495][T10767] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 195.330472][T10767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 15:52:28 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x2, &(0x7f00000004c0)) 15:52:28 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x10, &(0x7f00000004c0)) 15:52:28 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 195.339160][T10767] R13: 0000000000000668 R14: 00000000004c968d R15: 00007fefdb6ec6d4 [ 195.495248][T10787] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 195.636932][T10751] ERROR: Out of memory at tomoyo_realpath_from_path. [ 195.649018][T10767] ERROR: Out of memory at tomoyo_realpath_from_path. 15:52:28 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:28 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x4c01, &(0x7f00000004c0)) 15:52:28 executing program 3: timer_create(0x0, &(0x7f0000000300)={0x0, 0x12}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = socket(0xa, 0x1, 0x0) close(r0) sendmmsg$inet_sctp(r0, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESOCT, @ANYRES64], 0x20}], 0x1, 0x0) r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x7b, &(0x7f0000000000)={r2}, 0x8) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000240)={r2, 0x7e, "e5901c60f5c457c4d4ed8a4018c9170be6101611cf513bbbbe6512cfe3e3e809a97744c06e788dd6c797156eea343fcffce3bc3d8c8cf6b46bf35a475d6df9207dab26536214b3855c239d2f498b761a1ed35c80660aa34f5bd965e4dab5088ce33a2051f35ea1218b4f387daa098d4964a71a40479b0dd77b2480abf2d3"}, &(0x7f0000000040)=0x86) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000100)={r3, 0xb, "fbc82fc1def23c5d548c6f"}, &(0x7f0000000140)=0x13) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000200)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x1c9c380}}, 0x0) r5 = socket$unix(0x1, 0x5, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = socket(0x1e, 0x1, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000080)=@generic={0x1e, "02ff0100000001000000000000000ae77f5bf86c48020002000000f1ffffff009a480075e6a50000de010300000000e4ff064b3f013a000000080000008f00000000ac50d5fe32c4000000007fffffff6a008356edb9a6341c1fd45624281e00070ecddd0206c39750c40000fd00000900000000000b0000db000004da36"}, 0x80, 0x0}, 0x62000044) recvmsg$kcm(r7, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000001600)=""/4096, 0x1c80}], 0x1}, 0x0) write$binfmt_elf32(r7, &(0x7f00000015c0)=ANY=[], 0xfffffd6d) 15:52:28 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:28 executing program 0 (fault-call:1 fault-nth:2): r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:29 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x2, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:29 executing program 3: r0 = openat2(0xffffffffffffffff, &(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)={0x82100, 0x0, 0x1}, 0x18) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r1, &(0x7f0000000000)={0x5, 0x10, 0xfa00, {0x0, r3}}, 0x18) write$RDMA_USER_CM_CMD_ACCEPT(r0, &(0x7f0000000140)={0x8, 0x120, 0xfa00, {0x2, {0xbd, 0xfffff440, "4bac486168ed4d1998268f2396113e6747a369ed43df347da0509f86e14ed7b5a66ad55a40fa305666f067f2d5f0075cb3532d15f5a33d5938bdd3274f2e25b34595c8aaeee34c6924ef75fed2d9f4af672281a145fe6e387c3eddd671ecd6a89d22a0960053546cd880c2459893cbeaf50b488e30c34100e96cea1515747870e1be4ccc7f8069294305ce8b655d1c1b6f744d01a5514565153413b3eab64f5e3a8f18bb2f3784bb8ba69b223eb2f81c89acf20b3690d5482d8a8ac2da9978add4f929dd9fe3e2726617299add209284b8bde409a29288231ae3ff28347d9316419aad570e2e196c068b0ec7d1e2936358d6436862be9532465f6d46d9b9cd84", 0x80, 0x40, 0x9, 0x6, 0x8, 0x9, 0x6, 0x1}, r3}}, 0x128) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x20, 0x0, 0x0, 0x0, 0x2, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002e40)=ANY=[@ANYBLOB="010000002c00470d000000000000040000000000", @ANYRES32=r4, @ANYBLOB="0000100000000000030000000b0001006367726f7570000044000200400002003c000100000000000000000000000000000000000000000000000000000000000600"/92], 0x74}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'batadv0\x00', 0x0}) connect$packet(r0, &(0x7f0000000440)={0x11, 0x6, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14) creat(&(0x7f0000000040)='./bus\x00', 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$GIO_SCRNMAP(r7, 0x4b40, &(0x7f0000000280)=""/33) r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) ioctl$FS_IOC_RESVSP(r8, 0x40305828, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x728df552}) [ 195.790932][T10803] FAULT_INJECTION: forcing a failure. [ 195.790932][T10803] name failslab, interval 1, probability 0, space 0, times 0 [ 195.838576][T10803] CPU: 1 PID: 10803 Comm: syz-executor.0 Not tainted 5.8.0-rc4-syzkaller #0 [ 195.847265][T10803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 195.857304][T10803] Call Trace: [ 195.860585][T10803] dump_stack+0x10f/0x19d [ 195.864906][T10803] should_fail+0x23c/0x250 [ 195.869312][T10803] __should_failslab+0x81/0x90 [ 195.874067][T10803] should_failslab+0x5/0x20 [ 195.878561][T10803] kmem_cache_alloc_node_trace+0x3b/0x260 [ 195.884274][T10803] ? __kmalloc_node+0x30/0x40 [ 195.888961][T10803] __kmalloc_node+0x30/0x40 [ 195.893453][T10803] kvmalloc_node+0x81/0xf0 [ 195.897866][T10803] video_usercopy+0x113/0xfc0 [ 195.902623][T10803] ? tomoyo_path_number_perm+0x286/0x2d0 [ 195.908379][T10803] ? call_enum_dv_timings+0xe0/0xe0 [ 195.913613][T10803] ? do_vfs_ioctl+0x4f1/0xec0 [ 195.918316][T10803] subdev_ioctl+0x25/0x30 [ 195.922641][T10803] ? subdev_poll+0xe0/0xe0 [ 195.927053][T10803] v4l2_ioctl+0xc2/0xd0 [ 195.931206][T10803] ? v4l2_poll+0x150/0x150 [ 195.935644][T10803] __se_sys_ioctl+0xc9/0x130 [ 195.940233][T10803] __x64_sys_ioctl+0x3f/0x50 [ 195.944814][T10803] do_syscall_64+0x51/0xb0 [ 195.949291][T10803] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 195.955183][T10803] RIP: 0033:0x45cb29 [ 195.959060][T10803] Code: Bad RIP value. [ 195.963113][T10803] RSP: 002b:00007fefdb6ebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 195.971510][T10803] RAX: ffffffffffffffda RBX: 00000000004f3140 RCX: 000000000045cb29 [ 195.979485][T10803] RDX: 0000000020000740 RSI: 00000000c0d05605 RDI: 0000000000000003 15:52:29 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x4c08, &(0x7f00000004c0)) 15:52:29 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:29 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x5000, &(0x7f00000004c0)) [ 195.987827][T10803] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 195.996765][T10803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 196.004728][T10803] R13: 0000000000000668 R14: 00000000004c968d R15: 00007fefdb6ec6d4 15:52:29 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x10, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:29 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4c01, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:29 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x5001, &(0x7f00000004c0)) 15:52:29 executing program 0 (fault-call:1 fault-nth:3): r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:29 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4c82, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:29 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:29 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x5008, &(0x7f00000004c0)) 15:52:29 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x541b, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:29 executing program 3: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:29 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:29 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x500e, &(0x7f00000004c0)) 15:52:29 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5421, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:29 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x2, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:29 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x5015, &(0x7f00000004c0)) 15:52:29 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x5016, &(0x7f00000004c0)) 15:52:29 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5450, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:29 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x10, &(0x7f0000000740)={0x0, @pix_mp}) [ 197.279466][ T7] tipc: TX() has been purged, node left! [ 198.123726][ T7] device hsr_slave_0 left promiscuous mode [ 198.181179][ T7] device hsr_slave_1 left promiscuous mode [ 198.339516][ T7] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 198.346971][ T7] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 198.357403][ T7] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 198.365327][ T7] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 198.374842][ T7] device bridge_slave_1 left promiscuous mode [ 198.381600][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.431433][ T7] device bridge_slave_0 left promiscuous mode [ 198.437738][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.492810][ T7] device veth1_macvtap left promiscuous mode [ 198.503799][ T7] device veth0_macvtap left promiscuous mode [ 198.511941][ T7] device veth1_vlan left promiscuous mode [ 198.517982][ T7] device veth0_vlan left promiscuous mode [ 199.970178][ T7] team0 (unregistering): Port device team_slave_1 removed [ 199.979190][ T7] team0 (unregistering): Port device team_slave_0 removed [ 199.988523][ T7] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 200.012149][ T7] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 200.087378][ T7] bond0 (unregistering): Released all slaves [ 200.175061][T10898] IPVS: ftp: loaded support on port[0] = 21 [ 200.218543][T10898] chnl_net:caif_netlink_parms(): no params data found [ 200.252340][T10898] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.259576][T10898] bridge0: port 1(bridge_slave_0) entered disabled state [ 200.267131][T10898] device bridge_slave_0 entered promiscuous mode [ 200.276155][T10898] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.283634][T10898] bridge0: port 2(bridge_slave_1) entered disabled state [ 200.291583][T10898] device bridge_slave_1 entered promiscuous mode [ 200.306286][T10898] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 200.317231][T10898] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 200.333594][T10898] team0: Port device team_slave_0 added [ 200.341191][T10898] team0: Port device team_slave_1 added [ 200.355577][T10898] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 200.362566][T10898] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 200.389058][T10898] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 200.401090][T10898] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 200.408013][T10898] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 200.435042][T10898] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 200.492195][T10898] device hsr_slave_0 entered promiscuous mode [ 200.531383][T10898] device hsr_slave_1 entered promiscuous mode [ 200.559477][T10898] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 200.568282][T10898] Cannot create hsr debugfs directory [ 200.598668][T10898] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.605845][T10898] bridge0: port 2(bridge_slave_1) entered forwarding state [ 200.613196][T10898] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.620247][T10898] bridge0: port 1(bridge_slave_0) entered forwarding state [ 200.649904][T10898] 8021q: adding VLAN 0 to HW filter on device bond0 [ 200.661862][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 200.671469][ T3919] bridge0: port 1(bridge_slave_0) entered disabled state [ 200.679136][ T3919] bridge0: port 2(bridge_slave_1) entered disabled state [ 200.692364][T10898] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.703995][ T48] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 200.713172][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.720233][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 200.741191][ T9916] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 200.750447][ T9916] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.757463][ T9916] bridge0: port 2(bridge_slave_1) entered forwarding state [ 200.766132][ T9916] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 200.774626][ T9916] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 200.783057][ T9916] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 200.791271][ T9916] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 200.893636][T10898] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 200.905685][T10898] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 200.915746][ T9916] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 200.932305][ T9916] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 200.941957][ T9916] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 200.952997][T10898] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 200.998089][ T9916] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 201.018119][ T9916] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 201.027120][ T9916] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 201.037096][ T9916] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 201.047157][T10898] device veth0_vlan entered promiscuous mode [ 201.061971][T10898] device veth1_vlan entered promiscuous mode [ 201.082778][ T9916] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 201.091144][ T9916] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 201.099029][ T9916] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 201.109180][T10898] device veth0_macvtap entered promiscuous mode [ 201.122407][T10898] device veth1_macvtap entered promiscuous mode [ 201.137494][T10898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 201.148210][T10898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.158713][T10898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 201.170554][T10898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.180752][T10898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 201.191406][T10898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.201618][T10898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 201.212371][T10898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.222829][T10898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 201.233525][T10898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.244974][T10898] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 201.253545][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 201.263706][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 201.273340][T10898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 201.285331][T10898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.295489][T10898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 201.306394][T10898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.316465][T10898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 201.327298][T10898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.337412][T10898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 201.348245][T10898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.358384][T10898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 201.370987][T10898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.382009][T10898] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 201.390473][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 201.399108][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 15:52:34 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:34 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5451, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:34 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x541b, &(0x7f00000004c0)) 15:52:34 executing program 3: r0 = socket(0x10, 0x803, 0x0) sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={0x0, 0x1c}}, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000d40)={0x58, 0x1, 0x8, 0x0, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_L4PROTO={0x5}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x58}}, 0x0) sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmsg$can_raw(0xffffffffffffffff, &(0x7f0000000b80)={&(0x7f0000000c00)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, 0x0}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000005cc0)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000002c0)=""/140, 0x8c}, {&(0x7f0000000bc0)=""/15, 0xf}], 0x2}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000480)=""/29, 0x1d}, {&(0x7f0000000c80)=""/137, 0x89}, {&(0x7f0000000ac0)=""/151, 0x97}], 0x3}}, {{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000001c0)=""/50, 0x32}], 0x1}}], 0x3, 0x0, 0x0) sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000a80)={&(0x7f0000000280), 0xc, &(0x7f0000000a40)={0x0, 0x1a4}}, 0x0) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000f80)='/dev/vcsu\x00', 0x501000, 0x0) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r2, 0xc02c564a, &(0x7f0000000880)={0x4, 0x55595659, 0x1, @stepwise={0xb845, 0x4, 0x4, 0x401, 0xc75, 0x1}}) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000020c0)='TIPCv2\x00') sendmsg$TIPC_NL_PUBL_GET(r1, &(0x7f0000002500)={&(0x7f0000002080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000024c0)={&(0x7f0000002100)={0x390, r3, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x138, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x400}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}]}, @TIPC_NLA_BEARER_NAME={0x14, 0x1, @l2={'ib', 0x3a, 'team_slave_0\x00'}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_NAME={0x18, 0x1, @l2={'eth', 0x3a, 'veth1_to_batadv\x00'}}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x401}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffb6ce}]}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3b7e}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_WIN={0x8}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x100, @private0={0xfc, 0x0, [], 0x1}, 0x9}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x8001, @mcast1, 0xd0d5}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}, @TIPC_NLA_NODE={0x58, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "86f0048d776728549e10949b53fc421fb47e19f25b5cc1545050c5c80f67aba7a09d"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8001}]}, @TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1d8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x1ff}]}, @TIPC_NLA_LINK={0x13c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x83}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffff7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x694bc17a}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x400}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1ff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10000}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x84c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x74}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x100}]}]}, @TIPC_NLA_NODE={0x8c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "08d569736cd8c9794891f633c98226aed10e02f4782f393d86c9c9"}}, @TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "2487a6cd8101541ce0f5a928900ba051a5d8ceb8b0a7a8ef0193ff"}}]}]}, 0x390}, 0x1, 0x0, 0x0, 0x10}, 0xd18f29b800eb355) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x374, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x14b}, {&(0x7f0000000140)=""/85, 0x20a}, {&(0x7f0000000fc0)=""/4096, 0xf2}, {&(0x7f0000000400)=""/106, 0x2ce}, {&(0x7f0000000740)=""/73, 0x3dd}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x40d}, {&(0x7f0000000000)=""/22, 0xa}], 0x81, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$IMSETDEVNAME(r5, 0x80184947, &(0x7f00000000c0)={0x800, 'syz0\x00'}) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r6, 0x400c6615, &(0x7f0000000700)={0x0, @adiantum}) 15:52:34 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4c01, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:34 executing program 4: r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) fchmod(r0, 0x80) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$VIDIOC_S_EXT_CTRLS(r2, 0xc0205648, &(0x7f0000000080)={0xa00000, 0x5, 0x7, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x0, 0xffff6601, [], @string}}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f00000000c0)={0x80, 0x6, 0x8, 0x6, 0x0}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000100)={0x8, 0x8, 0x1, 0x18b, r4}) 15:52:34 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5452, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:35 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) r2 = getpid() r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x180, 0x0) setsockopt$inet6_udp_int(r3, 0x11, 0x66, &(0x7f0000000080)=0x6, 0x4) sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x5, 0x64, 0xffffffff}, r2, 0xffffffffffffffff, r1, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002c0000009500000000000000df1b92ba8bd5f208aac8a7300cd73e17a96b6458d2f18dc5d65ee54dc01577f7f68efd394b217e6a1591057f7b3a522ae2182afe92dbe918698269608c1a2b84a820455d1911e96962424d00000000000000003a3fce2ff55194109e84ef1e5de2602c0860bab98740a65bb5b920be01efd3957bf9d684f6eb5849e2b364a103b5e7b616480554693052ad885bb002eeb8f29e75a103e9fc28fcd770c420c6831bac993cfc4762d0f8070b4f47b515c5c46e448a9848afc2e2dd17e0ade0af1cd7e878baf0b64f1bec7a13add214af9dbb61437e208f56cac0e9901ddad7a448943a5d35d5b4184aeedda0364e8a3974a6223072f6a69707e357496268429718b3717055b7ea6c424c2eb4a62ee8a60e1a1e665709c461c9387c078407001d2ef28aad"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x7, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) syz_usb_connect$hid(0x6, 0x3f, &(0x7f0000000100)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0xff, 0x56a, 0x19, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x80, 0x30, 0x0, [{{0x9, 0x4, 0x0, 0x1, 0x2, 0x3, 0x1, 0x0, 0x1, {0x9, 0x21, 0x1000, 0x6, 0x1, {0x22, 0x84b}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x0, 0x0, 0x6}}, [{{0x9, 0x5, 0x2, 0x3, 0x400, 0xc0, 0x4, 0x9}}]}}}]}}]}}, &(0x7f00000008c0)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x250, 0x66, 0x4, 0x8, 0x10, 0x6}, 0x4f, &(0x7f0000000200)={0x5, 0xf, 0x4f, 0x5, [@ss_container_id={0x14, 0x10, 0x4, 0x6, "dec66af1a1ba253dd244a8c2c2c76316"}, @generic={0x14, 0x10, 0x4, "dbef3bf4f0c41afe7d09c4edfc26704dda"}, @ss_container_id={0x14, 0x10, 0x4, 0x9, "0a853c10c41e4832d1289acedcad41c2"}, @ext_cap={0x7, 0x10, 0x2, 0xa, 0xd, 0xf, 0x2}, @ext_cap={0x7, 0x10, 0x2, 0x6, 0x8, 0x5, 0x4}]}, 0xa, [{0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x407}}, {0xc1, &(0x7f0000000300)=@string={0xc1, 0x3, "9983905c618be98996f961654c83dc87ff2758d896515318f6c21e1221b495a5dfe308a88f5d197317b3e672cd1ccf1ad701b54f244882257efda291f0d38c083a26b897330642ce4dc112474c652af5c55bbef0e11423a99db16d89474e6294013f0699599e9d11d23e557346c40ef97b191f1295c65c335c3c0eb3d904dbd558c42a303568ffde98c4eb9734785cafa61910c57e4d4a2eee28281405c55c7d411e79c12d65b0d3071a8dc7579fc6c09884ea070f9627b42e9b71a950b265"}}, {0x10, &(0x7f0000000400)=@string={0x10, 0x3, "46d2ef4603cc66368469010a93e1"}}, {0x4, &(0x7f0000000440)=@lang_id={0x4, 0x3, 0x2001}}, {0x4, &(0x7f0000000600)=@lang_id={0x4, 0x3, 0x420}}, {0x4, &(0x7f0000000640)=@lang_id={0x4, 0x3, 0x44b}}, {0x4, &(0x7f0000000680)=@lang_id={0x4, 0x3, 0x404}}, {0xc4, &(0x7f00000006c0)=@string={0xc4, 0x3, "7b6791f2f800bc1c161e57a3e59ec9ce1fc52359238185fac3a4b56bda826348a27237f5788a06a060cf01842e043fe983e0b2cbd90bb3c11ed08bc7551a4baa8dd8670ee6f4fdef43d53dc4b0d5ed8690ccc4cde445632f97615f786ae52d03df46e8ffe8cfbaaf833d1498f520ea682951c6814b223487c91b169725d88a5c4dd3b78c0b9a63321c58097b5cf638d8c27979026989aec7cd8db27de7573b4bfa82a0b07c5d3ef151ac55780812675cda56b54e44390b131323bd7fc0267fda2170"}}, {0x4, &(0x7f00000007c0)=@lang_id={0x4, 0x3, 0x3c0a}}, {0xac, &(0x7f0000000800)=@string={0xac, 0x3, "7f8659f64f8d3ed9bffa5e2a65ad9fc16bdb1c4cf709c37611b0c491012809397b2c2cc4d2f6f7cf7e6c19d1f401acbfa41bb75ff91e0bd282e1086d699ced299184e98f5fe999870386f82ddb3da0d5b6c6649dfc72641bb7ff43c84c12712dab801eeb4f95226f3af456717e0c9c493b7161437bcd750fe02dee8ecde84dd5ecdd2e28c6b04bef7e6129835d0af951740e93e63dd7fb7cc7a0431a6283f6097a3fbf9c62d6446074b8"}}]}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b40)={r4, 0x1800000000000060, 0xe, 0x0, &(0x7f0000000c00)="000000000000000000ee00000000", 0x0, 0x2300, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x40) 15:52:35 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4c82, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:35 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5460, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:35 executing program 3: unshare(0x40020400) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000000000)={'security\x00'}, &(0x7f0000000080)=0x54) 15:52:35 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x5421, &(0x7f00000004c0)) 15:52:35 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:35 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5646, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:35 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x541b, &(0x7f0000000740)={0x0, @pix_mp}) [ 201.868769][T11131] IPVS: ftp: loaded support on port[0] = 21 [ 201.898869][T11139] Sensor A: ================= START STATUS ================= 15:52:35 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x5450, &(0x7f00000004c0)) 15:52:35 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 201.914743][T11139] v4l2-ctrls: Sensor A: Test Pattern: 75% Colorbar [ 201.932455][T11139] v4l2-ctrls: Sensor A: Vertical Flip: false [ 201.952641][T11139] v4l2-ctrls: Sensor A: Horizontal Flip: false 15:52:35 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5421, &(0x7f0000000740)={0x0, @pix_mp}) [ 201.967763][T11139] v4l2-ctrls: Sensor A: Brightness: 128 [ 201.982529][T11139] v4l2-ctrls: Sensor A: Contrast: 128 [ 201.994979][T11139] v4l2-ctrls: Sensor A: Hue: 0 [ 202.002316][T11139] v4l2-ctrls: Sensor A: Saturation: 128 15:52:35 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 202.017756][T11139] Sensor A: ================== END STATUS ================== [ 202.188836][T11131] IPVS: ftp: loaded support on port[0] = 21 15:52:35 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x9, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b400000000000000611148000000000046000000000000009500000000000000fd716851aa9e179d754c7d8b3929b8f8ff303c31dc601b68b4d74acf3f7b4878c653afc42ec827b10cd345ca2f446ebae44485213a38e4829f0d3f12bf9cc46e3d5d213614a530585cb5b1c49147c70f8914dc6077c5fea14db350cc3a6e88878e80d40f6e9fd4a01c2dba67736178c547b174112239f9de108f5c55edc03eb2d8dcd2dee3bb761cc99b07f91c15b2840198f87d73e0383732b50f88f66444c8584582144af1a91e2a3a27c84ce6f0871c33747994bdabeda7464694b249f597ad8bb1cc1362784d543098cf62c27c0baaa66550d045922951701b2d1b14dc"], &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76}, 0x48) 15:52:35 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x5451, &(0x7f00000004c0)) 15:52:35 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x6364, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:35 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5450, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:35 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, 0x0, 0x0, 0x0) 15:52:35 executing program 3: ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000140)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000001000/0x2000)=nil}) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='coredump_filter\x00') socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$EVIOCGABS2F(r4, 0x8018456f, &(0x7f0000000080)=""/126) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)='+4', 0x2}], 0x6) 15:52:35 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5451, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:35 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, 0x0, 0x0, 0x0) 15:52:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000029000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0xfffffffffffffef4}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) prctl$PR_SET_KEEPCAPS(0x8, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000200)={0x2, &(0x7f0000000140), 0x0, r4}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000240), &(0x7f0000000280)=0x4) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f00000001c0)=ANY=[@ANYBLOB="020000000080000001000000000005000000000000000033c4587474c1f0"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 202.499445][ T7] tipc: TX() has been purged, node left! 15:52:35 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x6609, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:35 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x5452, &(0x7f00000004c0)) 15:52:35 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffefffffffffff, 0xffffffffffffffff, 0x0) fcntl$setstatus(r0, 0x4, 0x2000) ioctl$VT_ACTIVATE(0xffffffffffffffff, 0x5606, 0x0) mkdir(&(0x7f00000001c0)='./file1\x00', 0x0) mkdir(&(0x7f00000002c0)='./bus\x00', 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f00000003c0)=[{0x0}], 0x1, &(0x7f00000004c0)=""/262, 0x106}, 0x1e3}, {{0x0, 0x0, 0x0}, 0x8001}], 0x2, 0x161, &(0x7f0000003340)={0x77359400}) accept(0xffffffffffffffff, 0x0, &(0x7f0000000040)) sched_setattr(0x0, 0x0, 0x0) getpriority(0x1, 0x0) mount$9p_tcp(0x0, &(0x7f0000000200)='./bus\x00', 0x0, 0x0, 0x0) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcsa\x00', 0x712000, 0x0) sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000640)=ANY=[@ANYBLOB="e705000006ba982e637ff5f1f8f46cabbe03514e6bde392e513be84ba712f4b623f73c53919d1f0180fa3355bede8b4f08e9c8a236287cda78dcfdebd310d69bb7eb415449d273216ed1983c3f4b8248baf2654e47d352b92883cc99d79efe56629651cd23cbca182624b5e9de2ed3e8579c212a0fdae813f338e4dcd403308105de377cfd10b0a0dd593cfe49c2300c07cf4c0fe13fecc51356dd5ee770d3f946f42f002ef9cba3f0eda38dd02165f033bcf33d2123f3352e531072bfb844aabb2974156760b1975d38f7745cfc271671178d6091c4c425a5ef42a098e224d04179", @ANYRES16=0x0, @ANYBLOB="000828bd7000ffdbdf25020000e80800010073797a32000000000900030073797a300000000005000400010000000900010073797a3200000000140002006d616376746170320000000000e320000900030073797a310000000042bf7fd8a9479355e49f283a7bfcef6e7ea950df2d2e6b54b4f552497a58504d0b4a8b8497102abbb2084404ac6dda52ca565310b31df909a28855ee5e9f9b8381d8208402d6"], 0x60}, 0x1, 0x0, 0x0, 0x4040010}, 0x4040080) mkdir(&(0x7f0000000240)='./file0/file0\x00', 0x0) creat(&(0x7f0000000080)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$USERIO_CMD_REGISTER(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x4}, 0x2) rmdir(&(0x7f00000000c0)='./bus/file0\x00') 15:52:35 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, 0x0, 0x0, 0x0) 15:52:35 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5452, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:35 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x660c, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:35 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x5460, &(0x7f00000004c0)) 15:52:36 executing program 1 (fault-call:5 fault-nth:0): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 202.719148][T11225] kvm [11221]: vcpu0, guest rIP: 0xcc disabled perfctr wrmsr: 0xc1 data 0x0 15:52:36 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x8933, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:36 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x6364, &(0x7f00000004c0)) 15:52:36 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5460, &(0x7f0000000740)={0x0, @pix_mp}) [ 202.825967][T11246] FAULT_INJECTION: forcing a failure. [ 202.825967][T11246] name failslab, interval 1, probability 0, space 0, times 0 [ 202.897995][T11246] CPU: 1 PID: 11246 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 202.907830][T11246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 202.917883][T11246] Call Trace: [ 202.921168][T11246] dump_stack+0x10f/0x19d [ 202.925491][T11246] should_fail+0x23c/0x250 [ 202.931930][T11246] __should_failslab+0x81/0x90 [ 202.936687][T11246] ? kmalloc_array+0x2b/0x40 [ 202.941357][T11246] should_failslab+0x5/0x20 [ 202.945936][T11246] __kmalloc+0x43/0x2d0 [ 202.950183][T11246] kmalloc_array+0x2b/0x40 [ 202.954598][T11246] rw_copy_check_uvector+0x81/0x280 [ 202.959791][T11246] ? __rcu_read_unlock+0x4b/0x260 [ 202.964922][T11246] import_iovec+0x5e/0x1c0 [ 202.970287][T11246] ? __vfs_write+0x69/0x340 [ 202.974786][T11246] do_preadv+0x109/0x230 [ 202.979026][T11246] ? __this_cpu_preempt_check+0x18/0x20 [ 202.984578][T11246] ? __sb_end_write+0x90/0xe0 [ 202.989261][T11246] ? vfs_write+0x323/0x350 [ 202.993694][T11246] ? check_preemption_disabled+0x51/0x140 [ 203.000083][T11246] ? debug_smp_processor_id+0x18/0x20 [ 203.005535][T11246] ? fpregs_assert_state_consistent+0x7e/0x90 [ 203.011593][T11246] __x64_sys_preadv+0x54/0x60 [ 203.016273][T11246] do_syscall_64+0x51/0xb0 [ 203.020866][T11246] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 203.026745][T11246] RIP: 0033:0x45cb29 [ 203.030620][T11246] Code: Bad RIP value. [ 203.034705][T11246] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 15:52:36 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffefffffffffff, 0xffffffffffffffff, 0x0) fcntl$setstatus(r0, 0x4, 0x2000) ioctl$VT_ACTIVATE(0xffffffffffffffff, 0x5606, 0x0) mkdir(&(0x7f00000001c0)='./file1\x00', 0x0) mkdir(&(0x7f00000002c0)='./bus\x00', 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f00000003c0)=[{0x0}], 0x1, &(0x7f00000004c0)=""/262, 0x106}, 0x1e3}, {{0x0, 0x0, 0x0}, 0x8001}], 0x2, 0x161, &(0x7f0000003340)={0x77359400}) accept(0xffffffffffffffff, 0x0, &(0x7f0000000040)) sched_setattr(0x0, 0x0, 0x0) getpriority(0x1, 0x0) mount$9p_tcp(0x0, &(0x7f0000000200)='./bus\x00', 0x0, 0x0, 0x0) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcsa\x00', 0x712000, 0x0) sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000640)=ANY=[@ANYBLOB="e705000006ba982e637ff5f1f8f46cabbe03514e6bde392e513be84ba712f4b623f73c53919d1f0180fa3355bede8b4f08e9c8a236287cda78dcfdebd310d69bb7eb415449d273216ed1983c3f4b8248baf2654e47d352b92883cc99d79efe56629651cd23cbca182624b5e9de2ed3e8579c212a0fdae813f338e4dcd403308105de377cfd10b0a0dd593cfe49c2300c07cf4c0fe13fecc51356dd5ee770d3f946f42f002ef9cba3f0eda38dd02165f033bcf33d2123f3352e531072bfb844aabb2974156760b1975d38f7745cfc271671178d6091c4c425a5ef42a098e224d04179", @ANYRES16=0x0, @ANYBLOB="000828bd7000ffdbdf25020000e80800010073797a32000000000900030073797a300000000005000400010000000900010073797a3200000000140002006d616376746170320000000000e320000900030073797a310000000042bf7fd8a9479355e49f283a7bfcef6e7ea950df2d2e6b54b4f552497a58504d0b4a8b8497102abbb2084404ac6dda52ca565310b31df909a28855ee5e9f9b8381d8208402d6"], 0x60}, 0x1, 0x0, 0x0, 0x4040010}, 0x4040080) mkdir(&(0x7f0000000240)='./file0/file0\x00', 0x0) creat(&(0x7f0000000080)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$USERIO_CMD_REGISTER(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x4}, 0x2) rmdir(&(0x7f00000000c0)='./bus/file0\x00') 15:52:36 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VIDIOC_TRY_DECODER_CMD(r1, 0xc0485661, &(0x7f0000000000)={0x1, 0x1, @raw_data=[0x1, 0x1, 0x9, 0x7, 0x7, 0x5, 0xd3fa, 0x9e26, 0x2, 0x11e0000, 0x6, 0x7, 0x5, 0x7, 0x3, 0x3]}) 15:52:36 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8933, &(0x7f00000004c0)) [ 203.043504][T11246] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 203.051520][T11246] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 203.059556][T11246] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 203.067515][T11246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 203.078255][T11246] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:52:36 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x3fffffff, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:36 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x40045010, &(0x7f00000004c0)) 15:52:36 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5646, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:36 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x400454ca, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:36 executing program 1 (fault-call:5 fault-nth:1): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:36 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x40045017, &(0x7f00000004c0)) 15:52:36 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x40045567, &(0x7f0000000740)={0x0, @pix_mp}) [ 203.259460][ T5033] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 203.292401][T11281] Sensor A: ================= START STATUS ================= [ 203.320001][T11285] FAULT_INJECTION: forcing a failure. [ 203.320001][T11285] name failslab, interval 1, probability 0, space 0, times 0 [ 203.323481][T11281] v4l2-ctrls: Sensor A: Test Pattern: 75% Colorbar 15:52:36 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffefffffffffff, 0xffffffffffffffff, 0x0) fcntl$setstatus(r0, 0x4, 0x2000) ioctl$VT_ACTIVATE(0xffffffffffffffff, 0x5606, 0x0) mkdir(&(0x7f00000001c0)='./file1\x00', 0x0) mkdir(&(0x7f00000002c0)='./bus\x00', 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f00000003c0)=[{0x0}], 0x1, &(0x7f00000004c0)=""/262, 0x106}, 0x1e3}, {{0x0, 0x0, 0x0}, 0x8001}], 0x2, 0x161, &(0x7f0000003340)={0x77359400}) accept(0xffffffffffffffff, 0x0, &(0x7f0000000040)) sched_setattr(0x0, 0x0, 0x0) getpriority(0x1, 0x0) mount$9p_tcp(0x0, &(0x7f0000000200)='./bus\x00', 0x0, 0x0, 0x0) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcsa\x00', 0x712000, 0x0) sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000640)=ANY=[@ANYBLOB="e705000006ba982e637ff5f1f8f46cabbe03514e6bde392e513be84ba712f4b623f73c53919d1f0180fa3355bede8b4f08e9c8a236287cda78dcfdebd310d69bb7eb415449d273216ed1983c3f4b8248baf2654e47d352b92883cc99d79efe56629651cd23cbca182624b5e9de2ed3e8579c212a0fdae813f338e4dcd403308105de377cfd10b0a0dd593cfe49c2300c07cf4c0fe13fecc51356dd5ee770d3f946f42f002ef9cba3f0eda38dd02165f033bcf33d2123f3352e531072bfb844aabb2974156760b1975d38f7745cfc271671178d6091c4c425a5ef42a098e224d04179", @ANYRES16=0x0, @ANYBLOB="000828bd7000ffdbdf25020000e80800010073797a32000000000900030073797a300000000005000400010000000900010073797a3200000000140002006d616376746170320000000000e320000900030073797a310000000042bf7fd8a9479355e49f283a7bfcef6e7ea950df2d2e6b54b4f552497a58504d0b4a8b8497102abbb2084404ac6dda52ca565310b31df909a28855ee5e9f9b8381d8208402d6"], 0x60}, 0x1, 0x0, 0x0, 0x4040010}, 0x4040080) mkdir(&(0x7f0000000240)='./file0/file0\x00', 0x0) creat(&(0x7f0000000080)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$USERIO_CMD_REGISTER(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x4}, 0x2) rmdir(&(0x7f00000000c0)='./bus/file0\x00') [ 203.361698][T11285] CPU: 0 PID: 11285 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 203.370388][T11285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 203.380438][T11285] Call Trace: [ 203.383733][T11285] dump_stack+0x10f/0x19d [ 203.388059][T11285] should_fail+0x23c/0x250 [ 203.388770][T11281] v4l2-ctrls: Sensor A: Vertical Flip: false [ 203.392469][T11285] __should_failslab+0x81/0x90 [ 203.392490][T11285] should_failslab+0x5/0x20 [ 203.392501][T11285] kmem_cache_alloc_node_trace+0x3b/0x260 [ 203.392517][T11285] ? __kmalloc_node+0x30/0x40 [ 203.412911][T11281] v4l2-ctrls: Sensor A: Horizontal Flip: false [ 203.413608][T11285] ? fsnotify_parent+0x58/0x180 [ 203.413692][T11285] __kmalloc_node+0x30/0x40 [ 203.424721][T11281] v4l2-ctrls: Sensor A: Brightness: 128 [ 203.429326][T11285] kvmalloc_node+0x81/0xf0 [ 203.429342][T11285] seq_read+0xfe/0x900 [ 203.445007][T11281] v4l2-ctrls: Sensor A: Contrast: 128 [ 203.447792][T11285] ? rw_verify_area+0x12c/0x240 [ 203.447810][T11285] do_iter_read+0x2fe/0x480 [ 203.462035][T11281] v4l2-ctrls: Sensor A: Hue: 0 [ 203.462585][T11285] do_preadv+0x13b/0x230 [ 203.472040][T11285] ? __sb_end_write+0x90/0xe0 [ 203.474514][T11281] v4l2-ctrls: Sensor A: Saturation: 128 [ 203.476796][T11285] ? vfs_write+0x323/0x350 [ 203.476812][T11285] ? check_preemption_disabled+0x51/0x140 [ 203.476829][T11285] ? debug_smp_processor_id+0x18/0x20 [ 203.495703][T11281] Sensor A: ================== END STATUS ================== [ 203.497823][T11285] ? fpregs_assert_state_consistent+0x7e/0x90 [ 203.497843][T11285] __x64_sys_preadv+0x54/0x60 [ 203.516357][T11285] do_syscall_64+0x51/0xb0 [ 203.520767][T11285] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 203.526647][T11285] RIP: 0033:0x45cb29 [ 203.530529][T11285] Code: Bad RIP value. [ 203.534583][T11285] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 203.543118][T11285] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 203.551078][T11285] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 203.559060][T11285] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 203.567485][T11285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 203.575510][T11285] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:52:36 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x400454ca, &(0x7f00000004c0)) 15:52:36 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x6364, &(0x7f0000000740)={0x0, @pix_mp}) [ 203.729437][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 203.849851][ T5033] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 203.861096][ T5033] usb 4-1: config 0 has no interface number 0 [ 203.879398][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 203.892510][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 203.903996][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 203.915426][ T5033] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 203.929172][ T5033] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 203.938893][ T5033] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.948367][ T5033] usb 4-1: config 0 descriptor?? [ 203.992394][ T5033] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input5 [ 204.193151][ T5033] usb 4-1: USB disconnect, device number 2 [ 204.213963][ T5033] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 204.539470][ T7] tipc: TX() has been purged, node left! [ 204.969506][ T5033] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 205.219478][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 205.359496][ T5033] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 205.367654][ T5033] usb 4-1: config 0 has no interface number 0 [ 205.373815][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 205.384881][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 205.396783][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 205.407395][ T5033] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 205.420743][ T5033] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 205.429872][ T5033] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.438456][ T5033] usb 4-1: config 0 descriptor?? [ 205.492208][ T5033] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input6 15:52:38 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x40049409, &(0x7f00000004c0)) 15:52:38 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x40049409, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:38 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x8912, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:38 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000000000000000000000000000000a20000000000a01000000000087a3db98000000000900010073797a300000000084000000080a8381933a000000000000000000000900010073797a3012f20e6150c35584f5c06eeff6987758a82553133b143cd55fd4237233344b56e31e9f774b5b60"], 0x1}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r4, r3, 0x0, 0x100000001) 15:52:38 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VIDIOC_TRY_DECODER_CMD(r1, 0xc0485661, &(0x7f0000000000)={0x1, 0x1, @raw_data=[0x1, 0x1, 0x9, 0x7, 0x7, 0x5, 0xd3fa, 0x9e26, 0x2, 0x11e0000, 0x6, 0x7, 0x5, 0x7, 0x3, 0x3]}) 15:52:38 executing program 1 (fault-call:5 fault-nth:2): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 205.690977][ T5033] usb 4-1: USB disconnect, device number 3 [ 205.701208][ T5033] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 205.755330][T11355] FAULT_INJECTION: forcing a failure. [ 205.755330][T11355] name failslab, interval 1, probability 0, space 0, times 0 15:52:39 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x40085618, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:39 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x40186366, &(0x7f00000004c0)) [ 205.803679][T11355] CPU: 0 PID: 11355 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 205.812513][T11355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 205.822588][T11355] Call Trace: [ 205.825938][T11355] dump_stack+0x10f/0x19d [ 205.830265][T11355] should_fail+0x23c/0x250 [ 205.834703][T11355] __should_failslab+0x81/0x90 [ 205.839531][T11355] should_failslab+0x5/0x20 [ 205.844088][T11355] kmem_cache_alloc_trace+0x32/0x2c0 [ 205.849488][T11355] ? proc_pid_stack+0x59/0x180 [ 205.854714][T11355] proc_pid_stack+0x59/0x180 [ 205.855626][ T28] audit: type=1804 audit(1594137159.080:3): pid=11361 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir928191459/syzkaller.H4PVC6/24/cgroup.controllers" dev="sda1" ino=15913 res=1 [ 205.859427][T11355] proc_single_show+0x84/0x100 [ 205.859445][T11355] seq_read+0x2ee/0x900 [ 205.859491][T11355] ? rw_verify_area+0x12c/0x240 [ 205.859508][T11355] do_iter_read+0x2fe/0x480 15:52:39 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x4020940d, &(0x7f00000004c0)) [ 205.859521][T11355] do_preadv+0x13b/0x230 [ 205.859534][T11355] ? __sb_end_write+0x90/0xe0 [ 205.859546][T11355] ? vfs_write+0x323/0x350 [ 205.859566][T11355] ? check_preemption_disabled+0x51/0x140 [ 205.859602][T11355] ? debug_smp_processor_id+0x18/0x20 [ 205.859617][T11355] ? fpregs_assert_state_consistent+0x7e/0x90 [ 205.859679][T11355] __x64_sys_preadv+0x54/0x60 [ 205.859701][T11355] do_syscall_64+0x51/0xb0 [ 205.943566][T11355] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 205.949616][T11355] RIP: 0033:0x45cb29 15:52:39 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80044d76, &(0x7f00000004c0)) [ 205.954710][T11355] Code: Bad RIP value. [ 205.958770][T11355] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 205.967178][T11355] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 205.975436][T11355] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 205.983488][T11355] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 205.991468][T11355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 15:52:39 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x8933, &(0x7f0000000740)={0x0, @pix_mp}) [ 205.999782][T11355] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:52:39 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x40186366, &(0x7f0000000740)={0x0, @pix_mp}) [ 206.029818][T11361] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 206.078827][T11361] File: /root/syzkaller-testdir928191459/syzkaller.H4PVC6/24/cgroup.controllers PID: 11361 Comm: syz-executor.4 [ 206.309445][ T5033] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 206.599475][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 206.729511][ T5033] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 206.737793][ T5033] usb 4-1: config 0 has no interface number 0 [ 206.744661][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 206.755962][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 206.767315][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 206.777423][ T5033] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 206.791008][ T5033] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 206.800712][ T5033] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.810759][ T5033] usb 4-1: config 0 descriptor?? [ 206.862166][ T5033] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input7 [ 207.073683][ T49] usb 4-1: USB disconnect, device number 4 [ 207.093020][ T49] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:52:40 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VIDIOC_TRY_DECODER_CMD(r1, 0xc0485661, &(0x7f0000000000)={0x1, 0x1, @raw_data=[0x1, 0x1, 0x9, 0x7, 0x7, 0x5, 0xd3fa, 0x9e26, 0x2, 0x11e0000, 0x6, 0x7, 0x5, 0x7, 0x3, 0x3]}) 15:52:40 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80044df9, &(0x7f00000004c0)) 15:52:40 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565a, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:40 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb, 0x1, 'geneve\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_LABEL={0x8}]}}}]}, 0x3c}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) bind$unix(r1, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e) 15:52:40 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x89f1, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:40 executing program 1 (fault-call:5 fault-nth:3): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:40 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:40 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80045002, &(0x7f00000004c0)) [ 207.648057][T11429] FAULT_INJECTION: forcing a failure. [ 207.648057][T11429] name failslab, interval 1, probability 0, space 0, times 0 [ 207.666392][T11429] CPU: 0 PID: 11429 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 207.675061][T11429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 207.685105][T11429] Call Trace: [ 207.688391][T11429] dump_stack+0x10f/0x19d [ 207.692719][T11429] should_fail+0x23c/0x250 15:52:40 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020940d, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:40 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x89f2, &(0x7f0000000740)={0x0, @pix_mp}) [ 207.697152][T11429] __should_failslab+0x81/0x90 [ 207.701907][T11429] should_failslab+0x5/0x20 [ 207.706426][T11429] kmem_cache_alloc_trace+0x32/0x2c0 [ 207.711703][T11429] ? proc_pid_stack+0x59/0x180 [ 207.716462][T11429] proc_pid_stack+0x59/0x180 [ 207.721076][T11429] proc_single_show+0x84/0x100 [ 207.727332][T11429] seq_read+0x2ee/0x900 [ 207.731483][T11429] do_iter_read+0x3f5/0x480 [ 207.736473][T11429] do_preadv+0x13b/0x230 [ 207.740836][T11429] ? __sb_end_write+0x90/0xe0 15:52:41 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80085617, &(0x7f0000000740)={0x0, @pix_mp}) [ 207.745513][T11429] ? vfs_write+0x323/0x350 [ 207.750036][T11429] ? check_preemption_disabled+0x51/0x140 [ 207.755751][T11429] ? debug_smp_processor_id+0x18/0x20 [ 207.761412][T11429] ? fpregs_assert_state_consistent+0x7e/0x90 [ 207.767565][T11429] __x64_sys_preadv+0x54/0x60 [ 207.772236][T11429] do_syscall_64+0x51/0xb0 [ 207.776652][T11429] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 207.782531][T11429] RIP: 0033:0x45cb29 [ 207.786588][T11429] Code: Bad RIP value. 