last executing test programs: 10.112970117s ago: executing program 0 (id=682): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)}, &(0x7f0000000280)=0x10) setsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000040), 0x4) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x0, 0x20}, 0xffffffffffffffe4) writev(0xffffffffffffffff, &(0x7f0000000580)=[{&(0x7f00000003c0)='k', 0x1600}], 0x1) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_usb_connect$hid(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000000000020961b0a0000000000000109022400010000000009040000000300000009210000000122000099568103000000000043db781dd7724ce41427f18ed38223acd5"], 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) r5 = socket$inet6_sctp(0xa, 0x801, 0x84) r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0) write$cgroup_int(r6, &(0x7f0000000000)=0xfe8e, 0x12) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r5, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x9}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_MAXSEG(r6, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={r7, 0x10001}, 0x8) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=@newtaction={0x178, 0x30, 0x4, 0x70bd25, 0x0, {}, [{0x164, 0x1, [@m_ife={0x160, 0x1, 0x0, 0x0, {{0x8}, {0x98, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x3, 0x400, 0x2, 0x1ff, 0x7}, 0x1}}, @TCA_IFE_DMAC={0xa}, @TCA_IFE_PARMS={0x1c, 0x1, {{0xaf, 0x5, 0x4, 0x4}, 0x1}}, @TCA_IFE_DMAC={0xa, 0x3, @broadcast}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x82, 0x5, 0xf82, 0x9}, 0x1}}, @TCA_IFE_SMAC={0xa, 0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x9, 0x4, 0x20000005, 0x9, 0xf7}, 0x1}}]}, {0xa2, 0x6, "7c2dfd2e00e3984564186cb48fa6687768340c686ae404c3f4fc6b565eb9f3bc0a7942e5d48a3b56c73276d74699edcc57f661c1d911dc258aa12af791f448602351d85879c8cff25bd8cd240dc9d3035bdef0948bd7f70b3e6ecfbf98f0e47bb4cb13b97974bd411c755788988872f6004440b3823d7c85df429e1ee085fdaeaf357a006848440523ec61bcd38d5e8522e8040e3ce588bf70fe0e780392"}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}]}]}, 0x178}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) 7.319248961s ago: executing program 1 (id=690): r0 = socket$inet_smc(0x2b, 0x1, 0x0) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='dctcp-reno\x00', 0xb) socket$inet6_dccp(0xa, 0x6, 0x0) dup3(r0, 0xffffffffffffffff, 0x80000) 7.216377505s ago: executing program 1 (id=691): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000055098a403a0901268f08000000010902120001000000000904000000eb77e06e"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000040)={0x14, &(0x7f0000000180)={0x40, 0x10, 0xf9, {0xf9, 0xa, "a3d8873cbd2e0589289dd93d3cea97c94158b40935f1983f70e5b33a5efa9cc664f9e81f53eebee70ed2d3b152f055d3545f8ca16d0ddf9de1d08d6a7b7e776c1add91245ce6228fb1c81a7243b9813be164c4130b50724a62b53ea81b91f7eca45b1b959e8d240963115929729d15b9e9f384e7da1a4b62d2142dfd6f50b9693963bda8519ef3e363937adb9b2517ab1fe8e30088782b8a8a9803cea3155a302df233202aad759810abb23b70d93429517cf96b1daaf3c8e0da5111819687ee78f6e18630d9ebaf588d5357db1c6da1d55bb4cb9d1eefeedce7a80c4909cb70cbf841a042ad6c0ed7815605ba84bf3ece087afe383183"}}, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000340)={0x1c, &(0x7f0000000280)={0x0, 0xb, 0xad, "463f994bba003c26d5d22e65f5614e9ee08d49cd2783a8fe743342c46f8c07e497098fc6d86854cb6ef847b73eb43590658947fb0bf8aac9b8d4b6b4fc10a75bb716b4e6538d1aeb651fcd5ab03cd1297bff246c0af8e6eb216c680717e0b0f40df831c48b75410280592256c7ccb5bbcafa51af85fb31d78bf9cdebe4daa8eec5642f10f2a57bf271d117d6d04b4d08050fbaf6032014236b16c2f7e92856bcf2948650ab7249a13258faed77"}, &(0x7f0000000080)={0x0, 0xa, 0x1, 0x66}, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x1}}) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) 6.889400603s ago: executing program 0 (id=695): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000055098a403a0901268f08000000010902120001000000000904000000eb77e06e"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000040)={0x14, &(0x7f0000000180)={0x40, 0x10, 0xf9, {0xf9, 0xa, "a3d8873cbd2e0589289dd93d3cea97c94158b40935f1983f70e5b33a5efa9cc664f9e81f53eebee70ed2d3b152f055d3545f8ca16d0ddf9de1d08d6a7b7e776c1add91245ce6228fb1c81a7243b9813be164c4130b50724a62b53ea81b91f7eca45b1b959e8d240963115929729d15b9e9f384e7da1a4b62d2142dfd6f50b9693963bda8519ef3e363937adb9b2517ab1fe8e30088782b8a8a9803cea3155a302df233202aad759810abb23b70d93429517cf96b1daaf3c8e0da5111819687ee78f6e18630d9ebaf588d5357db1c6da1d55bb4cb9d1eefeedce7a80c4909cb70cbf841a042ad6c0ed7815605ba84bf3ece087afe383183"}}, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000340)={0x1c, &(0x7f0000000280)={0x0, 0xb, 0xad, "463f994bba003c26d5d22e65f5614e9ee08d49cd2783a8fe743342c46f8c07e497098fc6d86854cb6ef847b73eb43590658947fb0bf8aac9b8d4b6b4fc10a75bb716b4e6538d1aeb651fcd5ab03cd1297bff246c0af8e6eb216c680717e0b0f40df831c48b75410280592256c7ccb5bbcafa51af85fb31d78bf9cdebe4daa8eec5642f10f2a57bf271d117d6d04b4d08050fbaf6032014236b16c2f7e92856bcf2948650ab7249a13258faed77"}, &(0x7f0000000080)={0x0, 0xa, 0x1, 0x66}, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x1}}) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000500)={0x18, 0x0, &(0x7f00000000c0)={0x0, 0x3, 0x4, @lang_id={0x4}}, 0x0, 0x0, 0x0}, 0x0) 5.891678912s ago: executing program 3 (id=698): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x128, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}, @IPSET_ATTR_DATA={0x74, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}, @IPSET_ATTR_NETMASK={0x5}, @IPSET_ATTR_MAXELEM={0x8}, @IPSET_ATTR_HASHSIZE={0x8}, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}}, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @empty}}, @IPSET_ATTR_CADT_FLAGS={0x8}, @IPSET_ATTR_CADT_FLAGS={0x8}, @IPSET_ATTR_PORT_TO={0x6}, @IPSET_ATTR_LINENO={0x8}]}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x44, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}, @IPSET_ATTR_MARK={0x8}, @IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @dev}}, @IPSET_ATTR_TIMEOUT={0x8}, @IPSET_ATTR_MARK={0x8}, @IPSET_ATTR_MAXELEM={0x8}]}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5}, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0xffffff11}]}]}, 0x128}}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)={0x2c, 0x3a, 0xb, 0x0, 0x0, {0x2}, [@nested={0xfffffffffffffec1, 0x0, 0x0, 0x1, [@typed={0x13, 0x3, 0x0, 0x0, @str='\r4\xd8\x02j,'}]}]}, 0x2c}}, 0x0) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000040)=@generic={&(0x7f0000000000)='./file0\x00', 0x0, 0x10}, 0x18) r1 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r1, 0xc0585609, &(0x7f0000000100)={0x0, 0xd, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "7ac4d4c6"}, 0x0, 0x4, {}, 0x0, 0x0, 0xffffffffffffffff}) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1f}}, 0x1c) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000600)='./file1\x00', 0x0) mount(&(0x7f00000009c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000a00)='./file1\x00', &(0x7f0000000a40)='affs\x00', 0x0, &(0x7f0000000a80)=',\x00') socket(0x15, 0x0, 0x0) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000940)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xc4}, 0x9c) ioctl(r3, 0x8b2c, &(0x7f0000000040)) r6 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r2, 0x80089419, &(0x7f0000000080)) connect$inet6(r6, &(0x7f0000000300)={0xa, 0x0, 0x0, @local, 0x6}, 0x1c) sendmmsg$inet6(r6, &(0x7f0000003780)=[{{&(0x7f00000000c0)={0xa, 0x4e22, 0x3, @ipv4={'\x00', '\xff\xff', @remote}, 0x9f}, 0x1c, &(0x7f00000018c0)=[{&(0x7f0000000500)="60e46417d22c95142f620675ebbb293fc8aa1ec2f43c6ddd752f303aae9a7515c7c2b278a2229da4d9b896621ba551bb99e9ce0fb8feb4e904752f6ea2e24a8027876e346cf76bc82d4d24750779411d8acaa5bf99373febe849f159d2eb20a2e5497ce0f9acc8946fbbbeaa4719b53d274825d512929dd44e11dfbbf28c0737bf834321dc8de7baaba9ed799c978c5a3c077988652d2631e62bf88708f2f9b4a3ba4a623f6a761d0c2072", 0xab}, {&(0x7f0000000700)="067acfb7a353331eff8882f04e35d6a98503768dbf6f9b669eb1519929e2b5eab579e5713afcee5b95920e953055e6105be23ee5ea28551698ed286cc158ebacb88357180bf08f3645e77d502b6fa174c7c0ea9602bbfa83de72bcc4610b478683087cab1b93a8d83636adf48ab91f49aab5b40c948dd8e885eeae07b54dfeae237400a5bae20fe23ad9eee5a35c5294f35df125d7a31ed67211b81a9f03a799b3019624e03ac8b7af3189a62c418088eccc0d97c61026d59577705b93e6b1f49525750630183b51b3c9902ad9f1cc4870c5ae7201a33446f5048b2a1b14f6421a01f714f67c2d2002d08c469d5e9ea512a6c41745a8707d979f19dba2b81618054a39682220bd0c48aa907722efcc9d752441699d268a8a069ff3a70ac55f6c2578b19ddaa04e604d0d089715ec5d4cb6341f450a4e7796138743a7ae62c886e66414fb460ad371bc61ac9f78485c41d5bf9ca898e9c17785f2b58759fd014f11d382762f5ea3b5195832a6975b38482295b2b54fbaf43e8ffacf0c347ec7607a4e69d64b33b8d61484a132a57075a4d2f5b1232b118ab1ab2457d54d22b3b9a6874067b6142edd65bd570ccc1ce4d14413e5fa3bb3675ecbde93901c17fca9c8b5762b5abb4d94b20aa6a1964281270a5ce8277fd23bd9f58d82278cf4961e040aae7c81baa2e92ff979ba99bef740c242896549637499e92f1db1bca5d7dfc39c7069d6dfe0af6980e90b3474a436baeb94b6491ccd85a0b7664e21690981da9c6d663fb0b9285f54b0d263fd5267a4e4fcf5bfb72d361af8b6f511b183e9a6f23b99ce6f7b9dc8fab23b2eb754c23a8a1e5e5e8575498ec9821e864be862bca5773ffbcc08c1ff08e204bc2fa68753886142e5cac542666af15b894d45eec10706ecb13e168ad09d8f00621a8f2343b93354ffa04a50c33cf1628a901d2d282a0dbd14ba47cf9929748245ef977a79901d4323b1970d4f2182b91714a367dac1bf018ee48b9d9479d31e4a3b60a75f7cc10ab932a3d28261115cee94f0a59c0a02a20a8fb475b2e3732683de898a7bf62f8620a09114fae81318be4157aa415967699f121a24cb72d64af33c2ec4abd034377afdb47526dadb7df1e6693a5c2ff1c4cf856d814f31e13f3feeb27a46890f6e0a73f6ae2ceb7fcce7593f6c699cf9f272edd73006a73f5454af5796906a0980423eed133de1d655f445cf5a0c74f3407f1b92bdf41f40a40e52e85d87fe0e146686570f60f2afedca1c9ccbff05253ce2332b124f6e010748e699fb22e04c113b29d5291214443e622ba1758757b4795ed21206b26fdb69abe7d2f3edc4d2a6a6d631cdc24eb0ce7f473fa84efb074da2c766b16582c81914505cc5fc8c760fbc83221a976486079d119bdbf5c8520c3e7108b8572493b6cc6439c39a4d2e2db49440609909b9c04837982f11bc5ee69a4e7df6d252f4e034a2139cbe2753a21d0670e6025f03f361f0e6f67922fc8ef3c791677fcd7b71bf730e7397455770960a5e620fd1596e34d60cb784f5069129ac5c26a7a5a6198bdf9a02aff2014255e786c0602459fbfa2b8e1a3301d4e06022ed569327ec0bc9997b8946a02b3c5d4da133755b6e620e18d4c3faf4644dc51fafb66311c412ea1c8441b0fcfae4f31069460b066412b8cbd03fee5e7a1a80b6c79d24c45073f5b7eddc00a6b513ffd41ca1d0358e62b5944a8f986404ce72af9730d5a5536dfe26ce9230af3dec176709cc1b56de51675a3e1dcd0379274dd20ef3b82764e9222c35de94291d52ad89c1cbf548871d47ea9161eda8", 0x502}], 0x2}}], 0x1, 0x0) 5.671112372s ago: executing program 4 (id=700): r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000180)={0x0, 0x80000}) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="600000000206050000000000000000000000000014000780080008000000000008000606000000050005000200000005000400000000000900020073797a310000000011000300686173683a69702c6d61726b00000000e38b8f507783a89f1aa975f466ec4fd531f5dee51e655cbaa2f09e74b773a70a3898cc454fb789307fa6d36c936c3794f26ad0b96242677fc397bd75013e63f249a756001c904921a68121536d864997bb4d9c2e7749f6bc63808c492dc156ede3db8d1c3b34c93046c9f0af3cb8b5bfd36164ec3e9cd34fe9c62c14d5caceff2aa81cff637078c52a5105803db872817a4bc948347423515527157c31a32b5b2eb43915f9bb9e6ebedbe0f338bbf74b0717000000000000000000"], 0x60}}, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_int(r2, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4) bind$inet(r2, &(0x7f0000000200)={0x2, 0x4e24, @multicast1}, 0x10) r3 = syz_io_uring_setup(0x24f8, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000080)=0x0) r6 = socket$inet6_dccp(0xa, 0x6, 0x0) bind$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x1}, 0x1c) syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r6, 0x80, &(0x7f0000000200)=@in6={0xa, 0x0, 0x0, @dev, 0xfffffffd}}) io_uring_enter(r3, 0x5b43, 0x0, 0x0, 0x0, 0x0) sendmmsg(r2, &(0x7f00000007c0)=[{{&(0x7f00000000c0)=@in={0x2, 0x4e24, @loopback}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000240)='7', 0x1}], 0x1}}], 0x1, 0x2c000011) r7 = syz_open_dev$vbi(&(0x7f0000000740), 0x2, 0x2) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800"/12], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r8}, 0x10) ioctl$VIDIOC_CREATE_BUFS(r7, 0xc100565c, &(0x7f0000001800)={0x0, 0xffff, 0x1, {0x6, @sliced={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x40}}}) sendto(r2, &(0x7f00000002c0)="711786b616bdd452cc02000000ce253232e3a7e6", 0xfffffffffffffc82, 0x8000, 0x0, 0x0) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0) close(r9) socket$kcm(0x2, 0x922000000001, 0x106) ioctl$SIOCSIFHWADDR(r9, 0x8b14, &(0x7f0000000000)={'virt_wifi0\x00', @remote}) mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x200000, 0x0, &(0x7f0000a00000/0x600000)=nil) openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) 5.482850754s ago: executing program 1 (id=701): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2}, 0x1c) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000002c000097000040"]) fchdir(r0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r4 = inotify_init1(0x0) fcntl$setown(r4, 0x8, 0xffffffffffffffff) fcntl$getownex(r4, 0x10, &(0x7f0000000140)) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440)=0xffffffffffffffff, 0x4) r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0) write$FUSE_WRITE(r5, &(0x7f00000000c0)={0x18}, 0xfdef) openat(r0, &(0x7f000000c380)='./file0\x00', 0x402, 0x0) r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x10, 0xffffffffffffffff, 0x0) r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r7, &(0x7f0000000040)={0x1f, 0x0, @fixed}, 0xe) syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02c8000c00080002"], 0x11) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) syz_io_uring_setup(0x7581, &(0x7f0000000100)={0x0, 0x335d, 0x20, 0x1, 0x3e1}, &(0x7f0000000080), 0x0) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) write$binfmt_script(r9, &(0x7f0000000040), 0x55af) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r9, 0x0) r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) openat$kvm(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0) getsockopt$inet6_mreq(r10, 0x3a, 0x1, 0x0, &(0x7f0000000040)) 4.943067136s ago: executing program 3 (id=703): openat$ttynull(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c) syz_io_uring_setup(0xa37, &(0x7f0000000200)={0x0, 0x20c8, 0x0, 0x2, 0x30}, &(0x7f00000003c0), &(0x7f0000000400)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0xfffffd6e}, {&(0x7f0000019740)=""/242}], 0x2, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}]}, 0x4c}}, 0x0) sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x2e, 0x4, 0x0, 0x0, 0xb8, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x14, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x2c, 0x0, 0x3, 0x0, [{@private}, {@multicast1}, {@remote}, {@empty}, {@private, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@local}, {@remote}, {@multicast2}, {@private}, {}, {@broadcast}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@rand_addr, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) socket$nl_netfilter(0x10, 0x3, 0xc) syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x20002) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) unshare(0x2a020400) ioctl$SNDRV_CTL_IOCTL_TLV_READ(0xffffffffffffffff, 0xc008551a, 0x0) getpid() sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) unshare(0x44020400) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x4, &(0x7f00000001c0)=[{0x15, 0x0, 0x2}, {0x0, 0xfc, 0x7f}, {0x2}, {0x6}]}) 4.881188961s ago: executing program 0 (id=704): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r0 = socket$kcm(0x11, 0x3, 0x0) sendmsg$kcm(r0, &(0x7f0000000380)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000040)=[{&(0x7f0000000580)="27050200590200000600002fb96dbcf706e10500000088641100112708000283b8bf4a31ee32", 0x26}], 0x1}, 0x0) 4.805647951s ago: executing program 2 (id=705): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000000080)={&(0x7f0000000140)={0x4c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x4c}}, 0x0) 4.756131437s ago: executing program 0 (id=706): socket$packet(0x11, 0x2, 0x300) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000f00), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="aae5aa0eb864000000", @ANYRES16=r2, @ANYBLOB="01000000000000000000180000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000000000038fa0b000000000006001600000000000500120000000000060011000000000008000b0000000000"], 0x64}}, 0x0) sendmsg$DEVLINK_CMD_SB_POOL_SET(r0, &(0x7f00000004c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000480)={&(0x7f0000000380)=ANY=[@ANYBLOB="d0004500", @ANYRES16=r2, @ANYBLOB="04002cbd7000ffdbdf25100000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b006c000000060011008e0d000008001300050000000500140001000000080001007063690011000200303030303a30303a31302e300000000008000b00040000000600110055000000080013007f00000005001400000000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b0007000000060011000900000008001300d45e00000500140000000000"], 0xd0}, 0x1, 0x0, 0x0, 0x20000880}, 0x4) socket$can_raw(0x1d, 0x3, 0x1) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='devices.list\x00', 0x275a, 0x0) write$cgroup_devices(r4, &(0x7f0000000800)=ANY=[], 0xffdd) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0) syz_open_procfs(0x0, &(0x7f0000000100)='task\x00') madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r5 = socket(0x15, 0x5, 0x0) getsockopt(r5, 0x200000000114, 0x2716, 0x0, &(0x7f0000000040)) socket$key(0xf, 0x3, 0x2) r6 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$sock_int(r6, 0x1, 0x1, &(0x7f0000000500)=0x9, 0x4) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$alg(0x26, 0x5, 0x0) r7 = syz_open_dev$tty1(0xc, 0x4, 0x1) r8 = dup(r7) write$UHID_INPUT(r8, &(0x7f0000001040)={0x9, {"a2e3ad21ed0d09f90e3d090987f70e06d038e7ff7fc6e5539b0d5b0e8b099b3f36006e090890e0878f0e1ac6e7f89b334d959b4a9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0a6193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927eff7f3aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f05004b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee6157eb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de225727aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d78749a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8870b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae8489d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60299473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b00f1000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90d5943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) r9 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140), 0x78400, 0x0) preadv(r9, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) ioctl$vim2m_VIDIOC_QUERYBUF(r3, 0xc0585609, &(0x7f0000000300)=@multiplanar_mmap={0xc, 0x1, 0x4, 0x40, 0x2b07, {0x77359400}, {0x3, 0x0, 0x9, 0x1d, 0x8, 0x6, "961c9968"}, 0xfffffc01, 0x1, {&(0x7f0000000040)=[{0x5, 0x7, {0x80000001}}, {0x7, 0xe279, {0xffffffffffffffff}, 0x2}]}, 0x6, 0x0, r9}) syz_open_procfs(0x0, &(0x7f00000000c0)='fdinfo/3\x00') 4.481080219s ago: executing program 2 (id=707): socket$netlink(0x10, 0x3, 0x0) r0 = socket(0x10, 0x803, 0x0) write$binfmt_script(r0, 0x0, 0xfffffe5d) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r2 = getpid() r3 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) kcmp(r2, 0x0, 0x5, r3, 