last executing test programs: 8.59795874s ago: executing program 3 (id=2632): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) r3 = socket$kcm(0x10, 0x100000000002, 0x4) sendmsg$kcm(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="39000000150081ae00002c000500015601618575e285af0180000000171300883795c04a31ba377a1b2cc32b38d3740000ffffffffffffffff", 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) statx(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x100, 0x40, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000340)={&(0x7f000000d940)={0x2ba0, 0x8c, 0x8, 0x3, 0x70bd2b, 0x25dfdbfe, {0x2, 0x0, 0x3}, [@nested={0xbd4, 0x113, 0x0, 0x1, [@nested={0x101, 0xd8, 0x0, 0x1, [@nested={0x8, 0xa9, 0x0, 0x1, [@nested={0x4, 0xd6}]}, @typed={0x11, 0xa, 0x0, 0x0, @str='sched_switch\x00'}, @generic="85f946585b6c76dbcd79de7dcaaf707e5fdbeec981c296ad88842655017fc372cfb8699095fb9fdf4c839110cfea326666a8f1da214f46b959e09cf439e38b1be22b8a56e7a978b5c9bbdcb9cc6e998904b3b205d2", @nested={0x8c, 0x3d, 0x0, 0x1, [@nested={0x88, 0x5a, 0x0, 0x1, [@generic, @nested={0x84, 0xd1, 0x0, 0x1, [@typed={0x4, 0x44}, @generic="6f7d8fc6430f1cb30bc72259415c18975db14aeff747e45da63427cc1fa2c781efc5de55c1053037991838678f09fdb0e1bdc7c00457a225d0cd8a947a192d8a958823bfc6d9925d50ab83fd22d3c8f8231ddb1602a6c3eba75e1151cbd7ca8d91b23abb7273d75d3e7883bd67114b85d40eed6ba47ff621c84ecb08"]}]}]}]}, @generic="e3f6be39182ebf5877bb4bed912bf8b13545c953eaa076c67d7796b9757ec676cd1ae90184e94ed4b064a90d6625b5d26c08c54ce97615edd9c30c43c851a10ae8aedb164c4bbb88a6403a18c39360dcaf4fee0b634961e86224ea919f1378fb95ad306fd5b0810b3547af7ef5f07de01bcf2d005ef867e875e8205c4212b34b44eb6913b49eb38d5550de7d16e6204c98a4751545bd8e0455ecdcc182e2ea1add4b683b42c3a1ee2947c8f658a4e65cf4c53cbd1c94c458b94e26bb5ab7aa09bbed7cbd11f06df16c8de75da083c25312e866a06231068f74cd579aff1e1543aa926f36c6bf", @nested={0x812, 0x22, 0x0, 0x1, [@generic="ac6c81327415474bae412da3fa66cdb4b465af57b8c1f9a24fbc4c213fafa5422879611507b7d86e5168d78e0d39d2832efa2cee2b2e9a8c5db5dcf84c9081c40588faad5a1071aea1407f4bfba637f0dc07d9caa6f77dc845195e1ed22b902d380bbebcf5dd8674560d00ae65756226388b30a8c0e7c52770ee20fdb8b6", @nested={0x20, 0x65, 0x0, 0x1, [@typed={0xe, 0x120, 0x0, 0x0, @str='/dev/ptmx\x00'}, @nested={0x4, 0xf4}, @typed={0x6, 0xee, 0x0, 0x0, @str='\xef\x00'}]}, @nested={0x6e8, 0xe5, 0x0, 0x1, [@nested={0x631, 0xde, 0x0, 0x1, [@nested={0x4, 0x22}, @generic="d2e9b03831df93e6230b1869f053b5c5ce26b07ad57483af92a0ea56ed2970ee832e93d33f836521d581f6c1701c48060662f9a416f611b061277d0ce37149b170", @nested={0x5e6, 0xee, 0x0, 0x1, [@nested={0xa0, 0xba, 0x0, 0x1, [@typed={0x7d, 0x57, 0x0, 0x0, @binary="4dabe38388ecf7aa1c8be604f930a44ccdf047157902fface4d86e764138a5dc6ac92ed67ecbf3697f07dced9eef36e8972aede971d65049a0411a13b121c6290b10db8ae1f97ebc5156cb32e7279d7eb1d60befe62d759dea7af914f784b58da272008c9a2556d09b0720496e02b33c00e835a8baac87963b"}, @typed={0x8, 0x63, 0x0, 0x0, @str='*],\x00'}, @typed={0x14, 0x9d, 0x0, 0x0, @ipv6=@mcast2}]}, @typed={0x8, 0xcc, 0x0, 0x0, @uid=0xee00}, @nested={0xa4, 0x13, 0x0, 0x1, [@typed={0x4, 0x100, 0x0, 0x0, @binary}, @nested={0x4, 0xf}, @typed={0x4, 0xc}, @nested={0x4, 0x108}, @generic, @generic="ef16c59411379f0d1e084a", @generic="f58e86fda53ae033ebec7dd92eb160591344a4416423e1a11884fbe6315d4c36d937c9bee2285cfe604a91869e3b4cada2bd3de92af3b52239aa9ede29d697efadc2f90e5d3cab5d32c2ad1a244b695a41edb56e239df00277b0d329aaed8a3f33e95fefbf0cd311df7efef4661f257df50b57812058e2cb4cfc49e75a257ecece6e29a9e7"]}, @typed={0x11, 0xa9, 0x0, 0x0, @str='sched_switch\x00'}, @nested={0x14e, 0xd1, 0x0, 0x1, [@generic="75f66e7cb4d46449fd0398f3b20000e2d4168527b0f6bdffdb985011d032cbae289dd6151c7985db9a07aafe63375a0c0ec79f7bfdb7e8d8dc7fc37ab637626ec02d45f3ecab5eeb8bccede521ce3e7a2872ddd00a7dc3d34dd921feed3290e875180dee7805455a30a89aec123b8b48ade1bf86", @nested={0x4, 0x125}, @generic="5413450d32ba5359a7b503bd8fb1ac154582598fa9cdac6c8247c2f11a8ccd722bc7894c01ee4ddcc7a287a086717ea511db1ad1fe187b37658beacd0a58a0741504f087337eb93086e8722b6a56f73452e574688a0067b3712a48d4815d53cf8fdb7a33cd4eb16896f3883b0ff747bba48bb324f4c7eee7624f11e34aa77595ce44e80e5f7631ac6870c326e072ddaaa2cc9942510f6af8c8cc388812f9d7756004cd3814676744c28dc2a107cc105dbe690026f97a5094994d0c75d8b6f7fd2d7e", @typed={0x8, 0x116, 0x0, 0x0, @ipv4=@loopback}, @typed={0x8, 0x6b, 0x0, 0x0, @fd=r0}]}, @generic="8dedd32c6bb47f2310aa1384056aa94c9e9548a2fc1dedbec08d2da4e87bcd2e4614e26ce9fee20026b264134c9029c842706c4915f52ebeca1d901200fe5f7c326111cdc097556c005e1845627ab34fa6ef0c47c804a95320be95d701035b65b1119c54a8b032b59ed5609576266fca67d244255b555d0b196efc8452926097576133245631be09b0015188945719b70ca984a8f75fade84a33545eddcfe2522d1a4cae00a2577b87744c42dc757e9bafa174c745473854a9f69e15809d778d38c637f5e26f7109eb42fa6468710466fa0f1090e7271dab781f6a4fd0bc", @nested={0x253, 0xce, 0x0, 0x1, [@generic="20fcaf286a3e45946c98cc8702eee6d1a1eda90e707648e2487d938380284f004e4b61e538ec3664c5c08eeab026113cee4286cc610fffd95f8caeec05811a50476659fb33fa033b27780a7303836f900f6477a1636f597ba6dea4d6d80c091845588f24cd4d24094bdf024dc0e42a190c446dd04872539f4769b56a6991c55a7e703c4715e42d1f1284f509b21a6ec8307ac9711cd602b50c0272519bc78b2e20", @generic="9e23243ee2ff3034788b9d8a83a5f57fae30242f68de52f9254e", @generic="4b19b7b9051ab95942cc908c65d4765b2eaf229714a0329c3e6da68f6b079f81052bff620e0b7740c24198c6bc2e31b6236cfded974ca0de6ed85003d38e4398abb662a83190293d14f3f93254b8921752a918992e6525064a436e549c3038e10ce571daa9fe5bdb20f2f3874d606468b6902472fa8d3e30d61d4c54b04c0ab63fd61f1a6d85d88f5689db6ad23ecd036d38a48fc767b93399f5d1a9df675c5e8583dc1a13ec28e68c87b7095fd578df23e67df8fab9d8886fefad6145ea94c359e20218ea6e718d062942970e7a4128adb6512981cd2c0113aaa86ec566fef2f9bc3ade65ecf7e4cbcc90e2aec8898d9c712e2c6b", @generic="4f008e4dbeee183dd24be58cf5f929d8bbfe118ffd4f29b85afd2a540eaecaeb0fe1a1f122dbfbe525958267bc6ff68fa758dba313bd9a00195c8c3287653d35497243e94f51864a6e2f1681968eac4dc7b90ca561b05e26ead8d1ae57323381b89b684675312d11b3024b8d6174ad5d5af3390d6a1cceaf6e45aca9d08b6dcde50b34eeebb5d268ceb09f3402e2b45bdc4f3d", @nested={0x4, 0x147}, @nested={0x4, 0x8a}, @typed={0x4, 0x101}]}]}]}, @typed={0xae, 0x142, 0x0, 0x0, @binary="e6e87a0395e8e2c9f5cfd562c4801b9747483a12a291e33b3d3fe15b5bce5077c436b8e561f1c67799d30989400644a074fb3fe557eab441000a77b379fab51749d50cb2ac66f9a567c00b17574e6941ce2e4c456fa64a137bfdf2478dfb90d417d1adcefc07761751b58e73e2a10dc19d06bfb6cd3cb02985892aeb3f0827ed30905428d07d928b7b12a92d19fb60d223079d42cd047e03004b8dd8443f48c1a855f9fd23e9c372bbdb"}]}, @nested={0x7d, 0xf1, 0x0, 0x1, [@typed={0x8, 0x7a, 0x0, 0x0, @fd=r1}, @generic="78bea39ceda27d86d6951bbc3b742593c36b46f9273af60354108a64f9b3d1b600edbaf8854bad28a6b1c97ba1121483b9644f83290794b62ead8b3e24bc566cad779a289254fb3509fd2a15a3100305bee7e94bfbaeea695a53dcde8c", @nested={0x4, 0xcd}, @nested={0x4, 0xb1}, @nested={0x4, 0x5e}, @nested={0x4, 0xb9}, @nested={0x4, 0x109}]}, @typed={0x8, 0x137, 0x0, 0x0, @u32}]}, @generic="f3091a23d5c5477fc95efd2e56b6482b0133ea4fa456abcc32eeaaaca859b782045a1769b77bc810e861ea3ca96e538c77eb9db0ec1d478c125e7b9aea853fe38ad4171875662d9e402d2035526d61cd4f6ef0ae85ac0ec65bf5fb0f81ef656d44bf91e4f90cb67d4383a697bbc5fbf28518fa7bdafd085fd6f1817a1e2c25dfa2fa1866b423fd9a89a5a74340c119d112a44738594236c4c095c9c6579ac100992292edcf90af9c81a38ef3206244b2dda395e25357a22651e21ee05e8db68ccbcf0d7a0bbb43b26848b6b3976f85a267f1862db6fcf0392fdf62441e2de1770dd3a8456481e0acf03217968cc73e1ab8fa8417779ae8d9b45a", @nested={0x10, 0x4b, 0x0, 0x1, [@typed={0xc, 0x12c, 0x0, 0x0, @u64=0x7}]}, @nested={0xc7, 0x6c, 0x0, 0x1, [@generic="2a214d4e10c8219fed63b12768d579092e6fa60bdf8c41585a1f9765422bb4104a8cb337fabe501279ee5cdc5852541194ff66386411c6d8889b5c81da7e5e440b2549e5aff7b5e3e4da790663bf8284982d852b810a99ab562e2660a190cf75689c3d6af1331affa3af3de1b8562de54864bcf48efb49c0114dbc0accba1fe613afa02c0fb983242484b33100478b454ab11264a4a16e7af98d228ad2d138bef57ee27dd8c5752c74ec2b4f8dbe07889dd15b6b514bfcdaf3466f9d14d64988dda5f5"]}]}, @typed={0x8, 0x3a, 0x0, 0x0, @uid=r6}, @typed={0x1000, 0x6e, 0x0, 0x0, @binary="741c00540dd7eaf1065b0720018ec0b22a8833d10f8fd23ad58a53df519f17ab0c908fedea7d46896f136ccff9ee3e134dbe2d9d8eb25d496459ffd918d14d83a7c026ac288598f50125f58264e6248d082fe6bba1526811202b75de424c33549b7294cccaf1a9564266c723e57de7d3c6198aafa902bd3a50997023dfb64b9c12814366750a7ef42d2a39780aa769940209f3283cf2689d9135ce690151d29aa92904537da265194105da16d92fd72d8dc5ced0ee06d199638b5a5e0408e830f01a8bbcd846494944894f704914a941a87c2605a025b14459eade91e7af50f58b9fbb91c9f5663212b99baa59b027bde45f851fac7a7c7e36eef8db7b15b9687e0a675ae5f217119f8846365da0f6d567496a9ce51cf28cb1a29cee1c5bb10cfb771c4d5e8aa77c6e3c4634d82dedf4527c07e2fc89ce8c0b870464171dae16b5a9fe850a452d3253c78e62bbbaba6c9e1d77efef08c80a2311abee1c9831f0ff308d371627c1f13fbdb28bdcd96f5174755c99a6ae5ac9365779ec3ccd35f5b0de083dd94813c38f857b7f7a6c4a806dd2b256b16f1ef3fcfa872b5c8f035202601932998b61de41ab41cecd87ac3fb3d6993eed6f9a7e50e976c6254e3df1cf89af1946abbbc34f024fe8b90b538c317e11e7c4e902785849ffe95b71b5bd0a16a7632af6abc4728aa2ed4a7456f07dd6410eee3c36ef8fe5a37a175004ad0c95e7b1621de6441cd765cc48a39ea284cf2d182866986eb296a5ae7087aeb80b80b3e706f0cc3754c5e337ed67c787853edcfe95b0b96fddfb711fd6d26186b69b7d64e482f0f54e37e0fd08ba5b6d5ca0bac4e55fc63c5cc920afea933a2e899e7185c6d9face662a31ad7ddc4a5c7833029cc6e961967b929d032bf4847be204624717ed38cadda32673db7ae082b4dd7b96ef3791781c8f5f9451c7eff241947edadb4a642018f27cec12801c0b82e91cba85029c8109b78a831a01db47b247a2633096c5dde5170c5b430c22040a5a38591c03e50c5cbf252e9f05a8650d75e586f243dd30a291c10a90c506b7c7fd3fe35692933cfa41f3a33f1d0e001a8229beb0535677f56afb7caaee7d9173da65d6b733b749cf77366ad430d48ebc108c055f72b0dcf80206eec319c857353185530db73526213356cae73e5d522740cfa5f4fce2cc2979a5cbd0fe9045e63bbb29de600026e346125c12c222d977c3faa0b7fc7166c5a2ff7e4fe169a178f33b57a1b966ab7102194e082ee945d3958161276e66d0d3c2c7763018e9d7f8e9e65fd1e5794352e1073d908a91952cb26385dc1c69e53fabf21b4e0b348e0fb8836ee3a3558832c3e1998443711c3c0f2032e146f4db3fbc42665c8a5250bd0fe149128b5ffc345e0448297802d2e2139812a12fc77591d83e9f9aea851537c0cb96f61136da2b2abd1d9993170818e030d96eb771d5e83b0fc02aeb5dc2d6b3c1162e4ad2a6606c3020cae7e04d1a22f4ab8173f6064b1e60ef7527bd050dcef850ef62eb0926f7ec626078d7d36edc95af49b87ba8b0c420a13f3e2edb29684ebde22aeb72b1ccf3bd1bd4ac9cdacded1d47c4a41dfe49125affb164a6a8a5dc23074f6b24fc6a516f06fe9974222bdb41476ef0ba70543a06b6cfb56e83af941712e0dd43cb44e19e49919e9f72754dcbe2c2dbc77b33de10f7ebf7ed35e67748e5a259c6ae605adcae8939bd2d813d4a48dd72bbb364705e76cf9fea4f3eace71c43dc706eddbf6d5be10534542056f8364a553c9f5ad2e0c30afbb7b05da9874a33a8e305f16c8f668adcc6aab69aa6e05b314ecda817cf9eb69f9af1349bb5dc0b397b8c72be2ac206330f097916f2adf428b7be6cc7732dedeceba8537b10af678053c5704d00f41e8dca7bf255ea93cd928d9be7017d2766309ed1adc0eb42dcf576e9a4675fbe4e3e495d5227ff1138a2e1ddac489eac98651f773fa3a550fe0e739534b3e68bd33f21b735ab3b95b72c632602581489cf55cfa6a77ee8f97c9512eec71f21441322dcaf53558913f5ad07bd710fb29cd9d685db2e9f2c2be2e9bf0d8e8ff1d21ac56fb130872e4557081e69aedfaabd172bb2b168d8df03ae88e3beccb2798c6014737fd09fd3558213af323653f08644b8fe1e3a8028deaf8ea81ea798636b559f276914e385a4b318e78ff70cbb9a9a19ec7f2d247e4a35e36412ae419b130fd2dbaa12677cfbd0e77937ced91bb41456f01eeac2297d0cf05c16c3b5f1ec2fbfcefe40661d4076dd122c0410e8ea7a34c48a46884bfbc9a8beb858059b113f6f487e01862fa3b4b1ddb1f965924b1b1015fc1f69554ae4df024d0dcd13868ce680426ceb251847045992f624290e48d94cefaf869b9e80c0535b1365b88d60a2c3ab3b57c8a0752445d60e685e5f73ee4b44fe1138b3ff675ed3b02e2b864976b152c84be6f0d000e70820e98fa236c16e158d538e7eb07b0488ba1ee5a9578b4ddd8caa204df469f938f9d2684842ce982214e7b1b432c6dff414d49d8225e42b736b0562eab97709dbfdb78f4e6343d50ee15dc828fd7ac748e9d4ba45d458466ebd776d5bbcf196c8830db86bb3f9221956f984c0d8405557f73c34fcba49ab1075e2f973d34990b6e8a479fbe8e66f2ca8c8b050e85ae20399937773c741de7b25ed69a62d187566cf28a451b0da607d19b6623adc303e50702427987e2a198f13121649729b9e6f1581fa0072788ed4be7d9b8d999bcacae0f619489b13553f44991968310e5c3b5d908c1fbdfe74716c279aa596eb0eea3e6e26ac9ebc4c9e6bfd227055e0450b1c4fdbc4ec68eef0f56e9ce4fe44951cbc077463e25878a3c0c9e845ab14a207e1cfa7b5fe2731f45c75a39ce20657c0571a177c6a1e7deb789dfaa66139835004c6717659aabf5912973144d47885976aef89aa14d2f4059510a21f311be375279492d1708609af469c7b1be4a0af637afc9918802679f3b92a4e06d488738babe8c379b5b867e6909dc1a9027b68374f4b10cf9b0f50830f2d6c6468d0e9d90f552e128cb4c00ca0a3379e8a912a24a86b3bb4248c8473e596b1332156670c298bd83bef6e4904523c90233aceb26225076e2ac04076cf3adbbe116aabc8cedbc9e0947c609d9bc79095e310efc6b440f8a1cc8e067d75f79bca4e57739c074fd0b941bcb4b86b07c1470650582e52d830d567aa6dab5adc1b87e4e958d78b40e515bc3d2f4727295b686906fe6fb56c9a5c0758c2d36d4c241518c128dd6628b57a8a6ab6637bfdb051f90ec00d347f2f4dbaed0afc87a5f9880144bb80a580fa92c06b82e88259238e529b36a49e940d3de95dbe64965966ea6f85ddd8a836e344dbe618498eda6ade81cdb47c8760486ae85de02cd3ecf3887a200b5765eedf9a7312701d31e0d85669de3019d3adca9a026ad3227d830dfff4902559ad3160d6efae47a6da6c69578a7377ad5f495e8893859a7fbee74bb0636dcb859a069e025610306d1e97eb2ba76c4cae6161523ca8d55bdbc3883136c2fb855596dde44a52a6ef84962b5ad5a77e95c40c2b7669376cd644cc7e1e0bbaa2eec844d3d33048df394169d877a8207fb322b7815a2db1cf926e8cc143c499776239cc45f9b91906cc343f95e6caac03cf121bd44f621946b654cf791f21a7da53cb29835af33923dbfaf2f641dd8746dad83dadf55d7418e325a94c426839663d3d866d3bc33c118fb3c00bfd03cc76dc9e2fc34d60affa6404c12bd51140bb5005814ed1bfc3921c3a3f6a1d385cf2a5a3c2557889ae460776b24183f78785c2a541673f9c0b897482681aff29e4944084d4a9cb785615273a5f04ba702b12e60358480cd73d4ced80105ca8f4b2dfd602d4e6166d9d6561b47c4c035094775526beb78f64c85c96677b67c0d0c15426aafe0119986ede2a62692ddd8df7fde6a2ed9804b259a6b5db96090e4246895450ed4b41fdf18956087c44968912cb4781fd8062eeaa116d2d361c5626d4893e1779c4e7c6471f83412bda5f352120a0d762ec8d911eceff225c90c12671ff09a5a45959c29ea6ce36d70d7d25c7df1d651922c3b19ba4600b4f04b5ab6f37d6f2aa20c9431bffe4fcffe52116c5f55342c7e53ed8ca665de002727dcf1f00c88584b19b8baccd8fa4df38f31f7d18734a23bce738f4302e89cfd6d0d693bd29603a4ea529f9c9ed0bdccf046faec16de9bab8eea75f6f5eb615cae33b3de08f6e63a0b2f5351e79c06d03e42314be363cf1b38189800e82939554a26c2fc49128d4885192cf9b7f14eb8866b460e2aed3db5ed80847b68505ced38468016eab46eb4b209837f32574c2e2ba72af110eef578b4d970e21f675a0686f3df55f79a9e350bc0bc306ed31b6675319225adfd5f45e0f396c36a31a6d86af07b3b6e4ad03d856c5fdf412cca17b9c7bc85fc74d79778aa1a2d7e8370e4fb59da57a02d4e7735074812d12eccd92c94e23d170a238a4d9e349e8332392e5afcd1995086f171647581e81bb2d5a219324aa73ccf209dfa5d5af87c8829a21167a6557f1b0f7181a5c51d856d7d6123e0a3cd0fbb0ce7512e23a897cae16d9d3d1e58b609dac07199da1c47420e1eadb23f78ee510bc345f76875158b82b8a3b4115ba61f8916a3c30cf878435d5184c2af2f16ad29014245d1b441ee82eebb24a49a066837da7d72f1d6ef0e40a8943b07ae772038ef8225ee4257436d06bd76d518514e3d56df9ebfd6fd572c1a3b803b54b86376073b585685a6e69987737146e4904ddd70df77e1897990d474b13a7059a58d145078baf6bb3cfa9d6afbde2041db0b498bb747c2af9e0647ba5d8c868edfc00554a61fb86ee5b480923b99dd762e9ea67206a2103cd295ffdf11ad1edba6c6a5ba5a766261ea417be1b480423b319704c63a2437b7dbea08f1747dd5a83bd0ad3bacab500b1e4a5dc8bbeae4113c3a5d097b92de11f867c9338f098c639ce2782ebdfe404ffa576925fbafa24bf1369c257c00c4417f637f01eaab95a890485b578a23161fe11540ba5eedfe71c52a420363e1e26094ffab7335a600cb689213c6b4e379f7c2405aeedc580900a55d5a441ed587c5de5e139b58eec2b88c1069757f779f980026ac76410e7c746745bbfb2068421e76f5af2fe2c97f61c1de03bb0163e349d9c67e0ccb31416b0e0441c66a0c3a29127928b90216df3130c0740e653829d216e80ccebe2ce27e197e05012552502731f12b05c3ddcf8b737de48765ad758a7e797e5adf9ce87d2676f43b16aa55b39eb45935a971164eb0192e7d705451b64b4cdef45b5ec575c58a47d232f4be3129eb138a5dae180b2b5fc49aa7a0215144218614306092dcea9e53dca43fe65bf2cff982683656ef0b21d49672c6f940d999159069910104b3afc9ecfd4f40ab7d5e7664aaf2bafe2cc201a331879a7a3b766d48b0440eb6c5336285509effc139d06f08a11bc0e751b110a04b775a9d516116c75f7a4a68c805370d487c7007db6d882138f02d83218056fe40f22c83fcf9d45a44975375da09a8713df34ad2482a7f1237c2efc88b46f3c3fc484e817c7f7fd63fd72f308f6e2753ad150f27293302485ee9819ad19f8530597bd7f70dcb889e771ac25fc940fec40f4726ff1b42ee2f955ff68e0a3ac77ce60d6582be2c1f5513d9b2e14a0994e5c53303efbc93072c80d1dda545dadefde1fb53a3e5ba7d5f143b244699c1c1cb4cb7ecf3f74400a7c14f4c49939048ae530691d0ad7eb1be12aa7188761fe80ecaaa8"}, @typed={0x4, 0xcb}, @generic="37b73da9be784230f34456334e6a00b2989867e4f8949f1275badf964ccc7ed38126d0cb04934570203f8d1a00ea964f74008579b2dd83496f5c8c99e6482396e07bbbe22b2f38dda0442d1ea4555110a2cbed9c29d7e5e8579ddfb43f6a9f7cfa9e3f01", @nested={0xef9, 0x14d, 0x0, 