15:52:41 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80045005, &(0x7f00000004c0)) [ 207.790646][T11429] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 207.799488][T11429] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 207.807512][T11429] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 207.815529][T11429] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 207.823573][T11429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 207.831543][T11429] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 207.920911][ T49] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 208.160343][ T49] usb 4-1: Using ep0 maxpacket: 8 [ 208.279839][ T49] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 208.288003][ T49] usb 4-1: config 0 has no interface number 0 [ 208.294764][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 208.306302][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 208.317687][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 208.327991][ T49] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 208.341423][ T49] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 208.351469][ T49] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.362263][ T49] usb 4-1: config 0 descriptor?? [ 208.404927][ T49] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input8 [ 208.610441][ T5033] usb 4-1: USB disconnect, device number 5 [ 208.619847][ T5033] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:52:42 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VIDIOC_TRY_DECODER_CMD(r1, 0xc0485661, &(0x7f0000000000)={0x1, 0x1, @raw_data=[0x1, 0x1, 0x9, 0x7, 0x7, 0x5, 0xd3fa, 0x9e26, 0x2, 0x11e0000, 0x6, 0x7, 0x5, 0x7, 0x3, 0x3]}) 15:52:42 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80045006, &(0x7f00000004c0)) 15:52:42 executing program 4: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80045002, &(0x7f00000004c0)) 15:52:42 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xae01, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:42 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x8008563f, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:42 executing program 1 (fault-call:5 fault-nth:4): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:42 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80086301, &(0x7f0000000740)={0x0, @pix_mp}) [ 209.168402][T11500] FAULT_INJECTION: forcing a failure. [ 209.168402][T11500] name failslab, interval 1, probability 0, space 0, times 0 15:52:42 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x8008563f, &(0x7f0000000740)={0x0, @pix_mp}) [ 209.208558][T11500] CPU: 0 PID: 11500 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 209.218404][T11500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 209.228632][T11500] Call Trace: [ 209.231984][T11500] dump_stack+0x10f/0x19d [ 209.236320][T11500] should_fail+0x23c/0x250 [ 209.240734][T11500] __should_failslab+0x81/0x90 [ 209.245528][T11500] should_failslab+0x5/0x20 [ 209.250034][T11500] kmem_cache_alloc_trace+0x32/0x2c0 15:52:42 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xae41, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:42 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80045007, &(0x7f00000004c0)) [ 209.255344][T11500] ? proc_pid_stack+0x59/0x180 [ 209.260111][T11500] proc_pid_stack+0x59/0x180 [ 209.264713][T11500] proc_single_show+0x84/0x100 [ 209.269500][T11500] seq_read+0x2ee/0x900 [ 209.273696][T11500] do_iter_read+0x3f5/0x480 [ 209.279157][T11500] do_preadv+0x13b/0x230 [ 209.283465][T11500] ? __sb_end_write+0x90/0xe0 [ 209.288155][T11500] ? vfs_write+0x323/0x350 [ 209.292572][T11500] ? check_preemption_disabled+0x51/0x140 [ 209.298309][T11500] ? debug_smp_processor_id+0x18/0x20 15:52:42 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x8008563f, &(0x7f0000000740)={0x0, @pix_mp}) [ 209.303682][T11500] ? fpregs_assert_state_consistent+0x7e/0x90 [ 209.309751][T11500] __x64_sys_preadv+0x54/0x60 [ 209.314431][T11500] do_syscall_64+0x51/0xb0 [ 209.318939][T11500] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 209.324830][T11500] RIP: 0033:0x45cb29 [ 209.328708][T11500] Code: Bad RIP value. [ 209.332772][T11500] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 209.341269][T11500] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 209.349240][T11500] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 15:52:42 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xae60, &(0x7f0000000740)={0x0, @pix_mp}) [ 209.357295][T11500] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 209.365326][T11500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 209.373405][T11500] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 209.529510][ T5] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 209.789482][ T5] usb 4-1: Using ep0 maxpacket: 8 [ 209.919909][ T5] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 209.928058][ T5] usb 4-1: config 0 has no interface number 0 [ 209.934784][ T5] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 209.946114][ T5] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 209.957486][ T5] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 209.967703][ T5] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 209.982189][ T5] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 209.991571][ T5] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 210.000529][ T5] usb 4-1: config 0 descriptor?? [ 210.045505][ T5] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input9 [ 210.251042][ T49] usb 4-1: USB disconnect, device number 6 [ 210.279512][ T49] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:52:44 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:52:44 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80405600, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:44 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8004500b, &(0x7f00000004c0)) 15:52:44 executing program 1 (fault-call:5 fault-nth:5): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:44 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x8008563f, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:44 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xae80, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:44 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x8008563f, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:44 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x3fffffff, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:44 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80805659, &(0x7f0000000740)={0x0, @pix_mp}) [ 210.818949][T11561] FAULT_INJECTION: forcing a failure. [ 210.818949][T11561] name failslab, interval 1, probability 0, space 0, times 0 [ 210.867564][T11561] CPU: 1 PID: 11561 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 210.876254][T11561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 210.886321][T11561] Call Trace: [ 210.889631][T11561] dump_stack+0x10f/0x19d [ 210.893977][T11561] should_fail+0x23c/0x250 [ 210.898433][T11561] __should_failslab+0x81/0x90 [ 210.903351][T11561] should_failslab+0x5/0x20 [ 210.907852][T11561] kmem_cache_alloc_trace+0x32/0x2c0 [ 210.913129][T11561] ? proc_pid_stack+0x59/0x180 [ 210.917888][T11561] proc_pid_stack+0x59/0x180 [ 210.922501][T11561] proc_single_show+0x84/0x100 [ 210.927266][T11561] seq_read+0x2ee/0x900 [ 210.931421][T11561] do_iter_read+0x3f5/0x480 [ 210.935918][T11561] do_preadv+0x13b/0x230 [ 210.940159][T11561] ? __sb_end_write+0x90/0xe0 [ 210.944830][T11561] ? vfs_write+0x323/0x350 [ 210.949244][T11561] ? check_preemption_disabled+0x51/0x140 [ 210.954959][T11561] ? debug_smp_processor_id+0x18/0x20 [ 210.960422][T11561] ? fpregs_assert_state_consistent+0x7e/0x90 [ 210.966956][T11561] __x64_sys_preadv+0x54/0x60 [ 210.971743][T11561] do_syscall_64+0x51/0xb0 [ 210.976188][T11561] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 210.982464][T11561] RIP: 0033:0x45cb29 [ 210.986552][T11561] Code: Bad RIP value. [ 210.990611][T11561] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 210.999196][T11561] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 211.007202][T11561] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 15:52:44 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x8008563f, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:44 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8004500f, &(0x7f00000004c0)) 15:52:44 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x400454ca, &(0x7f0000000740)={0x0, @pix_mp}) [ 211.017345][T11561] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 211.025314][T11561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 211.033282][T11561] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 211.049517][ T5] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 211.309514][ T5] usb 4-1: Using ep0 maxpacket: 8 [ 211.429696][ T5] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 211.437928][ T5] usb 4-1: config 0 has no interface number 0 [ 211.445649][ T5] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 211.456648][ T5] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 211.467818][ T5] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 211.477753][ T5] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 211.492001][ T5] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 211.501127][ T5] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.510426][ T5] usb 4-1: config 0 descriptor?? [ 211.552422][ T5] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input10 [ 211.752148][ T5] usb 4-1: USB disconnect, device number 7 [ 211.769570][ T5] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:52:45 executing program 1 (fault-call:5 fault-nth:6): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:45 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x8008563f, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:45 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80045010, &(0x7f00000004c0)) 15:52:45 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x40049409, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:45 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:52:45 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80845663, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:45 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80885659, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:45 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x40085618, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:45 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x8008563f, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:45 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x40186366, &(0x7f0000000740)={0x0, @pix_mp}) [ 212.311061][T11629] FAULT_INJECTION: forcing a failure. [ 212.311061][T11629] name failslab, interval 1, probability 0, space 0, times 0 [ 212.379449][T11629] CPU: 0 PID: 11629 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 212.388227][T11629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 212.398279][T11629] Call Trace: [ 212.401572][T11629] dump_stack+0x10f/0x19d [ 212.406005][T11629] should_fail+0x23c/0x250 [ 212.410530][T11629] __should_failslab+0x81/0x90 [ 212.415292][T11629] should_failslab+0x5/0x20 [ 212.419790][T11629] kmem_cache_alloc_trace+0x32/0x2c0 [ 212.425084][T11629] ? proc_pid_stack+0x59/0x180 15:52:45 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x8008563f, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:45 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565a, &(0x7f0000000740)={0x0, @pix_mp}) [ 212.429848][T11629] proc_pid_stack+0x59/0x180 [ 212.434438][T11629] proc_single_show+0x84/0x100 [ 212.439306][T11629] seq_read+0x2ee/0x900 [ 212.443468][T11629] do_iter_read+0x3f5/0x480 [ 212.447970][T11629] do_preadv+0x13b/0x230 [ 212.452214][T11629] ? __sb_end_write+0x90/0xe0 [ 212.456887][T11629] ? vfs_write+0x323/0x350 [ 212.461299][T11629] ? check_preemption_disabled+0x51/0x140 [ 212.467011][T11629] ? debug_smp_processor_id+0x18/0x20 [ 212.472378][T11629] ? fpregs_assert_state_consistent+0x7e/0x90 [ 212.478451][T11629] __x64_sys_preadv+0x54/0x60 [ 212.483603][T11629] do_syscall_64+0x51/0xb0 [ 212.488060][T11629] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 212.493954][T11629] RIP: 0033:0x45cb29 [ 212.497829][T11629] Code: Bad RIP value. [ 212.501896][T11629] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 212.510326][T11629] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 212.518296][T11629] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 212.526263][T11629] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 212.534801][T11629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 212.542774][T11629] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:52:45 executing program 1 (fault-call:5 fault-nth:7): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:45 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x8008563f, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:45 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:45 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80045017, &(0x7f00000004c0)) [ 212.615157][ T49] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 212.644574][T11656] FAULT_INJECTION: forcing a failure. [ 212.644574][T11656] name failslab, interval 1, probability 0, space 0, times 0 [ 212.661785][T11656] CPU: 1 PID: 11656 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 212.670649][T11656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 212.680714][T11656] Call Trace: [ 212.684109][T11656] dump_stack+0x10f/0x19d [ 212.688454][T11656] should_fail+0x23c/0x250 [ 212.692872][T11656] __should_failslab+0x81/0x90 [ 212.698586][T11656] should_failslab+0x5/0x20 [ 212.703094][T11656] kmem_cache_alloc_trace+0x32/0x2c0 [ 212.708374][T11656] ? proc_pid_stack+0x59/0x180 [ 212.713676][T11656] proc_pid_stack+0x59/0x180 [ 212.718525][T11656] proc_single_show+0x84/0x100 [ 212.723281][T11656] seq_read+0x2ee/0x900 [ 212.727434][T11656] do_iter_read+0x3f5/0x480 [ 212.732020][T11656] do_preadv+0x13b/0x230 [ 212.736270][T11656] ? __sb_end_write+0x90/0xe0 [ 212.740949][T11656] ? vfs_write+0x323/0x350 [ 212.745368][T11656] ? check_preemption_disabled+0x51/0x140 [ 212.751093][T11656] ? debug_smp_processor_id+0x18/0x20 [ 212.756721][T11656] ? fpregs_assert_state_consistent+0x7e/0x90 [ 212.762789][T11656] __x64_sys_preadv+0x54/0x60 [ 212.767461][T11656] do_syscall_64+0x51/0xb0 [ 212.771917][T11656] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 212.777831][T11656] RIP: 0033:0x45cb29 [ 212.781707][T11656] Code: Bad RIP value. [ 212.785788][T11656] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 212.794194][T11656] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 212.802258][T11656] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 212.810350][T11656] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 212.818405][T11656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 212.826474][T11656] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 213.059479][ T49] usb 4-1: Using ep0 maxpacket: 8 [ 213.179559][ T49] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 213.187672][ T49] usb 4-1: config 0 has no interface number 0 [ 213.194821][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 213.206318][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 213.217829][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 213.228465][ T49] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 213.241633][ T49] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 213.250787][ T49] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.259684][ T49] usb 4-1: config 0 descriptor?? [ 213.301989][ T49] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input11 [ 213.502188][ T49] usb 4-1: USB disconnect, device number 8 [ 213.520091][ T49] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:52:47 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x8008563f, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:47 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80086301, &(0x7f00000004c0)) 15:52:47 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020940d, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:47 executing program 1 (fault-call:5 fault-nth:8): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:47 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:52:47 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc004500a, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:47 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0045878, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:47 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020ae46, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:47 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x8008563f, &(0x7f0000000740)={0x0, @pix_mp}) [ 214.060742][T11705] FAULT_INJECTION: forcing a failure. [ 214.060742][T11705] name failslab, interval 1, probability 0, space 0, times 0 15:52:47 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0045878, &(0x7f0000000740)={0x0, @pix_mp}) [ 214.122327][T11705] CPU: 1 PID: 11705 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 214.131032][T11705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 214.141123][T11705] Call Trace: [ 214.144415][T11705] dump_stack+0x10f/0x19d [ 214.148759][T11705] should_fail+0x23c/0x250 [ 214.153180][T11705] __should_failslab+0x81/0x90 [ 214.157947][T11705] should_failslab+0x5/0x20 [ 214.162465][T11705] kmem_cache_alloc_trace+0x32/0x2c0 [ 214.167759][T11705] ? proc_pid_stack+0x59/0x180 15:52:47 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x8008563f, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:47 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc008561b, &(0x7f0000000740)={0x0, @pix_mp}) [ 214.172547][T11705] proc_pid_stack+0x59/0x180 [ 214.177317][T11705] proc_single_show+0x84/0x100 [ 214.182077][T11705] seq_read+0x2ee/0x900 [ 214.186246][T11705] do_iter_read+0x3f5/0x480 [ 214.190747][T11705] do_preadv+0x13b/0x230 [ 214.194998][T11705] ? __sb_end_write+0x90/0xe0 [ 214.199679][T11705] ? vfs_write+0x323/0x350 [ 214.204097][T11705] ? check_preemption_disabled+0x51/0x140 [ 214.209843][T11705] ? debug_smp_processor_id+0x18/0x20 [ 214.215212][T11705] ? fpregs_assert_state_consistent+0x7e/0x90 15:52:47 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x8008563f, 0x0) [ 214.221312][T11705] __x64_sys_preadv+0x54/0x60 [ 214.225993][T11705] do_syscall_64+0x51/0xb0 [ 214.230511][T11705] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 214.236579][T11705] RIP: 0033:0x45cb29 [ 214.240481][T11705] Code: Bad RIP value. [ 214.244567][T11705] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 214.253038][T11705] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 214.261007][T11705] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 15:52:47 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x800c5011, &(0x7f00000004c0)) 15:52:47 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc008561c, &(0x7f0000000740)={0x0, @pix_mp}) [ 214.269088][T11705] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 214.277075][T11705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 214.285178][T11705] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:52:47 executing program 1 (fault-call:5 fault-nth:9): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 214.433795][T11737] FAULT_INJECTION: forcing a failure. [ 214.433795][T11737] name failslab, interval 1, probability 0, space 0, times 0 [ 214.446612][T11737] CPU: 0 PID: 11737 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 214.449455][ T9916] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 214.455376][T11737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 214.472936][T11737] Call Trace: [ 214.476312][T11737] dump_stack+0x10f/0x19d [ 214.480644][T11737] should_fail+0x23c/0x250 [ 214.485058][T11737] __should_failslab+0x81/0x90 [ 214.489841][T11737] should_failslab+0x5/0x20 [ 214.494365][T11737] kmem_cache_alloc_trace+0x32/0x2c0 [ 214.509385][T11737] ? proc_pid_stack+0x59/0x180 [ 214.514487][T11737] proc_pid_stack+0x59/0x180 [ 214.519510][T11737] proc_single_show+0x84/0x100 [ 214.524285][T11737] seq_read+0x2ee/0x900 [ 214.528442][T11737] do_iter_read+0x3f5/0x480 [ 214.532951][T11737] do_preadv+0x13b/0x230 [ 214.537187][T11737] ? __sb_end_write+0x90/0xe0 [ 214.541852][T11737] ? vfs_write+0x323/0x350 [ 214.546260][T11737] ? check_preemption_disabled+0x51/0x140 [ 214.551981][T11737] ? debug_smp_processor_id+0x18/0x20 [ 214.557410][T11737] ? fpregs_assert_state_consistent+0x7e/0x90 [ 214.563474][T11737] __x64_sys_preadv+0x54/0x60 [ 214.569560][T11737] do_syscall_64+0x51/0xb0 [ 214.574042][T11737] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 214.579941][T11737] RIP: 0033:0x45cb29 [ 214.583868][T11737] Code: Bad RIP value. [ 214.587917][T11737] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 214.596599][T11737] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 214.604560][T11737] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 214.613652][T11737] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 214.621611][T11737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 214.629570][T11737] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 214.729503][ T9916] usb 4-1: Using ep0 maxpacket: 8 [ 214.850848][ T9916] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 214.858927][ T9916] usb 4-1: config 0 has no interface number 0 [ 214.865342][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 214.876272][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 214.887381][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 214.897315][ T9916] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 214.910439][ T9916] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 214.919655][ T9916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.929882][ T9916] usb 4-1: config 0 descriptor?? [ 214.975086][ T9916] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input12 [ 215.172626][ T5033] usb 4-1: USB disconnect, device number 9 [ 215.189483][ T5033] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:52:48 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r0) 15:52:48 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80405600, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:48 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4090ae82, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:48 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc008744c, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:48 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x800c5012, &(0x7f00000004c0)) 15:52:48 executing program 1 (fault-call:5 fault-nth:10): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 215.738940][T11782] FAULT_INJECTION: forcing a failure. [ 215.738940][T11782] name failslab, interval 1, probability 0, space 0, times 0 [ 215.760486][T11782] CPU: 0 PID: 11782 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 215.770065][T11782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 215.780201][T11782] Call Trace: [ 215.783509][T11782] dump_stack+0x10f/0x19d [ 215.787831][T11782] should_fail+0x23c/0x250 [ 215.792329][T11782] __should_failslab+0x81/0x90 [ 215.797109][T11782] should_failslab+0x5/0x20 [ 215.801604][T11782] kmem_cache_alloc_trace+0x32/0x2c0 [ 215.806916][T11782] ? proc_pid_stack+0x59/0x180 [ 215.811675][T11782] proc_pid_stack+0x59/0x180 [ 215.816252][T11782] proc_single_show+0x84/0x100 [ 215.821179][T11782] seq_read+0x2ee/0x900 [ 215.825357][T11782] do_iter_read+0x3f5/0x480 [ 215.829956][T11782] do_preadv+0x13b/0x230 [ 215.834204][T11782] ? __sb_end_write+0x90/0xe0 [ 215.838872][T11782] ? vfs_write+0x323/0x350 [ 215.843303][T11782] ? check_preemption_disabled+0x51/0x140 [ 215.848993][T11782] ? debug_smp_processor_id+0x18/0x20 [ 215.854344][T11782] ? fpregs_assert_state_consistent+0x7e/0x90 [ 215.860395][T11782] __x64_sys_preadv+0x54/0x60 [ 215.865061][T11782] do_syscall_64+0x51/0xb0 [ 215.869471][T11782] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 215.875348][T11782] RIP: 0033:0x45cb29 [ 215.879209][T11782] Code: Bad RIP value. 15:52:49 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80405600, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:49 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0189436, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:49 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80085617, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:49 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80105002, &(0x7f00000004c0)) [ 215.883258][T11782] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 215.891665][T11782] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 215.899623][T11782] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 215.907583][T11782] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 215.915529][T11782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 215.923476][T11782] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:52:49 executing program 1 (fault-call:5 fault-nth:11): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:49 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80405600, &(0x7f0000000740)={0x0, @pix_mp}) [ 216.071502][T11800] FAULT_INJECTION: forcing a failure. [ 216.071502][T11800] name failslab, interval 1, probability 0, space 0, times 0 [ 216.095227][T11800] CPU: 0 PID: 11800 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 216.103909][T11800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 216.113953][T11800] Call Trace: [ 216.117242][T11800] dump_stack+0x10f/0x19d [ 216.121561][T11800] should_fail+0x23c/0x250 [ 216.125982][T11800] __should_failslab+0x81/0x90 [ 216.130737][T11800] should_failslab+0x5/0x20 [ 216.136216][T11800] kmem_cache_alloc_trace+0x32/0x2c0 [ 216.141496][T11800] ? proc_pid_stack+0x59/0x180 [ 216.146354][T11800] proc_pid_stack+0x59/0x180 [ 216.150937][T11800] proc_single_show+0x84/0x100 [ 216.155699][T11800] seq_read+0x2ee/0x900 [ 216.159880][T11800] do_iter_read+0x3f5/0x480 [ 216.164373][T11800] do_preadv+0x13b/0x230 [ 216.168639][T11800] ? __sb_end_write+0x90/0xe0 [ 216.173348][T11800] ? vfs_write+0x323/0x350 [ 216.177765][T11800] ? check_preemption_disabled+0x51/0x140 [ 216.183476][T11800] ? debug_smp_processor_id+0x18/0x20 [ 216.188857][T11800] ? fpregs_assert_state_consistent+0x7e/0x90 [ 216.194921][T11800] __x64_sys_preadv+0x54/0x60 [ 216.199591][T11800] do_syscall_64+0x51/0xb0 [ 216.204002][T11800] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 216.209903][T11800] RIP: 0033:0x45cb29 [ 216.213776][T11800] Code: Bad RIP value. [ 216.217861][T11800] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 216.226297][T11800] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 216.234296][T11800] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 216.242255][T11800] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 216.250213][T11800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 216.258182][T11800] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 216.269476][ T5033] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 216.529513][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 216.669510][ T5033] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 216.677662][ T5033] usb 4-1: config 0 has no interface number 0 [ 216.683822][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 216.694756][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 216.705773][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 216.716110][ T5033] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 216.729282][ T5033] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 216.738556][ T5033] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.751106][ T5033] usb 4-1: config 0 descriptor?? [ 216.792062][ T5033] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input13 [ 216.992256][ T9916] usb 4-1: USB disconnect, device number 10 [ 217.009526][ T9916] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:52:50 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x8008563f, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:50 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0205647, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:50 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80105003, &(0x7f00000004c0)) 15:52:50 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x80405600, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:50 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r0) 15:52:50 executing program 1 (fault-call:5 fault-nth:12): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:50 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0205648, &(0x7f0000000740)={0x0, @pix_mp}) [ 217.544677][T11841] FAULT_INJECTION: forcing a failure. [ 217.544677][T11841] name failslab, interval 1, probability 0, space 0, times 0 [ 217.600681][T11841] CPU: 0 PID: 11841 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 217.609384][T11841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 217.619567][T11841] Call Trace: [ 217.622872][T11841] dump_stack+0x10f/0x19d [ 217.627228][T11841] should_fail+0x23c/0x250 [ 217.631641][T11841] __should_failslab+0x81/0x90 [ 217.636409][T11841] should_failslab+0x5/0x20 [ 217.640929][T11841] kmem_cache_alloc_trace+0x32/0x2c0 [ 217.646217][T11841] ? proc_pid_stack+0x59/0x180 [ 217.651045][T11841] proc_pid_stack+0x59/0x180 [ 217.655642][T11841] proc_single_show+0x84/0x100 [ 217.660405][T11841] seq_read+0x2ee/0x900 [ 217.664560][T11841] do_iter_read+0x3f5/0x480 [ 217.669061][T11841] do_preadv+0x13b/0x230 [ 217.673300][T11841] ? __sb_end_write+0x90/0xe0 [ 217.677974][T11841] ? vfs_write+0x323/0x350 [ 217.686997][T11841] ? check_preemption_disabled+0x51/0x140 [ 217.692720][T11841] ? debug_smp_processor_id+0x18/0x20 [ 217.698123][T11841] ? fpregs_assert_state_consistent+0x7e/0x90 [ 217.704195][T11841] __x64_sys_preadv+0x54/0x60 [ 217.708908][T11841] do_syscall_64+0x51/0xb0 [ 217.713624][T11841] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 217.719904][T11841] RIP: 0033:0x45cb29 [ 217.723783][T11841] Code: Bad RIP value. [ 217.728014][T11841] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 217.736426][T11841] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 15:52:50 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80086301, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:51 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x80405600, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:51 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80105004, &(0x7f00000004c0)) 15:52:51 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0205649, &(0x7f0000000740)={0x0, @pix_mp}) [ 217.744503][T11841] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 217.752645][T11841] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 217.760617][T11841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 217.768585][T11841] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:52:51 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80105009, &(0x7f00000004c0)) 15:52:51 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x80405600, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:51 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc020660b, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:51 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80405600, &(0x7f0000000740)={0x0, @pix_mp}) [ 217.841092][ T9916] usb 4-1: new high-speed USB device number 11 using dummy_hcd 15:52:51 executing program 1 (fault-call:5 fault-nth:13): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 217.976780][T11874] FAULT_INJECTION: forcing a failure. [ 217.976780][T11874] name failslab, interval 1, probability 0, space 0, times 0 [ 217.989793][T11874] CPU: 0 PID: 11874 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 217.998500][T11874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 218.008553][T11874] Call Trace: [ 218.011841][T11874] dump_stack+0x10f/0x19d [ 218.016167][T11874] should_fail+0x23c/0x250 [ 218.020621][T11874] __should_failslab+0x81/0x90 [ 218.025385][T11874] should_failslab+0x5/0x20 [ 218.029885][T11874] kmem_cache_alloc_trace+0x32/0x2c0 [ 218.035166][T11874] ? proc_pid_stack+0x59/0x180 [ 218.039923][T11874] proc_pid_stack+0x59/0x180 [ 218.044517][T11874] proc_single_show+0x84/0x100 [ 218.049280][T11874] seq_read+0x2ee/0x900 [ 218.053439][T11874] do_iter_read+0x3f5/0x480 [ 218.058034][T11874] do_preadv+0x13b/0x230 [ 218.062276][T11874] ? __sb_end_write+0x90/0xe0 [ 218.066949][T11874] ? vfs_write+0x323/0x350 [ 218.071362][T11874] ? check_preemption_disabled+0x51/0x140 [ 218.077087][T11874] ? debug_smp_processor_id+0x18/0x20 [ 218.080567][ T9916] usb 4-1: Using ep0 maxpacket: 8 [ 218.082543][T11874] ? fpregs_assert_state_consistent+0x7e/0x90 [ 218.093545][T11874] __x64_sys_preadv+0x54/0x60 [ 218.098226][T11874] do_syscall_64+0x51/0xb0 [ 218.102649][T11874] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 218.108974][T11874] RIP: 0033:0x45cb29 [ 218.112852][T11874] Code: Bad RIP value. [ 218.116909][T11874] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 218.125314][T11874] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 218.133307][T11874] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 218.141740][T11874] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 218.149706][T11874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 218.157762][T11874] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 218.199822][ T9916] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 218.207924][ T9916] usb 4-1: config 0 has no interface number 0 [ 218.229454][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 218.249578][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 218.279503][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 218.290617][ T9916] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 218.306510][ T9916] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 218.315906][ T9916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 218.325894][ T9916] usb 4-1: config 0 descriptor?? [ 218.375047][ T9916] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input14 [ 218.571743][ T9916] usb 4-1: USB disconnect, device number 11 [ 218.589460][ T9916] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:52:52 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r0) 15:52:52 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500d, &(0x7f00000004c0)) 15:52:52 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0285628, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:52 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80405600, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:52 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80805659, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:52 executing program 1 (fault-call:5 fault-nth:14): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:52 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0285629, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:52 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80405600, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:52 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80105010, &(0x7f00000004c0)) [ 219.141108][T11919] FAULT_INJECTION: forcing a failure. [ 219.141108][T11919] name failslab, interval 1, probability 0, space 0, times 0 [ 219.182245][T11919] CPU: 1 PID: 11919 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 219.191032][T11919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 219.201404][T11919] Call Trace: [ 219.204687][T11919] dump_stack+0x10f/0x19d [ 219.209005][T11919] should_fail+0x23c/0x250 [ 219.213499][T11919] __should_failslab+0x81/0x90 [ 219.218371][T11919] should_failslab+0x5/0x20 [ 219.222859][T11919] kmem_cache_alloc_trace+0x32/0x2c0 [ 219.228154][T11919] ? proc_pid_stack+0x59/0x180 [ 219.234176][T11919] proc_pid_stack+0x59/0x180 [ 219.238767][T11919] proc_single_show+0x84/0x100 [ 219.243710][T11919] seq_read+0x2ee/0x900 [ 219.247963][T11919] do_iter_read+0x3f5/0x480 [ 219.252523][T11919] do_preadv+0x13b/0x230 [ 219.256861][T11919] ? __sb_end_write+0x90/0xe0 [ 219.261525][T11919] ? vfs_write+0x323/0x350 [ 219.265986][T11919] ? check_preemption_disabled+0x51/0x140 [ 219.271696][T11919] ? debug_smp_processor_id+0x18/0x20 [ 219.277063][T11919] ? fpregs_assert_state_consistent+0x7e/0x90 [ 219.283116][T11919] __x64_sys_preadv+0x54/0x60 [ 219.287782][T11919] do_syscall_64+0x51/0xb0 [ 219.292259][T11919] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 219.298156][T11919] RIP: 0033:0x45cb29 [ 219.302031][T11919] Code: Bad RIP value. [ 219.306088][T11919] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 219.314601][T11919] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 219.322555][T11919] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 15:52:52 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc02c5625, &(0x7f0000000740)={0x0, @pix_mp}) [ 219.330511][T11919] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 219.338481][T11919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 219.346520][T11919] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:52:52 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0305602, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:52 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80105011, &(0x7f00000004c0)) [ 219.509453][ T5] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 219.749441][ T5] usb 4-1: Using ep0 maxpacket: 8 [ 219.869781][ T5] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 219.877853][ T5] usb 4-1: config 0 has no interface number 0 [ 219.885816][ T5] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 219.897151][ T5] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 219.908644][ T5] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 219.919280][ T5] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 219.933024][ T5] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 219.942577][ T5] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.951920][ T5] usb 4-1: config 0 descriptor?? [ 219.992632][ T5] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input15 [ 220.191897][ T5] usb 4-1: USB disconnect, device number 12 [ 220.209544][ T5] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:52:53 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80405600, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:53 executing program 1 (fault-call:5 fault-nth:15): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:53 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0305615, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:53 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80105013, &(0x7f00000004c0)) 15:52:53 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 15:52:53 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80845663, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:53 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x80405600, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:54 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0305616, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:54 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x80405600, &(0x7f0000000740)={0x0, @pix_mp}) [ 220.778465][T11984] FAULT_INJECTION: forcing a failure. [ 220.778465][T11984] name failslab, interval 1, probability 0, space 0, times 0 15:52:54 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80105014, &(0x7f00000004c0)) 15:52:54 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x80405600, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:54 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80885659, &(0x7f0000000740)={0x0, @pix_mp}) [ 220.818813][T11984] CPU: 0 PID: 11984 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 220.827512][T11984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 220.837566][T11984] Call Trace: [ 220.840886][T11984] dump_stack+0x10f/0x19d [ 220.845235][T11984] should_fail+0x23c/0x250 [ 220.849699][T11984] __should_failslab+0x81/0x90 [ 220.856639][T11984] should_failslab+0x5/0x20 [ 220.861138][T11984] kmem_cache_alloc_trace+0x32/0x2c0 [ 220.866423][T11984] ? proc_pid_stack+0x59/0x180 [ 220.871255][T11984] proc_pid_stack+0x59/0x180 [ 220.876117][T11984] proc_single_show+0x84/0x100 [ 220.880873][T11984] seq_read+0x2ee/0x900 [ 220.885040][T11984] do_iter_read+0x3f5/0x480 [ 220.889556][T11984] do_preadv+0x13b/0x230 [ 220.893861][T11984] ? debug_smp_processor_id+0x18/0x20 [ 220.899232][T11984] ? delay_tsc+0x96/0xe0 [ 220.903535][T11984] __x64_sys_preadv+0x54/0x60 [ 220.908223][T11984] do_syscall_64+0x51/0xb0 [ 220.913167][T11984] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 220.919078][T11984] RIP: 0033:0x45cb29 [ 220.922957][T11984] Code: Bad RIP value. [ 220.927023][T11984] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 220.935613][T11984] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 220.944906][T11984] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 220.953138][T11984] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 220.961150][T11984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 15:52:54 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc038563b, &(0x7f0000000740)={0x0, @pix_mp}) [ 220.969117][T11984] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:52:54 executing program 1 (fault-call:5 fault-nth:16): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:54 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0045878, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:54 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80405600, 0x0) [ 221.031397][ T9916] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 221.127505][T12013] FAULT_INJECTION: forcing a failure. [ 221.127505][T12013] name failslab, interval 1, probability 0, space 0, times 0 [ 221.141849][T12013] CPU: 1 PID: 12013 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 221.150533][T12013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 221.160587][T12013] Call Trace: [ 221.163958][T12013] dump_stack+0x10f/0x19d [ 221.168295][T12013] should_fail+0x23c/0x250 [ 221.172890][T12013] __should_failslab+0x81/0x90 [ 221.177657][T12013] should_failslab+0x5/0x20 [ 221.182166][T12013] kmem_cache_alloc_trace+0x32/0x2c0 [ 221.192678][T12013] ? proc_pid_stack+0x59/0x180 [ 221.197527][T12013] proc_pid_stack+0x59/0x180 [ 221.202391][T12013] proc_single_show+0x84/0x100 [ 221.207324][T12013] seq_read+0x2ee/0x900 [ 221.211499][T12013] do_iter_read+0x3f5/0x480 [ 221.216783][T12013] do_preadv+0x13b/0x230 [ 221.221101][T12013] ? __sb_end_write+0x90/0xe0 [ 221.225790][T12013] ? vfs_write+0x323/0x350 [ 221.230238][T12013] ? check_preemption_disabled+0x51/0x140 [ 221.235963][T12013] ? debug_smp_processor_id+0x18/0x20 [ 221.241421][T12013] ? fpregs_assert_state_consistent+0x7e/0x90 [ 221.247712][T12013] __x64_sys_preadv+0x54/0x60 [ 221.252496][T12013] do_syscall_64+0x51/0xb0 [ 221.257047][T12013] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 221.262931][T12013] RIP: 0033:0x45cb29 [ 221.266806][T12013] Code: Bad RIP value. [ 221.270860][T12013] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 221.279316][T12013] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 221.287288][T12013] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 221.295286][T12013] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 221.303252][T12013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 221.311765][T12013] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 221.439488][ T9916] usb 4-1: Using ep0 maxpacket: 8 [ 221.559746][ T9916] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 221.568223][ T9916] usb 4-1: config 0 has no interface number 0 [ 221.574376][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 221.585312][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 221.597617][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 221.607523][ T9916] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 221.621206][ T9916] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 221.630298][ T9916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 221.639371][ T9916] usb 4-1: config 0 descriptor?? [ 221.682155][ T9916] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input16 [ 221.882059][ T48] usb 4-1: USB disconnect, device number 13 [ 221.899495][ T48] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:52:55 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0xc0045002, &(0x7f00000004c0)) 15:52:55 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc038563c, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:55 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0045878, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:55 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80405600, 0x0) 15:52:55 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 15:52:55 executing program 1 (fault-call:5 fault-nth:17): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:55 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc040563d, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:55 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80405600, 0x0) 15:52:55 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc008561b, &(0x7f0000000740)={0x0, @pix_mp}) [ 222.470965][T12056] FAULT_INJECTION: forcing a failure. [ 222.470965][T12056] name failslab, interval 1, probability 0, space 0, times 0 15:52:55 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0xc0045003, &(0x7f00000004c0)) 15:52:55 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc040563e, &(0x7f0000000740)={0x0, @pix_mp}) [ 222.515844][T12056] CPU: 1 PID: 12056 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 222.524623][T12056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 222.534669][T12056] Call Trace: [ 222.538018][T12056] dump_stack+0x10f/0x19d [ 222.542340][T12056] should_fail+0x23c/0x250 [ 222.546753][T12056] __should_failslab+0x81/0x90 [ 222.551535][T12056] should_failslab+0x5/0x20 [ 222.556120][T12056] kmem_cache_alloc_trace+0x32/0x2c0 [ 222.561408][T12056] ? proc_pid_stack+0x59/0x180 15:52:55 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc008561c, &(0x7f0000000740)={0x0, @pix_mp}) [ 222.566340][T12056] proc_pid_stack+0x59/0x180 [ 222.570949][T12056] proc_single_show+0x84/0x100 [ 222.575724][T12056] seq_read+0x2ee/0x900 [ 222.579883][T12056] do_iter_read+0x3f5/0x480 [ 222.584451][T12056] do_preadv+0x13b/0x230 [ 222.588692][T12056] ? __sb_end_write+0x90/0xe0 [ 222.593531][T12056] ? vfs_write+0x323/0x350 [ 222.597954][T12056] ? check_preemption_disabled+0x51/0x140 [ 222.603817][T12056] ? debug_smp_processor_id+0x18/0x20 [ 222.609194][T12056] ? fpregs_assert_state_consistent+0x7e/0x90 15:52:55 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc040564a, &(0x7f0000000740)={0x0, @pix_mp}) [ 222.615297][T12056] __x64_sys_preadv+0x54/0x60 [ 222.619976][T12056] do_syscall_64+0x51/0xb0 [ 222.624436][T12056] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 222.630317][T12056] RIP: 0033:0x45cb29 [ 222.634217][T12056] Code: Bad RIP value. [ 222.638272][T12056] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 222.646674][T12056] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 222.654636][T12056] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 15:52:55 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0189436, &(0x7f0000000740)={0x0, @pix_mp}) [ 222.662598][T12056] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 222.670559][T12056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 222.678566][T12056] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:52:55 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc040564b, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:55 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc02c5625, &(0x7f0000000740)={0x0, @pix_mp}) [ 222.840947][ T9916] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 223.079449][ T9916] usb 4-1: Using ep0 maxpacket: 8 [ 223.199749][ T9916] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 223.207840][ T9916] usb 4-1: config 0 has no interface number 0 [ 223.214200][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 223.225180][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 223.236213][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 223.246119][ T9916] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 223.259168][ T9916] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 223.268306][ T9916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 223.279789][ T9916] usb 4-1: config 0 descriptor?? [ 223.324622][ T9916] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input17 [ 223.521885][ T9916] usb 4-1: USB disconnect, device number 14 [ 223.539633][ T9916] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:52:57 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 15:52:57 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0xc0045004, &(0x7f00000004c0)) 15:52:57 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc02c5625, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:57 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0205647, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:57 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0445624, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:57 executing program 1 (fault-call:5 fault-nth:18): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:57 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0205648, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:57 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc02c5625, &(0x7f0000000740)={0x0, @pix_mp}) [ 224.078499][T12125] FAULT_INJECTION: forcing a failure. [ 224.078499][T12125] name failslab, interval 1, probability 0, space 0, times 0 [ 224.130293][T12125] CPU: 0 PID: 12125 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 224.139006][T12125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 224.149052][T12125] Call Trace: [ 224.152339][T12125] dump_stack+0x10f/0x19d [ 224.156661][T12125] should_fail+0x23c/0x250 [ 224.161075][T12125] __should_failslab+0x81/0x90 [ 224.165829][T12125] should_failslab+0x5/0x20 [ 224.170320][T12125] kmem_cache_alloc_trace+0x32/0x2c0 [ 224.175595][T12125] ? proc_pid_stack+0x59/0x180 15:52:57 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000740)={0x0, @pix_mp}) [ 224.180459][T12125] proc_pid_stack+0x59/0x180 [ 224.185036][T12125] proc_single_show+0x84/0x100 [ 224.189793][T12125] seq_read+0x2ee/0x900 [ 224.193949][T12125] do_iter_read+0x3f5/0x480 [ 224.198444][T12125] do_preadv+0x13b/0x230 [ 224.202698][T12125] ? __sb_end_write+0x90/0xe0 [ 224.207373][T12125] ? vfs_write+0x323/0x350 [ 224.211808][T12125] ? check_preemption_disabled+0x51/0x140 [ 224.217597][T12125] ? debug_smp_processor_id+0x18/0x20 [ 224.223222][T12125] ? fpregs_assert_state_consistent+0x7e/0x90 [ 224.229288][T12125] __x64_sys_preadv+0x54/0x60 [ 224.234406][T12125] do_syscall_64+0x51/0xb0 [ 224.238866][T12125] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 224.244753][T12125] RIP: 0033:0x45cb29 [ 224.248633][T12125] Code: Bad RIP value. [ 224.252690][T12125] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 224.261236][T12125] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 224.269443][T12125] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 15:52:57 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0485619, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:57 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0xc0045005, &(0x7f00000004c0)) [ 224.277843][T12125] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 224.285807][T12125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 224.293789][T12125] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:52:57 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0205649, &(0x7f0000000740)={0x0, @pix_mp}) [ 224.470695][ T5033] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 224.729466][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 224.869962][ T5033] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 224.878185][ T5033] usb 4-1: config 0 has no interface number 0 [ 224.885468][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 224.896515][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 224.907582][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 224.917484][ T5033] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 224.930690][ T5033] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 224.939805][ T5033] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 224.948696][ T5033] usb 4-1: config 0 descriptor?? [ 225.001851][ T5033] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input18 [ 225.201593][ T5] usb 4-1: USB disconnect, device number 15 [ 225.211543][ T5] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:52:58 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 15:52:58 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:58 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0505609, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:58 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc020660b, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:58 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0xc0045006, &(0x7f00000004c0)) 15:52:58 executing program 1 (fault-call:5 fault-nth:19): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:52:59 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000740)={0x0, @pix_mp}) [ 225.763348][T12190] FAULT_INJECTION: forcing a failure. [ 225.763348][T12190] name failslab, interval 1, probability 0, space 0, times 0 [ 225.795482][T12190] CPU: 1 PID: 12190 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 15:52:59 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc050560f, &(0x7f0000000740)={0x0, @pix_mp}) 15:52:59 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0285628, &(0x7f0000000740)={0x0, @pix_mp}) [ 225.804174][T12190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 225.814244][T12190] Call Trace: [ 225.817532][T12190] dump_stack+0x10f/0x19d [ 225.821855][T12190] should_fail+0x23c/0x250 [ 225.826352][T12190] __should_failslab+0x81/0x90 [ 225.831145][T12190] should_failslab+0x5/0x20 [ 225.835666][T12190] kmem_cache_alloc_trace+0x32/0x2c0 [ 225.840963][T12190] ? proc_pid_stack+0x59/0x180 [ 225.845729][T12190] proc_pid_stack+0x59/0x180 [ 225.850316][T12190] proc_single_show+0x84/0x100 [ 225.855076][T12190] seq_read+0x2ee/0x900 [ 225.859406][T12190] do_iter_read+0x3f5/0x480 15:52:59 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0xc0045007, &(0x7f00000004c0)) [ 225.863911][T12190] do_preadv+0x13b/0x230 [ 225.868182][T12190] ? __sb_end_write+0x90/0xe0 [ 225.872884][T12190] ? vfs_write+0x323/0x350 [ 225.877307][T12190] ? check_preemption_disabled+0x51/0x140 [ 225.883030][T12190] ? debug_smp_processor_id+0x18/0x20 [ 225.888411][T12190] ? fpregs_assert_state_consistent+0x7e/0x90 [ 225.894590][T12190] __x64_sys_preadv+0x54/0x60 [ 225.899268][T12190] do_syscall_64+0x51/0xb0 [ 225.903863][T12190] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 225.909807][T12190] RIP: 0033:0x45cb29 15:52:59 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0505611, &(0x7f0000000740)={0x0, @pix_mp}) [ 225.913687][T12190] Code: Bad RIP value. [ 225.917751][T12190] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 225.926164][T12190] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 225.934136][T12190] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 225.942132][T12190] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 225.950152][T12190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 15:52:59 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0xc0045009, &(0x7f00000004c0)) [ 225.958120][T12190] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 226.119470][ T9916] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 226.359474][ T9916] usb 4-1: Using ep0 maxpacket: 8 [ 226.479859][ T9916] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 226.488014][ T9916] usb 4-1: config 0 has no interface number 0 [ 226.494222][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 226.505258][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 226.516263][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 226.526169][ T9916] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 226.539293][ T9916] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 226.548407][ T9916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.557913][ T9916] usb 4-1: config 0 descriptor?? [ 226.601841][ T9916] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input19 [ 226.813942][ T48] usb 4-1: USB disconnect, device number 16 [ 226.819485][ C1] xpad 4-1:0.