0xffffffffffffffff) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000500)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000fefffe7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c9be17044171e1d3d7b1efd036d7af273bce36015779c4cef58fa35d17c668a4b63e069efb29797573b8538e31ec24925095a163b9d4e76be2661f2a395e41f7e31a8021e00b00104e0801d4de36e5fdc6c42a7b3ff13f2360a6e231fd223bc33091dd61258a1fda45991fbdce6793c8a4785ee8b60092659b941bbd694dff0f0000000000003a45404b04bf97c4fea679c032b363956cd8bac9626b5db1b07a0bd7cc85e961506a35a04617dc0200379e731d3a8d8feac94a4ee293001f6ce7d5b40bf2a7f9be8173a9639a79fae885d05afe042c0e7821d406c967379e7521292d24d6c8034f2fc7c855a8945e9bce678ee9a015abc9daac8876623db56346916674ceb55f60b493f2f4d736acb2f206fc538450a676d71c01175b8454eb92567e8f8a707b590d7219288e23ee0800000000000010a49fc8f4ff0300000000000000000000cb947d6017ad27714772ad790af252e648ef8c313c604324f5b306000000000000cf327a8f5dd89315b8c8650a70162bba30ad7804fa4140f1a754ffff000000ab744d306619dfb3a37d897662bee00189f43da46a908a235c84cbad335fd1d2f2ef93a6a70c8b8ece0e243eab05a34ab0a7e7e497065e5e282e284f8d5e8852a265d528075214af000000000070d42182d8f3a347d48289a824e5b7b238e27263a23c0b865f75331d888c72df1da4b290582f00024227f03204add786a87b23ceb17c25810e769fe2d6a7bd8e504843b66b1a8c7b364bd2194ba9c8f60ac0c9b18d8c1b9e1a736825c91b4dff0000c1c5dcffa295c2930000000000235d84b0193a5ea7c77cdb7de9ce1a59ab4158097b4dd13ebfaf4425c6855530b56a3320d85c8fe85f667998b1a7e589f486c107761108e4e230419fd27b6ad9c10b25c6b6ed84badbb970dcf133279dd355e41de944564bdab99c5c712a9fbc8e9691c775bb94f746505e1e748cf1710d52468b4b1625ce21612ed5e807dfb5f19f3267e5366b2c0b2a0be49ae476263c9407ac6c596bf3cf66204984f5aebf93d1caa220ea6969cea852fe9a7d1eee13f1f48722a69ad9fb850bd093a302b9250245900ad5c8e5f20ddf77ee3d5a168964fad1aa7347d36c502d02b1d96d753ef6fc354fc126070060c65c147651fca62c0a06939f40c90ebc3042e753fe91b5770b24f25c558736dd7e1e9fb214cbb04c5c6ee4c970b320ba6fb6ef4615f4092de54c519f4622e1224153463ea80248a45a95a189958f586d606dcaa9aac656cf95a2d35225cfb0e6f47486d5cbb04a590116d4de92e203e107d68728a189b0d537d2442beab2f8ce7b2dd357200dcd139e47267012fc2a2b6bad79be42a83b9d1ddaccbe0139f16ca1b9bc1103000000ed1ece54cfdbe04670bee9b42fccdc42033997e2e700b6edb2b49b5f2f6001ee0a9e5d1bee199ce9124a5cb479040000000000000049ead5b02d5ea1dcf6cdcf332fe94b3c1932d8d391754774a32c9b7e6ca4023bce2c7281d27a2cb62383ab3a3bb535650fbfb96c89936855eb7a485698f0d20c3eedd6123ef8f218d52ea2c346f80acb8b9a71856d2f2d1a7c6f45ee127b6a1d1ac1e243ed02e49e8aafe835919564af915965a050c37ceff855bd2dec3452c7c38f5dbf1ff1ff00020000000000006a1a029ea6540b40b2f797813af2c7d4ed235c2dc5f1dbbfcc52b2f55fd3f9f100c4891d0cb4c10ed01489bf235c45822594842da1b411346297a40bbf221bbf63ad3822575dcc01a3c34b5aa4e3750400000000000000fc0fd9c746cf0ed4b0343d00a154e6a869346256ffbd666a34414ab0f40bec45b1c24f02ac9bc20e69201968537dd4dc61323c8b6d3643183631664eeca616696fb30fe89c8bdb15037c801fca4a9c220fec5d14582a00b62548ddf2599e5ffc5330cefb8903d276eae21b0b4b20100ead8256636c7e754185e815dd21445cc965a0526da38021a3e540949494ef3041cfa5067f556a0af5c19d27ff4f61fa7762d7963c96853709e773f14c47eef784cb145ae9d6d37fc7b5d83e05ac773fcc429eae6826a9d207d4c39df8eed9cc2ae3f68df1c6495a82d02939b448bf8038521057714e6e644d633d2abe9e0b0025d16b7eff573f78364ed70a62a7b1e55311dc0193d47f9ecc8c7ad268dc6e2e75f8cc83315411bd6c6b88e1850ee757ac2f9e4d6ac510003717d5847a19e750db92d33d6bdc434d0b52b2eb4b1790459e35122f46b205120a54bf657da9fd55d43a89e333481de468f5984a69509e9eac7a5b39c004396e8cb3ab037fd62fa43f259f13ebc4b590e9ea07ea37689049c799cd444d45dabe3e3cf086768daa6816c37793d17a284d2828f5eab2d3d0bedd5334b7bb4c983fa9cd4bd86f0ad227901e83ef4871695380d25bea2929fa66382af6ddb89917ab100046151bd08fce74247955247daa1ea75139b9ce3771526503c7db3a4b3ff39301986c1fd9b5c42d39e768946c9a7ee8dd081bfb6ea5fa132ebdbe72d02ce9f2000000006f63ae8311afc4943c963d39e42c425fe268892f654febdaee43e95b5ae6749275e1ad8b8b279e1ae296e03a8d9386c8e199dc1f00000008000000000000000026c43493c622f041b47d329b248e8ccd92e9b17007ba2578eefcb59f50343722e6cba3be72fd037eb5fa243a395b5c83376a14414b32c2e8a33de8000000003927da2bec76f4e15c8bf3715c5bfe7b3617d0fcf9b5861554b5b76b8ae69c644a48931306a16cff8a38ea95553867e2c5fb1e99b1802e616345871b4611627874cfbe30fa5793c873ae6f75427f3eeda690147b9615b096d967c2d7f5ddf725f0544f8750a5ed04d6ca0f223506fec5d5e65bc67c59459f6113cf41c174a63a17fc79d0b777a0c903c0d2e7f79b6f9ce68a3b72315407040f6a09cadc25e87b7c6b4a3079c7989b4cf04b2581b555fa9a2d74392939b4dbaa9e620e22ab975ac3a5a329157762c1f29075fbdd39451a56b97c90e4fde6782a7c78e7fbe8400054dcafcd51e9eef2d2ea10a3f2636ac2239cef5d8505060de55f472aa89cb8e0188f2ee96cb1ae8dee3c03d0a942c6289cbc4499cea402bd0550520f4aae98c436f18a667ae4efeb5e6a4b1b3f53536145a87578eac8bfc1037acd9d9629449714ed1302714c3519fdd8529b5a86ce2fabb7f285fe73730000000000000000000000000000000073b6f8e9255567374cb2cc80be58fca5b1dc50d85342e56beda632edb7f0a4abcabae102fadfbffecc6b1549315dda8e09d18a7fe5e1574e4fad426b6ca211da39a16dffdd661a20b20c390e00004b002cd83b754c3d32819c823027b3cf8f8da6e63d099712be370bb2aa06debff931ea0a2e7aa0390000000000000045b6720d74c470d49e1e97d1668bb75ad994089d723c2eeaad3f857937fa3df615121a1841ed452dd395788e1a82efda18b41c06c948ef44af8500fbe1ee0828a3b047afb80435935b0f99b381dcf101e9a1593bdaab3bc88c70bf56995a4790a339e1b62516356644ed7df6db419d0976a5169e68e8bd4712552c5ec03f2818c17c4a5bf1e5ec"], &(0x7f0000000340)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0x2d1, 0xfffffffffffffd85, &(0x7f00000000c0)="b9ff0303000d698cb89e40f008006000000e00001100630277", 0x0, 0x100, 0x2000000, 0x0, 0x0, &(0x7f0000000440)}, 0x28) 4.480751901s ago: executing program 4 (id=708): sched_setaffinity(0x0, 0x0, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000003040)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) recvmsg(r1, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) 4.107441361s ago: executing program 1 (id=709): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='bond0\x00', 0x10) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0xfef2) connect$inet(r0, &(0x7f0000000440)={0x20, 0x0, @dev}, 0x10) 3.942228674s ago: executing program 3 (id=710): socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x90) r1 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r0, r2, 0x3, 0x0, @void}, 0x62) bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(0xffffffffffffffff, 0x0) syz_emit_ethernet(0x8a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x54, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x15, 0x2, 0x0, 0x0, 0x0, {[@exp_smc={0xfe, 0x6}, @timestamp={0x8, 0xa}, @md5sig={0x13, 0x12, "d082e275205e556149a021cc13c33d89"}, @window={0x3, 0x3}, @window={0x3, 0x3}, @sack_perm={0x4, 0x2}, @nop, @md5sig={0x13, 0x12, "27406263e43d5959a166a23bd1116edc"}]}}}}}}}}, 0x0) r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000080)={0x0, "83e624170a2005004d5e9ac5be09e4bae4ffffffe900000000000000001300", 0xffffffffffffffff}) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$nfc_llcp(r5, 0x6, 0x1c, 0x0, 0x2000e863) r6 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r6, 0xc0285700, &(0x7f00000001c0)={0x0, "0092938eda08a5513db99d08fdae429e4ae4c5bac9dd8259be4ee64b32c65e0a"}) ioctl$SYNC_IOC_MERGE(r4, 0xc0303e03, &(0x7f0000000280)={"840d6042cee820000028000000e8ff0000002000000000000000000f00", r4, 0xffffffffffffffff}) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a3100000000140007800500150007000000080012"], 0x5c}}, 0x0) ioctl$SYNC_IOC_MERGE(r7, 0xc0383e04, &(0x7f0000000140)={"e3fe98873d275ac4650da6ff0d7ee4c0cda5a703827becb26eba2497c5271959", 0xffffffffffffffff, 0xffffffffffffffff, 0x2}) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000001480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68"], 0x0, 0x6}, 0x90) syz_usb_connect(0x2, 0x2d, &(0x7f0000001600)=ANY=[@ANYBLOB="12010000ec31f8104c1302007eec0102030109021b0001000000000904000001018b75000905"], 0x0) r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x5ac, 0x232, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x2, 0x0, {0x9}}}]}}]}}, 0x0) syz_usb_control_io$hid(r8, &(0x7f0000000200)={0x24, &(0x7f0000000040)={0x20, 0x9, 0xd0, {0xd0, 0x9, "10207fc962442993cfb2d915803c45a253dc8508efe421e2d0780863a9b2e4194a1401bafeb4611aa5b1dc259f1f4385ca853b56e0b8726157f8674a5d155f9d0f28fb007feb431026adf0e2d70b17c30a492e4171a8cfbea5efd1bc01f53e1795f34e196be0e149d3623d27cc3c492ced0598e746126336a371396b60ba4088154b16f2d28af6734f932a941400d66d52771faf56c063cb16fbcd4dd60e3a0440b4a83eef4daa32d0bc317f3bb2c825612c2d9b81a4f27c6d795a05ed768fc6ffcc82d4c89c1c31a4279504d0a5"}}, &(0x7f0000000140)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0xc01}}, &(0x7f0000000180)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0x9, "67d2a781"}]}}, &(0x7f00000001c0)={0x0, 0x21, 0x9, {0x9, 0x21, 0x8, 0xfe, 0x1, {0x22, 0x220}}}}, &(0x7f0000000540)={0x2c, &(0x7f0000000240)={0x0, 0x14, 0xff, "ee301acf99cac08abb52a196d5ad1469f105be00f27f64e54e7e687fd2cfba3d058feb9be5f6a3de8df656c78b370af3d9e4153ce1f44cf49131ddda380cefe2d7d1491d19ab40e7a833a13b2b817ab9d42e7b799af677e077203a846c376a293d234c6d8d1f6d9b74fe0681b0576deee1924e2219a43c311931bd11ade4b0830a166f694aafcb94feb9fedb5004f55b1f2fbfe644ec08785fb730aa630a75ea886a2a582f588988e63ac8c527defa05d2629d863953aac1a049b4babaee7592b00b408a16bfbb92076f71bf9c4b5b4de09c16485bded8c11a8d12617f76b01a7598e394a3a82038a3c9bfdb60749aa5995dbd1fbfeb17800d1d9f975009e2"}, &(0x7f0000000380)={0x0, 0xa, 0x1, 0x9c}, &(0x7f00000003c0)={0x0, 0x8, 0x1, 0x9}, &(0x7f0000000400)={0x20, 0x1, 0x6d, "6b9c2c1b0aa6cdfbbd83bec369a5fb175b4c901c390422e359ad8bbf31ea706c6e638d275ebcae3f81217f1388110b54bd8a86fd5a6d2e31a79deba1f5c535ba8686f8912accc0b10b78cbcefa3353cf546bc11bedd3fde867055b663db0738ce7d53187d8336e5673b2689b55"}, &(0x7f0000000500)={0x20, 0x3, 0x1, 0x9}}) 3.852976698s ago: executing program 1 (id=711): r0 = syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000086b1d010140000102030109025f0003010000000904000000010100000a240100000002010209040100000102000009040101010102000009050109000000000007250100000000093f1200000102000009040201010102000009058209000000000007250100000000"], 0x0) syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x8, 0x10, 0x9, [{{0x9, 0x4, 0x0, 0x10, 0x1, 0x7, 0x1, 0x1, 0x6, "", {{{0x9, 0x5, 0x1, 0x2, 0x400, 0xf0, 0x5, 0xa4}}, [{{0x9, 0x5, 0x82, 0x2, 0x3ff, 0x7, 0xf9, 0x6}}]}}}]}}]}}, &(0x7f0000000400)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x310, 0x8, 0x8, 0x5, 0x40, 0x4}, 0x5, &(0x7f0000000680)=ANY=[@ANYBLOB="14f4733ed89edee73e54dd3662f372c4a90251513eda9b5ac5c31b6d0d02c87fc488238fccfa5416292510fa5dc97becb331e2040030ebad8462ae017506f31aa60e0241cd7e91b6e5c8a1f3a121bd8fcc3093aa4070f2be52eba8d4d48ef16286aa29abf5166dbfbb203aae996c8a7e881b9c4289216e3a6dd98cf8e0c216c1d2a125da674ad8e17f0593268e180137dba0ef45b8778384c90dd131569ef5efb80383a593840301d16d3fba86179407e52057234928756a9d9030e0ace6ae34ca836bcf14463bf0b4b092aa6ac8c5a3d544b6b0e3402c7860f47acda9029cf7ae9a858c6e3211b11e3a49e88a908145"], 0x8, [{0x2a, &(0x7f0000000180)=@string={0x2a, 0x3, "77a5ef6f583d26a6509dc1f33de745959a055818f17cca57a3034575940244326d386226a7e5d3f6"}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x3001}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x4ff}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x100c}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x280a}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x180a}}, {0x89, &(0x7f0000000500)=ANY=[@ANYBLOB="89e1c711549a2c0f03f89ab43df54d3d419dbb20c0a2ce9abf35ec16d557d486b8421dc6c2edbb092062e8266f7fcb2a879ff0b40e4d7d24f434d0703ddf6b07612f9655a3f4256ea8218a40ea3f6f4b81aa8ffddef65bbb859c9ed7dce1da3c3f44ba3500b0fac41dea6c97d08c03f7461eded597d26b55b83e51736133e162c921b39b8a05f6166e5225c5e155c45d188127954676494ca3e8b63d43cf2bde333bdb549aa00dec1bc895312d16eeab0b4e3da66b3687308a9b173e8823fb748e580a51cb1e497bd4b4ffd0af50739b48494ee2bb2c9d64996ccade9116f131baa1739bbe4f750bc14a1e6a71258abf44652e0e91446c9140f889e8ba525ca2350525a966660015e5965ffc5a0d7eb5e01dd8a456f9586111569976be4a2c7eff10ed58d77534c577f2a9a4a0d0e2c100"/318]}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x455}}]}) syz_usb_control_io(r0, &(0x7f0000000480)={0x2c, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="161ed126d2e6b42ee7994772acf59a4947100fc2c8a8b4867791bca870b8acbd4c8a78"], 0x0, 0x0, 0x0}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x200000087}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7) mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x24}}, 0x0) syz_open_procfs(0x0, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x7) r3 = getpid() sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r6 = inotify_init1(0x0) fcntl$setown(r6, 0x8, 0xffffffffffffffff) fcntl$getownex(r6, 0x10, &(0x7f0000000000)={0x0, 0x0}) process_vm_readv(r7, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/237, 0xed}], 0x1, &(0x7f00000003c0)=[{&(0x7f0000000300)=""/177, 0xb1}], 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f00000002c0)={'veth0_to_hsr\x00', &(0x7f0000000280)=@ethtool_sset_info={0x37, 0x0, 0x9a}}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, 0x0, 0x0, 0x6}, 0x90) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000280)={0x4001, 0x8}, 0x10) 3.791127178s ago: executing program 0 (id=712): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000002200f30c0000000000feff00760000000f00001e45000000a000020095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10) r1 = io_uring_setup(0x4967, &(0x7f00000002c0)) io_uring_register$IORING_UNREGISTER_PBUF_RING(r1, 0x17, &(0x7f0000000040)={0x0}, 0x1) 3.681006561s ago: executing program 0 (id=713): socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x80000000, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) fcntl$lock(r0, 0x24, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r2 = epoll_create1(0x80000) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000180)) r4 = userfaultfd(0x1) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0)) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r4, &(0x7f00000001c0)={0xa0002008}) epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r2, &(0x7f00000000c0)) write$UHID_INPUT(r1, &(0x7f00000017c0)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b320c078b089b39343b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d076d0936cd3b78130daa61d8e809eab77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e0c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a55200000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff710d988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf05ff359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358226ec099fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548b1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1403195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2b00000a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b9ef4c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b31171f9757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e811d59cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000008000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14d84857cd6586fc5ca9a93eb0145fac06feff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92f080000004949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274119e67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000da4e25016e5992a60000000000000000000000520000000600", 0x1000}}, 0x1006) mmap(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0, 0x10, 0xffffffffffffffff, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, 0x0, 0x0, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10) r8 = socket$inet(0x2, 0x5, 0x9) setsockopt$inet_tcp_int(r1, 0x6, 0x11, &(0x7f0000000000)=0x2000000000000074, 0x4) socket$packet(0x11, 0x3, 0x300) bind$inet(r8, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) 3.532899206s ago: executing program 2 (id=714): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x128, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}, @IPSET_ATTR_DATA={0x74, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}, @IPSET_ATTR_NETMASK={0x5}, @IPSET_ATTR_MAXELEM={0x8}, @IPSET_ATTR_HASHSIZE={0x8}, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}}, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @empty}}, @IPSET_ATTR_CADT_FLAGS={0x8}, @IPSET_ATTR_CADT_FLAGS={0x8}, @IPSET_ATTR_PORT_TO={0x6}, @IPSET_ATTR_LINENO={0x8}]}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x44, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}, @IPSET_ATTR_MARK={0x8}, @IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @dev}}, @IPSET_ATTR_TIMEOUT={0x8}, @IPSET_ATTR_MARK={0x8}, @IPSET_ATTR_MAXELEM={0x8}]}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5}, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0xffffff11}]}]}, 0x128}}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)={0x2c, 0x3a, 0xb, 0x0, 0x0, {0x2}, [@nested={0xfffffffffffffec1, 0x0, 0x0, 0x1, [@typed={0x13, 0x3, 0x0, 0x0, @str='\r4\xd8\x02j,'}]}]}, 0x2c}}, 0x0) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000040)=@generic={&(0x7f0000000000)='./file0\x00', 0x0, 0x10}, 0x18) r1 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r1, 0xc0585609, &(0x7f0000000100)={0x0, 0xd, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "7ac4d4c6"}, 0x0, 0x4, {}, 0x0, 0x0, 0xffffffffffffffff}) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1f}}, 0x1c) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000600)='./file1\x00', 0x0) mount(&(0x7f00000009c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000a00)='./file1\x00', &(0x7f0000000a40)='affs\x00', 0x0, &(0x7f0000000a80)=',\x00') socket(0x15, 0x0, 0x0) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000940)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xc4}, 0x9c) ioctl(r3, 0x8b2c, &(0x7f0000000040)) r6 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r2, 0x80089419, &(0x7f0000000080)) connect$inet6(r6, &(0x7f0000000300)={0xa, 0x0, 0x0, @local, 0x6}, 0x1c) sendmmsg$inet6(r6, &(0x7f0000003780)=[{{&(0x7f00000000c0)={0xa, 0x4e22, 0x3, @ipv4={'\x00', '\xff\xff', @remote}, 0x9f}, 0x1c, &(0x7f00000018c0)=[{&(0x7f0000000500)="60e46417d22c95142f620675ebbb293fc8aa1ec2f43c6ddd752f303aae9a7515c7c2b278a2229da4d9b896621ba551bb99e9ce0fb8feb4e904752f6ea2e24a8027876e346cf76bc82d4d24750779411d8acaa5bf99373febe849f159d2eb20a2e5497ce0f9acc8946fbbbeaa4719b53d274825d512929dd44e11dfbbf28c0737bf834321dc8de7baaba9ed799c978c5a3c077988652d2631e62bf88708f2f9b4a3ba4a623f6a761d0c2072", 0xab}, {&(0x7f0000000700)="067acfb7a353331eff8882f04e35d6a98503768dbf6f9b669eb1519929e2b5eab579e5713afcee5b95920e953055e6105be23ee5ea28551698ed286cc158ebacb88357180bf08f3645e77d502b6fa174c7c0ea9602bbfa83de72bcc4610b478683087cab1b93a8d83636adf48ab91f49aab5b40c948dd8e885eeae07b54dfeae237400a5bae20fe23ad9eee5a35c5294f35df125d7a31ed67211b81a9f03a799b3019624e03ac8b7af3189a62c418088eccc0d97c61026d59577705b93e6b1f49525750630183b51b3c9902ad9f1cc4870c5ae7201a33446f5048b2a1b14f6421a01f714f67c2d2002d08c469d5e9ea512a6c41745a8707d979f19dba2b81618054a39682220bd0c48aa907722efcc9d752441699d268a8a069ff3a70ac55f6c2578b19ddaa04e604d0d089715ec5d4cb6341f450a4e7796138743a7ae62c886e66414fb460ad371bc61ac9f78485c41d5bf9ca898e9c17785f2b58759fd014f11d382762f5ea3b5195832a6975b38482295b2b54fbaf43e8ffacf0c347ec7607a4e69d64b33b8d61484a132a57075a4d2f5b1232b118ab1ab2457d54d22b3b9a6874067b6142edd65bd570ccc1ce4d14413e5fa3bb3675ecbde93901c17fca9c8b5762b5abb4d94b20aa6a1964281270a5ce8277fd23bd9f58d82278cf4961e040aae7c81baa2e92ff979ba99bef740c242896549637499e92f1db1bca5d7dfc39c7069d6dfe0af6980e90b3474a436baeb94b6491ccd85a0b7664e21690981da9c6d663fb0b9285f54b0d263fd5267a4e4fcf5bfb72d361af8b6f511b183e9a6f23b99ce6f7b9dc8fab23b2eb754c23a8a1e5e5e8575498ec9821e864be862bca5773ffbcc08c1ff08e204bc2fa68753886142e5cac542666af15b894d45eec10706ecb13e168ad09d8f00621a8f2343b93354ffa04a50c33cf1628a901d2d282a0dbd14ba47cf9929748245ef977a79901d4323b1970d4f2182b91714a367dac1bf018ee48b9d9479d31e4a3b60a75f7cc10ab932a3d28261115cee94f0a59c0a02a20a8fb475b2e3732683de898a7bf62f8620a09114fae81318be4157aa415967699f121a24cb72d64af33c2ec4abd034377afdb47526dadb7df1e6693a5c2ff1c4cf856d814f31e13f3feeb27a46890f6e0a73f6ae2ceb7fcce7593f6c699cf9f272edd73006a73f5454af5796906a0980423eed133de1d655f445cf5a0c74f3407f1b92bdf41f40a40e52e85d87fe0e146686570f60f2afedca1c9ccbff05253ce2332b124f6e010748e699fb22e04c113b29d5291214443e622ba1758757b4795ed21206b26fdb69abe7d2f3edc4d2a6a6d631cdc24eb0ce7f473fa84efb074da2c766b16582c81914505cc5fc8c760fbc83221a976486079d119bdbf5c8520c3e7108b8572493b6cc6439c39a4d2e2db49440609909b9c04837982f11bc5ee69a4e7df6d252f4e034a2139cbe2753a21d0670e6025f03f361f0e6f67922fc8ef3c791677fcd7b71bf730e7397455770960a5e620fd1596e34d60cb784f5069129ac5c26a7a5a6198bdf9a02aff2014255e786c0602459fbfa2b8e1a3301d4e06022ed569327ec0bc9997b8946a02b3c5d4da133755b6e620e18d4c3faf4644dc51fafb66311c412ea1c8441b0fcfae4f31069460b066412b8cbd03fee5e7a1a80b6c79d24c45073f5b7eddc00a6b513ffd41ca1d0358e62b5944a8f986404ce72af9730d5a5536dfe26ce9230af3dec176709cc1b56de51675a3e1dcd0379274dd20ef3b82764e9222c35de94291d52ad89c1cbf548871d47ea9161eda8", 0x502}], 0x2}}], 0x1, 0x0) 3.532725152s ago: executing program 4 (id=715): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) shutdown(r0, 0x0) recvmmsg(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x4000359, 0x0, 0x0) (fail_nth: 5) write$binfmt_script(r0, 0x0, 0x0) 3.337039402s ago: executing program 4 (id=716): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r0 = socket$kcm(0x11, 0x3, 0x0) sendmsg$kcm(r0, &(0x7f0000000380)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000040)=[{&(0x7f0000000580)="27050200590200000600002fb96dbcf706e10500000088641100112708000283b8bf4a31ee32", 0x26}], 0x1}, 0x0) 2.877654031s ago: executing program 4 (id=717): prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) write$sndseq(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(r0, 0x5, &(0x7f0000000040)=0x10001) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x492492492492846, 0x0) unshare(0x60600) ppoll(&(0x7f0000000040)=[{r2, 0x700}], 0x1, 0x0, 0x0, 0x0) connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e) (fail_nth: 1) syz_open_dev$sndpcmc(&(0x7f0000000200), 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) timer_create(0x0, 0x0, 0x0) 1.573578826s ago: executing program 3 (id=718): ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) msgget$private(0x0, 0x0) sendmsg$NL80211_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0xc02, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000300)) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000004c0)='./binderfs/binder0\x00', 0x0, 0x0) dup3(r2, r1, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYRES8=r3], 0x7c}, 0x1, 0x0, 0x0, 0xc0}, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000011b00000000000000000000000a40000000160a03020000000000000000020000000900020073797a32000000000900010073797a30000000001400038008000240000000000800014000000000140000001100010000000000000000000000000adac4d8c0f88e7455ea50958c2c04da785b0a51eef07a1da7246d424e9c45f57a31645a1921781ec61cd52a1ccd1e01d68ba657d6c7de2c46f8b6df6f5746ce39df90f76496c25c5257237d178c84580198fc2778042ce020322bc65621da6ae2ed72710636af987960c32b9114cd6e261fa1c22e7b43a74dc3d5768c7061fa7075cfde32378ca434e4861972914c9579d17ff5d38c09d290fa28c68565d2744f407649cf0a659b7fd8d9058827c3f38c271940"], 0x68}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETFLOWTABLE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2c000000170a01040000000000000000fb0000000900010073797a30000000000900020073797a3200000000"], 0x2c}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x0, 0x4, 0x8}, 0x48) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r6, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) listen(r6, 0xfffffffd) r7 = socket$inet_smc(0x2b, 0x1, 0x0) sendto$inet(r7, 0x0, 0x0, 0x20004004, 0x0, 0x0) ioctl$int_in(r7, 0x5452, &(0x7f0000000100)=0x8) setsockopt$inet_tcp_int(r7, 0x6, 0x19, &(0x7f00000000c0)=0x7, 0x4) ioctl$int_in(r7, 0x5421, &(0x7f0000000080)=0x7) connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) sendto$inet(r7, &(0x7f0000000040)='u', 0xa792a, 0x804, 0x0, 0x0) ioctl$TUNSETQUEUE(r5, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400}) 1.383416169s ago: executing program 2 (id=719): r0 = socket$kcm(0x10, 0x2, 0x10) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) symlinkat(&(0x7f0000000140)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', r1, &(0x7f0000000000)='./file0\x00') mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48) r3 = syz_open_dev$radio(&(0x7f0000000440), 0x2, 0x2) ioctl$VIDIOC_S_EXT_CTRLS(r3, 0xc0205648, &(0x7f0000000100)={0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f90d, 0xc, '\x00', @p_u8=0x0}}) socket$kcm(0x10, 0x2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000555000/0x1000)=nil, 0x1000, 0x1000005, 0x12, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQES(&(0x7f00003a5000/0x2000)=nil, 0x2000, 0xb, 0x50, 0xffffffffffffffff, 0x10000000) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000028000b05d25a806f8c6394f90424fc600d00030005000100ff3582c137153e3702480180ffff0700d1bd", 0x33fe0}], 0x1}, 0x0) connect$l2tp6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}, 0xa, 0x4}, 0x20) 916.792114ms ago: executing program 4 (id=720): openat$ttynull(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0xfffffd6e}, {&(0x7f0000019740)=""/242}], 0x2, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}]}, 0x4c}}, 0x0) sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x2e, 0x4, 0x0, 0x0, 0xb8, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x14, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x2c, 0x0, 0x3, 0x0, [{@private}, {@multicast1}, {@remote}, {@empty}, {@private, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@local}, {@remote}, {@multicast2}, {@private}, {}, {@broadcast}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@rand_addr, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) socket$nl_netfilter(0x10, 0x3, 0xc) syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x20002) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) unshare(0x2a020400) ioctl$SNDRV_CTL_IOCTL_TLV_READ(0xffffffffffffffff, 0xc008551a, 0x0) getpid() sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) unshare(0x44020400) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x4, &(0x7f00000001c0)=[{0x15, 0x0, 0x2}, {0x0, 0xfc, 0x7f}, {0x2}, {0x6}]}) 744.403165ms ago: executing program 2 (id=721): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r2, 0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000540)={'syztnl1\x00', &(0x7f00000004c0)={'ip6gre0\x00', 0x0, 0x29, 0x8, 0x4a, 0x3, 0xa, @mcast1, @rand_addr=' \x01\x00', 0x20, 0x40, 0xbc33, 0x3}}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', r4, 0x28, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x90) ioctl$SNDCTL_TMR_CONTINUE(r1, 0x5404) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000001, 0x13, r0, 0x6c070000) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r5) fcntl$dupfd(r0, 0x0, r5) ioctl$SNDCTL_DSP_GETFMTS(r5, 0x8004500b, &(0x7f00000001c0)) 640.942004ms ago: executing program 1 (id=722): socket$nl_xfrm(0x10, 0x3, 0x6) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000580)={{0x12, 0x1, 0x0, 0xc5, 0x1, 0xde, 0x40, 0x4bb, 0x901, 0x55ba, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x6b, 0x3f, 0x1d}}]}}]}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000180), 0xfea7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c010000", @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb08000300", @ANYRES16=r0], 0x2c}}, 0x0) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYBLOB="ff830500000700ffffff", @ANYRES32=r3], 0x4}}, 0x0) sendfile(r5, r4, 0x0, 0x100000002) 396.518314ms ago: executing program 3 (id=723): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000002200f30c0000000000feff00760000000f00001e45000000a000020095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10) r1 = io_uring_setup(0x4967, &(0x7f00000002c0)) io_uring_register$IORING_UNREGISTER_PBUF_RING(r1, 0x17, &(0x7f0000000040)={0x0}, 0x1) 199.58069ms ago: executing program 2 (id=724): socket$netlink(0x10, 0x3, 0x0) r0 = socket(0x10, 0x803, 0x0) write$binfmt_script(r0, 0x0, 0xfffffe5d) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r2 = getpid() r3 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) kcmp(r2, 0x0, 0x5, r3, 0xffffffffffffffff) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000500)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000fefffe7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c9be17044171e1d3d7b1efd036d7af273bce36015779c4cef58fa35d17c668a4b63e069efb29797573b8538e31ec24925095a163b9d4e76be2661f2a395e41f7e31a8021e00b00104e0801d4de36e5fdc6c42a7b3ff13f2360a6e231fd223bc33091dd61258a1fda45991fbdce6793c8a4785ee8b60092659b941bbd694dff0f0000000000003a45404b04bf97c4fea679c032b363956cd8bac9626b5db1b07a0bd7cc85e961506a35a04617dc0200379e731d3a8d8feac94a4ee293001f6ce7d5b40bf2a7f9be8173a9639a79fae885d05afe042c0e7821d406c967379e7521292d24d6c8034f2fc7c855a8945e9bce678ee9a015abc9daac8876623db56346916674ceb55f60b493f2f4d736acb2f206fc538450a676d71c01175b8454eb92567e8f8a707b590d7219288e23ee0800000000000010a49fc8f4ff0300000000000000000000cb947d6017ad27714772ad790af252e648ef8c313c604324f5b306000000000000cf327a8f5dd89315b8c8650a70162bba30ad7804fa4140f1a754ffff000000ab744d306619dfb3a37d897662bee00189f43da46a908a235c84cbad335fd1d2f2ef93a6a70c8b8ece0e243eab05a34ab0a7e7e497065e5e282e284f8d5e8852a265d528075214af000000000070d42182d8f3a347d48289a824e5b7b238e27263a23c0b865f75331d888c72df1da4b290582f00024227f03204add786a87b23ceb17c25810e769fe2d6a7bd8e504843b66b1a8c7b364bd2194ba9c8f60ac0c9b18d8c1b9e1a736825c91b4dff0000c1c5dcffa295c2930000000000235d84b0193a5ea7c77cdb7de9ce1a59ab4158097b4dd13ebfaf4425c6855530b56a3320d85c8fe85f667998b1a7e589f486c107761108e4e230419fd27b6ad9c10b25c6b6ed84badbb970dcf133279dd355e41de944564bdab99c5c712a9fbc8e9691c775bb94f746505e1e748cf1710d52468b4b1625ce21612ed5e807dfb5f19f3267e5366b2c0b2a0be49ae476263c9407ac6c596bf3cf66204984f5aebf93d1caa220ea6969cea852fe9a7d1eee13f1f48722a69ad9fb850bd093a302b9250245900ad5c8e5f20ddf77ee3d5a168964fad1aa7347d36c502d02b1d96d753ef6fc354fc126070060c65c147651fca62c0a06939f40c90ebc3042e753fe91b5770b24f25c558736dd7e1e9fb214cbb04c5c6ee4c970b320ba6fb6ef4615f4092de54c519f4622e1224153463ea80248a45a95a189958f586d606dcaa9aac656cf95a2d35225cfb0e6f47486d5cbb04a590116d4de92e203e107d68728a189b0d537d2442beab2f8ce7b2dd357200dcd139e47267012fc2a2b6bad79be42a83b9d1ddaccbe0139f16ca1b9bc1103000000ed1ece54cfdbe04670bee9b42fccdc42033997e2e700b6edb2b49b5f2f6001ee0a9e5d1bee199ce9124a5cb479040000000000000049ead5b02d5ea1dcf6cdcf332fe94b3c1932d8d391754774a32c9b7e6ca4023bce2c7281d27a2cb62383ab3a3bb535650fbfb96c89936855eb7a485698f0d20c3eedd6123ef8f218d52ea2c346f80acb8b9a71856d2f2d1a7c6f45ee127b6a1d1ac1e243ed02e49e8aafe835919564af915965a050c37ceff855bd2dec3452c7c38f5dbf1ff1ff00020000000000006a1a029ea6540b40b2f797813af2c7d4ed235c2dc5f1dbbfcc52b2f55fd3f9f100c4891d0cb4c10ed01489bf235c45822594842da1b411346297a40bbf221bbf63ad3822575dcc01a3c34b5aa4e3750400000000000000fc0fd9c746cf0ed4b0343d00a154e6a869346256ffbd666a34414ab0f40bec45b1c24f02ac9bc20e69201968537dd4dc61323c8b6d3643183631664eeca616696fb30fe89c8bdb15037c801fca4a9c220fec5d14582a00b62548ddf2599e5ffc5330cefb8903d276eae21b0b4b20100ead8256636c7e754185e815dd21445cc965a0526da38021a3e540949494ef3041cfa5067f556a0af5c19d27ff4f61fa7762d7963c96853709e773f14c47eef784cb145ae9d6d37fc7b5d83e05ac773fcc429eae6826a9d207d4c39df8eed9cc2ae3f68df1c6495a82d02939b448bf8038521057714e6e644d633d2abe9e0b0025d16b7eff573f78364ed70a62a7b1e55311dc0193d47f9ecc8c7ad268dc6e2e75f8cc83315411bd6c6b88e1850ee757ac2f9e4d6ac510003717d5847a19e750db92d33d6bdc434d0b52b2eb4b1790459e35122f46b205120a54bf657da9fd55d43a89e333481de468f5984a69509e9eac7a5b39c004396e8cb3ab037fd62fa43f259f13ebc4b590e9ea07ea37689049c799cd444d45dabe3e3cf086768daa6816c37793d17a284d2828f5eab2d3d0bedd5334b7bb4c983fa9cd4bd86f0ad227901e83ef4871695380d25bea2929fa66382af6ddb89917ab100046151bd08fce74247955247daa1ea75139b9ce3771526503c7db3a4b3ff39301986c1fd9b5c42d39e768946c9a7ee8dd081bfb6ea5fa132ebdbe72d02ce9f2000000006f63ae8311afc4943c963d39e42c425fe268892f654febdaee43e95b5ae6749275e1ad8b8b279e1ae296e03a8d9386c8e199dc1f00000008000000000000000026c43493c622f041b47d329b248e8ccd92e9b17007ba2578eefcb59f50343722e6cba3be72fd037eb5fa243a395b5c83376a14414b32c2e8a33de8000000003927da2bec76f4e15c8bf3715c5bfe7b3617d0fcf9b5861554b5b76b8ae69c644a48931306a16cff8a38ea95553867e2c5fb1e99b1802e616345871b4611627874cfbe30fa5793c873ae6f75427f3eeda690147b9615b096d967c2d7f5ddf725f0544f8750a5ed04d6ca0f223506fec5d5e65bc67c59459f6113cf41c174a63a17fc79d0b777a0c903c0d2e7f79b6f9ce68a3b72315407040f6a09cadc25e87b7c6b4a3079c7989b4cf04b2581b555fa9a2d74392939b4dbaa9e620e22ab975ac3a5a329157762c1f29075fbdd39451a56b97c90e4fde6782a7c78e7fbe8400054dcafcd51e9eef2d2ea10a3f2636ac2239cef5d8505060de55f472aa89cb8e0188f2ee96cb1ae8dee3c03d0a942c6289cbc4499cea402bd0550520f4aae98c436f18a667ae4efeb5e6a4b1b3f53536145a87578eac8bfc1037acd9d9629449714ed1302714c3519fdd8529b5a86ce2fabb7f285fe73730000000000000000000000000000000073b6f8e9255567374cb2cc80be58fca5b1dc50d85342e56beda632edb7f0a4abcabae102fadfbffecc6b1549315dda8e09d18a7fe5e1574e4fad426b6ca211da39a16dffdd661a20b20c390e00004b002cd83b754c3d32819c823027b3cf8f8da6e63d099712be370bb2aa06debff931ea0a2e7aa0390000000000000045b6720d74c470d49e1e97d1668bb75ad994089d723c2eeaad3f857937fa3df615121a1841ed452dd395788e1a82efda18b41c06c948ef44af8500fbe1ee0828a3b047afb80435935b0f99b381dcf101e9a1593bdaab3bc88c70bf56995a4790a339e1b62516356644ed7df6db419d0976a5169e68e8bd4712552c5ec03f2818c17c4a5bf1e5ecd9bb40074a63c66b61f4779226a99dc5ff9c442e93991570797493569e6f9ccd6d73bcbce41022d4731fc61b6bf0188c74a21471332a546ffe8e9dd738aa2ca782ff5a547a1ad7c348c59ff99d1496404eafcd0333df8f2801d39ad0c82735af24b819efc2fd67c6a53835f0af6a51d1b9123f4b9af7fa2ee2ebf4bc2973cf04380b41aa7577e35bcd28446bfcea19aa85440fe0fdce12e53da7b8842b7527a34d1bcb16fcdc84f2c46a78c01c2ff463cdd0d65267b0822e899e893514"], &(0x7f0000000340)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0x2d1, 0xfffffffffffffd85, &(0x7f00000000c0)="b9ff0303000d698cb89e40f008006000000e00001100630277", 0x0, 0x100, 0x2000000, 0x0, 0x0, &(0x7f0000000440)}, 0x28) 0s ago: executing program 3 (id=725): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000800)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x10) (async) setsockopt$inet_udp_int(r1, 0x11, 0x67, &(0x7f0000000000)=0x507, 0x4) (async) sendmmsg$inet(r1, &(0x7f0000000600)=[{{&(0x7f0000000c00)={0x2, 0x4e20, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044) (async) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendto$inet(r1, &(0x7f0000000c40)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9ecda75e2a7d49d5cbcb370c4d789390a328ba42c9c60cf2154d1b659aa709e8980a522cfb72f23ad87fb7019706ccae98cfe7c4fd23e8297b8cabc46ede1ac3da78f1b488c6357e7edfcd417df6660af20a54ecdcb02f689ae15ee655d4b7b1ea733e88ee9f53669388dff487c1c49953f3bc142112bd4b582b29b35d43962ed245c2cd5d5df40a3e0ed6beaf3b641e84b0f0dfa121a9efe05269f9f4a0e9bcbf43c7a90a711f453668c730c3badedca687b71a9c27bab9e724cc4a4918713031596ea6fd01124f973f257ccd9665aee7df4a9d64f079d176abc00000000d7af3e2dd4396f72373fb0a787a6129ca41181f5087fb843212550b58e3707d5a0399de36c2503836cbe2133de4f574e9e05c96788b0de1bd13e390445433d96737b964fa8af2ac4b2f0f9390ca93d8d3d810044d024359e067c4553230ab748947d33f8fc115ce9a49e6571c45a05d786cbd49342c236537dbbeec666b07baab917252113a5b9a77283189b518f356debe42d80cf2d0687b9c64d0253a6a09286fded6e4f8557b8fb4f25ca4fb138af8945c74bbc98748eaaa030be5317646f195e6e085ac6ddb29542e3581961259987241f7e7061526a7afec8962e74215fea43703a4e543ee9d1a3c3f5f2a41977ece8fdadcf89ce331ce59bebae5f53513d0e10485d7ddbda60513bf339602510b3a23ea29a0d5d03a61e34d12942ea4a847c884b27b5344a456d02a55f8929cc567e7c792c01fab7a7b32780a14c361000609b817dd91507b04d875279527946fdb8fb92a512485e234d092c28f1d0a0498731ccc0eb10515d510e8945839307b46512ceca6f495fdd2c6ae5eb2ef3b2a40ebdc7edf0048e3fb5e3d97a9ea5113a6b70d20ad5c43f0df95d88c0f121a1884da21a21f0ba47420f8391a97921cc51871dbb272e43710fe71d5e342c3afd10608a8b02f00e8fbd8d570b6faace86c494ecea8913233391e7b7cec3d571bb3032181ed58e1b513e511f79ee562c8cde9b3b74c2e95dcde7fadb5a666bdc0c1684794620ce8cf0c0aee8e90b3ef6e7160d3f055cb4d1ced32e4edc15e7d102952d3237e6c02c591a95a182bf190c0124abc7f1225332ff1c5e1b94e4e9bf02c1a18bd7bfce20707f7298da322560bc1a4cf298d46f5bf8ff41da21e25aa17f65f9ee43ca890b5ef6a3ccf3efedf3ca60a9acef1352ad0c43e6cf375108cf0974ce89a99adba7e6a3f8949dc573440fafe0e3abdd0066057a2d868e8386080f18a421568d8e7a89536a4173861bd55245c8fcf7dcba18edce36d2e85b9630fbc218db9ebd16abb11ac06fdbf2bc3e6394d4c6e7ae71813d30772d487743a2856348fee09989ce03331e7848770fc91e62191c20fe5f4a73c5dae467dd612bdb63b1e50921d38271305d7412103d5a6214d6d534d1d530b9169f882b6926bbd338f0282a8bd9a44603934e5249e83f1d0947b39f82a7843d2b6f796d8abf7ff3e66cfd4519324d71cebbf6580dffc10d555e479e9acaa12c3c59e3732c181aa4223d0fcdac514e9d7c7963c2634964520286b028f60a4ae612b8e6049315139e884cbffd6836253094ad023329183496cf663366ad4d7f7f5f1bd2db9b0d33f106c041fba4494c7da404d45d8955e5459ca4a62862721ec1fa534fd95e262c5814426816e60000000000000000001aa4fb6f40ec24f42f6949cc28d2a0d4eb61cb1664627582d962523586539445b81e9759321652280ecb", 0x508, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$fou(&(0x7f0000000000), r0) (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x0, 0x0, 0x0, 0x5}, 0x90) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000002000000000000000000000d0300000000000000000000411000000080000000000000000000000300000000020000000228f15d6587b3d0eb0e3af07d828823d05aa2dc20ff6e33c3fb3db0ae36b41a31d2cf738f6b37458be1aa8ec0a60e65298e0f22157a336ec2051067ce32cda22e3ed94e5456dfb3568b70449b2d280090f57666767d25fe48815ec8768fc4faff2354a3cb6b2980dc2fb967ab62a2fef9116b16c64c53815d7e51c4010d44e9c6d9d000f1097d3fadfb0a5eac770808bf57c59c8a82eebec4af1b82a6a4cd02c058f21502de9cc35874756b42b7390cb57350dd146f5fc182000000"], 0x0, 0x4e}, 0x20) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r1, 0x8982, &(0x7f0000000040)={0x1, 'ip6_vti0\x00', {}, 0x27}) r3 = socket$unix(0x1, 0x5, 0x0) r4 = dup2(r3, r2) close_range(r4, 0xffffffffffffffff, 0x0) (async) r5 = io_uring_setup(0x42b, &(0x7f0000000180)={0x0, 0x0, 0x20, 0x1}) io_uring_register$IORING_REGISTER_RING_FDS(r5, 0x14, &(0x7f0000000080)=[{0x0, 0x1, 0x0, 0x0, 0x0}], 0x1) kernel console output (not intermixed with test programs): ork, BSSID 50:50:50:50:50:50 [ 153.720883][ T5265] usb 1-1: config 0 descriptor?? [ 153.758831][ T51] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 153.768856][ T51] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 153.782815][ T51] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 153.791982][ T51] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.543459][ T51] usb 3-1: usb_control_msg returned -32 [ 154.585236][ T51] usbtmc 3-1:16.0: can't read capabilities [ 154.626253][ T6452] netlink: 4 bytes leftover after parsing attributes in process `syz.1.283'. [ 154.711036][ T6452] netlink: 20 bytes leftover after parsing attributes in process `syz.1.283'. [ 154.722108][ T6452] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 154.793113][ T5265] logitech-djreceiver 0003:046D:C513.0003: unknown main item tag 0x0 [ 154.978917][ T5265] logitech-djreceiver 0003:046D:C513.0003: hidraw0: USB HID v0.00 Device [HID 046d:c513] on usb-dummy_hcd.0-1/input0 [ 155.947601][ T6460] usbtmc 3-1:16.0: usb_control_msg returned -32 [ 156.094363][ T58] usb 3-1: USB disconnect, device number 11 [ 156.109322][ T5265] usb 1-1: USB disconnect, device number 12 [ 156.396404][ T6475] netlink: 16 bytes leftover after parsing attributes in process `syz.1.287'. [ 156.416249][ T6459] netlink: 9 bytes leftover after parsing attributes in process `syz.3.237'. [ 156.435971][ T6459] 0·: renamed from hsr0 (while UP) [ 157.265684][ T6459] 0·: entered promiscuous mode [ 157.274472][ T6459] A link change request failed with some changes committed already. Interface 70· may have been left with an inconsistent configuration, please check. [ 157.777070][ T58] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 157.876811][ T51] usb 3-1: new full-speed USB device number 12 using dummy_hcd [ 157.888216][ T5265] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 157.968986][ T58] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 158.005024][ T58] usb 5-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 158.029849][ T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.072587][ T58] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 158.079934][ T51] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA5, changing to 0x85 [ 158.101494][ T5265] usb 1-1: New USB device found, idVendor=04bb, idProduct=0901, bcdDevice=55.ba [ 158.103310][ T51] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 104, setting to 64 [ 158.122160][ T5265] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.141587][ T5265] usb 1-1: Product: syz [ 158.145803][ T5265] usb 1-1: Manufacturer: syz [ 158.160819][ T5265] usb 1-1: SerialNumber: syz [ 158.168180][ T51] usb 3-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 158.173573][ T5265] usb 1-1: config 0 descriptor?? [ 158.189917][ T51] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.212218][ T51] usb 3-1: Product: syz [ 158.220994][ T51] usb 3-1: Manufacturer: syz [ 158.225630][ T51] usb 3-1: SerialNumber: syz [ 158.266698][ T51] usb 3-1: config 0 descriptor?? [ 158.285786][ T6487] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 158.316313][ T51] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input8 [ 158.349574][ C0] usbtouchscreen 3-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -1 [ 158.422183][ C1] usbtouchscreen 3-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -1 [ 158.521362][ T5265] kaweth 1-1:0.0: Firmware present in device. [ 158.540954][ T6487] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 158.548688][ T5265] kaweth 1-1:0.0: Error reading configuration (-71), no net device created [ 158.565109][ T6520] netlink: 68 bytes leftover after parsing attributes in process `syz.1.295'. [ 158.576570][ T6487] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 158.588831][ T5265] kaweth 1-1:0.0: probe with driver kaweth failed with error -5 [ 158.606482][ T5268] usb 3-1: USB disconnect, device number 12 [ 158.667334][ T5265] usb 1-1: USB disconnect, device number 13 [ 159.041099][ T9] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 159.197439][ T58] stv0680 5-1:4.0: STV(e): camera ping failed!! [ 159.260758][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 159.323851][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 159.399312][ T9] usb 2-1: New USB device found, idVendor=046d, idProduct=c513, bcdDevice= 0.00 [ 159.434754][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 159.715563][ T58] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -110 [ 159.827505][ T9] usb 2-1: config 0 descriptor?? [ 159.841206][ T58] stv0680 5-1:4.0: last error: 0, command = 0x0 [ 160.437163][ T58] usb 5-1: USB disconnect, device number 9 [ 160.467623][ T9] logitech-djreceiver 0003:046D:C513.0004: unknown main item tag 0x0 [ 160.517060][ T9] logitech-djreceiver 0003:046D:C513.0004: hidraw0: USB HID v0.00 Device [HID 046d:c513] on usb-dummy_hcd.1-1/input0 [ 160.541383][ T6548] netlink: 12 bytes leftover after parsing attributes in process `syz.2.299'. [ 161.344840][ T5265] usb 4-1: new full-speed USB device number 9 using dummy_hcd [ 161.356968][ T9] usb 2-1: USB disconnect, device number 11 [ 161.556148][ T5265] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 161.580572][ T5265] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 161.593347][ T5265] usb 4-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 161.618308][ T5265] usb 4-1: config 0 interface 0 has no altsetting 0 [ 161.624973][ T5265] usb 4-1: New USB device found, idVendor=046d, idProduct=c537, bcdDevice= 0.00 [ 161.659420][ T5265] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.687484][ T5265] usb 4-1: config 0 descriptor?? [ 161.706765][ T58] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 161.726822][ T5268] usb 1-1: new full-speed USB device number 14 using dummy_hcd [ 161.745293][ T29] audit: type=1326 audit(1723368750.627:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 161.789835][ T29] audit: type=1326 audit(1723368750.627:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 161.880742][ T51] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 161.907194][ T29] audit: type=1326 audit(1723368750.657:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 161.929465][ T29] audit: type=1326 audit(1723368750.657:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 161.950833][ C1] vkms_vblank_simulate: vblank timer overrun [ 161.957966][ T29] audit: type=1326 audit(1723368750.657:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 161.980315][ T29] audit: type=1326 audit(1723368750.667:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 162.001857][ C1] vkms_vblank_simulate: vblank timer overrun [ 162.009454][ T58] usb 5-1: Using ep0 maxpacket: 8 [ 162.013473][ T58] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 162.019070][ T29] audit: type=1326 audit(1723368750.667:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 162.025161][ T5268] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 162.044861][ T29] audit: type=1326 audit(1723368750.667:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 162.044908][ T29] audit: type=1326 audit(1723368750.667:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 162.044942][ T29] audit: type=1326 audit(1723368750.667:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 162.144786][ T58] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 162.167484][ T58] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 162.182942][ T51] usb 3-1: New USB device found, idVendor=04bb, idProduct=0901, bcdDevice=55.ba [ 162.194416][ T51] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 162.194497][ T58] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 162.245396][ T58] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 162.250798][ T51] usb 3-1: Product: syz [ 162.263573][ T58] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 162.287373][ T51] usb 3-1: Manufacturer: syz [ 162.292548][ T51] usb 3-1: SerialNumber: syz [ 162.299366][ T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.317986][ T51] usb 3-1: config 0 descriptor?? [ 162.414611][ T5268] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 162.435121][ T5268] usb 1-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 162.466739][ T5268] usb 1-1: config 0 interface 0 has no altsetting 0 [ 162.474958][ T5268] usb 1-1: New USB device found, idVendor=046d, idProduct=c537, bcdDevice= 0.00 [ 162.485934][ T5268] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.583837][ T58] usb 5-1: usb_control_msg returned -32 [ 162.593024][ T58] usbtmc 5-1:16.0: can't read capabilities [ 162.617288][ T1663] usb 4-1: USB disconnect, device number 9 [ 162.626534][ T5268] usb 1-1: config 0 descriptor?? [ 162.647826][ T51] kaweth 3-1:0.0: Firmware present in device. [ 162.686212][ T51] kaweth 3-1:0.0: Error reading configuration (-71), no net device created [ 162.707846][ T51] kaweth 3-1:0.0: probe with driver kaweth failed with error -5 [ 162.738947][ T51] usb 3-1: USB disconnect, device number 13 [ 162.985489][ T6603] usbtmc 5-1:16.0: usb_control_msg returned -32 [ 163.008524][ T58] usb 5-1: USB disconnect, device number 10 [ 163.272762][ T5268] usbhid 1-1:0.0: can't add hid device: -71 [ 163.278929][ T6613] process 'syz.2.313' launched './file0' with NULL argv: empty string added [ 163.299264][ T5268] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 163.317135][ T5268] usb 1-1: USB disconnect, device number 14 [ 164.565523][ T6628] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 165.208038][ T6635] netlink: 12 bytes leftover after parsing attributes in process `syz.1.317'. [ 165.308991][ T5265] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 165.629635][ T5265] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 165.756939][ T5226] Bluetooth: hci4: command 0x0405 tx timeout [ 165.866914][ T5265] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 166.014051][ T5265] usb 4-1: New USB device found, idVendor=046d, idProduct=c513, bcdDevice= 0.00 [ 166.022310][ T6646] binder: Bad value for 'stats' [ 166.033238][ T5265] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.054169][ T5265] usb 4-1: config 0 descriptor?? [ 166.104678][ T6649] netlink: 36 bytes leftover after parsing attributes in process `syz.0.322'. [ 166.116914][ T6649] netlink: 12 bytes leftover after parsing attributes in process `syz.0.322'. [ 166.135160][ T6648] netlink: 4 bytes leftover after parsing attributes in process `syz.0.322'. [ 166.146709][ T6648] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 166.154266][ T6648] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 166.163796][ T6648] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 166.193098][ T6648] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 166.491857][ T5265] logitech-djreceiver 0003:046D:C513.0006: unknown main item tag 0x0 [ 166.506954][ T1663] usb 2-1: new full-speed USB device number 12 using dummy_hcd [ 166.546515][ T5265] logitech-djreceiver 0003:046D:C513.0006: hidraw0: USB HID v0.00 Device [HID 046d:c513] on usb-dummy_hcd.3-1/input0 [ 166.696014][ T5265] usb 4-1: USB disconnect, device number 10 [ 166.712619][ T1663] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 166.768149][ T1663] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 166.792183][ T1663] usb 2-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 166.879067][ T1663] usb 2-1: config 0 interface 0 has no altsetting 0 [ 166.923808][ T1663] usb 2-1: New USB device found, idVendor=046d, idProduct=c537, bcdDevice= 0.00 [ 166.937504][ T1663] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.982754][ T1663] usb 2-1: config 0 descriptor?? [ 167.203875][ T29] kauditd_printk_skb: 21 callbacks suppressed [ 167.203892][ T29] audit: type=1326 audit(1723368756.087:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6675 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 167.315887][ T29] audit: type=1326 audit(1723368756.137:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6675 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 167.428700][ T29] audit: type=1326 audit(1723368756.137:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6675 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 167.728160][ T29] audit: type=1326 audit(1723368756.137:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6675 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 167.749614][ C1] vkms_vblank_simulate: vblank timer overrun [ 167.771542][ T5231] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 167.780813][ T5231] Bluetooth: hci1: Injecting HCI hardware error event [ 167.798565][ T5231] Bluetooth: hci1: hardware error 0x00 [ 168.337950][ T29] audit: type=1326 audit(1723368756.157:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6675 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 168.483544][ T29] audit: type=1326 audit(1723368756.157:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6675 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 168.520467][ T29] audit: type=1326 audit(1723368756.157:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6675 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 168.586005][ T29] audit: type=1326 audit(1723368756.167:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6675 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 168.704554][ T29] audit: type=1326 audit(1723368756.167:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6675 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 168.745029][ T29] audit: type=1326 audit(1723368756.187:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6675 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 168.766509][ C1] vkms_vblank_simulate: vblank timer overrun [ 168.784032][ T58] usb 2-1: USB disconnect, device number 12 [ 168.808887][ T6692] netlink: 12 bytes leftover after parsing attributes in process `syz.4.333'. [ 168.935498][ T6698] netlink: 40 bytes leftover after parsing attributes in process `syz.3.334'. [ 169.100741][ T6704] netlink: 68 bytes leftover after parsing attributes in process `syz.0.337'. [ 169.325618][ T6708] netlink: 'syz.2.336': attribute type 7 has an invalid length. [ 169.333691][ T6708] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.336'. [ 169.701355][ T6717] loop0: detected capacity change from 0 to 16384 [ 169.931496][ T5231] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 170.451937][ T1663] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 170.839559][ T1663] usb 2-1: Using ep0 maxpacket: 8 [ 170.882255][ T1663] usb 2-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 170.915629][ T1663] usb 2-1: New USB device strings: Mfr=7, Product=2, SerialNumber=3 [ 170.933040][ T1663] usb 2-1: Product: syz [ 170.943919][ T1663] usb 2-1: Manufacturer: syz [ 170.949520][ T1663] usb 2-1: SerialNumber: syz [ 170.967512][ T1663] usb 2-1: config 0 descriptor?? [ 170.984393][ T1663] gspca_main: sq905-2.14.0 probing 2770:9120 [ 172.119768][ T6745] netlink: 12 bytes leftover after parsing attributes in process `syz.3.349'. [ 172.282571][ T29] kauditd_printk_skb: 13 callbacks suppressed [ 172.282608][ T29] audit: type=1326 audit(1723368761.167:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6753 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be9d779f9 code=0x7ffc0000 [ 172.553962][ T1663] gspca_sq905: sq905_command: usb_control_msg failed 2 (-110) [ 172.564531][ T29] audit: type=1326 audit(1723368761.207:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6753 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be9d779f9 code=0x7ffc0000 [ 172.585914][ C1] vkms_vblank_simulate: vblank timer overrun [ 172.606786][ T1663] sq905 2-1:0.0: probe with driver sq905 failed with error -110 [ 172.676128][ T29] audit: type=1326 audit(1723368761.207:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6753 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5be9d779f9 code=0x7ffc0000 [ 172.709877][ T58] usb 5-1: new full-speed USB device number 11 using dummy_hcd [ 172.717726][ T29] audit: type=1326 audit(1723368761.207:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6753 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be9d779f9 code=0x7ffc0000 [ 172.748249][ T29] audit: type=1326 audit(1723368761.207:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6753 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be9d779f9 code=0x7ffc0000 [ 172.774600][ T29] audit: type=1326 audit(1723368761.207:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6753 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f5be9d779f9 code=0x7ffc0000 [ 172.800997][ T29] audit: type=1326 audit(1723368761.207:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6753 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be9d779f9 code=0x7ffc0000 [ 172.822943][ T29] audit: type=1326 audit(1723368761.217:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6753 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be9d779f9 code=0x7ffc0000 [ 172.850895][ T29] audit: type=1326 audit(1723368761.217:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6753 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f5be9d779f9 code=0x7ffc0000 [ 172.881924][ T29] audit: type=1326 audit(1723368761.287:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6753 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be9d779f9 code=0x7ffc0000 [ 172.915402][ T6768] block nbd0: shutting down sockets [ 172.959876][ T58] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 172.959913][ T58] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 172.959936][ T58] usb 5-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 172.959963][ T58] usb 5-1: config 0 interface 0 has no altsetting 0 [ 172.959997][ T58] usb 5-1: New USB device found, idVendor=046d, idProduct=c537, bcdDevice= 0.00 [ 172.960022][ T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.965603][ T58] usb 5-1: config 0 descriptor?? [ 174.921890][ T5266] usb 5-1: USB disconnect, device number 11 [ 175.093742][ T6798] netlink: 'syz.2.360': attribute type 2 has an invalid length. [ 175.103264][ T6798] netlink: 16 bytes leftover after parsing attributes in process `syz.2.360'. [ 175.326826][ T58] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 175.443858][ T5265] usb 2-1: USB disconnect, device number 13 [ 175.528628][ T58] usb 1-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice= 8.8f [ 175.553066][ T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.577987][ T58] usb 1-1: config 0 descriptor?? [ 175.584987][ T6807] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 175.605903][ T6807] batadv_slave_0: entered promiscuous mode [ 175.657647][ T6806] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 175.757063][ T6810] netlink: 12 bytes leftover after parsing attributes in process `syz.4.364'. [ 176.109833][ T6813] netlink: 4 bytes leftover after parsing attributes in process `syz.2.365'. [ 176.181956][ T6813] netlink: 20 bytes leftover after parsing attributes in process `syz.2.365'. [ 176.216924][ T6813] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 176.418836][ T58] gspca_main: pac7311-2.14.0 probing 093a:2601 [ 176.444590][ T58] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -71 [ 176.469125][ T58] pac7311 1-1:0.0: probe with driver pac7311 failed with error -71 [ 176.527423][ T58] usb 1-1: USB disconnect, device number 15 [ 179.988929][ T6846] FAULT_INJECTION: forcing a failure. [ 179.988929][ T6846] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 180.069932][ T6846] CPU: 1 UID: 0 PID: 6846 Comm: syz.1.373 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0 [ 180.080555][ T6846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 180.090698][ T6846] Call Trace: [ 180.093969][ T6846] [ 180.096888][ T6846] dump_stack_lvl+0x241/0x360 [ 180.101564][ T6846] ? __pfx_dump_stack_lvl+0x10/0x10 [ 180.106747][ T6846] ? __pfx__printk+0x10/0x10 [ 180.111325][ T6846] ? __pfx_lock_release+0x10/0x10 [ 180.116338][ T6846] should_fail_ex+0x3b0/0x4e0 [ 180.121000][ T6846] strncpy_from_user+0x36/0x2e0 [ 180.125847][ T6846] ? kmem_cache_alloc_noprof+0x185/0x2a0 [ 180.131504][ T6846] getname_flags+0xf1/0x540 [ 180.136037][ T6846] user_path_at+0x24/0x60 [ 180.140386][ T6846] do_sys_truncate+0xa4/0x190 [ 180.145046][ T6846] ? __pfx_do_sys_truncate+0x10/0x10 [ 180.150346][ T6846] do_syscall_64+0xf3/0x230 [ 180.154835][ T6846] ? clear_bhb_loop+0x35/0x90 [ 180.159496][ T6846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.165371][ T6846] RIP: 0033:0x7f385cb779f9 [ 180.170300][ T6846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.189995][ T6846] RSP: 002b:00007f385d8e4038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c [ 180.198517][ T6846] RAX: ffffffffffffffda RBX: 00007f385cd06058 RCX: 00007f385cb779f9 [ 180.206481][ T6846] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000 [ 180.214436][ T6846] RBP: 00007f385d8e4090 R08: 0000000000000000 R09: 0000000000000000 [ 180.222387][ T6846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 180.230364][ T6846] R13: 0000000000000000 R14: 00007f385cd06058 R15: 00007ffea7645718 [ 180.238353][ T6846] [ 180.241479][ C1] vkms_vblank_simulate: vblank timer overrun [ 180.557810][ T5268] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 180.787041][ T5268] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 180.813721][ T6859] FAULT_INJECTION: forcing a failure. [ 180.813721][ T6859] name failslab, interval 1, probability 0, space 0, times 0 [ 180.836783][ T5268] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 180.871751][ T6859] CPU: 0 UID: 0 PID: 6859 Comm: syz.1.377 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0 [ 180.882396][ T6859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 180.892455][ T6859] Call Trace: [ 180.895731][ T6859] [ 180.898658][ T6859] dump_stack_lvl+0x241/0x360 [ 180.903340][ T6859] ? __pfx_dump_stack_lvl+0x10/0x10 [ 180.908535][ T6859] ? __pfx__printk+0x10/0x10 [ 180.913126][ T6859] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 180.919106][ T6859] ? __pfx___might_resched+0x10/0x10 [ 180.924392][ T6859] should_fail_ex+0x3b0/0x4e0 [ 180.929069][ T6859] should_failslab+0xac/0x100 [ 180.933740][ T6859] ? __alloc_skb+0x1c3/0x440 [ 180.938323][ T6859] kmem_cache_alloc_node_noprof+0x71/0x320 [ 180.944139][ T6859] __alloc_skb+0x1c3/0x440 [ 180.948559][ T6859] ? __pfx___mutex_lock+0x10/0x10 [ 180.953578][ T6859] ? netlink_recvmsg+0x60a/0x11d0 [ 180.958595][ T6859] ? __pfx___alloc_skb+0x10/0x10 [ 180.963618][ T6859] netlink_dump+0x2cd/0xd80 [ 180.968128][ T6859] ? __pfx_netlink_dump+0x10/0x10 [ 180.973147][ T6859] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 180.979131][ T6859] ? lockdep_hardirqs_on+0x99/0x150 [ 180.984328][ T6859] ? netlink_recvmsg+0x60a/0x11d0 [ 180.989345][ T6859] ? kmem_cache_free+0x145/0x350 [ 180.994372][ T6859] netlink_recvmsg+0x6bb/0x11d0 [ 180.999253][ T6859] ? __pfx_netlink_recvmsg+0x10/0x10 [ 181.004539][ T6859] ? __pfx___might_resched+0x10/0x10 [ 181.009822][ T6859] ? iovec_from_user+0x61/0x240 [ 181.014671][ T6859] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 181.019948][ T6859] ? security_socket_recvmsg+0x90/0xb0 [ 181.025397][ T6859] ? __pfx_netlink_recvmsg+0x10/0x10 [ 181.030669][ T6859] sock_recvmsg+0x22f/0x280 [ 181.035174][ T6859] ____sys_recvmsg+0x1db/0x470 [ 181.039942][ T6859] ? __pfx_____sys_recvmsg+0x10/0x10 [ 181.045236][ T6859] do_recvmmsg+0x474/0xae0 [ 181.049740][ T6859] ? __pfx_lock_release+0x10/0x10 [ 181.054765][ T6859] ? __pfx_do_recvmmsg+0x10/0x10 [ 181.059799][ T6859] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 181.065691][ T6859] ? ksys_write+0x23e/0x2c0 [ 181.070187][ T6859] ? __pfx_lock_release+0x10/0x10 [ 181.075302][ T6859] ? vfs_write+0x7c4/0xc90 [ 181.079714][ T6859] ? __mutex_unlock_slowpath+0x21d/0x750 [ 181.085349][ T6859] ? __fget_files+0x3f6/0x470 [ 181.090375][ T6859] __x64_sys_recvmmsg+0x199/0x250 [ 181.095398][ T6859] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 181.100943][ T6859] ? do_syscall_64+0x100/0x230 [ 181.105959][ T6859] ? do_syscall_64+0xb6/0x230 [ 181.110625][ T6859] do_syscall_64+0xf3/0x230 [ 181.115118][ T6859] ? clear_bhb_loop+0x35/0x90 [ 181.119789][ T6859] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.125671][ T6859] RIP: 0033:0x7f385cb779f9 [ 181.130078][ T6859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 181.149675][ T6859] RSP: 002b:00007f385d905038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 181.158085][ T6859] RAX: ffffffffffffffda RBX: 00007f385cd05f80 RCX: 00007f385cb779f9 [ 181.166049][ T6859] RDX: 0000000000000001 RSI: 0000000020006340 RDI: 0000000000000003 [ 181.174010][ T6859] RBP: 00007f385d905090 R08: 0000000000000000 R09: 0000000000000000 [ 181.182147][ T6859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 181.190116][ T6859] R13: 0000000000000000 R14: 00007f385cd05f80 R15: 00007ffea7645718 [ 181.198110][ T6859] [ 181.350790][ T5268] usb 5-1: New USB device found, idVendor=22b8, idProduct=4234, bcdDevice=32.84 [ 181.366774][ T5268] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 181.375608][ T5268] usb 5-1: Product: syz [ 181.383712][ T5268] usb 5-1: Manufacturer: syz [ 181.390729][ T5268] usb 5-1: SerialNumber: syz [ 181.401367][ T5268] usb 5-1: config 0 descriptor?? [ 181.457698][ T58] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 181.516939][ T4606] Bluetooth: hci3: command 0x0406 tx timeout [ 181.523617][ T4606] Bluetooth: hci0: command 0x0406 tx timeout [ 181.629769][ T6849] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 181.650044][ T6849] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 181.657888][ T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 181.730057][ T58] usb 1-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82 [ 181.737583][ T1663] usb 5-1: USB disconnect, device number 12 [ 181.743913][ T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.803516][ T58] usb 1-1: config 0 descriptor?? [ 181.818989][ T58] smsusb:smsusb_probe: board id=8, interface number 0 [ 181.826445][ T58] smsusb:smsusb_probe: Device initialized with return code -19 [ 182.038700][ T6875] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 182.047655][ T6875] batadv_slave_0: entered promiscuous mode [ 182.373594][ T6882] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 182.686841][ T1663] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 182.799441][ T5231] Bluetooth: hci4: command 0x0405 tx timeout [ 182.898546][ T1663] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 182.933395][ T29] kauditd_printk_skb: 22 callbacks suppressed [ 182.933407][ T29] audit: type=1326 audit(1723368771.817:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6891 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 182.971790][ T1663] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 182.986111][ T29] audit: type=1326 audit(1723368771.847:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6891 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 183.118046][ T1663] usb 5-1: New USB device found, idVendor=046d, idProduct=c513, bcdDevice= 0.00 [ 183.120568][ T29] audit: type=1326 audit(1723368771.847:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6891 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 183.129418][ T1663] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 183.148492][ C1] vkms_vblank_simulate: vblank timer overrun [ 183.174971][ T1663] usb 5-1: config 0 descriptor?? [ 183.215873][ T29] audit: type=1326 audit(1723368771.847:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6891 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 183.261858][ T29] audit: type=1326 audit(1723368771.847:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6891 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 183.283284][ C1] vkms_vblank_simulate: vblank timer overrun [ 183.329632][ T29] audit: type=1326 audit(1723368771.847:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6891 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 183.371385][ T29] audit: type=1326 audit(1723368771.847:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6891 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 183.423538][ T29] audit: type=1326 audit(1723368771.847:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6891 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 183.463619][ T29] audit: type=1326 audit(1723368771.847:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6891 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 183.583567][ T29] audit: type=1326 audit(1723368771.857:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6891 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b73d779f9 code=0x7ffc0000 [ 183.639361][ T1663] logitech-djreceiver 0003:046D:C513.0009: unknown main item tag 0x0 [ 183.672357][ T1663] logitech-djreceiver 0003:046D:C513.0009: hidraw0: USB HID v0.00 Device [HID 046d:c513] on usb-dummy_hcd.4-1/input0 [ 183.884215][ T6901] FAULT_INJECTION: forcing a failure. [ 183.884215][ T6901] name failslab, interval 1, probability 0, space 0, times 0 [ 183.940867][ T6901] CPU: 1 UID: 0 PID: 6901 Comm: syz.0.388 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0 [ 183.951502][ T6901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 183.961557][ T6901] Call Trace: [ 183.964832][ T6901] [ 183.967754][ T6901] dump_stack_lvl+0x241/0x360 [ 183.972434][ T6901] ? __pfx_dump_stack_lvl+0x10/0x10 [ 183.977630][ T6901] ? __pfx__printk+0x10/0x10 [ 183.982222][ T6901] ? __kmalloc_cache_noprof+0x44/0x2c0 [ 183.987685][ T6901] ? __pfx___might_resched+0x10/0x10 [ 183.992975][ T6901] should_fail_ex+0x3b0/0x4e0 [ 183.997650][ T6901] should_failslab+0xac/0x100 [ 184.002321][ T6901] ? io_drain_req+0x2aa/0x8a0 [ 184.006999][ T6901] __kmalloc_cache_noprof+0x6c/0x2c0 [ 184.012285][ T6901] io_drain_req+0x2aa/0x8a0 [ 184.016800][ T6901] io_submit_sqes+0x10b1/0x1bf0 [ 184.021677][ T6901] __se_sys_io_uring_enter+0x2ce/0x2670 [ 184.027232][ T6901] ? vfs_write+0x7c4/0xc90 [ 184.031661][ T6901] ? __pfx_vfs_write+0x10/0x10 [ 184.036426][ T6901] ? __pfx___se_sys_io_uring_enter+0x10/0x10 [ 184.042403][ T6901] ? __fget_files+0x3f6/0x470 [ 184.047087][ T6901] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 184.053120][ T6901] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 184.059443][ T6901] ? do_syscall_64+0x100/0x230 [ 184.064201][ T6901] ? __x64_sys_io_uring_enter+0x21/0xf0 [ 184.069743][ T6901] do_syscall_64+0xf3/0x230 [ 184.074237][ T6901] ? clear_bhb_loop+0x35/0x90 [ 184.078907][ T6901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.084795][ T6901] RIP: 0033:0x7f0b73d779f9 [ 184.089211][ T6901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 184.108899][ T6901] RSP: 002b:00007f0b74a6b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 184.117306][ T6901] RAX: ffffffffffffffda RBX: 00007f0b73f05f80 RCX: 00007f0b73d779f9 [ 184.125273][ T6901] RDX: 0000000000000000 RSI: 0000000000001d9e RDI: 0000000000000003 [ 184.133324][ T6901] RBP: 00007f0b74a6b090 R08: 0000000000000000 R09: 0000000000000000 [ 184.141293][ T6901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 184.149373][ T6901] R13: 0000000000000000 R14: 00007f0b73f05f80 R15: 00007ffe7b1064d8 [ 184.157356][ T6901] [ 184.160493][ C1] vkms_vblank_simulate: vblank timer overrun [ 184.496889][ T5268] usb 5-1: USB disconnect, device number 13 [ 186.211369][ T6927] netlink: 8 bytes leftover after parsing attributes in process `syz.1.395'. [ 186.262555][ T6931] FAULT_INJECTION: forcing a failure. [ 186.262555][ T6931] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 186.328710][ T6931] CPU: 0 UID: 0 PID: 6931 Comm: syz.0.396 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0 [ 186.339427][ T6931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 186.349470][ T6931] Call Trace: [ 186.352735][ T6931] [ 186.355648][ T6931] dump_stack_lvl+0x241/0x360 [ 186.360430][ T6931] ? __pfx_dump_stack_lvl+0x10/0x10 [ 186.365650][ T6931] ? __pfx__printk+0x10/0x10 [ 186.370264][ T6931] ? __pfx_lock_release+0x10/0x10 [ 186.375304][ T6931] ? __lock_acquire+0x137a/0x2040 [ 186.380358][ T6931] should_fail_ex+0x3b0/0x4e0 [ 186.385061][ T6931] _copy_from_user+0x2f/0xe0 [ 186.389682][ T6931] kstrtouint_from_user+0xc6/0x190 [ 186.394813][ T6931] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 186.400542][ T6931] ? __pfx_lock_acquire+0x10/0x10 [ 186.405651][ T6931] proc_fail_nth_write+0xaa/0x2d0 [ 186.410676][ T6931] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 186.416583][ T6931] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 186.422234][ T6931] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 186.427860][ T6931] vfs_write+0x2a2/0xc90 [ 186.432096][ T6931] ? __pfx_vfs_write+0x10/0x10 [ 186.436856][ T6931] ? __fget_files+0x29/0x470 [ 186.441451][ T6931] ? __fget_files+0x3f6/0x470 [ 186.446126][ T6931] ksys_write+0x1a0/0x2c0 [ 186.450453][ T6931] ? __pfx_ksys_write+0x10/0x10 [ 186.455300][ T6931] ? do_syscall_64+0x100/0x230 [ 186.460048][ T6931] ? do_syscall_64+0xb6/0x230 [ 186.464720][ T6931] do_syscall_64+0xf3/0x230 [ 186.469217][ T6931] ? clear_bhb_loop+0x35/0x90 [ 186.473893][ T6931] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.479795][ T6931] RIP: 0033:0x7f0b73d764df [ 186.484208][ T6931] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48 [ 186.503840][ T6931] RSP: 002b:00007f0b737ff030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 186.512248][ T6931] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0b73d764df [ 186.520207][ T6931] RDX: 0000000000000001 RSI: 00007f0b737ff0a0 RDI: 0000000000000006 [ 186.528188][ T6931] RBP: 00007f0b737ff090 R08: 0000000000000000 R09: 0000000000000000 [ 186.536239][ T6931] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 186.544195][ T6931] R13: 0000000000000001 R14: 00007f0b73f06058 R15: 00007ffe7b1064d8 [ 186.552198][ T6931] [ 188.431157][ T6951] netlink: 68 bytes leftover after parsing attributes in process `syz.2.402'. [ 190.111606][ T6973] SET target dimension over the limit! [ 190.210049][ T6970] sctp: failed to load transform for md5: -2 [ 191.198394][ T6984] 9pnet_fd: Insufficient options for proto=fd [ 191.404876][ T6990] affs: No valid root block on device nbd3 [ 192.196821][ T7003] netlink: 68 bytes leftover after parsing attributes in process `syz.0.415'. [ 193.512617][ T7007] syz.0.416 (7007) used greatest stack depth: 19256 bytes left [ 193.911140][ T7012] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 193.935431][ T7012] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 194.645904][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.657532][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 196.062522][ T7033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 196.130319][ T7033] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 196.287859][ T7033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 196.296529][ T7033] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 196.467337][ T5263] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 196.669127][ T5263] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 196.859595][ T5263] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 196.988720][ T5263] usb 4-1: config 1 has no interface number 0 [ 197.055987][ T5263] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 197.140454][ T5263] usb 4-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 197.183900][ T5263] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 197.224715][ T5263] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 197.420846][ T5263] usb 4-1: Product: syz [ 197.548762][ T5263] usb 4-1: Manufacturer: syz [ 197.742269][ T5263] usb 4-1: SerialNumber: syz [ 200.116839][ T5263] cdc_ncm 4-1:1.1: bind() failure [ 201.001538][ T5218] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 201.011023][ T5218] Bluetooth: hci2: Injecting HCI hardware error event [ 201.036665][ T5231] Bluetooth: hci2: hardware error 0x00 [ 201.589807][ T5263] usb 4-1: USB disconnect, device number 11 [ 201.763172][ T7049] sctp: failed to load transform for md5: -2 [ 202.152172][ T7064] syz.4.430: attempt to access beyond end of device [ 202.152172][ T7064] nbd4: rw=0, sector=2, nr_sectors = 2 limit=0 [ 202.246751][ T7064] MINIX-fs: unable to read superblock [ 206.013251][ T5231] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 206.201878][ T5223] udevd (5223) used greatest stack depth: 18864 bytes left [ 206.412784][ T58] usb 1-1: USB disconnect, device number 16 [ 206.766781][ T5268] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 206.999906][ T5218] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 207.012740][ T5218] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 207.015964][ T5268] usb 5-1: New USB device found, idVendor=04bb, idProduct=0901, bcdDevice=55.ba [ 207.030595][ T5218] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 207.050098][ T5218] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 207.074072][ T5218] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 207.082457][ T5218] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 207.107890][ T5268] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 207.147693][ T5268] usb 5-1: Product: syz [ 207.151900][ T5268] usb 5-1: Manufacturer: syz [ 207.156503][ T5268] usb 5-1: SerialNumber: syz [ 207.258742][ T5268] usb 5-1: config 0 descriptor?? [ 208.154292][ T5231] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 208.187280][ T5231] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 208.195721][ T5231] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 208.204829][ T5231] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 208.234370][ T5231] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 208.251477][ T5226] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 208.303900][ T7096] netlink: 60 bytes leftover after parsing attributes in process `syz.3.438'. [ 208.411047][ T5268] kaweth 5-1:0.0: Firmware present in device. [ 208.483242][ T5268] kaweth 5-1:0.0: Error reading configuration (-71), no net device created [ 208.578429][ T5268] kaweth 5-1:0.0: probe with driver kaweth failed with error -5 [ 208.614116][ T5268] usb 5-1: USB disconnect, device number 14 [ 208.754614][ T7101] netlink: 4 bytes leftover after parsing attributes in process `syz.3.439'. [ 208.843915][ T7104] netlink: 20 bytes leftover after parsing attributes in process `syz.3.439'. [ 208.857329][ T7104] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 209.028631][ T63] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 209.177710][ T63] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 209.235530][ T7084] chnl_net:caif_netlink_parms(): no params data found [ 209.288046][ T5226] Bluetooth: hci5: command tx timeout [ 209.318409][ T63] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 209.333204][ T63] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 209.338905][ T5266] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 209.619586][ T5266] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 209.637363][ T5266] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 209.650012][ T5266] usb 4-1: New USB device found, idVendor=046d, idProduct=c513, bcdDevice= 0.00 [ 209.661303][ T5266] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.679991][ T63] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 209.690600][ T63] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.872570][ T5226] Bluetooth: hci6: command tx timeout [ 212.878466][ T5231] Bluetooth: hci5: command tx timeout [ 212.908574][ T5266] usb 4-1: config 0 descriptor?? [ 213.107058][ T5266] usb 4-1: can't set config #0, error -71 [ 213.185436][ T5266] usb 4-1: USB disconnect, device number 12 [ 213.360132][ T63] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 213.382807][ T63] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.472535][ T7133] netlink: 60 bytes leftover after parsing attributes in process `syz.1.447'. [ 213.484885][ T7084] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.506359][ T7084] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.784432][ T7084] bridge_slave_0: entered allmulticast mode [ 213.799590][ T7084] bridge_slave_0: entered promiscuous mode [ 214.523539][ T7084] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.541373][ T7084] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.946897][ T7084] bridge_slave_1: entered allmulticast mode [ 214.954259][ T7084] bridge_slave_1: entered promiscuous mode [ 214.976724][ T5226] Bluetooth: hci6: command tx timeout [ 214.982171][ T5226] Bluetooth: hci5: command tx timeout [ 215.261504][ T7084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 215.336767][ T7084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 215.387772][ T7144] netlink: 4 bytes leftover after parsing attributes in process `syz.4.449'. [ 215.500778][ T7144] netlink: 20 bytes leftover after parsing attributes in process `syz.4.449'. [ 215.515683][ T7144] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 215.563815][ T7084] team0: Port device team_slave_0 added [ 215.576953][ T25] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 215.593588][ T7084] team0: Port device team_slave_1 added [ 215.608889][ T7091] chnl_net:caif_netlink_parms(): no params data found [ 215.986728][ T25] usb 4-1: Using ep0 maxpacket: 8 [ 219.133859][ T7152] sched: RT throttling activated [ 219.153610][ T5231] Bluetooth: hci5: command tx timeout [ 219.156879][ T5226] Bluetooth: hci6: command tx timeout [ 219.455169][ T25] usb 4-1: device descriptor read/all, error -71 [ 219.874019][ T63] bridge_slave_1: left allmulticast mode [ 219.882925][ T63] bridge_slave_1: left promiscuous mode [ 219.909049][ T63] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.950205][ T63] bridge_slave_0: left allmulticast mode [ 219.955909][ T63] bridge_slave_0: left promiscuous mode [ 219.963505][ T63] bridge0: port 1(bridge_slave_0) entered disabled state [ 220.816286][ T7185] netlink: 68 bytes leftover after parsing attributes in process `syz.3.456'. [ 220.867639][ T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 220.917767][ T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 220.941480][ T63] bond0 (unregistering): Released all slaves [ 220.955786][ T7084] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 220.963948][ T7084] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 220.994494][ T7084] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 221.014594][ T7084] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 221.027312][ T7084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 221.060317][ T7084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 221.154838][ T7192] affs: No valid root block on device nbd4 [ 221.181285][ T7091] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.191572][ T7091] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.199227][ T7091] bridge_slave_0: entered allmulticast mode [ 221.206065][ T7091] bridge_slave_0: entered promiscuous mode [ 221.220573][ T7091] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.230664][ T7091] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.238220][ T7091] bridge_slave_1: entered allmulticast mode [ 221.246177][ T7091] bridge_slave_1: entered promiscuous mode [ 221.276772][ T5226] Bluetooth: hci6: command tx timeout [ 221.411449][ T7084] hsr_slave_0: entered promiscuous mode [ 221.424573][ T7084] hsr_slave_1: entered promiscuous mode [ 221.444117][ T7091] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 221.544680][ T7091] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 221.685969][ T7091] team0: Port device team_slave_0 added [ 221.701538][ T63] hsr_slave_0: left promiscuous mode [ 221.709345][ T63] hsr_slave_1: left promiscuous mode [ 221.743034][ T63] veth1_macvtap: left promiscuous mode [ 221.749600][ T63] veth0_macvtap: left promiscuous mode [ 221.756107][ T63] veth1_vlan: left promiscuous mode [ 221.763033][ T63] veth0_vlan: left promiscuous mode [ 223.330744][ T63] team0 (unregistering): Port device team_slave_1 removed [ 223.370769][ T63] team0 (unregistering): Port device team_slave_0 removed [ 223.447500][ T9] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 223.663574][ T9] usb 5-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice= 8.8f [ 223.672874][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 223.696872][ T9] usb 5-1: config 0 descriptor?? [ 223.752050][ T7091] team0: Port device team_slave_1 added [ 223.826267][ T7198] netlink: 4 bytes leftover after parsing attributes in process `syz.3.459'. [ 223.835981][ T7199] netlink: 20 bytes leftover after parsing attributes in process `syz.3.459'. [ 223.847652][ T7199] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 224.012294][ T7091] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 224.043291][ T7091] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 224.138665][ T7091] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 224.262104][ T7091] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 224.281467][ T7091] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 224.296317][ T7229] netlink: 68 bytes leftover after parsing attributes in process `syz.1.465'. [ 224.307453][ C0] vkms_vblank_simulate: vblank timer overrun [ 224.308492][ T7091] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 224.458303][ T9] gspca_main: pac7311-2.14.0 probing 093a:2601 [ 224.475690][ T9] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -71 [ 224.485507][ T9] pac7311 5-1:0.0: probe with driver pac7311 failed with error -71 [ 224.512693][ T9] usb 5-1: USB disconnect, device number 15 [ 224.647700][ T7091] hsr_slave_0: entered promiscuous mode [ 224.683760][ T7091] hsr_slave_1: entered promiscuous mode [ 224.708034][ T7091] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 224.726416][ T7091] Cannot create hsr debugfs directory [ 225.506320][ T35] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.736259][ T35] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 226.322161][ T29] kauditd_printk_skb: 14 callbacks suppressed [ 226.322184][ T29] audit: type=1326 audit(1723368815.027:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.1.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 226.936905][ T29] audit: type=1326 audit(1723368815.027:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.1.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 226.962263][ T35] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 226.968893][ T29] audit: type=1326 audit(1723368815.027:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.1.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 227.000338][ T29] audit: type=1326 audit(1723368815.027:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.1.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 227.021737][ C0] vkms_vblank_simulate: vblank timer overrun [ 227.116762][ T29] audit: type=1326 audit(1723368815.037:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.1.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 227.138170][ C0] vkms_vblank_simulate: vblank timer overrun [ 227.161169][ T29] audit: type=1326 audit(1723368815.037:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.1.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 227.202318][ T35] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 227.206925][ T29] audit: type=1326 audit(1723368815.037:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.1.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 227.234070][ C0] vkms_vblank_simulate: vblank timer overrun [ 227.249109][ T29] audit: type=1326 audit(1723368815.037:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.1.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 227.270518][ C0] vkms_vblank_simulate: vblank timer overrun [ 227.304232][ T7084] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 227.437740][ T7084] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 227.455204][ T29] audit: type=1326 audit(1723368815.037:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.1.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 227.501958][ T29] audit: type=1326 audit(1723368815.037:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.1.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 227.535116][ T7084] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 227.598240][ T7265] netlink: 4 bytes leftover after parsing attributes in process `syz.4.471'. [ 227.627730][ T7084] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 227.683467][ T7267] netlink: 20 bytes leftover after parsing attributes in process `syz.4.471'. [ 227.717658][ T7267] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 227.861136][ T7274] netlink: 68 bytes leftover after parsing attributes in process `syz.3.474'. [ 228.308315][ T35] bridge_slave_1: left allmulticast mode [ 228.314322][ T35] bridge_slave_1: left promiscuous mode [ 228.321106][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.403732][ T35] bridge_slave_0: left allmulticast mode [ 228.411428][ T35] bridge_slave_0: left promiscuous mode [ 228.418142][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 230.242263][ T7327] affs: No valid root block on device nbd3 [ 230.354756][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 230.394073][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 230.415688][ T35] bond0 (unregistering): Released all slaves [ 230.670509][ T35] tipc: Disabling bearer [ 230.679088][ T35] tipc: Left network mode [ 230.866810][ T9] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 230.950672][ T7346] netlink: 4 bytes leftover after parsing attributes in process `syz.1.483'. [ 231.060780][ T7346] netlink: 20 bytes leftover after parsing attributes in process `syz.1.483'. [ 231.085812][ T9] usb 5-1: config 0 has an invalid interface number: 222 but max is 0 [ 231.094577][ T7346] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 231.120964][ T9] usb 5-1: config 0 has no interface number 0 [ 231.146423][ T9] usb 5-1: too many endpoints for config 0 interface 222 altsetting 195: 227, using maximum allowed: 30 [ 231.176500][ T7084] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.184361][ T9] usb 5-1: config 0 interface 222 altsetting 195 has 0 endpoint descriptors, different from the interface descriptor's value: 227 [ 231.250335][ T9] usb 5-1: config 0 interface 222 has no altsetting 0 [ 231.275357][ T35] hsr_slave_0: left promiscuous mode [ 231.276655][ T9] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 231.293041][ T35] hsr_slave_1: left promiscuous mode [ 231.298236][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 231.306710][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 231.318657][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 231.318993][ T9] usb 5-1: config 0 descriptor?? [ 231.342710][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 231.451317][ T35] veth1_macvtap: left promiscuous mode [ 231.483550][ T35] veth0_macvtap: left promiscuous mode [ 231.490527][ T35] veth1_vlan: left promiscuous mode [ 231.495945][ T35] veth0_vlan: left promiscuous mode [ 234.619629][ T35] team0 (unregistering): Port device team_slave_1 removed [ 234.775327][ T35] team0 (unregistering): Port device team_slave_0 removed [ 235.716627][ C0] hrtimer: interrupt took 56830 ns [ 235.859247][ T7401] affs: No valid root block on device nbd3 [ 236.392611][ T7084] 8021q: adding VLAN 0 to HW filter on device team0 [ 236.411905][ T7368] pimreg: entered allmulticast mode [ 236.487095][ T5262] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 236.509519][ T9] usb 5-1: string descriptor 0 read error: -71 [ 