0x1, [@generic="f7748c1072ff2bb7c468dd64e29e362c4d92b34ab977c30bf365b86100d89c7a1a3078bbd14f89b239a61d901b52f2d063e4dda01b0aedafe3186a88b3570283920612daf275bff337fd8b332687e8fb15d9e5b8534202b47c6ad8814b17cbe3b785ca45bb824e21a232b368a528b570c1d6d291657d7b6790ad9961b2509cefa742eb75879aff4ae240108b8712b0a5b5831b4ffea39992ebd2282ab6d1ce25a9a407bc048190287a882cbf15ef3f28f8b650da06f1bdbb0df3755e198a75acfefe4c6c5d051fda16e28702c3cd4ec0d7f92d1dd336a05baa565519b06a1eb4e81d7e3fc440dceed56231ce346f642be224ff0f7ba6f55da0c8b1d49167aaf9c61b484bd0619b5570bf31ce26c0f0a76b31fc5db0775556784245e33a2d1de7fe76c347005d85fc5d51be688b98197f481331254721788467473457fdcf1dc2c6403f72d487c1cc3decf214e23d10a7725cd5c99071dc883514cd4a35a5b0f8076e6ee04e62aeb3fda12aeb98dd1b346374f41c5c7ab3fd5cbe1434098319061d3d6ceee6fbb27bd9c45b59a6b672c64af84eef8855d568c62a26a3011337d55c8cdd085349405fbef44fde1f415c712efa0e4c6ef610224294d1024547b44cca1753c039942d0ea780c7a645cef35df09e94a3b9647ec3ce85b5ce3599445d9a1c7abcc3a287397e4928f57eb70aebd08940d528d433031c158b75646f146d52148a0dd8a3e593c54878b67598774b94c05455796c04f540bbaf9e224e69ca8aea400e33916717d670ea77f3ff74b035d8917eee7310084fc1ba1cd12ada31782778a9c977162d0070c6961931846649939fad970bcdaac3cf65afcf5f90081cfe6d48c9bb28a1f11279b0e96cd1fd8abab92758126da118b6032bc335583664db30c56be62ceca4794e2f86fb547cebfbdd88f8d4ab9594444d0eb0a93904cd5dd3416447480c65525d4c2bea0e4daf4245304b56fdbdc996759bf6eb2414f7f83fcacfbd17b355f6fd762bfab776239da9b83db4fcbdbc40e279f7e1be9aa0dc141b3db8af6104de113ce1e63ff9e0b56c78605c34720ca673dec64dddb38fd8464456b8fdae8b49d4a165a4980c24a3ee91ff965ef3873aa69241eb45764ae12cb25a99471bd7c8be736b700e41c3b8081344d3ec116e2b899ae211b45ccdb41756beca61e66b8090ee8b3556bd557836f44fbed5b7f5b14557fec32a4b8292df700f32613d69f59e8c70bf07fb39185c1dc01f12a1e436f6b3dd0753d0744d02b985dd0ecbf3d61f8ec4ddb5a049960178e6e36a9434d8d14bfea4be1abc2a6eb210baa0e8828659304bc050ab61a22763b341cf7d21329c93f1dbe315bc1e239393fa09fb5ef4810e78111f8888eb149c4482bb7471692a06fa4401d5b3908b90b4ef2fd5821799882f6aa80993eecb9c711321768b2a82124f18bc9b86bdbebfc2a0bcf3665c85932023be0bae9e24b53b66db40435d4b19e819f06324786328252ca406734fe1ec6134483515de85e616d95c15a08c97f30cb0cda95e3d75cbb5cb0d6b5b96210751ecfd85e60d89402af2cd7efbf7f6f45ea0a3a9d1e0860f9834529aff6e68baf0750fbf0bd6e758dc1427a2f81993c0dada8a91e57a2790ae2736e811ceade9b251b788a805ccf02c96e65d8daef3f0b99e0e2dc7c23fcaf0fd116b04fa6eea7d830a08ae5cd805bddd6464b8e736288fdcc86daaceebf01fdce3c0909ae28600c3d86ed075467ba5009c21b162204544d0488364b9b18082706f5feec099b1024ec1ecd1901883646085c41acf264a31696f7566672f30e4b91f86c8e977aefd5d666cddcbee0a15c05d8689dcf77c7e4537b603ed68f4725219313640d37714a08f1300ce31a0dc22ea614655c8d9cd20cfe81129fac39fc53a60f4b2c978da4ba9ad5fcab6d527ea3d1912cf75e8542ea08c5d2c52e0f928a059c8d0985b98f7adc74cc07185a5f628dad5a601a9a535ec59a0388942f2242fff6ab68cff31e91b4d4aed8e6c639b39a5149b688ffb67ae843dc05b8aba8e7c51de1d9d7f25105b63a5feb68e88c5b4061c49526caea7ce8c9a8dcce7371f1ace595673a6e896d7028607ecab10317dc7f7864dc08d53944cbcd22ecb59b4cb8ff8d0f1e423f971911965319763ed04a437bf0c9855c1697e163f42283e0548074a73ff720a8215d0188ecbe272b43641b9657d6989e173228a005f81041fbbbc7b0beb708e9dcdc0a2188aac762dc78b9b6147cebb157643a38c5ee5900cf86c79e0def843762963d6ddc66bd6c03bc58b77c4189197e7306b1e8a7975e3dda4759762950c133a4e2a82e18d47d468e3b714ea8175895ad13fb0e897b24afd9b29b69262ddee6b0138251e9f1b4e39d08c02aa99affe93798abfb944377006943b35a2ba7bf9ec9492c600867d880d7748d511fb20c9b92d442c0d4ec3db60b475840442e2bd67d96382e6a9fb5fc112e7ed174d807228bd7dad979ad347198f96a470001144dc3d5288c35b614011583eecc0aa8331273954582f21957458099ea5a9891b5fca17daee440005a26901ee809b8f4ed3f0c09f037feabe5574c7db9ceb7d2c624f4497d07c0581a0416d1e9b503041d620327a53980c1de68cb54b34124a1c7d0147d3bc10c34515d0123c9f2a1062b2eb90ca060eaa24f54704af0225c276f703c5fb59299f39d36a67816d14e0da44ca3e3c937654e060069f248b8bfe21059c5b9f7151c4b99dab43f1f18f6083acd67c2b33e8bd6556af2e82557a84e559acf2434195e02f758a1863b01ef7e91b8549c0e5a6f9ae1ee2d648e130aaf3cd9106edb5b1b345ebb5355a762eaa77cf170712ecc4d8cd2a5e2cc974ed48379bbf73ab0b1afb360cec2e2aff336c67bfc919fdad137deade91f076db6be6badf95cd370be6b8e7497b7453f0125731e9ec64a5a7d57c1f2070c3586127832626d576c78baf8f1b3c1d6b4d295c79d0c1af0c16c69cd5b94d30393d0f80742ab2683a97acebfcf9228ac37458cc670b86fb188616e44ec98e1d1b853b1235937783031e95e9805e5b3700692c6baea3ea198dc55bda2ebff58fe5726ddda27da8046c56c640ed81a7eca2006b594714984840e7fe56e1d1b2092524d0ead3d6ac10ad5af19fbe7ea11b3ba5476d0c1ccc8a1811cdbb0bc40c1affb0c5462a0b2369b0cba272edce170299ea3262a6334d9ed1b6d54d64fd4286deececd90b98e2d14f2d318cdf2707fbea2e730e9d47ca154a32644f526b3ca12764cdbaaf6553545ce0fe339006f756dac587d78cb0740cd9f9455aa99347fef1f95733f41598c350e68b51d1dbe13257b070afa8f64ee352245f2682d635cbb410be2a6ebdadfe0195da21fe15cba66f26feba03a551ebbc92c7ce8070512b29691ee1e8c7d59dd607cb17eaf032900b9c20cb6009833722079d7fa7d6d323129c55a99811f32eb15e42605ccf0062ae80c39d1e789eda7fbfefd25dd30e5c38d613b575c416df1cfdf7c29cf7a2c445c54fe04c85c13ddab3689cc4b4c5a5ca3dca09e4041f9185713a6df4de2e749b6dc4a6206ed561a54341f6524ed5b62624753184abd0a93e42089a0701a98678d07c4c5cb86f5ffc8316eef235d6357d3fa9f8f3f6f4bd598cc8457fc7f55505d882c4a3cbeb9d144187f8e2afe9cd9ebcf632ca59417bf98fabf89f95497d58672701aac32c9fd53dab631ffb3a0efccc9db8e643b5c18e5e3e5a5c8fc263f5b3442a912e87c6fcaea8580bdca7bb1c4b92e575e23b1f23c7797fb5caecc67e1a7c7613d1b43a427ddd48370b61f5e86dc3a4f186dff9ffaeb62c9be4f43f703cf9ce7a59c0004577fb1819aaff3aa0be0037c7d1e0d8722baaebcc805ed2d190a37ac1fbc02f6633e2468b2b14bd4981d78574c408c55b709de9fa1febc50ef7a979adce1ead57e14c682dea6e13e6084a6623c97342b86c842e78fa3b77b6917ebd451cf411903c99e96cb90bceab48ba4f2209c81cbaee22d46d935112dbc4adb614c0800cce2747d30a8ce2f505cb1eadd0c7349b68b6b474c7f9b183b8d01f9d6518f71232cfdd0ff5e21c27694441339a8d947ccd06c98b8b26f6243d6fda3a00b15900f4f3ae90c69930eac7c26df38fe582e3a6fae2395e03328281a4221e95eaef151868212313fdc8ddbfd64d718bab940421cecfae24193eb9a6591c6b9a406a321e5ed43802d0afa84f2e66678c2758c2951f99f92ee5516f609e7804dd19bd9c6b3afa2b5c1dac873cef728c4296999636324acc36bebb1f59694c388ef7fb2bccf9ef44bfcd43fe6264a0418aa1fccf0c9941a8372d4d1c94aaa669dec2a4f301a73ee2028757734ec947f3825cfc110e88ff35e00e7d5093fa2907d4e446a3d0228ae68932381c4fa5ce91ba3352067d08953cb138007d62ca713f1ca629dadfaaad07c39cb0d7a72e01a44936c136543a69e4119e6994f7e6909eeb09ec91ffe3f5bbc1625c7464e767cd31f46eb28cbc382d58bbef36c24a8711bf7a8396252df3c4e948d1d03e78d6ed77d665e9a4c360c1b85c7a2045e7d8f834b84b6a42cc32eeaa5e273a85441103af5001f9905cb831c8c534a55c9358f89514ee54713e77a5d6d5a16dbaf284eee71838e064e4baaff549e42ba1b865855df7d1dc14147a81d897b3a48d1d0e3ebf6df1fbd983268a29b30cb33a5b321a9b4ba2414707b15b533767edda95e16d3bbf9a171fac930b6260592804f24408ef428b6245f0ce8a60f5ccc6d26b7f9dccdda9a2136d0c840574f84713f91f7c5fd8e1aae7c971c2261f4ce786ad30950990e8e24663d92601ff14676926eb47c03d475273ed23d69e1c6d14ddb235b2a8b426a67f21b7624f12743738119d7c8eb2003cd9d48f42b93ab1f502e0f758d9f316eb4dd9a2babe9acb89a15d153c066fe897b882d356a3d484e464871a7285c93418710b57bd15a18265a95f7e11b40851f6ec3eec7ecbf9affb68ca87e8de17f8954e5378d5a809572212dd1119d8d62e50498508cdadbd26a401ef29f130f2fcf3aae3c29f9a16505afda989a97e299f0f59aebc295bd85c5ce2a1c2be41f30d3760e001df40a4a6c88c5399bf87f85c065119d7f0290ee79617767e879f89d8c1958fbd05491c1425301fa30e95c709769c03b2cb5248735aabb43aaa1e5ba8ed432972a8ef733ce1912d170f57ad83ea8a8545dbad58726331b0196da3bd4f56da722204e41b6d010e07ba0a97ef57f7c909074195872fc3dd07a258b0e0b97e446e10417bb9b814bf732013fe02cef696fbe066576e7173b8a3015e73c8a53cd12266e5f50d697ccaf525067c725b34fb66c7191f7215e74c112db00622bbdeb3246c443abb2f7146efdb466361ae1dc34218611d7ada969be9cb88ef3ec0d314a9", @nested={0x4, 0x24}]}, @generic="1799e80e8028fa351d2162414b760f6f5891ac7d9d8be68378237770cbc596d2eead2ee10d04243ecc2a1b5806102246f3d8768b5fb13b78786e2dce7a6410d098afacaced57be4ccc"]}, 0x2ba0}, 0x1, 0x0, 0x0, 0x1}, 0x400c004) r7 = syz_open_dev$vim2m(0x0, 0x3, 0x2) setxattr$incfs_metadata(&(0x7f0000000380)='./file0\x00', &(0x7f0000000500), &(0x7f0000002680)="f5059699a87112ed40d449afd07f1d5bf784011b33978a6ea73f80cb58d05e20786f2b20f9f7d214b1524f3ae99a8e04708e8a5fdfa6e53962488b342f0ac8c68c7133ab4f07f987f5a6d4833761a98425e0b78ac8bbe04a0d3e7f003a616b3a5d07855e082a15a0138c8101e364f22f2ab35a58ca5326ce76372af820ac4b52bf980b4928fdc79eb58f718e7c2a22b5c9cc3983b15eab7a0d3df820925eb355c5f9016aedc8fbc9a992249ceab436c004a7d620e11d8f39130655", 0xbb, 0x3) ioctl$vim2m_VIDIOC_STREAMOFF(r7, 0x40045612, &(0x7f0000000080)=0x2) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000005c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000580)=0xfb}) ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x20000000009) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x3) fcntl$setown(r0, 0x8, r2) 7.366814297s ago: executing program 4 (id=2639): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17) r2 = syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) syz_usb_disconnect(r2) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) ioctl$KIOCSOUND(0xffffffffffffffff, 0x4b2f, 0x1) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(0xffffffffffffffff, 0xc04c5349, 0x0) ioctl$IOCTL_VMCI_SET_NOTIFY(0xffffffffffffffff, 0x7cb, 0x0) write$binfmt_aout(r1, 0x0, 0xffffffdb) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9) 5.299456024s ago: executing program 3 (id=2640): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) recvmsg$unix(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000880)=""/27, 0x1b}], 0x1}, 0x0) 5.079442502s ago: executing program 2 (id=2642): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt(r0, 0x1, 0x10000000000009, 0x0, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f0000000100)=0x1, 0x4) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) socket$xdp(0x2c, 0x3, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r5}]}, 0x20}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@ipv6_newrule={0x24, 0x18, 0x409, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}]}, 0x24}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB="6c0000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000004c0012800e00010069703665727370616e00000038000280140006002001000000000000000000000000080214000700fc0200000000000000f2ffffff000000040012000800", @ANYBLOB], 0x6c}}, 0x0) 5.018825901s ago: executing program 3 (id=2643): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) time(0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) personality(0x5000004) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) readv(r3, &(0x7f0000000400)=[{&(0x7f0000000480)=""/174, 0xae}], 0x1) 4.996674375s ago: executing program 4 (id=2644): r0 = socket$inet(0x2, 0x3, 0x4) sendto$inet(r0, 0x0, 0x0, 0x240000d5, 0x0, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='xfrm0\x00', 0x10) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @remote}, 0x10) sendmmsg$inet(r0, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0) 4.876005343s ago: executing program 2 (id=2646): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_MPU={0x8}]}}]}, 0x3c}}, 0x0) 4.698793999s ago: executing program 2 (id=2647): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = eventfd2(0x0, 0x0) add_key(&(0x7f0000000000)='rxrpc\x00', 0x0, &(0x7f0000000240)="000000000000003299b8f276dc", 0xd, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, 0x0, 0x48) r4 = getpid() sched_setscheduler(r4, 0x1, &(0x7f00000001c0)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) recvmsg(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)}, 0x1f00) write$6lowpan_enable(0xffffffffffffffff, &(0x7f00000002c0)='0', 0x1) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000900)={0xb5, 0x0, 0x4, r3, 0x1}) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000080)={0x5, 0x0, 0x0, r3}) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bbr\x00', 0x4) r8 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x5, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000014c0)={r8, 0xffffffffffffffff}, 0x4) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x200000a, 0x2010, r9, 0x0) 4.307559392s ago: executing program 1 (id=2648): r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0) ioctl$PTP_PEROUT_REQUEST2(r0, 0x40383d0c, 0x0) 4.26671177s ago: executing program 4 (id=2649): r0 = syz_open_procfs(0x0, 0x0) read$FUSE(r0, &(0x7f00000007c0)={0x2020}, 0x2020) 4.192462121s ago: executing program 1 (id=2650): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) socket$unix(0x1, 0x5, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, 0x0, {0x5, 0x7}, {}, {0xa, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0xe2a0}]}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x200c0e9}, 0x20000004) 4.091413257s ago: executing program 4 (id=2651): r0 = socket(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00') preadv(r4, &(0x7f0000000600), 0x0, 0x6c, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0xd0f, 0x470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r6, {0x0, 0xd}, {0xfff1, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x7}]}, 0x38}, 0x1, 0x0, 0x0, 0x24000040}, 0x44080) 4.035802609s ago: executing program 3 (id=2652): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000880)=""/27, 0x1b}], 0x1}, 0x0) 3.916870897s ago: executing program 1 (id=2653): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000f1d566201e043c40d7cc000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000540)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) 3.771418936s ago: executing program 3 (id=2654): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x0, 0x0) ioprio_set$pid(0x2, 0xffffffffffffffff, 0x6004) r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_kthread_work_queue_work\x00', r1}, 0x18) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_CLOCK(r3, 0x4030ae7b, 0x0) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x128}, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="5c00000002060500000000000000000000000000120003006269746d61703a69702c6d616300000005000400000000000900020073797a3000000000100007800c00018008fe01400000000005000500020000000500010006000000d9c7afc6ea9a649a0712d7aee4ec8b7fa3a61eebbd1bc619e9915eeed30a17b39a926cae76ecffc2c360113ec67624f4726465751c7a9dd0771b020df6d5cb5c769bd08f773852abd3882663d7bb7305fee78eb4f107ebd9cb01c67ea20c23d6c812e3b1488fb876dbb94b5fe367eec0392bf03df5caa2e3e700056bce9782b441aab8dd95ec1fcf0bde19f1b8b515ef69cbdc7003dad05f854d886f5d06eac80b4989d86b59ea30fe6eaf619d536615"], 0x5c}}, 0x0) socketpair(0xf, 0x2, 0x1, &(0x7f0000000040)) recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) write$cgroup_int(r0, &(0x7f0000000040)=0x1c9, 0x12) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x15, 0x301, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) 2.592595788s ago: executing program 0 (id=2656): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000400)='devfreq_frequency\x00', r1, 0x0, 0x3}, 0x18) 2.35602685s ago: executing program 0 (id=2657): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000840)=@gcm_256={{0x304}, "802fe379e6a428c0", "90bc4934ad97dae93088eb18fed5a7a5513a4ae73b874263892c78b9779210e8", "33a413e8"}, 0x38) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28) 2.354854413s ago: executing program 2 (id=2658): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) syz_clone(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0) 2.159474113s ago: executing program 0 (id=2659): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newtaction={0x74, 0x30, 0x1, 0x0, 0x25dfdbfc, {}, [{0x60, 0x1, [@m_mpls={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x6, 0x0, 0x200000}, 0x2}}, @TCA_MPLS_LABEL={0x8}, @TCA_MPLS_TTL={0x5, 0x7, 0x9}]}, {0x4, 0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x74}}, 0x0) 2.048483092s ago: executing program 0 (id=2660): r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0) ioctl$PTP_PEROUT_REQUEST2(r0, 0x40383d0c, 0x0) 1.908322977s ago: executing program 0 (id=2661): syz_emit_ethernet(0x5e, &(0x7f0000000740)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "083ff2", 0x28, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0xc2, 0x4, 0x0, 0x9, {[@md5sig={0x1d, 0x12, "fb6b9acd8f4e1c92833a2f1e90339d18"}]}}}}}}}}, 0x0) 1.695381873s ago: executing program 0 (id=2662): r0 = syz_usb_connect$cdc_ecm(0x3, 0x56, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x44, 0x1, 0x1, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x5d, 0x12, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x2}}, {[{{0x9, 0x5, 0x81, 0x3, 0x10, 0x3c, 0x7e, 0x1}}], {{0x9, 0x5, 0x82, 0x2, 0x60, 0x0, 0x6}}, {{0x9, 0x5, 0x3, 0x2, 0x3ff, 0xfe, 0x10, 0x7f}}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_ep_write$ath9k_ep2(0xffffffffffffffff, 0x83, 0x10, &(0x7f0000000500)=@ready={0x0, 0x0, 0x8, "afa4743e", {0x1, 0xc1, 0x8c2b, 0x8, 0x6}}) syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) syz_usb_connect$cdc_ncm(0x4, 0x7d, &(0x7f0000000540)={{0x12, 0x1, 0x200, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6b, 0x2, 0x1, 0x1, 0x30, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x1e2}, {0xd, 0x24, 0xf, 0x1, 0x1000, 0xfffe, 0x400, 0x7}, {0x6, 0x24, 0x1a, 0xe324, 0x4}, [@obex={0x5, 0x24, 0x15, 0x44}, @acm={0x4}, @country_functional={0x6, 0x24, 0x7, 0x3, 0xa1}]}, {{0x9, 0x5, 0x81, 0x3, 0x200, 0x4, 0x1, 0x4}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x10, 0x81, 0x3, 0x31}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0xf9, 0x3}}}}}}}]}}, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0}) syz_usb_ep_write(r0, 0x82, 0xfffffffffffffd6e, &(0x7f0000000140)="16688a4a3f1cd2db8dcf350051f14ac00d7c36e54167f08f961d2fc0c37d7c8c2136536697a794f470c5f444560dedb1b190fa34325a3c256fb8b4e2297215f331") syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x54c, 0x268, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xb0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x46}}}}]}}]}}, 0x0) 1.55941369s ago: executing program 4 (id=2663): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) socket$unix(0x1, 0x5, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, 0x0, {0x5, 0x7}, {}, {0xa, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0xe2a0}]}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x200c0e9}, 0x20000004) 1.492624311s ago: executing program 3 (id=2664): ioctl$sock_kcm_SIOCKCMUNATTACH(0xffffffffffffffff, 0x89e1, &(0x7f0000000100)) socket$can_j1939(0x1d, 0x2, 0x7) r0 = fsmount(0xffffffffffffffff, 0x0, 0x1) fchdir(r0) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, 0x0) r1 = gettid() timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=0x0) timer_settime(r2, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0) preadv2(r3, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1) syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000105804105000000000000109022d0001070000000904"], 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) 1.398844187s ago: executing program 4 (id=2665): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'gretap0\x00'}) sendto$packet(r1, &(0x7f0000000180)="0b031200e0ff64000200475400f6a13bb10088a8086086dd4803", 0x1a, 0x0, 0x0, 0x0) sendmsg$IPSET_CMD_SWAP(r0, 0x0, 0x40000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$sndmidi(0x0, 0x2, 0x141121) r3 = dup(r2) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x80800) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000780)={0x0, @local, @dev}, 0x0) r7 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r7, 0x84, 0x12, &(0x7f00000002c0)=0x2, 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) bind$inet6(r7, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r7, 0x84, 0x13, &(0x7f0000000440)=0x8, 0x4) sendto$inet6(r7, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r7, &(0x7f0000004900)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000004c0)="cc", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000b80)="bda033176eb146b36ef41f221a4e7ce4a02598d750606488520915c6806affc0a913781c7211ce1fcd59a12b5d5afdaf9d723f092ce9d1eed16e208f2e79831ca049e8979ad94621175c2c48c10e33b29f2def51498743b057efc21efe4be4d9f02e9d236f27190c29c5da0f3799452f5e3640340502fde4ae8c56b303e1b79b3d1842bf6277771bef544c745e7a80c9e7efdd1c619f69b9d01839aa326776d335689e4db7cb7e32fad8f4c40e943b43eb4ea173d720bf5998149625a731643636c8ddbe61e1d7d4736f8414a84acc40557012c82697d8a59c873424aefb3c7ff0dba302efaaf887a477b1ab7ea6c1def9db3514e444c1ef36c6cf42cde90d4bbb2e923a5d16a1bb191ad91cab867cd55037d507a12803f3df1b81f1857fad085dbc5c46aac14230d7a4f8b36d6bc63b4a16cd309b7697b421a662b83001b5ce5ab3ff80800243107df7aa6cae9a5db6a8f2a53ef7d6c6aeac76b83a15466c74a9cdbcde8505e3d14c0c3a47a36bf464168202dc88e25f4c1da57faf0eaa7ff16bdd751c2ae5778e169c8ffba57c9a20e24ad51e6e8e02b721e8ca94f131cc98e03b34b615a1db4080362de4ef215d5a0541aeb0c742a2636ac5af8538ceb3585ef9dca8037df55baa072096073b005b53eff0b899de59bc2b5d687d109520571eeacb30124c4012fe6cb9e3bf451be3d219206ddc35099101533cff5aee6c4783e00e6dd391f664052a6c66c62f62a49fde8fbe336543bf99b55e53b801e54c1d0a292da83db26a8a870ac1d8751c4bc0d495277295cd3a17f9e9a25d70214a17b981b62d5c75356ed025df3557a8b59648edd9d1dbdf169d91f9d85cfac11a57db0a14f03e8934a2cc98d389912a0d9942a40c3ee98d35da61d3bab1a32c9d788e9f74ee57012ca5bfd0dc090b591c64aae6a205fbd349fc372bbd7429983a69cae26ff8b5b019144d318ba225e46bc6cf8d7d3e5952333042542b2fd4fb4d88a3651dd8e14ecc2845d4e71f7dfd128e9e2ee2ab0062a3e701bb2477bfd73d7396ae522f11fa481078d1c7f7905e0846fb072dcf7c06102b3816ec4a3518514c7166d7385b680469f5184a93953258952554e68d93ea8f789c4f13982b65996d7d9cf19f0b39b72e1dc9079d84413bbc30d24fc481e24ef1beacb8bc15f50c2663d684d16a1c71b2c8a568481f4f1b254ccd66fbef4cacfc3e13f2c943a264e429824bef7297f93076aea55ed9cf12512ce3ac3df331695024bd1e53369a87caf6894fce811a64dad315402678de76", 