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 226.828076][ T48] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:53:00 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 15:53:00 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0285629, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:00 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc02c5625, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:00 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc050565d, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:00 executing program 1 (fault-call:5 fault-nth:20): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:00 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0xc004500a, &(0x7f00000004c0)) [ 227.299854][ T0] NOHZ: local_softirq_pending 08 15:53:00 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc02c5625, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:00 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0xc0045878, &(0x7f00000004c0)) 15:53:00 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc02c5625, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:00 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585604, &(0x7f0000000740)={0x0, @pix_mp}) [ 227.377870][T12252] FAULT_INJECTION: forcing a failure. [ 227.377870][T12252] name failslab, interval 1, probability 0, space 0, times 0 [ 227.443243][T12252] CPU: 1 PID: 12252 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 227.452530][T12252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 227.462571][T12252] Call Trace: [ 227.465852][T12252] dump_stack+0x10f/0x19d [ 227.470183][T12252] should_fail+0x23c/0x250 [ 227.474588][T12252] __should_failslab+0x81/0x90 [ 227.479342][T12252] should_failslab+0x5/0x20 [ 227.483896][T12252] kmem_cache_alloc_trace+0x32/0x2c0 [ 227.489190][T12252] ? proc_pid_stack+0x59/0x180 [ 227.494019][T12252] proc_pid_stack+0x59/0x180 [ 227.498600][T12252] proc_single_show+0x84/0x100 [ 227.503357][T12252] seq_read+0x2ee/0x900 [ 227.507508][T12252] do_iter_read+0x3f5/0x480 [ 227.512009][T12252] do_preadv+0x13b/0x230 [ 227.516244][T12252] ? __sb_end_write+0x90/0xe0 [ 227.520936][T12252] ? vfs_write+0x323/0x350 [ 227.525378][T12252] ? check_preemption_disabled+0x51/0x140 [ 227.531093][T12252] ? debug_smp_processor_id+0x18/0x20 [ 227.536457][T12252] ? fpregs_assert_state_consistent+0x7e/0x90 15:53:00 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0305602, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:00 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0xc0045878, &(0x7f00000004c0)) [ 227.542575][T12252] __x64_sys_preadv+0x54/0x60 [ 227.547241][T12252] do_syscall_64+0x51/0xb0 [ 227.551734][T12252] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 227.557638][T12252] RIP: 0033:0x45cb29 [ 227.562044][T12252] Code: Bad RIP value. [ 227.566182][T12252] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 227.574584][T12252] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 227.583765][T12252] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 227.591799][T12252] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 227.600019][T12252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 227.607988][T12252] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 227.679474][ T48] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 227.919461][ T48] usb 4-1: Using ep0 maxpacket: 8 [ 227.940389][ T0] NOHZ: local_softirq_pending 08 [ 228.039984][ T48] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 228.048306][ T48] usb 4-1: config 0 has no interface number 0 [ 228.055112][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 228.067556][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 228.078981][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 228.089212][ T48] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 228.102917][ T48] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 228.112380][ T48] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 228.121807][ T48] usb 4-1: config 0 descriptor?? [ 228.161977][ T48] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input20 [ 228.361432][ T3919] usb 4-1: USB disconnect, device number 17 [ 228.379488][ T3919] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:53:02 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 15:53:02 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0xc0189436, &(0x7f00000004c0)) 15:53:02 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585605, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:02 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc02c5625, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:02 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0305615, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:02 executing program 1 (fault-call:5 fault-nth:21): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:02 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:02 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0305616, &(0x7f0000000740)={0x0, @pix_mp}) [ 228.916917][T12316] FAULT_INJECTION: forcing a failure. [ 228.916917][T12316] name failslab, interval 1, probability 0, space 0, times 0 [ 228.968808][T12316] CPU: 1 PID: 12316 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 228.977495][T12316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 228.987560][T12316] Call Trace: [ 228.990880][T12316] dump_stack+0x10f/0x19d [ 228.995241][T12316] should_fail+0x23c/0x250 [ 228.999647][T12316] __should_failslab+0x81/0x90 [ 229.004408][T12316] should_failslab+0x5/0x20 [ 229.008940][T12316] kmem_cache_alloc_trace+0x32/0x2c0 [ 229.014219][T12316] ? proc_pid_stack+0x59/0x180 [ 229.019146][T12316] proc_pid_stack+0x59/0x180 [ 229.023728][T12316] proc_single_show+0x84/0x100 [ 229.028570][T12316] seq_read+0x2ee/0x900 [ 229.032721][T12316] do_iter_read+0x3f5/0x480 [ 229.037220][T12316] do_preadv+0x13b/0x230 [ 229.041556][T12316] ? __sb_end_write+0x90/0xe0 [ 229.046416][T12316] ? vfs_write+0x323/0x350 [ 229.050837][T12316] ? check_preemption_disabled+0x51/0x140 [ 229.056641][T12316] ? debug_smp_processor_id+0x18/0x20 [ 229.062099][T12316] ? fpregs_assert_state_consistent+0x7e/0x90 [ 229.068175][T12316] __x64_sys_preadv+0x54/0x60 [ 229.072999][T12316] do_syscall_64+0x51/0xb0 [ 229.077443][T12316] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 229.083326][T12316] RIP: 0033:0x45cb29 [ 229.087200][T12316] Code: Bad RIP value. [ 229.091340][T12316] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 229.099746][T12316] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 229.107707][T12316] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 15:53:02 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0xc020660b, &(0x7f00000004c0)) 15:53:02 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc038563b, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:02 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:02 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585609, &(0x7f0000000740)={0x0, @pix_mp}) [ 229.115754][T12316] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 229.123719][T12316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 229.131701][T12316] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 229.309460][ T48] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 229.579472][ T48] usb 4-1: Using ep0 maxpacket: 8 [ 229.709481][ T48] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 229.717641][ T48] usb 4-1: config 0 has no interface number 0 [ 229.724475][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 229.735802][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 229.747070][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 229.757265][ T48] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 229.770907][ T48] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 229.780347][ T48] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.792136][ T48] usb 4-1: config 0 descriptor?? [ 229.844743][ T48] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input21 [ 230.041393][ T9916] usb 4-1: USB disconnect, device number 18 [ 230.051024][ T9916] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:53:03 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:03 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:03 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x40282, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:53:03 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc038563c, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:03 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc058560f, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:03 executing program 1 (fault-call:5 fault-nth:22): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 230.571878][T12374] FAULT_INJECTION: forcing a failure. [ 230.571878][T12374] name failslab, interval 1, probability 0, space 0, times 0 [ 230.611548][T12374] CPU: 1 PID: 12374 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 15:53:03 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc02c5625, 0x0) [ 230.620255][T12374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 230.630301][T12374] Call Trace: [ 230.633585][T12374] dump_stack+0x10f/0x19d [ 230.637906][T12374] should_fail+0x23c/0x250 [ 230.642317][T12374] __should_failslab+0x81/0x90 [ 230.647076][T12374] should_failslab+0x5/0x20 [ 230.651657][T12374] kmem_cache_alloc_trace+0x32/0x2c0 [ 230.656933][T12374] ? proc_pid_stack+0x59/0x180 [ 230.661731][T12374] proc_pid_stack+0x59/0x180 [ 230.666317][T12374] proc_single_show+0x84/0x100 15:53:03 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 230.671097][T12374] seq_read+0x2ee/0x900 [ 230.675250][T12374] do_iter_read+0x3f5/0x480 [ 230.679769][T12374] do_preadv+0x13b/0x230 [ 230.684005][T12374] ? __sb_end_write+0x90/0xe0 [ 230.688680][T12374] ? vfs_write+0x323/0x350 [ 230.693246][T12374] ? check_preemption_disabled+0x51/0x140 [ 230.698962][T12374] ? debug_smp_processor_id+0x18/0x20 [ 230.704495][T12374] ? fpregs_assert_state_consistent+0x7e/0x90 [ 230.710732][T12374] __x64_sys_preadv+0x54/0x60 [ 230.715429][T12374] do_syscall_64+0x51/0xb0 15:53:03 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc02c5625, 0x0) [ 230.719840][T12374] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 230.725723][T12374] RIP: 0033:0x45cb29 [ 230.729599][T12374] Code: Bad RIP value. [ 230.733769][T12374] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 230.742172][T12374] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 230.750167][T12374] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 230.758161][T12374] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 15:53:04 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:04 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc040563d, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:04 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc02c5625, 0x0) [ 230.766121][T12374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 230.774387][T12374] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:04 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x488243, 0x0) r1 = socket$caif_stream(0x25, 0x1, 0x3) readahead(r1, 0x4, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:53:04 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585611, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:04 executing program 3: syz_usb_connect(0x0, 0x36, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:04 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc058565d, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:04 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc040563e, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:04 executing program 1 (fault-call:5 fault-nth:23): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:04 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585611, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:04 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc040564a, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:04 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0845657, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:04 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585611, &(0x7f0000000740)={0x0, @pix_mp}) [ 231.001709][T12415] FAULT_INJECTION: forcing a failure. [ 231.001709][T12415] name failslab, interval 1, probability 0, space 0, times 0 [ 231.049309][T12415] CPU: 1 PID: 12415 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 231.058025][T12415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.068144][T12415] Call Trace: [ 231.071570][T12415] dump_stack+0x10f/0x19d [ 231.075990][T12415] should_fail+0x23c/0x250 [ 231.080441][T12415] __should_failslab+0x81/0x90 [ 231.085223][T12415] should_failslab+0x5/0x20 [ 231.089756][T12415] kmem_cache_alloc_trace+0x32/0x2c0 [ 231.095039][T12415] ? proc_pid_stack+0x59/0x180 [ 231.099802][T12415] proc_pid_stack+0x59/0x180 [ 231.104442][T12415] proc_single_show+0x84/0x100 [ 231.109206][T12415] seq_read+0x2ee/0x900 [ 231.113361][T12415] do_iter_read+0x3f5/0x480 [ 231.117869][T12415] do_preadv+0x13b/0x230 [ 231.122140][T12415] ? __sb_end_write+0x90/0xe0 [ 231.126889][T12415] ? vfs_write+0x323/0x350 [ 231.131309][T12415] ? check_preemption_disabled+0x51/0x140 [ 231.137205][T12415] ? debug_smp_processor_id+0x18/0x20 [ 231.142591][T12415] ? fpregs_assert_state_consistent+0x7e/0x90 15:53:04 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585611, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:04 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r1) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r3) r4 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r5) r6 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r7) r8 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r9) r10 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, r11, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f00000001c0)=ANY=[@ANYBLOB="020000000100e8510000000002000200", @ANYRES32=0x0, @ANYBLOB="02000200", @ANYRES32=0x0, @ANYBLOB="11004000", @ANYRES32=0x0, @ANYBLOB="02004871", @ANYRES32=r1, @ANYBLOB="02000100", @ANYRES32=r3, @ANYBLOB="02000400", @ANYRES32=r5, @ANYBLOB="02000000", @ANYRES32=r7, @ANYBLOB="02000400", @ANYRES32=r9, @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="040004000000000008000200", @ANYRES32=r11, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="10000400000000002000060000000000"], 0x7c, 0x1) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) [ 231.148762][T12415] __x64_sys_preadv+0x54/0x60 [ 231.153899][T12415] do_syscall_64+0x51/0xb0 [ 231.158336][T12415] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 231.164219][T12415] RIP: 0033:0x45cb29 [ 231.168100][T12415] Code: Bad RIP value. [ 231.172155][T12415] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 231.180751][T12415] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 231.188836][T12415] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 15:53:04 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0585611, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:04 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc040564b, &(0x7f0000000740)={0x0, @pix_mp}) [ 231.196908][T12415] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 231.204873][T12415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 231.212837][T12415] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:04 executing program 3: syz_usb_connect(0x0, 0x36, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:04 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0xffffffffffffffff, r2, 0x0, 0xc, &(0x7f0000000000)='/dev/audio1\x00'}, 0x30) syz_open_procfs(r3, &(0x7f0000000080)='net/if_inet6\x00') r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r4, 0x84, 0x66, &(0x7f0000000040)={r5}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f00000000c0)={r5, 0x2, 0x7, [0xa057, 0x5, 0xfff, 0x1, 0x1, 0x4, 0x3]}, &(0x7f0000000100)=0x16) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000140)={r6, 0x100}, &(0x7f0000000180)=0x8) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) syz_mount_image$btrfs(&(0x7f00000001c0)='btrfs\x00', &(0x7f0000000200)='./file0\x00', 0x4, 0x7, &(0x7f0000000780)=[{&(0x7f0000000300)="a26101bc71b06bc4568e8e91c89914ca014026af4c169cf6022fa5fd35109ff3c5b1f82c799897ad0e7d0c5f6104a0667c7b7bb9d53183b1e9f61fe7baeb080b96d4e72ecb21e953eb872b4ac534386af9b25813a3ce5a5a6be6201347e33c90b7cd0f59d4cbdac72b9d0cbfc1feb98cabb468429911714d34afa85fec939ccfdff88f2a4a4f6878e59c0253055c7c48b94a45995e268ce9249d1dd35a6915656523646a500d172ad3926b", 0xab, 0xfff}, {&(0x7f0000000240)="17734486bd776f3278228feb73449abb65452a72ebce5c13b77702", 0x1b, 0xffffffffffffffff}, {&(0x7f0000000500)="9bea911f5d30f175ddd8e700876af2e2e9dc268d8d532fe5e77256668fb0d99e31649e737198c47d2e23a2a4088e45a7b2143daab991003611e7f582e01e0711860f2edc3b72358450e086c6403cc33ea69512ae9e336d5e6cfdfade1d600b0c433f3dd2457d9fc659475330f352e15bc228121035b909e1f39e59217372be80d88c83a37e429af05f2e9ba8f1c2b776da17fc901f9843ab6e2dfce3a627bc945eba27b2b36f37a4ebbabc09a5d9b9bb4e9c991a322ead6d56e60c0db6dfe120f1eef5bec393de7eb5cd039b4f496710213c2e327ae124b65203f8ea82aa458a525a7b944ff4f5fabd5d18d3448aa3ded8062fc36ce72ee0", 0xf8, 0x81}, {&(0x7f00000003c0)="5667e00b242ae38c4869ce980474523b2c4aa5c5d5f908a3f50d5d4148a15105e98ece97e65a05c6407dfab65d1aece16c8e036e636f85ffd7d70185804230107860ab40a821b617a2c58a929df83d873c744de757d7472f005453a9760aa3244f113f2afa0cfb2ca00387639019d0452cc925b2b465bf922339e95963571d2da9e7067f2c27b584549f169324dd82d6661b146c175764", 0x97, 0x20}, {&(0x7f0000000600)="09bdfac5303837702026285d3ebf69a2dcc78714b80f9e20673676dfd65d6ba545bb81d51d36b8042bce3bd9d8c8340b791a3f83f8cc48776726163f1ea3c27b075d41795d1db56d201351be4d840db5ef673b554eae82a572c65a6c55fbf11287af8fafff83febf52e91cd9beef9e1e3358bbe667a0729dd6", 0x79}, {&(0x7f0000000680)="d9491d002feb5f6dc75978ae4e5fcc249854d04a89707840a36a99122aa2a1aa59dbc17c90f35bf944719367caabb41cded57362b7ab2ac9429eb0fe88959427195bd27ed8ccb41f1600dbbe9b58f37f4bdd9e9359e0f36e820792383c2f4b34e4a03bbe773194e234c842779e0b0a316b54a098806238", 0x77, 0xfff000000000}, {&(0x7f0000000700)="5687a19ba74478659587b84705438bb85b2d338ea4356afe4389684a02a8dfaf0c04b37e68e5739729c8c0321f93b755f13adfff29565d4c41ad9758a1c18f1c98821d", 0x43, 0x1}], 0x20000, &(0x7f0000000280)={[{@noautodefrag='noautodefrag'}, {@space_cache_v1='space_cache=v1'}], [{@appraise='appraise'}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}]}) 15:53:04 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0845658, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:04 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0585611, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:04 executing program 1 (fault-call:5 fault-nth:24): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:04 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0445624, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:04 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0585611, &(0x7f0000000740)={0x0, @pix_mp}) [ 231.507983][T12449] FAULT_INJECTION: forcing a failure. [ 231.507983][T12449] name failslab, interval 1, probability 0, space 0, times 0 [ 231.531195][T12449] CPU: 1 PID: 12449 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 231.539878][T12449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.549923][T12449] Call Trace: [ 231.553450][T12449] dump_stack+0x10f/0x19d [ 231.557861][T12449] should_fail+0x23c/0x250 [ 231.562272][T12449] __should_failslab+0x81/0x90 [ 231.572859][T12449] should_failslab+0x5/0x20 [ 231.577361][T12449] kmem_cache_alloc_trace+0x32/0x2c0 [ 231.582657][T12449] ? proc_pid_stack+0x59/0x180 [ 231.587420][T12449] proc_pid_stack+0x59/0x180 [ 231.592000][T12449] proc_single_show+0x84/0x100 [ 231.596758][T12449] seq_read+0x2ee/0x900 [ 231.600913][T12449] do_iter_read+0x3f5/0x480 15:53:04 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585611, &(0x7f0000000740)={0x0, @pix_mp}) [ 231.605418][T12449] do_preadv+0x13b/0x230 [ 231.609692][T12449] ? __sb_end_write+0x90/0xe0 [ 231.614460][T12449] ? vfs_write+0x323/0x350 [ 231.618874][T12449] ? check_preemption_disabled+0x51/0x140 [ 231.624586][T12449] ? debug_smp_processor_id+0x18/0x20 [ 231.629952][T12449] ? fpregs_assert_state_consistent+0x7e/0x90 [ 231.636063][T12449] __x64_sys_preadv+0x54/0x60 [ 231.640736][T12449] do_syscall_64+0x51/0xb0 [ 231.645551][T12449] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 231.651959][T12449] RIP: 0033:0x45cb29 15:53:04 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0485619, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:04 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0905664, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:04 executing program 1 (fault-call:5 fault-nth:25): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 231.655850][T12449] Code: Bad RIP value. [ 231.659921][T12449] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 231.668323][T12449] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 231.676368][T12449] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 231.684330][T12449] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 231.692410][T12449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 231.700370][T12449] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:05 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585611, &(0x7f0000000740)={0x0, @pix_mp}) [ 231.833254][T12471] FAULT_INJECTION: forcing a failure. [ 231.833254][T12471] name failslab, interval 1, probability 0, space 0, times 0 [ 231.851526][T12471] CPU: 0 PID: 12471 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 231.860292][T12471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.870333][T12471] Call Trace: [ 231.873641][T12471] dump_stack+0x10f/0x19d [ 231.877967][T12471] should_fail+0x23c/0x250 [ 231.882375][T12471] __should_failslab+0x81/0x90 [ 231.887697][T12471] should_failslab+0x5/0x20 [ 231.892192][T12471] kmem_cache_alloc_trace+0x32/0x2c0 [ 231.897471][T12471] ? proc_pid_stack+0x59/0x180 [ 231.902303][T12471] proc_pid_stack+0x59/0x180 [ 231.906886][T12471] proc_single_show+0x84/0x100 [ 231.911652][T12471] seq_read+0x2ee/0x900 [ 231.915803][T12471] do_iter_read+0x3f5/0x480 [ 231.920346][T12471] do_preadv+0x13b/0x230 [ 231.924579][T12471] ? __sb_end_write+0x90/0xe0 [ 231.929297][T12471] ? vfs_write+0x323/0x350 [ 231.933749][T12471] ? check_preemption_disabled+0x51/0x140 [ 231.939468][T12471] ? debug_smp_processor_id+0x18/0x20 [ 231.944830][T12471] ? fpregs_assert_state_consistent+0x7e/0x90 [ 231.950912][T12471] __x64_sys_preadv+0x54/0x60 [ 231.955582][T12471] do_syscall_64+0x51/0xb0 [ 231.959990][T12471] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 231.965867][T12471] RIP: 0033:0x45cb29 [ 231.969738][T12471] Code: Bad RIP value. [ 231.973789][T12471] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 231.982186][T12471] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 231.990140][T12471] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 231.998089][T12471] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 232.006048][T12471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 232.013998][T12471] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:05 executing program 3: syz_usb_connect(0x0, 0x36, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:05 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x44}, 0x0) r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f00000004c0)) 15:53:05 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0505609, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:05 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585611, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:05 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0945662, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:05 executing program 1 (fault-call:5 fault-nth:26): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:05 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0585611, &(0x7f0000000740)={0x0, @pix_mp}) [ 232.403363][T12499] FAULT_INJECTION: forcing a failure. [ 232.403363][T12499] name failslab, interval 1, probability 0, space 0, times 0 [ 232.433807][T12499] CPU: 1 PID: 12499 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 15:53:05 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc050560f, &(0x7f0000000740)={0x0, @pix_mp}) [ 232.447489][T12499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 232.457895][T12499] Call Trace: [ 232.461880][T12499] dump_stack+0x10f/0x19d [ 232.466210][T12499] should_fail+0x23c/0x250 [ 232.470669][T12499] __should_failslab+0x81/0x90 [ 232.475471][T12499] should_failslab+0x5/0x20 [ 232.480146][T12499] kmem_cache_alloc_trace+0x32/0x2c0 [ 232.487236][T12499] ? proc_pid_stack+0x59/0x180 [ 232.492003][T12499] proc_pid_stack+0x59/0x180 [ 232.496630][T12499] proc_single_show+0x84/0x100 15:53:05 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0505611, &(0x7f0000000740)={0x0, @pix_mp}) [ 232.501382][T12499] seq_read+0x2ee/0x900 [ 232.505535][T12499] do_iter_read+0x3f5/0x480 [ 232.510112][T12499] do_preadv+0x13b/0x230 [ 232.514354][T12499] ? __sb_end_write+0x90/0xe0 [ 232.519027][T12499] ? vfs_write+0x323/0x350 [ 232.523446][T12499] ? check_preemption_disabled+0x51/0x140 [ 232.529231][T12499] ? debug_smp_processor_id+0x18/0x20 [ 232.534603][T12499] ? fpregs_assert_state_consistent+0x7e/0x90 [ 232.540672][T12499] __x64_sys_preadv+0x54/0x60 [ 232.545407][T12499] do_syscall_64+0x51/0xb0 15:53:05 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc050565d, &(0x7f0000000740)={0x0, @pix_mp}) [ 232.549855][T12499] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 232.555743][T12499] RIP: 0033:0x45cb29 [ 232.561592][T12499] Code: Bad RIP value. [ 232.565655][T12499] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 232.574059][T12499] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 232.582047][T12499] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 232.590018][T12499] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 15:53:05 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05667, &(0x7f0000000740)={0x0, @pix_mp}) [ 232.598016][T12499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 232.606676][T12499] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:05 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0e85667, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:06 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:06 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585604, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:06 executing program 1 (fault-call:5 fault-nth:27): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:06 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0585611, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:06 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:06 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585605, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:06 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x2, @pix_mp}) [ 233.006393][T12528] FAULT_INJECTION: forcing a failure. [ 233.006393][T12528] name failslab, interval 1, probability 0, space 0, times 0 [ 233.053017][T12528] CPU: 0 PID: 12528 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 233.061712][T12528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 233.071822][T12528] Call Trace: [ 233.075191][T12528] dump_stack+0x10f/0x19d [ 233.079521][T12528] should_fail+0x23c/0x250 [ 233.083937][T12528] __should_failslab+0x81/0x90 [ 233.088707][T12528] should_failslab+0x5/0x20 [ 233.093257][T12528] kmem_cache_alloc_trace+0x32/0x2c0 [ 233.098534][T12528] ? proc_pid_stack+0x59/0x180 [ 233.103290][T12528] proc_pid_stack+0x59/0x180 [ 233.107876][T12528] proc_single_show+0x84/0x100 [ 233.112828][T12528] seq_read+0x2ee/0x900 [ 233.116984][T12528] do_iter_read+0x3f5/0x480 [ 233.122026][T12528] do_preadv+0x13b/0x230 [ 233.126263][T12528] ? __sb_end_write+0x90/0xe0 [ 233.130962][T12528] ? vfs_write+0x323/0x350 [ 233.135376][T12528] ? check_preemption_disabled+0x51/0x140 [ 233.141132][T12528] ? debug_smp_processor_id+0x18/0x20 [ 233.148095][T12528] ? fpregs_assert_state_consistent+0x7e/0x90 [ 233.154359][T12528] __x64_sys_preadv+0x54/0x60 [ 233.160347][T12528] do_syscall_64+0x51/0xb0 [ 233.164878][T12528] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 233.171808][T12528] RIP: 0033:0x45cb29 [ 233.175773][T12528] Code: Bad RIP value. [ 233.179831][T12528] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 233.188271][T12528] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 15:53:06 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0585611, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:06 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585609, &(0x7f0000000740)={0x0, @pix_mp}) [ 233.197915][T12528] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 233.205905][T12528] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 233.213872][T12528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 233.221865][T12528] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:06 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585611, 0x0) 15:53:06 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc058560f, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:06 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x3, @pix_mp}) [ 233.299453][ T3919] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 233.579532][ T3919] usb 4-1: device descriptor read/64, error 18 [ 233.969427][ T3919] usb 4-1: device descriptor read/64, error 18 [ 234.239442][ T3919] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 234.509457][ T3919] usb 4-1: device descriptor read/64, error 18 [ 234.899538][ T3919] usb 4-1: device descriptor read/64, error 18 [ 235.019501][ T3919] usb usb4-port1: attempt power cycle [ 235.739474][ T3919] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 235.909482][ T3919] usb 4-1: device descriptor read/8, error -61 15:53:09 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:09 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585611, 0x0) 15:53:09 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x4, @pix_mp}) 15:53:09 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585611, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:09 executing program 1 (fault-call:5 fault-nth:28): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:09 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="54000000020101080700000000000000090000ee400001802c0001801400030018010000000000000000000000008ed4157504002001000000000000000000000000000106000340bccb686b58b645750340000400"/94], 0x54}, 0x1, 0x0, 0x0, 0x4004800}, 0x11) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) fcntl$setflags(r3, 0x2, 0x1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x80600, 0x0) r6 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000040)='NET_DM\x00') sendmsg$NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r6, 0x100, 0x70bd2a, 0x25dfdbfd, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8080}, 0x4) sendmsg$NET_DM_CMD_START(r5, &(0x7f0000000140)={&(0x7f0000000080), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r6, 0x20, 0x70bd29, 0x25dfdbff, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4004}, 0x4000051) r7 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$RTC_ALM_SET(r7, 0x40247007, &(0x7f0000000000)={0x37, 0x3a, 0xb, 0x19, 0xa, 0x9, 0x0, 0x86, 0xffffffffffffffff}) ioctl$HIDIOCGUSAGE(0xffffffffffffffff, 0xc018480b, &(0x7f0000000180)={0x1, 0x200, 0x400, 0x8, 0x6, 0x3}) 15:53:09 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp}) 15:53:09 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc058565d, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:09 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585611, 0x0) [ 236.079554][T12567] FAULT_INJECTION: forcing a failure. [ 236.079554][T12567] name failslab, interval 1, probability 0, space 0, times 0 [ 236.119459][ T3919] usb 4-1: device descriptor read/8, error -71 [ 236.147873][T12567] CPU: 0 PID: 12567 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 236.156576][T12567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 236.166625][T12567] Call Trace: [ 236.169914][T12567] dump_stack+0x10f/0x19d [ 236.174247][T12567] should_fail+0x23c/0x250 [ 236.178689][T12567] __should_failslab+0x81/0x90 [ 236.183548][T12567] should_failslab+0x5/0x20 [ 236.188043][T12567] kmem_cache_alloc_trace+0x32/0x2c0 [ 236.193322][T12567] ? proc_pid_stack+0x59/0x180 15:53:09 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x6, @pix_mp}) 15:53:09 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0845657, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:09 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$RTC_AIE_OFF(r1, 0x7002) r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f00000004c0)) r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r3, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x66, &(0x7f0000000040)={r4}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000000)=@assoc_value={r4, 0x1}, 0x8) [ 236.198073][T12567] proc_pid_stack+0x59/0x180 [ 236.202656][T12567] proc_single_show+0x84/0x100 [ 236.207418][T12567] seq_read+0x2ee/0x900 [ 236.211576][T12567] do_iter_read+0x3f5/0x480 [ 236.216078][T12567] do_preadv+0x13b/0x230 [ 236.220314][T12567] ? __sb_end_write+0x90/0xe0 [ 236.224985][T12567] ? vfs_write+0x323/0x350 [ 236.229406][T12567] ? check_preemption_disabled+0x51/0x140 [ 236.235118][T12567] ? debug_smp_processor_id+0x18/0x20 [ 236.240477][T12567] ? fpregs_assert_state_consistent+0x7e/0x90 [ 236.246538][T12567] __x64_sys_preadv+0x54/0x60 [ 236.251215][T12567] do_syscall_64+0x51/0xb0 [ 236.255633][T12567] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 236.261536][T12567] RIP: 0033:0x45cb29 [ 236.265413][T12567] Code: Bad RIP value. [ 236.269464][T12567] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 236.277868][T12567] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 236.285837][T12567] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 236.293805][T12567] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 236.301777][T12567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 236.309853][T12567] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 236.709463][ T3919] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 236.900743][ T3919] usb 4-1: device descriptor read/8, error -61 [ 237.209558][ T3919] usb 4-1: device descriptor read/8, error -61 [ 237.340301][ T3919] usb usb4-port1: unable to enumerate USB device 15:53:12 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:12 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0845658, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:12 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x7, @pix_mp}) 15:53:12 executing program 4: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 15:53:12 executing program 1 (fault-call:5 fault-nth:29): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:12 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) r1 = semget(0x1, 0x4, 0x0) semctl$IPC_RMID(r1, 0x0, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$DRM_IOCTL_MODE_GETPROPERTY(r3, 0xc04064aa, &(0x7f0000000200)={&(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[{}, {}, {}], 0x2, 0x0, [], 0x8, 0x3}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x70, 0x2, 0x6, 0x5, 0x0, 0x0, {0xa, 0x0, 0x5}, [@IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_SIZE={0x8, 0x17, 0x1, 0x0, 0x2}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x1}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0xffff}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x1000}, @IPSET_ATTR_MARK={0x8}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0x7f}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x70}}, 0x8042) 15:53:12 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x8, @pix_mp}) 15:53:12 executing program 2: r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video0\x00', 0x2, 0x0) ioctl$FITHAW(r0, 0xc0045878) r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f00000004c0)) 15:53:12 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0905664, &(0x7f0000000740)={0x0, @pix_mp}) [ 239.135037][T12610] FAULT_INJECTION: forcing a failure. [ 239.135037][T12610] name failslab, interval 1, probability 0, space 0, times 0 [ 239.174805][T12610] CPU: 0 PID: 12610 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 15:53:12 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x9, @pix_mp}) 15:53:12 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0945662, &(0x7f0000000740)={0x0, @pix_mp}) [ 239.183509][T12610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 239.193564][T12610] Call Trace: [ 239.196856][T12610] dump_stack+0x10f/0x19d [ 239.201189][T12610] should_fail+0x23c/0x250 [ 239.205597][T12610] __should_failslab+0x81/0x90 [ 239.210360][T12610] should_failslab+0x5/0x20 [ 239.214862][T12610] kmem_cache_alloc_trace+0x32/0x2c0 [ 239.220162][T12610] ? proc_pid_stack+0x59/0x180 [ 239.225036][T12610] proc_pid_stack+0x59/0x180 [ 239.229621][T12610] proc_single_show+0x84/0x100 15:53:12 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xa, @pix_mp}) [ 239.234379][T12610] seq_read+0x2ee/0x900 [ 239.238535][T12610] do_iter_read+0x3f5/0x480 [ 239.243033][T12610] do_preadv+0x13b/0x230 [ 239.247269][T12610] ? __sb_end_write+0x90/0xe0 [ 239.251964][T12610] ? vfs_write+0x323/0x350 [ 239.256374][T12610] ? check_preemption_disabled+0x51/0x140 [ 239.262091][T12610] ? debug_smp_processor_id+0x18/0x20 [ 239.268764][T12610] ? fpregs_assert_state_consistent+0x7e/0x90 [ 239.274906][T12610] __x64_sys_preadv+0x54/0x60 [ 239.279575][T12610] do_syscall_64+0x51/0xb0 [ 239.283994][T12610] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 239.289875][T12610] RIP: 0033:0x45cb29 [ 239.293754][T12610] Code: Bad RIP value. [ 239.297807][T12610] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 239.306211][T12610] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 239.314175][T12610] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 239.323094][T12610] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 239.331056][T12610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 239.339018][T12610] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 239.509498][ T9916] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 239.679496][ T3919] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 239.769598][ T9916] usb 5-1: Using ep0 maxpacket: 8 [ 239.909935][ T9916] usb 5-1: config 0 has an invalid interface number: 65 but max is 0 [ 239.918009][ T9916] usb 5-1: config 0 has no interface number 0 [ 239.924708][ T9916] usb 5-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 239.936334][ T9916] usb 5-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 239.948088][ T9916] usb 5-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 239.958198][ T9916] usb 5-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 239.971625][ T3919] usb 4-1: device descriptor read/64, error 18 [ 239.977816][ T9916] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 239.987483][ T9916] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 239.997734][ T9916] usb 5-1: config 0 descriptor?? [ 240.045230][ T9916] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.65/input/input22 [ 240.248059][ T9916] usb 5-1: USB disconnect, device number 2 [ 240.265346][ T9916] xpad 5-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 240.359445][ T3919] usb 4-1: device descriptor read/64, error 18 [ 240.639473][ T3919] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 240.929464][ T3919] usb 4-1: device descriptor read/64, error 18 [ 241.359442][ T3919] usb 4-1: device descriptor read/64, error 18 [ 241.490785][ T3919] usb usb4-port1: attempt power cycle 15:53:15 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:15 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xb, @pix_mp}) 15:53:15 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05667, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:15 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) r1 = add_key(&(0x7f0000000100)='asymmetric\x00', &(0x7f0000001000), &(0x7f0000001000)="2e989cc9f58ec796be4720e6160291a2fb7c6445e84b8e9e349ead029fe38d5810bf992b5d51f406a51cc339021268aed6f767582af42dbc8ea1110e4353fcf30b20f1f27ed3b44bef6444f8ca6a808e34ded636ef55e151c11b4ef7a5384f4a0ceb885759dfeeca5aaa540de461d2130755897533032f5639c4ba79988a49d630", 0x81, 0xfffffffffffffffc) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x400000, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f00000000c0)=0x9) r3 = getpid() sched_setattr(r3, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) ioctl$TIOCSPGRP(r2, 0x5410, &(0x7f0000000140)=r3) keyctl$read(0xb, r1, 0x0, 0x0) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r6, 0x4c82) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYRESHEX=r6, @ANYRES32=r1, @ANYRES32=r5]) 15:53:15 executing program 1 (fault-call:5 fault-nth:30): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:15 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0845658, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:15 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0285629, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:15 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xc, @pix_mp}) 15:53:15 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0e85667, &(0x7f0000000740)={0x0, @pix_mp}) [ 242.180577][T12679] FAULT_INJECTION: forcing a failure. [ 242.180577][T12679] name failslab, interval 1, probability 0, space 0, times 0 [ 242.234857][T12679] CPU: 1 PID: 12679 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 242.243545][T12679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 242.253618][T12679] Call Trace: [ 242.256910][T12679] dump_stack+0x10f/0x19d [ 242.261232][T12679] should_fail+0x23c/0x250 [ 242.265651][T12679] __should_failslab+0x81/0x90 [ 242.270412][T12679] should_failslab+0x5/0x20 [ 242.274904][T12679] kmem_cache_alloc_trace+0x32/0x2c0 [ 242.280179][T12679] ? proc_pid_stack+0x59/0x180 15:53:15 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) r4 = dup(r3) ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f0000000140)={0xff00000000000000, 0x12, 0x0, r4}) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000000)=ANY=[@ANYBLOB="080000000000000001f8ffffffffffff0800000073c414750500000000000000d6000000000000000500000000000000040000000000000000000000000000000000000000000000800000000000000000006aeea8cb14b26625ef000000000000f5ffffffffffffff0500000000000000040000000000000000000000000000000000000000000000002000000000000000000000000000000100000000000000be096e69000000008000000000000000001e00bbb704bd25ce000000000000000000000000000008000000000000000000000000000040000000000000000400000000000000000000000000000000008b00000000000000000000000000013c0000000000000000000000000000df0000000000000006000000000000003f00000000000000000000000004060000000000000000"]) 15:53:15 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0285629, &(0x7f0000000740)={0x0, @pix_mp}) [ 242.284934][T12679] proc_pid_stack+0x59/0x180 [ 242.289513][T12679] proc_single_show+0x84/0x100 [ 242.294303][T12679] seq_read+0x2ee/0x900 [ 242.298545][T12679] do_iter_read+0x3f5/0x480 [ 242.303040][T12679] do_preadv+0x13b/0x230 [ 242.307367][T12679] ? __sb_end_write+0x90/0xe0 [ 242.312038][T12679] ? vfs_write+0x323/0x350 [ 242.316443][T12679] ? check_preemption_disabled+0x51/0x140 [ 242.322150][T12679] ? debug_smp_processor_id+0x18/0x20 [ 242.327512][T12679] ? fpregs_assert_state_consistent+0x7e/0x90 15:53:15 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x200}], 0x30}, 0x0) write$binfmt_script(r1, &(0x7f00000000c0)=ANY=[], 0x271) recvmmsg(r1, &(0x7f0000004ec0)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000500)=""/84, 0x281}, {&(0x7f0000000640)=""/114, 0x1ac}, {&(0x7f0000000280)=""/106, 0x6a}, {&(0x7f0000000340)=""/233, 0xe9}], 0x4}}], 0x400000000000150, 0x0, 0x0) r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f00000004c0)) [ 242.333571][T12679] __x64_sys_preadv+0x54/0x60 [ 242.338259][T12679] do_syscall_64+0x51/0xb0 [ 242.342744][T12679] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 242.348621][T12679] RIP: 0033:0x45cb29 [ 242.352607][T12679] Code: Bad RIP value. [ 242.356659][T12679] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 242.365057][T12679] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 242.373072][T12679] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 242.381037][T12679] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 242.388998][T12679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 242.396964][T12679] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 242.699473][ T3919] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 242.869793][ T3919] usb 4-1: device descriptor read/8, error -61 [ 243.149664][ T3919] usb 4-1: device descriptor read/8, error -61 [ 243.419467][ T3919] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 243.589800][ T3919] usb 4-1: device descriptor read/8, error -61 [ 243.859484][ T3919] usb 4-1: device descriptor read/8, error -61 [ 243.979483][ T3919] usb usb4-port1: unable to enumerate USB device 15:53:18 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:18 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0285629, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:18 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:18 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xd, @pix_mp}) 15:53:18 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) r1 = semget$private(0x0, 0x8, 0x0) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0x200}], 0x1, 0x0) semop(r1, &(0x7f00000000c0)=[{}], 0x1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) connect$pptp(r3, &(0x7f0000000100)={0x18, 0x2, {0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x1e) semctl$IPC_RMID(r1, 0x0, 0x0) semctl$GETVAL(r1, 0x1, 0xc, &(0x7f0000000000)=""/161) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:53:18 executing program 1 (fault-call:5 fault-nth:31): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:18 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xe, @pix_mp}) 15:53:18 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x2, @pix_mp}) 15:53:18 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0285629, &(0x7f0000000740)={0x0, @pix_mp}) [ 245.211108][T12721] FAULT_INJECTION: forcing a failure. [ 245.211108][T12721] name failslab, interval 1, probability 0, space 0, times 0 15:53:18 executing program 2: prctl$PR_SET_FP_MODE(0x2d, 0x2) ioctl$SNDCTL_DSP_GETOSPACE(0xffffffffffffffff, 0x8010500c, &(0x7f00000004c0)) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x100, 0x0) ioctl$SNDCTL_DSP_GETBLKSIZE(r0, 0xc0045004, &(0x7f0000000040)) 15:53:18 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x3, @pix_mp}) [ 245.302591][T12721] CPU: 0 PID: 12721 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 245.311325][T12721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 245.321389][T12721] Call Trace: [ 245.324671][T12721] dump_stack+0x10f/0x19d [ 245.329009][T12721] should_fail+0x23c/0x250 [ 245.333415][T12721] __should_failslab+0x81/0x90 [ 245.338260][T12721] should_failslab+0x5/0x20 [ 245.342770][T12721] kmem_cache_alloc_trace+0x32/0x2c0 [ 245.348050][T12721] ? proc_pid_stack+0x59/0x180 15:53:18 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x4, @pix_mp}) [ 245.352808][T12721] proc_pid_stack+0x59/0x180 [ 245.357392][T12721] proc_single_show+0x84/0x100 [ 245.362147][T12721] seq_read+0x2ee/0x900 [ 245.362641][T12737] Unknown ioctl -1073459196 [ 245.366371][T12721] do_iter_read+0x3f5/0x480 [ 245.375320][T12721] do_preadv+0x13b/0x230 [ 245.379561][T12721] ? __sb_end_write+0x90/0xe0 [ 245.384287][T12721] ? vfs_write+0x323/0x350 [ 245.388767][T12721] ? check_preemption_disabled+0x51/0x140 [ 245.394486][T12721] ? debug_smp_processor_id+0x18/0x20 [ 245.399879][T12721] ? fpregs_assert_state_consistent+0x7e/0x90 [ 245.405948][T12721] __x64_sys_preadv+0x54/0x60 [ 245.410625][T12721] do_syscall_64+0x51/0xb0 [ 245.415073][T12721] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 245.420956][T12721] RIP: 0033:0x45cb29 [ 245.424834][T12721] Code: Bad RIP value. [ 245.428887][T12721] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 245.437319][T12721] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 245.445286][T12721] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 245.453254][T12721] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 245.461308][T12721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 245.469273][T12721] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 245.610776][ T3964] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 245.889453][ T3964] usb 4-1: device descriptor read/64, error 18 [ 246.279470][ T3964] usb 4-1: device descriptor read/64, error 18 [ 246.549476][ T3964] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 246.819491][ T3964] usb 4-1: device descriptor read/64, error 18 [ 247.239484][ T3964] usb 4-1: device descriptor read/64, error 18 [ 247.360640][ T3964] usb usb4-port1: attempt power cycle [ 248.089446][ T3964] usb 4-1: new high-speed USB device number 29 using dummy_hcd 15:53:21 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:21 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0285629, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:21 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5, @pix_mp}) 15:53:21 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x10, @pix_mp}) 15:53:21 executing program 1 (fault-call:5 fault-nth:32): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:21 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r2) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = syz_genetlink_get_family_id$netlbl_mgmt(0x0) sendmsg$NLBL_MGMT_C_PROTOCOLS(r5, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, r6, 0x2, 0x70bd2a, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000080) sendmsg$NLBL_MGMT_C_REMOVE(r2, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x70, r6, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @remote}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @loopback}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @remote}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}, @NLBL_MGMT_A_DOMAIN={0x10, 0x1, '/dev/audio1\x00'}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @remote}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}]}, 0x70}, 0x1, 0x0, 0x0, 0x44001}, 0x10805) syz_genetlink_get_family_id$SEG6(&(0x7f0000000140)='SEG6\x00') 15:53:21 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0285629, &(0x7f0000000740)={0x0, @pix_mp}) [ 248.219496][ T3964] usb 4-1: device descriptor read/8, error -71 15:53:21 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0285629, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:21 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x11, @pix_mp}) 15:53:21 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x6, @pix_mp}) [ 248.272690][T12761] FAULT_INJECTION: forcing a failure. [ 248.272690][T12761] name failslab, interval 1, probability 0, space 0, times 0 [ 248.336936][T12761] CPU: 1 PID: 12761 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 248.345769][T12761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 248.355820][T12761] Call Trace: [ 248.359109][T12761] dump_stack+0x10f/0x19d [ 248.363458][T12761] should_fail+0x23c/0x250 [ 248.367896][T12761] __should_failslab+0x81/0x90 [ 248.372754][T12761] should_failslab+0x5/0x20 [ 248.377257][T12761] kmem_cache_alloc_trace+0x32/0x2c0 [ 248.382540][T12761] ? proc_pid_stack+0x59/0x180 [ 248.387303][T12761] proc_pid_stack+0x59/0x180 [ 248.391895][T12761] proc_single_show+0x84/0x100 [ 248.396656][T12761] seq_read+0x2ee/0x900 [ 248.400812][T12761] do_iter_read+0x3f5/0x480 [ 248.405315][T12761] do_preadv+0x13b/0x230 [ 248.410694][T12761] ? __sb_end_write+0x90/0xe0 [ 248.415396][T12761] ? vfs_write+0x323/0x350 [ 248.419821][T12761] ? check_preemption_disabled+0x51/0x140 [ 248.425534][T12761] ? debug_smp_processor_id+0x18/0x20 [ 248.430899][T12761] ? fpregs_assert_state_consistent+0x7e/0x90 [ 248.437013][T12761] __x64_sys_preadv+0x54/0x60 [ 248.442086][T12761] do_syscall_64+0x51/0xb0 [ 248.446946][T12761] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 248.452847][T12761] RIP: 0033:0x45cb29 [ 248.456722][T12761] Code: Bad RIP value. [ 248.460773][T12761] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 248.469179][T12761] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 248.477179][T12761] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 15:53:21 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0285629, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:21 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0285629, &(0x7f0000000740)={0x0, @pix_mp}) [ 248.485159][T12761] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 248.493120][T12761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 248.501084][T12761] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 248.601042][ T3964] usb 4-1: device descriptor read/8, error -71 [ 249.089437][ T3964] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 249.259454][ T3964] usb 4-1: device descriptor read/8, error -61 [ 249.529452][ T3964] usb 4-1: device descriptor read/8, error -61 [ 249.649466][ T3964] usb usb4-port1: unable to enumerate USB device 15:53:24 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e0000000109022400010000"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:24 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0285629, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:24 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x12, @pix_mp}) 15:53:24 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x7, @pix_mp}) 15:53:24 executing program 1 (fault-call:5 fault-nth:33): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:24 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r2 = dup3(r0, r1, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000080)={&(0x7f0000000500)="d460571f76bdad627586bd17d4e867565c36d0ddc9488bcc45ac2fc6563cc86b71ad257fe762e4b9834cef20a5e07efc6287aa630962199602c7b98c028dcf7c43bc8b335a924e409772f52d8d62a9a8b02f02f5e92d564d040e90d35de4ac5259857446e25d756628ca8944bf58313f0ba7b058794dd71290821a5607b5e1424b42553113fd3ebae1105ad1e4e538f96ea72e181c828b190c02a5be5961766a402cf24d31af2a05947b3b313c26a4376cd7afea6f7c31141a2c8aaaf22953b5ca6d25819aafb6c4d2ab117bc8bfb59aeedaa441cbc93398fd4590512cfc4f22f83d4fdc7dca1a23a51ed08a0afb6e1c1f13406c8482fd9bd64ff209992b9a10a80db1474b82edad67a21c7a7e49445cd1051c7b2777c5d0b38b97e516d4c68ac0bcb02436a65c28c3113da09227a45ab9ce5fb0de6aa8c6364ce5053a9ec1bb9859731a49b90ef0adc0d5bd322df5a8dec82e2d6f1b893b92ede7ae588127fa3c3933fac809e64a0f747819d616d0e5e7f79578e04b0a7d4ba70040aa06703432f404f1e504e9c9028b27c40d451acea07308bb480b31b0ef9eccc7ca15d4585baca05cbd44f34cb4651f0aa894a59d71a3f8845295a06c816c481d87e9c7bd0ee5038bed3c4c6ebc8b10511c5eb3e7a996520e8bad25ae0772a450b552c8da6569c76f4faae56eab09c93f6edf455b97ca82b181b5597fad3961f6d95bfd97d1c766f82d54360be4098917a60bf7dec9df52660697f38ea3ada3dee0ac412d8cf37f3355c7723a4590084a17d736c1b29c4aa38461ae7cacbb574b0d35556d57cdd66fbf539b7b2f92b7ce34eab98f6915f379718a6c9d4ac7befb537af7ca0936e8a5ea1c7dffc25004bc97bfd784300d16fc4353d62cf63e3ace569f8242930d767cdbc4048dca3bc7a6202802d2bbdc580d54fe9bec91bb172952ddc15d8b2ba7634d964bc923e5cc5a2973bd85875ea18a8a1391f75b44397cef55e7ff22e6e9dae1c8fcc8360ab10875b929d365be3e7dd9c54edcf0d6e11806fda1fe29fec7660bc96707be62448936ed4c36829381e3f2dac4f27151c723a0e44a85888a17b460acbbeefae96b9e1d7d926a6e80b2d5755f6851386eb37b40f9c1c24cee60ec15bd5bc53ab4286b9e9547300730344bfd88607080d5e2354767f92efe0178c86d9e85539a7d4561467c52758197395bf2bdee72ca229c51f9cffb629d1a5d3ffb5e38d33f67413c4497d7c8cf26b2101cb0ed308b59361b905d4a9741e1324da2a07c993d33dfcdf5faf93b10f2bd55e7838b3bdaaf410244e2e49a2c2ff7a1c762ee49ac667949564785a026b959167ed7d2deb60a9424db506dfabebb596a93715da06bd35e0f93bf3acff6b85ec926eb45486f364b5c0ee5ed5bc769af2382c28e5067189bef5d21cc427232b910713d7957a58b290e9e0b45a8e322f03f28e5277857905c6fb84682bc28800e694a01183d5a4306f388e53ba04f720c9f11c1cd25dc49c0d0daf4e06a589ffdeb9a3a6b6337df05ddbe6670ac99cfa084f6e3f70b79491550148cc391f881b2fa7ec61d328dfc741fbd4413243de79067af28c9d27c5439435cf1aec441f08063d6efeddc80e34522e986c563bb4f5907d78eea32c193a44ef3c61ffc348c84b6ae511c2854957eec024b685008e6617da883febbce917e76ecfd724db01fa9682c33ff39106b62ccc44d128fd70e5e4333fbd6942fbbc72ce4b2d59e07d4b79cbe6a9d53dfa5a2b4ae1501cddc6c353a8e2a790f8337dd6c8511b8a9381f7704221dae200b7e41edcc1f7e576d199507a6bd069d3c71e652825c90cd0685ad7a52b9dd82bd910d4bc49f45a5a2115bef3246c94f480c4b7cacb1b8a05f8eefe5655f9ebefcbd61c7cd7cf30a69200509b401412ac67c683ccb0a9df2401bb3935ebad5685d406cb5355e114b1c103613a63ab4181bf89b919c50ae81a5efbd05c6187901412fd07a3c1db3fab3a1dc952032b42791a84fe4b830b6cd94f09a579038ff6a08a3c9ebb5edf51efdac54f25434a4b7a59af7c56855c1eae84141543a96f5c9dd6ae27745e75f0f680e5fa4c765073fa052a7a7649b15e1b5891f7af4202c61ee65d7578a2e4a16803a215a3c3a04db87be7298aea75111c099c21cbd196553bfc539214e69ace4d92fc13e6711665b8685c8983552bfa411c63014df799cbca8d196c1a3f0574e8860ef41ebb05a48561ba0a00bff6e3c5d01db81db788e398693685a629a0d800a0fb271a7f3b005d697adbee89abe663d233077462e58e7b6ef8b074710b28015305adb7985332df9b9b024fcb71b3acc2a7a8014bf770f5b22eb2377d7f0fef3b18fcfc7933d564a02ffaa6e1d870b99b08d76cf8c96ec0797860d4a28dd509c3574913b884378b31df4dd78797eeea0b0a6d3b8726631b419b9b4097c7afed179a9f17c0469711d17ad3e69f3aca1ffe8723594b4428823e675912d29ffd1310f91f609de53eef592b3ca1ea92b7ea204f0d0ab5962587005ab75e417f859f822166a9fbcd433e53d3b261fc0b75c048297ee72674a77c6e8518ce547e297b36f0a640fb50dcb786ffd7a74788f5f2340fcadab89043aeef8cf4fb60dcd4aa9923b69ac5487127163ffed6b1a4345a08213d48f5613bc84178579de67f22c7fd22bd7344ccc95589c420d64d7deb905c3aaad955608f0be060575c4425cbd4c271aacc6de0ebf1ba79e98d43078508de396f42f65513913acc9cd276227f12c9fb9427811b75c6970d35117e81b1e6b4fc9d24b10f1a1b820d32a3c89c49afed6c44d0d6d8a822a4fab5604b8fd1fee8f7e6f09f606aaa1ed91ea5c1cee5f43dc7d936849dcd43172cb2dc2e4f694c2cb67222e08485c91be7e69b714c8292bf7f64504501008f368ca14cba501e19b3a7651019586b29ec8b5810d7fd01f6b63275f5479a7ebc96e8fb528fb299720d2eafe843c17fb304fc787a9be8e0f99459b39e7af658bf960917ef7071f8de46baff98311a847d7ab844e5717ff1c7562c07ae5f5b19a414cafbbcc9d0b03f3b0e60a50d0097467ee5ee5febc266619f404965ef09f5e0b5fa61174337ebabf27a8f6255517955384010132e1b0835f3f553de8df6b27d1c16ab268e5c864155d16ff71d1f86d4bf4771a62c968314ec62a42587e3eea5b6945d0e157c490c57956d80c857de6a51672222df5b7f1d07d5e4502474c51ada1980007e328880fd1534d1ffe36e46bb77f16569f3493c9365da2ab7280fc79869bf7e3360268dad2caafb76b81c421ad1cd49045a4d35a442bf3556b07a3c94c071f74ba20d007de99bb149702cad23fffbddf27cd5aa7b2c9f3ddd82a0c8ee41ae631d53d3114891547924a08d591a4d67595f06017affad64eb658458e8513d1a30e0f74049e0d5033e2306c788292d99503ae34bf72fd14f6c05e9b81e36469d25e8d1b49a716a2b01f622a8d57dbaf5c1e417e274cfa91544aad6789f853716c1b762751057214e494fc9bef3f573a48195a11483740344a4c3d67510a8d02dcf240826ef5f973bf99616ffcf160de0a123e1510b8e0261db71b44988d44ae4653a54544d566718dab548060fd766fbf622fd55427c913cc5fd75a9f543e0996fe72bea0e29209a8b29c14391d4db0d881a7d1013f9e1fd81d42eeac13cd03218d8d659262d9b334ea5b16a9915a36633b631964ac85710204f16b333c9d6cc2a1d5bb8f260ed4f8fb2634bcca0c4ed2faf9fe68280bcf1a97a352fc3e5cb8a21a97d1fc51264bd7e43c0ae4563b94df22df2ee067c56ca5ad891c36e7124801912d4655915dfc9933d759ccd1abec1291ed9db58e424f895f84ee23eee859a6643dcf6292fbf41566f3f43f347da1c9841b929cb3c6edfada4696dd3cef1207e6245d04f91e4b851b55b1ce406873009818a79b62f98fd1af39c07a5c9772533d90f9d43760d64b72cfb0981c8e45e1280428a4842aa4596d167c52216828d7a52b94eab13dc9859d5744a693cb596b6066a30c660dd56227f0876fa2631d92304538967a95772c5d9a2893c285f03116457f350fc01fb67b36acc34b295b3e4764eb293500d391013ad5d6ebbbb3c262d66885c683b07f6b7c23ae4366033108fd62d93af3ba8686196873aa5a3048e8bf6a2c407d19a143ecdfd4305e5a099943af36be0181803caf53ef75e6cf27285f88ed075a50da715de3e8b1ec911de7ce1eb13fa489e2d3685a7fc8c55eef97c5557e5c694aaa6dac817a520620b0d8f81f31a904f9cf2b47be196f158516b61be3d0020d150be3b7d79533a93ad18eb4624fb205a9af34dac617550cf49095bbb745cfc9b521f8d958a8eb8efb615750552e17990f38550806bbaa5cb14232b673cc2be68815c204a84e3496a84cace2d49805d9cd6fc396ed78d0816d2fd14555f077a0b32e47a233b6d771cc43d75c8a549c814eca0bfc97a939bae9be6d1cb912f248cc32685bda2915f452b13420764b18cf2c631c7fb540fbf33f84d9d9fea1775acbd8c874c57b40ae7bbed64d51cd05f4b103fc5995702e66c1966cb3a75cbc2f048571a8e2908de2a871fde4efaefcdc534c00a61aaef500be8b17e63647bc0ebe2185256498db8067798669c1a7a4a8412fe67890d8b5e7e6438f07d987f716a9a658487da52cb7171643fc71752dffa748e33d84a8411fbbccbe2b69f092018e093322fdb500afb359ce641d4a41c3de1b14ec188d258c577f7ceaec08f40593e97eece543aabd6497678fbb6ceb766ca46b74d3e8b7a7974164547e379295ab7da883114a1042d4abc0ca1a8d504deb25fdf83a4f441d52f54700010e7f41dbbbe1874fb91162928ee901076b50bbce698aad026ef56f60b218d82cdd58ee325454a4ee58a419866fca11707937ef862972f108870130df92035682618e25ab2d3aa91ce09a8aa408fb57dcdc5c8fc105c0467ecd4c40a40a476569b532ac5cbec823545d14f931c68879bf713a7794443aed990ef30cc94f38f1950224be49841bc54cc03610f080873e3d97897896e656ac37f38cfcdf3f76cbea79d07dd919a6c7253595d23da39adddda8941ce462718ea2c57a5f9e4a1e23e37ab38c6d4cc896666b93463d30789c1c960ceed4bf303d0655592fd31ab34b60be7a00814f5b420a0692f17926f6c7a4303d3c44df576f9b675605d269667810e956066ee4ff56a125de407eaa459d2e18a88e7a31c4e842f916c3a5c4455cce3252d9d1916e33fb36049dbb0d95ed7132b7255df5ea421dbeda114958b51f01e71aea1dcecca5a7dff8ce74b7ee8daa1fe2dcefb62ad253569b83481225b46acf2529c229619b6f94c29ef2d92abeb181855f10793d7e645050547e0aa0871b37cc064f5db9ff69dabd6ecba09c89be9bf7d6c246ddb1367b27f8a65d332f9bfac68dfe088e383cc4d6356ddc24657ae65523cadabfc0751a35535e5489d12499b6533d6a88d6277e46e1d825b3dfcb8823f4bb53c4586e1c527a8acc37512313adb6942d07aee2320d7046161624c08dbd2149658ddfeb4c264dbe37525fb73632cc45780255249c16095ea0cd84c352ac352283d018e3c7b236c0fa9432a5231e3b77f91daa2bedb67a5a0c5400c8b9a8be7d3c05411bb2de9bdf2062132503c762a30679fc8c2d01aebc0923d0ac5235060f1bc606f5ecfc4bc3bcb7ef9c2a60bd98d03d798b65b82e1231132c20ba8af3934cd66309640322510bb1579c096fb7b3641d2cd70869d7c3481c100152265330c14fc1876b0b9c00cef61fea4c", 