236.529623][ T9] usb 5-1: Cannot read MAC address [ 236.534964][ T9] MOSCHIP usb-ethernet driver 5-1:0.222: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 236.565137][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 236.572407][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 236.587719][ T9] usb 5-1: USB disconnect, device number 16 [ 236.594054][ T7368] pimreg: left allmulticast mode [ 236.838460][ T5262] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 236.848126][ T1104] bridge0: port 2(bridge_slave_1) entered blocking state [ 236.856652][ T1104] bridge0: port 2(bridge_slave_1) entered forwarding state [ 236.872855][ T5262] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 236.894782][ T7091] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 236.972356][ T5262] usb 2-1: New USB device found, idVendor=046d, idProduct=c513, bcdDevice= 0.00 [ 237.099317][ T5262] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 237.251763][ T7091] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 237.646715][ T5262] usb 2-1: config 0 descriptor?? [ 237.682035][ T7091] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 237.761643][ T7091] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 237.964510][ T7422] tipc: Started in network mode [ 237.980638][ T7422] tipc: Node identity ac1414aa, cluster identity 4711 [ 238.009966][ T7422] tipc: Enabled bearer , priority 10 [ 238.098977][ T5262] logitech-djreceiver 0003:046D:C513.000A: unknown main item tag 0x0 [ 238.144951][ T5262] logitech-djreceiver 0003:046D:C513.000A: hidraw0: USB HID v0.00 Device [HID 046d:c513] on usb-dummy_hcd.1-1/input0 [ 238.169725][ T5266] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 238.397827][ T5262] usb 2-1: USB disconnect, device number 14 [ 238.421481][ T5266] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 238.471779][ T5266] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 238.523158][ T5266] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 238.528253][ T7091] 8021q: adding VLAN 0 to HW filter on device bond0 [ 238.540943][ T5266] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 238.572202][ T5266] usb 5-1: config 0 descriptor?? [ 238.588888][ T7091] 8021q: adding VLAN 0 to HW filter on device team0 [ 238.604685][ T7084] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 238.618510][ T1104] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.625699][ T1104] bridge0: port 1(bridge_slave_0) entered forwarding state [ 238.660521][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.667901][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 238.844129][ T7084] veth0_vlan: entered promiscuous mode [ 238.875392][ T7084] veth1_vlan: entered promiscuous mode [ 238.989156][ T7084] veth0_macvtap: entered promiscuous mode [ 239.043143][ T7084] veth1_macvtap: entered promiscuous mode [ 239.117110][ T8] tipc: Node number set to 2886997162 [ 239.152455][ T7084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 239.201102][ T7084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 239.240878][ T7084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 239.313400][ T7084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 239.368272][ T7084] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 239.410733][ T7084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 239.423358][ T7084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 239.433922][ T7084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 239.447350][ T7084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 239.457519][ T7084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 239.471544][ T7084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 239.625804][ T7084] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 239.835839][ T7084] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.869914][ T7084] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.885924][ T7084] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.917595][ T7084] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 240.204402][ T7091] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 241.321330][ T5266] usbhid 5-1:0.0: can't add hid device: -71 [ 241.342996][ T5266] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 241.365998][ T5266] usb 5-1: USB disconnect, device number 17 [ 241.510563][ T7091] veth0_vlan: entered promiscuous mode [ 241.592638][ T7456] affs: No valid root block on device nbd3 [ 241.645942][ T7091] veth1_vlan: entered promiscuous mode [ 241.882906][ T3014] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 241.929341][ T3014] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 242.724211][ T5315] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 242.757577][ T5315] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 242.865725][ T7091] veth0_macvtap: entered promiscuous mode [ 242.901375][ T7091] veth1_macvtap: entered promiscuous mode [ 243.893238][ T7472] tipc: Enabling of bearer rejected, already enabled [ 243.940160][ T7091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 243.972839][ T7091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 244.001905][ T7091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 244.012922][ T7091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 244.024227][ T7091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 244.042211][ T7091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 244.054123][ T7091] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 244.120610][ T7091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 244.171152][ T7091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 244.213886][ T7091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 244.224949][ T7091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 244.237905][ T7091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 244.249005][ T7091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 244.266569][ T7091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 244.285514][ T7091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 244.301113][ T7091] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 244.323541][ T7091] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.341443][ T7091] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.353373][ T7091] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.368224][ T7091] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.789589][ T5315] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 244.843617][ T5315] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 245.015750][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 245.104589][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 245.627815][ T7499] binder: 7491:7499 ioctl c0306201 200003c0 returned -14 [ 245.727132][ T58] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 245.941437][ T58] usb 3-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice= 8.8f [ 245.970440][ T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 246.108099][ T58] usb 3-1: config 0 descriptor?? [ 246.295684][ T7503] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 246.430804][ T7505] netlink: 12 bytes leftover after parsing attributes in process `syz.0.515'. [ 246.824862][ T58] usb 3-1: string descriptor 0 read error: -71 [ 246.851359][ T58] gspca_main: pac7311-2.14.0 probing 093a:2601 [ 246.870906][ T58] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -71 [ 246.874850][ T7511] affs: No valid root block on device nbd4 [ 246.940613][ T58] pac7311 3-1:0.0: probe with driver pac7311 failed with error -71 [ 247.008198][ T58] usb 3-1: USB disconnect, device number 14 [ 249.693834][ T7535] netlink: 8 bytes leftover after parsing attributes in process `syz.4.523'. [ 249.722417][ T5227] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 249.825998][ T7535] tap0: tun_chr_ioctl cmd 1074025677 [ 249.837542][ T7535] tap0: linktype set to 512 [ 249.932933][ T5227] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 249.944041][ T5227] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 249.954233][ T5227] usb 2-1: Product: syz [ 249.960849][ T5227] usb 2-1: Manufacturer: syz [ 249.971436][ T5227] usb 2-1: SerialNumber: syz [ 249.982121][ T5227] usb 2-1: config 0 descriptor?? [ 250.305573][ T9] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 250.458828][ T5227] usb 2-1: Firmware: major: 0, minor: 248, hardware type: UNKNOWN (124) [ 250.587912][ T7548] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 250.610286][ T9] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 250.643203][ T9] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 34 [ 250.685121][ T7548] netlink: 12 bytes leftover after parsing attributes in process `syz.4.528'. [ 250.704993][ T9] usb 4-1: New USB device found, idVendor=2c7c, idProduct=030e, bcdDevice=81.28 [ 250.714544][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 250.723508][ T9] usb 4-1: Product: syz [ 250.799625][ T9] usb 4-1: Manufacturer: syz [ 250.810075][ T7553] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 250.834983][ T9] usb 4-1: SerialNumber: syz [ 250.858190][ T7553] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 250.908135][ T9] usb 4-1: config 0 descriptor?? [ 250.913956][ T7546] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 250.957543][ T7546] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 251.034987][ T9] option 4-1:0.0: GSM modem (1-port) converter detected [ 251.042977][ T5227] usb 2-1: failed to fetch extended address, random address set [ 251.066750][ T5227] usb 2-1: atusb_probe: initialization failed, error = -524 [ 251.103428][ T5227] atusb 2-1:0.0: probe with driver atusb failed with error -524 [ 251.111898][ T9] usb 4-1: GSM modem (1-port) converter now attached to ttyUSB0 [ 251.265643][ T5227] usb 2-1: USB disconnect, device number 15 [ 251.905493][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 251.991354][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.048362][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.071712][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.106503][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.144021][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.177568][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.216096][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.248074][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.305792][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.335968][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.378148][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.426819][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.439889][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.479022][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.520045][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.567376][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.588731][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.622935][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.636809][ T5262] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 252.666712][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.706868][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.732357][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.749294][ T25] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 252.763220][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.798951][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.827162][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.836791][ T5262] usb 1-1: Using ep0 maxpacket: 8 [ 252.877069][ T5262] usb 1-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 252.899042][ T5262] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 252.907585][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 252.976702][ T5262] usb 1-1: Product: syz [ 252.987048][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 253.005070][ T5262] usb 1-1: Manufacturer: syz [ 253.015266][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 253.024441][ T5262] usb 1-1: SerialNumber: syz [ 253.056897][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 253.079837][ T7574] binder: Unknown parameter 'fsmagic' [ 253.189543][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 253.243774][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 253.338689][ T25] usb 2-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.00 [ 253.384175][ T5227] usb 4-1: USB disconnect, device number 15 [ 253.406336][ T5262] usb 1-1: config 0 descriptor?? [ 253.411803][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 253.419267][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 253.428327][ T25] usb 2-1: config 0 descriptor?? [ 253.429931][ T5262] gspca_main: sq930x-2.14.0 probing 2770:930c [ 253.439694][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 253.449286][ T9] hid-generic 0000:0B00:0000.000B: unknown main item tag 0x0 [ 253.459294][ T5227] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0 [ 253.509383][ T5227] option 4-1:0.0: device disconnected [ 253.572419][ T9] hid-generic 0000:0B00:0000.000B: hidraw0: HID v0.00 Device [syz1] on syz0 [ 253.912895][ T25] wacom 0003:056A:032C.000C: hidraw0: USB HID v0.00 Device [HID 056a:032c] on usb-dummy_hcd.1-1/input0 [ 253.987093][ T5227] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 254.189250][ T5227] usb 4-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice= 8.8f [ 254.203530][ T5227] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.221465][ T5227] usb 4-1: config 0 descriptor?? [ 254.242932][ T5262] gspca_sq930x: ucbus_write failed -71 [ 254.486981][ T5262] gspca_sq930x: Sensor ov9630 not yet treated [ 254.500225][ T5262] sq930x 1-1:0.0: probe with driver sq930x failed with error -22 [ 254.513052][ T5262] usb 1-1: USB disconnect, device number 17 [ 254.666534][ T7589] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 254.698757][ T5268] usb 2-1: USB disconnect, device number 16 [ 254.764856][ T7591] netlink: 12 bytes leftover after parsing attributes in process `syz.4.540'. [ 255.046702][ T5227] gspca_main: pac7311-2.14.0 probing 093a:2601 [ 255.114681][ T7595] Option ' ' to dns_resolver key: bad/missing value [ 256.268375][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.275300][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.380315][ T5227] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -71 [ 256.401057][ T5227] pac7311 4-1:0.0: probe with driver pac7311 failed with error -71 [ 256.419840][ T5227] usb 4-1: USB disconnect, device number 16 [ 256.866811][ T5268] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 257.073087][ T7630] sctp: [Deprecated]: syz.3.551 (pid 7630) Use of int in max_burst socket option deprecated. [ 257.073087][ T7630] Use struct sctp_assoc_value instead [ 257.093029][ T5268] usb 2-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice= 8.8f [ 257.111330][ T5268] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 257.129325][ T7621] xt_ipvs: protocol family 7 not supported [ 257.148063][ T5268] usb 2-1: config 0 descriptor?? [ 257.466837][ T25] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 257.676722][ T25] usb 4-1: Using ep0 maxpacket: 32 [ 257.688680][ T25] usb 4-1: config 0 has an invalid descriptor of length 153, skipping remainder of the config [ 257.731263][ T25] usb 4-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 257.773893][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 257.789194][ T5268] gspca_main: pac7311-2.14.0 probing 093a:2601 [ 257.807640][ T25] usb 4-1: config 0 descriptor?? [ 257.821392][ T5268] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -71 [ 257.833354][ T5268] pac7311 2-1:0.0: probe with driver pac7311 failed with error -71 [ 257.834776][ T25] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 257.874486][ T5268] usb 2-1: USB disconnect, device number 17 [ 258.144413][ T1663] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 258.263322][ T7648] affs: No valid root block on device nbd0 [ 258.336884][ T1663] usb 3-1: Using ep0 maxpacket: 8 [ 258.346543][ T1663] usb 3-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 258.368622][ T1663] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 258.383153][ T1663] usb 3-1: Product: syz [ 258.393510][ T1663] usb 3-1: Manufacturer: syz [ 258.410593][ T1663] usb 3-1: SerialNumber: syz [ 258.444112][ T1663] usb 3-1: config 0 descriptor?? [ 258.467745][ T1663] imon:imon_find_endpoints: no valid input (IR) endpoint found [ 258.477797][ T1663] imon 3-1:0.0: unable to initialize intf0, err -19 [ 258.494425][ T1663] imon:imon_probe: failed to initialize context! [ 258.506762][ T1663] imon 3-1:0.0: unable to register, err -19 [ 258.662956][ T7658] affs: No valid root block on device nbd4 [ 258.677334][ T1663] usb 3-1: USB disconnect, device number 15 [ 260.863839][ T9] usb 4-1: USB disconnect, device number 17 [ 261.147370][ T7680] tipc: Started in network mode [ 261.171478][ T7680] tipc: Node identity ac1414aa, cluster identity 4711 [ 261.199910][ T7680] tipc: Enabled bearer , priority 10 [ 261.995038][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 261.995060][ T29] audit: type=1326 audit(1723368850.217:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 262.219211][ T29] audit: type=1326 audit(1723368850.217:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 262.306808][ T25] tipc: Node number set to 2886997162 [ 262.325975][ T29] audit: type=1326 audit(1723368850.217:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 262.517499][ T29] audit: type=1326 audit(1723368850.217:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 262.544024][ T29] audit: type=1326 audit(1723368850.227:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 266.067802][ T5231] Bluetooth: hci4: command 0x0405 tx timeout [ 266.077700][ T29] audit: type=1326 audit(1723368850.227:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 266.129839][ T29] audit: type=1326 audit(1723368850.227:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 266.168715][ T25] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 266.338117][ T29] audit: type=1326 audit(1723368850.227:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 266.359555][ C0] vkms_vblank_simulate: vblank timer overrun [ 266.370030][ T29] audit: type=1326 audit(1723368850.227:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 267.267053][ T29] audit: type=1326 audit(1723368850.227:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 267.361090][ T29] audit: type=1326 audit(1723368850.227:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 267.409905][ T7713] FAULT_INJECTION: forcing a failure. [ 267.409905][ T7713] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 267.439056][ T29] audit: type=1326 audit(1723368850.237:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 267.460383][ C0] vkms_vblank_simulate: vblank timer overrun [ 267.476880][ T7713] CPU: 1 UID: 0 PID: 7713 Comm: syz.4.577 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0 [ 267.487522][ T7713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 267.497612][ T7713] Call Trace: [ 267.500910][ T7713] [ 267.503299][ T29] audit: type=1326 audit(1723368850.237:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 267.503840][ T7713] dump_stack_lvl+0x241/0x360 [ 267.525269][ C0] vkms_vblank_simulate: vblank timer overrun [ 267.529840][ T7713] ? __pfx_dump_stack_lvl+0x10/0x10 [ 267.541023][ T7713] ? __pfx__printk+0x10/0x10 [ 267.545649][ T7713] ? __pfx_lock_release+0x10/0x10 [ 267.550709][ T7713] should_fail_ex+0x3b0/0x4e0 [ 267.555414][ T7713] _copy_from_iter+0x1f6/0x1960 [ 267.560282][ T7713] ? __virt_addr_valid+0x183/0x530 [ 267.565419][ T7713] ? __pfx_lock_release+0x10/0x10 [ 267.570478][ T7713] ? __alloc_skb+0x28f/0x440 [ 267.575088][ T7713] ? __pfx__copy_from_iter+0x10/0x10 [ 267.580399][ T7713] ? __virt_addr_valid+0x183/0x530 [ 267.585529][ T7713] ? __virt_addr_valid+0x183/0x530 [ 267.588942][ T29] audit: type=1326 audit(1723368850.237:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 267.590729][ T7713] ? __virt_addr_valid+0x45f/0x530 [ 267.590757][ T7713] ? __check_object_size+0x49c/0x900 [ 267.612086][ C0] vkms_vblank_simulate: vblank timer overrun [ 267.617170][ T7713] netlink_sendmsg+0x73d/0xcb0 [ 267.633169][ T7713] ? __pfx_netlink_sendmsg+0x10/0x10 [ 267.638454][ T7713] ? __import_iovec+0x536/0x820 [ 267.643300][ T7713] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 267.648583][ T7713] ? security_socket_sendmsg+0x87/0xb0 [ 267.654032][ T7713] ? __pfx_netlink_sendmsg+0x10/0x10 [ 267.659302][ T7713] __sock_sendmsg+0x221/0x270 [ 267.663978][ T7713] ____sys_sendmsg+0x525/0x7d0 [ 267.668743][ T7713] ? __pfx_____sys_sendmsg+0x10/0x10 [ 267.674030][ T7713] __sys_sendmsg+0x2b0/0x3a0 [ 267.678617][ T7713] ? __pfx___sys_sendmsg+0x10/0x10 [ 267.683721][ T7713] ? vfs_write+0x7c4/0xc90 [ 267.688168][ T7713] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 267.694507][ T7713] ? do_syscall_64+0x100/0x230 [ 267.699285][ T7713] ? do_syscall_64+0xb6/0x230 [ 267.703969][ T7713] do_syscall_64+0xf3/0x230 [ 267.708480][ T7713] ? clear_bhb_loop+0x35/0x90 [ 267.713164][ T7713] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.719066][ T7713] RIP: 0033:0x7f96fdb779f9 [ 267.723474][ T7713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 267.743247][ T7713] RSP: 002b:00007f96fe97a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 267.751655][ T7713] RAX: ffffffffffffffda RBX: 00007f96fdd05f80 RCX: 00007f96fdb779f9 [ 267.759618][ T7713] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004 [ 267.767673][ T7713] RBP: 00007f96fe97a090 R08: 0000000000000000 R09: 0000000000000000 [ 267.775639][ T7713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 267.783604][ T7713] R13: 0000000000000000 R14: 00007f96fdd05f80 R15: 00007ffebbea2858 [ 267.791583][ T7713] [ 267.939371][ T29] audit: type=1326 audit(1723368850.237:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 268.029826][ T29] audit: type=1326 audit(1723368850.237:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 268.232400][ T29] audit: type=1326 audit(1723368850.237:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 268.268603][ T29] audit: type=1326 audit(1723368850.237:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7682 comm="syz.0.