0x390}, {&(0x7f0000000300)="439e9c06fc666cabc8569d63a866b31ff3ceda1e28f23f455e96a02001fc3fb089ed9e5234", 0x25}], 0x2}}], 0x2, 0x4048884) syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x1fffff, 0x10100, 0x0, 0x16e, 0x0, r3}, &(0x7f0000000080), &(0x7f0000000040)) 1.323511607s ago: executing program 1 (id=2666): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0x38, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x5}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_BUCKETS_LOG={0x8, 0x8, 0x8}]}}]}, 0x38}}, 0x40840) 1.259911821s ago: executing program 1 (id=2667): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_HARDIF(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r1, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x800) 1.190300458s ago: executing program 1 (id=2668): prctl$PR_GET_THP_DISABLE(0x2a) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x45, 0x2, 0x2}, {0x60}, {}, {0x6}]}) 163.503729ms ago: executing program 2 (id=2669): syz_emit_vhci(&(0x7f0000000300)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_ecred_reconf_rsp={{0x1a, 0x4, 0x2}, {0x7}}}}, 0xf) 0s ago: executing program 2 (id=2670): r0 = socket(0x2b, 0x1, 0x1) getsockopt$inet_buf(r0, 0x0, 0x30, 0x0, &(0x7f0000000080)) kernel console output (not intermixed with test programs): 0: non-zero urb status (-71) [ 624.187410][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.193948][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.200567][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.207166][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.213679][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.220230][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.226799][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.233287][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.239953][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.246504][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.252981][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.259510][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.265981][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.272540][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.279114][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.285590][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.292142][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.298691][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.305159][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.311692][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.318186][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.324661][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.331192][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.337746][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.344298][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.350984][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.357667][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.364135][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.370645][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.377204][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.383681][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.390207][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.396777][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.403260][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.409769][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.417087][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.423574][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.430073][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.436653][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.443140][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.449736][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.456319][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.462853][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.469450][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.475997][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.482626][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.489219][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.495740][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.502338][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.512192][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.512241][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.512951][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.519770][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.526143][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.532536][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.539069][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.545533][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.552080][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.558624][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.565082][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.571606][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.578130][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.584605][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.591226][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.597752][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.604219][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.610726][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.617205][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.623681][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.630190][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.636709][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.643206][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.649700][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.656231][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.662701][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.669206][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.675682][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.682197][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.688726][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.695193][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.701701][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.708193][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.714646][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.721161][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.727643][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.734104][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.740661][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.747217][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.753689][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.760235][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.766740][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.773262][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.779835][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.786372][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.792856][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.799384][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.805854][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.812435][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.818950][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.825422][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.832102][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.838680][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.845342][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.851953][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.858572][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.865104][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.871701][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.878296][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.884796][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.891390][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.897922][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.904382][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.911072][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.917594][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.924070][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.930566][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.937055][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.943560][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.950303][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.957009][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.963522][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.970027][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.976550][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.983019][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.989550][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 624.996012][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.002507][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.009012][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.015489][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.022098][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.028691][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.035234][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.041868][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.048471][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.055181][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.061800][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.068394][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.074902][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.081469][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.088009][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.094491][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.101023][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.107540][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.114018][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.120542][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.127071][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.133563][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.140091][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.146713][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.153350][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.160044][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.166642][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.173182][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.179690][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.186198][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.192712][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.199256][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.205750][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.212309][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.218817][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.225313][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.232241][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.238843][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.245365][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.251969][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.258583][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.265096][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.271659][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.278264][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.284806][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.291421][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.297958][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.304456][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.311026][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.317564][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.324044][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.330583][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.337119][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.343627][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.350219][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.356775][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.363248][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.369748][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.376326][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.382798][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.389324][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.395812][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.402328][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.408876][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.415352][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.421864][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.428481][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.434939][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.441459][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.448063][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.454557][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.461083][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.467624][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.474104][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.480622][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.487112][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.493583][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.500143][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.506678][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.513177][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.519676][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.526234][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.532725][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.539249][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.545710][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.552205][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.558742][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.565225][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.571713][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.578216][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.584688][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.591277][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.597761][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.604224][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.610709][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.617217][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.623716][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.630316][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.636818][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.643292][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.649799][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.656331][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.662822][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.669415][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.675953][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.682556][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.689154][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.695684][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.702284][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.708873][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.715405][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.722044][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.728586][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.735140][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.741656][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.748146][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.754605][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.761130][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.767699][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.774199][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.780803][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.787411][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.793987][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.800627][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.807213][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.813702][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.820215][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.826823][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.833353][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.839941][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.846504][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.853046][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.859656][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.866229][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.872775][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.879370][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.885895][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.892483][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.899060][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.905576][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.912088][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.918670][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.925247][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.931827][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.938399][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.944937][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.951491][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.958087][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.964608][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.971295][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.978042][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.984577][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.991184][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 