0x1000, 0x2}) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r2, 0xc01064bd, &(0x7f00000000c0)={&(0x7f0000000040)="13abdd04c696ca33ad", 0x9, r3}) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETIPTR(r4, 0x800c5011, &(0x7f0000000000)) ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, &(0x7f00000004c0)) 15:53:24 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x8, @pix_mp}) [ 251.299057][T12800] FAULT_INJECTION: forcing a failure. [ 251.299057][T12800] name failslab, interval 1, probability 0, space 0, times 0 [ 251.333164][T12800] CPU: 1 PID: 12800 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 15:53:24 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x25, @pix_mp}) 15:53:24 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0285629, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:24 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x9, @pix_mp}) [ 251.342031][T12800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 251.352226][T12800] Call Trace: [ 251.355517][T12800] dump_stack+0x10f/0x19d [ 251.359838][T12800] should_fail+0x23c/0x250 [ 251.364324][T12800] __should_failslab+0x81/0x90 [ 251.369084][T12800] should_failslab+0x5/0x20 [ 251.373578][T12800] kmem_cache_alloc_trace+0x32/0x2c0 [ 251.378855][T12800] ? proc_pid_stack+0x59/0x180 [ 251.383689][T12800] proc_pid_stack+0x59/0x180 [ 251.388272][T12800] proc_single_show+0x84/0x100 [ 251.393050][T12800] seq_read+0x2ee/0x900 15:53:24 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5c, @pix_mp}) [ 251.397203][T12800] do_iter_read+0x3f5/0x480 [ 251.401703][T12800] do_preadv+0x13b/0x230 [ 251.405942][T12800] ? __sb_end_write+0x90/0xe0 [ 251.410798][T12800] ? vfs_write+0x323/0x350 [ 251.415209][T12800] ? check_preemption_disabled+0x51/0x140 [ 251.420975][T12800] ? debug_smp_processor_id+0x18/0x20 [ 251.426345][T12800] ? fpregs_assert_state_consistent+0x7e/0x90 [ 251.432410][T12800] __x64_sys_preadv+0x54/0x60 [ 251.437088][T12800] do_syscall_64+0x51/0xb0 [ 251.441498][T12800] entry_SYSCALL_64_after_hwframe+0x44/0xa9 15:53:24 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xa, @pix_mp}) [ 251.447572][T12800] RIP: 0033:0x45cb29 [ 251.451456][T12800] Code: Bad RIP value. [ 251.455580][T12800] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 251.464077][T12800] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 251.472124][T12800] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 251.480202][T12800] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 251.488198][T12800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 251.496162][T12800] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 251.889446][ T3964] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 252.129482][ T3964] usb 4-1: Using ep0 maxpacket: 8 [ 252.281275][ T3964] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 252.291472][ T3964] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 252.302531][ T3964] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 252.311683][ T3964] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 252.323389][ T3964] usb 4-1: config 0 descriptor?? [ 252.561726][ T5033] usb 4-1: USB disconnect, device number 31 15:53:26 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e0000000109022400010000"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:26 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x0, 0x0) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0xc200, 0x0) ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f0000000080)) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f0000000000)) 15:53:26 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xb, @pix_mp}) 15:53:26 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0285629, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:26 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x300, @pix_mp}) 15:53:26 executing program 1 (fault-call:5 fault-nth:34): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 253.108315][T12842] FAULT_INJECTION: forcing a failure. [ 253.108315][T12842] name failslab, interval 1, probability 0, space 0, times 0 [ 253.139137][T12842] CPU: 1 PID: 12842 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 253.148061][T12842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 15:53:26 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xc, @pix_mp}) 15:53:26 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0285629, 0x0) [ 253.158192][T12842] Call Trace: [ 253.161474][T12842] dump_stack+0x10f/0x19d [ 253.165901][T12842] should_fail+0x23c/0x250 [ 253.170398][T12842] __should_failslab+0x81/0x90 [ 253.175155][T12842] should_failslab+0x5/0x20 [ 253.180256][T12842] kmem_cache_alloc_trace+0x32/0x2c0 [ 253.185541][T12842] ? proc_pid_stack+0x59/0x180 [ 253.190298][T12842] proc_pid_stack+0x59/0x180 [ 253.194898][T12842] proc_single_show+0x84/0x100 [ 253.199746][T12842] seq_read+0x2ee/0x900 [ 253.203896][T12842] do_iter_read+0x3f5/0x480 [ 253.208393][T12842] do_preadv+0x13b/0x230 [ 253.212630][T12842] ? __sb_end_write+0x90/0xe0 [ 253.217391][T12842] ? vfs_write+0x323/0x350 [ 253.221801][T12842] ? check_preemption_disabled+0x51/0x140 [ 253.227520][T12842] ? debug_smp_processor_id+0x18/0x20 [ 253.232884][T12842] ? fpregs_assert_state_consistent+0x7e/0x90 [ 253.238970][T12842] __x64_sys_preadv+0x54/0x60 [ 253.243643][T12842] do_syscall_64+0x51/0xb0 [ 253.248054][T12842] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 253.254021][T12842] RIP: 0033:0x45cb29 [ 253.257904][T12842] Code: Bad RIP value. [ 253.261977][T12842] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 253.270384][T12842] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 253.278523][T12842] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 253.286562][T12842] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 253.294529][T12842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 15:53:26 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x500, @pix_mp}) [ 253.302513][T12842] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:26 executing program 1 (fault-call:5 fault-nth:35): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:26 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0285629, 0x0) 15:53:26 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xd, @pix_mp}) [ 253.395386][T12865] FAULT_INJECTION: forcing a failure. [ 253.395386][T12865] name failslab, interval 1, probability 0, space 0, times 0 [ 253.422880][T12865] CPU: 1 PID: 12865 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 253.431577][T12865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 253.441725][T12865] Call Trace: [ 253.445212][T12865] dump_stack+0x10f/0x19d [ 253.449536][T12865] should_fail+0x23c/0x250 [ 253.454036][T12865] __should_failslab+0x81/0x90 [ 253.458798][T12865] should_failslab+0x5/0x20 [ 253.466790][T12865] kmem_cache_alloc_trace+0x32/0x2c0 [ 253.472072][T12865] ? proc_pid_stack+0x59/0x180 [ 253.476833][T12865] proc_pid_stack+0x59/0x180 [ 253.481479][T12865] proc_single_show+0x84/0x100 [ 253.486237][T12865] seq_read+0x2ee/0x900 [ 253.490400][T12865] do_iter_read+0x3f5/0x480 [ 253.494906][T12865] do_preadv+0x13b/0x230 [ 253.499145][T12865] ? __sb_end_write+0x90/0xe0 [ 253.503823][T12865] ? vfs_write+0x323/0x350 [ 253.508241][T12865] ? check_preemption_disabled+0x51/0x140 [ 253.513958][T12865] ? debug_smp_processor_id+0x18/0x20 [ 253.519351][T12865] ? fpregs_assert_state_consistent+0x7e/0x90 [ 253.525493][T12865] __x64_sys_preadv+0x54/0x60 [ 253.530190][T12865] do_syscall_64+0x51/0xb0 [ 253.534678][T12865] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 253.540643][T12865] RIP: 0033:0x45cb29 [ 253.544520][T12865] Code: Bad RIP value. [ 253.548599][T12865] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 253.557068][T12865] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 253.565031][T12865] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 253.573166][T12865] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 253.581131][T12865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 253.589091][T12865] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 253.598166][ T3964] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 253.849434][ T3964] usb 4-1: Using ep0 maxpacket: 8 [ 253.969634][ T3964] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 253.982265][ T3964] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 253.991842][ T3964] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 254.001316][ T3964] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.011902][ T3964] usb 4-1: config 0 descriptor?? [ 254.252763][ T3964] usb 4-1: USB disconnect, device number 32 15:53:27 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e0000000109022400010000"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:27 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x600, @pix_mp}) 15:53:27 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r2, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002e40)=@newtfilter={0x74, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x10}, {}, {0x3}}, [@filter_kind_options=@f_cgroup={{0xb, 0x1, 'cgroup\x00'}, {0x44, 0x2, [@TCA_CGROUP_POLICE={0x40, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}}]}]}}]}, 0x74}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r7, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)=@newtfilter={0x474, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x10}, {0x1}, {0xfff1}}, [@filter_kind_options=@f_flow={{0x9, 0x1, 'flow\x00'}, {0x444, 0x2, [@TCA_FLOW_RSHIFT={0x8, 0x4, 0xffffffff}, @TCA_FLOW_POLICE={0x428, 0xa, 0x0, 0x1, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x9}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0xe69, 0x0, 0x8001, 0x3e, 0x4, 0xfffffff8, 0x2, 0x400, 0x3, 0x3, 0x904, 0x1, 0x5, 0x10001, 0x98, 0xbcc6, 0x0, 0x80000000, 0x5, 0x101, 0x7fffffff, 0x93, 0x7, 0x81, 0x80000001, 0x200, 0x4f2, 0xfb, 0xfffffff8, 0x8, 0x8, 0x9, 0x1, 0xf07, 0x64, 0x401, 0xffffffff, 0x401, 0x401, 0x3c2, 0x64, 0x8, 0x7, 0x1, 0x10000, 0x6, 0x9, 0x40000000, 0x40, 0x1000, 0x0, 0x8a76, 0xfffffff9, 0x8, 0xe03, 0x9, 0x1000, 0x70, 0x1, 0x3, 0x4, 0x0, 0x400, 0x1, 0x2, 0x4, 0x7c, 0x6060, 0x10000, 0x0, 0x200, 0x6, 0x3, 0x4, 0x1000, 0x2, 0x3, 0x9, 0x5, 0x5, 0x2, 0x80000001, 0x6, 0x7, 0x1, 0xfffffeff, 0x8000, 0x7f, 0x1000, 0x80000000, 0xff, 0x8, 0x0, 0xea, 0x3, 0x1ff, 0x3, 0x401, 0x2, 0x80000000, 0x20400, 0x9, 0x0, 0x100, 0x400, 0x1, 0x83, 0x0, 0x66, 0xff, 0x1ff, 0x7f, 0x465, 0x4, 0x10001, 0x8, 0x2, 0x314, 0x400, 0x0, 0x9, 0xffffff6b, 0xa2d, 0x401, 0x7, 0x1, 0x7, 0x5, 0x3f, 0x5, 0x8, 0x7, 0x8, 0x80000000, 0x8001, 0xa286, 0x0, 0x9, 0x20, 0x1f, 0x5, 0x6, 0x4, 0x6, 0x1, 0x1, 0x401, 0x10001, 0x4, 0x2, 0x1, 0xfffffff7, 0x1, 0x4, 0x80, 0x4, 0x3f, 0x2, 0x1ff, 0xffffffff, 0x3, 0xe8, 0xffff, 0x400, 0x7fffffff, 0x1, 0x90, 0x4, 0x8, 0x100, 0x6, 0x3, 0x8000, 0x400, 0x7f, 0x8, 0x4, 0x8, 0x9a, 0xfff, 0x5, 0x5406052d, 0x7ff, 0x6, 0x7f, 0x8001, 0x1, 0x401, 0x2, 0x200, 0x3, 0xfffffff0, 0x8, 0x0, 0xdd3d, 0x0, 0x7, 0x8000, 0x9, 0x4, 0x5, 0x6, 0x1, 0xfff, 0xfffffffc, 0x81, 0x1, 0x4, 0x7, 0x9, 0x5, 0xfffffffb, 0x7fffffff, 0x4, 0x8, 0x0, 0x8, 0x66, 0x0, 0x7, 0x0, 0x6, 0xe000000, 0x3, 0xfffffffa, 0x76, 0x3ff, 0xa04b, 0x1, 0x1000, 0x2, 0x2, 0x8001, 0x9, 0x8001, 0xfbfffffa, 0x7, 0x2, 0x0, 0x0, 0x6, 0x2, 0x80, 0x5, 0x1000, 0x9, 0x5, 0x9, 0xffff, 0x3, 0x5, 0x4080, 0x5, 0xffff0ede, 0x9, 0x95]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x8c}, @TCA_POLICE_RATE64={0xc, 0x8, 0x4}]}, @TCA_FLOW_DIVISOR={0x8, 0x8, 0x200}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1be4d}]}}]}, 0x474}}, 0x0) ioctl$sock_SIOCDELRT(r4, 0x890c, &(0x7f0000000340)={0x0, @sco={0x1f, @none}, @xdp={0x2c, 0x0, r7, 0x39}, @rc={0x1f, @fixed={[], 0x11}, 0xd8}, 0x3, 0x0, 0x0, 0x0, 0xfffc, &(0x7f0000000300)='vlan0\x00', 0x1, 0x7, 0x3f}) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000500)={0x278, 0x0, 0x304, 0x70bd2c, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKSTATE_HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_LINKSTATE_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_LINKSTATE_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_LINKSTATE_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_LINKSTATE_HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_LINKSTATE_HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_LINKSTATE_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1\x00'}]}, @ETHTOOL_A_LINKSTATE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_LINKSTATE_HEADER={0x4}, @ETHTOOL_A_LINKSTATE_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}]}, 0x278}, 0x1, 0x0, 0x0, 0x20000020}, 0x4000000) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:53:27 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xe, @pix_mp}) 15:53:27 executing program 1 (fault-call:5 fault-nth:36): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:28 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0285629, 0x0) 15:53:28 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x10, @pix_mp}) 15:53:28 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x700, @pix_mp}) 15:53:28 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r2 = dup3(r0, r1, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000080)={&(0x7f0000000500)="d460571f76bdad627586bd17d4e867565c36d0ddc9488bcc45ac2fc6563cc86b71ad257fe762e4b9834cef20a5e07efc6287aa630962199602c7b98c028dcf7c43bc8b335a924e409772f52d8d62a9a8b02f02f5e92d564d040e90d35de4ac5259857446e25d756628ca8944bf58313f0ba7b058794dd71290821a5607b5e1424b42553113fd3ebae1105ad1e4e538f96ea72e181c828b190c02a5be5961766a402cf24d31af2a05947b3b313c26a4376cd7afea6f7c31141a2c8aaaf22953b5ca6d25819aafb6c4d2ab117bc8bfb59aeedaa441cbc93398fd4590512cfc4f22f83d4fdc7dca1a23a51ed08a0afb6e1c1f13406c8482fd9bd64ff209992b9a10a80db1474b82edad67a21c7a7e49445cd1051c7b2777c5d0b38b97e516d4c68ac0bcb02436a65c28c3113da09227a45ab9ce5fb0de6aa8c6364ce5053a9ec1bb9859731a49b90ef0adc0d5bd322df5a8dec82e2d6f1b893b92ede7ae588127fa3c3933fac809e64a0f747819d616d0e5e7f79578e04b0a7d4ba70040aa06703432f404f1e504e9c9028b27c40d451acea07308bb480b31b0ef9eccc7ca15d4585baca05cbd44f34cb4651f0aa894a59d71a3f8845295a06c816c481d87e9c7bd0ee5038bed3c4c6ebc8b10511c5eb3e7a996520e8bad25ae0772a450b552c8da6569c76f4faae56eab09c93f6edf455b97ca82b181b5597fad3961f6d95bfd97d1c766f82d54360be4098917a60bf7dec9df52660697f38ea3ada3dee0ac412d8cf37f3355c7723a4590084a17d736c1b29c4aa38461ae7cacbb574b0d35556d57cdd66fbf539b7b2f92b7ce34eab98f6915f379718a6c9d4ac7befb537af7ca0936e8a5ea1c7dffc25004bc97bfd784300d16fc4353d62cf63e3ace569f8242930d767cdbc4048dca3bc7a6202802d2bbdc580d54fe9bec91bb172952ddc15d8b2ba7634d964bc923e5cc5a2973bd85875ea18a8a1391f75b44397cef55e7ff22e6e9dae1c8fcc8360ab10875b929d365be3e7dd9c54edcf0d6e11806fda1fe29fec7660bc96707be62448936ed4c36829381e3f2dac4f27151c723a0e44a85888a17b460acbbeefae96b9e1d7d926a6e80b2d5755f6851386eb37b40f9c1c24cee60ec15bd5bc53ab4286b9e9547300730344bfd88607080d5e2354767f92efe0178c86d9e85539a7d4561467c52758197395bf2bdee72ca229c51f9cffb629d1a5d3ffb5e38d33f67413c4497d7c8cf26b2101cb0ed308b59361b905d4a9741e1324da2a07c993d33dfcdf5faf93b10f2bd55e7838b3bdaaf410244e2e49a2c2ff7a1c762ee49ac667949564785a026b959167ed7d2deb60a9424db506dfabebb596a93715da06bd35e0f93bf3acff6b85ec926eb45486f364b5c0ee5ed5bc769af2382c28e5067189bef5d21cc427232b910713d7957a58b290e9e0b45a8e322f03f28e5277857905c6fb84682bc28800e694a01183d5a4306f388e53ba04f720c9f11c1cd25dc49c0d0daf4e06a589ffdeb9a3a6b6337df05ddbe6670ac99cfa084f6e3f70b79491550148cc391f881b2fa7ec61d328dfc741fbd4413243de79067af28c9d27c5439435cf1aec441f08063d6efeddc80e34522e986c563bb4f5907d78eea32c193a44ef3c61ffc348c84b6ae511c2854957eec024b685008e6617da883febbce917e76ecfd724db01fa9682c33ff39106b62ccc44d128fd70e5e4333fbd6942fbbc72ce4b2d59e07d4b79cbe6a9d53dfa5a2b4ae1501cddc6c353a8e2a790f8337dd6c8511b8a9381f7704221dae200b7e41edcc1f7e576d199507a6bd069d3c71e652825c90cd0685ad7a52b9dd82bd910d4bc49f45a5a2115bef3246c94f480c4b7cacb1b8a05f8eefe5655f9ebefcbd61c7cd7cf30a69200509b401412ac67c683ccb0a9df2401bb3935ebad5685d406cb5355e114b1c103613a63ab4181bf89b919c50ae81a5efbd05c6187901412fd07a3c1db3fab3a1dc952032b42791a84fe4b830b6cd94f09a579038ff6a08a3c9ebb5edf51efdac54f25434a4b7a59af7c56855c1eae84141543a96f5c9dd6ae27745e75f0f680e5fa4c765073fa052a7a7649b15e1b5891f7af4202c61ee65d7578a2e4a16803a215a3c3a04db87be7298aea75111c099c21cbd196553bfc539214e69ace4d92fc13e6711665b8685c8983552bfa411c63014df799cbca8d196c1a3f0574e8860ef41ebb05a48561ba0a00bff6e3c5d01db81db788e398693685a629a0d800a0fb271a7f3b005d697adbee89abe663d233077462e58e7b6ef8b074710b28015305adb7985332df9b9b024fcb71b3acc2a7a8014bf770f5b22eb2377d7f0fef3b18fcfc7933d564a02ffaa6e1d870b99b08d76cf8c96ec0797860d4a28dd509c3574913b884378b31df4dd78797eeea0b0a6d3b8726631b419b9b4097c7afed179a9f17c0469711d17ad3e69f3aca1ffe8723594b4428823e675912d29ffd1310f91f609de53eef592b3ca1ea92b7ea204f0d0ab5962587005ab75e417f859f822166a9fbcd433e53d3b261fc0b75c048297ee72674a77c6e8518ce547e297b36f0a640fb50dcb786ffd7a74788f5f2340fcadab89043aeef8cf4fb60dcd4aa9923b69ac5487127163ffed6b1a4345a08213d48f5613bc84178579de67f22c7fd22bd7344ccc95589c420d64d7deb905c3aaad955608f0be060575c4425cbd4c271aacc6de0ebf1ba79e98d43078508de396f42f65513913acc9cd276227f12c9fb9427811b75c6970d35117e81b1e6b4fc9d24b10f1a1b820d32a3c89c49afed6c44d0d6d8a822a4fab5604b8fd1fee8f7e6f09f606aaa1ed91ea5c1cee5f43dc7d936849dcd43172cb2dc2e4f694c2cb67222e08485c91be7e69b714c8292bf7f64504501008f368ca14cba501e19b3a7651019586b29ec8b5810d7fd01f6b63275f5479a7ebc96e8fb528fb299720d2eafe843c17fb304fc787a9be8e0f99459b39e7af658bf960917ef7071f8de46baff98311a847d7ab844e5717ff1c7562c07ae5f5b19a414cafbbcc9d0b03f3b0e60a50d0097467ee5ee5febc266619f404965ef09f5e0b5fa61174337ebabf27a8f6255517955384010132e1b0835f3f553de8df6b27d1c16ab268e5c864155d16ff71d1f86d4bf4771a62c968314ec62a42587e3eea5b6945d0e157c490c57956d80c857de6a51672222df5b7f1d07d5e4502474c51ada1980007e328880fd1534d1ffe36e46bb77f16569f3493c9365da2ab7280fc79869bf7e3360268dad2caafb76b81c421ad1cd49045a4d35a442bf3556b07a3c94c071f74ba20d007de99bb149702cad23fffbddf27cd5aa7b2c9f3ddd82a0c8ee41ae631d53d3114891547924a08d591a4d67595f06017affad64eb658458e8513d1a30e0f74049e0d5033e2306c788292d99503ae34bf72fd14f6c05e9b81e36469d25e8d1b49a716a2b01f622a8d57dbaf5c1e417e274cfa91544aad6789f853716c1b762751057214e494fc9bef3f573a48195a11483740344a4c3d67510a8d02dcf240826ef5f973bf99616ffcf160de0a123e1510b8e0261db71b44988d44ae4653a54544d566718dab548060fd766fbf622fd55427c913cc5fd75a9f543e0996fe72bea0e29209a8b29c14391d4db0d881a7d1013f9e1fd81d42eeac13cd03218d8d659262d9b334ea5b16a9915a36633b631964ac85710204f16b333c9d6cc2a1d5bb8f260ed4f8fb2634bcca0c4ed2faf9fe68280bcf1a97a352fc3e5cb8a21a97d1fc51264bd7e43c0ae4563b94df22df2ee067c56ca5ad891c36e7124801912d4655915dfc9933d759ccd1abec1291ed9db58e424f895f84ee23eee859a6643dcf6292fbf41566f3f43f347da1c9841b929cb3c6edfada4696dd3cef1207e6245d04f91e4b851b55b1ce406873009818a79b62f98fd1af39c07a5c9772533d90f9d43760d64b72cfb0981c8e45e1280428a4842aa4596d167c52216828d7a52b94eab13dc9859d5744a693cb596b6066a30c660dd56227f0876fa2631d92304538967a95772c5d9a2893c285f03116457f350fc01fb67b36acc34b295b3e4764eb293500d391013ad5d6ebbbb3c262d66885c683b07f6b7c23ae4366033108fd62d93af3ba8686196873aa5a3048e8bf6a2c407d19a143ecdfd4305e5a099943af36be0181803caf53ef75e6cf27285f88ed075a50da715de3e8b1ec911de7ce1eb13fa489e2d3685a7fc8c55eef97c5557e5c694aaa6dac817a520620b0d8f81f31a904f9cf2b47be196f158516b61be3d0020d150be3b7d79533a93ad18eb4624fb205a9af34dac617550cf49095bbb745cfc9b521f8d958a8eb8efb615750552e17990f38550806bbaa5cb14232b673cc2be68815c204a84e3496a84cace2d49805d9cd6fc396ed78d0816d2fd14555f077a0b32e47a233b6d771cc43d75c8a549c814eca0bfc97a939bae9be6d1cb912f248cc32685bda2915f452b13420764b18cf2c631c7fb540fbf33f84d9d9fea1775acbd8c874c57b40ae7bbed64d51cd05f4b103fc5995702e66c1966cb3a75cbc2f048571a8e2908de2a871fde4efaefcdc534c00a61aaef500be8b17e63647bc0ebe2185256498db8067798669c1a7a4a8412fe67890d8b5e7e6438f07d987f716a9a658487da52cb7171643fc71752dffa748e33d84a8411fbbccbe2b69f092018e093322fdb500afb359ce641d4a41c3de1b14ec188d258c577f7ceaec08f40593e97eece543aabd6497678fbb6ceb766ca46b74d3e8b7a7974164547e379295ab7da883114a1042d4abc0ca1a8d504deb25fdf83a4f441d52f54700010e7f41dbbbe1874fb91162928ee901076b50bbce698aad026ef56f60b218d82cdd58ee325454a4ee58a419866fca11707937ef862972f108870130df92035682618e25ab2d3aa91ce09a8aa408fb57dcdc5c8fc105c0467ecd4c40a40a476569b532ac5cbec823545d14f931c68879bf713a7794443aed990ef30cc94f38f1950224be49841bc54cc03610f080873e3d97897896e656ac37f38cfcdf3f76cbea79d07dd919a6c7253595d23da39adddda8941ce462718ea2c57a5f9e4a1e23e37ab38c6d4cc896666b93463d30789c1c960ceed4bf303d0655592fd31ab34b60be7a00814f5b420a0692f17926f6c7a4303d3c44df576f9b675605d269667810e956066ee4ff56a125de407eaa459d2e18a88e7a31c4e842f916c3a5c4455cce3252d9d1916e33fb36049dbb0d95ed7132b7255df5ea421dbeda114958b51f01e71aea1dcecca5a7dff8ce74b7ee8daa1fe2dcefb62ad253569b83481225b46acf2529c229619b6f94c29ef2d92abeb181855f10793d7e645050547e0aa0871b37cc064f5db9ff69dabd6ecba09c89be9bf7d6c246ddb1367b27f8a65d332f9bfac68dfe088e383cc4d6356ddc24657ae65523cadabfc0751a35535e5489d12499b6533d6a88d6277e46e1d825b3dfcb8823f4bb53c4586e1c527a8acc37512313adb6942d07aee2320d7046161624c08dbd2149658ddfeb4c264dbe37525fb73632cc45780255249c16095ea0cd84c352ac352283d018e3c7b236c0fa9432a5231e3b77f91daa2bedb67a5a0c5400c8b9a8be7d3c05411bb2de9bdf2062132503c762a30679fc8c2d01aebc0923d0ac5235060f1bc606f5ecfc4bc3bcb7ef9c2a60bd98d03d798b65b82e1231132c20ba8af3934cd66309640322510bb1579c096fb7b3641d2cd70869d7c3481c100152265330c14fc1876b0b9c00cef61fea4c", 0x1000, 0x2}) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r2, 0xc01064bd, &(0x7f00000000c0)={&(0x7f0000000040)="13abdd04c696ca33ad", 0x9, r3}) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETIPTR(r4, 0x800c5011, &(0x7f0000000000)) ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, &(0x7f00000004c0)) [ 254.821959][T12901] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 254.823312][T12899] FAULT_INJECTION: forcing a failure. [ 254.823312][T12899] name failslab, interval 1, probability 0, space 0, times 0 15:53:28 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x900, @pix_mp}) [ 254.890069][T12904] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 254.903991][T12899] CPU: 1 PID: 12899 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 254.912749][T12899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 254.922806][T12899] Call Trace: [ 254.926092][T12899] dump_stack+0x10f/0x19d [ 254.930411][T12899] should_fail+0x23c/0x250 [ 254.934905][T12899] __should_failslab+0x81/0x90 [ 254.939679][T12899] should_failslab+0x5/0x20 [ 254.944172][T12899] kmem_cache_alloc_trace+0x32/0x2c0 [ 254.949446][T12899] ? proc_pid_stack+0x59/0x180 [ 254.954194][T12899] proc_pid_stack+0x59/0x180 [ 254.958768][T12899] proc_single_show+0x84/0x100 [ 254.963518][T12899] seq_read+0x2ee/0x900 [ 254.967662][T12899] do_iter_read+0x3f5/0x480 [ 254.972150][T12899] do_preadv+0x13b/0x230 [ 254.976441][T12899] ? __sb_end_write+0x90/0xe0 [ 254.981108][T12899] ? vfs_write+0x323/0x350 [ 254.985589][T12899] ? check_preemption_disabled+0x51/0x140 [ 254.991525][T12899] ? debug_smp_processor_id+0x18/0x20 [ 254.996961][T12899] ? fpregs_assert_state_consistent+0x7e/0x90 [ 255.003026][T12899] __x64_sys_preadv+0x54/0x60 [ 255.007690][T12899] do_syscall_64+0x51/0xb0 [ 255.012184][T12899] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 255.018072][T12899] RIP: 0033:0x45cb29 [ 255.021942][T12899] Code: Bad RIP value. [ 255.026008][T12899] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 15:53:28 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x11, @pix_mp}) 15:53:28 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xa00, @pix_mp}) [ 255.034400][T12899] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 255.042455][T12899] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 255.050411][T12899] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 255.058365][T12899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 255.066354][T12899] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 255.230896][ T5033] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 255.469457][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 255.589880][ T5033] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 255.600024][ T5033] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 255.608976][ T5033] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 255.618274][ T5033] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.627545][ T5033] usb 4-1: config 0 descriptor?? [ 255.872126][ T49] usb 4-1: USB disconnect, device number 33 15:53:29 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:29 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x12, @pix_mp}) 15:53:29 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xb00, @pix_mp}) 15:53:29 executing program 1 (fault-call:5 fault-nth:37): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:29 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r2 = dup3(r0, r1, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000080)={&(0x7f0000000500)="d460571f76bdad627586bd17d4e867565c36d0ddc9488bcc45ac2fc6563cc86b71ad257fe762e4b9834cef20a5e07efc6287aa630962199602c7b98c028dcf7c43bc8b335a924e409772f52d8d62a9a8b02f02f5e92d564d040e90d35de4ac5259857446e25d756628ca8944bf58313f0ba7b058794dd71290821a5607b5e1424b42553113fd3ebae1105ad1e4e538f96ea72e181c828b190c02a5be5961766a402cf24d31af2a05947b3b313c26a4376cd7afea6f7c31141a2c8aaaf22953b5ca6d25819aafb6c4d2ab117bc8bfb59aeedaa441cbc93398fd4590512cfc4f22f83d4fdc7dca1a23a51ed08a0afb6e1c1f13406c8482fd9bd64ff209992b9a10a80db1474b82edad67a21c7a7e49445cd1051c7b2777c5d0b38b97e516d4c68ac0bcb02436a65c28c3113da09227a45ab9ce5fb0de6aa8c6364ce5053a9ec1bb9859731a49b90ef0adc0d5bd322df5a8dec82e2d6f1b893b92ede7ae588127fa3c3933fac809e64a0f747819d616d0e5e7f79578e04b0a7d4ba70040aa06703432f404f1e504e9c9028b27c40d451acea07308bb480b31b0ef9eccc7ca15d4585baca05cbd44f34cb4651f0aa894a59d71a3f8845295a06c816c481d87e9c7bd0ee5038bed3c4c6ebc8b10511c5eb3e7a996520e8bad25ae0772a450b552c8da6569c76f4faae56eab09c93f6edf455b97ca82b181b5597fad3961f6d95bfd97d1c766f82d54360be4098917a60bf7dec9df52660697f38ea3ada3dee0ac412d8cf37f3355c7723a4590084a17d736c1b29c4aa38461ae7cacbb574b0d35556d57cdd66fbf539b7b2f92b7ce34eab98f6915f379718a6c9d4ac7befb537af7ca0936e8a5ea1c7dffc25004bc97bfd784300d16fc4353d62cf63e3ace569f8242930d767cdbc4048dca3bc7a6202802d2bbdc580d54fe9bec91bb172952ddc15d8b2ba7634d964bc923e5cc5a2973bd85875ea18a8a1391f75b44397cef55e7ff22e6e9dae1c8fcc8360ab10875b929d365be3e7dd9c54edcf0d6e11806fda1fe29fec7660bc96707be62448936ed4c36829381e3f2dac4f27151c723a0e44a85888a17b460acbbeefae96b9e1d7d926a6e80b2d5755f6851386eb37b40f9c1c24cee60ec15bd5bc53ab4286b9e9547300730344bfd88607080d5e2354767f92efe0178c86d9e85539a7d4561467c52758197395bf2bdee72ca229c51f9cffb629d1a5d3ffb5e38d33f67413c4497d7c8cf26b2101cb0ed308b59361b905d4a9741e1324da2a07c993d33dfcdf5faf93b10f2bd55e7838b3bdaaf410244e2e49a2c2ff7a1c762ee49ac667949564785a026b959167ed7d2deb60a9424db506dfabebb596a93715da06bd35e0f93bf3acff6b85ec926eb45486f364b5c0ee5ed5bc769af2382c28e5067189bef5d21cc427232b910713d7957a58b290e9e0b45a8e322f03f28e5277857905c6fb84682bc28800e694a01183d5a4306f388e53ba04f720c9f11c1cd25dc49c0d0daf4e06a589ffdeb9a3a6b6337df05ddbe6670ac99cfa084f6e3f70b79491550148cc391f881b2fa7ec61d328dfc741fbd4413243de79067af28c9d27c5439435cf1aec441f08063d6efeddc80e34522e986c563bb4f5907d78eea32c193a44ef3c61ffc348c84b6ae511c2854957eec024b685008e6617da883febbce917e76ecfd724db01fa9682c33ff39106b62ccc44d128fd70e5e4333fbd6942fbbc72ce4b2d59e07d4b79cbe6a9d53dfa5a2b4ae1501cddc6c353a8e2a790f8337dd6c8511b8a9381f7704221dae200b7e41edcc1f7e576d199507a6bd069d3c71e652825c90cd0685ad7a52b9dd82bd910d4bc49f45a5a2115bef3246c94f480c4b7cacb1b8a05f8eefe5655f9ebefcbd61c7cd7cf30a69200509b401412ac67c683ccb0a9df2401bb3935ebad5685d406cb5355e114b1c103613a63ab4181bf89b919c50ae81a5efbd05c6187901412fd07a3c1db3fab3a1dc952032b42791a84fe4b830b6cd94f09a579038ff6a08a3c9ebb5edf51efdac54f25434a4b7a59af7c56855c1eae84141543a96f5c9dd6ae27745e75f0f680e5fa4c765073fa052a7a7649b15e1b5891f7af4202c61ee65d7578a2e4a16803a215a3c3a04db87be7298aea75111c099c21cbd196553bfc539214e69ace4d92fc13e6711665b8685c8983552bfa411c63014df799cbca8d196c1a3f0574e8860ef41ebb05a48561ba0a00bff6e3c5d01db81db788e398693685a629a0d800a0fb271a7f3b005d697adbee89abe663d233077462e58e7b6ef8b074710b28015305adb7985332df9b9b024fcb71b3acc2a7a8014bf770f5b22eb2377d7f0fef3b18fcfc7933d564a02ffaa6e1d870b99b08d76cf8c96ec0797860d4a28dd509c3574913b884378b31df4dd78797eeea0b0a6d3b8726631b419b9b4097c7afed179a9f17c0469711d17ad3e69f3aca1ffe8723594b4428823e675912d29ffd1310f91f609de53eef592b3ca1ea92b7ea204f0d0ab5962587005ab75e417f859f822166a9fbcd433e53d3b261fc0b75c048297ee72674a77c6e8518ce547e297b36f0a640fb50dcb786ffd7a74788f5f2340fcadab89043aeef8cf4fb60dcd4aa9923b69ac5487127163ffed6b1a4345a08213d48f5613bc84178579de67f22c7fd22bd7344ccc95589c420d64d7deb905c3aaad955608f0be060575c4425cbd4c271aacc6de0ebf1ba79e98d43078508de396f42f65513913acc9cd276227f12c9fb9427811b75c6970d35117e81b1e6b4fc9d24b10f1a1b820d32a3c89c49afed6c44d0d6d8a822a4fab5604b8fd1fee8f7e6f09f606aaa1ed91ea5c1cee5f43dc7d936849dcd43172cb2dc2e4f694c2cb67222e08485c91be7e69b714c8292bf7f64504501008f368ca14cba501e19b3a7651019586b29ec8b5810d7fd01f6b63275f5479a7ebc96e8fb528fb299720d2eafe843c17fb304fc787a9be8e0f99459b39e7af658bf960917ef7071f8de46baff98311a847d7ab844e5717ff1c7562c07ae5f5b19a414cafbbcc9d0b03f3b0e60a50d0097467ee5ee5febc266619f404965ef09f5e0b5fa61174337ebabf27a8f6255517955384010132e1b0835f3f553de8df6b27d1c16ab268e5c864155d16ff71d1f86d4bf4771a62c968314ec62a42587e3eea5b6945d0e157c490c57956d80c857de6a51672222df5b7f1d07d5e4502474c51ada1980007e328880fd1534d1ffe36e46bb77f16569f3493c9365da2ab7280fc79869bf7e3360268dad2caafb76b81c421ad1cd49045a4d35a442bf3556b07a3c94c071f74ba20d007de99bb149702cad23fffbddf27cd5aa7b2c9f3ddd82a0c8ee41ae631d53d3114891547924a08d591a4d67595f06017affad64eb658458e8513d1a30e0f74049e0d5033e2306c788292d99503ae34bf72fd14f6c05e9b81e36469d25e8d1b49a716a2b01f622a8d57dbaf5c1e417e274cfa91544aad6789f853716c1b762751057214e494fc9bef3f573a48195a11483740344a4c3d67510a8d02dcf240826ef5f973bf99616ffcf160de0a123e1510b8e0261db71b44988d44ae4653a54544d566718dab548060fd766fbf622fd55427c913cc5fd75a9f543e0996fe72bea0e29209a8b29c14391d4db0d881a7d1013f9e1fd81d42eeac13cd03218d8d659262d9b334ea5b16a9915a36633b631964ac85710204f16b333c9d6cc2a1d5bb8f260ed4f8fb2634bcca0c4ed2faf9fe68280bcf1a97a352fc3e5cb8a21a97d1fc51264bd7e43c0ae4563b94df22df2ee067c56ca5ad891c36e7124801912d4655915dfc9933d759ccd1abec1291ed9db58e424f895f84ee23eee859a6643dcf6292fbf41566f3f43f347da1c9841b929cb3c6edfada4696dd3cef1207e6245d04f91e4b851b55b1ce406873009818a79b62f98fd1af39c07a5c9772533d90f9d43760d64b72cfb0981c8e45e1280428a4842aa4596d167c52216828d7a52b94eab13dc9859d5744a693cb596b6066a30c660dd56227f0876fa2631d92304538967a95772c5d9a2893c285f03116457f350fc01fb67b36acc34b295b3e4764eb293500d391013ad5d6ebbbb3c262d66885c683b07f6b7c23ae4366033108fd62d93af3ba8686196873aa5a3048e8bf6a2c407d19a143ecdfd4305e5a099943af36be0181803caf53ef75e6cf27285f88ed075a50da715de3e8b1ec911de7ce1eb13fa489e2d3685a7fc8c55eef97c5557e5c694aaa6dac817a520620b0d8f81f31a904f9cf2b47be196f158516b61be3d0020d150be3b7d79533a93ad18eb4624fb205a9af34dac617550cf49095bbb745cfc9b521f8d958a8eb8efb615750552e17990f38550806bbaa5cb14232b673cc2be68815c204a84e3496a84cace2d49805d9cd6fc396ed78d0816d2fd14555f077a0b32e47a233b6d771cc43d75c8a549c814eca0bfc97a939bae9be6d1cb912f248cc32685bda2915f452b13420764b18cf2c631c7fb540fbf33f84d9d9fea1775acbd8c874c57b40ae7bbed64d51cd05f4b103fc5995702e66c1966cb3a75cbc2f048571a8e2908de2a871fde4efaefcdc534c00a61aaef500be8b17e63647bc0ebe2185256498db8067798669c1a7a4a8412fe67890d8b5e7e6438f07d987f716a9a658487da52cb7171643fc71752dffa748e33d84a8411fbbccbe2b69f092018e093322fdb500afb359ce641d4a41c3de1b14ec188d258c577f7ceaec08f40593e97eece543aabd6497678fbb6ceb766ca46b74d3e8b7a7974164547e379295ab7da883114a1042d4abc0ca1a8d504deb25fdf83a4f441d52f54700010e7f41dbbbe1874fb91162928ee901076b50bbce698aad026ef56f60b218d82cdd58ee325454a4ee58a419866fca11707937ef862972f108870130df92035682618e25ab2d3aa91ce09a8aa408fb57dcdc5c8fc105c0467ecd4c40a40a476569b532ac5cbec823545d14f931c68879bf713a7794443aed990ef30cc94f38f1950224be49841bc54cc03610f080873e3d97897896e656ac37f38cfcdf3f76cbea79d07dd919a6c7253595d23da39adddda8941ce462718ea2c57a5f9e4a1e23e37ab38c6d4cc896666b93463d30789c1c960ceed4bf303d0655592fd31ab34b60be7a00814f5b420a0692f17926f6c7a4303d3c44df576f9b675605d269667810e956066ee4ff56a125de407eaa459d2e18a88e7a31c4e842f916c3a5c4455cce3252d9d1916e33fb36049dbb0d95ed7132b7255df5ea421dbeda114958b51f01e71aea1dcecca5a7dff8ce74b7ee8daa1fe2dcefb62ad253569b83481225b46acf2529c229619b6f94c29ef2d92abeb181855f10793d7e645050547e0aa0871b37cc064f5db9ff69dabd6ecba09c89be9bf7d6c246ddb1367b27f8a65d332f9bfac68dfe088e383cc4d6356ddc24657ae65523cadabfc0751a35535e5489d12499b6533d6a88d6277e46e1d825b3dfcb8823f4bb53c4586e1c527a8acc37512313adb6942d07aee2320d7046161624c08dbd2149658ddfeb4c264dbe37525fb73632cc45780255249c16095ea0cd84c352ac352283d018e3c7b236c0fa9432a5231e3b77f91daa2bedb67a5a0c5400c8b9a8be7d3c05411bb2de9bdf2062132503c762a30679fc8c2d01aebc0923d0ac5235060f1bc606f5ecfc4bc3bcb7ef9c2a60bd98d03d798b65b82e1231132c20ba8af3934cd66309640322510bb1579c096fb7b3641d2cd70869d7c3481c100152265330c14fc1876b0b9c00cef61fea4c", 0x1000, 0x2}) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r2, 0xc01064bd, &(0x7f00000000c0)={&(0x7f0000000040)="13abdd04c696ca33ad", 0x9, r3}) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETIPTR(r4, 0x800c5011, &(0x7f0000000000)) ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, &(0x7f00000004c0)) 15:53:29 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r2, 0xc0305710, &(0x7f0000000000)={0x0, 0x3ff, 0x3}) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) [ 256.424937][T12954] FAULT_INJECTION: forcing a failure. [ 256.424937][T12954] name failslab, interval 1, probability 0, space 0, times 0 [ 256.460375][T12954] CPU: 1 PID: 12954 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 15:53:29 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x25, @pix_mp}) 15:53:29 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xc00, @pix_mp}) [ 256.469152][T12954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 256.479198][T12954] Call Trace: [ 256.482500][T12954] dump_stack+0x10f/0x19d [ 256.486827][T12954] should_fail+0x23c/0x250 [ 256.491237][T12954] __should_failslab+0x81/0x90 [ 256.496549][T12954] should_failslab+0x5/0x20 [ 256.501133][T12954] kmem_cache_alloc_trace+0x32/0x2c0 [ 256.506416][T12954] ? proc_pid_stack+0x59/0x180 [ 256.511215][T12954] proc_pid_stack+0x59/0x180 [ 256.515884][T12954] proc_single_show+0x84/0x100 [ 256.520663][T12954] seq_read+0x2ee/0x900 15:53:29 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5c, @pix_mp}) [ 256.524816][T12954] do_iter_read+0x3f5/0x480 [ 256.529312][T12954] do_preadv+0x13b/0x230 [ 256.533569][T12954] ? __sb_end_write+0x90/0xe0 [ 256.538364][T12954] ? vfs_write+0x323/0x350 [ 256.542781][T12954] ? check_preemption_disabled+0x51/0x140 [ 256.548544][T12954] ? debug_smp_processor_id+0x18/0x20 [ 256.553912][T12954] ? fpregs_assert_state_consistent+0x7e/0x90 [ 256.560334][T12954] __x64_sys_preadv+0x54/0x60 [ 256.565059][T12954] do_syscall_64+0x51/0xb0 15:53:29 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x300, @pix_mp}) [ 256.575138][T12954] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 256.581020][T12954] RIP: 0033:0x45cb29 [ 256.585857][T12954] Code: Bad RIP value. [ 256.589913][T12954] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 256.598665][T12954] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 256.606637][T12954] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 256.614832][T12954] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 15:53:29 executing program 2: socket$nl_crypto(0x10, 0x3, 0x15) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r1, 0xc008551a, &(0x7f0000000080)=ANY=[@ANYBLOB="1f0000000c0000000500000001000000ff010000db9cb371dcea5cf45a1dc69185a6e35bf1196c2e554abc86f0ee1aac1512b9af13004e8e465811641c3f469caf7963af943cbea85ca2edf2605a7a584bdb5b95aaeae426e64c5ffc7e4fa4"]) r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f00000004c0)) [ 256.622794][T12954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 256.630778][T12954] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:29 executing program 4: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) r1 = semget$private(0x0, 0x8, 0x0) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0x200}], 0x1, 0x0) semop(r1, &(0x7f00000000c0)=[{}], 0x1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) connect$pptp(r3, &(0x7f0000000100)={0x18, 0x2, {0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x1e) semctl$IPC_RMID(r1, 0x0, 0x0) semctl$GETVAL(r1, 0x1, 0xc, &(0x7f0000000000)=""/161) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) [ 256.789471][ T3964] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 257.029451][ T3964] usb 4-1: Using ep0 maxpacket: 8 [ 257.149836][ T3964] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 257.157947][ T3964] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 257.168894][ T3964] usb 4-1: config 0 has no interface number 0 [ 257.175330][ T3964] usb 4-1: config 0 interface 65 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 23 [ 257.188815][ T3964] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 257.198351][ T3964] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 257.210831][ T3964] usb 4-1: config 0 descriptor?? [ 257.451936][ T3964] usb 4-1: USB disconnect, device number 34 15:53:31 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x500, @pix_mp}) 15:53:31 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xd00, @pix_mp}) 15:53:31 executing program 1 (fault-call:5 fault-nth:38): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:31 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) r3 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$bt_hci(r3, 0x0, 0x3, &(0x7f0000000080)=""/172, &(0x7f0000000140)=0xac) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$UI_BEGIN_FF_UPLOAD(r2, 0xc06855c8, &(0x7f0000000000)={0xe, 0x400, {0x52, 0x4, 0x5, {0x1, 0xfd1f}, {0x81, 0x5}, @cond=[{0x8, 0x2f48, 0x6ea9, 0x2, 0x9f2, 0x40}, {0x3f, 0x7efd, 0x4, 0x4, 0x7}]}, {0x53, 0x0, 0x6, {0x2, 0x4}, {0x3f, 0x1000}, @ramp={0x4, 0x1, {0xfff, 0x8, 0x101, 0x1}}}}) 15:53:31 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:31 executing program 4: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) r1 = semget$private(0x0, 0x8, 0x0) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0x200}], 0x1, 0x0) semop(r1, &(0x7f00000000c0)=[{}], 0x1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) connect$pptp(r3, &(0x7f0000000100)={0x18, 0x2, {0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x1e) semctl$IPC_RMID(r1, 0x0, 0x0) semctl$GETVAL(r1, 0x1, 0xc, &(0x7f0000000000)=""/161) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) [ 257.999267][T13000] FAULT_INJECTION: forcing a failure. [ 257.999267][T13000] name failslab, interval 1, probability 0, space 0, times 0 15:53:31 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xe00, @pix_mp}) 15:53:31 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x600, @pix_mp}) [ 258.046873][T13000] CPU: 1 PID: 13000 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 258.055561][T13000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.065864][T13000] Call Trace: [ 258.069149][T13000] dump_stack+0x10f/0x19d [ 258.073471][T13000] should_fail+0x23c/0x250 [ 258.077942][T13000] __should_failslab+0x81/0x90 [ 258.082705][T13000] should_failslab+0x5/0x20 [ 258.087243][T13000] kmem_cache_alloc_trace+0x32/0x2c0 [ 258.092522][T13000] ? proc_pid_stack+0x59/0x180 [ 258.097314][T13000] proc_pid_stack+0x59/0x180 [ 258.102011][T13000] proc_single_show+0x84/0x100 [ 258.106768][T13000] seq_read+0x2ee/0x900 [ 258.110922][T13000] do_iter_read+0x3f5/0x480 [ 258.115498][T13000] do_preadv+0x13b/0x230 [ 258.119741][T13000] ? __sb_end_write+0x90/0xe0 [ 258.124449][T13000] ? vfs_write+0x323/0x350 [ 258.128862][T13000] ? check_preemption_disabled+0x51/0x140 [ 258.134579][T13000] ? debug_smp_processor_id+0x18/0x20 [ 258.140224][T13000] ? fpregs_assert_state_consistent+0x7e/0x90 15:53:31 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x700, @pix_mp}) [ 258.146291][T13000] __x64_sys_preadv+0x54/0x60 [ 258.150971][T13000] do_syscall_64+0x51/0xb0 [ 258.155381][T13000] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 258.161264][T13000] RIP: 0033:0x45cb29 [ 258.165140][T13000] Code: Bad RIP value. [ 258.169190][T13000] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 258.177611][T13000] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 258.186012][T13000] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 15:53:31 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x900, @pix_mp}) 15:53:31 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) lsetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="7b7973746590d95831194844c85d1090a4e6929304ee3a94b6d1120346571b214f89f05415ff2948ae10b4052ba2f2"], &(0x7f0000000080)='}}{]\x00', 0x5, 0x3) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) [ 258.193972][T13000] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 258.201946][T13000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 258.209903][T13000] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:31 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x1100, @pix_mp}) 15:53:31 executing program 1 (fault-call:5 fault-nth:39): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:31 executing program 4: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) r1 = semget$private(0x0, 0x8, 0x0) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0x200}], 0x1, 0x0) semop(r1, &(0x7f00000000c0)=[{}], 0x1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) connect$pptp(r3, &(0x7f0000000100)={0x18, 0x2, {0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x1e) semctl$IPC_RMID(r1, 0x0, 0x0) semctl$GETVAL(r1, 0x1, 0xc, &(0x7f0000000000)=""/161) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:53:31 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xa00, @pix_mp}) 15:53:31 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000000)={0xb449, 0x8, 0x1, 0x8000, 0x731}) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f0000000040)=0x1b) [ 258.343483][T13032] FAULT_INJECTION: forcing a failure. [ 258.343483][T13032] name failslab, interval 1, probability 0, space 0, times 0 [ 258.380910][ T9916] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 258.393843][T13032] CPU: 1 PID: 13032 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 258.402529][T13032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.412723][T13032] Call Trace: [ 258.416026][T13032] dump_stack+0x10f/0x19d [ 258.420351][T13032] should_fail+0x23c/0x250 [ 258.424759][T13032] __should_failslab+0x81/0x90 [ 258.429520][T13032] should_failslab+0x5/0x20 [ 258.434102][T13032] kmem_cache_alloc_trace+0x32/0x2c0 [ 258.439385][T13032] ? proc_pid_stack+0x59/0x180 [ 258.444140][T13032] proc_pid_stack+0x59/0x180 [ 258.448742][T13032] proc_single_show+0x84/0x100 [ 258.453500][T13032] seq_read+0x2ee/0x900 [ 258.457692][T13032] do_iter_read+0x3f5/0x480 [ 258.462190][T13032] do_preadv+0x13b/0x230 [ 258.466434][T13032] ? __sb_end_write+0x90/0xe0 [ 258.471118][T13032] ? vfs_write+0x323/0x350 [ 258.475545][T13032] ? check_preemption_disabled+0x51/0x140 [ 258.481273][T13032] ? debug_smp_processor_id+0x18/0x20 [ 258.486635][T13032] ? fpregs_assert_state_consistent+0x7e/0x90 [ 258.492781][T13032] __x64_sys_preadv+0x54/0x60 [ 258.497455][T13032] do_syscall_64+0x51/0xb0 [ 258.501864][T13032] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 258.507772][T13032] RIP: 0033:0x45cb29 [ 258.511699][T13032] Code: Bad RIP value. [ 258.515820][T13032] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 258.524338][T13032] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 258.532773][T13032] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 258.540815][T13032] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 258.549040][T13032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 258.557064][T13032] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 258.809455][ T9916] usb 4-1: Using ep0 maxpacket: 8 [ 258.929720][ T9916] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 258.937867][ T9916] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 258.948593][ T9916] usb 4-1: config 0 has no interface number 0 [ 258.955125][ T9916] usb 4-1: config 0 interface 65 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 23 [ 258.968470][ T9916] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 258.977901][ T9916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 258.987078][ T9916] usb 4-1: config 0 descriptor?? [ 259.232362][ T9916] usb 4-1: USB disconnect, device number 35 15:53:32 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xb00, @pix_mp}) 15:53:32 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x1200, @pix_mp}) 15:53:32 executing program 4: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500d, &(0x7f00000004c0)) 15:53:32 executing program 1 (fault-call:5 fault-nth:40): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:32 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:32 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x8017) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfc, 0xfc, 0x9, [@enum={0xf, 0x6, 0x0, 0x6, 0x4, [{0xc, 0x400}, {0x8, 0x4}, {0x3}, {0x9, 0xc3}, {0xd, 0xe13}, {0x1}]}, @struct={0xf, 0x4, 0x0, 0x4, 0x1, 0x1, [{0x10, 0x4, 0xac4}, {0x7, 0x3, 0x5}, {0xe, 0x4, 0xdb}, {0xc, 0x1, 0x2}]}, @func={0x9, 0x0, 0x0, 0xc, 0x4}, @union={0x5, 0x4, 0x0, 0x5, 0x0, 0x3, [{0x0, 0x0, 0x8001}, {0x9, 0x4, 0xa4}, {0xb, 0x2, 0x6}, {0x5, 0x2, 0x9}]}, @func={0x10, 0x0, 0x0, 0xc, 0x4}, @ptr, @fwd={0xe}, @const={0xf, 0x0, 0x0, 0xa, 0x1}, @typedef={0x0, 0x0, 0x0, 0x8, 0x3}]}, {0x0, [0x2e, 0x61, 0x0, 0x2e, 0x5f, 0x30, 0x30]}}, &(0x7f0000000180)=""/93, 0x11d, 0x5d}, 0x20) pwrite64(r1, &(0x7f0000000240)="87b1c818673bff646c6100e2f1ff2c766f15eba8ce5b8a8af784b5644c444b8e8a15318b3ceab4275efaedce8af9e1d3bbb2a5918df871c9f2ebe8176c2f5a9ddfb37d9cd5c0e3a37bcc78cc528b155153918e6a42574a2ea362aa72b571677d91b8b68778c8358d0d26", 0x6a, 0x7f) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r3, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x14, 0x3, 0x2, 0x801, 0x0, 0x0, {0x3, 0x0, 0xa}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x811}, 0x24000040) 15:53:33 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x2500, @pix_mp}) [ 259.783482][T13063] FAULT_INJECTION: forcing a failure. [ 259.783482][T13063] name failslab, interval 1, probability 0, space 0, times 0 [ 259.845622][T13063] CPU: 0 PID: 13063 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 259.854401][T13063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 259.864449][T13063] Call Trace: [ 259.867739][T13063] dump_stack+0x10f/0x19d [ 259.872074][T13063] should_fail+0x23c/0x250 [ 259.876494][T13063] __should_failslab+0x81/0x90 [ 259.881285][T13063] should_failslab+0x5/0x20 [ 259.885872][T13063] kmem_cache_alloc_trace+0x32/0x2c0 [ 259.891156][T13063] ? proc_pid_stack+0x59/0x180 [ 259.896613][T13063] proc_pid_stack+0x59/0x180 [ 259.901227][T13063] proc_single_show+0x84/0x100 [ 259.906007][T13063] seq_read+0x2ee/0x900 [ 259.910204][T13063] do_iter_read+0x3f5/0x480 [ 259.914820][T13063] do_preadv+0x13b/0x230 [ 259.919174][T13063] ? __sb_end_write+0x90/0xe0 [ 259.924283][T13063] ? vfs_write+0x323/0x350 [ 259.928777][T13063] ? check_preemption_disabled+0x51/0x140 [ 259.934507][T13063] ? debug_smp_processor_id+0x18/0x20 [ 259.939872][T13063] ? fpregs_assert_state_consistent+0x7e/0x90 [ 259.946027][T13063] __x64_sys_preadv+0x54/0x60 [ 259.950705][T13063] do_syscall_64+0x51/0xb0 [ 259.955119][T13063] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 259.960998][T13063] RIP: 0033:0x45cb29 [ 259.964872][T13063] Code: Bad RIP value. [ 259.968922][T13063] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 259.977740][T13063] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 259.985692][T13063] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 15:53:33 executing program 4: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r0) 15:53:33 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xc00, @pix_mp}) 15:53:33 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5c00, @pix_mp}) 15:53:33 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000000), &(0x7f0000000040)=0x4) r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) setsockopt$inet6_opts(r1, 0x29, 0x36, &(0x7f0000000080)=@dstopts={0x2c, 0xc, [], [@calipso={0x7, 0x20, {0x3, 0x6, 0x7, 0xfb7, [0xffffffffffffffff, 0x0, 0x2]}}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, [], 0x43}}, @calipso={0x7, 0x18, {0x3, 0x4, 0xe8, 0x0, [0x6, 0x3ff]}}, @ra={0x5, 0x2, 0x6}, @ra={0x5, 0x2, 0x2}]}, 0x70) ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f00000004c0)) [ 259.994599][T13063] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 260.002573][T13063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 260.011087][T13063] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:33 executing program 1 (fault-call:5 fault-nth:41): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:33 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xd00, @pix_mp}) 15:53:33 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x1000000, @pix_mp}) 15:53:33 executing program 2: r0 = gettid() ptrace$poke(0xffffffffffffffff, r0, &(0x7f0000000000), 0xec2c) r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x381583, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f00000004c0)) [ 260.140775][T13096] FAULT_INJECTION: forcing a failure. [ 260.140775][T13096] name failslab, interval 1, probability 0, space 0, times 0 15:53:33 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xe00, @pix_mp}) [ 260.193551][ T48] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 260.204451][T13096] CPU: 0 PID: 13096 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 260.213126][T13096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 260.223200][T13096] Call Trace: [ 260.226548][T13096] dump_stack+0x10f/0x19d [ 260.232446][T13096] should_fail+0x23c/0x250 [ 260.236859][T13096] __should_failslab+0x81/0x90 [ 260.241620][T13096] should_failslab+0x5/0x20 [ 260.246118][T13096] kmem_cache_alloc_trace+0x32/0x2c0 [ 260.251475][T13096] ? proc_pid_stack+0x59/0x180 [ 260.256929][T13096] proc_pid_stack+0x59/0x180 [ 260.261739][T13096] proc_single_show+0x84/0x100 [ 260.266498][T13096] seq_read+0x2ee/0x900 [ 260.270725][T13096] do_iter_read+0x3f5/0x480 [ 260.275220][T13096] do_preadv+0x13b/0x230 [ 260.279541][T13096] ? __sb_end_write+0x90/0xe0 [ 260.284213][T13096] ? vfs_write+0x323/0x350 [ 260.288644][T13096] ? check_preemption_disabled+0x51/0x140 [ 260.295369][T13096] ? debug_smp_processor_id+0x18/0x20 [ 260.300746][T13096] ? fpregs_assert_state_consistent+0x7e/0x90 [ 260.309160][T13096] __x64_sys_preadv+0x54/0x60 [ 260.313834][T13096] do_syscall_64+0x51/0xb0 [ 260.318250][T13096] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 260.324133][T13096] RIP: 0033:0x45cb29 [ 260.328032][T13096] Code: Bad RIP value. [ 260.332172][T13096] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 260.340596][T13096] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 260.348555][T13096] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 260.356514][T13096] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 260.364580][T13096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 260.371033][ T9916] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 260.372580][T13096] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 260.629452][ T9916] usb 5-1: Using ep0 maxpacket: 8 [ 260.639758][ T48] usb 4-1: Using ep0 maxpacket: 8 [ 260.749442][ T9916] usb 5-1: config 0 has an invalid interface number: 65 but max is 0 [ 260.757644][ T9916] usb 5-1: config 0 has no interface number 0 [ 260.764965][ T9916] usb 5-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 260.775970][ T9916] usb 5-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 260.787009][ T9916] usb 5-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 260.789950][ T48] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 260.796853][ T9916] usb 5-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 260.807574][ T48] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 260.817964][ T9916] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 260.817986][ T9916] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 260.830642][ T48] usb 4-1: config 0 has no interface number 0 [ 260.837929][ T9916] usb 5-1: config 0 descriptor?? [ 260.850242][ T48] usb 4-1: config 0 interface 65 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 23 [ 260.869613][ T48] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 260.878983][ T48] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 260.888323][ T48] usb 4-1: config 0 descriptor?? [ 260.901902][ T9916] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.65/input/input23 [ 261.108106][ T9916] usb 5-1: USB disconnect, device number 3 [ 261.119651][ T9916] xpad 5-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 261.152194][ T49] usb 4-1: USB disconnect, device number 36 15:53:34 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:34 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x2000000, @pix_mp}) 15:53:34 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x1100, @pix_mp}) 15:53:34 executing program 1 (fault-call:5 fault-nth:42): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:34 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) fstatfs(0xffffffffffffffff, &(0x7f0000000000)=""/61) r1 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000040)="2d58a46c2c667904f4789673d119dade", 0x10) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:53:34 executing program 4: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x80045006, &(0x7f00000004c0)) 15:53:34 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x1200, @pix_mp}) 15:53:35 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x3000000, @pix_mp}) [ 261.755194][T13165] FAULT_INJECTION: forcing a failure. [ 261.755194][T13165] name failslab, interval 1, probability 0, space 0, times 0 [ 261.783611][T13165] CPU: 0 PID: 13165 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 261.792324][T13165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 261.803087][T13165] Call Trace: [ 261.806376][T13165] dump_stack+0x10f/0x19d [ 261.810701][T13165] should_fail+0x23c/0x250 [ 261.815110][T13165] __should_failslab+0x81/0x90 [ 261.819870][T13165] should_failslab+0x5/0x20 [ 261.824410][T13165] kmem_cache_alloc_trace+0x32/0x2c0 [ 261.829690][T13165] ? proc_pid_stack+0x59/0x180 [ 261.834441][T13165] proc_pid_stack+0x59/0x180 [ 261.839047][T13165] proc_single_show+0x84/0x100 [ 261.843800][T13165] seq_read+0x2ee/0x900 [ 261.847984][T13165] do_iter_read+0x3f5/0x480 [ 261.852594][T13165] do_preadv+0x13b/0x230 [ 261.856967][T13165] ? __sb_end_write+0x90/0xe0 [ 261.861646][T13165] ? vfs_write+0x323/0x350 [ 261.866057][T13165] ? check_preemption_disabled+0x51/0x140 [ 261.871769][T13165] ? debug_smp_processor_id+0x18/0x20 [ 261.877131][T13165] ? fpregs_assert_state_consistent+0x7e/0x90 [ 261.883191][T13165] __x64_sys_preadv+0x54/0x60 [ 261.887867][T13165] do_syscall_64+0x51/0xb0 [ 261.892294][T13165] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 261.898213][T13165] RIP: 0033:0x45cb29 15:53:35 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x2c3, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000000)) 15:53:35 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) [ 261.902090][T13165] Code: Bad RIP value. [ 261.906143][T13165] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 261.914562][T13165] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 261.922749][T13165] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 261.930712][T13165] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 261.938671][T13165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 261.946630][T13165] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:35 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x2500, @pix_mp}) 15:53:35 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) [ 262.110923][ T48] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 262.349509][ T48] usb 4-1: Using ep0 maxpacket: 8 [ 262.469463][ T48] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 262.477589][ T48] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 262.487691][ T48] usb 4-1: config 0 has no interface number 0 [ 262.493812][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 262.504736][ T48] usb 4-1: config 0 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 262.517726][ T48] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 262.526804][ T48] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 262.537697][ T48] usb 4-1: config 0 descriptor?? [ 262.782210][ T48] usb 4-1: USB disconnect, device number 37 15:53:36 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x28600, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x1, 0x0) ioctl$DRM_IOCTL_INFO_BUFS(r1, 0xc0106418, &(0x7f0000000040)={0x694, 0x8, 0x8000, 0x7, 0x10, 0x6}) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:53:36 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x4000000, @pix_mp}) 15:53:36 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5c00, @pix_mp}) 15:53:36 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:36 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:36 executing program 1 (fault-call:5 fault-nth:43): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:36 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:36 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5000000, @pix_mp}) 15:53:36 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x1000000, @pix_mp}) [ 263.355628][T13210] FAULT_INJECTION: forcing a failure. [ 263.355628][T13210] name failslab, interval 1, probability 0, space 0, times 0 [ 263.391220][T13210] CPU: 0 PID: 13210 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 263.400105][T13210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 263.410259][T13210] Call Trace: [ 263.413548][T13210] dump_stack+0x10f/0x19d [ 263.417868][T13210] should_fail+0x23c/0x250 [ 263.422373][T13210] __should_failslab+0x81/0x90 [ 263.427193][T13210] should_failslab+0x5/0x20 [ 263.431694][T13210] kmem_cache_alloc_trace+0x32/0x2c0 [ 263.437054][T13210] ? proc_pid_stack+0x59/0x180 [ 263.441817][T13210] proc_pid_stack+0x59/0x180 [ 263.446491][T13210] proc_single_show+0x84/0x100 [ 263.451244][T13210] seq_read+0x2ee/0x900 [ 263.455401][T13210] do_iter_read+0x3f5/0x480 [ 263.459916][T13210] do_preadv+0x13b/0x230 [ 263.464188][T13210] ? __sb_end_write+0x90/0xe0 [ 263.468894][T13210] ? vfs_write+0x323/0x350 [ 263.473325][T13210] ? check_preemption_disabled+0x51/0x140 [ 263.479053][T13210] ? debug_smp_processor_id+0x18/0x20 [ 263.484434][T13210] ? fpregs_assert_state_consistent+0x7e/0x90 [ 263.490562][T13210] __x64_sys_preadv+0x54/0x60 [ 263.495271][T13210] do_syscall_64+0x51/0xb0 [ 263.499684][T13210] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 263.505565][T13210] RIP: 0033:0x45cb29 [ 263.509512][T13210] Code: Bad RIP value. [ 263.513562][T13210] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 263.522075][T13210] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 263.530050][T13210] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 263.538271][T13210] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 263.546239][T13210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 15:53:36 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x721040, 0x0) 15:53:36 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x2000000, @pix_mp}) 15:53:36 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x7ad41, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:53:36 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) [ 263.554201][T13210] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:36 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0205647, &(0x7f0000000040)={0xfffffff, 0x10000, 0xfffffff9, r3, 0x0, &(0x7f0000000000)={0x990afb, 0x1, [], @value64=0x5}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r7, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r7, 0x84, 0x66, &(0x7f0000000040)={r8}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r6, 0x84, 0x6d, &(0x7f0000000080)={r8, 0x39, "f07be66e4da22c57fbf3dfdecebf09616f28aeaddf990c489d76fdb61dbbfbd6d8df73e873f0b765f9b1fe0afc09b018a6a3b05dab83dbf492"}, &(0x7f0000000100)=0x41) setsockopt$inet_sctp_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f0000000140)={r9, 0x6, 0x6, 0x1, 0x2, 0x8}, 0x14) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:53:36 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x3000000, @pix_mp}) 15:53:36 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x6000000, @pix_mp}) [ 263.839457][ T48] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 264.099470][ T48] usb 4-1: Using ep0 maxpacket: 8 [ 264.219710][ T48] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 264.227819][ T48] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 264.238539][ T48] usb 4-1: config 0 has no interface number 0 [ 264.244963][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 264.256309][ T48] usb 4-1: config 0 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 264.269744][ T48] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 264.278799][ T48] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 264.288080][ T48] usb 4-1: config 0 descriptor?? [ 264.532245][ T48] usb 4-1: USB disconnect, device number 38 15:53:38 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:38 executing program 4: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:38 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x7000000, @pix_mp}) 15:53:38 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x4000000, @pix_mp}) 15:53:38 executing program 1 (fault-call:5 fault-nth:44): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:38 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x10300, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, r3, 0x0) ioctl$TUNSETGROUP(r1, 0x400454ce, r3) 15:53:38 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x8000000, @pix_mp}) [ 265.100467][T13278] FAULT_INJECTION: forcing a failure. [ 265.100467][T13278] name failslab, interval 1, probability 0, space 0, times 0 [ 265.129072][T13278] CPU: 1 PID: 13278 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 265.137759][T13278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.147801][T13278] Call Trace: [ 265.151087][T13278] dump_stack+0x10f/0x19d [ 265.155407][T13278] should_fail+0x23c/0x250 [ 265.159814][T13278] __should_failslab+0x81/0x90 [ 265.164601][T13278] should_failslab+0x5/0x20 [ 265.169099][T13278] kmem_cache_alloc_trace+0x32/0x2c0 [ 265.174381][T13278] ? proc_pid_stack+0x59/0x180 [ 265.179138][T13278] proc_pid_stack+0x59/0x180 [ 265.183717][T13278] proc_single_show+0x84/0x100 [ 265.188557][T13278] seq_read+0x2ee/0x900 [ 265.192711][T13278] do_iter_read+0x3f5/0x480 [ 265.197224][T13278] do_preadv+0x13b/0x230 [ 265.201721][T13278] ? __sb_end_write+0x90/0xe0 [ 265.206397][T13278] ? vfs_write+0x323/0x350 [ 265.210978][T13278] ? check_preemption_disabled+0x51/0x140 [ 265.216702][T13278] ? debug_smp_processor_id+0x18/0x20 [ 265.222063][T13278] ? fpregs_assert_state_consistent+0x7e/0x90 [ 265.228272][T13278] __x64_sys_preadv+0x54/0x60 [ 265.232999][T13278] do_syscall_64+0x51/0xb0 [ 265.237406][T13278] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 265.243282][T13278] RIP: 0033:0x45cb29 [ 265.247157][T13278] Code: Bad RIP value. 15:53:38 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x9000000, @pix_mp}) 15:53:38 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:38 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5000000, @pix_mp}) [ 265.251208][T13278] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 265.259603][T13278] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 265.268040][T13278] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 265.276022][T13278] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 265.284036][T13278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 265.292076][T13278] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:38 executing program 1 (fault-call:5 fault-nth:45): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:38 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) [ 265.441837][T13301] FAULT_INJECTION: forcing a failure. [ 265.441837][T13301] name failslab, interval 1, probability 0, space 0, times 0 [ 265.469479][T13301] CPU: 0 PID: 13301 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 265.469489][ T9916] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 265.485712][T13301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.495867][T13301] Call Trace: [ 265.499244][T13301] dump_stack+0x10f/0x19d [ 265.503564][T13301] should_fail+0x23c/0x250 [ 265.507990][T13301] __should_failslab+0x81/0x90 [ 265.512760][T13301] should_failslab+0x5/0x20 [ 265.517327][T13301] kmem_cache_alloc_trace+0x32/0x2c0 [ 265.522652][T13301] ? proc_pid_stack+0x59/0x180 [ 265.527412][T13301] proc_pid_stack+0x59/0x180 [ 265.531991][T13301] proc_single_show+0x84/0x100 [ 265.537031][T13301] seq_read+0x2ee/0x900 [ 265.541206][T13301] do_iter_read+0x3f5/0x480 [ 265.545745][T13301] do_preadv+0x13b/0x230 [ 265.549980][T13301] ? __sb_end_write+0x90/0xe0 [ 265.554657][T13301] ? vfs_write+0x323/0x350 [ 265.559266][T13301] ? check_preemption_disabled+0x51/0x140 [ 265.564980][T13301] ? debug_smp_processor_id+0x18/0x20 [ 265.570502][T13301] ? fpregs_assert_state_consistent+0x7e/0x90 [ 265.576572][T13301] __x64_sys_preadv+0x54/0x60 [ 265.581336][T13301] do_syscall_64+0x51/0xb0 [ 265.585908][T13301] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 265.591879][T13301] RIP: 0033:0x45cb29 [ 265.595750][T13301] Code: Bad RIP value. [ 265.599801][T13301] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 265.608196][T13301] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 265.616179][T13301] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 265.624159][T13301] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 265.632134][T13301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 265.640089][T13301] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 265.879549][ T9916] usb 4-1: Using ep0 maxpacket: 8 [ 266.009822][ T9916] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 266.018045][ T9916] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 266.028214][ T9916] usb 4-1: config 0 has no interface number 0 [ 266.034376][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 266.045559][ T9916] usb 4-1: config 0 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 266.058637][ T9916] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 266.067755][ T9916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.077753][ T9916] usb 4-1: config 0 descriptor?? [ 266.322235][ T9916] usb 4-1: USB disconnect, device number 39 15:53:40 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:40 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x6000000, @pix_mp}) 15:53:40 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x6085c3, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) dup(r3) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = socket(0xa, 0x1, 0x0) close(r6) sendmmsg$inet_sctp(r6, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x200}}], 0x20}], 0x1, 0x0) r7 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp_SCTP_CONTEXT(r6, 0x84, 0x7b, &(0x7f0000000000)={r8}, 0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000200)={0x0}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000100)={r9, @in={{0x2, 0x4e23, @multicast1}}, 0xffff5c3a, 0x4, 0x7, 0x2, 0xa7, 0x3, 0x5}, &(0x7f00000001c0)=0x9c) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r2, 0x10e, 0x2, &(0x7f0000000040)=0x17, 0x4) 15:53:40 executing program 4: r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:40 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xa000000, @pix_mp}) 15:53:40 executing program 1 (fault-call:5 fault-nth:46): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:40 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x7000000, @pix_mp}) 15:53:40 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$packet_int(r1, 0x107, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0x4) ioctl$SNDCTL_DSP_GETOSPACE(0xffffffffffffffff, 0x8010500c, &(0x7f00000004c0)) 15:53:40 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) [ 266.914202][T13328] FAULT_INJECTION: forcing a failure. [ 266.914202][T13328] name failslab, interval 1, probability 0, space 0, times 0 [ 266.951041][T13328] CPU: 0 PID: 13328 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 266.959723][T13328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 266.969853][T13328] Call Trace: [ 266.973140][T13328] dump_stack+0x10f/0x19d [ 266.977484][T13328] should_fail+0x23c/0x250 [ 266.981892][T13328] __should_failslab+0x81/0x90 [ 266.986650][T13328] should_failslab+0x5/0x20 [ 266.991144][T13328] kmem_cache_alloc_trace+0x32/0x2c0 [ 266.996566][T13328] ? proc_pid_stack+0x59/0x180 [ 267.001319][T13328] proc_pid_stack+0x59/0x180 [ 267.005966][T13328] proc_single_show+0x84/0x100 [ 267.010722][T13328] seq_read+0x2ee/0x900 [ 267.014923][T13328] do_iter_read+0x3f5/0x480 [ 267.019546][T13328] do_preadv+0x13b/0x230 [ 267.023782][T13328] ? __sb_end_write+0x90/0xe0 [ 267.028451][T13328] ? vfs_write+0x323/0x350 [ 267.032861][T13328] ? check_preemption_disabled+0x51/0x140 [ 267.038595][T13328] ? debug_smp_processor_id+0x18/0x20 [ 267.043979][T13328] ? fpregs_assert_state_consistent+0x7e/0x90 [ 267.050066][T13328] __x64_sys_preadv+0x54/0x60 [ 267.054800][T13328] do_syscall_64+0x51/0xb0 15:53:40 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xb000000, @pix_mp}) 15:53:40 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x8000000, @pix_mp}) 15:53:40 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xc000000, @pix_mp}) [ 267.059210][T13328] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 267.065089][T13328] RIP: 0033:0x45cb29 [ 267.068968][T13328] Code: Bad RIP value. [ 267.073035][T13328] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 267.081544][T13328] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 267.089676][T13328] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 267.097664][T13328] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 267.105626][T13328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 267.113589][T13328] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 267.189471][ T3964] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 267.459425][ T3964] usb 4-1: Using ep0 maxpacket: 8 [ 267.579788][ T3964] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 267.587931][ T3964] usb 4-1: config 0 has no interface number 0 [ 267.609431][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 267.629429][ T3964] usb 4-1: config 0 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 267.659450][ T3964] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 267.668513][ T3964] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 267.695756][ T3964] usb 4-1: config 0 descriptor?? [ 267.942052][ T5] usb 4-1: USB disconnect, device number 40 15:53:41 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:41 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x9000000, @pix_mp}) 15:53:41 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xd000000, @pix_mp}) 15:53:41 executing program 1 (fault-call:5 fault-nth:47): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:41 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:41 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f0000000100)={0x1f, 0x24, 0x0, r3}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x227d, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) write$cgroup_netprio_ifpriomap(r5, &(0x7f0000000180)=ANY=[@ANYBLOB="766574242600014000000000ab62821100d3862a7e41d5db53f8e0fcadfbee49"], 0x12) signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xfffffffffffffe52]}, 0x8, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r7, 0x40a85323, &(0x7f0000000000)={{0x7, 0x5}, 'port1\x00', 0xd8, 0x40002, 0x80, 0x7f, 0x58, 0x3, 0x8a0d, 0x0, 0x1, 0x80}) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:53:41 executing program 4: syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:41 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xe000000, @pix_mp}) 15:53:41 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xa000000, @pix_mp}) [ 268.540432][T13374] FAULT_INJECTION: forcing a failure. [ 268.540432][T13374] name failslab, interval 1, probability 0, space 0, times 0 [ 268.568121][T13374] CPU: 0 PID: 13374 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 268.576799][T13374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 268.586845][T13374] Call Trace: [ 268.590145][T13374] dump_stack+0x10f/0x19d [ 268.594810][T13374] should_fail+0x23c/0x250 [ 268.599308][T13374] __should_failslab+0x81/0x90 [ 268.604098][T13374] should_failslab+0x5/0x20 [ 268.608718][T13374] kmem_cache_alloc_trace+0x32/0x2c0 [ 268.613996][T13374] ? proc_pid_stack+0x59/0x180 [ 268.618910][T13374] proc_pid_stack+0x59/0x180 [ 268.623502][T13374] proc_single_show+0x84/0x100 [ 268.628261][T13374] seq_read+0x2ee/0x900 [ 268.633702][T13374] do_iter_read+0x3f5/0x480 15:53:41 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f0000000000)) 15:53:41 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x10000000, @pix_mp}) [ 268.638246][T13374] do_preadv+0x13b/0x230 [ 268.642490][T13374] ? __sb_end_write+0x90/0xe0 [ 268.647239][T13374] ? vfs_write+0x323/0x350 [ 268.651652][T13374] ? check_preemption_disabled+0x51/0x140 [ 268.657365][T13374] ? debug_smp_processor_id+0x18/0x20 [ 268.662728][T13374] ? fpregs_assert_state_consistent+0x7e/0x90 [ 268.668811][T13374] __x64_sys_preadv+0x54/0x60 [ 268.673484][T13374] do_syscall_64+0x51/0xb0 [ 268.677961][T13374] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 268.683843][T13374] RIP: 0033:0x45cb29 15:53:41 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, 0x0) [ 268.687794][T13374] Code: Bad RIP value. [ 268.691843][T13374] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 268.700413][T13374] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 268.708399][T13374] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 268.716366][T13374] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 268.724326][T13374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 268.732314][T13374] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 268.780827][ T3964] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 269.019451][ T3964] usb 4-1: Using ep0 maxpacket: 8 [ 269.141015][ T3964] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 269.149143][ T3964] usb 4-1: config 0 has no interface number 0 [ 269.155511][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 269.166550][ T3964] usb 4-1: config 0 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 269.179573][ T3964] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 269.188659][ T3964] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.197558][ T3964] usb 4-1: config 0 descriptor?? [ 269.444611][ T48] usb 4-1: USB disconnect, device number 41 15:53:43 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:43 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x11000000, @pix_mp}) 15:53:43 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xb000000, @pix_mp}) 15:53:43 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, 0x0) 15:53:43 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x4040, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) ioctl$vim2m_VIDIOC_EXPBUF(r1, 0xc0405610, &(0x7f0000000040)={0x2, 0x0, 0x4, 0x4800}) 15:53:43 executing program 1 (fault-call:5 fault-nth:48): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:43 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xc000000, @pix_mp}) 15:53:43 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, 0x0) 15:53:43 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x12000000, @pix_mp}) [ 270.051234][T13429] FAULT_INJECTION: forcing a failure. [ 270.051234][T13429] name failslab, interval 1, probability 0, space 0, times 0 15:53:43 executing program 2: r0 = openat$md(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/md0\x00', 0x9ee4dcf9725db17a, 0x0) flock(r0, 0x6) r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) lsetxattr$trusted_overlay_redirect(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.redirect\x00', &(0x7f0000000080)='./file0\x00', 0x8, 0x2) ioctl$SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f00000004c0)) 15:53:43 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x25000000, @pix_mp}) [ 270.098726][T13429] CPU: 0 PID: 13429 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 270.107440][T13429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 270.117583][T13429] Call Trace: [ 270.120868][T13429] dump_stack+0x10f/0x19d [ 270.125189][T13429] should_fail+0x23c/0x250 [ 270.129641][T13429] __should_failslab+0x81/0x90 [ 270.134683][T13429] should_failslab+0x5/0x20 [ 270.139175][T13429] kmem_cache_alloc_trace+0x32/0x2c0 [ 270.144457][T13429] ? proc_pid_stack+0x59/0x180 15:53:43 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5c000000, @pix_mp}) [ 270.149253][T13429] proc_pid_stack+0x59/0x180 [ 270.153906][T13429] proc_single_show+0x84/0x100 [ 270.158749][T13429] seq_read+0x2ee/0x900 [ 270.162903][T13429] do_iter_read+0x3f5/0x480 [ 270.167469][T13429] do_preadv+0x13b/0x230 [ 270.171706][T13429] ? __sb_end_write+0x90/0xe0 [ 270.176373][T13429] ? vfs_write+0x323/0x350 [ 270.180832][T13429] ? check_preemption_disabled+0x51/0x140 [ 270.186552][T13429] ? debug_smp_processor_id+0x18/0x20 [ 270.191997][T13429] ? fpregs_assert_state_consistent+0x7e/0x90 [ 270.198057][T13429] __x64_sys_preadv+0x54/0x60 [ 270.202725][T13429] do_syscall_64+0x51/0xb0 [ 270.207158][T13429] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 270.213054][T13429] RIP: 0033:0x45cb29 [ 270.216926][T13429] Code: Bad RIP value. [ 270.220976][T13429] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 270.229374][T13429] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 270.238117][T13429] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 270.246163][T13429] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 270.254190][T13429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 270.262152][T13429] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 270.340986][ T48] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 270.579452][ T48] usb 4-1: Using ep0 maxpacket: 8 [ 270.699910][ T48] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 270.708182][ T48] usb 4-1: config 0 has no interface number 0 [ 270.715788][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 270.726901][ T48] usb 4-1: config 0 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 270.741482][ T48] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 270.750533][ T48] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.763212][ T48] usb 4-1: config 0 descriptor?? [ 271.004990][ T49] usb 4-1: USB disconnect, device number 42 15:53:44 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f0100000000090583"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:44 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:44 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r2, 0xc0105303, &(0x7f0000000000)={0x81, 0x8, 0x1}) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:53:44 executing program 4: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x4040, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) ioctl$vim2m_VIDIOC_EXPBUF(r1, 0xc0405610, &(0x7f0000000040)={0x2, 0x0, 0x4, 0x4800}) 15:53:44 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xd000000, @pix_mp}) 15:53:44 executing program 1 (fault-call:5 fault-nth:49): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:44 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x2}}) [ 271.553314][T13471] FAULT_INJECTION: forcing a failure. [ 271.553314][T13471] name failslab, interval 1, probability 0, space 0, times 0 15:53:44 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) [ 271.613791][T13471] CPU: 0 PID: 13471 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 271.622564][T13471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 271.632609][T13471] Call Trace: [ 271.635904][T13471] dump_stack+0x10f/0x19d [ 271.640244][T13471] should_fail+0x23c/0x250 [ 271.644794][T13471] __should_failslab+0x81/0x90 [ 271.658679][T13471] should_failslab+0x5/0x20 15:53:44 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x3}}) 15:53:44 executing program 2: openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f0000000000)) [ 271.663181][T13471] kmem_cache_alloc_trace+0x32/0x2c0 [ 271.668469][T13471] ? proc_pid_stack+0x59/0x180 [ 271.673223][T13471] proc_pid_stack+0x59/0x180 [ 271.677807][T13471] proc_single_show+0x84/0x100 [ 271.682590][T13471] seq_read+0x2ee/0x900 [ 271.686801][T13471] do_iter_read+0x3f5/0x480 [ 271.691296][T13471] do_preadv+0x13b/0x230 [ 271.695615][T13471] ? __sb_end_write+0x90/0xe0 [ 271.700291][T13471] ? vfs_write+0x323/0x350 [ 271.704701][T13471] ? check_preemption_disabled+0x51/0x140 15:53:44 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x4}}) [ 271.710476][T13471] ? debug_smp_processor_id+0x18/0x20 [ 271.715848][T13471] ? fpregs_assert_state_consistent+0x7e/0x90 [ 271.722200][T13471] __x64_sys_preadv+0x54/0x60 [ 271.726870][T13471] do_syscall_64+0x51/0xb0 [ 271.731350][T13471] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 271.737237][T13471] RIP: 0033:0x45cb29 [ 271.741118][T13471] Code: Bad RIP value. [ 271.745170][T13471] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 271.753585][T13471] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 15:53:45 executing program 4: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) [ 271.761544][T13471] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 271.769504][T13471] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 271.777462][T13471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 271.792369][T13471] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 271.880534][ T49] usb 4-1: new high-speed USB device number 43 using dummy_hcd [ 272.119531][ T49] usb 4-1: Using ep0 maxpacket: 8 [ 272.239644][ T49] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 272.247745][ T49] usb 4-1: config 0 has no interface number 0 [ 272.255553][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 272.267305][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 272.277426][ T49] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 272.290930][ T49] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 272.300283][ T49] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 272.308979][ T49] usb 4-1: config 0 descriptor?? [ 272.554956][ T5033] usb 4-1: USB disconnect, device number 43 15:53:46 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x10000, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0xc0000, 0x0) ioctl$VIDIOC_G_INPUT(r1, 0x80045626, &(0x7f0000000040)) 15:53:46 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0xe000000, @pix_mp}) 15:53:46 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x5}}) 15:53:46 executing program 4 (fault-call:1 fault-nth:0): r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:46 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f0100000000090583"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:46 executing program 1 (fault-call:5 fault-nth:50): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 273.125416][T13530] FAULT_INJECTION: forcing a failure. [ 273.125416][T13530] name failslab, interval 1, probability 0, space 0, times 0 [ 273.149938][T13530] CPU: 0 PID: 13530 Comm: syz-executor.4 Not tainted 5.8.0-rc4-syzkaller #0 [ 273.158630][T13530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.161949][T13529] FAULT_INJECTION: forcing a failure. [ 273.161949][T13529] name failslab, interval 1, probability 0, space 0, times 0 [ 273.168852][T13530] Call Trace: [ 273.168870][T13530] dump_stack+0x10f/0x19d [ 273.168891][T13530] should_fail+0x23c/0x250 [ 273.194965][T13530] __should_failslab+0x81/0x90 [ 273.199752][T13530] ? tomoyo_realpath_from_path+0x98/0x3c0 [ 273.205840][T13530] should_failslab+0x5/0x20 [ 273.210455][T13530] __kmalloc+0x43/0x2d0 [ 273.214622][T13530] tomoyo_realpath_from_path+0x98/0x3c0 [ 273.220172][T13530] tomoyo_path_number_perm+0xc1/0x2d0 [ 273.225547][T13530] ? __rcu_read_unlock+0x4b/0x260 [ 273.230563][T13530] tomoyo_file_ioctl+0x1c/0x20 [ 273.237771][T13530] security_file_ioctl+0x45/0x90 [ 273.242721][T13530] __se_sys_ioctl+0x48/0x130 [ 273.247335][T13530] __x64_sys_ioctl+0x3f/0x50 [ 273.251916][T13530] do_syscall_64+0x51/0xb0 [ 273.256324][T13530] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 273.262200][T13530] RIP: 0033:0x45cb29 [ 273.266077][T13530] Code: Bad RIP value. [ 273.270130][T13530] RSP: 002b:00007f26e0512c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 273.278530][T13530] RAX: ffffffffffffffda RBX: 00000000004f3140 RCX: 000000000045cb29 [ 273.286523][T13530] RDX: 0000000020000740 RSI: 000000004020565b RDI: 0000000000000003 [ 273.295163][T13530] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 273.303162][T13530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 273.311127][T13530] R13: 0000000000000668 R14: 00000000004c968d R15: 00007f26e05136d4 [ 273.319191][T13529] CPU: 1 PID: 13529 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 273.327863][T13529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.338023][T13529] Call Trace: [ 273.341342][T13529] dump_stack+0x10f/0x19d [ 273.345698][T13529] should_fail+0x23c/0x250 [ 273.350149][T13529] __should_failslab+0x81/0x90 [ 273.352623][T13530] ERROR: Out of memory at tomoyo_realpath_from_path. [ 273.354906][T13529] should_failslab+0x5/0x20 [ 273.354923][T13529] kmem_cache_alloc_trace+0x32/0x2c0 [ 273.371627][T13529] ? proc_pid_stack+0x59/0x180 15:53:46 executing program 2: openat$audio1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio1\x00', 0x82, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x400, 0x0) openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ocfs2_control\x00', 0x800, 0x0) r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ocfs2_control\x00', 0x410000, 0x0) fcntl$setpipe(r0, 0x407, 0x101) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f0000000000)) 15:53:46 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x6}}) 15:53:46 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x10000000, @pix_mp}) [ 273.376380][T13529] proc_pid_stack+0x59/0x180 [ 273.381022][T13529] proc_single_show+0x84/0x100 [ 273.385777][T13529] seq_read+0x2ee/0x900 [ 273.389926][T13529] do_iter_read+0x3f5/0x480 [ 273.394423][T13529] do_preadv+0x13b/0x230 [ 273.398657][T13529] ? __sb_end_write+0x90/0xe0 [ 273.403324][T13529] ? vfs_write+0x323/0x350 [ 273.407820][T13529] ? check_preemption_disabled+0x51/0x140 [ 273.413532][T13529] ? debug_smp_processor_id+0x18/0x20 [ 273.418967][T13529] ? fpregs_assert_state_consistent+0x7e/0x90 [ 273.425035][T13529] __x64_sys_preadv+0x54/0x60 [ 273.429879][T13529] do_syscall_64+0x51/0xb0 [ 273.434422][T13529] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 273.440336][T13529] RIP: 0033:0x45cb29 [ 273.444210][T13529] Code: Bad RIP value. [ 273.448262][T13529] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 273.456665][T13529] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 273.464644][T13529] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 15:53:46 executing program 4 (fault-call:1 fault-nth:1): r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) [ 273.469453][ T48] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 273.473091][T13529] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 273.473099][T13529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 273.473105][T13529] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:46 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x11000000, @pix_mp}) 15:53:46 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x7}}) 15:53:46 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000040)={&(0x7f0000ffb000/0x4000)=nil, 0x4000}) r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x4300c3, 0x0) io_setup(0x1, &(0x7f0000000080)=0x0) io_cancel(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x4, r2, &(0x7f0000000880)="9a79a71e431775d33a9dbe23ff30fadc85c157545bfb49375b35288d9178491c4318db337bc5340826c94a99f7688581cfffbf83a53f9aa6ea2b830fab25857b54f77cc131a46710f445493d213aceae10914968fbaf27c2466d947b0677208f99cff66286734cdded20b6a13efd85e3b26d2387bfe339f84372ade809092f8c1dfe57e1272ff2d0fefa13ed38af7bd80e684450066c5a7a8244dc0f2317e374e2f5c3555bc06d283af001fe1571322124d6d4efe6f3c2084221409e309219a98cd7436a345b39130e2491576ef793fad88bfd3f57ae92d7a9042045a92bb7fa754f8aaeebffd9789ca14717db1b884f9ac37b583e9236c9c49885056198cd32d1edfbf19cc04b305ee09b5d302d55c00a0ddd6986ef62ed779aec4b8ca9d7276777bcc07edaf68cbcf170e70d9663022e5cc350063a7d8e51c38fd9494000f4ba7bc97f64c4b4751a3d753ada496b1b44a2442dd5ae7ae129f836f3f89d114ccaaa9206625d6ddbf12253090e6acd1b95282a2d10a8ad8e6112a8d5bd5058b8e0329858047facb0cede3824bab666238fe7df1b66c5590e3f5cdef17ca6f30ed413b0d18b0db6c5a4d4a82821c0fa8b77515a34812503295fc377cbda4f5b83dd069fcd912de223dab44ad95e989629692985142844a63290000d098dcaaf185f4b3cdea67909ada0660471ea9ed5f8cd3965229ace06b4cd78770ad0de6b184f62d8e17045d5cda73e09cc061b4b672f79f4dd253f149e903d0f20eb368490adb4115f84e9501c54046f6546d61f72d42dea01742c6560b7525483de4ad9e5777d16da56b8618c14d3b539aaf737abf4c058d95381617a86d0b33ff8a0110595ecc087444b82b57fe81b3524f279970d22feed02ac95c8101ab0e48157861034705ca5f345b1d458abab9f3e42d128b7a0b63e989f2596dc51ede3494031bb1a0ba910bfced54d54899aff2b4b54049f1e7cab81b3d0fd333850af9f424f935b6eb3e1a8ce02f1491665b6c85f320df0018e5eb0cb262696889d53e28d25b327c00aad441b15a42ca3ed45b809a3be81a39b424b00f38bf27c762788cd13b7ed918fc0e208f640a4ce778d7b02ff90ef2352bfd5334e18eee7dc3a5e20c4d73e72e329385e5222c221957e187f305d1cabf4690e17c0f921744a1990fdd094c15edbd5014da40102fe6a309f679973a8f3d5546d8d82252499d816d277290899efb1f4999eb2c05a222de36c4e601b1372554777a738f94f6b34a8dffb1ae10fcae27cc7f83851ba8102bd7be45ab56cf8c163df71d30297e884f5df3e378ca3811f1b034c1540d3518cc82db55b765d5f397ebf3ab0ff468a7c929d3d971eae3224de09ee8ec12086415e196d5ee5bc859bc48a555c6403f1eb23062118133f895992de5c7bf504cead580949b1b49b06db71729d2954010b946aebac1777d23174275002c6975f9ba498e882598a0948c610e6e63156041c9951dcd685dd968ff0e3edb75628cd38c13bd2f5492d00c4870c6edf91e323cf2a2349c8988fa8588a9ae317c5616025e534b866f59ece278076a40702717a79083a0e0a80e8d580d4469a425a29642e65df321ddf59818ecdd633ad3d42fd6a421919f1de0ed025d2da30c7c38dfdbfd17a7efe6dee0ffacc57a92d59efa40e04e10755cad23282d3181b41fde7d64d222fec16ea2b4cfc5a739c64c69b10869184693fbbf0621ee77dc941ef2fe862bfa08517d5a540ac1f278b9fb79fdcd06bc3b6a07d9356182a8f093c29b510af902a66d849d0b3f5c7f13204f35747f2b2f6983b05cbbf45179b4048eb7edd9c0bc0b540b0b7954edcf6da20fffad0b04a44da3716b4f8bd2a6edfe9d77a6d69d362b10fe476de25eea0ae13deedb16a8ca3c9f8a970ee0b72cb278384bd861015e32cec861933449bd59ad7a2b8ddd64d6e02cb1ee32f5de8627e9b48a640f206843c0e9b6f0c2740aa79e85a49114168c4fff6f41ecc65b7063586d0ff6493e85b994a4efbb9c48fe0f2f1c1e50248d861774f932f4cebd0cda54d2f5bee0e3fa348a1c972c508d740a59d672281ae64f4a7161f831bfdf0f3124e2521bd3e6afed2c95bce63b8655e24023b3f9a1c0a9e9b9ff8e46f2329e720c3f17120de8de7a81155ea8b187c0a00dc3ec19d94a470689d64ed51d310ca3e4744c6a9d3bbe0abf3b2622af8c3d7d5f04831085a2ea8fe4c5f5fe9ba2ce6e569e21f80110e64b1391cd2399481b4c43c4ddb6c598dd983c92323ff38b7ccfd2a09e3bb5ec296ed7aac4477c97ce56851d885c91b7b018f4463584aa86cebd8616f0253826e35f05b55282cf66ece49b0f24dc3da43e35ac2eb31fffc0b2d62cf112882d27c3bba4824f5e2537125e6c669f3cf8eb6312331daf754435e73f7b852210be87c91c86ded6156cd6174d5a7bfaad5f6484daec9899ef39a4e7182ffc7cb50e78d9612866fa012e9d324a14f90228b005884efb0d82bf435939626e89038ff6b96899d098d08de3b7bd31579b3958025bf943c72e3886d5f30974bfec3140ebfc4918753c9b0e9ac46ad2f04e2554d3b57241f67e4148112768d19c51f3094c8fab3bfd3f29f0b09e2b8859c08bef0ecd5c5052fcc72eb64238af1edf15d8afc83f3b2cc9ad619c72ae9d1f08250d66e545ad2f2456c898f65bc2e53cfb622d4dc304140fbf9a6279e470bd75b3fb29dc6496d070f4ee556644db7202b5fb7963cf5f33f38ca56ed9dba4140bdc2920e76453463b91200551e99a96a84f004e472e21da94a0d3bef19f94a997030f858567e5ce7501dbf3f2fe0101e4eff9cdc7a855b493896c63345c75add49d80cb9ab8d8d07a43b06c9ef09ab714ef4b5735bf1ce3eac91f083158588e8ce9280d8cd0ed93038daf3ae09202044d5a2a4bfc9083505e4a990449fd534b22045c372b46ca7a6d7e5addaa058fb5426a094b73929ee7a3548cde7709b8f5405ba4d9f679553b8b861c335f1027c760e299d7dd37ed65b19578a676f246630af8ff22e6dec9116baecaa2a92683016b72c24914e004e845570654d663aac7685d810507ddb7da09fe4b4d30d83b0eef7dc51c102788289d948e3660b288905fc97b84470bfbf166338030eba9be44a23792054a563bfe0a730dc7d3a86eb81f04d0c7fe60226810195b6a8daf15bba9bc3b2668e47d9b20f7c142d0e7891036b11d9e0c0d547477b3792d260a7976b05cbab89f566d5b2fc878f77efd5cf14651e836ba57f22a93500d54ff60d3ddb0ad97afd69967bc7928fa75523dec7e0eeaa98ed0d77d1bfa4d744deb622d5fc7e712c5109c6f31747e9ce81ff42a78c77b1a1ec3b28dac6a62a7e607d97841f8d0426e428049fe0c0979d3e08067b300c8f4e5d120ff0bae386b7bbffba222a45bd4fb7bff43f5bc7a398f0d7c16d136c05677cb66e673399d682dcda7f00cca719a00a043caf6f40abed978b9320b9ace7c8278607a74efcc5ad06f1fc167b6286943b37228c59ed7cff2ef88b8c679bf9e775af7755054d31bf413a68d9bb371222e9b02742217aa8bc54efe6c9b7f94d6078affb4ee900f5d3787ac699bc6222a815d5b3147f11d225308ca1e7542e98da21ce29c98ec4fddcad11993f54056902f64ec2286db771efef4941a6ae0b0231d17cc57dcce451ced73634fd16df8a87137269c10a556b0b8aa610001ed48b2bd8de96cd98534db3bd8aaab3f6812d25fcdd0a66875896ae94e6057f52b20dddf4f20134d7bab446a75f294b50d2b04f17664815d56473cb5691346d426f08300323679a1740757e3949d31693b400bca0a6a4e89d7c66bdf3776ad30587f4b807a057f567d104e1df99070a2fe24a659ba55d62c0a6872d1c2a582cc60a54b50127c939464597a7919629a14493bf8b3676fefcaa75b37f267ce6df5e9348639fc42dc8e2062f7bc9d89fd4c1934b0e62f031852831e45cdfa104cb95541b6718d594c977b715e0dfcb71ec0bcd4fed7f848e0a71bfa17a1733fc1a30a111e9e9f874432a026d19cae0a4fb4271bd68c01856788d48f87edc4fc7376828b96a47e9b9b03d42e83d6b313e7c06ea7f14203eb448ca1fe2c4a3935abf19140599ca7c00b39c872de6a5a124e1892b2d0b468a6ec8c76761096a86270939fb6a9e5c8f3808baada95282796630ecb49b5a39ca167ee1000ef77e7bf15f8d4555ecf8c9806b8ec8fac73a8afc8a600aadd8e10c3f38b6fe6f43eae5153716be30a777ab961845475d422cd64d827184590b75f6672401eade887f53043d0d49fa3c42a4de329580f88f59a67cb38678345267dc739d098ef4c6065df85881a95b72956a988081eedeea4ddcb87f2d1ce8579f3b62eeb7f4b743d96a57d88705b5c49df7d99358a37fe3b47f0db75242c4fa99113b96bed2bfc208b1aa5bf58fd23618bc673f79821c71f9a3e9849a8bd0cf40fafe39c20f6718ca0d1993aa9ec4a1e34907430dc8fc8fd63cd3aec48217fbe78ca46e6b0d771d2fe648d2ec8b5dfe870c083aad1836383f9e833de9c4827e10c651425e25b833f89379850577df7339d098aed22fb4cc82282fe7e1ba6a52ca023008c425768eae40094f3c6ee7a2cbe34117f36a4416a213316609c70e480dc0c16c7db813b4d361448ff27ab45d2fdc907f64766918d2526997f10e059be2e68c7caefc3eeb07c47a823a7b303cf3bfd1db6f0d6fd3600e67283bcb0ef717f3cc5826081bfa15a5087e8a82d2ea7e6875a9344e9c48da030c9b6c4791ec3b9bf384080b22a55f9b5f6c4b9ba564bfc7d91e9ced4e899aa8866cee409e35274a418f705ddefb13fe6e7fd8b5f2e9a4d5c476f1d7f047e43cf92461f98b432571547802ae4314c3d2570350d56c00f35cd0cf71d82642fdd3e28a44aaf41e17de849683a697138807d6eb65a22fca67ca768e8546632465360f7f6f848cffb2ed1863ceb4f4575fdce748fce65435cecbb6cc8ff20b1b2fd221937a697a2e2c3aac087e5473af9cca1d6b6274656bd845c87b19270b952d3a9130448ed4ee28455b727f736de793c3b2f7dd47fafd6462521b44a8c37975034edb8de854114833f888d9de5159b975467ee76b7386a3ad0c12a0834a48d162287a02e48e47e0e68c769312d71b9cde401ae46683d3901acd8905019a7c4bdc4fe6e47fee0d403265e3ac90b355e6930007154ab2349fbfcac37d4f482cd7cb7e9c9cc00c922407c37b6ba91acab23c15802a16be283bff04ac1b8292f793d18aaa4515d006112ff28ea1309a2ff3a82fd71a16e00dda7e1dfe189f1891b6728b7077367270c46604389eed5f2d327ec9b91e34256f49b930252bcb44ca94338baccb13e13bc2733a22d9070f3a0277a50e1ed867023b35745a20b48db34d20070630e4f376312a8826a0d25a0428a6bf96a823020dbec0f42ea2343fef10c3aa93b24899c500946b1640bb3671ba7f528b49758a20f5894aebf21ef5f46deadb5045f5b48146641a89cbb3371ea916f21bf5b742be247165f0edfd2ba96e05763228ea0165ba1d977b8543eca140c65f8a6115bbe1cd120dd4f11b6313634dbb3bd32442ca286c18f0cb994a5dd1e049081e6eaa8bfa99b0f8ca07f2f4cdbfd881c8bb02fac42e830db73d28f293f33dd545eb798fceeb4d8e7bf0ba35d77a141e17b94b08571b0e8e5bf79b2b8f24f263266a1f164589dcf60f8f34436a2ba32bb3aa774be09e3233d46edf089ceb36dc813714d5979242abfa00490c0ee402e9b813f77fe0c0cbf800b8c716ba240c6da95faf5b40a7b80e6c04f7", 0x1000, 0x9ec, 0x0, 0x1}, &(0x7f0000000100)) ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f00000004c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) socket$phonet(0x23, 0x2, 0x1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$HIDIOCGRDESC(r7, 0x90044802, &(0x7f0000000500)=ANY=[@ANYBLOB="5203000056b798e2f95649371b2df597a638c6cedb3f7a3edbce036f97ae9ac675dee30b69c12aec14d93343bb003721717a23a0035b288854b70fced6cadede2445b39b5ccbee83ddb0f32c4124cae6adabe148921d0c4d80ae64ad5cb2bd77d12a3a38bf791c698438b0809c851b39f356731eb9f93ad79e0c8325797661b5d1729d369ca7b8f6d0c4708afbe2d2f30c361645bd1c457f6ff15fd0d2cd2da35475b697eb20f98422c560ba046b4cb68bcb9ea6378b46feee6fd45f0d83c765c4dde7487d4ac49e79ccc5e648e3a2da4a1d14fae64af4a2f269901e59fab46feee9752a6ddfcbf4803b80494a830c70e712cdd837bd3d97bc3ca16b8fdd68562d3955e442feae138fcc3144133b7d513541237f06fa2a53e4dfd1f56562566423a51f0e87405fae433bba593e4ed59d82f8b1ac02b6b8ed1dd4a3208e86e6ec88c5756f49696f74cdc1037a0a1ee521b5ac74e6aeb2cff6047af74fe0e272cb2adade3d5c3f40cbfe4d62b323edbafd026a28a22b0ef2b627f3f221022012a9647e18b633aaa9c91c66a6f5ea98b15411db76e16f6f2519ee9744795e34c1b20295fc5037457b56e3dfde558bf3582729135223c63e7e37b4f090452881443214ab2240ae791ed446d328d18dab00ff8b6223bf4b18efd93d45c32d780570bbd132783f7205f481501094532c77744749b9b8d4b1bcb1ffb5dde777ba25ca10361c817709911158410609847b30189d89fe836feefb83da42fcebbfb17714c1198aa7ba6397fa417363c168ac4a77a45f4e8d69aaa62c8bf2fb692a7efa4384953abf7f05eab91218ab75d3bfb859489cc58eaf48986f39abcac0e11f74da745249b7cb9d4695c84d4db1137dd67a1904f0a9ba7cd77d1c9901bcfa62bdb32fdbe575926355fb068f5a37ae223a418424881f1c115b32fd802b357cc0c876d69ac576d2ac5df302cae1c4859d291b6e5ee3dd8f6d4492fc05478c3a07496b2952644c119ce3a8036f65712cca43bb378987cadb39e951bce1c9f9a147ee60d2712899c067030fbf9daed0be0f4bf87df1e877365cb7846472b0e166215a1bc8bdd3c41598ece307db55dcd5c2b8034f9000c7156617074396dd7a714700b9b29afda707e234a253525fdf2e858e05573aecaa03811b6261ba668dd579fa49759aacc67345b3ad8b6a2a966312f63d42000000000000"]) ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, &(0x7f0000000140)=0x800) [ 273.558685][T13550] FAULT_INJECTION: forcing a failure. [ 273.558685][T13550] name failslab, interval 1, probability 0, space 0, times 0 [ 273.587890][T13550] CPU: 1 PID: 13550 Comm: syz-executor.4 Not tainted 5.8.0-rc4-syzkaller #0 [ 273.596575][T13550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.606620][T13550] Call Trace: [ 273.609928][T13550] dump_stack+0x10f/0x19d [ 273.614251][T13550] should_fail+0x23c/0x250 [ 273.618682][T13550] __should_failslab+0x81/0x90 [ 273.623454][T13550] ? tomoyo_encode2+0x1e2/0x350 [ 273.628297][T13550] should_failslab+0x5/0x20 [ 273.632810][T13550] __kmalloc+0x43/0x2d0 [ 273.636959][T13550] tomoyo_encode2+0x1e2/0x350 [ 273.641651][T13550] tomoyo_realpath_from_path+0x36e/0x3c0 [ 273.647783][T13550] tomoyo_path_number_perm+0xc1/0x2d0 [ 273.653157][T13550] ? __rcu_read_unlock+0x4b/0x260 [ 273.658213][T13550] tomoyo_file_ioctl+0x1c/0x20 [ 273.662979][T13550] security_file_ioctl+0x45/0x90 [ 273.667915][T13550] __se_sys_ioctl+0x48/0x130 [ 273.672608][T13550] __x64_sys_ioctl+0x3f/0x50 [ 273.677186][T13550] do_syscall_64+0x51/0xb0 [ 273.681601][T13550] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 273.687481][T13550] RIP: 0033:0x45cb29 [ 273.691356][T13550] Code: Bad RIP value. [ 273.695405][T13550] RSP: 002b:00007f26e0512c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 273.703891][T13550] RAX: ffffffffffffffda RBX: 00000000004f3140 RCX: 000000000045cb29 [ 273.711875][T13550] RDX: 0000000020000740 RSI: 000000004020565b RDI: 0000000000000003 [ 273.719841][T13550] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 273.727974][T13550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 273.736290][T13550] R13: 0000000000000668 R14: 00000000004c968d R15: 00007f26e05136d4 15:53:47 executing program 1 (fault-call:5 fault-nth:51): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:47 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x12000000, @pix_mp}) 15:53:47 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x8}}) [ 273.776454][T13550] ERROR: Out of memory at tomoyo_realpath_from_path. [ 273.789631][ T48] usb 4-1: Using ep0 maxpacket: 8 [ 273.883842][T13567] FAULT_INJECTION: forcing a failure. [ 273.883842][T13567] name failslab, interval 1, probability 0, space 0, times 0 [ 273.910639][T13567] CPU: 1 PID: 13567 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 273.919384][T13567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.929536][T13567] Call Trace: [ 273.929733][ T48] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 273.932903][T13567] dump_stack+0x10f/0x19d [ 273.932922][T13567] should_fail+0x23c/0x250 [ 273.946544][ T48] usb 4-1: config 0 has no interface number 0 [ 273.949692][T13567] __should_failslab+0x81/0x90 [ 273.949758][T13567] should_failslab+0x5/0x20 [ 273.949775][T13567] kmem_cache_alloc_trace+0x32/0x2c0 [ 273.962939][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 273.965078][T13567] ? proc_pid_stack+0x59/0x180 [ 273.965093][T13567] proc_pid_stack+0x59/0x180 [ 273.979601][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 273.981624][T13567] proc_single_show+0x84/0x100 [ 273.981642][T13567] seq_read+0x2ee/0x900 [ 273.988706][ T48] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 273.991013][T13567] do_iter_read+0x3f5/0x480 [ 273.991027][T13567] do_preadv+0x13b/0x230 [ 273.991039][T13567] ? __sb_end_write+0x90/0xe0 [ 273.991051][T13567] ? vfs_write+0x323/0x350 [ 273.991064][T13567] ? check_preemption_disabled+0x51/0x140 [ 273.991076][T13567] ? debug_smp_processor_id+0x18/0x20 [ 273.991096][T13567] ? fpregs_assert_state_consistent+0x7e/0x90 [ 274.017259][ T48] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 274.023315][T13567] __x64_sys_preadv+0x54/0x60 [ 274.023328][T13567] do_syscall_64+0x51/0xb0 [ 274.023342][T13567] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 274.023384][T13567] RIP: 0033:0x45cb29 [ 274.023395][T13567] Code: Bad RIP value. [ 274.036136][ T48] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 274.036791][T13567] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 274.107234][T13567] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 274.115198][T13567] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 274.123297][T13567] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 274.131259][T13567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 274.139307][T13567] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 274.148553][ T48] usb 4-1: config 0 descriptor?? [ 274.392580][ T48] usb 4-1: USB disconnect, device number 44 15:53:48 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f0100000000090583"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:48 executing program 4 (fault-call:1 fault-nth:2): r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:48 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x9}}) 15:53:48 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x25000000, @pix_mp}) 15:53:48 executing program 1 (fault-call:5 fault-nth:52): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:48 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$netrom_NETROM_T4(r2, 0x103, 0x6, &(0x7f0000000000)=0x401, &(0x7f0000000040)=0x4) r3 = socket(0xb, 0x6, 0x5ff) r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x402400, 0x0) ioctl$EVIOCGMTSLOTS(r4, 0x8040450a, &(0x7f00000000c0)=""/15) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100)='nl80211\x00') sendmsg$NL80211_CMD_SET_BEACON(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000980)={0x40, r6, 0x85b, 0x0, 0x0, {}, [@NL80211_ATTR_BEACON_HEAD={0x2a, 0xe, "210ab2ff0d839e06c9b72ff37f2e113d75816bace2774859f9d52d12f2122d3e540dbd673f36"}]}, 0x40}}, 0x0) sendmsg$NL80211_CMD_START_SCHED_SCAN(r3, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x18, r6, 0x20, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20004040}, 0x1) 15:53:48 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x5c000000, @pix_mp}) 15:53:48 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xa}}) [ 274.996542][T13596] FAULT_INJECTION: forcing a failure. [ 274.996542][T13596] name failslab, interval 1, probability 0, space 0, times 0 [ 275.021182][T13596] CPU: 0 PID: 13596 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 275.029889][T13596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 275.039933][T13596] Call Trace: [ 275.043217][T13596] dump_stack+0x10f/0x19d [ 275.047634][T13596] should_fail+0x23c/0x250 [ 275.052065][T13596] __should_failslab+0x81/0x90 [ 275.056823][T13596] should_failslab+0x5/0x20 [ 275.061366][T13596] kmem_cache_alloc_trace+0x32/0x2c0 [ 275.066703][T13596] ? proc_pid_stack+0x59/0x180 [ 275.072417][T13596] proc_pid_stack+0x59/0x180 [ 275.077004][T13596] proc_single_show+0x84/0x100 [ 275.081851][T13596] seq_read+0x2ee/0x900 [ 275.086059][T13596] do_iter_read+0x3f5/0x480 [ 275.090585][T13596] do_preadv+0x13b/0x230 [ 275.094910][T13596] ? __sb_end_write+0x90/0xe0 [ 275.099606][T13596] ? vfs_write+0x323/0x350 [ 275.104125][T13596] ? check_preemption_disabled+0x51/0x140 [ 275.109843][T13596] ? debug_smp_processor_id+0x18/0x20 [ 275.115285][T13596] ? fpregs_assert_state_consistent+0x7e/0x90 [ 275.121355][T13596] __x64_sys_preadv+0x54/0x60 [ 275.126063][T13596] do_syscall_64+0x51/0xb0 [ 275.130532][T13596] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 275.136417][T13596] RIP: 0033:0x45cb29 [ 275.140293][T13596] Code: Bad RIP value. 