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5985779f9 code=0x7ffc0000 [ 268.382598][ T7721] sp0: Synchronizing with TNC [ 269.022322][ T7744] tipc: Enabling of bearer rejected, already enabled [ 269.318555][ T1663] usb 1-1: new full-speed USB device number 18 using dummy_hcd [ 274.704190][ T7755] netlink: 300 bytes leftover after parsing attributes in process `syz.4.584'. [ 274.766786][ T9] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 274.897231][ T1663] usb 1-1: device descriptor read/all, error -71 [ 275.917960][ T25] usb 4-1: new full-speed USB device number 18 using dummy_hcd [ 276.106714][ T25] usb 4-1: device descriptor read/64, error -71 [ 276.246257][ T7790] netlink: 48 bytes leftover after parsing attributes in process `syz.1.595'. [ 276.520499][ T7792] netlink: 40 bytes leftover after parsing attributes in process `syz.2.594'. [ 276.569678][ T25] usb 4-1: new full-speed USB device number 19 using dummy_hcd [ 276.727432][ T25] usb 4-1: device descriptor read/64, error -71 [ 276.857473][ T25] usb usb4-port1: attempt power cycle [ 277.016144][ T7802] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 277.639618][ T25] usb 4-1: new full-speed USB device number 20 using dummy_hcd [ 277.677429][ T25] usb 4-1: device descriptor read/8, error -71 [ 277.710322][ T7806] netlink: 12 bytes leftover after parsing attributes in process `syz.4.598'. [ 277.946725][ T25] usb 4-1: new full-speed USB device number 21 using dummy_hcd [ 277.986438][ T25] usb 4-1: device descriptor read/8, error -71 [ 277.999744][ T5262] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 278.117266][ T25] usb usb4-port1: unable to enumerate USB device [ 278.421729][ T7813] tipc: Started in network mode [ 278.442670][ T7813] tipc: Node identity ac1414aa, cluster identity 4711 [ 278.450293][ T7813] tipc: Enabling of bearer rejected, failed to enable media [ 279.006803][ T29] audit: type=1326 audit(1723368867.887:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7817 comm="syz.2.602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 279.077225][ T7824] netlink: 4 bytes leftover after parsing attributes in process `syz.4.603'. [ 279.201708][ T29] audit: type=1326 audit(1723368867.917:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7817 comm="syz.2.602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 279.278638][ T7824] netlink: 20 bytes leftover after parsing attributes in process `syz.4.603'. [ 279.325385][ T7824] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 279.340973][ T29] audit: type=1326 audit(1723368867.927:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7817 comm="syz.2.602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 279.381169][ T29] audit: type=1326 audit(1723368867.927:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7817 comm="syz.2.602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 279.454818][ T7833] netlink: 20 bytes leftover after parsing attributes in process `syz.1.604'. [ 279.480615][ T29] audit: type=1326 audit(1723368867.927:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7817 comm="syz.2.602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 279.510795][ T7833] netlink: 8 bytes leftover after parsing attributes in process `syz.1.604'. [ 279.573313][ T7833] netlink: 8 bytes leftover after parsing attributes in process `syz.1.604'. [ 279.589625][ T5268] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 279.614891][ T29] audit: type=1326 audit(1723368867.927:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7817 comm="syz.2.602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 279.668180][ T29] audit: type=1326 audit(1723368867.927:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7817 comm="syz.2.602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 279.716913][ T29] audit: type=1326 audit(1723368867.927:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7817 comm="syz.2.602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 279.755583][ T29] audit: type=1326 audit(1723368867.977:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7817 comm="syz.2.602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 279.787040][ T29] audit: type=1326 audit(1723368867.977:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7817 comm="syz.2.602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 279.817418][ T5268] usb 4-1: Using ep0 maxpacket: 16 [ 279.852795][ T5268] usb 4-1: config 0 has an invalid descriptor of length 160, skipping remainder of the config [ 279.910878][ T5268] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 279.944011][ T5268] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.18 [ 279.991887][ T5268] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 280.004735][ T5268] usb 4-1: Manufacturer: syz [ 280.069666][ T5268] usb 4-1: config 0 descriptor?? [ 280.294147][ T5227] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 280.418891][ T8] usb 4-1: USB disconnect, device number 22 [ 280.486191][ T5227] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 280.704454][ T5227] usb 5-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.09 [ 280.755345][ T5227] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 280.865618][ T5227] usb 5-1: config 0 descriptor?? [ 280.879351][ T5226] Bluetooth: hci5: unexpected event 0x30 length: 8 > 3 [ 280.939150][ T5227] go7007 5-1:0.0: probe with driver go7007 failed with error -12 [ 281.156891][ T7856] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 281.238970][ T7860] netlink: 12 bytes leftover after parsing attributes in process `syz.1.613'. [ 281.479115][ T7865] tipc: Enabling of bearer rejected, already enabled [ 282.528998][ T7880] ipip0: entered promiscuous mode [ 287.446702][ T25] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 287.623938][ T5227] usb 5-1: USB disconnect, device number 20 [ 290.157490][ T7922] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 290.215893][ T7926] tipc: Enabling of bearer rejected, already enabled [ 290.254467][ T7928] netlink: 12 bytes leftover after parsing attributes in process `syz.3.630'. [ 290.284842][ T29] kauditd_printk_skb: 43 callbacks suppressed [ 290.284860][ T29] audit: type=1326 audit(1723368879.167:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7921 comm="syz.1.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 290.418581][ T29] audit: type=1326 audit(1723368879.167:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7921 comm="syz.1.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 290.715634][ T29] audit: type=1326 audit(1723368879.167:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7921 comm="syz.1.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 291.747982][ T29] audit: type=1326 audit(1723368879.167:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7921 comm="syz.1.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 291.879873][ T29] audit: type=1326 audit(1723368879.167:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7921 comm="syz.1.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 291.901282][ C0] vkms_vblank_simulate: vblank timer overrun [ 291.910561][ T29] audit: type=1326 audit(1723368879.187:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7921 comm="syz.1.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 291.932061][ C0] vkms_vblank_simulate: vblank timer overrun [ 291.995557][ T29] audit: type=1326 audit(1723368879.187:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7921 comm="syz.1.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 292.234397][ T29] audit: type=1326 audit(1723368879.187:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7921 comm="syz.1.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 292.273628][ T29] audit: type=1326 audit(1723368879.187:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7921 comm="syz.1.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 292.300911][ T29] audit: type=1326 audit(1723368879.197:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7921 comm="syz.1.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f385cb779f9 code=0x7ffc0000 [ 292.727830][ T9] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 292.946704][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 292.957789][ T9] usb 3-1: config 0 has an invalid interface number: 34 but max is 0 [ 292.965942][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 293.011303][ T5227] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 293.029276][ T9] usb 3-1: config 0 has no interface number 0 [ 293.035466][ T9] usb 3-1: config 0 interface 34 has no altsetting 0 [ 293.067161][ T9] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1b09, bcdDevice= 1.00 [ 293.096077][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 293.126145][ T9] usb 3-1: config 0 descriptor?? [ 293.244903][ T5227] usb 2-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice= 8.8f [ 293.268544][ T5227] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 293.463810][ T5227] usb 2-1: config 0 descriptor?? [ 294.912391][ T7979] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 294.975150][ T5227] usb 2-1: string descriptor 0 read error: -71 [ 295.023353][ T7975] tipc: Started in network mode [ 295.030549][ T7975] tipc: Node identity ac1414aa, cluster identity 4711 [ 295.044936][ T7975] tipc: Enabled bearer , priority 10 [ 295.052285][ T7982] netlink: 12 bytes leftover after parsing attributes in process `syz.0.649'. [ 295.082748][ T5227] gspca_main: pac7311-2.14.0 probing 093a:2601 [ 295.108435][ T7983] FAULT_INJECTION: forcing a failure. [ 295.108435][ T7983] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 295.150108][ T5227] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -71 [ 295.210873][ T5227] pac7311 2-1:0.0: probe with driver pac7311 failed with error -71 [ 295.254472][ T7983] CPU: 1 UID: 0 PID: 7983 Comm: syz.3.650 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0 [ 295.265197][ T7983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 295.275277][ T7983] Call Trace: [ 295.278575][ T7983] [ 295.281525][ T7983] dump_stack_lvl+0x241/0x360 [ 295.286244][ T7983] ? __pfx_dump_stack_lvl+0x10/0x10 [ 295.291466][ T7983] ? __pfx__printk+0x10/0x10 [ 295.296081][ T7983] ? __pfx_lock_release+0x10/0x10 [ 295.301136][ T7983] should_fail_ex+0x3b0/0x4e0 [ 295.305840][ T7983] _copy_from_user+0x2f/0xe0 [ 295.310454][ T7983] smc_setsockopt+0x452/0xe50 [ 295.315164][ T7983] ? __pfx_smc_setsockopt+0x10/0x10 [ 295.320385][ T7983] ? __mutex_unlock_slowpath+0x21d/0x750 [ 295.326046][ T7983] ? __pfx_lock_release+0x10/0x10 [ 295.331093][ T7983] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 295.336661][ T7983] ? security_socket_setsockopt+0x87/0xb0 [ 295.342404][ T7983] ? __pfx_smc_setsockopt+0x10/0x10 [ 295.347618][ T7983] do_sock_setsockopt+0x3af/0x720 [ 295.352765][ T7983] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 295.358326][ T7983] ? __fget_files+0x29/0x470 [ 295.362935][ T7983] ? __fget_files+0x3f6/0x470 [ 295.367640][ T7983] __sys_setsockopt+0x1ae/0x250 [ 295.372523][ T7983] __x64_sys_setsockopt+0xb5/0xd0 [ 295.377567][ T7983] do_syscall_64+0xf3/0x230 [ 295.382089][ T7983] ? clear_bhb_loop+0x35/0x90 [ 295.386783][ T7983] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.392698][ T7983] RIP: 0033:0x7ff13c3779f9 [ 295.397127][ T7983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 295.416754][ T7983] RSP: 002b:00007ff13d165038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 295.425194][ T7983] RAX: ffffffffffffffda RBX: 00007ff13c505f80 RCX: 00007ff13c3779f9 [ 295.433190][ T7983] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000003 [ 295.441184][ T7983] RBP: 00007ff13d165090 R08: 0000000000000004 R09: 0000000000000000 [ 295.449172][ T7983] R10: 0000000020006b40 R11: 0000000000000246 R12: 0000000000000001 [ 295.457151][ T7983] R13: 0000000000000000 R14: 00007ff13c505f80 R15: 00007ffd4abcd8d8 [ 295.465156][ T7983] [ 295.649438][ T5227] usb 2-1: USB disconnect, device number 18 [ 295.985604][ T9] usb 3-1: string descriptor 0 read error: -71 [ 296.016231][ T9] hub 3-1:0.34: bad descriptor, ignoring hub [ 296.046973][ T9] hub 3-1:0.34: probe with driver hub failed with error -5 [ 296.115530][ T9] usb 3-1: USB disconnect, device number 17 [ 296.133441][ T7989] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.652'. [ 296.169494][ T5227] tipc: Node number set to 2886997162 [ 296.321706][ T29] kauditd_printk_skb: 11 callbacks suppressed [ 296.321722][ T29] audit: type=1326 audit(1723368885.197:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7984 comm="syz.3.651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 296.454876][ T29] audit: type=1326 audit(1723368885.197:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7984 comm="syz.3.651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 296.524667][ T29] audit: type=1326 audit(1723368885.197:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7984 comm="syz.3.651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 296.575228][ T29] audit: type=1326 audit(1723368885.197:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7984 comm="syz.3.651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 296.635028][ T29] audit: type=1326 audit(1723368885.197:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7984 comm="syz.3.651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 296.732804][ T29] audit: type=1326 audit(1723368885.207:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7984 comm="syz.3.651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 296.813147][ T29] audit: type=1326 audit(1723368885.207:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7984 comm="syz.3.651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 296.826831][ T5227] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 296.891896][ T29] audit: type=1326 audit(1723368885.207:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7984 comm="syz.3.651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 297.021046][ T29] audit: type=1326 audit(1723368885.207:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7984 comm="syz.3.651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 297.157576][ T29] audit: type=1326 audit(1723368885.207:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7984 comm="syz.3.651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 297.214812][ T5227] usb 1-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 297.247353][ T5227] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 297.278613][ T5227] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 297.306011][ T5227] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 297.315402][ T5227] usb 1-1: SerialNumber: syz [ 297.520962][ T9] usb 2-1: new full-speed USB device number 19 using dummy_hcd [ 297.587133][ T5268] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 298.874639][ T9] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 298.943145][ T5268] usb 4-1: New USB device found, idVendor=057c, idProduct=2200, bcdDevice= 3.90 [ 299.100933][ T5268] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.116679][ T9] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 299.257659][ T9] usb 2-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 299.354638][ T5268] usb 4-1: config 0 descriptor?? [ 299.447163][ T5268] bfusb 4-1:0.0: probe with driver bfusb failed with error -5 [ 299.456275][ T5227] usb 1-1: 0:2 : does not exist [ 299.456646][ T9] usb 2-1: config 0 interface 0 has no altsetting 0 [ 299.516664][ T9] usb 2-1: New USB device found, idVendor=046d, idProduct=c537, bcdDevice= 0.00 [ 299.529299][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.550757][ T9] usb 2-1: config 0 descriptor?? [ 299.732110][ T5227] usb 1-1: USB disconnect, device number 21 [ 299.888788][ T8031] sp0: Synchronizing with TNC [ 300.036451][ T51] usb 4-1: USB disconnect, device number 23 [ 300.113026][ T7899] udevd[7899]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 300.121547][ T8035] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 300.216140][ T8037] netlink: 12 bytes leftover after parsing attributes in process `syz.4.664'. [ 300.565281][ T9] usbhid 2-1:0.0: can't add hid device: -71 [ 300.571899][ T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 300.587604][ T9] usb 2-1: USB disconnect, device number 19 [ 301.341875][ T8057] netlink: 'syz.1.672': attribute type 1 has an invalid length. [ 301.349830][ T8057] netlink: 9372 bytes leftover after parsing attributes in process `syz.1.672'. [ 301.359461][ T8057] netlink: 'syz.1.672': attribute type 1 has an invalid length. [ 301.390647][ T29] kauditd_printk_skb: 43 callbacks suppressed [ 301.390662][ T29] audit: type=1326 audit(1723368890.277:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8045 comm="syz.2.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 301.493903][ T29] audit: type=1326 audit(1723368890.277:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8045 comm="syz.2.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 301.493949][ T29] audit: type=1326 audit(1723368890.277:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8045 comm="syz.2.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 301.493991][ T29] audit: type=1326 audit(1723368890.287:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8045 comm="syz.2.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 301.494027][ T29] audit: type=1326 audit(1723368890.287:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8045 comm="syz.2.668" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efd281779f9 code=0x0 [ 301.572630][ C1] vkms_vblank_simulate: vblank timer overrun [ 301.606342][ C1] vkms_vblank_simulate: vblank timer overrun [ 301.636758][ T8066] netlink: 'syz.1.674': attribute type 10 has an invalid length. [ 301.681958][ T8066] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 301.719038][ T8066] team0: Port device netdevsim0 added [ 301.719553][ T8067] netlink: 'syz.1.674': attribute type 10 has an invalid length. [ 301.756989][ T9] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 301.758920][ T5231] Bluetooth: hci6: command tx timeout [ 301.948421][ T9] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 301.948481][ T9] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 301.948511][ T9] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 301.948553][ T9] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 301.948578][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 301.952983][ T9] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 301.953621][ T9] usb 1-1: invalid MIDI out EP 0 [ 302.112826][ T9] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 302.203874][ T7900] udevd[7900]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 302.209881][ T51] usb 1-1: USB disconnect, device number 22 [ 302.996899][ T8089] sctp: [Deprecated]: syz.0.682 (pid 8089) Use of int in max_burst socket option deprecated. [ 302.996899][ T8089] Use struct sctp_assoc_value instead [ 304.286726][ T5268] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 304.425398][ T29] audit: type=1326 audit(1723368893.307:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8100 comm="syz.2.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 304.467744][ T29] audit: type=1326 audit(1723368893.307:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8100 comm="syz.2.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 304.490158][ T5268] usb 1-1: Using ep0 maxpacket: 32 [ 304.500700][ T5268] usb 1-1: config 0 has an invalid descriptor of length 153, skipping remainder of the config [ 304.699559][ T5268] usb 1-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 304.715093][ T29] audit: type=1326 audit(1723368893.337:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8100 comm="syz.2.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 305.591676][ T29] audit: type=1326 audit(1723368893.337:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8100 comm="syz.2.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 305.623540][ T5268] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 305.636847][ T29] audit: type=1326 audit(1723368893.337:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8100 comm="syz.2.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd281779f9 code=0x7ffc0000 [ 305.771986][ T5268] usb 1-1: config 0 descriptor?? [ 305.861707][ T5268] usb 1-1: can't set config #0, error -71 [ 305.914609][ T5268] usb 1-1: USB disconnect, device number 23 [ 306.016866][ T51] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 306.272984][ T51] usb 2-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice= 8.8f [ 306.305867][ T51] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 306.385686][ T51] usb 2-1: config 0 descriptor?? [ 306.516811][ T5268] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 306.719863][ T5268] usb 1-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice= 8.8f [ 306.750209][ T5268] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 306.803370][ T5268] usb 1-1: config 0 descriptor?? [ 306.823664][ C1] raw-gadget.1 gadget.1: ignoring, device is not running [ 306.839002][ T51] usb 2-1: string descriptor 0 read error: -32 [ 306.879218][ T51] gspca_main: pac7311-2.14.0 probing 093a:2601 [ 306.907297][ T51] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -71 [ 306.937467][ T51] pac7311 2-1:0.0: probe with driver pac7311 failed with error -71 [ 306.957456][ T51] usb 2-1: USB disconnect, device number 20 [ 307.233178][ T8144] affs: No valid root block on device nbd3 [ 307.261625][ T5268] gspca_main: pac7311-2.14.0 probing 093a:2601 [ 307.471492][ T5268] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -71 [ 307.544127][ T5268] pac7311 1-1:0.0: probe with driver pac7311 failed with error -71 [ 307.586432][ T5268] usb 1-1: USB disconnect, device number 24 [ 307.775445][ T8148] netlink: 56 bytes leftover after parsing attributes in process `syz.4.700'. [ 308.262145][ T29] kauditd_printk_skb: 24 callbacks suppressed [ 308.262164][ T29] audit: type=1326 audit(1723368897.147:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8159 comm="syz.3.