625.997752][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.004266][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.010888][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.017453][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.023933][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.030505][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.037058][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.043592][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.050121][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.056644][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.063141][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.069664][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.076219][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.082707][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.089235][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.095687][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.102283][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.108882][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.115408][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.122087][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.128690][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.135195][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.141797][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.148373][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.153847][T13103] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2253'. [ 626.154890][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.189629][ C0] vkms_vblank_simulate: vblank timer overrun [ 626.196312][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.202965][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.210951][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.217627][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.221038][ T5890] usb 2-1: USB disconnect, device number 32 [ 626.224362][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.236765][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.243467][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.250236][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.256847][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.263430][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.270241][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.277000][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.283624][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.290254][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.296868][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.303467][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.310130][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.316844][ C0] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 626.323714][ T5891] radio-si470x 5-1:0.0: probe with driver radio-si470x failed with error -22 [ 626.333087][ T8708] em28xx 4-1:0.0: Config register raw data: 0xfffffffb [ 626.340690][ T8708] em28xx 4-1:0.0: AC97 chip type couldn't be determined [ 626.347939][ T8708] em28xx 4-1:0.0: No AC97 audio processor [ 626.356468][ T5891] usb 5-1: USB disconnect, device number 12 [ 626.386525][ T8708] usb 4-1: USB disconnect, device number 30 [ 626.451088][ T8708] em28xx 4-1:0.0: Disconnecting em28xx [ 626.465557][ T8708] em28xx 4-1:0.0: Freeing device [ 626.479505][ T5842] udevd[5842]: setting owner of /dev/bus/usb/004/030 to uid=0, gid=0 failed: No such file or directory [ 626.584379][T13109] program syz.3.2255 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 627.186351][ T8708] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 627.356287][ T8708] usb 3-1: Using ep0 maxpacket: 16 [ 627.362901][ T8708] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 627.374978][ T8708] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 627.412821][ T8708] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 627.422366][ T8708] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 627.431043][ T8708] usb 3-1: Product: syz [ 627.435486][ T8708] usb 3-1: Manufacturer: syz [ 627.440742][ T8708] usb 3-1: SerialNumber: syz [ 627.453981][ T8708] usb 3-1: config 0 descriptor?? [ 627.465514][ T8708] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 627.483409][ T8708] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 628.069110][ T8708] em28xx 3-1:0.0: unknown em28xx chip ID (0) [ 628.076092][ T8708] em28xx 3-1:0.0: Config register raw data: 0x00 [ 629.347554][T13170] netlink: 'syz.4.2272': attribute type 2 has an invalid length. [ 629.476365][ T5890] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 629.773770][ T5890] usb 4-1: Using ep0 maxpacket: 16 [ 629.799397][ T5890] usb 4-1: unable to get BOS descriptor or descriptor too short [ 629.822216][ T5890] usb 4-1: config 9 has an invalid interface number: 212 but max is 0 [ 629.836488][ T5890] usb 4-1: config 9 has no interface number 0 [ 629.863141][ T5890] usb 4-1: config 9 interface 212 has no altsetting 0 [ 629.873754][ T5890] usb 4-1: New USB device found, idVendor=05ac, idProduct=0252, bcdDevice=f3.5f [ 629.898473][ T5890] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 629.913909][ T5890] usb 4-1: Product: syz [ 629.925585][ T5890] usb 4-1: Manufacturer: syz [ 629.971238][ T5890] usb 4-1: SerialNumber: syz [ 630.023018][ T5892] usb 3-1: USB disconnect, device number 12 [ 630.059447][ T5892] em28xx 3-1:0.0: Disconnecting em28xx [ 630.094011][ T5892] em28xx 3-1:0.0: Freeing device [ 630.726487][ T5892] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 630.845492][T13187] FAULT_INJECTION: forcing a failure. [ 630.845492][T13187] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 630.878401][T13187] CPU: 1 UID: 0 PID: 13187 Comm: syz.2.2277 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) [ 630.878442][T13187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 630.878456][T13187] Call Trace: [ 630.878464][T13187] [ 630.878476][T13187] dump_stack_lvl+0x241/0x360 [ 630.878511][T13187] ? __pfx_dump_stack_lvl+0x10/0x10 [ 630.878539][T13187] ? __pfx__printk+0x10/0x10 [ 630.878573][T13187] should_fail_ex+0x424/0x570 [ 630.878606][T13187] _copy_from_user+0x2d/0xb0 [ 630.878632][T13187] copy_msghdr_from_user+0xb3/0x580 [ 630.878658][T13187] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 630.878678][T13187] ? __fget_files+0x2a/0x420 [ 630.878699][T13187] ? __fget_files+0x2a/0x420 [ 630.878724][T13187] __sys_sendmsg+0x20a/0x360 [ 630.878755][T13187] ? __pfx___sys_sendmsg+0x10/0x10 [ 630.878816][T13187] ? do_syscall_64+0xb6/0x230 [ 630.878840][T13187] do_syscall_64+0xf3/0x230 [ 630.878860][T13187] ? clear_bhb_loop+0x45/0xa0 [ 630.878883][T13187] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 630.878903][T13187] RIP: 0033:0x7f8f8e38d169 [ 630.878921][T13187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 630.878939][T13187] RSP: 002b:00007f8f8f1b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 630.878960][T13187] RAX: ffffffffffffffda RBX: 00007f8f8e5a5fa0 RCX: 00007f8f8e38d169 [ 630.878975][T13187] RDX: 0000000000008000 RSI: 0000200000000380 RDI: 0000000000000003 [ 630.878989][T13187] RBP: 00007f8f8f1b7090 R08: 0000000000000000 R09: 0000000000000000 [ 630.879002][T13187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 630.879015][T13187] R13: 0000000000000000 R14: 00007f8f8e5a5fa0 R15: 00007f8f8e6cfa28 [ 630.879039][T13187] [ 631.160603][ T5892] usb 5-1: Using ep0 maxpacket: 8 [ 631.167541][ T5892] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 631.182608][ T5892] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 7 [ 631.199178][ T5892] usb 5-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 631.208546][ T5892] usb 5-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 631.216882][ T5892] usb 5-1: Product: syz [ 631.221141][ T5892] usb 5-1: Manufacturer: syz [ 631.225772][ T5892] usb 5-1: SerialNumber: syz [ 631.404146][T13191] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2279'. [ 631.446080][ T5891] usb 5-1: USB disconnect, device number 13 [ 631.635515][T13197] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 631.815065][ T5890] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:9.212/input/input68 [ 631.835855][ T5195] bcm5974 4-1:9.212: could not read from device [ 631.859052][ T5195] bcm5974 4-1:9.212: could not read from device [ 631.892969][ T5890] usb 4-1: USB disconnect, device number 31 [ 631.899533][ T5195] bcm5974 4-1:9.212: could not read from device [ 631.930184][ T5891] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 631.957055][T13204] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2283'. [ 632.096714][ T5891] usb 3-1: config 0 has an invalid interface number: 81 but max is 2 [ 632.105084][ T5891] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 632.142445][ T5891] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 632.159464][ T5891] usb 3-1: config 0 has no interface number 0 [ 632.173020][ T5891] usb 3-1: config 0 interface 81 altsetting 3 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 632.263276][ T5891] usb 3-1: config 0 interface 81 has no altsetting 0 [ 632.286863][ T5891] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=21.7a [ 632.317810][ T5891] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 632.390085][ T5891] usb 3-1: config 0 descriptor?? [ 632.436396][ T8708] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 632.465180][T13217] FAULT_INJECTION: forcing a failure. [ 632.465180][T13217] name failslab, interval 1, probability 0, space 0, times 0 [ 632.571767][T13217] CPU: 1 UID: 0 PID: 13217 Comm: syz.0.2287 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) [ 632.571806][T13217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 632.571823][T13217] Call Trace: [ 632.571832][T13217] [ 632.571843][T13217] dump_stack_lvl+0x241/0x360 [ 632.571882][T13217] ? __pfx_dump_stack_lvl+0x10/0x10 [ 632.571914][T13217] ? __pfx__printk+0x10/0x10 [ 632.571943][T13217] ? __pfx___might_resched+0x10/0x10 [ 632.571971][T13217] should_fail_ex+0x424/0x570 [ 632.572005][T13217] should_failslab+0xac/0x100 [ 632.572036][T13217] __kmalloc_noprof+0xdf/0x4d0 [ 632.572075][T13217] ? sk_prot_alloc+0xe0/0x210 [ 632.572101][T13217] ? _raw_spin_unlock_irqrestore+0xde/0x140 [ 632.572136][T13217] sk_prot_alloc+0xe0/0x210 [ 632.572160][T13217] ? sk_alloc+0x27/0x370 [ 632.572188][T13217] sk_alloc+0x3e/0x370 [ 632.572217][T13217] __netlink_create+0x65/0x260 [ 632.572239][T13217] ? __pfx_genl_release+0x10/0x10 [ 632.572266][T13217] netlink_create+0x3c0/0x580 [ 632.572296][T13217] ? __pfx_genl_unbind+0x10/0x10 [ 632.572326][T13217] ? __pfx_genl_bind+0x10/0x10 [ 632.572359][T13217] __sock_create+0x4c0/0xa30 [ 632.572393][T13217] __sys_socket+0x14d/0x3c0 [ 632.572420][T13217] ? __pfx___sys_socket+0x10/0x10 [ 632.572458][T13217] __x64_sys_socket+0x7a/0x90 [ 632.572486][T13217] do_syscall_64+0xf3/0x230 [ 632.572515][T13217] ? clear_bhb_loop+0x45/0xa0 [ 632.572542][T13217] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 632.572568][T13217] RIP: 0033:0x7f8226b8f087 [ 632.572587][T13217] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 632.572605][T13217] RSP: 002b:00007f8227967fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 632.572629][T13217] RAX: ffffffffffffffda RBX: 00007f8226da5fa0 RCX: 00007f8226b8f087 [ 632.572645][T13217] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 632.572659][T13217] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 632.572672][T13217] R10: 0000200000000100 R11: 0000000000000286 R12: 0000000000000001 [ 632.572687][T13217] R13: 0000000000000000 R14: 00007f8226da5fa0 R15: 00007f8226ecfa28 [ 632.572712][T13217] [ 632.626586][ T5891] usb 3-1: string descriptor 0 read error: -71 [ 632.868011][ T5891] cdc_ether 3-1:0.81: skipping garbage [ 632.892118][ T5891] cdc_ether 3-1:0.81: skipping garbage [ 632.897960][ T5891] usb 3-1: bad CDC descriptors [ 632.904980][ T5891] usb 3-1: unsupported MDLM descriptors [ 632.913682][ T5891] usb 3-1: USB disconnect, device number 13 [ 632.926805][ T8708] usb 4-1: config 0 has no interfaces? [ 632.941263][ T8708] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 632.950597][ T8708] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 632.959503][ T8708] usb 4-1: Product: syz [ 632.963815][ T8708] usb 4-1: Manufacturer: syz [ 632.968572][ T8708] usb 4-1: SerialNumber: syz [ 632.975025][ T8708] usb 4-1: config 0 descriptor?? [ 633.208136][ T5891] hid-generic 0000:0003:0000.0026: unknown main item tag 0x0 [ 633.220352][ T5891] hid-generic 0000:0003:0000.0026: unknown main item tag 0x0 [ 633.251788][ T5891] hid-generic 0000:0003:0000.0026: hidraw0: HID v0.00 Device [syz0] on syz1 [ 633.692346][T13244] netlink: 'syz.1.2297': attribute type 10 has an invalid length. [ 633.713221][T13244] netlink: 'syz.1.2297': attribute type 19 has an invalid length. [ 633.721741][ T5891] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 633.746371][T13244] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2297'. [ 633.876414][ T5891] usb 3-1: Using ep0 maxpacket: 32 [ 633.890524][ T5891] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 633.903954][ T5891] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 633.913743][ T5891] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 633.922521][ T5891] usb 3-1: Product: syz [ 633.927136][ T5891] usb 3-1: Manufacturer: syz [ 633.931890][ T5891] usb 3-1: SerialNumber: syz [ 633.941037][ T5891] usb 3-1: config 0 descriptor?? [ 633.947183][T13235] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 633.955886][ T5891] hub 3-1:0.0: bad descriptor, ignoring hub [ 633.962773][ T5891] hub 3-1:0.0: probe with driver hub failed with error -5 [ 634.318903][ T5891] usb 3-1: USB disconnect, device number 14 [ 634.556418][ T5888] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 634.758993][ T5888] usb 5-1: config 0 has an invalid interface number: 238 but max is 0 [ 634.770208][ T5888] usb 5-1: config 0 has no interface number 0 [ 634.785304][ T5888] usb 5-1: config 0 interface 238 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 634.786565][ T5891] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 634.803577][ T5888] usb 5-1: config 0 interface 238 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 634.829126][ T5888] usb 5-1: config 0 interface 238 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0 [ 634.885924][ T5888] usb 5-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=76.6a [ 634.914964][ T5888] usb 5-1: New USB device strings: Mfr=7, Product=2, SerialNumber=3 [ 634.954675][ T5888] usb 5-1: Product: syz [ 634.967959][ T5888] usb 5-1: Manufacturer: syz [ 634.981355][ T5888] usb 5-1: SerialNumber: syz [ 635.006284][ T5891] usb 3-1: Using ep0 maxpacket: 32 [ 635.020113][ T5891] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 635.036822][ T5888] usb 5-1: config 0 descriptor?? [ 635.061432][ T5888] ni6501 5-1:0.238: driver 'ni6501' failed to auto-configure device. [ 635.073736][ T5891] usb 3-1: string descriptor 0 read error: -22 [ 635.081428][ T5891] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 635.185651][ T5891] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 635.399260][ T5891] usb 3-1: config 0 descriptor?? [ 635.475261][ T5888] usb 4-1: USB disconnect, device number 32 [ 635.484828][T13235] raw-gadget.3 gadget.2: fail, usb_ep_enable returned -22 [ 635.598246][ T5891] hub 3-1:0.0: bad descriptor, ignoring hub [ 635.622343][ T5891] hub 3-1:0.0: probe with driver hub failed with error -5 [ 635.694691][ T30] audit: type=1326 audit(1743222226.946:25663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13255 comm="syz.3.2300" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa45358d169 code=0x0 [ 635.946814][ T5893] usb 3-1: USB disconnect, device number 15 [ 636.151879][ T5892] usb 5-1: USB disconnect, device number 14 [ 636.224587][ T30] audit: type=1326 audit(1743222227.476:25664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13261 comm="syz.1.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f519318d169 code=0x7ffc0000 [ 636.271857][ T30] audit: type=1326 audit(1743222227.476:25665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13261 comm="syz.1.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f519318d169 code=0x7ffc0000 [ 636.327008][ T30] audit: type=1326 audit(1743222227.516:25666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13261 comm="syz.1.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7f519318d169 code=0x7ffc0000 [ 636.404737][ T30] audit: type=1326 audit(1743222227.516:25667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13261 comm="syz.1.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f519318d169 code=0x7ffc0000 [ 636.505687][ T30] audit: type=1326 audit(1743222227.516:25668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13261 comm="syz.1.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f519318d169 code=0x7ffc0000 [ 636.589655][ T30] audit: type=1326 audit(1743222227.516:25669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13261 comm="syz.1.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=145 compat=0 ip=0x7f519318d169 code=0x7ffc0000 [ 636.676635][ T30] audit: type=1326 audit(1743222227.516:25670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13261 comm="syz.1.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f519318d169 code=0x7ffc0000 [ 636.725520][ T30] audit: type=1326 audit(1743222227.516:25671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13261 comm="syz.1.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f519318d169 code=0x7ffc0000 [ 636.805725][ T30] audit: type=1326 audit(1743222227.516:25672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13261 comm="syz.1.