15:53:48 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xb}}) 15:53:48 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:48 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$DRM_IOCTL_MODE_DIRTYFB(r2, 0xc01864b1, &(0x7f0000000040)={0x6, 0x1, 0x200, 0x6, &(0x7f0000000000)=[{0x0, 0x4, 0x2, 0x8000}, {0x3ec, 0x8, 0x180, 0x800}, {0x9, 0x22eb, 0x5, 0x201}, {0x5, 0x800, 0x800, 0x96f4}, {0x7, 0x1, 0xf36, 0x8}, {0x8001, 0xfffc, 0x9, 0x4}]}) fcntl$setflags(r1, 0x2, 0x1) 15:53:48 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp}) [ 275.144342][T13596] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 275.152742][T13596] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 275.160704][T13596] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 275.168729][T13596] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 275.177392][T13596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 275.185491][T13596] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 275.269507][ T3964] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 275.509443][ T3964] usb 4-1: Using ep0 maxpacket: 8 [ 275.629838][ T3964] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 275.638029][ T3964] usb 4-1: config 0 has no interface number 0 [ 275.644794][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 275.656664][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 275.667064][ T3964] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 275.680475][ T3964] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 275.689957][ T3964] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 275.698470][ T3964] usb 4-1: config 0 descriptor?? [ 275.942484][ T3964] usb 4-1: USB disconnect, device number 45 15:53:49 executing program 1 (fault-call:5 fault-nth:53): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:49 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x2}}) 15:53:49 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xc}}) 15:53:49 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x2, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:49 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:49 executing program 2: openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x20082, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f00000004c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$GIO_UNISCRNMAP(r3, 0x4b69, &(0x7f0000000040)=""/228) r4 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(r4, 0x8983, &(0x7f0000000000)) 15:53:49 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xd}}) 15:53:49 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x3}}) [ 276.510624][T13643] FAULT_INJECTION: forcing a failure. [ 276.510624][T13643] name failslab, interval 1, probability 0, space 0, times 0 [ 276.560370][T13643] CPU: 1 PID: 13643 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 276.569184][T13643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 276.579419][T13643] Call Trace: [ 276.582785][T13643] dump_stack+0x10f/0x19d [ 276.587110][T13643] should_fail+0x23c/0x250 [ 276.591537][T13643] __should_failslab+0x81/0x90 [ 276.596395][T13643] should_failslab+0x5/0x20 [ 276.600896][T13643] kmem_cache_alloc_trace+0x32/0x2c0 [ 276.606171][T13643] ? proc_pid_stack+0x59/0x180 [ 276.610957][T13643] proc_pid_stack+0x59/0x180 [ 276.615543][T13643] proc_single_show+0x84/0x100 [ 276.620339][T13643] seq_read+0x2ee/0x900 [ 276.624492][T13643] do_iter_read+0x3f5/0x480 [ 276.628988][T13643] do_preadv+0x13b/0x230 [ 276.633220][T13643] ? __sb_end_write+0x90/0xe0 [ 276.637889][T13643] ? vfs_write+0x323/0x350 [ 276.642303][T13643] ? check_preemption_disabled+0x51/0x140 [ 276.648020][T13643] ? debug_smp_processor_id+0x18/0x20 [ 276.653381][T13643] ? fpregs_assert_state_consistent+0x7e/0x90 [ 276.659445][T13643] __x64_sys_preadv+0x54/0x60 [ 276.664109][T13643] do_syscall_64+0x51/0xb0 [ 276.668516][T13643] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 276.674400][T13643] RIP: 0033:0x45cb29 [ 276.678330][T13643] Code: Bad RIP value. [ 276.682387][T13643] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 276.690792][T13643] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 276.698868][T13643] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 15:53:49 executing program 2: sysfs$2(0x2, 0xbf, &(0x7f0000000500)=""/4096) r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:53:49 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xe}}) 15:53:49 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x10, &(0x7f0000000740)={0x0, @pix_mp}) [ 276.706828][T13643] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 276.714788][T13643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 276.723330][T13643] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:50 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x4}}) 15:53:50 executing program 1 (fault-call:5 fault-nth:54): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:50 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x3b64, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:50 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x10}}) 15:53:50 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x2082, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f00000000c0)={0x0, 0x5}) accept4$netrom(r2, &(0x7f0000000000)={{0x3, @rose}, [@null, @netrom, @null, @netrom, @remote, @default, @remote, @null]}, &(0x7f0000000080)=0x48, 0x0) [ 276.889499][ T5033] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 276.935766][T13678] FAULT_INJECTION: forcing a failure. [ 276.935766][T13678] name failslab, interval 1, probability 0, space 0, times 0 [ 276.955692][T13678] CPU: 1 PID: 13678 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 276.964366][T13678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 276.974431][T13678] Call Trace: [ 276.977721][T13678] dump_stack+0x10f/0x19d [ 276.982037][T13678] should_fail+0x23c/0x250 [ 276.986445][T13678] __should_failslab+0x81/0x90 [ 276.991200][T13678] should_failslab+0x5/0x20 [ 276.995689][T13678] kmem_cache_alloc_trace+0x32/0x2c0 [ 277.001059][T13678] ? proc_pid_stack+0x59/0x180 [ 277.005841][T13678] proc_pid_stack+0x59/0x180 [ 277.010494][T13678] proc_single_show+0x84/0x100 [ 277.015282][T13678] seq_read+0x2ee/0x900 [ 277.019436][T13678] do_iter_read+0x3f5/0x480 [ 277.023936][T13678] do_preadv+0x13b/0x230 [ 277.028175][T13678] ? __sb_end_write+0x90/0xe0 [ 277.032905][T13678] ? vfs_write+0x323/0x350 [ 277.037315][T13678] ? check_preemption_disabled+0x51/0x140 [ 277.043065][T13678] ? debug_smp_processor_id+0x18/0x20 [ 277.048425][T13678] ? fpregs_assert_state_consistent+0x7e/0x90 [ 277.054484][T13678] __x64_sys_preadv+0x54/0x60 [ 277.059152][T13678] do_syscall_64+0x51/0xb0 [ 277.063564][T13678] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 277.069471][T13678] RIP: 0033:0x45cb29 [ 277.073350][T13678] Code: Bad RIP value. [ 277.077426][T13678] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 277.085843][T13678] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 277.093798][T13678] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 277.101744][T13678] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 277.109690][T13678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 277.117634][T13678] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 277.269482][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 277.419792][ T5033] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 277.428028][ T5033] usb 4-1: config 0 has no interface number 0 [ 277.434161][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 277.445324][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 277.456423][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 277.466331][ T5033] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 277.479423][ T5033] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 277.488496][ T5033] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 277.498832][ T5033] usb 4-1: config 0 descriptor?? [ 277.541850][ T5033] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input24 [ 277.741611][ T5033] usb 4-1: USB disconnect, device number 46 [ 277.759473][ T5033] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:53:51 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:51 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x5}}) 15:53:51 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4c01, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:51 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x2004c1, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f0000000040)) 15:53:51 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x11}}) 15:53:51 executing program 1 (fault-call:5 fault-nth:55): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:51 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x6}}) 15:53:51 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4c82, &(0x7f0000000740)={0x0, @pix_mp}) [ 278.331114][T13721] FAULT_INJECTION: forcing a failure. [ 278.331114][T13721] name failslab, interval 1, probability 0, space 0, times 0 [ 278.359095][T13721] CPU: 0 PID: 13721 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 278.367784][T13721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 278.377867][T13721] Call Trace: [ 278.381177][T13721] dump_stack+0x10f/0x19d [ 278.385509][T13721] should_fail+0x23c/0x250 [ 278.389922][T13721] __should_failslab+0x81/0x90 [ 278.394683][T13721] should_failslab+0x5/0x20 [ 278.399198][T13721] kmem_cache_alloc_trace+0x32/0x2c0 [ 278.404477][T13721] ? proc_pid_stack+0x59/0x180 [ 278.409243][T13721] proc_pid_stack+0x59/0x180 [ 278.413864][T13721] proc_single_show+0x84/0x100 [ 278.418686][T13721] seq_read+0x2ee/0x900 [ 278.422944][T13721] do_iter_read+0x3f5/0x480 [ 278.427445][T13721] do_preadv+0x13b/0x230 [ 278.431687][T13721] ? __sb_end_write+0x90/0xe0 [ 278.436541][T13721] ? vfs_write+0x323/0x350 [ 278.440959][T13721] ? check_preemption_disabled+0x51/0x140 [ 278.446673][T13721] ? debug_smp_processor_id+0x18/0x20 [ 278.452039][T13721] ? fpregs_assert_state_consistent+0x7e/0x90 [ 278.458105][T13721] __x64_sys_preadv+0x54/0x60 [ 278.462779][T13721] do_syscall_64+0x51/0xb0 [ 278.467266][T13721] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 278.473177][T13721] RIP: 0033:0x45cb29 [ 278.477050][T13721] Code: Bad RIP value. 15:53:51 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x12}}) 15:53:51 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x200583, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) open_tree(r2, &(0x7f0000000000)='./file0\x00', 0x80900) 15:53:51 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r1, 0xc0bc5310, &(0x7f0000000040)) r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f00000004c0)) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x34100, 0x0) ioctl$SNDCTL_DSP_RESET(r3, 0x5000, 0x0) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000100)) [ 278.481104][T13721] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 278.489500][T13721] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 278.497459][T13721] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 278.505416][T13721] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 278.513439][T13721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 278.521549][T13721] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:51 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x25}}) [ 278.699422][ T48] usb 4-1: new high-speed USB device number 47 using dummy_hcd [ 278.969423][ T48] usb 4-1: Using ep0 maxpacket: 8 [ 279.089771][ T48] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 279.097836][ T48] usb 4-1: config 0 has no interface number 0 [ 279.104698][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 279.115852][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 279.127249][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 279.137532][ T48] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 279.150942][ T48] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 279.160453][ T48] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 279.172251][ T48] usb 4-1: config 0 descriptor?? [ 279.214990][ T48] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input25 [ 279.411553][ T5] usb 4-1: USB disconnect, device number 47 [ 279.429450][ T5] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:53:53 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x541b, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:53 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x7}}) 15:53:53 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) alarm(0x81) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VIDIOC_G_STD(r1, 0x80085617, &(0x7f0000000080)) r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x80, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f00000004c0)) open$dir(&(0x7f0000000040)='./file0\x00', 0xb6112014b509e892, 0x1) 15:53:53 executing program 1 (fault-call:5 fault-nth:56): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:53 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:53:53 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x5c}}) 15:53:53 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x8}}) 15:53:53 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x300}}) [ 279.977064][T13788] FAULT_INJECTION: forcing a failure. [ 279.977064][T13788] name failslab, interval 1, probability 0, space 0, times 0 [ 280.029465][T13788] CPU: 1 PID: 13788 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 280.038156][T13788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.048202][T13788] Call Trace: [ 280.051489][T13788] dump_stack+0x10f/0x19d [ 280.055812][T13788] should_fail+0x23c/0x250 [ 280.060230][T13788] __should_failslab+0x81/0x90 [ 280.065005][T13788] should_failslab+0x5/0x20 [ 280.069509][T13788] kmem_cache_alloc_trace+0x32/0x2c0 [ 280.074821][T13788] ? proc_pid_stack+0x59/0x180 [ 280.079681][T13788] proc_pid_stack+0x59/0x180 [ 280.084270][T13788] proc_single_show+0x84/0x100 [ 280.089088][T13788] seq_read+0x2ee/0x900 [ 280.093247][T13788] do_iter_read+0x3f5/0x480 [ 280.097750][T13788] do_preadv+0x13b/0x230 [ 280.102028][T13788] ? __sb_end_write+0x90/0xe0 [ 280.106730][T13788] ? vfs_write+0x323/0x350 [ 280.111171][T13788] ? check_preemption_disabled+0x51/0x140 [ 280.117034][T13788] ? debug_smp_processor_id+0x18/0x20 [ 280.122406][T13788] ? fpregs_assert_state_consistent+0x7e/0x90 [ 280.128498][T13788] __x64_sys_preadv+0x54/0x60 [ 280.133168][T13788] do_syscall_64+0x51/0xb0 [ 280.137633][T13788] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 280.143517][T13788] RIP: 0033:0x45cb29 [ 280.147468][T13788] Code: Bad RIP value. [ 280.151533][T13788] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 280.159943][T13788] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 280.167910][T13788] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 15:53:53 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x500}}) 15:53:53 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x6002) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$BLKPG(r2, 0x1269, &(0x7f0000000100)={0x7, 0x4, 0xa9, &(0x7f0000000040)="1369358144b5a2f15544e0dd26ab3d5f30bb65f0055282a7dc144108dd9369fe8850042e2b2f549a340dde90018771e83850c190ab88c6390a39fae73f931dae2f61c313375939abeb0ee5b822edb56690b630bfdab631f950ca644fc303cf45ec8fe7f6a4c88473ad7ddfd7bf046ff1d6d1b7f40691e54d1cc0729276bca3e80bacc4263c48910af5a8bd950c56c79d7bd477caf9524870b1346a50b6a7c8abd2638db32a0cb96225"}) 15:53:53 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5421, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:53 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x9}}) [ 280.175968][T13788] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 280.183930][T13788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 280.191949][T13788] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:53 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x600}}) 15:53:53 executing program 1 (fault-call:5 fault-nth:57): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:53 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xa}}) 15:53:53 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x700}}) [ 280.300807][ T5] usb 4-1: new high-speed USB device number 48 using dummy_hcd [ 280.351686][T13820] FAULT_INJECTION: forcing a failure. [ 280.351686][T13820] name failslab, interval 1, probability 0, space 0, times 0 [ 280.394317][T13820] CPU: 1 PID: 13820 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 280.403033][T13820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.413222][T13820] Call Trace: [ 280.416508][T13820] dump_stack+0x10f/0x19d [ 280.420844][T13820] should_fail+0x23c/0x250 [ 280.425266][T13820] __should_failslab+0x81/0x90 [ 280.430101][T13820] should_failslab+0x5/0x20 [ 280.434702][T13820] kmem_cache_alloc_trace+0x32/0x2c0 [ 280.440010][T13820] ? proc_pid_stack+0x59/0x180 [ 280.444764][T13820] proc_pid_stack+0x59/0x180 [ 280.449347][T13820] proc_single_show+0x84/0x100 [ 280.454103][T13820] seq_read+0x2ee/0x900 [ 280.459107][T13820] do_iter_read+0x3f5/0x480 [ 280.463606][T13820] do_preadv+0x13b/0x230 [ 280.467849][T13820] ? __sb_end_write+0x90/0xe0 [ 280.472567][T13820] ? vfs_write+0x323/0x350 [ 280.476974][T13820] ? check_preemption_disabled+0x51/0x140 [ 280.482772][T13820] ? debug_smp_processor_id+0x18/0x20 [ 280.488148][T13820] ? fpregs_assert_state_consistent+0x7e/0x90 [ 280.494210][T13820] __x64_sys_preadv+0x54/0x60 [ 280.498894][T13820] do_syscall_64+0x51/0xb0 [ 280.503325][T13820] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 280.509236][T13820] RIP: 0033:0x45cb29 [ 280.513114][T13820] Code: Bad RIP value. [ 280.517174][T13820] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 280.525828][T13820] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 280.533818][T13820] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 280.541188][ T5] usb 4-1: Using ep0 maxpacket: 8 [ 280.541816][T13820] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 280.554814][T13820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 280.562854][T13820] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 280.659522][ T5] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 280.667826][ T5] usb 4-1: config 0 has no interface number 0 [ 280.674591][ T5] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 280.685955][ T5] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 280.697300][ T5] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 280.707487][ T5] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 280.721512][ T5] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 280.732876][ T5] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 280.743602][ T5] usb 4-1: config 0 descriptor?? [ 280.785192][ T5] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input26 [ 280.982043][ T5] usb 4-1: USB disconnect, device number 48 [ 280.999443][ T5] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:53:54 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 15:53:54 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5450, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:54 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x6002, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:53:54 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xb}}) 15:53:54 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x900}}) 15:53:54 executing program 1 (fault-call:5 fault-nth:58): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:54 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5451, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:54 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xc}}) [ 281.547260][T13856] FAULT_INJECTION: forcing a failure. [ 281.547260][T13856] name failslab, interval 1, probability 0, space 0, times 0 15:53:54 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xa00}}) 15:53:54 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5452, &(0x7f0000000740)={0x0, @pix_mp}) [ 281.606456][T13856] CPU: 0 PID: 13856 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 281.615305][T13856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.625379][T13856] Call Trace: [ 281.628672][T13856] dump_stack+0x10f/0x19d [ 281.632993][T13856] should_fail+0x23c/0x250 [ 281.637489][T13856] __should_failslab+0x81/0x90 [ 281.642290][T13856] should_failslab+0x5/0x20 [ 281.646931][T13856] kmem_cache_alloc_trace+0x32/0x2c0 15:53:54 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xb00}}) [ 281.652217][T13856] ? proc_pid_stack+0x59/0x180 [ 281.657091][T13856] proc_pid_stack+0x59/0x180 [ 281.661776][T13856] proc_single_show+0x84/0x100 [ 281.666542][T13856] seq_read+0x2ee/0x900 [ 281.670696][T13856] do_iter_read+0x3f5/0x480 [ 281.676182][T13856] do_preadv+0x13b/0x230 [ 281.680423][T13856] ? __sb_end_write+0x90/0xe0 [ 281.685123][T13856] ? vfs_write+0x323/0x350 [ 281.689681][T13856] ? check_preemption_disabled+0x51/0x140 [ 281.695489][T13856] ? debug_smp_processor_id+0x18/0x20 [ 281.700941][T13856] ? fpregs_assert_state_consistent+0x7e/0x90 15:53:54 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5460, &(0x7f0000000740)={0x0, @pix_mp}) [ 281.707008][T13856] __x64_sys_preadv+0x54/0x60 [ 281.711686][T13856] do_syscall_64+0x51/0xb0 [ 281.716790][T13856] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 281.723458][T13856] RIP: 0033:0x45cb29 [ 281.727419][T13856] Code: Bad RIP value. [ 281.731479][T13856] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 281.739887][T13856] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 281.748135][T13856] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 281.756190][T13856] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 281.764172][T13856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 281.772137][T13856] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 281.829444][ T49] usb 4-1: new high-speed USB device number 49 using dummy_hcd [ 282.069440][ T49] usb 4-1: Using ep0 maxpacket: 8 [ 282.189777][ T49] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 282.197870][ T49] usb 4-1: config 0 has no interface number 0 [ 282.204761][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 282.216016][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 282.227392][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 282.237626][ T49] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 282.251036][ T49] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 282.260475][ T49] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 282.269176][ T49] usb 4-1: config 0 descriptor?? [ 282.326414][ T49] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input27 [ 282.523585][ T49] usb 4-1: USB disconnect, device number 49 [ 282.543181][ T49] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:53:56 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 15:53:56 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xc00}}) 15:53:56 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5646, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:56 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) prctl$PR_CAP_AMBIENT(0x2f, 0x4, 0xd) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:53:56 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xd}}) 15:53:56 executing program 1 (fault-call:5 fault-nth:59): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 283.078851][T13917] FAULT_INJECTION: forcing a failure. [ 283.078851][T13917] name failslab, interval 1, probability 0, space 0, times 0 [ 283.095201][T13922] Sensor A: ================= START STATUS ================= [ 283.115517][T13922] v4l2-ctrls: Sensor A: Test Pattern: 75% Colorbar [ 283.125436][T13917] CPU: 0 PID: 13917 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 283.134138][T13917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.144322][T13917] Call Trace: [ 283.147608][T13917] dump_stack+0x10f/0x19d [ 283.151930][T13917] should_fail+0x23c/0x250 [ 283.156339][T13917] __should_failslab+0x81/0x90 [ 283.161147][T13917] should_failslab+0x5/0x20 [ 283.165680][T13917] kmem_cache_alloc_trace+0x32/0x2c0 [ 283.171044][T13917] ? proc_pid_stack+0x59/0x180 [ 283.175881][T13917] proc_pid_stack+0x59/0x180 [ 283.180465][T13917] proc_single_show+0x84/0x100 [ 283.185220][T13917] seq_read+0x2ee/0x900 [ 283.189372][T13917] do_iter_read+0x3f5/0x480 [ 283.193914][T13917] do_preadv+0x13b/0x230 [ 283.198149][T13917] ? __sb_end_write+0x90/0xe0 [ 283.202852][T13917] ? vfs_write+0x323/0x350 [ 283.204593][T13922] v4l2-ctrls: Sensor A: Vertical Flip: false [ 283.207258][T13917] ? check_preemption_disabled+0x51/0x140 [ 283.207276][T13917] ? debug_smp_processor_id+0x18/0x20 [ 283.224389][T13917] ? fpregs_assert_state_consistent+0x7e/0x90 [ 283.229081][T13922] v4l2-ctrls: Sensor A: Horizontal Flip: false [ 283.230501][T13917] __x64_sys_preadv+0x54/0x60 [ 283.230518][T13917] do_syscall_64+0x51/0xb0 [ 283.243454][T13922] v4l2-ctrls: Sensor A: Brightness: 128 [ 283.245700][T13917] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 283.245709][T13917] RIP: 0033:0x45cb29 [ 283.245712][T13917] Code: Bad RIP value. [ 283.245718][T13917] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 283.271989][T13922] v4l2-ctrls: Sensor A: Contrast: 128 15:53:56 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xd00}}) 15:53:56 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xe}}) 15:53:56 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) r1 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ocfs2_control\x00', 0x143042, 0x0) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r1, 0x54a3) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40106614, &(0x7f0000000040)) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) [ 283.273492][T13917] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 283.273499][T13917] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 283.273505][T13917] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 283.273546][T13917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 283.283952][T13922] v4l2-ctrls: Sensor A: Hue: 0 [ 283.286825][T13917] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:53:56 executing program 1 (fault-call:5 fault-nth:60): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 283.349441][ T49] usb 4-1: new high-speed USB device number 50 using dummy_hcd 15:53:56 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x10}}) 15:53:56 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xe00}}) [ 283.431348][T13943] FAULT_INJECTION: forcing a failure. [ 283.431348][T13943] name failslab, interval 1, probability 0, space 0, times 0 [ 283.446943][T13922] v4l2-ctrls: Sensor A: Saturation: 128 [ 283.459495][T13922] Sensor A: ================== END STATUS ================== [ 283.467181][T13943] CPU: 0 PID: 13943 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 283.475846][T13943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.485987][T13943] Call Trace: [ 283.489279][T13943] dump_stack+0x10f/0x19d [ 283.493603][T13943] should_fail+0x23c/0x250 [ 283.498015][T13943] __should_failslab+0x81/0x90 [ 283.502880][T13943] should_failslab+0x5/0x20 [ 283.507385][T13943] kmem_cache_alloc_trace+0x32/0x2c0 [ 283.512662][T13943] ? proc_pid_stack+0x59/0x180 [ 283.517415][T13943] proc_pid_stack+0x59/0x180 [ 283.522038][T13943] proc_single_show+0x84/0x100 [ 283.526793][T13943] seq_read+0x2ee/0x900 [ 283.530952][T13943] do_iter_read+0x3f5/0x480 [ 283.535500][T13943] do_preadv+0x13b/0x230 [ 283.539738][T13943] ? __sb_end_write+0x90/0xe0 [ 283.544431][T13943] ? vfs_write+0x323/0x350 [ 283.548852][T13943] ? check_preemption_disabled+0x51/0x140 [ 283.554569][T13943] ? debug_smp_processor_id+0x18/0x20 [ 283.559930][T13943] ? fpregs_assert_state_consistent+0x7e/0x90 [ 283.566078][T13943] __x64_sys_preadv+0x54/0x60 [ 283.570760][T13943] do_syscall_64+0x51/0xb0 [ 283.575191][T13943] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 283.581081][T13943] RIP: 0033:0x45cb29 [ 283.584956][T13943] Code: Bad RIP value. [ 283.589007][T13943] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 283.589409][ T49] usb 4-1: Using ep0 maxpacket: 8 [ 283.597416][T13943] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 283.597422][T13943] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 283.597429][T13943] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 283.597434][T13943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 283.597448][T13943] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 283.729821][ T49] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 283.737905][ T49] usb 4-1: config 0 has no interface number 0 [ 283.746193][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 283.771298][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 283.782938][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 283.804565][ T49] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 283.820158][ T49] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 283.829222][ T49] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.837942][ T49] usb 4-1: config 0 descriptor?? [ 283.881955][ T49] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input28 [ 284.094349][ T5] usb 4-1: USB disconnect, device number 50 [ 284.099429][ C1] xpad 4-1:0.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 284.108428][ T5] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:53:57 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 15:53:57 executing program 2: openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x100, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) read(r4, &(0x7f00000000c0)=""/75, 0x4b) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x40082404, &(0x7f0000000140)=0xfff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa\x00', 0x105007, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r8, 0x8010500c, &(0x7f0000000180)) 15:53:57 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x6364, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:57 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x11}}) 15:53:57 executing program 1 (fault-call:5 fault-nth:61): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:57 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x1100}}) 15:53:57 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x6609, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:57 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x1200}}) 15:53:57 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x12}}) 15:53:57 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x660c, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:57 executing program 2: r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$DRM_IOCTL_GET_MAP(r0, 0xc0286404, &(0x7f0000000140)={0x0, 0x7, 0x4, 0x65, &(0x7f0000ffb000/0x3000)=nil, 0xa4}) r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) r2 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000100)={&(0x7f00000000c0)='./file0\x00', 0x0, 0x8}, 0x10) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) accept4$ax25(r3, &(0x7f0000000000)={{0x3, @default}, [@netrom, @remote, @rose, @bcast, @null, @null, @bcast, @bcast]}, &(0x7f0000000080)=0x48, 0x80000) ioctl$SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f00000004c0)) [ 284.701253][T13988] FAULT_INJECTION: forcing a failure. [ 284.701253][T13988] name failslab, interval 1, probability 0, space 0, times 0 15:53:58 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x2500}}) [ 284.760288][T13988] CPU: 0 PID: 13988 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 284.769073][T13988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 284.779149][T13988] Call Trace: [ 284.782443][T13988] dump_stack+0x10f/0x19d [ 284.786771][T13988] should_fail+0x23c/0x250 [ 284.791192][T13988] __should_failslab+0x81/0x90 [ 284.795997][T13988] should_failslab+0x5/0x20 [ 284.800491][T13988] kmem_cache_alloc_trace+0x32/0x2c0 [ 284.806031][T13988] ? proc_pid_stack+0x59/0x180 [ 284.811251][T13988] proc_pid_stack+0x59/0x180 [ 284.815857][T13988] proc_single_show+0x84/0x100 [ 284.820616][T13988] seq_read+0x2ee/0x900 [ 284.826233][T13988] do_iter_read+0x3f5/0x480 [ 284.830783][T13988] do_preadv+0x13b/0x230 [ 284.835172][T13988] ? __sb_end_write+0x90/0xe0 [ 284.839850][T13988] ? vfs_write+0x323/0x350 [ 284.844311][T13988] ? check_preemption_disabled+0x51/0x140 [ 284.850025][T13988] ? debug_smp_processor_id+0x18/0x20 [ 284.855389][T13988] ? fpregs_assert_state_consistent+0x7e/0x90 [ 284.861524][T13988] __x64_sys_preadv+0x54/0x60 [ 284.866251][T13988] do_syscall_64+0x51/0xb0 [ 284.870718][T13988] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 284.877731][T13988] RIP: 0033:0x45cb29 [ 284.881611][T13988] Code: Bad RIP value. [ 284.885684][T13988] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 284.894084][T13988] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 284.902052][T13988] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 284.910112][T13988] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 284.918246][T13988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 284.926229][T13988] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 285.099457][ T3964] usb 4-1: new high-speed USB device number 51 using dummy_hcd [ 285.369550][ T3964] usb 4-1: Using ep0 maxpacket: 8 [ 285.500917][ T3964] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 285.509002][ T3964] usb 4-1: config 0 has no interface number 0 [ 285.515740][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 285.526973][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 285.538241][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 285.548414][ T3964] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 285.561747][ T3964] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 285.571102][ T3964] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 285.582421][ T3964] usb 4-1: config 0 descriptor?? [ 285.626331][ T3964] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input29 [ 285.822945][ T49] usb 4-1: USB disconnect, device number 51 [ 285.839458][ T49] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:53:59 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 15:53:59 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x8912, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:59 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x5c00}}) 15:53:59 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x25}}) 15:53:59 executing program 1 (fault-call:5 fault-nth:62): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:53:59 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_GET_XSAVE(r1, 0x9000aea4, &(0x7f0000000500)) signalfd4(r0, &(0x7f0000000000)={[0x836]}, 0x8, 0x80000) r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f00000004c0)) 15:53:59 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0xa12bad9c9cdd852a, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:53:59 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x8933, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:59 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x5c}}) 15:53:59 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x1000000}}) [ 286.420715][T14056] FAULT_INJECTION: forcing a failure. [ 286.420715][T14056] name failslab, interval 1, probability 0, space 0, times 0 [ 286.448980][T14056] CPU: 0 PID: 14056 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 286.458008][T14056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 15:53:59 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x3fffffff, &(0x7f0000000740)={0x0, @pix_mp}) 15:53:59 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x2000000}}) [ 286.468077][T14056] Call Trace: [ 286.471361][T14056] dump_stack+0x10f/0x19d [ 286.475679][T14056] should_fail+0x23c/0x250 [ 286.480345][T14056] __should_failslab+0x81/0x90 [ 286.485156][T14056] should_failslab+0x5/0x20 [ 286.489675][T14056] kmem_cache_alloc_trace+0x32/0x2c0 [ 286.494955][T14056] ? proc_pid_stack+0x59/0x180 [ 286.499715][T14056] proc_pid_stack+0x59/0x180 [ 286.504407][T14056] proc_single_show+0x84/0x100 [ 286.509163][T14056] seq_read+0x2ee/0x900 [ 286.513321][T14056] do_iter_read+0x3f5/0x480 [ 286.517818][T14056] do_preadv+0x13b/0x230 [ 286.522052][T14056] ? __sb_end_write+0x90/0xe0 [ 286.526738][T14056] ? vfs_write+0x323/0x350 [ 286.531147][T14056] ? check_preemption_disabled+0x51/0x140 [ 286.536942][T14056] ? debug_smp_processor_id+0x18/0x20 [ 286.542313][T14056] ? fpregs_assert_state_consistent+0x7e/0x90 [ 286.548375][T14056] __x64_sys_preadv+0x54/0x60 [ 286.553042][T14056] do_syscall_64+0x51/0xb0 [ 286.557510][T14056] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 286.564341][T14056] RIP: 0033:0x45cb29 [ 286.568223][T14056] Code: Bad RIP value. [ 286.572327][T14056] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 286.580730][T14056] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 286.588693][T14056] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 286.596774][T14056] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 286.604825][T14056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 286.612955][T14056] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 286.779423][ T9916] usb 4-1: new high-speed USB device number 52 using dummy_hcd [ 287.049444][ T9916] usb 4-1: Using ep0 maxpacket: 8 [ 287.190435][ T9916] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 287.198535][ T9916] usb 4-1: config 0 has no interface number 0 [ 287.204817][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 287.215764][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 287.226816][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 287.236849][ T9916] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 287.250264][ T9916] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 287.259273][ T9916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 287.269504][ T9916] usb 4-1: config 0 descriptor?? [ 287.314303][ T9916] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input30 [ 287.511503][ T49] usb 4-1: USB disconnect, device number 52 [ 287.530447][ T49] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:54:01 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 15:54:01 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x3000000}}) 15:54:01 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x400454ca, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:01 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x300}}) 15:54:01 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f0000000000)) 15:54:01 executing program 1 (fault-call:5 fault-nth:63): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:01 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x500}}) 15:54:01 executing program 2: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000005c0)='nl80211\x00') r4 = creat(&(0x7f0000000140)='./bus\x00', 0x0) sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="110000000000000000000200000008000300", @ANYRES32=r4], 0x1c}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0) r7 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r7, 0x8010500c, &(0x7f00000004c0)) 15:54:01 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x40049409, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:01 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x4000000}}) [ 288.116112][T14119] FAULT_INJECTION: forcing a failure. [ 288.116112][T14119] name failslab, interval 1, probability 0, space 0, times 0 [ 288.145285][T14119] CPU: 0 PID: 14119 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 288.154046][T14119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 15:54:01 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x600}}) [ 288.164091][T14119] Call Trace: [ 288.167450][T14119] dump_stack+0x10f/0x19d [ 288.171847][T14119] should_fail+0x23c/0x250 [ 288.176258][T14119] __should_failslab+0x81/0x90 [ 288.181035][T14119] should_failslab+0x5/0x20 [ 288.185582][T14119] kmem_cache_alloc_trace+0x32/0x2c0 [ 288.190862][T14119] ? proc_pid_stack+0x59/0x180 [ 288.195815][T14119] proc_pid_stack+0x59/0x180 [ 288.200562][T14119] proc_single_show+0x84/0x100 [ 288.206259][T14119] seq_read+0x2ee/0x900 [ 288.210764][T14119] do_iter_read+0x3f5/0x480 15:54:01 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x700}}) [ 288.215858][T14119] do_preadv+0x13b/0x230 [ 288.220131][T14119] ? __sb_end_write+0x90/0xe0 [ 288.224808][T14119] ? vfs_write+0x323/0x350 [ 288.229308][T14119] ? check_preemption_disabled+0x51/0x140 [ 288.235172][T14119] ? debug_smp_processor_id+0x18/0x20 [ 288.240605][T14119] ? fpregs_assert_state_consistent+0x7e/0x90 [ 288.246678][T14119] __x64_sys_preadv+0x54/0x60 [ 288.251356][T14119] do_syscall_64+0x51/0xb0 [ 288.255849][T14119] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 288.261736][T14119] RIP: 0033:0x45cb29 [ 288.265785][T14119] Code: Bad RIP value. [ 288.269839][T14119] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 288.278255][T14119] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 288.286233][T14119] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 288.294210][T14119] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 288.302173][T14119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 288.310154][T14119] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 288.470742][ T49] usb 4-1: new high-speed USB device number 53 using dummy_hcd [ 288.719423][ T49] usb 4-1: Using ep0 maxpacket: 8 [ 288.849576][ T49] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 288.857974][ T49] usb 4-1: config 0 has no interface number 0 [ 288.864094][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 288.875051][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 288.886263][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 288.896099][ T49] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 288.909154][ T49] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 288.918653][ T49] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 288.929253][ T49] usb 4-1: config 0 descriptor?? [ 288.985176][ T49] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input31 [ 289.172468][ T5033] usb 4-1: USB disconnect, device number 53 [ 289.179692][ T5033] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:54:02 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 15:54:02 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x900}}) 15:54:02 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x5000000}}) 15:54:02 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x40085618, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:02 executing program 1 (fault-call:5 fault-nth:64): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:02 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x680282, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:54:03 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0xe3d, 0x200100) ioctl$LOOP_GET_STATUS64(r1, 0x4c05, &(0x7f0000000040)) 15:54:03 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4008642a, &(0x7f0000000740)={0x0, @pix_mp}) [ 289.740767][T14179] FAULT_INJECTION: forcing a failure. [ 289.740767][T14179] name failslab, interval 1, probability 0, space 0, times 0 15:54:03 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x6000000}}) 15:54:03 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xa00}}) [ 289.817703][T14179] CPU: 1 PID: 14179 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 289.826400][T14179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 289.838270][T14179] Call Trace: [ 289.841608][T14179] dump_stack+0x10f/0x19d [ 289.845934][T14179] should_fail+0x23c/0x250 [ 289.850411][T14179] __should_failslab+0x81/0x90 [ 289.855248][T14179] should_failslab+0x5/0x20 [ 289.859742][T14179] kmem_cache_alloc_trace+0x32/0x2c0 [ 289.865017][T14179] ? proc_pid_stack+0x59/0x180 [ 289.869855][T14179] proc_pid_stack+0x59/0x180 [ 289.874442][T14179] proc_single_show+0x84/0x100 [ 289.879192][T14179] seq_read+0x2ee/0x900 [ 289.883426][T14179] do_iter_read+0x3f5/0x480 [ 289.887925][T14179] do_preadv+0x13b/0x230 [ 289.892196][T14179] ? __sb_end_write+0x90/0xe0 [ 289.896867][T14179] ? vfs_write+0x323/0x350 [ 289.901277][T14179] ? check_preemption_disabled+0x51/0x140 [ 289.907007][T14179] ? debug_smp_processor_id+0x18/0x20 [ 289.912456][T14179] ? fpregs_assert_state_consistent+0x7e/0x90 [ 289.918532][T14179] __x64_sys_preadv+0x54/0x60 [ 289.923379][T14179] do_syscall_64+0x51/0xb0 [ 289.927785][T14179] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 289.933725][T14179] RIP: 0033:0x45cb29 [ 289.937599][T14179] Code: Bad RIP value. [ 289.941651][T14179] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 289.950048][T14179] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 289.958029][T14179] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 15:54:03 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000040)={0x200}, 0x4) r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f00000004c0)) [ 289.966030][T14179] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 289.973990][T14179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 289.982041][T14179] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:54:03 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x40186366, &(0x7f0000000740)={0x0, @pix_mp}) [ 290.159435][ T48] usb 4-1: new high-speed USB device number 54 using dummy_hcd [ 290.429420][ T48] usb 4-1: Using ep0 maxpacket: 8 [ 290.549829][ T48] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 290.557906][ T48] usb 4-1: config 0 has no interface number 0 [ 290.564739][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 290.576054][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 290.587474][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 290.597624][ T48] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 290.611103][ T48] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 290.620561][ T48] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 290.633682][ T48] usb 4-1: config 0 descriptor?? [ 290.675327][ T48] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input32 [ 290.872367][ T48] usb 4-1: USB disconnect, device number 54 [ 290.889453][ T48] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:54:04 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 15:54:04 executing program 1 (fault-call:5 fault-nth:65): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:04 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x7000000}}) 15:54:04 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xb00}}) 15:54:04 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mmap$dsp(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000008, 0x10, r2, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:54:04 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565a, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:04 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x8000000}}) 15:54:04 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xc00}}) 15:54:04 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x40205667, &(0x7f0000000740)={0x0, @pix_mp}) [ 291.468856][T14252] FAULT_INJECTION: forcing a failure. [ 291.468856][T14252] name failslab, interval 1, probability 0, space 0, times 0 [ 291.498229][T14252] CPU: 0 PID: 14252 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 291.506913][T14252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 15:54:04 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xd00}}) [ 291.517061][T14252] Call Trace: [ 291.520363][T14252] dump_stack+0x10f/0x19d [ 291.524775][T14252] should_fail+0x23c/0x250 [ 291.529185][T14252] __should_failslab+0x81/0x90 [ 291.533978][T14252] should_failslab+0x5/0x20 [ 291.538490][T14252] kmem_cache_alloc_trace+0x32/0x2c0 [ 291.544074][T14252] ? proc_pid_stack+0x59/0x180 [ 291.548828][T14252] proc_pid_stack+0x59/0x180 [ 291.553431][T14252] proc_single_show+0x84/0x100 [ 291.558190][T14252] seq_read+0x2ee/0x900 [ 291.562349][T14252] do_iter_read+0x3f5/0x480 [ 291.566862][T14252] do_preadv+0x13b/0x230 [ 291.571110][T14252] ? __sb_end_write+0x90/0xe0 [ 291.577001][T14252] ? vfs_write+0x323/0x350 [ 291.581552][T14252] ? check_preemption_disabled+0x51/0x140 [ 291.587267][T14252] ? debug_smp_processor_id+0x18/0x20 [ 291.592988][T14252] ? fpregs_assert_state_consistent+0x7e/0x90 [ 291.599055][T14252] __x64_sys_preadv+0x54/0x60 [ 291.604628][T14252] do_syscall_64+0x51/0xb0 [ 291.609233][T14252] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 291.615740][T14252] RIP: 0033:0x45cb29 15:54:04 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020940d, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:04 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xe00}}) [ 291.619622][T14252] Code: Bad RIP value. [ 291.623674][T14252] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 291.632161][T14252] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 291.641083][T14252] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 291.649039][T14252] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 291.657007][T14252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 291.664965][T14252] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 291.839451][ T5033] usb 4-1: new high-speed USB device number 55 using dummy_hcd [ 292.129414][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 292.269724][ T5033] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 292.277806][ T5033] usb 4-1: config 0 has no interface number 0 [ 292.284722][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 292.295941][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 292.307274][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 292.317429][ T5033] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 292.330786][ T5033] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 292.340260][ T5033] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 292.348919][ T5033] usb 4-1: config 0 descriptor?? [ 292.395652][ T5033] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input33 [ 292.579613][ T0] NOHZ: local_softirq_pending 08 [ 292.592205][ T49] usb 4-1: USB disconnect, device number 55 [ 292.609455][ T49] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:54:06 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 15:54:06 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) setpriority(0x1, r1, 0x5) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:54:06 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x9000000}}) 15:54:06 executing program 1 (fault-call:5 fault-nth:66): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:06 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x41015500, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:06 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x1100}}) 15:54:06 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x5000aea5, &(0x7f0000000740)={0x0, @pix_mp}) [ 293.146035][T14306] FAULT_INJECTION: forcing a failure. [ 293.146035][T14306] name failslab, interval 1, probability 0, space 0, times 0 [ 293.183494][T14306] CPU: 0 PID: 14306 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 15:54:06 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x1200}}) 15:54:06 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xa000000}}) [ 293.192178][T14306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 293.202313][T14306] Call Trace: [ 293.205699][T14306] dump_stack+0x10f/0x19d [ 293.210019][T14306] should_fail+0x23c/0x250 [ 293.214446][T14306] __should_failslab+0x81/0x90 [ 293.219465][T14306] should_failslab+0x5/0x20 [ 293.223957][T14306] kmem_cache_alloc_trace+0x32/0x2c0 [ 293.229233][T14306] ? proc_pid_stack+0x59/0x180 [ 293.234028][T14306] proc_pid_stack+0x59/0x180 [ 293.238613][T14306] proc_single_show+0x84/0x100 [ 293.243372][T14306] seq_read+0x2ee/0x900 [ 293.247542][T14306] do_iter_read+0x3f5/0x480 [ 293.252058][T14306] do_preadv+0x13b/0x230 [ 293.256290][T14306] ? __sb_end_write+0x90/0xe0 [ 293.261151][T14306] ? vfs_write+0x323/0x350 [ 293.265561][T14306] ? check_preemption_disabled+0x51/0x140 [ 293.271528][T14306] ? debug_smp_processor_id+0x18/0x20 [ 293.277008][T14306] ? fpregs_assert_state_consistent+0x7e/0x90 [ 293.283087][T14306] __x64_sys_preadv+0x54/0x60 [ 293.291143][T14306] do_syscall_64+0x51/0xb0 15:54:06 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xb000000}}) [ 293.295570][T14306] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 293.301494][T14306] RIP: 0033:0x45cb29 [ 293.305369][T14306] Code: Bad RIP value. [ 293.309426][T14306] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 293.317829][T14306] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 293.325790][T14306] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 293.333756][T14306] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 15:54:06 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xc000000}}) [ 293.341744][T14306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 293.349702][T14306] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:54:06 executing program 1 (fault-call:5 fault-nth:67): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 293.466884][T14332] FAULT_INJECTION: forcing a failure. [ 293.466884][T14332] name failslab, interval 1, probability 0, space 0, times 0 [ 293.486938][T14332] CPU: 1 PID: 14332 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 293.495608][T14332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 293.505648][T14332] Call Trace: [ 293.508935][T14332] dump_stack+0x10f/0x19d [ 293.513253][T14332] should_fail+0x23c/0x250 [ 293.517936][T14332] __should_failslab+0x81/0x90 [ 293.522721][T14332] should_failslab+0x5/0x20 [ 293.527235][T14332] kmem_cache_alloc_trace+0x32/0x2c0 [ 293.532512][T14332] ? proc_pid_stack+0x59/0x180 [ 293.537305][T14332] proc_pid_stack+0x59/0x180 [ 293.541883][T14332] proc_single_show+0x84/0x100 [ 293.546632][T14332] seq_read+0x2ee/0x900 [ 293.550839][T14332] do_iter_read+0x3f5/0x480 [ 293.555330][T14332] do_preadv+0x13b/0x230 [ 293.559566][T14332] ? __sb_end_write+0x90/0xe0 [ 293.564369][T14332] ? vfs_write+0x323/0x350 [ 293.568788][T14332] ? check_preemption_disabled+0x51/0x140 [ 293.574574][T14332] ? debug_smp_processor_id+0x18/0x20 [ 293.579935][T14332] ? fpregs_assert_state_consistent+0x7e/0x90 [ 293.585994][T14332] __x64_sys_preadv+0x54/0x60 [ 293.590669][T14332] do_syscall_64+0x51/0xb0 [ 293.595077][T14332] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 293.600967][T14332] RIP: 0033:0x45cb29 [ 293.604841][T14332] Code: Bad RIP value. [ 293.608918][T14332] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 293.617318][T14332] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 293.625489][T14332] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 293.633467][T14332] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 293.641452][T14332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 293.649420][T14332] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 293.809442][ T3964] usb 4-1: new high-speed USB device number 56 using dummy_hcd [ 294.069568][ T3964] usb 4-1: Using ep0 maxpacket: 8 [ 294.189802][ T3964] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 294.197916][ T3964] usb 4-1: config 0 has no interface number 0 [ 294.206208][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 294.217088][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 294.229668][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 294.240334][ T3964] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 294.253809][ T3964] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 294.263657][ T3964] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.274239][ T3964] usb 4-1: config 0 descriptor?? [ 294.312024][ T3964] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input34 [ 294.513020][ T9916] usb 4-1: USB disconnect, device number 56 [ 294.529441][ T9916] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:54:08 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 15:54:08 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x2500}}) 15:54:08 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80045002, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:08 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xd000000}}) 15:54:08 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x600082, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:54:08 executing program 1 (fault-call:5 fault-nth:68): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:08 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x5c00}}) 15:54:08 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80085617, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:08 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x2425c0, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:54:08 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xe000000}}) [ 295.091583][T14376] FAULT_INJECTION: forcing a failure. [ 295.091583][T14376] name failslab, interval 1, probability 0, space 0, times 0 [ 295.124342][T14376] CPU: 0 PID: 14376 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 295.133458][T14376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 295.143589][T14376] Call Trace: [ 295.146872][T14376] dump_stack+0x10f/0x19d [ 295.151191][T14376] should_fail+0x23c/0x250 [ 295.155598][T14376] __should_failslab+0x81/0x90 [ 295.160359][T14376] should_failslab+0x5/0x20 [ 295.164873][T14376] kmem_cache_alloc_trace+0x32/0x2c0 [ 295.170156][T14376] ? proc_pid_stack+0x59/0x180 [ 295.174910][T14376] proc_pid_stack+0x59/0x180 [ 295.179488][T14376] proc_single_show+0x84/0x100 [ 295.184283][T14376] seq_read+0x2ee/0x900 [ 295.188436][T14376] do_iter_read+0x3f5/0x480 [ 295.193031][T14376] do_preadv+0x13b/0x230 [ 295.197306][T14376] ? __sb_end_write+0x90/0xe0 [ 295.201976][T14376] ? vfs_write+0x323/0x350 [ 295.206405][T14376] ? check_preemption_disabled+0x51/0x140 [ 295.212130][T14376] ? debug_smp_processor_id+0x18/0x20 [ 295.217509][T14376] ? fpregs_assert_state_consistent+0x7e/0x90 [ 295.223586][T14376] __x64_sys_preadv+0x54/0x60 [ 295.228496][T14376] do_syscall_64+0x51/0xb0 [ 295.232934][T14376] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 295.238812][T14376] RIP: 0033:0x45cb29 [ 295.242774][T14376] Code: Bad RIP value. [ 295.246823][T14376] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 295.255218][T14376] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 295.263176][T14376] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 295.271189][T14376] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 295.279954][T14376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 15:54:08 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x10000000}}) 15:54:08 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x1000000}}) [ 295.287927][T14376] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 295.329415][ T9916] usb 4-1: new high-speed USB device number 57 using dummy_hcd [ 295.579459][ T9916] usb 4-1: Using ep0 maxpacket: 8 [ 295.699697][ T9916] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 295.707879][ T9916] usb 4-1: config 0 has no interface number 0 [ 295.714674][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 295.725947][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 295.737301][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 295.747359][ T9916] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 295.760703][ T9916] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 295.770001][ T9916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 295.782291][ T9916] usb 4-1: config 0 descriptor?? [ 295.825864][ T9916] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input35 [ 296.021784][ T5033] usb 4-1: USB disconnect, device number 57 [ 296.039436][ T5033] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:54:09 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x2000000}}) 15:54:09 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$VFIO_IOMMU_MAP_DMA(r3, 0x3b71, &(0x7f0000000080)={0x20, 0x6, 0x0, 0x7, 0x5}) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, &(0x7f00000004c0)) r5 = syz_init_net_socket$ax25(0x3, 0x7, 0x7) fsetxattr$trusted_overlay_nlink(r5, &(0x7f00000000c0)='trusted.overlay.nlink\x00', &(0x7f0000000100)={'U+'}, 0x16, 0x1) r6 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nvram\x00', 0x2d8081, 0x0) ioctl$DRM_IOCTL_GET_CAP(r6, 0xc010640c, &(0x7f0000000040)={0x4}) 15:54:09 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x8008563f, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:09 