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 308.463427][ T29] audit: type=1326 audit(1723368897.147:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8159 comm="syz.3.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 308.463480][ T29] audit: type=1326 audit(1723368897.187:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8159 comm="syz.3.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 308.463560][ T29] audit: type=1326 audit(1723368897.187:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8159 comm="syz.3.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 308.463602][ T29] audit: type=1326 audit(1723368897.187:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8159 comm="syz.3.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 308.463640][ T29] audit: type=1326 audit(1723368897.187:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8159 comm="syz.3.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 308.463681][ T29] audit: type=1326 audit(1723368897.187:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8159 comm="syz.3.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 308.463720][ T29] audit: type=1326 audit(1723368897.187:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8159 comm="syz.3.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 308.463762][ T29] audit: type=1326 audit(1723368897.187:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8159 comm="syz.3.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 308.463803][ T29] audit: type=1326 audit(1723368897.187:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8159 comm="syz.3.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff13c3779f9 code=0x7ffc0000 [ 309.326857][ T25] usb 4-1: new full-speed USB device number 24 using dummy_hcd [ 309.376771][ T5268] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 309.473320][ T8192] FAULT_INJECTION: forcing a failure. [ 309.473320][ T8192] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 309.473347][ T8192] CPU: 1 UID: 0 PID: 8192 Comm: syz.4.715 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0 [ 309.473361][ T8192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 309.473368][ T8192] Call Trace: [ 309.473374][ T8192] [ 309.473380][ T8192] dump_stack_lvl+0x241/0x360 [ 309.473416][ T8192] ? __pfx_dump_stack_lvl+0x10/0x10 [ 309.473441][ T8192] ? __pfx__printk+0x10/0x10 [ 309.473466][ T8192] ? __pfx_lock_release+0x10/0x10 [ 309.473495][ T8192] should_fail_ex+0x3b0/0x4e0 [ 309.473519][ T8192] _copy_from_user+0x2f/0xe0 [ 309.473545][ T8192] copy_msghdr_from_user+0xae/0x680 [ 309.473565][ T8192] ? __pfx___might_resched+0x10/0x10 [ 309.473581][ T8192] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 309.473599][ T8192] ? __might_fault+0xaa/0x120 [ 309.473614][ T8192] do_recvmmsg+0x40f/0xae0 [ 309.473630][ T8192] ? __pfx_lock_release+0x10/0x10 [ 309.473645][ T8192] ? __pfx_do_recvmmsg+0x10/0x10 [ 309.473667][ T8192] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 309.473683][ T8192] ? ksys_write+0x23e/0x2c0 [ 309.473699][ T8192] ? __pfx_lock_release+0x10/0x10 [ 309.473716][ T8192] ? vfs_write+0x7c4/0xc90 [ 309.473730][ T8192] ? __mutex_unlock_slowpath+0x21d/0x750 [ 309.473750][ T8192] ? __fget_files+0x3f6/0x470 [ 309.473770][ T8192] __x64_sys_recvmmsg+0x199/0x250 [ 309.473784][ T8192] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 309.473798][ T8192] ? do_syscall_64+0x100/0x230 [ 309.473809][ T8192] ? do_syscall_64+0xb6/0x230 [ 309.473820][ T8192] do_syscall_64+0xf3/0x230 [ 309.473831][ T8192] ? clear_bhb_loop+0x35/0x90 [ 309.473844][ T8192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.473855][ T8192] RIP: 0033:0x7f96fdb779f9 [ 309.473865][ T8192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 309.473875][ T8192] RSP: 002b:00007f96fe97a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 309.473889][ T8192] RAX: ffffffffffffffda RBX: 00007f96fdd05f80 RCX: 00007f96fdb779f9 [ 309.473898][ T8192] RDX: 0000000004000359 RSI: 0000000020000500 RDI: 0000000000000004 [ 309.473905][ T8192] RBP: 00007f96fe97a090 R08: 0000000000000000 R09: 0000000000000000 [ 309.473913][ T8192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 309.473920][ T8192] R13: 0000000000000000 R14: 00007f96fdd05f80 R15: 00007ffebbea2858 [ 309.473936][ T8192] [ 309.509290][ T25] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA5, changing to 0x85 [ 309.509329][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 104, setting to 64 [ 309.511547][ T25] usb 4-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 309.511566][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 309.511578][ T25] usb 4-1: Product: syz [ 309.511587][ T25] usb 4-1: Manufacturer: syz [ 309.511596][ T25] usb 4-1: SerialNumber: syz [ 309.515595][ T25] usb 4-1: config 0 descriptor?? [ 309.516333][ T8181] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 309.523409][ T8193] affs: No valid root block on device nbd2 [ 309.545988][ T25] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input14 [ 309.566780][ T5268] usb 2-1: Using ep0 maxpacket: 8 [ 309.569024][ T5268] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 309.569050][ T5268] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 309.569070][ T5268] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 309.571488][ T5268] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 309.571517][ T5268] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 309.571537][ T5268] usb 2-1: Product: syz [ 309.571553][ T5268] usb 2-1: Manufacturer: syz [ 309.571568][ T5268] usb 2-1: SerialNumber: syz [ 309.735734][ T8181] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 309.736113][ T8181] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 309.742276][ T51] usb 4-1: USB disconnect, device number 24 [ 309.812506][ T8183] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 309.812808][ T8183] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 310.143720][ T8201] ptrace attach of "./syz-executor exec"[5211] was attempted by "./syz-executor exec"[8201] [ 311.359860][ T8206] FAULT_INJECTION: forcing a failure. [ 311.359860][ T8206] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 311.359885][ T8206] CPU: 0 UID: 0 PID: 8206 Comm: syz.4.717 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0 [ 311.359899][ T8206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 311.359906][ T8206] Call Trace: [ 311.359914][ T8206] [ 311.359920][ T8206] dump_stack_lvl+0x241/0x360 [ 311.359942][ T8206] ? __pfx_dump_stack_lvl+0x10/0x10 [ 311.359957][ T8206] ? __pfx__printk+0x10/0x10 [ 311.359973][ T8206] ? vfs_write+0x7c4/0xc90 [ 311.359988][ T8206] should_fail_ex+0x3b0/0x4e0 [ 311.360004][ T8206] _copy_from_user+0x2f/0xe0 [ 311.360019][ T8206] move_addr_to_kernel+0x82/0x150 [ 311.360035][ T8206] __sys_connect+0xc1/0x310 [ 311.360048][ T8206] ? __pfx___sys_connect+0x10/0x10 [ 311.360066][ T8206] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 311.360081][ T8206] ? do_syscall_64+0x100/0x230 [ 311.360093][ T8206] __x64_sys_connect+0x7a/0x90 [ 311.360105][ T8206] do_syscall_64+0xf3/0x230 [ 311.360116][ T8206] ? clear_bhb_loop+0x35/0x90 [ 311.360129][ T8206] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.360140][ T8206] RIP: 0033:0x7f96fdb779f9 [ 311.360150][ T8206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 311.360160][ T8206] RSP: 002b:00007f96fe938038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 311.360174][ T8206] RAX: ffffffffffffffda RBX: 00007f96fdd06130 RCX: 00007f96fdb779f9 [ 311.360183][ T8206] RDX: 000000000000006e RSI: 00000000200003c0 RDI: 0000000000000003 [ 311.360191][ T8206] RBP: 00007f96fe938090 R08: 0000000000000000 R09: 0000000000000000 [ 311.360198][ T8206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 311.360205][ T8206] R13: 0000000000000001 R14: 00007f96fdd06130 R15: 00007ffebbea2858 [ 311.360221][ T8206] [ 312.243462][ T5268] usb 2-1: 0:2 : does not exist [ 312.410145][ T5268] usb 2-1: USB disconnect, device number 21 [ 312.957254][ T5268] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 313.082032][ T8232] skb len=1330 headroom=18 headlen=42 tailroom=0 [ 313.082032][ T8232] mac=(18,14) mac_len=14 net=(32,20) trans=52 [ 313.082032][ T8232] shinfo(txflags=0 nr_frags=1 gso(size=1287 type=131072 segs=2)) [ 313.082032][ T8232] csum(0x60034 start=52 offset=6 ip_summed=0 complete_sw=0 valid=0 level=0) [ 313.082032][ T8232] hash(0x0 sw=0 l4=0) proto=0x0800 pkttype=0 iif=0 [ 313.082032][ T8232] priority=0x0 mark=0x0 alloc_cpu=1 vlan_all=0x0 [ 313.082032][ T8232] encapsulation=0 inner(proto=0x0000, mac=0, net=0, trans=0) [ 313.082177][ T8232] dev name=macsec0 feat=0x0000000640005861 [ 313.082192][ T8232] sk family=2 type=2 proto=17 [ 313.082207][ T8232] skb linear: 00000000: 01 00 5e 00 00 02 aa aa aa aa aa 3b 08 00 45 00 [ 313.082222][ T8232] skb linear: 00000010: 05 24 55 26 40 00 01 11 7f 51 ac 14 14 3b e0 00 [ 313.082234][ T8232] skb linear: 00000020: 00 02 e2 2a 4e 20 05 10 a5 73 [ 313.082276][ T8232] skb frag: 00000000: 86 89 d4 62 05 a3 41 00 bf 2b be 11 a5 ce 78 39 [ 313.082290][ T8232] skb frag: 00000010: ed af 02 af e3 9e ad 95 91 3e 9c 4f 8c f3 14 40 [ 313.082301][ T8232] skb frag: 00000020: 00 67 69 eb df 12 cf ac ae 8e 8c 03 f5 db 07 9d [ 313.082313][ T8232] skb frag: 00000030: a7 d9 ec da 75 e2 a7 d4 9d 5c bc b3 70 c4 d7 89 [ 313.082326][ T8232] skb frag: 00000040: 39 0a 32 8b a4 2c 9c 60 cf 21 54 d1 b6 59 aa 70 [ 313.082337][ T8232] skb frag: 00000050: 9e 89 80 a5 22 cf b7 2f 23 ad 87 fb 70 19 70 6c [ 313.082349][ T8232] skb frag: 00000060: ca e9 8c fe 7c 4f d2 3e 82 97 b8 ca bc 46 ed e1 [ 313.082361][ T8232] skb frag: 00000070: ac 3d a7 8f 1b 48 8c 63 57 e7 ed fc d4 17 df 66 [ 313.082373][ T8232] skb frag: 00000080: 60 af 20 a5 4e cd cb 02 f6 89 ae 15 ee 65 5d 4b [ 313.082385][ T8232] skb frag: 00000090: 7b 1e a7 33 e8 8e e9 f5 36 69 38 8d ff 48 7c 1c [ 313.082397][ T8232] skb frag: 000000a0: 49 95 3f 3b c1 42 11 2b d4 b5 82 b2 9b 35 d4 39 [ 313.082414][ T8232] skb frag: 000000b0: 62 ed 24 5c 2c d5 d5 df 40 a3 e0 ed 6b ea f3 b6 [ 313.082427][ T8232] skb frag: 000000c0: 41 e8 4b 0f 0d fa 12 1a 9e fe 05 26 9f 9f 4a 0e [ 313.082438][ T8232] skb frag: 000000d0: 9b cb f4 3c 7a 90 a7 11 f4 53 66 8c 73 0c 3b ad [ 313.082450][ T8232] skb frag: 000000e0: ed ca 68 7b 71 a9 c2 7b ab 9e 72 4c c4 a4 91 87 [ 313.082462][ T8232] skb frag: 000000f0: 13 03 15 96 ea 6f d0 11 24 f9 73 f2 57 cc d9 66 [ 313.082473][ T8232] skb frag: 00000100: 5a ee 7d f4 a9 d6 [ 313.082489][ T8232] ------------[ cut here ]------------ [ 313.082496][ T8232] macsec0: caps=(0x0000000640005861, 0x0000000000000000) [ 313.082989][ T8232] WARNING: CPU: 1 PID: 8232 at net/core/dev.c:3293 skb_warn_bad_offload+0x166/0x1a0 [ 313.083025][ T8232] Modules linked in: [ 313.083042][ T8232] CPU: 1 UID: 0 PID: 8232 Comm: syz.3.725 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0 [ 313.083065][ T8232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 313.083078][ T8232] RIP: 0010:skb_warn_bad_offload+0x166/0x1a0 [ 313.083101][ T8232] Code: e8 9f 2e 7c f8 49 8b 04 24 48 8d 88 a0 03 00 00 48 85 c0 48 0f 44 cd 48 c7 c7 00 b3 eb 8c 4c 89 f6 48 89 da e8 0b 36 da f7 90 <0f> 0b 90 90 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 44 89 f9 [ 313.083119][ T8232] RSP: 0018:ffffc9000b3df268 EFLAGS: 00010246 [ 313.083138][ T8232] RAX: 6a462f619dffd900 RBX: ffff888064dea0b8 RCX: ffff88802fa83c00 [ 313.083155][ T8232] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 313.083166][ T8232] RBP: ffffffff8cebb2c0 R08: ffffffff8155a1e2 R09: 1ffff1101726519a [ 313.083182][ T8232] R10: dffffc0000000000 R11: ffffed101726519b R12: ffff88801e7b2018 [ 313.083199][ T8232] R13: dffffc0000000000 R14: ffff888064dea130 R15: ffff888064dea130 [ 313.083214][ T8232] FS: 00007ff13d1656c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000 [ 313.083233][ T8232] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 313.083246][ T8232] CR2: 0000000020001000 CR3: 00000000671f6000 CR4: 00000000003506f0 [ 313.083262][ T8232] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 313.083274][ T8232] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 313.083287][ T8232] Call Trace: [ 313.083295][ T8232] [ 313.083304][ T8232] ? __warn+0x163/0x4e0 [ 313.083322][ T8232] ? skb_warn_bad_offload+0x166/0x1a0 [ 313.083345][ T8232] ? report_bug+0x2b3/0x500 [ 313.083367][ T8232] ? skb_warn_bad_offload+0x166/0x1a0 [ 313.083392][ T8232] ? handle_bug+0x3e/0x70 [ 313.083415][ T8232] ? exc_invalid_op+0x1a/0x50 [ 313.083435][ T8232] ? asm_exc_invalid_op+0x1a/0x20 [ 313.083458][ T8232] ? __warn_printk+0x292/0x360 [ 313.083478][ T8232] ? skb_warn_bad_offload+0x166/0x1a0 [ 313.083494][ T8232] ? skb_warn_bad_offload+0x165/0x1a0 [ 313.083514][ T8232] __skb_gso_segment+0x3be/0x4c0 [ 313.083547][ T8232] validate_xmit_skb+0x585/0x1120 [ 313.083578][ T8232] ? rcu_read_lock_bh_held+0x7e/0x120 [ 313.083605][ T8232] ? __pfx_validate_xmit_skb+0x10/0x10 [ 313.083635][ T8232] __dev_queue_xmit+0x17a4/0x3e90 [ 313.083673][ T8232] ? __dev_queue_xmit+0x2da/0x3e90 [ 313.083697][ T8232] ? __pfx___dev_queue_xmit+0x10/0x10 [ 313.083720][ T8232] ? neigh_resolve_output+0x450/0x740 [ 313.083740][ T8232] ? read_seqbegin+0x157/0x2b0 [ 313.083759][ T8232] ? lockdep_hardirqs_on+0x99/0x150 [ 313.083785][ T8232] ? read_seqbegin+0x208/0x2b0 [ 313.083811][ T8232] ? __pfx_read_seqbegin+0x10/0x10 [ 313.083831][ T8232] ? neigh_resolve_output+0x2e5/0x740 [ 313.083860][ T8232] ? __asan_memcpy+0x40/0x70 [ 313.083880][ T8232] ? eth_header+0x11c/0x1f0 [ 313.083907][ T8232] ? __pfx_eth_header+0x10/0x10 [ 313.083926][ T8232] ? neigh_resolve_output+0x61f/0x740 [ 313.083963][ T8232] ? ip_finish_output2+0x45f/0x1390 [ 313.083988][ T8232] ? ip_finish_output2+0x45f/0x1390 [ 313.084013][ T8232] ip_finish_output2+0xe70/0x1390 [ 313.084040][ T8232] ? nf_hook+0x9e/0x450 [ 313.084061][ T8232] ? ip_finish_output2+0x45f/0x1390 [ 313.084091][ T8232] ? skb_gso_transport_seglen+0x345/0x580 [ 313.084118][ T8232] ? __pfx_ip_finish_output2+0x10/0x10 [ 313.084153][ T8232] ? skb_gso_validate_network_len+0x12e/0x290 [ 313.084182][ T8232] ? __ip_finish_output+0x1ad/0x400 [ 313.084212][ T8232] ip_send_skb+0x74/0x100 [ 313.084240][ T8232] udp_send_skb+0xacf/0x1650 [ 313.084289][ T8232] udp_sendmsg+0x6a9/0x2a60 [ 313.084333][ T8232] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 313.084361][ T8232] ? __pfx_udp_sendmsg+0x10/0x10 [ 313.084391][ T8232] ? smack_socket_sendmsg+0x172/0x540 [ 313.084431][ T8232] ? tomoyo_socket_sendmsg_permission+0x288/0x420 [ 313.084478][ T8232] ? sock_rps_record_flow+0x1a/0x400 [ 313.084508][ T8232] ? inet_sendmsg+0x2ba/0x390 [ 313.084577][ T8232] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 313.084601][ T8232] ? security_socket_sendmsg+0x87/0xb0 [ 313.084628][ T8232] __sock_sendmsg+0x1a6/0x270 [ 313.084660][ T8232] __sys_sendto+0x3a4/0x4f0 [ 313.084694][ T8232] ? __pfx___sys_sendto+0x10/0x10 [ 313.084713][ T8232] ? do_futex+0x33b/0x560 [ 313.084764][ T8232] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 313.084799][ T8232] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 313.084831][ T8232] __x64_sys_sendto+0xde/0x100 [ 313.084857][ T8232] do_syscall_64+0xf3/0x230 [ 313.084881][ T8232] ? clear_bhb_loop+0x35/0x90 [ 313.084906][ T8232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.084926][ T8232] RIP: 0033:0x7ff13c3779f9 [ 313.084946][ T8232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 313.084964][ T8232] RSP: 002b:00007ff13d165038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 313.084988][ T8232] RAX: ffffffffffffffda RBX: 00007ff13c505f80 RCX: 00007ff13c3779f9 [ 313.085004][ T8232] RDX: 0000000000000508 RSI: 0000000020000c40 RDI: 0000000000000004 [ 313.085018][ T8232] RBP: 00007ff13c3e58ee R08: 0000000000000000 R09: 0000000000000000 [ 313.085032][ T8232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 313.085046][ T8232] R13: 0000000000000000 R14: 00007ff13c505f80 R15: 00007ffd4abcd8d8 [ 313.085078][ T8232] [ 313.085096][ T8232] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 313.085108][ T8232] CPU: 1 UID: 0 PID: 8232 Comm: syz.3.725 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0 [ 313.085130][ T8232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 313.085141][ T8232] Call Trace: [ 313.085149][ T8232] [ 313.085157][ T8232] dump_stack_lvl+0x241/0x360 [ 313.085187][ T8232] ? __pfx_dump_stack_lvl+0x10/0x10 [ 313.085213][ T8232] ? __pfx__printk+0x10/0x10 [ 313.085246][ T8232] ? vscnprintf+0x5d/0x90 [ 313.085269][ T8232] panic+0x349/0x860 [ 313.085296][ T8232] ? __warn+0x172/0x4e0 [ 313.085315][ T8232] ? __pfx_panic+0x10/0x10 [ 313.085360][ T8232] __warn+0x346/0x4e0 [ 313.085378][ T8232] ? skb_warn_bad_offload+0x166/0x1a0 [ 313.085403][ T8232] report_bug+0x2b3/0x500 [ 313.085432][ T8232] ? skb_warn_bad_offload+0x166/0x1a0 [ 313.085459][ T8232] handle_bug+0x3e/0x70 [ 313.085477][ T8232] exc_invalid_op+0x1a/0x50 [ 313.085496][ T8232] asm_exc_invalid_op+0x1a/0x20 [ 313.085514][ T8232] RIP: 0010:skb_warn_bad_offload+0x166/0x1a0 [ 313.085535][ T8232] Code: e8 9f 2e 7c f8 49 8b 04 24 48 8d 88 a0 03 00 00 48 85 c0 48 0f 44 cd 48 c7 c7 00 b3 eb 8c 4c 89 f6 48 89 da e8 0b 36 da f7 90 <0f> 0b 90 90 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 44 89 f9 [ 313.085551][ T8232] RSP: 0018:ffffc9000b3df268 EFLAGS: 00010246 [ 313.085569][ T8232] RAX: 6a462f619dffd900 RBX: ffff888064dea0b8 RCX: ffff88802fa83c00 [ 313.085584][ T8232] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 313.085596][ T8232] RBP: ffffffff8cebb2c0 R08: ffffffff8155a1e2 R09: 1ffff1101726519a [ 313.085610][ T8232] R10: dffffc0000000000 R11: ffffed101726519b R12: ffff88801e7b2018 [ 313.085625][ T8232] R13: dffffc0000000000 R14: ffff888064dea130 R15: ffff888064dea130 [ 313.085647][ T8232] ? __warn_printk+0x292/0x360 [ 313.085672][ T8232] ? skb_warn_bad_offload+0x165/0x1a0 [ 313.085695][ T8232] __skb_gso_segment+0x3be/0x4c0 [ 313.085723][ T8232] validate_xmit_skb+0x585/0x1120 [ 313.085750][ T8232] ? rcu_read_lock_bh_held+0x7e/0x120 [ 313.085774][ T8232] ? __pfx_validate_xmit_skb+0x10/0x10 [ 313.085806][ T8232] __dev_queue_xmit+0x17a4/0x3e90 [ 313.085844][ T8232] ? __dev_queue_xmit+0x2da/0x3e90 [ 313.085870][ T8232] ? __pfx___dev_queue_xmit+0x10/0x10 [ 313.085893][ T8232] ? neigh_resolve_output+0x450/0x740 [ 313.085914][ T8232] ? read_seqbegin+0x157/0x2b0 [ 313.085935][ T8232] ? lockdep_hardirqs_on+0x99/0x150 [ 313.085958][ T8232] ? read_seqbegin+0x208/0x2b0 [ 313.085983][ T8232] ? __pfx_read_seqbegin+0x10/0x10 [ 313.086003][ T8232] ? neigh_resolve_output+0x2e5/0x740 [ 313.086027][ T8232] ? __asan_memcpy+0x40/0x70 [ 313.086046][ T8232] ? eth_header+0x11c/0x1f0 [ 313.086068][ T8232] ? __pfx_eth_header+0x10/0x10 [ 313.086085][ T8232] ? neigh_resolve_output+0x61f/0x740 [ 313.086118][ T8232] ? ip_finish_output2+0x45f/0x1390 [ 313.086138][ T8232] ? ip_finish_output2+0x45f/0x1390 [ 313.086163][ T8232] ip_finish_output2+0xe70/0x1390 [ 313.086187][ T8232] ? nf_hook+0x9e/0x450 [ 313.086206][ T8232] ? ip_finish_output2+0x45f/0x1390 [ 313.086232][ T8232] ? skb_gso_transport_seglen+0x345/0x580 [ 313.086257][ T8232] ? __pfx_ip_finish_output2+0x10/0x10 [ 313.086278][ T8232] ? skb_gso_validate_network_len+0x12e/0x290 [ 313.086304][ T8232] ? __ip_finish_output+0x1ad/0x400 [ 313.086333][ T8232] ip_send_skb+0x74/0x100 [ 313.086359][ T8232] udp_send_skb+0xacf/0x1650 [ 313.086403][ T8232] udp_sendmsg+0x6a9/0x2a60 [ 313.086451][ T8232] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 313.086477][ T8232] ? __pfx_udp_sendmsg+0x10/0x10 [ 313.086503][ T8232] ? smack_socket_sendmsg+0x172/0x540 [ 313.086532][ T8232] ? tomoyo_socket_sendmsg_permission+0x288/0x420 [ 313.086577][ T8232] ? sock_rps_record_flow+0x1a/0x400 [ 313.086602][ T8232] ? inet_sendmsg+0x2ba/0x390 [ 313.086621][ T8232] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 313.086640][ T8232] ? security_socket_sendmsg+0x87/0xb0 [ 313.086664][ T8232] __sock_sendmsg+0x1a6/0x270 [ 313.086692][ T8232] __sys_sendto+0x3a4/0x4f0 [ 313.086726][ T8232] ? __pfx___sys_sendto+0x10/0x10 [ 313.086744][ T8232] ? do_futex+0x33b/0x560 [ 313.086791][ T8232] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 313.086818][ T8232] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 313.086846][ T8232] __x64_sys_sendto+0xde/0x100 [ 313.086871][ T8232] do_syscall_64+0xf3/0x230 [ 313.086888][ T8232] ? clear_bhb_loop+0x35/0x90 [ 313.086911][ T8232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.086929][ T8232] RIP: 0033:0x7ff13c3779f9 [ 313.086946][ T8232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 313.086962][ T8232] RSP: 002b:00007ff13d165038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 313.086983][ T8232] RAX: ffffffffffffffda RBX: 00007ff13c505f80 RCX: 00007ff13c3779f9 [ 313.086998][ T8232] RDX: 0000000000000508 RSI: 0000000020000c40 RDI: 0000000000000004 [ 313.087011][ T8232] RBP: 00007ff13c3e58ee R08: 0000000000000000 R09: 0000000000000000 [ 313.087023][ T8232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 313.087034][ T8232] R13: 0000000000000000 R14: 00007ff13c505f80 R15: 00007ffd4abcd8d8 [ 313.087062][ T8232] [ 313.087438][ T8232] Kernel Offset: disabled