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f519318d169 code=0x7ffc0000 [ 637.013419][T13289] FAULT_INJECTION: forcing a failure. [ 637.013419][T13289] name failslab, interval 1, probability 0, space 0, times 0 [ 637.040375][T13289] CPU: 1 UID: 0 PID: 13289 Comm: syz.1.2311 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) [ 637.040408][T13289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 637.040422][T13289] Call Trace: [ 637.040431][T13289] [ 637.040440][T13289] dump_stack_lvl+0x241/0x360 [ 637.040476][T13289] ? __pfx_dump_stack_lvl+0x10/0x10 [ 637.040505][T13289] ? __pfx__printk+0x10/0x10 [ 637.040535][T13289] ? __pfx___might_resched+0x10/0x10 [ 637.040563][T13289] should_fail_ex+0x424/0x570 [ 637.040603][T13289] should_failslab+0xac/0x100 [ 637.040635][T13289] kmem_cache_alloc_node_noprof+0x7d/0x3b0 [ 637.040667][T13289] ? __alloc_skb+0x1c2/0x480 [ 637.040692][T13289] ? __dev_queue_xmit+0x1780/0x3f60 [ 637.040725][T13289] __alloc_skb+0x1c2/0x480 [ 637.040750][T13289] ? do_syscall_64+0xf3/0x230 [ 637.040775][T13289] ? __pfx___alloc_skb+0x10/0x10 [ 637.040805][T13289] ? netlink_ack_tlv_len+0x6e/0x200 [ 637.040829][T13289] netlink_ack+0x147/0xa70 [ 637.040850][T13289] ? __pfx_nl80211_start_ap+0x10/0x10 [ 637.040883][T13289] netlink_rcv_skb+0x296/0x480 [ 637.040905][T13289] ? __pfx_genl_rcv_msg+0x10/0x10 [ 637.040935][T13289] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 637.040972][T13289] ? netlink_deliver_tap+0x2e/0x1b0 [ 637.040999][T13289] genl_rcv+0x28/0x40 [ 637.041025][T13289] netlink_unicast+0x7f8/0x9a0 [ 637.041063][T13289] ? __pfx_netlink_unicast+0x10/0x10 [ 637.041093][T13289] ? __virt_addr_valid+0x45f/0x530 [ 637.041120][T13289] ? __phys_addr_symbol+0x2f/0x70 [ 637.041146][T13289] ? __check_object_size+0x478/0x720 [ 637.041180][T13289] netlink_sendmsg+0x8e8/0xce0 [ 637.041212][T13289] ? __pfx_netlink_sendmsg+0x10/0x10 [ 637.041244][T13289] ? aa_sock_msg_perm+0x91/0x160 [ 637.041271][T13289] ? __pfx_netlink_sendmsg+0x10/0x10 [ 637.041292][T13289] __sock_sendmsg+0x221/0x270 [ 637.041317][T13289] ____sys_sendmsg+0x53c/0x870 [ 637.041356][T13289] ? __pfx_____sys_sendmsg+0x10/0x10 [ 637.041384][T13289] ? __fget_files+0x2a/0x420 [ 637.041406][T13289] ? __fget_files+0x2a/0x420 [ 637.041432][T13289] __sys_sendmsg+0x271/0x360 [ 637.041465][T13289] ? __pfx___sys_sendmsg+0x10/0x10 [ 637.041531][T13289] ? do_syscall_64+0xb6/0x230 [ 637.041554][T13289] do_syscall_64+0xf3/0x230 [ 637.041576][T13289] ? clear_bhb_loop+0x45/0xa0 [ 637.041607][T13289] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.041628][T13289] RIP: 0033:0x7f519318d169 [ 637.041646][T13289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 637.041665][T13289] RSP: 002b:00007f5193f08038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 637.041689][T13289] RAX: ffffffffffffffda RBX: 00007f51933a5fa0 RCX: 00007f519318d169 [ 637.041706][T13289] RDX: 0000000020000014 RSI: 00002000000001c0 RDI: 0000000000000003 [ 637.041720][T13289] RBP: 00007f5193f08090 R08: 0000000000000000 R09: 0000000000000000 [ 637.041735][T13289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 637.041748][T13289] R13: 0000000000000000 R14: 00007f51933a5fa0 R15: 00007f51934cfa28 [ 637.041775][T13289] [ 637.813116][T13304] FAULT_INJECTION: forcing a failure. [ 637.813116][T13304] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 637.837893][ T5888] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 637.867436][T13306] FAULT_INJECTION: forcing a failure. [ 637.867436][T13306] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 637.910598][T13304] CPU: 0 UID: 0 PID: 13304 Comm: syz.1.2316 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) [ 637.910620][T13304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 637.910630][T13304] Call Trace: [ 637.910636][T13304] [ 637.910643][T13304] dump_stack_lvl+0x241/0x360 [ 637.910668][T13304] ? __pfx_dump_stack_lvl+0x10/0x10 [ 637.910688][T13304] ? __pfx__printk+0x10/0x10 [ 637.910711][T13304] should_fail_ex+0x424/0x570 [ 637.910740][T13304] _copy_to_user+0x31/0xb0 [ 637.910759][T13304] simple_read_from_buffer+0xdc/0x170 [ 637.910783][T13304] proc_fail_nth_read+0x1ef/0x260 [ 637.910800][T13304] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 637.910817][T13304] ? rw_verify_area+0x246/0x630 [ 637.910833][T13304] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 637.910849][T13304] vfs_read+0x21f/0xb90 [ 637.910867][T13304] ? __pfx___mutex_lock+0x10/0x10 [ 637.910883][T13304] ? __pfx_vfs_read+0x10/0x10 [ 637.910901][T13304] ? __fget_files+0x2a/0x420 [ 637.910916][T13304] ? __fget_files+0x39d/0x420 [ 637.910928][T13304] ? __fget_files+0x2a/0x420 [ 637.910946][T13304] ksys_read+0x19d/0x2d0 [ 637.910963][T13304] ? __pfx_ksys_read+0x10/0x10 [ 637.910983][T13304] ? do_syscall_64+0xb6/0x230 [ 637.910998][T13304] do_syscall_64+0xf3/0x230 [ 637.911013][T13304] ? clear_bhb_loop+0x45/0xa0 [ 637.911029][T13304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.911043][T13304] RIP: 0033:0x7f519318bb7c [ 637.911056][T13304] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 637.911069][T13304] RSP: 002b:00007f5193f08030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 637.911086][T13304] RAX: ffffffffffffffda RBX: 00007f51933a5fa0 RCX: 00007f519318bb7c [ 637.911097][T13304] RDX: 000000000000000f RSI: 00007f5193f080a0 RDI: 0000000000000004 [ 637.911107][T13304] RBP: 00007f5193f08090 R08: 0000000000000000 R09: 0000000000000000 [ 637.911116][T13304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 637.911126][T13304] R13: 0000000000000000 R14: 00007f51933a5fa0 R15: 00007f51934cfa28 [ 637.911144][T13304] [ 638.125834][ C0] vkms_vblank_simulate: vblank timer overrun [ 638.228834][T13306] CPU: 0 UID: 0 PID: 13306 Comm: syz.4.2317 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) [ 638.228866][T13306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 638.228879][T13306] Call Trace: [ 638.228886][T13306] [ 638.228894][T13306] dump_stack_lvl+0x241/0x360 [ 638.228927][T13306] ? __pfx_dump_stack_lvl+0x10/0x10 [ 638.228954][T13306] ? __pfx__printk+0x10/0x10 [ 638.228985][T13306] should_fail_ex+0x424/0x570 [ 638.229017][T13306] _copy_from_user+0x2d/0xb0 [ 638.229042][T13306] do_ipv6_setsockopt+0x2f9/0x3680 [ 638.229071][T13306] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 638.229094][T13306] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 638.229127][T13306] ? __pfx___might_resched+0x10/0x10 [ 638.229152][T13306] ? rcu_read_lock_any_held+0xbb/0x160 [ 638.229177][T13306] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 638.229207][T13306] ? aa_sk_perm+0x96f/0xac0 [ 638.229229][T13306] ? ksys_write+0x24e/0x2d0 [ 638.229252][T13306] ? __pfx_aa_sk_perm+0x10/0x10 [ 638.229274][T13306] ipv6_setsockopt+0x5d/0x170 [ 638.229311][T13306] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 638.229333][T13306] do_sock_setsockopt+0x3b1/0x710 [ 638.229362][T13306] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 638.229385][T13306] ? __fget_files+0x2a/0x420 [ 638.229406][T13306] ? __fget_files+0x39d/0x420 [ 638.229424][T13306] ? __fget_files+0x2a/0x420 [ 638.229447][T13306] __x64_sys_setsockopt+0x1ee/0x280 [ 638.229478][T13306] do_syscall_64+0xf3/0x230 [ 638.229499][T13306] ? clear_bhb_loop+0x45/0xa0 [ 638.229522][T13306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 638.229542][T13306] RIP: 0033:0x7fd68238d169 [ 638.229557][T13306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 638.229569][T13306] RSP: 002b:00007fd68310e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 638.229585][T13306] RAX: ffffffffffffffda RBX: 00007fd6825a6080 RCX: 00007fd68238d169 [ 638.229596][T13306] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000006 [ 638.229605][T13306] RBP: 00007fd68310e090 R08: 0000000000000488 R09: 0000000000000000 [ 638.229615][T13306] R10: 0000200000000b00 R11: 0000000000000246 R12: 0000000000000001 [ 638.229624][T13306] R13: 0000000000000000 R14: 00007fd6825a6080 R15: 00007fd6826cfa28 [ 638.229641][T13306] [ 638.464400][ C0] vkms_vblank_simulate: vblank timer overrun [ 638.515984][ T5888] usb 3-1: config 0 has no interfaces? [ 638.525117][ T5888] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 638.534230][ T5888] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 638.546313][ T5888] usb 3-1: Product: syz [ 638.550808][ T5888] usb 3-1: Manufacturer: syz [ 638.583692][T13310] openvswitch: netlink: Key type 516 is out of range max 32 [ 638.762884][ T5888] usb 3-1: SerialNumber: syz [ 638.812926][ T5888] usb 3-1: config 0 descriptor?? [ 638.919169][T13319] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2322'. [ 639.006532][ T8708] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 639.107928][T13317] fuse: Bad value for 'fd' [ 639.137976][ T5893] hid-generic 0000:0003:0000.0027: unknown main item tag 0x0 [ 639.145648][ T5893] hid-generic 0000:0003:0000.0027: unknown main item tag 0x0 [ 639.162057][T13317] syzkaller1: entered promiscuous mode [ 639.166325][ T8708] usb 4-1: Using ep0 maxpacket: 16 [ 639.171957][T13317] syzkaller1: entered allmulticast mode [ 639.179068][ T5893] hid-generic 0000:0003:0000.0027: hidraw0: HID v0.00 Device [syz0] on syz1 [ 639.237108][ T8708] usb 4-1: config 0 has an invalid interface number: 105 but max is 0 [ 639.245910][ T8708] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 639.258023][ T8708] usb 4-1: config 0 has no interface number 0 [ 639.267012][ T8708] usb 4-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 639.276987][ T8708] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 639.297697][ T8708] usb 4-1: Product: syz [ 639.305229][ T8708] usb 4-1: Manufacturer: syz [ 639.310331][ T8708] usb 4-1: SerialNumber: syz [ 639.317117][ T8708] usb 4-1: config 0 descriptor?? [ 639.327981][ T8708] usb 4-1: Found UVC 0.00 device syz (046d:08f3) [ 639.334597][ T8708] usb 4-1: No valid video chain found. [ 639.619873][ T47] usb 4-1: USB disconnect, device number 33 [ 640.272895][T13345] netlink: 'syz.3.2331': attribute type 10 has an invalid length. [ 640.385829][ T5888] usb 3-1: USB disconnect, device number 16 [ 640.396928][T13345] netlink: 'syz.3.2331': attribute type 19 has an invalid length. [ 640.449099][T13345] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2331'. [ 641.667299][T13373] netlink: 92 bytes leftover after parsing attributes in process `syz.2.2341'. [ 641.790320][T13373] netlink: 92 bytes leftover after parsing attributes in process `syz.2.2341'. [ 642.066699][ T8708] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 642.171997][T13369] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2340'. [ 642.206351][ T8708] usb 3-1: device descriptor read/64, error -71 [ 642.264155][T13378] netlink: 'syz.4.2340': attribute type 1 has an invalid length. [ 642.405152][T13386] netlink: 'syz.3.2346': attribute type 1 has an invalid length. [ 642.446219][ T8708] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 642.491424][T13387] FAULT_INJECTION: forcing a failure. [ 642.491424][T13387] name failslab, interval 1, probability 0, space 0, times 0 [ 642.546286][ T47] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 642.578354][T13387] CPU: 1 UID: 0 PID: 13387 Comm: syz.3.2346 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) [ 642.578385][T13387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 642.578398][T13387] Call Trace: [ 642.578406][T13387] [ 642.578415][T13387] dump_stack_lvl+0x241/0x360 [ 642.578448][T13387] ? __pfx_dump_stack_lvl+0x10/0x10 [ 642.578476][T13387] ? __pfx__printk+0x10/0x10 [ 642.578505][T13387] ? __pfx___might_resched+0x10/0x10 [ 642.578532][T13387] should_fail_ex+0x424/0x570 [ 642.578562][T13387] should_failslab+0xac/0x100 [ 642.578596][T13387] __kvmalloc_node_noprof+0x170/0x5a0 [ 642.578625][T13387] ? alloc_netdev_mqs+0xa4/0x1210 [ 642.578658][T13387] ? __pfx_ipgre_tunnel_setup+0x10/0x10 [ 642.578683][T13387] alloc_netdev_mqs+0xa4/0x1210 [ 642.578713][T13387] ? __pfx_ipgre_tunnel_setup+0x10/0x10 [ 642.578742][T13387] rtnl_create_link+0x2f9/0xc90 [ 642.578777][T13387] rtnl_newlink_create+0x2f2/0xcb0 [ 642.578802][T13387] ? __mutex_lock+0x380/0x10c0 [ 642.578826][T13387] ? __pfx_aa_get_newest_label+0x10/0x10 [ 642.578851][T13387] ? __pfx_rtnl_newlink_create+0x10/0x10 [ 642.578878][T13387] ? __pfx___mutex_lock+0x10/0x10 [ 642.578905][T13387] ? ns_capable+0x8a/0xf0 [ 642.578937][T13387] rtnl_newlink+0x18b0/0x1fe0 [ 642.578960][T13387] ? stack_depot_save_flags+0x3a/0x970 [ 642.579000][T13387] ? __pfx_rtnl_newlink+0x10/0x10 [ 642.579044][T13387] ? __netlink_deliver_tap+0x561/0x7f0 [ 642.579084][T13387] ? netlink_deliver_tap+0x19d/0x1b0 [ 642.579102][T13387] ? netlink_unicast+0x7c6/0x9a0 [ 642.579127][T13387] ? netlink_sendmsg+0x8e8/0xce0 [ 642.579148][T13387] ? __sock_sendmsg+0x221/0x270 [ 642.579167][T13387] ? ____sys_sendmsg+0x53c/0x870 [ 642.579193][T13387] ? __sys_sendmsg+0x271/0x360 [ 642.579218][T13387] ? do_syscall_64+0xf3/0x230 [ 642.579237][T13387] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 642.579283][T13387] ? kasan_quarantine_put+0xdc/0x230 [ 642.579307][T13387] ? lockdep_hardirqs_on+0x9d/0x150 [ 642.579328][T13387] ? nlmon_xmit+0xaf/0x100 [ 642.579361][T13387] ? __local_bh_enable_ip+0x168/0x200 [ 642.579391][T13387] ? lockdep_hardirqs_on+0x9d/0x150 [ 642.579417][T13387] ? aa_get_newest_label+0x101/0x6f0 [ 642.579443][T13387] ? __lock_acquire+0xad5/0xd80 [ 642.579490][T13387] ? __pfx_rtnl_newlink+0x10/0x10 [ 642.579514][T13387] rtnetlink_rcv_msg+0x80f/0xd70 [ 642.579536][T13387] ? rtnetlink_rcv_msg+0x1ba/0xd70 [ 642.579563][T13387] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 642.579590][T13387] ? ref_tracker_free+0x63e/0x7e0 [ 642.579628][T13387] netlink_rcv_skb+0x208/0x480 [ 642.579651][T13387] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 642.579676][T13387] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 642.579710][T13387] ? netlink_deliver_tap+0x2e/0x1b0 [ 642.579735][T13387] ? netlink_deliver_tap+0x2e/0x1b0 [ 642.579758][T13387] netlink_unicast+0x7f8/0x9a0 [ 642.579797][T13387] ? __pfx_netlink_unicast+0x10/0x10 [ 642.579826][T13387] ? __virt_addr_valid+0x45f/0x530 [ 642.579853][T13387] ? __phys_addr_symbol+0x2f/0x70 [ 642.579880][T13387] ? __check_object_size+0x478/0x720 [ 642.579913][T13387] netlink_sendmsg+0x8e8/0xce0 [ 642.579945][T13387] ? __pfx_netlink_sendmsg+0x10/0x10 [ 642.579971][T13387] ? aa_sock_msg_perm+0x91/0x160 [ 642.579998][T13387] ? __pfx_netlink_sendmsg+0x10/0x10 [ 642.580020][T13387] __sock_sendmsg+0x221/0x270 [ 642.580049][T13387] ____sys_sendmsg+0x53c/0x870 [ 642.580084][T13387] ? __pfx_____sys_sendmsg+0x10/0x10 [ 642.580110][T13387] ? __fget_files+0x2a/0x420 [ 642.580133][T13387] ? __fget_files+0x2a/0x420 [ 642.580159][T13387] __sys_sendmsg+0x271/0x360 [ 642.580191][T13387] ? __pfx___sys_sendmsg+0x10/0x10 [ 642.580269][T13387] ? do_syscall_64+0xb6/0x230 [ 642.580291][T13387] do_syscall_64+0xf3/0x230 [ 642.580312][T13387] ? clear_bhb_loop+0x45/0xa0 [ 642.580335][T13387] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 642.580355][T13387] RIP: 0033:0x7fa45358d169 [ 642.580373][T13387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 642.580391][T13387] RSP: 002b:00007fa4543dc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 642.580415][T13387] RAX: ffffffffffffffda RBX: 00007fa4537a6080 RCX: 00007fa45358d169 [ 642.580431][T13387] RDX: 0000000000004000 RSI: 0000200000000280 RDI: 0000000000000004 [ 642.580445][T13387] RBP: 00007fa4543dc090 R08: 0000000000000000 R09: 0000000000000000 [ 642.580459][T13387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 642.580471][T13387] R13: 0000000000000001 R14: 00007fa4537a6080 R15: 00007fa4538cfa28 [ 642.580497][T13387] [ 642.626445][ T8708] usb 3-1: device descriptor read/64, error -71 [ 642.726274][ T47] usb 2-1: Using ep0 maxpacket: 8 [ 642.929920][ T8708] usb usb3-port1: attempt power cycle [ 643.362059][ T47] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 643.396289][ T8708] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 643.424627][ T47] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 643.438537][ T8708] usb 3-1: device descriptor read/8, error -71 [ 643.461034][ T47] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 643.486163][ T47] usb 2-1: Product: syz [ 643.511592][ T47] usb 2-1: Manufacturer: syz [ 643.538636][ T47] usb 2-1: SerialNumber: syz [ 643.696429][ T8708] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 643.733751][ T8708] usb 3-1: device descriptor read/8, error -71 [ 643.796521][ T47] usb 2-1: palm_os_3_probe - error -71 getting connection information [ 643.804767][ T47] visor 2-1:1.0: probe with driver visor failed with error -71 [ 643.868841][ T8708] usb usb3-port1: unable to enumerate USB device [ 643.893870][ T47] usb 2-1: USB disconnect, device number 33 [ 644.878944][T13415] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2355'. [ 645.364710][T13422] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2358'. [ 645.440924][T13422] FAULT_INJECTION: forcing a failure. [ 645.440924][T13422] name failslab, interval 1, probability 0, space 0, times 0 [ 645.463142][T13422] CPU: 0 UID: 0 PID: 13422 Comm: syz.4.2358 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) [ 645.463174][T13422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 645.463188][T13422] Call Trace: [ 645.463196][T13422] [ 645.463205][T13422] dump_stack_lvl+0x241/0x360 [ 645.463244][T13422] ? __pfx_dump_stack_lvl+0x10/0x10 [ 645.463272][T13422] ? __pfx__printk+0x10/0x10 [ 645.463302][T13422] ? __pfx___might_resched+0x10/0x10 [ 645.463328][T13422] should_fail_ex+0x424/0x570 [ 645.463362][T13422] should_failslab+0xac/0x100 [ 645.463393][T13422] kmem_cache_alloc_node_noprof+0x7d/0x3b0 [ 645.463425][T13422] ? __alloc_skb+0x1c2/0x480 [ 645.463454][T13422] __alloc_skb+0x1c2/0x480 [ 645.463483][T13422] ? __pfx___alloc_skb+0x10/0x10 [ 645.463508][T13422] ? __pfx_rtnl_newlink+0x10/0x10 [ 645.463535][T13422] ? netlink_ack_tlv_len+0x6e/0x200 [ 645.463559][T13422] netlink_ack+0x147/0xa70 [ 645.463578][T13422] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 645.463607][T13422] ? ref_tracker_free+0x63e/0x7e0 [ 645.463642][T13422] netlink_rcv_skb+0x296/0x480 [ 645.463665][T13422] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 645.463689][T13422] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 645.463724][T13422] ? netlink_deliver_tap+0x2e/0x1b0 [ 645.463748][T13422] ? netlink_deliver_tap+0x2e/0x1b0 [ 645.463780][T13422] netlink_unicast+0x7f8/0x9a0 [ 645.463818][T13422] ? __pfx_netlink_unicast+0x10/0x10 [ 645.463853][T13422] ? __virt_addr_valid+0x45f/0x530 [ 645.463881][T13422] ? __phys_addr_symbol+0x2f/0x70 [ 645.463907][T13422] ? __check_object_size+0x478/0x720 [ 645.463941][T13422] netlink_sendmsg+0x8e8/0xce0 [ 645.463972][T13422] ? __pfx_netlink_sendmsg+0x10/0x10 [ 645.463998][T13422] ? aa_sock_msg_perm+0x91/0x160 [ 645.464025][T13422] ? __pfx_netlink_sendmsg+0x10/0x10 [ 645.464047][T13422] __sock_sendmsg+0x221/0x270 [ 645.464070][T13422] __sys_sendto+0x365/0x4c0 [ 645.464100][T13422] ? __pfx___sys_sendto+0x10/0x10 [ 645.464135][T13422] ? __fget_files+0x2a/0x420 [ 645.464160][T13422] ? ksys_write+0x275/0x2d0 [ 645.464191][T13422] __x64_sys_sendto+0xde/0x100 [ 645.464219][T13422] do_syscall_64+0xf3/0x230 [ 645.464242][T13422] ? clear_bhb_loop+0x45/0xa0 [ 645.464266][T13422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 645.464288][T13422] RIP: 0033:0x7fd68238effc [ 645.464306][T13422] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 645.464325][T13422] RSP: 002b:00007fd68312dec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 645.464349][T13422] RAX: ffffffffffffffda RBX: 00007fd68312dfc0 RCX: 00007fd68238effc [ 645.464365][T13422] RDX: 0000000000000020 RSI: 00007fd68312e010 RDI: 0000000000000003 [ 645.464380][T13422] RBP: 0000000000000000 R08: 00007fd68312df14 R09: 000000000000000c [ 645.464393][T13422] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 645.464407][T13422] R13: 00007fd68312df68 R14: 00007fd68312e010 R15: 0000000000000000 [ 645.464433][T13422] [ 645.663693][T13431] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2361'. [ 645.668388][ C0] vkms_vblank_simulate: vblank timer overrun [ 645.687385][T13431] FAULT_INJECTION: forcing a failure. [ 645.687385][T13431] name failslab, interval 1, probability 0, space 0, times 0 [ 645.688020][ C0] vkms_vblank_simulate: vblank timer overrun [ 645.711611][T13431] CPU: 1 UID: 0 PID: 13431 Comm: syz.3.2361 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) [ 645.711645][T13431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 645.711660][T13431] Call Trace: [ 645.711669][T13431] [ 645.711678][T13431] dump_stack_lvl+0x241/0x360 [ 645.711718][T13431] ? __pfx_dump_stack_lvl+0x10/0x10 [ 645.711749][T13431] ? __pfx__printk+0x10/0x10 [ 645.711782][T13431] ? __pfx___might_resched+0x10/0x10 [ 645.711812][T13431] should_fail_ex+0x424/0x570 [ 645.711848][T13431] should_failslab+0xac/0x100 [ 645.711881][T13431] kmem_cache_alloc_node_noprof+0x7d/0x3b0 [ 645.711915][T13431] ? __alloc_skb+0x1c2/0x480 [ 645.711940][T13431] ? __dev_queue_xmit+0x1780/0x3f60 [ 645.711987][T13431] __alloc_skb+0x1c2/0x480 [ 645.712014][T13431] ? do_syscall_64+0xf3/0x230 [ 645.712041][T13431] ? __pfx___alloc_skb+0x10/0x10 [ 645.712072][T13431] ? netlink_ack_tlv_len+0x6e/0x200 [ 645.712098][T13431] netlink_ack+0x147/0xa70 [ 645.712120][T13431] ? __pfx_nl80211_set_wiphy+0x10/0x10 [ 645.712153][T13431] netlink_rcv_skb+0x296/0x480 [ 645.712177][T13431] ? __pfx_genl_rcv_msg+0x10/0x10 [ 645.712207][T13431] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 645.712254][T13431] ? netlink_deliver_tap+0x2e/0x1b0 [ 645.712281][T13431] genl_rcv+0x28/0x40 [ 645.712308][T13431] netlink_unicast+0x7f8/0x9a0 [ 645.712349][T13431] ? __pfx_netlink_unicast+0x10/0x10 [ 645.712381][T13431] ? __virt_addr_valid+0x45f/0x530 [ 645.712421][T13431] ? __phys_addr_symbol+0x2f/0x70 [ 645.712446][T13431] ? __check_object_size+0x478/0x720 [ 645.712480][T13431] netlink_sendmsg+0x8e8/0xce0 [ 645.712512][T13431] ? __pfx_netlink_sendmsg+0x10/0x10 [ 645.712539][T13431] ? aa_sock_msg_perm+0x91/0x160 [ 645.712566][T13431] ? __pfx_netlink_sendmsg+0x10/0x10 [ 645.712588][T13431] __sock_sendmsg+0x221/0x270 [ 645.712612][T13431] ____sys_sendmsg+0x53c/0x870 [ 645.712647][T13431] ? __pfx_____sys_sendmsg+0x10/0x10 [ 645.712675][T13431] ? __fget_files+0x2a/0x420 [ 645.712698][T13431] ? __fget_files+0x2a/0x420 [ 645.712724][T13431] __sys_sendmsg+0x271/0x360 [ 645.712756][T13431] ? __pfx___sys_sendmsg+0x10/0x10 [ 645.712823][T13431] ? do_syscall_64+0xb6/0x230 [ 645.712848][T13431] do_syscall_64+0xf3/0x230 [ 645.712870][T13431] ? clear_bhb_loop+0x45/0xa0 [ 645.712895][T13431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 645.712916][T13431] RIP: 0033:0x7fa45358d169 [ 645.712936][T13431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 645.712954][T13431] RSP: 002b:00007fa4543fd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 645.712990][T13431] RAX: ffffffffffffffda RBX: 00007fa4537a5fa0 RCX: 00007fa45358d169 [ 645.713007][T13431] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 645.713021][T13431] RBP: 00007fa4543fd090 R08: 0000000000000000 R09: 0000000000000000 [ 645.713035][T13431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 645.713047][T13431] R13: 0000000000000000 R14: 00007fa4537a5fa0 R15: 00007fa4538cfa28 [ 645.713075][T13431] [ 645.856452][ T5888] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 645.959944][ C0] vkms_vblank_simulate: vblank timer overrun [ 646.107802][ C0] vkms_vblank_simulate: vblank timer overrun [ 646.167735][ T8708] usb 2-1: new full-speed USB device number 34 using dummy_hcd [ 646.281927][T13443] FAULT_INJECTION: forcing a failure. [ 646.281927][T13443] name failslab, interval 1, probability 0, space 0, times 0 [ 646.294974][T13443] CPU: 0 UID: 0 PID: 13443 Comm: syz.3.2366 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) [ 646.295004][T13443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 646.295018][T13443] Call Trace: [ 646.295026][T13443] [ 646.295036][T13443] dump_stack_lvl+0x241/0x360 [ 646.295071][T13443] ? __pfx_dump_stack_lvl+0x10/0x10 [ 646.295100][T13443] ? __pfx__printk+0x10/0x10 [ 646.295126][T13443] ? ____sys_sendmsg+0x53c/0x870 [ 646.295157][T13443] ? __pfx___might_resched+0x10/0x10 [ 646.295183][T13443] should_fail_ex+0x424/0x570 [ 646.295217][T13443] should_failslab+0xac/0x100 [ 646.295248][T13443] kmem_cache_alloc_node_noprof+0x7d/0x3b0 [ 646.295280][T13443] ? __alloc_skb+0x1c2/0x480 [ 646.295321][T13443] __alloc_skb+0x1c2/0x480 [ 646.295350][T13443] ? __pfx___alloc_skb+0x10/0x10 [ 646.295378][T13443] ? netlink_has_listeners+0x2f5/0x3a0 [ 646.295408][T13443] ? netlink_has_listeners+0x73/0x3a0 [ 646.295441][T13443] tc_chain_notify+0x14c/0x2f0 [ 646.295470][T13443] __tcf_chain_get+0x2c0/0x3c0 [ 646.295493][T13443] tc_new_tfilter+0x941/0x1a90 [ 646.295534][T13443] ? __pfx_tc_new_tfilter+0x10/0x10 [ 646.295569][T13443] ? __lock_acquire+0xad5/0xd80 [ 646.295614][T13443] ? __pfx_tc_new_tfilter+0x10/0x10 [ 646.295639][T13443] rtnetlink_rcv_msg+0x80f/0xd70 [ 646.295660][T13443] ? rtnetlink_rcv_msg+0x1ba/0xd70 [ 646.295685][T13443] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 646.295714][T13443] ? ref_tracker_free+0x63e/0x7e0 [ 646.295768][T13443] netlink_rcv_skb+0x208/0x480 [ 646.295790][T13443] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 646.295815][T13443] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 646.295850][T13443] ? netlink_deliver_tap+0x2e/0x1b0 [ 646.295874][T13443] ? netlink_deliver_tap+0x2e/0x1b0 [ 646.295898][T13443] netlink_unicast+0x7f8/0x9a0 [ 646.295936][T13443] ? __pfx_netlink_unicast+0x10/0x10 [ 646.295973][T13443] ? __virt_addr_valid+0x45f/0x530 [ 646.296001][T13443] ? __phys_addr_symbol+0x2f/0x70 [ 646.296027][T13443] ? __check_object_size+0x478/0x720 [ 646.296061][T13443] netlink_sendmsg+0x8e8/0xce0 [ 646.296092][T13443] ? __pfx_netlink_sendmsg+0x10/0x10 [ 646.296123][T13443] ? aa_sock_msg_perm+0x91/0x160 [ 646.296150][T13443] ? __pfx_netlink_sendmsg+0x10/0x10 [ 646.296170][T13443] __sock_sendmsg+0x221/0x270 [ 646.296194][T13443] ____sys_sendmsg+0x53c/0x870 [ 646.296228][T13443] ? __pfx_____sys_sendmsg+0x10/0x10 [ 646.296268][T13443] ? __fget_files+0x2a/0x420 [ 646.296290][T13443] ? __fget_files+0x2a/0x420 [ 646.296315][T13443] __sys_sendmsg+0x271/0x360 [ 646.296347][T13443] ? __pfx___sys_sendmsg+0x10/0x10 [ 646.296410][T13443] ? do_syscall_64+0xb6/0x230 [ 646.296434][T13443] do_syscall_64+0xf3/0x230 [ 646.296455][T13443] ? clear_bhb_loop+0x45/0xa0 [ 646.296479][T13443] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 646.296499][T13443] RIP: 0033:0x7fa45358d169 [ 646.296517][T13443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 646.296535][T13443] RSP: 002b:00007fa4543fd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 646.296558][T13443] RAX: ffffffffffffffda RBX: 00007fa4537a5fa0 RCX: 00007fa45358d169 [ 646.296574][T13443] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000007 [ 646.296588][T13443] RBP: 00007fa4543fd090 R08: 0000000000000000 R09: 0000000000000000 [ 646.296601][T13443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 646.296613][T13443] R13: 0000000000000000 R14: 00007fa4537a5fa0 R15: 00007fa4538cfa28 [ 646.296639][T13443] [ 646.640017][ C0] vkms_vblank_simulate: vblank timer overrun [ 646.691034][ T8708] usb 2-1: unable to get BOS descriptor or descriptor too short [ 646.699344][ T8708] usb 2-1: not running at top speed; connect to a high speed hub [ 646.710853][ T8708] usb 2-1: config 4 has an invalid interface number: 147 but max is 0 [ 646.719160][ T8708] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 646.729394][ T8708] usb 2-1: config 4 has no interface number 0 [ 646.743441][ T8708] usb 2-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 646.752689][ T8708] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 646.761718][ T8708] usb 2-1: Product: syz [ 646.765941][ T8708] usb 2-1: Manufacturer: syz [ 646.768945][ T5888] usb 3-1: Using ep0 maxpacket: 32 [ 646.770675][ T8708] usb 2-1: SerialNumber: syz [ 646.806292][ T47] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 646.913741][ T5888] usb 3-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 646.923495][ T5888] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 646.953833][ T5888] usb 3-1: Product: syz [ 646.959409][ T5888] usb 3-1: Manufacturer: syz [ 646.964147][ T5888] usb 3-1: SerialNumber: syz [ 646.993914][ T8708] usb 2-1: Found UVC 0.02 device syz (04f2:b746) [ 646.997865][ T5888] usb 3-1: config 0 descriptor?? [ 647.000837][ T8708] usb 2-1: No valid video chain found. [ 647.013086][ T8708] usb 2-1: USB disconnect, device number 34 [ 647.048309][ T47] usb 5-1: config 0 has no interfaces? [ 647.062019][ T47] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 647.079971][ T5888] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 647.092731][ T47] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 647.120641][ T47] usb 5-1: Product: syz [ 647.131867][ T47] usb 5-1: Manufacturer: syz [ 647.142318][ T47] usb 5-1: SerialNumber: syz [ 647.165454][ T47] usb 5-1: config 0 descriptor?? [ 647.286266][ T5892] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 647.393285][ T8708] hid-generic 0000:0003:0000.0028: unknown main item tag 0x0 [ 647.441050][ T8708] hid-generic 0000:0003:0000.0028: unknown main item tag 0x0 [ 647.451446][ T8708] hid-generic 0000:0003:0000.0028: hidraw0: HID v0.00 Device [syz0] on syz1 [ 647.466011][ T5892] usb 4-1: config 0 has no interfaces? [ 647.474086][ T5892] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 647.483359][ T5892] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 647.492388][ T5892] usb 4-1: Product: syz [ 647.496883][ T5892] usb 4-1: Manufacturer: syz [ 647.501537][ T5892] usb 4-1: SerialNumber: syz [ 647.511887][ T5892] usb 4-1: config 0 descriptor?? [ 647.998510][ T5892] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 648.108354][ T5888] gspca_ov534_9: reg_w failed -110 [ 648.211873][ T5892] usb 2-1: config 0 has no interfaces? [ 648.223490][ T5892] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 648.233566][ T5892] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 648.243789][ T5892] usb 2-1: Product: syz [ 648.248278][ T5892] usb 2-1: Manufacturer: syz [ 648.253152][ T5892] usb 2-1: SerialNumber: syz [ 648.301405][ T5892] usb 2-1: config 0 descriptor?? [ 648.476233][ T5888] gspca_ov534_9: Unknown sensor 0000 [ 648.476300][ T5888] ov534_9 3-1:0.0: probe with driver ov534_9 failed with error -22 [ 648.969990][ T8708] usb 3-1: USB disconnect, device number 21 [ 649.390335][ T5892] usb 5-1: USB disconnect, device number 15 [ 650.041886][ T8708] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 650.228077][ T8708] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 650.241721][ T8708] usb 5-1: config 27 has 0 interfaces, different from the descriptor's value: 1 [ 650.257793][ T8708] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 650.274461][ T8708] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 650.286853][ T5893] usb 4-1: USB disconnect, device number 34 [ 650.332068][T13472] FAULT_INJECTION: forcing a failure. [ 650.332068][T13472] name failslab, interval 1, probability 0, space 0, times 0 [ 650.345221][T13472] CPU: 1 UID: 0 PID: 13472 Comm: syz.3.2373 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) [ 650.345250][T13472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 650.345264][T13472] Call Trace: [ 650.345272][T13472] [ 650.345281][T13472] dump_stack_lvl+0x241/0x360 [ 650.345316][T13472] ? __pfx_dump_stack_lvl+0x10/0x10 [ 650.345343][T13472] ? __pfx__printk+0x10/0x10 [ 650.345377][T13472] should_fail_ex+0x424/0x570 [ 650.345427][T13472] should_failslab+0xac/0x100 [ 650.345457][T13472] kmem_cache_alloc_node_noprof+0x7d/0x3b0 [ 650.345487][T13472] ? __alloc_skb+0x1c2/0x480 [ 650.345512][T13472] ? fib6_nh_init+0xe15/0x20e0 [ 650.345534][T13472] __alloc_skb+0x1c2/0x480 [ 650.345559][T13472] ? rt6_nlmsg_size+0x410/0x5c0 [ 650.345590][T13472] ? __pfx___alloc_skb+0x10/0x10 [ 650.345616][T13472] ? fib6_add_1+0xdce/0x13d0 [ 650.345652][T13472] inet6_rt_notify+0xba/0x240 [ 650.345678][T13472] fib6_add+0x21ac/0x4420 [ 650.345729][T13472] ? __pfx_fib6_add+0x10/0x10 [ 650.345760][T13472] ? do_raw_spin_lock+0x151/0x370 [ 650.345792][T13472] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 650.345821][T13472] ? ip6_route_add+0x76/0x160 [ 650.345844][T13472] ip6_route_add+0x8b/0x160 [ 650.345865][T13472] inet6_rtm_newroute+0x2a8/0x2100 [ 650.345906][T13472] ? __lock_acquire+0xad5/0xd80 [ 650.345939][T13472] ? __pfx_inet6_rtm_newroute+0x10/0x10 [ 650.345966][T13472] ? __mutex_trylock_common+0x184/0x2e0 [ 650.345994][T13472] ? __pfx___mutex_trylock_common+0x10/0x10 [ 650.346021][T13472] ? rcu_is_watching+0x15/0xb0 [ 650.346045][T13472] ? trace_contention_end+0x3c/0x120 [ 650.346068][T13472] ? __mutex_lock+0x380/0x10c0 [ 650.346090][T13472] ? aa_get_newest_label+0x101/0x6f0 [ 650.346138][T13472] ? __pfx_inet6_rtm_newroute+0x10/0x10 [ 650.346167][T13472] rtnetlink_rcv_msg+0x7c2/0xd70 [ 650.346189][T13472] ? rtnetlink_rcv_msg+0x1ba/0xd70 [ 650.346214][T13472] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 650.346240][T13472] ? ref_tracker_free+0x63e/0x7e0 [ 650.346275][T13472] netlink_rcv_skb+0x208/0x480 [ 650.346298][T13472] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 650.346323][T13472] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 650.346358][T13472] ? netlink_deliver_tap+0x2e/0x1b0 [ 650.346382][T13472] ? netlink_deliver_tap+0x2e/0x1b0 [ 650.346405][T13472] netlink_unicast+0x7f8/0x9a0 [ 650.346444][T13472] ? __pfx_netlink_unicast+0x10/0x10 [ 650.346474][T13472] ? __virt_addr_valid+0x45f/0x530 [ 650.346502][T13472] ? __phys_addr_symbol+0x2f/0x70 [ 650.346528][T13472] ? __check_object_size+0x478/0x720 [ 650.346561][T13472] netlink_sendmsg+0x8e8/0xce0 [ 650.346600][T13472] ? __pfx_netlink_sendmsg+0x10/0x10 [ 650.346626][T13472] ? aa_sock_msg_perm+0x91/0x160 [ 650.346652][T13472] ? __pfx_netlink_sendmsg+0x10/0x10 [ 650.346674][T13472] __sock_sendmsg+0x221/0x270 [ 650.346697][T13472] ____sys_sendmsg+0x53c/0x870 [ 650.346731][T13472] ? __pfx_____sys_sendmsg+0x10/0x10 [ 650.346759][T13472] ? __fget_files+0x2a/0x420 [ 650.346793][T13472] ? __fget_files+0x2a/0x420 [ 650.346819][T13472] __sys_sendmsg+0x271/0x360 [ 650.346850][T13472] ? __pfx___sys_sendmsg+0x10/0x10 [ 650.346914][T13472] ? do_syscall_64+0xb6/0x230 [ 650.346938][T13472] do_syscall_64+0xf3/0x230 [ 650.346958][T13472] ? clear_bhb_loop+0x45/0xa0 [ 650.346981][T13472] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 650.347001][T13472] RIP: 0033:0x7fa45358d169 [ 650.347019][T13472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 650.347038][T13472] RSP: 002b:00007fa4543fd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 650.347061][T13472] RAX: ffffffffffffffda RBX: 00007fa4537a5fa0 RCX: 00007fa45358d169 [ 650.347077][T13472] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000003 [ 650.347090][T13472] RBP: 00007fa4543fd090 R08: 0000000000000000 R09: 0000000000000000 [ 650.347103][T13472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 650.347115][T13472] R13: 0000000000000000 R14: 00007fa4537a5fa0 R15: 00007fa4538cfa28 [ 650.347141][T13472] [ 650.996849][T13469] fuse: Bad value for 'fd' [ 651.445615][T13480] netlink: 'syz.0.2376': attribute type 2 has an invalid length. [ 651.666303][ T5888] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 651.762930][ T5887] usb 2-1: USB disconnect, device number 35 [ 651.836272][ T5888] usb 4-1: Using ep0 maxpacket: 8 [ 651.843583][ T5888] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 651.900666][ T5888] usb 4-1: config 1 has no interface number 1 [ 651.948693][ T5888] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 651.978434][ T5888] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 651.987678][ T5888] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 652.003463][ T5888] usb 4-1: Product: syz [ 652.011462][ T5888] usb 4-1: Manufacturer: syz [ 652.033498][ T5888] usb 4-1: SerialNumber: syz [ 652.404506][T13490] netlink: 3 bytes leftover after parsing attributes in process `syz.2.2380'. [ 652.414680][T13490] openvswitch: netlink: Flow actions attr not present in new flow. [ 652.498288][T13490] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2380'. [ 652.535044][T13490] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2380'. [ 652.557060][T13495] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2379'. [ 652.628024][ T5887] usb 5-1: USB disconnect, device number 16 [ 652.957325][T13506] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2384'. [ 654.348920][ T5888] usb 4-1: 2:1 : format type 0 is detected, processed as PCM [ 654.378495][ T5888] usb 4-1: 2:1 : sample bitwidth 243 in over sample bytes 3 [ 654.408917][ T5888] usb 4-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 654.422290][ T5888] usb 4-1: 2:1 : invalid channels 0 [ 654.486693][ T5888] usb 4-1: USB disconnect, device number 35 [ 654.786224][ T8708] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 654.940077][ T8708] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 86, changing to 10 [ 654.960152][ T8708] usb 