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x11000000}}) 15:54:09 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) 15:54:09 executing program 1 (fault-call:5 fault-nth:69): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:09 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80086301, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:09 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x12000000}}) 15:54:09 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KDDELIO(r2, 0x4b35, 0x9101) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:54:09 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x3000000}}) [ 296.645708][T14440] FAULT_INJECTION: forcing a failure. [ 296.645708][T14440] name failslab, interval 1, probability 0, space 0, times 0 [ 296.679426][T14440] CPU: 0 PID: 14440 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 296.688895][T14440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 296.698937][T14440] Call Trace: [ 296.702395][T14440] dump_stack+0x10f/0x19d [ 296.706987][T14440] should_fail+0x23c/0x250 [ 296.711416][T14440] __should_failslab+0x81/0x90 [ 296.716177][T14440] should_failslab+0x5/0x20 [ 296.720666][T14440] kmem_cache_alloc_trace+0x32/0x2c0 [ 296.725939][T14440] ? proc_pid_stack+0x59/0x180 [ 296.730777][T14440] proc_pid_stack+0x59/0x180 [ 296.735358][T14440] proc_single_show+0x84/0x100 [ 296.740131][T14440] seq_read+0x2ee/0x900 [ 296.744354][T14440] do_iter_read+0x3f5/0x480 [ 296.748845][T14440] do_preadv+0x13b/0x230 [ 296.753080][T14440] ? debug_smp_processor_id+0x18/0x20 [ 296.758440][T14440] ? delay_tsc+0x96/0xe0 [ 296.762676][T14440] __x64_sys_preadv+0x54/0x60 [ 296.767340][T14440] do_syscall_64+0x51/0xb0 [ 296.771767][T14440] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 296.777747][T14440] RIP: 0033:0x45cb29 [ 296.781620][T14440] Code: Bad RIP value. [ 296.785668][T14440] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 15:54:10 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x25000000}}) 15:54:10 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80405600, &(0x7f0000000740)={0x0, @pix_mp}) [ 296.794066][T14440] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 296.802221][T14440] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 296.810179][T14440] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 296.818249][T14440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 296.826224][T14440] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:54:10 executing program 2: openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SNDCTL_DSP_GETOSPACE(r3, 0x8010500c, &(0x7f0000000000)) r4 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$KIOCSOUND(r4, 0x4b2f, 0x7) r5 = socket$nl_crypto(0x10, 0x3, 0x15) fdatasync(r5) 15:54:10 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x4000000}}) 15:54:10 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x5c000000}}) 15:54:10 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80805659, &(0x7f0000000740)={0x0, @pix_mp}) [ 296.900011][ T9916] usb 4-1: new high-speed USB device number 58 using dummy_hcd [ 297.139999][ T9916] usb 4-1: Using ep0 maxpacket: 8 [ 297.259535][ T9916] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 297.269893][ T9916] usb 4-1: config 0 has no interface number 0 [ 297.276491][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 297.290239][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 297.302185][ T9916] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 297.313588][ T9916] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 297.327430][ T9916] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 297.337926][ T9916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 297.351789][ T9916] usb 4-1: config 0 descriptor?? [ 297.392249][ T9916] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input36 [ 297.593944][ T48] usb 4-1: USB disconnect, device number 58 [ 297.609454][ T48] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:54:11 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) 15:54:11 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x5000000}}) 15:54:11 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:11 executing program 1 (fault-call:5 fault-nth:70): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:11 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x482, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000340)=0x10001) r2 = syz_open_dev$vcsu(&(0x7f0000000000)='/dev/vcsu#\x00', 0x100000001, 0x2000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) bind$l2tp6(r4, &(0x7f00000002c0)={0xa, 0x0, 0x0, @mcast1, 0xffff}, 0x20) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') r6 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000100)='NLBL_CIPSOv4\x00') sendmsg$NLBL_CIPSOV4_C_REMOVE(r5, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYRESDEC, @ANYRES16=r6, @ANYRESOCT], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[@ANYBLOB="50200000914362f6e9a5d0cb6b1427c95fb08a9b5ec12bf5de58aeef", @ANYRES16=r6, @ANYBLOB="010027bd7000fbdbdf2501000000080001000300000008000200010000000cc00b800500030005000000080002000200000008000200f3ffffff07000200"], 0x3}, 0x1, 0x0, 0x0, 0x8c054}, 0x48080) sendmsg$NLBL_CIPSOV4_C_LISTALL(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1004000}, 0xc, &(0x7f0000000240)={&(0x7f0000000080)={0x1a8, r6, 0x8, 0x70bd27, 0x25dfdbff, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x130, 0x8, 0x0, 0x1, [{0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x55bca12d}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7468d54c}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x58}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xfa25049}]}, {0x2c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xfffffffa}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xba}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x74b63515}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5e63e898}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x341ec7ca}]}, {0x3c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x8001}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x3d}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x438ffc11}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xe2f506}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xaf}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x167df725}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6bc1eaa5}]}, {0x4c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7cc7303e}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3a8ecdba}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xff}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x59}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x2b}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x57}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x69991ebe}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x12}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3ea1edca}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x7a}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x373347b8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x3f}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x282a3281}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x6c}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5e832458}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x29c7d335}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xc}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_MLSLVLLST={0x28, 0x8, 0x0, 0x1, [{0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x9}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xde}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xd6}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6675c480}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x2}, {0x5}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}]}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x10}, 0x4000000) sendmsg$NLBL_CIPSOV4_C_REMOVE(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xb0, r6, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x9c, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5cb55753}]}, {0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x6d}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x19ff8e23}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4ef8ccec}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x1c823cd0}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x5c}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x44d8ca52}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x540fad35}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x44edd3ca}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x9b3ae70}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x44}]}, {0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3fbc2711}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x9d}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x613d8fee}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xa1}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x83}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x50e36872}]}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x8040}, 0x4010) 15:54:11 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80845663, &(0x7f0000000740)={0x0, @pix_mp}) [ 298.145145][T14513] device lo entered promiscuous mode [ 298.157023][T14514] FAULT_INJECTION: forcing a failure. [ 298.157023][T14514] name failslab, interval 1, probability 0, space 0, times 0 15:54:11 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x2}}) 15:54:11 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x6000000}}) 15:54:11 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x80885659, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:11 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x3}}) [ 298.236289][T14514] CPU: 1 PID: 14514 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 298.244983][T14514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.255053][T14514] Call Trace: [ 298.258336][T14514] dump_stack+0x10f/0x19d [ 298.262703][T14514] should_fail+0x23c/0x250 [ 298.267213][T14514] __should_failslab+0x81/0x90 [ 298.271966][T14514] should_failslab+0x5/0x20 [ 298.276457][T14514] kmem_cache_alloc_trace+0x32/0x2c0 [ 298.281735][T14514] ? proc_pid_stack+0x59/0x180 15:54:11 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x4}}) [ 298.286485][T14514] proc_pid_stack+0x59/0x180 [ 298.291132][T14514] proc_single_show+0x84/0x100 [ 298.295884][T14514] seq_read+0x2ee/0x900 [ 298.300032][T14514] do_iter_read+0x3f5/0x480 [ 298.304527][T14514] do_preadv+0x13b/0x230 [ 298.308762][T14514] ? __sb_end_write+0x90/0xe0 [ 298.313604][T14514] ? vfs_write+0x323/0x350 [ 298.318009][T14514] ? check_preemption_disabled+0x51/0x140 [ 298.323723][T14514] ? debug_smp_processor_id+0x18/0x20 [ 298.329089][T14514] ? fpregs_assert_state_consistent+0x7e/0x90 15:54:11 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x5}}) [ 298.335196][T14514] __x64_sys_preadv+0x54/0x60 [ 298.339864][T14514] do_syscall_64+0x51/0xb0 [ 298.344277][T14514] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 298.350164][T14514] RIP: 0033:0x45cb29 [ 298.354041][T14514] Code: Bad RIP value. [ 298.358095][T14514] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 298.366517][T14514] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 298.369998][T14520] Y­4`Ò˜: renamed from lo [ 298.374480][T14514] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 298.374486][T14514] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 298.374519][T14514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 298.374533][T14514] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 298.559457][ T3964] usb 4-1: new high-speed USB device number 59 using dummy_hcd [ 298.801037][ T3964] usb 4-1: Using ep0 maxpacket: 8 [ 298.931232][ T3964] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 298.939316][ T3964] usb 4-1: config 0 has no interface number 0 [ 298.959413][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 298.989435][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 299.009453][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 299.029431][ T3964] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 299.059474][ T3964] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 299.068526][ T3964] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.093152][ T3964] usb 4-1: config 0 descriptor?? [ 299.132639][ T3964] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input37 [ 299.332095][ T48] usb 4-1: USB disconnect, device number 59 [ 299.339429][ C1] xpad 4-1:0.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 299.347628][ T48] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:54:13 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) 15:54:13 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x6}}) 15:54:13 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x7000000}}) 15:54:13 executing program 1 (fault-call:5 fault-nth:71): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:13 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc004500a, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:13 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x8000000}}) 15:54:13 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0045878, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:13 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x7}}) [ 299.950875][T14581] FAULT_INJECTION: forcing a failure. [ 299.950875][T14581] name failslab, interval 1, probability 0, space 0, times 0 [ 299.987928][T14581] CPU: 1 PID: 14581 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 299.996636][T14581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 300.006770][T14581] Call Trace: [ 300.010061][T14581] dump_stack+0x10f/0x19d [ 300.014392][T14581] should_fail+0x23c/0x250 [ 300.018830][T14581] __should_failslab+0x81/0x90 [ 300.023596][T14581] should_failslab+0x5/0x20 [ 300.028219][T14581] kmem_cache_alloc_trace+0x32/0x2c0 [ 300.033499][T14581] ? proc_pid_stack+0x59/0x180 [ 300.038254][T14581] proc_pid_stack+0x59/0x180 [ 300.042836][T14581] proc_single_show+0x84/0x100 [ 300.047614][T14581] seq_read+0x2ee/0x900 [ 300.051766][T14581] do_iter_read+0x3f5/0x480 [ 300.056260][T14581] do_preadv+0x13b/0x230 [ 300.060494][T14581] ? __sb_end_write+0x90/0xe0 [ 300.065166][T14581] ? vfs_write+0x323/0x350 [ 300.069575][T14581] ? check_preemption_disabled+0x51/0x140 [ 300.075311][T14581] ? debug_smp_processor_id+0x18/0x20 [ 300.080672][T14581] ? fpregs_assert_state_consistent+0x7e/0x90 [ 300.086733][T14581] __x64_sys_preadv+0x54/0x60 [ 300.091492][T14581] do_syscall_64+0x51/0xb0 [ 300.095922][T14581] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 300.101983][T14581] RIP: 0033:0x45cb29 [ 300.105864][T14581] Code: Bad RIP value. [ 300.109918][T14581] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 300.118445][T14581] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 300.126433][T14581] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 300.134399][T14581] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 300.142408][T14581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 15:54:13 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x9000000}}) 15:54:13 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x8}}) 15:54:13 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0045878, &(0x7f0000000740)={0x0, @pix_mp}) [ 300.150390][T14581] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:54:13 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xa000000}}) [ 300.310829][ T3964] usb 4-1: new high-speed USB device number 60 using dummy_hcd [ 300.560757][ T3964] usb 4-1: Using ep0 maxpacket: 8 [ 300.681064][ T3964] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 300.689205][ T3964] usb 4-1: config 0 has no interface number 0 [ 300.709416][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 300.729405][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 300.749401][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 300.759266][ T3964] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 300.799490][ T3964] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 300.808807][ T3964] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.842873][ T3964] usb 4-1: config 0 descriptor?? [ 300.891939][ T3964] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input38 [ 301.091783][ T48] usb 4-1: USB disconnect, device number 60 [ 301.099409][ C1] xpad 4-1:0.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 301.109841][ T48] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:54:14 executing program 1 (fault-call:5 fault-nth:72): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:14 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc008561b, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:14 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xb000000}}) 15:54:14 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x9}}) 15:54:14 executing program 2: sendmsg$unix(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000000100)=[{&(0x7f0000000200)="c3456ba0fc08794ae0b4d11315796bd7e4efdfc38d62973c30178d1081394ffde389b44887760b6452772a876167c5cb8c9f083931429995d4b06b8fb406964a7ed62db9521ff38db83b50de57ef2e3eb6a6d2ddc3ec2ce2afff72037550e74d51640026c2273ac4ce9ef596cce714cb4630ece83572f175117d8e381490a6d6371077eb402739f6871e53f0a41bee520bd9ff991c4287e5223d52ab", 0x9c}, {&(0x7f0000000480)="e70c14cf21d3cbc5a36a69250466c80963281d6d70e545a564f31624666aa5f39f2bf9a8c92c34cca4089b6566afaea32b16ee4f3a838e4237a4ed3ffec1b8bcf12aebe0c24fb2a80d781b6313e8365f03f62ec2668574d5e640a3ad012cd4e16104688f5fd54ee4c66f0083bacd391950e694139493807e9f54477dab75c0e655b835120f36b182d1779943c00b153ecd4f055d6e714cf66353dcc491fc9fb327dc3788e5ddb71b17c74ad855d68e9e7fafca9cdebb6f30a63855323d98c01905d5d179c6ae8d8766124013ba3ac81872cae54526cfc7", 0xd7}, {&(0x7f0000000400)="0404ee83ee59c2332ea3e527276983c783d8549e274f09eafbaa017e47993994b0777e9e915a4427d1ac035bba22f7988d0753a19cee1e82deafe174fe3ea539c4caf8f4928188aa09b9dc59dfd1ba5b6fec9d577814ba761534ce2e37", 0x5d}], 0x3, &(0x7f0000000a00)=ANY=[], 0x150, 0x880}, 0x48840) r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x480082, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r6, 0x4c82) setfsuid(0x0) r7 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=0xffffffffffffffff, 0x4) poll(&(0x7f0000000080)=[{r1, 0x2248}, {r4, 0x102}, {0xffffffffffffffff, 0x8}, {r5}, {r6, 0x80}, {r0, 0x80}, {r7, 0xc000}, {r0, 0x1001}], 0x8, 0x1) open(&(0x7f00000000c0)='./file0\x00', 0x40, 0x48) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$SNDCTL_DSP_GETOSPACE(r9, 0x8010500c, &(0x7f0000000140)) 15:54:14 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) 15:54:14 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc008561c, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:14 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xa}}) 15:54:14 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xc000000}}) 15:54:14 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xd000000}}) [ 301.707017][T14646] FAULT_INJECTION: forcing a failure. [ 301.707017][T14646] name failslab, interval 1, probability 0, space 0, times 0 15:54:14 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xb}}) 15:54:15 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000300)={@private0, 0x8}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r8, 0x4c82) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="c630c2ebfcc640049fb9fd00ab04044287b01cdc1d24d47809bcf620afc0d2f02da2309dc96bb4fc6ace40a030805d428c3919bae0be95c7e986f0cd417b42cde204e8d314ef1ddb06e8494b9333c3339a4c729086c6c4c50c44dc3e790d4352046557e00147afe65a3f982997e4afe18108ba9632177c9fadff9f717426957f0e2af5d9acbeea925e5ab461240426a8f12a0a73cd9a06eed76921dfd1ce105d6df04816cdd6ad0ddd5ce81c1482c96f41199fbd6b8b4392b2c7b313cf95f659eef0369f6d107d03e82464d21049b716a3b4aa345d0a2ab0114915f1e320d8453675a9be2758d46585781f4aac793293fc5bd0", @ANYRES32=r7, @ANYRES32, @ANYBLOB="d10233607d8b9e351a1780eefb2f04ddb604da75b922252dd08821f7199fc56e27edc92f47bcdf2ef83a1bfbf39149dc54af1088f40be5598ca55149bafa71207a82a8ffff6c1cc6eb48a8f879086ac8a3b1118f67c5bb2a162c0d2d1a5ed54def52af5f90aa434839cdfe6326d91999a432f2a9bacdff1b52f50c0a5fbeec3c26675fcc5b63b26e998d91a9fbc4c1c0649b0ff064376a9f7bd1aa921594a3bb6b28b84d0083100e58ef03d43c3ac7424dccd1b314259ca9c32202175d8180dea96abdec23d2baaa0c1b36e0fa1409d697659882702ab4a3c4c93b6982b6d86d5f2d6c371a4fe9fe8d"], 0x48}, 0x1, 0x0, 0x0, 0x2400c801}, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="000500"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002e40)=@newtfilter={0x74, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x10}, {}, {0x3}}, [@filter_kind_options=@f_cgroup={{0xb, 0x1, 'cgroup\x00'}, {0x44, 0x2, [@TCA_CGROUP_POLICE={0x40, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}}]}]}}]}, 0x74}}, 0x0) sendto$packet(r2, &(0x7f0000000000)="008e9c1c3aa21fb0b09ccc2bed5fdda8f08f60bc0e076485bfc9a977ed816d3b3cc29bc72bbdcfeec8d6297fe2f14739b5f13b5cd33da98672e937424b62d9b53da97f30aed7b91c9ab05d5977815da50dbdb5f3a92a47a84150e83de28d2c105a9f7e7327f2311fc50d8187e99e58fc6f9c79f128b213dc680fa472abb6e88e7a09df3af8c410f7947019263564724d7a4699d47ef7ad373d7ac4e300bb79ae10", 0xa1, 0x4008091, &(0x7f00000000c0)={0x11, 0xc, r7, 0x1, 0x0, 0x6, @local}, 0x14) [ 301.783049][T14646] CPU: 1 PID: 14646 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 301.791737][T14646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 301.801807][T14646] Call Trace: [ 301.805156][T14646] dump_stack+0x10f/0x19d [ 301.809744][T14646] should_fail+0x23c/0x250 [ 301.814152][T14646] __should_failslab+0x81/0x90 [ 301.818912][T14646] should_failslab+0x5/0x20 [ 301.823432][T14646] kmem_cache_alloc_trace+0x32/0x2c0 [ 301.828757][T14646] ? proc_pid_stack+0x59/0x180 [ 301.833518][T14646] proc_pid_stack+0x59/0x180 [ 301.838098][T14646] proc_single_show+0x84/0x100 [ 301.842852][T14646] seq_read+0x2ee/0x900 [ 301.847040][T14646] do_iter_read+0x3f5/0x480 [ 301.851537][T14646] do_preadv+0x13b/0x230 [ 301.855773][T14646] ? __sb_end_write+0x90/0xe0 [ 301.860482][T14646] ? vfs_write+0x323/0x350 [ 301.864948][T14646] ? check_preemption_disabled+0x51/0x140 [ 301.870668][T14646] ? debug_smp_processor_id+0x18/0x20 [ 301.876056][T14646] ? fpregs_assert_state_consistent+0x7e/0x90 [ 301.882125][T14646] __x64_sys_preadv+0x54/0x60 [ 301.887057][T14646] do_syscall_64+0x51/0xb0 [ 301.891642][T14646] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 301.897614][T14646] RIP: 0033:0x45cb29 [ 301.901491][T14646] Code: Bad RIP value. [ 301.905565][T14646] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 301.914154][T14646] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 301.922118][T14646] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 301.930249][T14646] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 301.938211][T14646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 301.946213][T14646] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 301.980885][ T48] usb 4-1: new high-speed USB device number 61 using dummy_hcd 15:54:15 executing program 1 (fault-call:5 fault-nth:73): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:15 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0xe000000}}) 15:54:15 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0189436, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:15 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xc}}) 15:54:15 executing program 2: openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) open(&(0x7f0000000040)='./file0\x00', 0x280, 0xf2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x200000400200) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop-control\x00', 0x50282, 0x0) ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x7fffffffffbffb) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x120000000) ioctl$SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f0000000000)) [ 302.107255][T14680] FAULT_INJECTION: forcing a failure. [ 302.107255][T14680] name failslab, interval 1, probability 0, space 0, times 0 [ 302.140883][T14680] CPU: 1 PID: 14680 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 302.149601][T14680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 302.159675][T14680] Call Trace: [ 302.162963][T14680] dump_stack+0x10f/0x19d [ 302.167321][T14680] should_fail+0x23c/0x250 [ 302.171767][T14680] __should_failslab+0x81/0x90 [ 302.176536][T14680] should_failslab+0x5/0x20 [ 302.181038][T14680] kmem_cache_alloc_trace+0x32/0x2c0 [ 302.186391][T14680] ? proc_pid_stack+0x59/0x180 [ 302.191247][T14680] proc_pid_stack+0x59/0x180 [ 302.195891][T14680] proc_single_show+0x84/0x100 [ 302.200883][T14680] seq_read+0x2ee/0x900 [ 302.205106][T14680] do_iter_read+0x3f5/0x480 [ 302.209663][T14680] do_preadv+0x13b/0x230 [ 302.213900][T14680] ? __sb_end_write+0x90/0xe0 [ 302.218595][T14680] ? vfs_write+0x323/0x350 [ 302.219401][ T48] usb 4-1: Using ep0 maxpacket: 8 [ 302.223001][T14680] ? check_preemption_disabled+0x51/0x140 [ 302.223019][T14680] ? debug_smp_processor_id+0x18/0x20 [ 302.239190][T14680] ? fpregs_assert_state_consistent+0x7e/0x90 [ 302.245256][T14680] __x64_sys_preadv+0x54/0x60 [ 302.250019][T14680] do_syscall_64+0x51/0xb0 [ 302.254433][T14680] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 302.260312][T14680] RIP: 0033:0x45cb29 [ 302.264186][T14680] Code: Bad RIP value. [ 302.268443][T14680] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 302.276841][T14680] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 302.284802][T14680] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 302.292847][T14680] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 302.300807][T14680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 302.308891][T14680] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 302.339795][ T48] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 302.347927][ T48] usb 4-1: config 0 has no interface number 0 [ 302.381864][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 302.393444][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 302.405015][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 302.419919][ T48] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 302.433410][ T48] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 302.442893][ T48] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 302.452130][ T48] usb 4-1: config 0 descriptor?? [ 302.495534][ T48] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input39 [ 302.698196][ T3964] usb 4-1: USB disconnect, device number 61 [ 302.709687][ T3964] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:54:16 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 15:54:16 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x10000000}}) 15:54:16 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xd}}) 15:54:16 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0205647, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:16 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)=""/249, 0xf9}, {&(0x7f0000000100)=""/61, 0x3d}, {&(0x7f0000000140)=""/22, 0x16}, {&(0x7f0000000180)=""/133, 0x85}], 0x4) r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f00000004c0)) 15:54:16 executing program 1 (fault-call:5 fault-nth:74): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:16 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xe}}) [ 303.268963][T14723] FAULT_INJECTION: forcing a failure. [ 303.268963][T14723] name failslab, interval 1, probability 0, space 0, times 0 15:54:16 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0205648, &(0x7f0000000740)={0x0, @pix_mp}) [ 303.317845][T14723] CPU: 1 PID: 14723 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 303.326527][T14723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 303.336589][T14723] Call Trace: [ 303.339966][T14723] dump_stack+0x10f/0x19d [ 303.344286][T14723] should_fail+0x23c/0x250 [ 303.348698][T14723] __should_failslab+0x81/0x90 [ 303.353451][T14723] should_failslab+0x5/0x20 [ 303.357942][T14723] kmem_cache_alloc_trace+0x32/0x2c0 [ 303.363389][T14723] ? proc_pid_stack+0x59/0x180 [ 303.368143][T14723] proc_pid_stack+0x59/0x180 [ 303.373159][T14723] proc_single_show+0x84/0x100 [ 303.377914][T14723] seq_read+0x2ee/0x900 [ 303.382061][T14723] do_iter_read+0x3f5/0x480 [ 303.386555][T14723] do_preadv+0x13b/0x230 [ 303.390872][T14723] ? __sb_end_write+0x90/0xe0 [ 303.395554][T14723] ? vfs_write+0x323/0x350 [ 303.400742][T14723] ? check_preemption_disabled+0x51/0x140 [ 303.406550][T14723] ? debug_smp_processor_id+0x18/0x20 [ 303.411929][T14723] ? fpregs_assert_state_consistent+0x7e/0x90 15:54:16 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x10}}) 15:54:16 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio1\x00', 0x200080, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) clone(0x88000, &(0x7f0000000180)="365590f7a5e9565af21303070e0cb2a81d55b99f9946ef9f184fa831c136d8e5494249cfe299123e2985342b188321d0af0b78d19d7c059c49d189e3225ea067d42ac9a1d0567c", &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)="c262578a38b85a76410cf7b6") 15:54:16 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x11000000}}) [ 303.418145][T14723] __x64_sys_preadv+0x54/0x60 [ 303.422817][T14723] do_syscall_64+0x51/0xb0 [ 303.427230][T14723] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 303.433127][T14723] RIP: 0033:0x45cb29 [ 303.437004][T14723] Code: Bad RIP value. [ 303.441056][T14723] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 303.449454][T14723] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 303.457415][T14723] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 303.465377][T14723] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 303.473431][T14723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 303.481391][T14723] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:54:16 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x12000000}}) [ 303.609434][ T48] usb 4-1: new high-speed USB device number 62 using dummy_hcd [ 303.859422][ T48] usb 4-1: Using ep0 maxpacket: 8 [ 303.979774][ T48] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 303.987907][ T48] usb 4-1: config 0 has no interface number 0 [ 303.994582][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 304.005843][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 304.017238][ T48] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 304.027491][ T48] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 304.041110][ T48] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 304.050551][ T48] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 304.059150][ T48] usb 4-1: config 0 descriptor?? [ 304.102387][ T48] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input40 [ 304.322072][ T3964] usb 4-1: USB disconnect, device number 62 [ 304.339631][ T3964] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:54:18 executing program 3: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) prctl$PR_CAP_AMBIENT(0x2f, 0x4, 0xd) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:54:18 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0205649, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:18 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) r1 = accept(0xffffffffffffffff, &(0x7f0000000000)=@vsock={0x28, 0x0, 0x0, @hyper}, &(0x7f0000000080)=0x80) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r1, 0x660c) 15:54:18 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x11}}) 15:54:18 executing program 1 (fault-call:5 fault-nth:75): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:18 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x25000000}}) 15:54:18 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x5c000000}}) 15:54:18 executing program 3: sysfs$2(0x2, 0xbf, &(0x7f0000000500)=""/4096) r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) [ 304.901296][T14787] FAULT_INJECTION: forcing a failure. [ 304.901296][T14787] name failslab, interval 1, probability 0, space 0, times 0 15:54:18 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$NFT_MSG_GETCHAIN(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x14000840}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="40000000040a010400000000000000000500000908000540ffffffff0c00024600000000000000020c0004800800024065a9e002000000000000003000000000"], 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f00000004c0)) 15:54:18 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x12}}) 15:54:18 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc020660b, &(0x7f0000000740)={0x0, @pix_mp}) [ 304.990753][T14787] CPU: 0 PID: 14787 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 304.999514][T14787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 305.009680][T14787] Call Trace: [ 305.013016][T14787] dump_stack+0x10f/0x19d [ 305.017354][T14787] should_fail+0x23c/0x250 [ 305.023582][T14787] __should_failslab+0x81/0x90 [ 305.028364][T14787] should_failslab+0x5/0x20 [ 305.033066][T14787] kmem_cache_alloc_trace+0x32/0x2c0 [ 305.038958][T14787] ? proc_pid_stack+0x59/0x180 [ 305.043721][T14787] proc_pid_stack+0x59/0x180 [ 305.048300][T14787] proc_single_show+0x84/0x100 [ 305.053174][T14787] seq_read+0x2ee/0x900 [ 305.057343][T14787] do_iter_read+0x3f5/0x480 [ 305.061858][T14787] do_preadv+0x13b/0x230 [ 305.066123][T14787] ? __sb_end_write+0x90/0xe0 [ 305.070791][T14787] ? vfs_write+0x323/0x350 [ 305.075228][T14787] ? check_preemption_disabled+0x51/0x140 [ 305.080990][T14787] ? debug_smp_processor_id+0x18/0x20 [ 305.087219][T14787] ? fpregs_assert_state_consistent+0x7e/0x90 [ 305.093353][T14787] __x64_sys_preadv+0x54/0x60 [ 305.098023][T14787] do_syscall_64+0x51/0xb0 [ 305.102434][T14787] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 305.108322][T14787] RIP: 0033:0x45cb29 [ 305.112220][T14787] Code: Bad RIP value. [ 305.116267][T14787] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 305.124837][T14787] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 305.132875][T14787] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 15:54:18 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0285628, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:18 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x25}}) 15:54:18 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc020660b, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:18 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:18 executing program 2: ioctl$KVM_GET_TSC_KHZ(0xffffffffffffffff, 0xaea3) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f0000000200)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) accept4$nfc_llcp(r4, &(0x7f00000000c0), &(0x7f0000000140)=0x60, 0x800) r5 = dup(r2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) ioctl$KVM_S390_UCAS_MAP(r8, 0x4018ae50, &(0x7f0000000180)={0x5, 0x9, 0x8}) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = dup(r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) setsockopt$inet6_MCAST_JOIN_GROUP(r10, 0x29, 0x2a, &(0x7f0000000000)={0x0, {{0xa, 0x4e22, 0x5, @private0={0xfc, 0x0, [], 0x1}, 0x4}}}, 0x88) [ 305.141007][T14787] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 305.148970][T14787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 305.156954][T14787] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:54:18 executing program 1 (fault-call:5 fault-nth:76): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:18 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x5c}}) 15:54:18 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0285629, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:18 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x2}}) 15:54:18 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000014da2108a512000000fd034100177f5d010009050f1f010000010009058303fd020300001d79e71ee79e46d62e576e1d20c59760fe87f62eaf67eae9fa8fb0edeee0b22be06c86da14331b17e72fff3827daef0a2dff195c02a23488d3f08cafd0085f"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000080)={r0}) setsockopt$bt_l2cap_L2CAP_LM(r3, 0x6, 0x3, &(0x7f00000000c0)=0x12, 0x4) accept$alg(r2, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r4) r5 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, r6, 0x0) setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000001c0)={0x0, r4, r6}, 0xc) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) r9 = socket$netlink(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="030baa000000000000001300000054000980050002"], 0x6c}}, 0x0) sendmsg$TIPC_NL_BEARER_GET(r8, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)={0x374, r10, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x78f}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x26d}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3e}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1e6e21ec}]}, @TIPC_NLA_NODE={0x198, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x41, 0x4, {'gcm(aes)\x00', 0x19, "6feaf5ce7b9f56053068107cc0bd2eba70ff718fdbc56840a3"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xfffffffc}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "df4a813dfebb129c2959ca75a0e6bb4de77484fec2dbe519a27c60"}}, @TIPC_NLA_NODE_ID={0xf9, 0x3, "3784ffafef331fe686ad6f8ac0afa66a9bbc1534524cef9cda9b14d6e833d11bbe8d87b2e02b87a5b300f31c889d1d2d174c3937df80b1b66cfe45fc669a1107beab07dbd23726a0d8a153b56bb33cfc833604427df04f475a62eae549ca61ad11e1c9a3b5c3fc7f7406a753e55dada39d2d29dbdfa160462541ed26702d31241a787eed1a94915b736ea4e2c5c2838bd4f5af6a10ce7261b630816af05a02963d3dd3626b7d6fbdc3dcaddaf0592c4395896818d9014099e77d1384f24d36d0e9299f3641685d34e804ae9cadca546eff0f558dab19e1ef8e68363ac63a36baedbb28dfeb9461461cb5926fd130bb40cdb32d7c67"}]}, @TIPC_NLA_MEDIA={0x108, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2763}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x10000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1ba}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x101}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffe0}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x66be}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x24}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_LINK={0x88, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x273c9213}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}]}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x9}]}]}, 0x374}, 0x1, 0x0, 0x0, 0x4000840}, 0x40) 15:54:18 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x800) syz_extract_tcp_res$synack(&(0x7f0000000080), 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000000c0), 0x2}}, 0x20) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0x4020565a, &(0x7f0000000140)={0x0, 0x7, 0x3}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$SOUND_MIXER_READ_DEVMASK(r9, 0x80044dfe, &(0x7f0000000180)) rt_sigsuspend(&(0x7f0000000040)={[0x3]}, 0x8) 15:54:18 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x3}}) 15:54:18 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x300}}) 15:54:18 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc02c5625, &(0x7f0000000740)={0x0, @pix_mp}) [ 305.413094][T14829] FAULT_INJECTION: forcing a failure. [ 305.413094][T14829] name failslab, interval 1, probability 0, space 0, times 0 15:54:18 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x500}}) 15:54:18 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0305602, &(0x7f0000000740)={0x0, @pix_mp}) [ 305.460141][T14829] CPU: 1 PID: 14829 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 305.468833][T14829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 305.478875][T14829] Call Trace: [ 305.482166][T14829] dump_stack+0x10f/0x19d [ 305.486486][T14829] should_fail+0x23c/0x250 [ 305.490911][T14829] __should_failslab+0x81/0x90 [ 305.495680][T14829] should_failslab+0x5/0x20 [ 305.500178][T14829] kmem_cache_alloc_trace+0x32/0x2c0 [ 305.505528][T14829] ? proc_pid_stack+0x59/0x180 15:54:18 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x600}}) [ 305.510285][T14829] proc_pid_stack+0x59/0x180 [ 305.514989][T14829] proc_single_show+0x84/0x100 [ 305.519748][T14829] seq_read+0x2ee/0x900 [ 305.523988][T14829] do_iter_read+0x3f5/0x480 [ 305.528483][T14829] do_preadv+0x13b/0x230 [ 305.532889][T14829] ? __sb_end_write+0x90/0xe0 [ 305.537804][T14829] ? vfs_write+0x323/0x350 [ 305.542309][T14829] ? check_preemption_disabled+0x51/0x140 [ 305.548021][T14829] ? debug_smp_processor_id+0x18/0x20 [ 305.553384][T14829] ? fpregs_assert_state_consistent+0x7e/0x90 [ 305.559446][T14829] __x64_sys_preadv+0x54/0x60 [ 305.564208][T14829] do_syscall_64+0x51/0xb0 [ 305.568693][T14829] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 305.575648][T14829] RIP: 0033:0x45cb29 [ 305.580316][T14829] Code: Bad RIP value. [ 305.584375][T14829] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 305.592780][T14829] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 305.600931][T14829] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 305.609014][T14829] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 305.617009][T14829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 305.624977][T14829] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:54:18 executing program 1 (fault-call:5 fault-nth:77): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:18 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x4}}) 15:54:18 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x700}}) 15:54:18 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0305615, &(0x7f0000000740)={0x0, @pix_mp}) [ 305.765215][T14865] FAULT_INJECTION: forcing a failure. [ 305.765215][T14865] name failslab, interval 1, probability 0, space 0, times 0 [ 305.785878][T14865] CPU: 1 PID: 14865 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 305.794604][T14865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 305.804649][T14865] Call Trace: [ 305.807936][T14865] dump_stack+0x10f/0x19d [ 305.812256][T14865] should_fail+0x23c/0x250 [ 305.816715][T14865] __should_failslab+0x81/0x90 [ 305.821474][T14865] should_failslab+0x5/0x20 [ 305.825969][T14865] kmem_cache_alloc_trace+0x32/0x2c0 [ 305.831331][T14865] ? proc_pid_stack+0x59/0x180 [ 305.836087][T14865] proc_pid_stack+0x59/0x180 [ 305.840669][T14865] proc_single_show+0x84/0x100 [ 305.845421][T14865] seq_read+0x2ee/0x900 [ 305.849581][T14865] do_iter_read+0x3f5/0x480 [ 305.854137][T14865] do_preadv+0x13b/0x230 [ 305.858373][T14865] ? __sb_end_write+0x90/0xe0 [ 305.863268][T14865] ? vfs_write+0x323/0x350 [ 305.867682][T14865] ? check_preemption_disabled+0x51/0x140 [ 305.873395][T14865] ? debug_smp_processor_id+0x18/0x20 [ 305.878799][T14865] ? fpregs_assert_state_consistent+0x7e/0x90 [ 305.884859][T14865] __x64_sys_preadv+0x54/0x60 [ 305.889566][T14865] do_syscall_64+0x51/0xb0 [ 305.894086][T14865] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 305.899980][T14865] RIP: 0033:0x45cb29 [ 305.903903][T14865] Code: Bad RIP value. [ 305.908040][T14865] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 305.916438][T14865] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 305.924398][T14865] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 305.933313][T14865] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 305.941274][T14865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 305.949242][T14865] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 305.965559][ T49] usb 4-1: new high-speed USB device number 63 using dummy_hcd [ 306.220618][ T49] usb 4-1: Using ep0 maxpacket: 8 [ 306.259787][ T49] usb 4-1: too many configurations: 23, using maximum allowed: 8 [ 306.389641][ T49] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 306.397226][ T49] usb 4-1: can't read configurations, error -61 [ 306.550484][ T49] usb 4-1: new high-speed USB device number 64 using dummy_hcd [ 306.789531][ T49] usb 4-1: Using ep0 maxpacket: 8 [ 306.829469][ T49] usb 4-1: too many configurations: 23, using maximum allowed: 8 [ 306.949483][ T49] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 306.957043][ T49] usb 4-1: can't read configurations, error -61 [ 306.964043][ T49] usb usb4-port1: attempt power cycle [ 307.699435][ T49] usb 4-1: new high-speed USB device number 65 using dummy_hcd [ 307.789744][ T49] usb 4-1: Using ep0 maxpacket: 8 [ 307.839838][ T49] usb 4-1: too many configurations: 23, using maximum allowed: 8 [ 307.959466][ T49] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 307.967022][ T49] usb 4-1: can't read configurations, error -61 [ 308.119466][ T49] usb 4-1: new high-speed USB device number 66 using dummy_hcd [ 308.210791][ T49] usb 4-1: Using ep0 maxpacket: 8 [ 308.249470][ T49] usb 4-1: too many configurations: 23, using maximum allowed: 8 15:54:21 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0305616, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:21 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x900}}) 15:54:21 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x5}}) 15:54:21 executing program 1 (fault-call:5 fault-nth:78): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:21 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303", @ANYRESOCT=r0, @ANYRES32=r1, @ANYRESDEC=r2], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 15:54:21 executing program 2: ioctl$HIDIOCGRAWINFO(0xffffffffffffffff, 0x80084803, &(0x7f0000000000)=""/61) r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) r1 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00', 0x0, 0x18}, 0x10) fgetxattr(r1, &(0x7f00000000c0)=@known='system.advise\x00', &(0x7f0000000100)=""/192, 0xc0) [ 308.349420][ T49] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 308.363240][ T49] usb 4-1: can't read configurations, error -71 15:54:21 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xa00}}) [ 308.390677][ T49] usb usb4-port1: unable to enumerate USB device 15:54:21 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x6}}) 15:54:21 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc038563b, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:21 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f0000000040)=0x9) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r5, &(0x7f0000000000)={0x5, 0x10, 0xfa00, {0x0, r7}}, 0x18) write$RDMA_USER_CM_CMD_NOTIFY(r4, &(0x7f0000000080)={0xf, 0x8, 0xfa00, {r7, 0x5}}, 0x10) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TIOCGETD(r2, 0x5424, &(0x7f0000000000)) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) [ 308.445553][T14888] FAULT_INJECTION: forcing a failure. [ 308.445553][T14888] name failslab, interval 1, probability 0, space 0, times 0 15:54:21 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc038563c, &(0x7f0000000740)={0x0, @pix_mp}) [ 308.522674][T14888] CPU: 0 PID: 14888 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 308.531362][T14888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 308.541401][T14888] Call Trace: [ 308.544683][T14888] dump_stack+0x10f/0x19d [ 308.549003][T14888] should_fail+0x23c/0x250 [ 308.553502][T14888] __should_failslab+0x81/0x90 [ 308.558261][T14888] should_failslab+0x5/0x20 [ 308.562753][T14888] kmem_cache_alloc_trace+0x32/0x2c0 [ 308.568028][T14888] ? proc_pid_stack+0x59/0x180 [ 308.573191][T14888] proc_pid_stack+0x59/0x180 [ 308.578210][T14888] proc_single_show+0x84/0x100 [ 308.582972][T14888] seq_read+0x2ee/0x900 [ 308.587129][T14888] do_iter_read+0x3f5/0x480 [ 308.591672][T14888] do_preadv+0x13b/0x230 [ 308.595907][T14888] ? __sb_end_write+0x90/0xe0 [ 308.601789][T14888] ? vfs_write+0x323/0x350 [ 308.606197][T14888] ? check_preemption_disabled+0x51/0x140 [ 308.611997][T14888] ? debug_smp_processor_id+0x18/0x20 [ 308.617375][T14888] ? fpregs_assert_state_consistent+0x7e/0x90 [ 308.623438][T14888] __x64_sys_preadv+0x54/0x60 [ 308.628107][T14888] do_syscall_64+0x51/0xb0 [ 308.632515][T14888] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 308.638410][T14888] RIP: 0033:0x45cb29 [ 308.642290][T14888] Code: Bad RIP value. [ 308.647922][T14888] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 308.656686][T14888] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 308.664649][T14888] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 15:54:21 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x7}}) 15:54:21 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xb00}}) 15:54:21 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x8}}) 15:54:21 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xc00}}) 15:54:21 executing program 1 (fault-call:5 fault-nth:79): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 308.672610][T14888] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 308.680569][T14888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 308.688619][T14888] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 308.762828][T14920] FAULT_INJECTION: forcing a failure. [ 308.762828][T14920] name failslab, interval 1, probability 0, space 0, times 0 [ 308.784490][T14920] CPU: 0 PID: 14920 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 308.793182][T14920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 308.803262][T14920] Call Trace: [ 308.806563][T14920] dump_stack+0x10f/0x19d [ 308.810896][T14920] should_fail+0x23c/0x250 [ 308.815318][T14920] __should_failslab+0x81/0x90 [ 308.820108][T14920] should_failslab+0x5/0x20 [ 308.820776][ T49] usb 4-1: new high-speed USB device number 67 using dummy_hcd [ 308.824613][T14920] kmem_cache_alloc_trace+0x32/0x2c0 [ 308.837414][T14920] ? proc_pid_stack+0x59/0x180 [ 308.842212][T14920] proc_pid_stack+0x59/0x180 [ 308.846801][T14920] proc_single_show+0x84/0x100 [ 308.851565][T14920] seq_read+0x2ee/0x900 [ 308.855725][T14920] do_iter_read+0x3f5/0x480 [ 308.860241][T14920] do_preadv+0x13b/0x230 [ 308.864483][T14920] ? __sb_end_write+0x90/0xe0 [ 308.869218][T14920] ? vfs_write+0x323/0x350 [ 308.873631][T14920] ? check_preemption_disabled+0x51/0x140 [ 308.879364][T14920] ? debug_smp_processor_id+0x18/0x20 [ 308.884731][T14920] ? fpregs_assert_state_consistent+0x7e/0x90 [ 308.890860][T14920] __x64_sys_preadv+0x54/0x60 [ 308.895534][T14920] do_syscall_64+0x51/0xb0 [ 308.899946][T14920] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 308.905865][T14920] RIP: 0033:0x45cb29 [ 308.909751][T14920] Code: Bad RIP value. [ 308.913802][T14920] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 308.922280][T14920] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 308.930245][T14920] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 308.938296][T14920] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 308.946260][T14920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 308.954226][T14920] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 309.079463][ T49] usb 4-1: Using ep0 maxpacket: 8 [ 309.201009][ T49] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 309.209131][ T49] usb 4-1: config 0 has no interface number 0 [ 309.215521][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 309.226735][ T0] NOHZ: local_softirq_pending 08 [ 309.226760][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 48, changing to 9 [ 309.242745][ T49] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 309.255815][ T49] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 309.264913][ T49] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 309.273837][ T49] usb 4-1: config 0 descriptor?? [ 309.311981][ T49] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input41 [ 309.512553][ T49] usb 4-1: USB disconnect, device number 67 [ 309.529447][ T49] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 309.860063][ T0] NOHZ: local_softirq_pending 08 [ 310.289443][ T49] usb 4-1: new high-speed USB device number 68 using dummy_hcd [ 310.530300][ T49] usb 4-1: Using ep0 maxpacket: 8 [ 310.649834][ T49] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 310.659037][ T49] usb 4-1: config 0 has no interface number 0 [ 310.665530][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 310.676537][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 48, changing to 9 [ 310.687849][ T49] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 310.701053][ T49] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 310.710150][ T49] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 310.719026][ T49] usb 4-1: config 0 descriptor?? [ 310.761873][ T49] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input42 15:54:24 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100010902240001000000000904410017ff5d010009050f1f010000000009058303a600d4ed90c89f035eb0e054f9b4dfd114393e3825abb88852c471c970930793a6e40c375daec1ead2b14e8d401c931fc559240cec028a49ced01d3108fc525ba879b7552a2b581a5067a259355dc6ce3601f7a47f8c8dd67142ed11c70bf2d44a9aed0bdd"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:54:24 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x9}}) 15:54:24 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xd00}}) 15:54:24 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc040563d, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:24 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$CAN_RAW_LOOPBACK(r2, 0x65, 0x3, &(0x7f0000000080)=0x1, 0x4) r3 = open(&(0x7f0000000000)='./file0\x00', 0x202080, 0x80) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000040)=0x1) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:54:24 executing program 1 (fault-call:5 fault-nth:80): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 310.969538][ T5033] usb 4-1: USB disconnect, device number 68 [ 310.997547][ T5033] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 311.054996][T14980] FAULT_INJECTION: forcing a failure. [ 311.054996][T14980] name failslab, interval 1, probability 0, space 0, times 0 [ 311.084984][T14980] CPU: 0 PID: 14980 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 311.093678][T14980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 311.103732][T14980] Call Trace: [ 311.107021][T14980] dump_stack+0x10f/0x19d [ 311.111395][T14980] should_fail+0x23c/0x250 [ 311.115811][T14980] __should_failslab+0x81/0x90 [ 311.120572][T14980] should_failslab+0x5/0x20 [ 311.125070][T14980] kmem_cache_alloc_trace+0x32/0x2c0 [ 311.130349][T14980] ? proc_pid_stack+0x59/0x180 [ 311.135120][T14980] proc_pid_stack+0x59/0x180 [ 311.139704][T14980] proc_single_show+0x84/0x100 [ 311.144487][T14980] seq_read+0x2ee/0x900 [ 311.148647][T14980] do_iter_read+0x3f5/0x480 [ 311.153145][T14980] do_preadv+0x13b/0x230 [ 311.157390][T14980] ? __sb_end_write+0x90/0xe0 [ 311.162070][T14980] ? vfs_write+0x323/0x350 [ 311.166483][T14980] ? check_preemption_disabled+0x51/0x140 [ 311.172208][T14980] ? debug_smp_processor_id+0x18/0x20 [ 311.177577][T14980] ? fpregs_assert_state_consistent+0x7e/0x90 [ 311.183644][T14980] __x64_sys_preadv+0x54/0x60 [ 311.188353][T14980] do_syscall_64+0x51/0xb0 [ 311.192787][T14980] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 311.198671][T14980] RIP: 0033:0x45cb29 15:54:24 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc040563e, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:24 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xe00}}) 15:54:24 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xa}}) 15:54:24 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000000)='batadv\x00') ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) getpeername(0xffffffffffffffff, &(0x7f0000000340)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, &(0x7f00000003c0)=0x80) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000440)='batadv\x00') r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="000000000000daea825fa224050fb4e300002800"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r5, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002e40)=@newtfilter={0x74, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x10}, {}, {0x3}}, [@filter_kind_options=@f_cgroup={{0xb, 0x1, 'cgroup\x00'}, {0x44, 0x2, [@TCA_CGROUP_POLICE={0x40, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}}]}]}}]}, 0x74}}, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r8, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002e40)=@newtfilter={0x74, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0x10}, {}, {0x3}}, [@filter_kind_options=@f_cgroup={{0xb, 0x1, 'cgroup\x00'}, {0x44, 0x2, [@TCA_CGROUP_POLICE={0x40, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}}]}]}}]}, 0x74}}, 0x0) sendmsg$BATADV_CMD_GET_GATEWAYS(r1, &(0x7f00000005c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x44, r2, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x80}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r8}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x80000001}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x1004c015}, 0x4000) [ 311.202916][T14980] Code: Bad RIP value. [ 311.206968][T14980] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 311.215373][T14980] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 311.223337][T14980] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 311.231299][T14980] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 311.239261][T14980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 311.247225][T14980] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:54:24 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xb}}) 15:54:24 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x1100}}) [ 311.353007][T15010] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 311.380365][T15010] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 311.421893][T15018] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 311.439511][T15021] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 311.659769][ T5033] usb 4-1: new high-speed USB device number 69 using dummy_hcd [ 311.959448][ T5033] usb 4-1: device descriptor read/64, error 18 [ 312.399469][ T5033] usb 4-1: device descriptor read/64, error 18 [ 312.669435][ T5033] usb 4-1: new high-speed USB device number 70 using dummy_hcd [ 312.959437][ T5033] usb 4-1: device descriptor read/64, error 18 [ 313.359446][ T5033] usb 4-1: device descriptor read/64, error 18 [ 313.479596][ T5033] usb usb4-port1: attempt power cycle 15:54:27 executing program 1 (fault-call:5 fault-nth:81): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:27 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc040564a, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:27 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x1200}}) 15:54:27 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xc}}) 15:54:27 executing program 2: openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x410082, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop-control\x00', 0x254d83, 0x0) ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f0000000040)='&\x00', 0x0, r2) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x84000) ioctl$SNDCTL_DSP_GETOSPACE(r3, 0x8010500c, &(0x7f0000000080)) 15:54:27 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d01000905058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='reno\x00', 0x5) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$UI_SET_ABSBIT(r5, 0x40045567, 0x4) 15:54:27 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc040564b, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:27 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xd}}) 15:54:27 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x2500}}) [ 314.090162][T15037] FAULT_INJECTION: forcing a failure. [ 314.090162][T15037] name failslab, interval 1, probability 0, space 0, times 0 [ 314.129162][T15037] CPU: 0 PID: 15037 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 15:54:27 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='))#&&-\x00') ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x2) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, &(0x7f0000000000)={0x0, 0xc2, "7fdd89d8d51d038709e43f5d27acbad41bce2c92bafa18654dd2f6ed40235a5ba0238ffd485cf42b0f8344c790c3708eba5d2a0641f1efe8d8dc3537706a3c420d4b2c737db59b2ab7376085eeba22e48d32158765bf13bfb7e02ff7ec32c6e7ebb1dda96176893e34bfaf59a17e027a2189381d26a6220158dae2e5bb053888a8842072e0380c0d7086cade2209e2341521d58c0553db73915b9282a4ee0fee8a1d2e6b5aecac9ff39129beeff0d118de5cf6027d86dd55c7872bfa9335a1a344d2"}, &(0x7f0000000100)=0xca) [ 314.137937][T15037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 314.147986][T15037] Call Trace: [ 314.151282][T15037] dump_stack+0x10f/0x19d [ 314.155666][T15037] should_fail+0x23c/0x250 [ 314.160083][T15037] __should_failslab+0x81/0x90 [ 314.164874][T15037] should_failslab+0x5/0x20 [ 314.169505][T15037] kmem_cache_alloc_trace+0x32/0x2c0 [ 314.174800][T15037] ? proc_pid_stack+0x59/0x180 [ 314.179563][T15037] proc_pid_stack+0x59/0x180 [ 314.184157][T15037] proc_single_show+0x84/0x100 [ 314.188919][T15037] seq_read+0x2ee/0x900 [ 314.193135][T15037] do_iter_read+0x3f5/0x480 [ 314.197640][T15037] do_preadv+0x13b/0x230 [ 314.201885][T15037] ? __sb_end_write+0x90/0xe0 [ 314.206562][T15037] ? vfs_write+0x323/0x350 [ 314.210976][T15037] ? check_preemption_disabled+0x51/0x140 [ 314.216694][T15037] ? debug_smp_processor_id+0x18/0x20 [ 314.222078][T15037] ? fpregs_assert_state_consistent+0x7e/0x90 [ 314.228144][T15037] __x64_sys_preadv+0x54/0x60 [ 314.232821][T15037] do_syscall_64+0x51/0xb0 [ 314.237293][T15037] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 314.243188][T15037] RIP: 0033:0x45cb29 [ 314.247068][T15037] Code: Bad RIP value. [ 314.251125][T15037] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 314.259529][T15037] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 314.267498][T15037] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 314.275638][T15037] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 314.283657][T15037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 314.292703][T15037] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:54:27 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x5c00}}) 15:54:27 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xe}}) 15:54:27 executing program 1 (fault-call:5 fault-nth:82): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:27 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0445624, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:27 executing program 2: syz_init_net_socket$ax25(0x3, 0x2, 0xcb) r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:54:27 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x1000000}}) [ 314.409419][ T5033] usb 4-1: new high-speed USB device number 71 using dummy_hcd 15:54:27 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x10}}) [ 314.512286][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 314.515620][T15072] FAULT_INJECTION: forcing a failure. [ 314.515620][T15072] name failslab, interval 1, probability 0, space 0, times 0 [ 314.567865][T15072] CPU: 0 PID: 15072 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 314.576566][T15072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 314.586620][T15072] Call Trace: [ 314.590041][T15072] dump_stack+0x10f/0x19d [ 314.596632][T15072] should_fail+0x23c/0x250 [ 314.601395][T15072] __should_failslab+0x81/0x90 [ 314.606189][T15072] should_failslab+0x5/0x20 [ 314.612503][T15072] kmem_cache_alloc_trace+0x32/0x2c0 [ 314.617809][T15072] ? proc_pid_stack+0x59/0x180 [ 314.622580][T15072] proc_pid_stack+0x59/0x180 [ 314.627177][T15072] proc_single_show+0x84/0x100 [ 314.631942][T15072] seq_read+0x2ee/0x900 [ 314.636221][T15072] do_iter_read+0x3f5/0x480 [ 314.640729][T15072] do_preadv+0x13b/0x230 [ 314.645026][T15072] ? __sb_end_write+0x90/0xe0 [ 314.650385][T15072] ? vfs_write+0x323/0x350 [ 314.654900][T15072] ? check_preemption_disabled+0x51/0x140 [ 314.660970][T15072] ? debug_smp_processor_id+0x18/0x20 [ 314.666367][T15072] ? fpregs_assert_state_consistent+0x7e/0x90 [ 314.672439][T15072] __x64_sys_preadv+0x54/0x60 [ 314.677157][T15072] do_syscall_64+0x51/0xb0 [ 314.681580][T15072] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 314.687614][T15072] RIP: 0033:0x45cb29 [ 314.691614][T15072] Code: Bad RIP value. [ 314.695702][T15072] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 314.704114][T15072] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 314.712255][T15072] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 314.720318][T15072] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 314.729213][T15072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 314.737198][T15072] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 314.819451][ T5033] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 314.827612][ T5033] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 314.838383][ T5033] usb 4-1: config 0 has no interface number 0 [ 314.844862][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 314.856181][ T5033] usb 4-1: config 0 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 314.869628][ T5033] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 314.878707][ T5033] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 314.888814][ T5033] usb 4-1: config 0 descriptor?? [ 315.144882][ T3964] usb 4-1: USB disconnect, device number 71 [ 315.949458][ T5] usb 4-1: new high-speed USB device number 72 using dummy_hcd [ 316.219432][ T5] usb 4-1: Using ep0 maxpacket: 8 [ 316.349828][ T5] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 316.358011][ T5] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 316.373288][ T5] usb 4-1: config 0 has no interface number 0 [ 316.379438][ T5] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 316.391617][ T5] usb 4-1: config 0 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 316.404684][ T5] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 316.413803][ T5] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 316.424664][ T5] usb 4-1: config 0 descriptor?? 15:54:29 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab32a190eb1e000001f1fffb529f265037ffff0904622100005d016f7f41b1aa760000000000000000"], 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4}, 0x20) setsockopt$inet6_MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f00000000c0)={0x5, 0x1, 0x4, 0x91, 0x5}, 0xc) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000006800b595000006000000f60000000000", @ANYRES32=0x0, @ANYBLOB="140002"], 0x3}}, 0x0) close(r2) socket$inet(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ff60, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$cgroup_freezer_state(r0, &(0x7f0000000100)='THAWED\x00', 0x7) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$VIDIOC_SUBDEV_S_SELECTION(r8, 0xc040563e, &(0x7f0000000040)={0x0, 0x0, 0x103, 0x7, {0x3f, 0x4, 0x19d, 0x96}}) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) 15:54:29 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0485619, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:29 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) openat$mice(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/mice\x00', 0x404000) 15:54:29 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x11}}) 15:54:29 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x2000000}}) 15:54:29 executing program 1 (fault-call:5 fault-nth:83): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 316.674939][ T5033] usb 4-1: USB disconnect, device number 72 15:54:30 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0505609, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:30 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x12}}) 15:54:30 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x3000000}}) 15:54:30 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x4000000}}) 15:54:30 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x82, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket(0x1a, 0x80000, 0x0) close(r3) sendmmsg$inet_sctp(r3, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x200}}], 0x20}], 0x1, 0x0) getsockopt$inet6_tcp_int(r3, 0x6, 0x5, &(0x7f0000000100), &(0x7f0000000140)=0x4) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x7b, &(0x7f0000000000)={r5}, 0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000000080)={0xfff, 0x8000, 0x8000, 0x1, 0xfff, 0x1, 0x7, 0xcb4, r5}, 0x20) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bsg\x00', 0x100, 0x0) ioctl$SIOCGIFMTU(r6, 0x8921, &(0x7f0000000040)) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) syz_open_pts(r6, 0x40) ioctl$VFIO_CHECK_EXTENSION(r6, 0x3b65, 0x3) [ 316.821865][T15117] FAULT_INJECTION: forcing a failure. [ 316.821865][T15117] name failslab, interval 1, probability 0, space 0, times 0 [ 316.872910][T15117] CPU: 1 PID: 15117 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 316.881605][T15117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 316.891654][T15117] Call Trace: [ 316.894966][T15117] dump_stack+0x10f/0x19d [ 316.899298][T15117] should_fail+0x23c/0x250 [ 316.903718][T15117] __should_failslab+0x81/0x90 [ 316.908746][T15117] should_failslab+0x5/0x20 [ 316.913248][T15117] kmem_cache_alloc_trace+0x32/0x2c0 [ 316.918533][T15117] ? proc_pid_stack+0x59/0x180 [ 316.923295][T15117] proc_pid_stack+0x59/0x180 [ 316.927889][T15117] proc_single_show+0x84/0x100 [ 316.932646][T15117] seq_read+0x2ee/0x900 [ 316.936891][T15117] do_iter_read+0x3f5/0x480 [ 316.941394][T15117] do_preadv+0x13b/0x230 [ 316.945704][T15117] ? __sb_end_write+0x90/0xe0 [ 316.950521][T15117] ? vfs_write+0x323/0x350 [ 316.954947][T15117] ? check_preemption_disabled+0x51/0x140 [ 316.965967][T15117] ? debug_smp_processor_id+0x18/0x20 [ 316.971360][T15117] ? fpregs_assert_state_consistent+0x7e/0x90 [ 316.977433][T15117] __x64_sys_preadv+0x54/0x60 [ 316.982106][T15117] do_syscall_64+0x51/0xb0 [ 316.986553][T15117] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 316.992465][T15117] RIP: 0033:0x45cb29 [ 316.996403][T15117] Code: Bad RIP value. [ 317.000470][T15117] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 317.008875][T15117] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 15:54:30 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc050560f, &(0x7f0000000740)={0x0, @pix_mp}) [ 317.016868][T15117] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 317.024837][T15117] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 317.032830][T15117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 317.040829][T15117] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 317.349461][ T5033] usb 4-1: new high-speed USB device number 73 using dummy_hcd [ 317.619443][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 317.659841][ T5033] usb 4-1: too many configurations: 241, using maximum allowed: 8 [ 317.779760][ T5033] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 317.787743][ T5033] usb 4-1: can't read configurations, error -61 [ 317.939823][ T5033] usb 4-1: new high-speed USB device number 74 using dummy_hcd [ 318.179428][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 318.219478][ T5033] usb 4-1: too many configurations: 241, using maximum allowed: 8 [ 318.339624][ T5033] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 318.347312][ T5033] usb 4-1: can't read configurations, error -61 [ 318.353896][ T5033] usb usb4-port1: attempt power cycle [ 319.069442][ T5033] usb 4-1: new high-speed USB device number 75 using dummy_hcd [ 319.179862][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 319.219978][ T5033] usb 4-1: too many configurations: 241, using maximum allowed: 8 [ 319.339806][ T5033] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 319.347371][ T5033] usb 4-1: can't read configurations, error -61 [ 319.499456][ T5033] usb 4-1: new high-speed USB device number 76 using dummy_hcd [ 319.590006][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 319.630488][ T5033] usb 4-1: too many configurations: 241, using maximum allowed: 8 15:54:32 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb0902240001de18652b0904410017ff5d010009050f1f01000000000905830340dbdeb847dbb49ceccbd16a99abd80a87da265e92d401221e2c38fb"], 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000080)={{0xc5, 0x9}, {0x3, 0xfc}, 0x405, 0x2, 0x81}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000100)=""/134, &(0x7f00000001c0)=0x86) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:54:32 executing program 1 (fault-call:5 fault-nth:84): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:32 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x25}}) 15:54:32 executing program 2: openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(0xffffffffffffffff, 0x84, 0x8, &(0x7f0000000040), &(0x7f0000000080)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) fsopen(&(0x7f00000000c0)='cramfs\x00', 0x0) r1 = dup(r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$IP_VS_SO_GET_DESTS(r3, 0x0, 0x484, &(0x7f0000000140)=""/132, &(0x7f0000000200)=0x84) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VIDIOC_LOG_STATUS(r1, 0x5646, 0x0) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) r5 = dup2(r4, 0xffffffffffffffff) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r5, 0xc034564b, &(0x7f0000000100)={0x0, 0x34324d59, 0x0, 0x0, 0x2, @stepwise={{0x10001, 0xffffb42a}, {0x7, 0x1f}, {0x401, 0x5}}}) ioctl$SNDCTL_DSP_GETOSPACE(0xffffffffffffffff, 0x8010500c, &(0x7f0000000000)) 15:54:32 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x5000000}}) 15:54:32 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0505611, &(0x7f0000000740)={0x0, @pix_mp}) [ 319.752852][ T5033] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 319.781637][ T5033] usb 4-1: can't read configurations, error -71 15:54:33 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x5c}}) 15:54:33 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x6000000}}) [ 319.808844][ T5033] usb usb4-port1: unable to enumerate USB device 15:54:33 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc050565d, &(0x7f0000000740)={0x0, @pix_mp}) [ 319.851711][T15160] FAULT_INJECTION: forcing a failure. [ 319.851711][T15160] name failslab, interval 1, probability 0, space 0, times 0 [ 319.891416][T15160] CPU: 0 PID: 15160 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 319.900131][T15160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 319.910205][T15160] Call Trace: [ 319.913512][T15160] dump_stack+0x10f/0x19d [ 319.917839][T15160] should_fail+0x23c/0x250 [ 319.922263][T15160] __should_failslab+0x81/0x90 [ 319.927114][T15160] should_failslab+0x5/0x20 [ 319.931620][T15160] kmem_cache_alloc_trace+0x32/0x2c0 [ 319.936898][T15160] ? proc_pid_stack+0x59/0x180 [ 319.941655][T15160] proc_pid_stack+0x59/0x180 [ 319.946276][T15160] proc_single_show+0x84/0x100 [ 319.951034][T15160] seq_read+0x2ee/0x900 [ 319.955573][T15160] do_iter_read+0x3f5/0x480 [ 319.960095][T15160] do_preadv+0x13b/0x230 [ 319.964327][T15160] ? __sb_end_write+0x90/0xe0 [ 319.969091][T15160] ? vfs_write+0x323/0x350 [ 319.973747][T15160] ? check_preemption_disabled+0x51/0x140 [ 319.979526][T15160] ? debug_smp_processor_id+0x18/0x20 [ 319.984942][T15160] ? fpregs_assert_state_consistent+0x7e/0x90 [ 319.991026][T15160] __x64_sys_preadv+0x54/0x60 [ 319.995698][T15160] do_syscall_64+0x51/0xb0 [ 320.000133][T15160] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 320.006083][T15160] RIP: 0033:0x45cb29 [ 320.009960][T15160] Code: Bad RIP value. [ 320.014010][T15160] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 320.022484][T15160] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 320.030446][T15160] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 320.038413][T15160] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 15:54:33 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x300}}) 15:54:33 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x7000000}}) 15:54:33 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000000)={[], 0x20, 0xfeff, 0x6, 0x0, 0x3, 0x0, 0x1, [], 0x7}) [ 320.046382][T15160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 320.054360][T15160] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 320.429437][ T5033] usb 4-1: new high-speed USB device number 77 using dummy_hcd [ 320.679422][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 320.849434][ T5033] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 320.857028][ T5033] usb 4-1: can't read configurations, error -61 [ 321.009454][ T5033] usb 4-1: new high-speed USB device number 78 using dummy_hcd [ 321.259439][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 321.419935][ T5033] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 321.427499][ T5033] usb 4-1: can't read configurations, error -61 [ 321.434034][ T5033] usb usb4-port1: attempt power cycle [ 322.149445][ T5033] usb 4-1: new high-speed USB device number 79 using dummy_hcd [ 322.259825][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 322.419468][ T5033] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 322.427033][ T5033] usb 4-1: can't read configurations, error -61 [ 322.579502][ T5033] usb 4-1: new high-speed USB device number 80 using dummy_hcd [ 322.669538][ T5033] usb 4-1: Using ep0 maxpacket: 8 15:54:36 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x500}}) 15:54:36 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585604, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:36 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x8000000}}) 15:54:36 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x202041, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) 15:54:36 executing program 1 (fault-call:5 fault-nth:85): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 322.811031][ T5033] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 322.835663][ T5033] usb 4-1: can't read configurations, error -71 15:54:36 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) name_to_handle_at(r2, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x24, 0xfff, "414456aadcdc1f1608cdd6097059ec274585e0801079d734a0c137e1"}, &(0x7f00000000c0), 0x400) r3 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = socket(0xa, 0x1, 0x0) close(r6) sendmmsg$inet_sctp(r6, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x200}}], 0x20}], 0x1, 0x0) r7 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp_SCTP_CONTEXT(r6, 0x84, 0x7b, &(0x7f0000000000)={r8}, 0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000100)={r8, 0x1}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f0000000180)={r9, 0x8ff}, 0x8) openat(r5, &(0x7f0000000000)='./file0\x00', 0x40200, 0x0) 15:54:36 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x9000000}}) 15:54:36 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x600}}) [ 322.868601][ T5033] usb usb4-port1: unable to enumerate USB device 15:54:36 executing program 2: prctl$PR_GET_DUMPABLE(0x3) openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x1d7804, 0x0) 15:54:36 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585605, &(0x7f0000000740)={0x0, @pix_mp}) [ 322.958891][T15206] FAULT_INJECTION: forcing a failure. [ 322.958891][T15206] name failslab, interval 1, probability 0, space 0, times 0 [ 322.994570][T15206] CPU: 1 PID: 15206 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 15:54:36 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xa000000}}) [ 323.003704][T15206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.013856][T15206] Call Trace: [ 323.017190][T15206] dump_stack+0x10f/0x19d [ 323.021547][T15206] should_fail+0x23c/0x250 [ 323.026021][T15206] __should_failslab+0x81/0x90 [ 323.030823][T15206] should_failslab+0x5/0x20 [ 323.035346][T15206] kmem_cache_alloc_trace+0x32/0x2c0 [ 323.040634][T15206] ? proc_pid_stack+0x59/0x180 [ 323.045400][T15206] proc_pid_stack+0x59/0x180 [ 323.050258][T15206] proc_single_show+0x84/0x100 [ 323.055023][T15206] seq_read+0x2ee/0x900 15:54:36 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xb000000}}) [ 323.059189][T15206] do_iter_read+0x3f5/0x480 [ 323.063737][T15206] do_preadv+0x13b/0x230 [ 323.067978][T15206] ? __sb_end_write+0x90/0xe0 [ 323.072699][T15206] ? vfs_write+0x323/0x350 [ 323.077202][T15206] ? check_preemption_disabled+0x51/0x140 [ 323.082928][T15206] ? debug_smp_processor_id+0x18/0x20 [ 323.088338][T15206] ? fpregs_assert_state_consistent+0x7e/0x90 [ 323.094445][T15206] __x64_sys_preadv+0x54/0x60 [ 323.099213][T15206] do_syscall_64+0x51/0xb0 [ 323.103630][T15206] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 323.109513][T15206] RIP: 0033:0x45cb29 [ 323.113390][T15206] Code: Bad RIP value. [ 323.117456][T15206] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 323.125859][T15206] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 323.133820][T15206] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 323.141875][T15206] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 323.149839][T15206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 15:54:36 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xc000000}}) 15:54:36 executing program 2: openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f00000004c0)) 15:54:36 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x700}}) [ 323.157830][T15206] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:54:36 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585609, &(0x7f0000000740)={0x0, @pix_mp}) [ 323.289441][ T5033] usb 4-1: new high-speed USB device number 81 using dummy_hcd 15:54:36 executing program 1 (fault-call:5 fault-nth:86): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 323.477625][T15246] FAULT_INJECTION: forcing a failure. [ 323.477625][T15246] name failslab, interval 1, probability 0, space 0, times 0 [ 323.490290][T15246] CPU: 1 PID: 15246 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 323.499209][T15246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.509458][T15246] Call Trace: [ 323.513433][T15246] dump_stack+0x10f/0x19d [ 323.518840][T15246] should_fail+0x23c/0x250 [ 323.523324][T15246] __should_failslab+0x81/0x90 [ 323.528246][T15246] should_failslab+0x5/0x20 [ 323.532731][T15246] kmem_cache_alloc_trace+0x32/0x2c0 [ 323.537992][T15246] ? proc_pid_stack+0x59/0x180 [ 323.539404][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 323.542789][T15246] proc_pid_stack+0x59/0x180 [ 323.542806][T15246] proc_single_show+0x84/0x100 [ 323.557211][T15246] seq_read+0x2ee/0x900 [ 323.561435][T15246] do_iter_read+0x3f5/0x480 [ 323.565915][T15246] do_preadv+0x13b/0x230 [ 323.570172][T15246] ? __sb_end_write+0x90/0xe0 [ 323.574855][T15246] ? vfs_write+0x323/0x350 [ 323.579247][T15246] ? check_preemption_disabled+0x51/0x140 [ 323.584955][T15246] ? debug_smp_processor_id+0x18/0x20 [ 323.590317][T15246] ? fpregs_assert_state_consistent+0x7e/0x90 [ 323.596459][T15246] __x64_sys_preadv+0x54/0x60 [ 323.601226][T15246] do_syscall_64+0x51/0xb0 [ 323.605619][T15246] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 323.611653][T15246] RIP: 0033:0x45cb29 [ 323.615521][T15246] Code: Bad RIP value. [ 323.619639][T15246] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 323.628091][T15246] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 323.636051][T15246] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 323.644775][T15246] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 323.652730][T15246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 323.659754][ T5033] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 323.660700][T15246] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 323.668752][ T5033] usb 4-1: config 0 has no interface number 0 [ 323.682935][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 323.693902][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 323.705063][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 323.714902][ T5033] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 323.727946][ T5033] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 323.737002][ T5033] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 323.747062][ T5033] usb 4-1: config 0 descriptor?? [ 323.794903][ T5033] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input43 [ 323.994536][ T5033] usb 4-1: USB disconnect, device number 81 [ 324.013481][ T5033] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 324.790404][ T3964] usb 4-1: new high-speed USB device number 82 using dummy_hcd [ 325.029420][ T3964] usb 4-1: Using ep0 maxpacket: 8 [ 325.149456][ T3964] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 325.157821][ T3964] usb 4-1: config 0 has no interface number 0 [ 325.165526][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 325.176503][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 325.187862][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 325.197791][ T3964] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 325.210962][ T3964] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 325.220076][ T3964] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.228933][ T3964] usb 4-1: config 0 descriptor?? [ 325.271991][ T3964] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input44 15:54:38 executing program 3: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x4, 0x0) syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) fchmodat(r2, &(0x7f0000000040)='./file0\x00', 0x92) r3 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 15:54:38 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xd000000}}) 15:54:38 executing program 2: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio1\x00', 0x381200, 0x0) msgget$private(0x0, 0x38) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) write$UHID_SET_REPORT_REPLY(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e00000002000000000cf400ab542bb13d1136b25a1d09a8c2258d3205c571d6706d1194c9ffea72aec1e157157b865e8e17d26c59fdb85141ecce06fb5aeec890bf9faa4725197f1d36fd767c58836698ac939cb68431c51aae7f06b469c62f30e7efee86e4ceebd5dc5ce80cae0a57cb6cc3a5d37b146bb020bdd23a87be1019d60306b71759bb45ec628387de02212d397328e83d7fad12d2ce84f480f21150347192f01601f8115752acf94ff5bf7e26e89acfc68acbfa473f3fa11c59566223a774a9bb3758b2dece7f69c7177f85e16dc88e9fae1325263a494097ebacfa7bec742037c3ff54282b6227db74ca22810c1449f830cfc35bb75d6228"], 0x100) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000004c0)) setsockopt$nfc_llcp_NFC_LLCP_RW(0xffffffffffffffff, 0x118, 0x0, &(0x7f0000000040)=0x3, 0x4) 15:54:38 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x900}}) 15:54:38 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc058560f, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:38 executing program 1 (fault-call:5 fault-nth:87): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 325.485662][ T3964] usb 4-1: USB disconnect, device number 82 [ 325.491624][ C1] xpad 4-1:0.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 325.501302][ T3964] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 325.570050][T15295] FAULT_INJECTION: forcing a failure. [ 325.570050][T15295] name failslab, interval 1, probability 0, space 0, times 0 [ 325.592236][T15295] CPU: 1 PID: 15295 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 325.600961][T15295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 325.611016][T15295] Call Trace: [ 325.614342][T15295] dump_stack+0x10f/0x19d [ 325.618672][T15295] should_fail+0x23c/0x250 [ 325.623088][T15295] __should_failslab+0x81/0x90 [ 325.627927][T15295] should_failslab+0x5/0x20 [ 325.632435][T15295] kmem_cache_alloc_trace+0x32/0x2c0 [ 325.637808][T15295] ? proc_pid_stack+0x59/0x180 [ 325.642641][T15295] proc_pid_stack+0x59/0x180 [ 325.647293][T15295] proc_single_show+0x84/0x100 [ 325.652061][T15295] seq_read+0x2ee/0x900 [ 325.656243][T15295] do_iter_read+0x3f5/0x480 [ 325.660746][T15295] do_preadv+0x13b/0x230 [ 325.665248][T15295] ? __sb_end_write+0x90/0xe0 15:54:38 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xe000000}}) [ 325.669941][T15295] ? vfs_write+0x323/0x350 [ 325.674357][T15295] ? check_preemption_disabled+0x51/0x140 [ 325.680076][T15295] ? debug_smp_processor_id+0x18/0x20 [ 325.685534][T15295] ? fpregs_assert_state_consistent+0x7e/0x90 [ 325.691754][T15295] __x64_sys_preadv+0x54/0x60 [ 325.696456][T15295] do_syscall_64+0x51/0xb0 [ 325.700883][T15295] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 325.706773][T15295] RIP: 0033:0x45cb29 [ 325.710651][T15295] Code: Bad RIP value. 15:54:38 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x10000000}}) 15:54:39 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xa00}}) 15:54:39 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0585611, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:39 executing program 2: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$TCGETS2(0xffffffffffffffff, 0x802c542a, &(0x7f00000001c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0xa, 0x1, 0x0) close(r2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r4, 0x84, 0x6b, &(0x7f0000000100)=[@in6={0xa, 0x4e24, 0x4, @loopback, 0x2ca9d356}, @in={0x2, 0x4e20, @broadcast}, @in={0x2, 0x4e21, @local}, @in6={0xa, 0x4e24, 0x7fff, @mcast2, 0x845}, @in={0x2, 0x4e22, @private=0xa010100}, @in={0x2, 0x4e24, @multicast1}, @in={0x2, 0x4e22, @multicast2}, @in6={0xa, 0x4e23, 0x2, @private0, 0x6}], 0xa4) syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x7, 0x488400) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x200}}], 0x20}], 0x1, 0x0) r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x7b, &(0x7f0000000000)={r6}, 0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000000)={r6, 0x8}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000080)=@sack_info={r7, 0xc00000, 0x50}, 0xc) r8 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/audio1\x00', 0x82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r8, 0x8010500c, &(0x7f00000004c0)) [ 325.714708][T15295] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 325.723116][T15295] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 325.731441][T15295] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 325.739531][T15295] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 325.747672][T15295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 325.755635][T15295] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:54:39 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc058565d, &(0x7f0000000740)={0x0, @pix_mp}) [ 326.139423][ T3964] usb 4-1: new high-speed USB device number 83 using dummy_hcd [ 326.379476][ T3964] usb 4-1: Using ep0 maxpacket: 8 [ 326.499775][ T3964] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 326.507966][ T3964] usb 4-1: config 0 has no interface number 0 [ 326.515783][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 326.527161][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 326.539159][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 326.548993][ T3964] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 326.562263][ T3964] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 326.571326][ T3964] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.581752][ T3964] usb 4-1: config 0 descriptor?? [ 326.621826][ T3964] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input45 [ 326.835692][ T48] usb 4-1: USB disconnect, device number 83 [ 326.839391][ C1] xpad 4-1:0.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 326.850055][ T48] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:54:40 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000014e52108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f01000000000905830312820b28e89bf6fe5e1aee664988c4512cce9d1debb7ec46d26c5ddb24932a5d2f63a5f68e1ad7c6cb055fcfc8cd1bafed83504605a14d2fe48d0508c9e0ebff094f82a98c535528648d63668f729d8b9ad2edf7b16924eff260ac09b19c9689ce9fc79a6b4cbe9dc01cbb762365a4dcad3f0000000000000015401e24022475d3b4c24c70ab296cd7bbacc9dbf466ec7239a7b02d5fbe2c69ecf5526d4f9d"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:54:40 executing program 1 (fault-call:5 fault-nth:88): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:40 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303", @ANYRESOCT=r0, @ANYRES32=r1, @ANYRESDEC=r2], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 15:54:40 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xb00}}) 15:54:40 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x11000000}}) 15:54:40 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0845657, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:40 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xc00}}) 15:54:40 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x12000000}}) 15:54:40 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0845658, &(0x7f0000000740)={0x0, @pix_mp}) [ 327.482701][T15379] FAULT_INJECTION: forcing a failure. [ 327.482701][T15379] name failslab, interval 1, probability 0, space 0, times 0 [ 327.507775][T15379] CPU: 0 PID: 15379 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 327.516534][T15379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 327.526629][T15379] Call Trace: [ 327.529958][T15379] dump_stack+0x10f/0x19d [ 327.534297][T15379] should_fail+0x23c/0x250 [ 327.538702][T15379] __should_failslab+0x81/0x90 [ 327.543455][T15379] should_failslab+0x5/0x20 [ 327.547949][T15379] kmem_cache_alloc_trace+0x32/0x2c0 [ 327.553226][T15379] ? proc_pid_stack+0x59/0x180 [ 327.557994][T15379] proc_pid_stack+0x59/0x180 [ 327.562573][T15379] proc_single_show+0x84/0x100 [ 327.567340][T15379] seq_read+0x2ee/0x900 [ 327.571513][T15379] do_iter_read+0x3f5/0x480 [ 327.576011][T15379] do_preadv+0x13b/0x230 [ 327.580245][T15379] ? __sb_end_write+0x90/0xe0 [ 327.584960][T15379] ? vfs_write+0x323/0x350 [ 327.589371][T15379] ? check_preemption_disabled+0x51/0x140 [ 327.595086][T15379] ? debug_smp_processor_id+0x18/0x20 [ 327.600530][T15379] ? fpregs_assert_state_consistent+0x7e/0x90 [ 327.607117][T15379] __x64_sys_preadv+0x54/0x60 [ 327.612397][T15379] do_syscall_64+0x51/0xb0 [ 327.616825][T15379] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 327.622706][T15379] RIP: 0033:0x45cb29 [ 327.626581][T15379] Code: Bad RIP value. 15:54:40 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xd00}}) 15:54:40 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x25000000}}) [ 327.630633][T15379] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 327.643131][T15379] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 327.651226][T15379] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 327.659299][T15379] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 327.667266][T15379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 327.675299][T15379] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:54:40 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0905664, &(0x7f0000000740)={0x0, @pix_mp}) [ 327.809455][ T3964] usb 4-1: new high-speed USB device number 84 using dummy_hcd [ 327.859554][ T48] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 328.049415][ T3964] usb 4-1: Using ep0 maxpacket: 8 [ 328.109424][ T48] usb 3-1: Using ep0 maxpacket: 8 [ 328.169480][ T3964] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 328.177943][ T3964] usb 4-1: config 0 has no interface number 0 [ 328.184718][ T3964] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 328.195977][ T3964] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 328.209478][ T3964] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 328.218500][ T3964] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 328.227779][ T3964] usb 4-1: config 0 descriptor?? [ 328.269802][ T48] usb 3-1: config 0 has an invalid interface number: 65 but max is 0 [ 328.272566][ T3964] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input46 [ 328.277889][ T48] usb 3-1: config 0 has no interface number 0 [ 328.307988][ T48] usb 3-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 328.319710][ T48] usb 3-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 48, changing to 9 [ 328.331371][ T48] usb 3-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 328.359395][ T48] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 328.368476][ T48] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 328.395427][ T48] usb 3-1: config 0 descriptor?? [ 328.445314][ T48] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.65/input/input47 [ 328.472904][ T3964] usb 4-1: USB disconnect, device number 84 [ 328.489447][ T3964] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 328.647758][ T9916] usb 3-1: USB disconnect, device number 2 [ 328.659706][ T9916] xpad 3-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 329.269423][ T5033] usb 4-1: new high-speed USB device number 85 using dummy_hcd [ 329.529418][ T5033] usb 4-1: Using ep0 maxpacket: 8 [ 329.679437][ T5033] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 329.687655][ T5033] usb 4-1: config 0 has no interface number 0 [ 329.694346][ T5033] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 329.699791][ T0] NOHZ: local_softirq_pending 08 [ 329.706223][ T5033] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 329.723851][ T5033] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 329.734241][ T5033] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 329.743762][ T5033] usb 4-1: config 0 descriptor?? [ 329.801716][ T5033] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input48 15:54:43 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 15:54:43 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x5c000000}}) 15:54:43 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0xe00}}) 15:54:43 executing program 1 (fault-call:5 fault-nth:89): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:43 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0945662, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:43 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x4, 0x0) syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) fchmodat(r2, &(0x7f0000000040)='./file0\x00', 0x92) r3 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) [ 330.001757][ T49] usb 4-1: USB disconnect, device number 85 [ 330.030803][ T49] xpad 4-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 15:54:43 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x1100}}) 15:54:43 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:43 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x1200}}) 15:54:43 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp}) [ 330.128402][T15484] FAULT_INJECTION: forcing a failure. [ 330.128402][T15484] name failslab, interval 1, probability 0, space 0, times 0 15:54:43 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x2}}) 15:54:43 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x2500}}) [ 330.178603][T15484] CPU: 1 PID: 15484 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 330.187336][T15484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 330.197908][T15484] Call Trace: [ 330.201212][T15484] dump_stack+0x10f/0x19d [ 330.205535][T15484] should_fail+0x23c/0x250 [ 330.209965][T15484] __should_failslab+0x81/0x90 [ 330.214832][T15484] should_failslab+0x5/0x20 [ 330.219330][T15484] kmem_cache_alloc_trace+0x32/0x2c0 [ 330.224609][T15484] ? proc_pid_stack+0x59/0x180 [ 330.229451][T15484] proc_pid_stack+0x59/0x180 [ 330.234035][T15484] proc_single_show+0x84/0x100 [ 330.238867][T15484] seq_read+0x2ee/0x900 [ 330.243117][T15484] do_iter_read+0x3f5/0x480 [ 330.247641][T15484] do_preadv+0x13b/0x230 [ 330.251970][T15484] ? __sb_end_write+0x90/0xe0 [ 330.256643][T15484] ? vfs_write+0x323/0x350 [ 330.261108][T15484] ? check_preemption_disabled+0x51/0x140 [ 330.266892][T15484] ? debug_smp_processor_id+0x18/0x20 [ 330.272259][T15484] ? fpregs_assert_state_consistent+0x7e/0x90 [ 330.278407][T15484] __x64_sys_preadv+0x54/0x60 [ 330.283097][T15484] do_syscall_64+0x51/0xb0 [ 330.287584][T15484] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 330.293735][T15484] RIP: 0033:0x45cb29 [ 330.297716][T15484] Code: Bad RIP value. [ 330.301766][T15484] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 330.311123][T15484] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 330.319117][T15484] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 330.327113][T15484] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 330.335154][T15484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 330.343119][T15484] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 330.519405][ T48] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 330.659501][ T49] usb 4-1: new high-speed USB device number 86 using dummy_hcd [ 330.779411][ T48] usb 3-1: Using ep0 maxpacket: 8 [ 330.929454][ T48] usb 3-1: config 0 has an invalid interface number: 65 but max is 0 [ 330.929476][ T49] usb 4-1: device descriptor read/64, error 18 [ 330.939042][ T48] usb 3-1: config 0 has no interface number 0 [ 330.950906][ T48] usb 3-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 330.961774][ T48] usb 3-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 330.972748][ T48] usb 3-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 330.982756][ T48] usb 3-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 330.996018][ T48] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 331.005127][ T48] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 331.014153][ T48] usb 3-1: config 0 descriptor?? [ 331.067234][ T48] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.65/input/input49 [ 331.269453][ T48] usb 3-1: USB disconnect, device number 3 [ 331.284271][ T48] xpad 3-1:0.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 331.329459][ T49] usb 4-1: device descriptor read/64, error 18 [ 331.599423][ T49] usb 4-1: new high-speed USB device number 87 using dummy_hcd [ 331.869401][ T49] usb 4-1: device descriptor read/64, error 18 [ 332.259416][ T49] usb 4-1: device descriptor read/64, error 18 [ 332.379462][ T49] usb usb4-port1: attempt power cycle 15:54:46 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x5c00}}) 15:54:46 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x3}}) 15:54:46 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0e85667, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:46 executing program 1 (fault-call:5 fault-nth:90): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:46 executing program 3: syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000000000)=0x1974, 0x4) r3 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 15:54:46 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x4, 0x0) syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000014da2108ab12a190eb1e000000010902240001000000000904410017ff5d010009050f1f010000000009058303"], 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) fchmodat(r2, &(0x7f0000000040)='./file0\x00', 0x92) r3 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) [ 333.089441][ T49] usb 4-1: new high-speed USB device number 88 using dummy_hcd 15:54:46 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x4}}) 15:54:46 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x5}}) 15:54:46 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, &(0x7f0000000740)={0x0, @pix_mp}) 15:54:46 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x1000000}}) [ 333.181995][T15557] FAULT_INJECTION: forcing a failure. [ 333.181995][T15557] name failslab, interval 1, probability 0, space 0, times 0 [ 333.200852][T15557] CPU: 1 PID: 15557 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 333.209555][T15557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 333.220324][T15557] Call Trace: [ 333.223629][T15557] dump_stack+0x10f/0x19d [ 333.227954][T15557] should_fail+0x23c/0x250 [ 333.232464][T15557] __should_failslab+0x81/0x90 [ 333.237318][T15557] should_failslab+0x5/0x20 [ 333.241814][T15557] kmem_cache_alloc_trace+0x32/0x2c0 [ 333.247090][T15557] ? proc_pid_stack+0x59/0x180 [ 333.251846][T15557] proc_pid_stack+0x59/0x180 [ 333.257453][T15557] proc_single_show+0x84/0x100 [ 333.262209][T15557] seq_read+0x2ee/0x900 [ 333.266362][T15557] do_iter_read+0x3f5/0x480 [ 333.270890][T15557] do_preadv+0x13b/0x230 [ 333.275174][T15557] ? __sb_end_write+0x90/0xe0 [ 333.280252][T15557] ? vfs_write+0x323/0x350 [ 333.284685][T15557] ? check_preemption_disabled+0x51/0x140 [ 333.290403][T15557] ? debug_smp_processor_id+0x18/0x20 [ 333.295767][T15557] ? fpregs_assert_state_consistent+0x7e/0x90 [ 333.301831][T15557] __x64_sys_preadv+0x54/0x60 [ 333.309181][T15557] do_syscall_64+0x51/0xb0 [ 333.313685][T15557] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 333.319568][T15557] RIP: 0033:0x45cb29 [ 333.323446][T15557] Code: Bad RIP value. [ 333.327503][T15557] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 333.336380][T15557] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 333.344347][T15557] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 333.352313][T15557] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 333.360281][T15557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 333.368246][T15557] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 15:54:46 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x0, 0x6}}) 15:54:46 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, &(0x7f0000000740)={0x2, @pix_mp}) 15:54:46 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x2000000}}) 15:54:46 executing program 1 (fault-call:5 fault-nth:91): preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 15:54:46 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0x4020565b, &(0x7f0000000740)={0x3, @pix_mp}) 15:54:46 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000700)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000740)={0x0, @pix_mp={0x0, 0x3000000}}) [ 333.547248][ T48] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 333.607695][T15590] FAULT_INJECTION: forcing a failure. [ 333.607695][T15590] name failslab, interval 1, probability 0, space 0, times 0 [ 333.620424][ T49] usb 4-1: device not accepting address 88, error -71 [ 333.627493][T15590] CPU: 1 PID: 15590 Comm: syz-executor.1 Not tainted 5.8.0-rc4-syzkaller #0 [ 333.636166][T15590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 333.646227][T15590] Call Trace: [ 333.649538][T15590] dump_stack+0x10f/0x19d [ 333.653919][T15590] should_fail+0x23c/0x250 [ 333.658359][T15590] __should_failslab+0x81/0x90 [ 333.663225][T15590] should_failslab+0x5/0x20 [ 333.667724][T15590] kmem_cache_alloc_trace+0x32/0x2c0 [ 333.673043][T15590] ? proc_pid_stack+0x59/0x180 [ 333.677827][T15590] proc_pid_stack+0x59/0x180 [ 333.682560][T15590] proc_single_show+0x84/0x100 [ 333.687407][T15590] seq_read+0x2ee/0x900 [ 333.691637][T15590] do_iter_read+0x3f5/0x480 [ 333.696135][T15590] do_preadv+0x13b/0x230 [ 333.700425][T15590] ? __sb_end_write+0x90/0xe0 [ 333.705098][T15590] ? vfs_write+0x323/0x350 [ 333.709510][T15590] ? check_preemption_disabled+0x51/0x140 [ 333.715227][T15590] ? debug_smp_processor_id+0x18/0x20 [ 333.720598][T15590] ? fpregs_assert_state_consistent+0x7e/0x90 [ 333.726935][T15590] __x64_sys_preadv+0x54/0x60 [ 333.731619][T15590] do_syscall_64+0x51/0xb0 [ 333.736037][T15590] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 333.741995][T15590] RIP: 0033:0x45cb29 [ 333.745948][T15590] Code: Bad RIP value. [ 333.750025][T15590] RSP: 002b:00007f209606ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 333.758414][T15590] RAX: ffffffffffffffda RBX: 00000000004fb980 RCX: 000000000045cb29 [ 333.766368][T15590] RDX: 10000000000002a1 RSI: 0000000020000480 RDI: 0000000000000003 [ 333.774441][T15590] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 333.782393][T15590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 333.790371][T15590] R13: 0000000000000889 R14: 00000000004cb848 R15: 00007f209606b6d4 [ 333.949426][ T48] usb 3-1: Using ep0 maxpacket: 8 [ 334.089434][ T48] usb 3-1: config 0 has an invalid interface number: 65 but max is 0 [ 334.089791][ T49] usb 4-1: new high-speed USB device number 89 using dummy_hcd [ 334.097859][ T48] usb 3-1: config 0 has no interface number 0 [ 334.111826][ T48] usb 3-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 334.123611][ T48] usb 3-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 334.134628][ T48] usb 3-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 334.144498][ T48] usb 3-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 334.157668][ T48] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 334.166814][ T48] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 334.175575][ T48] usb 3-1: config 0 descriptor?? [ 334.199456][ T49] usb 4-1: Using ep0 maxpacket: 8 [ 334.246544][ T48] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.65/input/input50 [ 334.288899][T15604] ================================================================== [ 334.297804][T15604] BUG: KCSAN: data-race in vfs_readlink / vfs_readlink [ 334.304737][T15604] [ 334.307087][T15604] write to 0xffff888120796082 of 2 bytes by task 15602 on cpu 1: [ 334.314820][T15604] vfs_readlink+0x20b/0x260 [ 334.319363][T15604] do_readlinkat+0x170/0x200 [ 334.319817][ T49] usb 4-1: config 0 has an invalid interface number: 65 but max is 0 [ 334.323954][T15604] __x64_sys_readlinkat+0x4f/0x60 [ 334.332054][ T49] usb 4-1: config 0 has no interface number 0 [ 334.337030][T15604] do_syscall_64+0x51/0xb0 [ 334.346192][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 334.347634][T15604] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 334.359331][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 334.364323][T15604] [ 334.364337][T15604] read to 0xffff888120796082 of 2 bytes by task 15604 on cpu 0: [ 334.364351][T15604] vfs_readlink+0x56/0x260 [ 334.364362][T15604] do_readlinkat+0x170/0x200 [ 334.364372][T15604] __x64_sys_readlinkat+0x4f/0x60 [ 334.364389][T15604] do_syscall_64+0x51/0xb0 [ 334.377615][ T49] usb 4-1: config 0 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 334.377645][T15604] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 334.386224][ T49] usb 4-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 334.389685][T15604] [ 334.389689][T15604] Reported by Kernel Concurrency Sanitizer on: [ 334.389702][T15604] CPU: 0 PID: 15604 Comm: systemd-udevd Not tainted 5.8.0-rc4-syzkaller #0 [ 334.389707][T15604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 334.389711][T15604] ================================================================== [ 334.389716][T15604] Kernel panic - not syncing: panic_on_warn set ... [ 334.389727][T15604] CPU: 0 PID: 15604 Comm: systemd-udevd Not tainted 5.8.0-rc4-syzkaller #0 [ 334.389732][T15604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 334.389735][T15604] Call Trace: [ 334.389759][T15604] dump_stack+0x10f/0x19d [ 334.398362][ T49] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a1, bcdDevice=1e.eb [ 334.399431][T15604] panic+0x207/0x64a [ 334.399445][T15604] ? vprintk_emit+0x44a/0x4f0 [ 334.399458][T15604] kcsan_report+0x684/0x690 [ 334.399475][T15604] ? kcsan_setup_watchpoint+0x453/0x4d0 [ 334.405729][ T49] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 334.413692][T15604] ? vfs_readlink+0x56/0x260 [ 334.413703][T15604] ? do_readlinkat+0x170/0x200 [ 334.413713][T15604] ? __x64_sys_readlinkat+0x4f/0x60 [ 334.413722][T15604] ? do_syscall_64+0x51/0xb0 [ 334.413735][T15604] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 334.413754][T15604] ? filename_lookup+0x2b6/0x380 [ 334.439820][ T49] usb 4-1: config 0 descriptor?? [ 334.441655][T15604] kcsan_setup_watchpoint+0x453/0x4d0 [ 334.441675][T15604] vfs_readlink+0x56/0x260 [ 334.491737][ T49] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.65/input/input51 [ 334.493621][T15604] do_readlinkat+0x170/0x200 [ 334.526997][ T49] usb 3-1: USB disconnect, device number 4 [ 334.527763][T15604] __x64_sys_readlinkat+0x4f/0x60 [ 334.611708][T15604] do_syscall_64+0x51/0xb0 [ 334.616127][T15604] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 334.622015][T15604] RIP: 0033:0x7f48a49710ba [ 334.626512][T15604] Code: Bad RIP value. [ 334.630568][T15604] RSP: 002b:00007ffe2b2abce8 EFLAGS: 00000206 ORIG_RAX: 000000000000010b [ 334.638971][T15604] RAX: ffffffffffffffda RBX: 000055a339388100 RCX: 00007f48a49710ba [ 334.646938][T15604] RDX: 000055a339388100 RSI: 00007ffe2b2abd70 RDI: 00000000ffffff9c [ 334.654896][T15604] RBP: 0000000000000064 R08: 0000000000000000 R09: 0000000000000070 [ 334.662865][T15604] R10: 0000000000000063 R11: 0000000000000206 R12: 00007ffe2b2abd70 [ 334.670903][T15604] R13: 00000000ffffff9c R14: 00007ffe2b2abd40 R15: 0000000000000063 [ 334.679958][T15604] Kernel Offset: disabled [ 334.684298][T15604] Rebooting in 86400 seconds..