3-1: New USB device found, idVendor=056a, idProduct=0333, bcdDevice= 0.00 [ 654.972532][ T8708] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 654.982833][ T8708] usb 3-1: config 0 descriptor?? [ 655.002812][ T5888] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 655.339070][ T5888] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 655.353733][ T5888] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 655.363673][ T5888] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 655.372948][ T5888] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 655.549531][T13518] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 655.568995][ T5888] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 655.597632][ T8708] usbhid 3-1:0.0: can't add hid device: -71 [ 655.603747][ T8708] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 655.654401][ T8708] usb 3-1: USB disconnect, device number 22 [ 655.671638][ T5836] udevd[5836]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 657.106244][ T10] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 657.698054][ T10] usb 3-1: config 0 has no interfaces? [ 657.710306][ T10] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 657.719546][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 657.727742][ T10] usb 3-1: Product: syz [ 657.732009][ T10] usb 3-1: Manufacturer: syz [ 657.738984][ T10] usb 3-1: SerialNumber: syz [ 657.745535][ T10] usb 3-1: config 0 descriptor?? [ 657.807662][ T5887] usb 4-1: USB disconnect, device number 36 [ 658.075174][T13555] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 658.082111][T13555] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 658.918855][T13558] fuse: Unknown parameter 'user00000000000000000000' [ 658.932938][T13558] syzkaller1: entered promiscuous mode [ 658.938599][T13558] syzkaller1: entered allmulticast mode [ 659.796692][T13575] openvswitch: netlink: Actions may not be safe on all matching packets [ 659.876562][ T10] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 659.968971][ T5890] usb 3-1: USB disconnect, device number 23 [ 660.036851][ T10] usb 5-1: Using ep0 maxpacket: 32 [ 660.038490][ T10] usb 5-1: config 0 has an invalid descriptor of length 110, skipping remainder of the config [ 660.038522][ T10] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 660.040419][ T10] usb 5-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 660.040450][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 660.040474][ T10] usb 5-1: Product: syz [ 660.040491][ T10] usb 5-1: Manufacturer: syz [ 660.040508][ T10] usb 5-1: SerialNumber: syz [ 660.042236][ T10] usb 5-1: config 0 descriptor?? [ 660.279137][ T30] kauditd_printk_skb: 25 callbacks suppressed [ 660.279162][ T30] audit: type=1326 audit(1743222251.466:25698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13578 comm="syz.3.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa45358d169 code=0x7ffc0000 [ 660.342128][ T30] audit: type=1326 audit(1743222251.486:25699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13578 comm="syz.3.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7fa45358d169 code=0x7ffc0000 [ 660.402955][ T30] audit: type=1326 audit(1743222251.486:25700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13578 comm="syz.3.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa45358d169 code=0x7ffc0000 [ 660.427065][ T30] audit: type=1326 audit(1743222251.486:25701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13578 comm="syz.3.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa45358d169 code=0x7ffc0000 [ 660.451156][ T30] audit: type=1326 audit(1743222251.486:25702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13578 comm="syz.3.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=145 compat=0 ip=0x7fa45358d169 code=0x7ffc0000 [ 660.496678][ T30] audit: type=1326 audit(1743222251.486:25703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13578 comm="syz.3.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa45358d169 code=0x7ffc0000 [ 660.569256][ T30] audit: type=1326 audit(1743222251.486:25704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13578 comm="syz.3.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa45358d169 code=0x7ffc0000 [ 660.598635][ T30] audit: type=1326 audit(1743222251.486:25705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13578 comm="syz.3.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa45358d169 code=0x7ffc0000 [ 660.628267][ T30] audit: type=1326 audit(1743222251.496:25706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13578 comm="syz.3.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa45358d169 code=0x7ffc0000 [ 660.800509][T13595] fuse: Unknown parameter 'user00000000000000000000' [ 660.812876][T13595] syzkaller1: entered promiscuous mode [ 660.818900][T13595] syzkaller1: entered allmulticast mode [ 661.201770][T13605] loop4: detected capacity change from 0 to 8 [ 661.212346][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 661.221662][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 661.231533][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 661.240788][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 661.249665][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 661.258941][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 661.267678][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 661.276975][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 661.285317][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 661.294673][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 661.303081][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 661.312430][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 661.320690][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 661.329896][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 661.338759][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 661.348176][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 661.361170][T13605] ldm_validate_partition_table(): Disk read failed. [ 661.368173][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 661.377468][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 661.385548][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 661.394878][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 661.405407][T13605] Dev loop4: unable to read RDB block 0 [ 661.412313][T13605] loop4: unable to read partition table [ 661.428926][T13605] loop4: partition table beyond EOD, truncated [ 661.435190][T13605] loop_reread_partitions: partition scan of loop4 (3Ÿ ¾‚³˜) failed (rc=-5) [ 661.589322][ T5893] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 661.591165][T13612] FAULT_INJECTION: forcing a failure. [ 661.591165][T13612] name failslab, interval 1, probability 0, space 0, times 0 [ 661.610112][T13612] CPU: 1 UID: 0 PID: 13612 Comm: syz.2.2415 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) [ 661.610134][T13612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 661.610144][T13612] Call Trace: [ 661.610150][T13612] [ 661.610156][T13612] dump_stack_lvl+0x241/0x360 [ 661.610182][T13612] ? __pfx_dump_stack_lvl+0x10/0x10 [ 661.610203][T13612] ? __pfx__printk+0x10/0x10 [ 661.610220][T13612] ? get_random_u32+0x199/0xab0 [ 661.610247][T13612] should_fail_ex+0x424/0x570 [ 661.610271][T13612] should_failslab+0xac/0x100 [ 661.610293][T13612] kmem_cache_alloc_noprof+0x78/0x390 [ 661.610315][T13612] ? sctp_get_port_local+0x796/0x1750 [ 661.610335][T13612] sctp_get_port_local+0x796/0x1750 [ 661.610361][T13612] ? __pfx_sctp_get_port_local+0x10/0x10 [ 661.610380][T13612] ? sctp_bind_addr_match+0x295/0x2b0 [ 661.610397][T13612] sctp_do_bind+0x513/0x950 [ 661.610420][T13612] sctp_connect_new_asoc+0x2a0/0x700 [ 661.610440][T13612] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 661.610460][T13612] ? __lock_acquire+0xad5/0xd80 [ 661.610489][T13612] ? sctp_endpoint_lookup_assoc+0xc9/0x250 [ 661.610509][T13612] __sctp_connect+0x6ab/0xe60 [ 661.610531][T13612] ? __pfx___sctp_connect+0x10/0x10 [ 661.610552][T13612] ? _copy_from_user+0x95/0xb0 [ 661.610569][T13612] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 661.610593][T13612] sctp_getsockopt_connectx3+0x46e/0x730 [ 661.610616][T13612] ? __local_bh_enable_ip+0x168/0x200 [ 661.610640][T13612] ? __pfx_sctp_getsockopt_connectx3+0x10/0x10 [ 661.610663][T13612] ? __local_bh_enable_ip+0x168/0x200 [ 661.610685][T13612] ? sctp_getsockopt+0x13a/0xbb0 [ 661.610702][T13612] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 661.610729][T13612] sctp_getsockopt+0x8de/0xbb0 [ 661.610745][T13612] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 661.610764][T13612] do_sock_getsockopt+0x391/0x740 [ 661.610786][T13612] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 661.610805][T13612] ? __fget_files+0x2a/0x420 [ 661.610820][T13612] ? __fget_files+0x39d/0x420 [ 661.610834][T13612] ? __fget_files+0x2a/0x420 [ 661.610851][T13612] __x64_sys_getsockopt+0x2a3/0x370 [ 661.610875][T13612] ? __pfx___x64_sys_getsockopt+0x10/0x10 [ 661.610899][T13612] ? do_syscall_64+0xb6/0x230 [ 661.610916][T13612] do_syscall_64+0xf3/0x230 [ 661.610939][T13612] ? clear_bhb_loop+0x45/0xa0 [ 661.610963][T13612] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 661.610984][T13612] RIP: 0033:0x7f8f8e38d169 [ 661.611003][T13612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 661.611022][T13612] RSP: 002b:00007f8f8f1b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 661.611044][T13612] RAX: ffffffffffffffda RBX: 00007f8f8e5a5fa0 RCX: 00007f8f8e38d169 [ 661.611056][T13612] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003 [ 661.611065][T13612] RBP: 00007f8f8f1b7090 R08: 0000200000000080 R09: 0000000000000000 [ 661.611076][T13612] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001 [ 661.611086][T13612] R13: 0000000000000000 R14: 00007f8f8e5a5fa0 R15: 00007f8f8e6cfa28 [ 661.611105][T13612] [ 662.008695][ T5893] usb 2-1: config 0 has no interfaces? [ 662.017766][ T5893] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 662.030288][ T5893] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 662.043130][ T5893] usb 2-1: Product: syz [ 662.047634][ T5893] usb 2-1: Manufacturer: syz [ 662.052255][ T5893] usb 2-1: SerialNumber: syz [ 662.065815][ T5893] usb 2-1: config 0 descriptor?? [ 662.279750][T13605] ip6t_REJECT: ECHOREPLY is not supported [ 662.287842][ T1093] loop: Write error at byte offset 1, length 4096. [ 662.626426][ T5887] usb 5-1: USB disconnect, device number 17 [ 663.976780][T13650] FAULT_INJECTION: forcing a failure. [ 663.976780][T13650] name failslab, interval 1, probability 0, space 0, times 0 [ 664.036956][T13650] CPU: 0 UID: 0 PID: 13650 Comm: syz.3.2426 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) [ 664.036990][T13650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 664.037004][T13650] Call Trace: [ 664.037012][T13650] [ 664.037022][T13650] dump_stack_lvl+0x241/0x360 [ 664.037057][T13650] ? __pfx_dump_stack_lvl+0x10/0x10 [ 664.037086][T13650] ? __pfx__printk+0x10/0x10 [ 664.037113][T13650] ? __pfx___might_resched+0x10/0x10 [ 664.037147][T13650] should_fail_ex+0x424/0x570 [ 664.037180][T13650] should_failslab+0xac/0x100 [ 664.037210][T13650] __kmalloc_noprof+0xdf/0x4d0 [ 664.037238][T13650] ? security_sk_alloc+0x53/0x360 [ 664.037270][T13650] security_sk_alloc+0x53/0x360 [ 664.037299][T13650] sk_prot_alloc+0xfa/0x210 [ 664.037329][T13650] sk_alloc+0x3e/0x370 [ 664.037358][T13650] inet6_create+0x6ce/0x10f0 [ 664.037399][T13650] ? inet6_create+0x78/0x10f0 [ 664.037431][T13650] __sock_create+0x4c0/0xa30 [ 664.037476][T13650] mptcp_subflow_create_socket+0x12d/0xd10 [ 664.037517][T13650] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 664.037557][T13650] __mptcp_nmpc_sk+0x18c/0x830 [ 664.037578][T13650] ? __local_bh_enable_ip+0x168/0x200 [ 664.037610][T13650] ? mptcp_bind+0x9d/0x1c0 [ 664.037638][T13650] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 664.037666][T13650] mptcp_bind+0xa5/0x1c0 [ 664.037697][T13650] __sys_bind+0x1de/0x290 [ 664.037721][T13650] ? __pfx___sys_bind+0x10/0x10 [ 664.037760][T13650] __x64_sys_bind+0x7a/0x90 [ 664.037783][T13650] do_syscall_64+0xf3/0x230 [ 664.037804][T13650] ? clear_bhb_loop+0x45/0xa0 [ 664.037828][T13650] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 664.037849][T13650] RIP: 0033:0x7fa45358d169 [ 664.037866][T13650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 664.037885][T13650] RSP: 002b:00007fa4543fd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 664.037908][T13650] RAX: ffffffffffffffda RBX: 00007fa4537a5fa0 RCX: 00007fa45358d169 [ 664.037924][T13650] RDX: 000000000000001c RSI: 0000200000000040 RDI: 0000000000000006 [ 664.037938][T13650] RBP: 00007fa4543fd090 R08: 0000000000000000 R09: 0000000000000000 [ 664.037952][T13650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 664.037965][T13650] R13: 0000000000000000 R14: 00007fa4537a5fa0 R15: 00007fa4538cfa28 [ 664.037992][T13650] [ 664.280366][ C0] vkms_vblank_simulate: vblank timer overrun [ 664.303573][ T10] usb 2-1: USB disconnect, device number 36 [ 664.796252][ T10] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 664.946555][ T10] usb 4-1: Using ep0 maxpacket: 16 [ 664.953623][ T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 664.973764][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 664.996466][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 59152, setting to 1024 [ 665.013039][ T10] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 665.029278][ T10] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 665.039274][ T10] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 665.047771][ T10] usb 4-1: Manufacturer: syz [ 665.065645][ T10] usb 4-1: config 0 descriptor?? [ 665.336628][ T10] rc_core: IR keymap rc-hauppauge not found [ 665.523284][ T10] Registered IR keymap rc-empty [ 665.544999][ T10] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 665.659991][ T10] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 665.725932][ T10] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 665.749482][ T10] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input69 [ 665.774825][ T10] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 665.839249][T13695] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 665.841094][ T10] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 665.856599][T13695] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 665.926456][ T10] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 666.166476][ T10] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 666.186753][ T10] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 666.206515][ T10] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 666.226473][ T10] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 666.256526][ T10] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 666.276489][ T10] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 666.296455][ T10] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 666.318797][ T10] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 666.343647][ T10] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 666.456634][ T10] usb 4-1: USB disconnect, device number 37 [ 666.630870][T13708] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8) [ 666.637473][T13708] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 666.665571][T13708] vhci_hcd vhci_hcd.0: Device attached [ 666.689597][T13708] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(10) [ 666.696277][T13708] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 666.996957][T13720] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 667.010446][T13708] vhci_hcd vhci_hcd.0: Device attached [ 667.036279][ T5893] vhci_hcd: vhci_device speed not set [ 667.105665][T13708] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(12) [ 667.112359][T13708] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 667.158336][ T5893] usb 41-1: new full-speed USB device number 3 using vhci_hcd [ 667.176496][T13708] vhci_hcd vhci_hcd.0: Device attached [ 667.232731][T13720] vhci_hcd vhci_hcd.0: pdev(4) rhport(4) sockfd(16) [ 667.239444][T13720] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 667.356623][T13708] vhci_hcd vhci_hcd.0: pdev(4) rhport(5) sockfd(19) [ 667.363326][T13708] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 667.490021][T13708] vhci_hcd vhci_hcd.0: Device attached [ 667.547792][T13720] vhci_hcd vhci_hcd.0: Device attached [ 667.570601][T13708] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 667.597356][T13708] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 667.685266][T13708] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 667.741606][T13713] vhci_hcd: connection closed [ 667.741687][T13727] vhci_hcd: connection closed [ 667.746569][T13725] vhci_hcd: connection closed [ 667.752000][T13709] vhci_hcd: connection reset by peer [ 667.762258][ T36] vhci_hcd: stop threads [ 667.762432][T13721] vhci_hcd: connection closed [ 667.769089][ T36] vhci_hcd: release socket [ 667.790885][ T36] vhci_hcd: disconnect device [ 667.820011][ T36] vhci_hcd: stop threads [ 667.834548][ T36] vhci_hcd: release socket [ 667.842901][ T36] vhci_hcd: disconnect device [ 667.858378][ T36] vhci_hcd: stop threads [ 667.862704][ T36] vhci_hcd: release socket [ 667.876930][ T36] vhci_hcd: disconnect device [ 667.883091][ T36] vhci_hcd: stop threads [ 667.906258][ T36] vhci_hcd: release socket [ 667.910898][ T36] vhci_hcd: disconnect device [ 667.915981][ T36] vhci_hcd: stop threads [ 667.931703][ T36] vhci_hcd: release socket [ 667.947005][ T36] vhci_hcd: disconnect device [ 670.206331][ T5888] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 670.405160][ T5888] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 670.429802][ T5888] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 670.450400][ T5888] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 670.613173][ T5888] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 670.655192][ C0] vxcan1: j1939_tp_rxtimer: 0xffff88801ffcbc00: rx timeout, send abort [ 670.669403][ C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff88801ffcbc00: 0x0f000: (3) A timeout occurred and this is the connection abort to close the session. [ 670.684631][T13779] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 670.695945][ T5888] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 670.942415][ T10] usb 2-1: USB disconnect, device number 37 [ 671.280399][T13821] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2472'. [ 671.291002][T13821] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 672.336327][ T5893] vhci_hcd: vhci_device speed not set [ 673.026237][ T8708] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 673.222568][ T8708] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 673.236568][ T8708] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 673.260198][ T8708] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 673.286352][ T8708] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 673.307359][ T8708] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 673.342302][ T8708] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 673.360008][ T8708] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 673.406432][ T8708] usb 5-1: Product: syz [ 673.410743][ T8708] usb 5-1: Manufacturer: syz [ 673.514413][ T8708] cdc_wdm 5-1:1.0: skipping garbage [ 673.527908][ T8708] cdc_wdm 5-1:1.0: skipping garbage [ 673.540981][ T8708] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 673.549789][ T8708] cdc_wdm 5-1:1.0: Unknown control protocol [ 674.159456][ T5887] usb 5-1: USB disconnect, device number 18 [ 676.017750][ T8708] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 676.189054][ T8708] usb 5-1: config 0 has no interfaces? [ 676.196819][ T8708] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 676.224681][ T8708] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 676.269911][ T8708] usb 5-1: config 0 descriptor?? [ 677.433968][T13930] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2505'. [ 677.846395][T13930] team0 (unregistering): Port device team_slave_0 removed [ 677.895881][T13930] team0 (unregistering): Port device team_slave_1 removed [ 678.358839][T13939] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2506'. [ 678.867694][ T5888] usb 5-1: USB disconnect, device number 19 [ 681.296614][T13979] loop8: detected capacity change from 0 to 1 [ 681.305094][T13979] Dev loop8: unable to read RDB block 1 [ 681.310912][T13979] loop8: unable to read partition table [ 681.317360][T13979] loop8: partition table beyond EOD, truncated [ 681.323654][T13979] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 681.960778][T13987] block device autoloading is deprecated and will be removed. [ 684.379676][T14028] veth0_vlan: entered allmulticast mode [ 684.458370][T14028] veth0_vlan: left promiscuous mode [ 684.464268][T14028] veth0_vlan: entered promiscuous mode [ 684.826547][ T5893] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 684.866310][ T8708] usb 3-1: new full-speed USB device number 24 using dummy_hcd [ 685.021805][ T8708] usb 3-1: config 4 has an invalid interface number: 231 but max is 0 [ 685.062883][ T8708] usb 3-1: config 4 has no interface number 0 [ 685.087783][ T8708] usb 3-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d [ 685.101393][ T8708] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 685.141057][ T8708] usb 3-1: Product: syz [ 685.145284][ T8708] usb 3-1: Manufacturer: syz [ 685.170277][ T8708] usb 3-1: SerialNumber: syz [ 685.200710][ T8708] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state. [ 685.212960][ T5893] usb 4-1: Using ep0 maxpacket: 16 [ 685.447423][ T8708] vp7045: USB control message 'out' went wrong. [ 685.454218][ T8708] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 685.475194][T14044] usb usb8: usbfs: process 14044 (syz.0.2545) did not claim interface 0 before use [ 685.510026][ T5893] usb 4-1: unable to get BOS descriptor or descriptor too short [ 685.551936][ T8708] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19) [ 685.573778][ T5893] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 685.609534][ T8708] usb 3-1: USB disconnect, device number 24 [ 685.625868][ T5893] usb 4-1: config 0 has no interfaces? [ 685.673468][ T5893] usb 4-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40 [ 685.695429][ T5893] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 685.748942][ T5893] usb 4-1: Product: syz [ 685.759577][ T5893] usb 4-1: Manufacturer: syz [ 685.764240][ T5893] usb 4-1: SerialNumber: syz [ 685.806672][ T5893] usb 4-1: config 0 descriptor?? [ 685.956616][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.963073][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 685.976275][ T5887] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 686.164167][ T5887] usb 5-1: unable to get BOS descriptor or descriptor too short [ 686.182377][ T5887] usb 5-1: config 86 has an invalid interface number: 124 but max is 0 [ 686.191161][ T5887] usb 5-1: config 86 has no interface number 0 [ 686.203862][ T5887] usb 5-1: config 86 interface 124 altsetting 4 bulk endpoint 0x6 has invalid maxpacket 16 [ 686.225739][ T5887] usb 5-1: config 86 interface 124 has no altsetting 0 [ 686.258630][ T5887] usb 5-1: New USB device found, idVendor=0421, idProduct=0425, bcdDevice=fb.ba [ 686.271054][ T5887] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 686.286236][ T5887] usb 5-1: Product: syz [ 686.296530][ T5887] usb 5-1: Manufacturer: syz [ 686.307166][ T5887] usb 5-1: SerialNumber: syz [ 686.548128][ T5887] rndis_host 5-1:86.124: invalid descriptor buffer length [ 686.555327][ T5887] usb 5-1: bad CDC descriptors [ 686.619650][ T5887] cdc_acm 5-1:86.124: invalid descriptor buffer length [ 686.649724][ T5887] usb 5-1: USB disconnect, device number 20 [ 686.786023][T14064] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2554'. [ 687.446951][ T8708] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 687.607584][ T8708] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 687.628238][ T8708] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 687.673565][ T8708] usb 5-1: config 1 has no interface number 0 [ 687.691220][ T8708] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 687.794092][ T8708] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 687.828367][ T8708] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 687.846251][ T8708] usb 5-1: Product: syz [ 687.856648][ T8708] usb 5-1: Manufacturer: syz [ 687.876225][ T8708] usb 5-1: SerialNumber: syz [ 687.925854][ T8708] usb 5-1: selecting invalid altsetting 1 [ 688.015524][T14077] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2558'. [ 688.036583][T14077] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2558'. [ 688.167718][ T5890] usb 4-1: USB disconnect, device number 38 [ 688.586262][ T8708] usb 5-1: selecting invalid altsetting 1 [ 688.592106][ T8708] cdc_ncm 5-1:1.1: bind() failure [ 688.774753][ T8708] usb 5-1: USB disconnect, device number 21 [ 689.140352][T14089] batman_adv: batadv0: Adding interface: ip6gretap1 [ 689.161573][T14089] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500. [ 689.183821][T14089] batman_adv: batadv0: Interface activated: ip6gretap1 [ 689.786700][ T8708] usb 5-1: new full-speed USB device number 22 using dummy_hcd [ 690.010028][ T8708] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 690.049960][ T8708] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 690.090659][ T8708] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64 [ 690.128729][ T8708] usb 5-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 690.145380][ T8708] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 690.167043][ T8708] usb 5-1: Product: syz [ 690.171316][ T8708] usb 5-1: Manufacturer: syz [ 690.175945][ T8708] usb 5-1: SerialNumber: syz [ 690.202232][ T8708] usb 5-1: config 0 descriptor?? [ 690.212970][T14093] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 690.225201][T14093] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 690.233511][ T30] audit: type=1326 audit(1743222281.496:25707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8226b8d169 code=0x7ffc0000 [ 690.243945][ T8708] usb 5-1: ucan: probing device on interface #0 [ 690.266490][ T5890] usb 2-1: new full-speed USB device number 38 using dummy_hcd [ 690.304971][ T30] audit: type=1326 audit(1743222281.496:25708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8226b8d169 code=0x7ffc0000 [ 690.359951][ T30] audit: type=1326 audit(1743222281.536:25709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f8226b8d169 code=0x7ffc0000 [ 690.387957][ T30] audit: type=1326 audit(1743222281.536:25710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8226b8d169 code=0x7ffc0000 [ 690.415069][ T30] audit: type=1326 audit(1743222281.536:25711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8226b8d169 code=0x7ffc0000 [ 690.444792][ T30] audit: type=1326 audit(1743222281.536:25712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f8226b8d169 code=0x7ffc0000 [ 690.471946][ T5890] usb 2-1: config 252 has an invalid interface number: 107 but max is 0 [ 690.483072][ T5890] usb 2-1: config 252 has no interface number 0 [ 690.492850][ T5890] usb 2-1: config 252 interface 107 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 690.503465][ T5890] usb 2-1: config 252 interface 107 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 10 [ 690.515318][ T30] audit: type=1326 audit(1743222281.536:25713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8226b8d169 code=0x7ffc0000 [ 690.538382][ T5890] usb 2-1: config 252 interface 107 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 690.548938][ T30] audit: type=1326 audit(1743222281.536:25714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8226b8d169 code=0x7ffc0000 [ 690.573886][ T5890] usb 2-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=d7.67 [ 690.583716][ T5890] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 690.591853][ T5890] usb 2-1: Product: syz [ 690.676951][ T8708] usb 5-1: ucan: device reported invalid device info [ 690.696500][ T8708] usb 5-1: ucan: probe failed; try to update the device firmware [ 690.914842][ T30] audit: type=1326 audit(1743222281.536:25715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8226b8cd6b code=0x7ffc0000 [ 690.937343][ C0] vkms_vblank_simulate: vblank timer overrun [ 690.947641][ T5893] usb 5-1: USB disconnect, device number 22 [ 690.966191][ T5890] usb 2-1: Manufacturer: syz [ 690.990802][ T5890] usb 2-1: SerialNumber: syz [ 690.992436][ T30] audit: type=1326 audit(1743222281.536:25716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8226b8d169 code=0x7ffc0000 [ 691.018020][ C0] vkms_vblank_simulate: vblank timer overrun [ 691.245576][ T5890] usb 2-1: USB disconnect, device number 38 [ 692.549703][T14124] input: syz1 as /devices/virtual/input/input72 [ 693.838537][ T5890] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 694.006329][ T5890] usb 3-1: Using ep0 maxpacket: 16 [ 694.025440][ T5890] usb 3-1: config 1 interface 0 altsetting 93 endpoint 0x81 has an invalid bInterval 60, changing to 9 [ 694.071270][ T5890] usb 3-1: config 1 interface 0 altsetting 93 bulk endpoint 0x82 has invalid maxpacket 96 [ 694.100493][ T5890] usb 3-1: config 1 interface 0 altsetting 93 bulk endpoint 0x3 has invalid maxpacket 1023 [ 694.112376][ T5890] usb 3-1: config 1 interface 0 altsetting 93 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 694.129363][ T5890] usb 3-1: config 1 interface 0 has no altsetting 0 [ 694.139206][ T5890] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 694.149398][ T5890] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 694.158192][ T5890] usb 3-1: SerialNumber: syz [ 694.171065][T14135] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 694.246456][T14135] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 694.522328][T14135] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 694.551415][T14135] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 694.999919][ T5890] cdc_ether 3-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.2-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 695.610771][T14169] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 695.620068][T14169] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 695.954165][T14182] netlink: 'syz.1.2586': attribute type 7 has an invalid length. [ 695.967734][T14182] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 695.993304][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 68! [ 696.001639][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 7c! [ 696.009335][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 36! [ 696.017400][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 90! [ 696.027247][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 01! [ 696.034696][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 01! [ 696.043454][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 06! [ 696.051585][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 01! [ 696.060395][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 3c! [ 696.069291][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification ff! [ 696.092681][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 01! [ 696.100176][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 01! [ 696.108235][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 0d! [ 696.115678][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 01! [ 696.123176][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 05! [ 696.130661][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 05! [ 696.138359][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 81! [ 696.397780][ T5888] usb 3-1: USB disconnect, device number 25 [ 696.415927][ T5888] cdc_ether 3-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.2-1, CDC Ethernet Device [ 696.556269][ T47] usb 2-1: new full-speed USB device number 39 using dummy_hcd [ 696.789895][ T47] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 696.803733][ T47] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 696.910418][ T47] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 696.919837][ T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 696.938641][ T47] usb 2-1: config 0 descriptor?? [ 696.961521][ T47] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 696.974628][ T47] dvb-usb: bulk message failed: -22 (3/0) [ 696.985812][ T47] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 697.014915][ T47] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 697.040544][ T47] usb 2-1: media controller created [ 697.068345][ T47] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 697.095180][ T47] dvb-usb: bulk message failed: -22 (6/0) [ 697.112025][ T47] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 697.145740][ T47] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input73 [ 697.162424][T14192] dvb-usb: bulk message failed: -22 (2/0) [ 697.185653][ T47] dvb-usb: schedule remote query interval to 150 msecs. [ 697.202992][ T47] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 697.231333][ T47] usb 2-1: USB disconnect, device number 39 [ 697.269791][ T47] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 698.589309][T14236] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 698.648398][ T5893] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 698.816308][ T5893] usb 2-1: Using ep0 maxpacket: 32 [ 698.839360][ T5893] usb 2-1: config index 0 descriptor too short (expected 801, got 595) [ 698.847895][ T8708] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 698.870782][ T5893] usb 2-1: config 15 has an invalid descriptor of length 0, skipping remainder of the config [ 698.897310][ T5893] usb 2-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=73.23 [ 698.917324][ T5893] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 698.925384][ T5893] usb 2-1: Product: syz [ 698.945188][ T5893] usb 2-1: Manufacturer: syz [ 698.956292][ T5893] usb 2-1: SerialNumber: syz [ 699.008687][ T8708] usb 3-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 699.027699][ T8708] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 699.057669][ T8708] usb 3-1: config 0 descriptor?? [ 699.074709][ T8708] gspca_main: spca508-2.14.0 probing 8086:0110 [ 699.166389][ T5888] usb 5-1: new full-speed USB device number 23 using dummy_hcd [ 699.197773][ T5893] legousbtower 2-1:15.0: interrupt endpoints not found [ 699.237262][ T5893] usb 2-1: USB disconnect, device number 40 [ 699.338118][ T5888] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 699.356194][ T5888] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 699.372833][ T5888] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 699.382826][ T5888] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 699.394108][ T5888] usb 5-1: SerialNumber: syz [ 699.407182][ T5888] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22 [ 699.415988][ T5888] usb-storage 5-1:1.0: USB Mass Storage device detected [ 699.429882][ T5888] usb-storage 5-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 699.459139][ T5888] scsi host1: usb-storage 5-1:1.0 [ 699.487957][ T8708] gspca_spca508: reg_read err -71 [ 699.498755][ T8708] gspca_spca508: reg_read err -71 [ 699.508525][ T8708] gspca_spca508: reg_read err -71 [ 699.517048][ T8708] gspca_spca508: reg_read err -71 [ 699.524819][ T8708] gspca_spca508: reg write: error -71 [ 699.552272][ T8708] spca508 3-1:0.0: probe with driver spca508 failed with error -71 [ 699.568043][ T8708] usb 3-1: USB disconnect, device number 26 [ 700.396387][ T5888] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 700.686286][ T5888] usb 3-1: Using ep0 maxpacket: 16 [ 700.717239][ T5888] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 700.736211][ T5888] usb 3-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00 [ 700.745330][ T5888] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 700.788242][ T5888] usb 3-1: config 0 descriptor?? [ 700.906519][T14291] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2605'. [ 700.911495][ T5893] usb 5-1: USB disconnect, device number 23 [ 700.949567][T14291] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2605'. [ 701.011040][T14291] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2605'. [ 701.024524][T14291] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2605'. [ 701.133912][T14291] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2605'. [ 701.148340][T14291] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2605'. [ 701.209430][ T5888] apple 0003:05AC:024B.0029: item fetching failed at offset 2/69 [ 701.226641][ T5888] apple 0003:05AC:024B.0029: parse failed [ 701.232632][ T5888] apple 0003:05AC:024B.0029: probe with driver apple failed with error -22 [ 701.451721][ T5893] usb 3-1: USB disconnect, device number 27 [ 702.200153][T14322] program syz.4.2613 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 702.317704][T14323] xt_nat: multiple ranges no longer supported [ 702.606180][ T5888] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 702.806185][ T5888] usb 3-1: Using ep0 maxpacket: 16 [ 702.820994][ T5888] usb 3-1: config 1 interface 0 altsetting 93 endpoint 0x81 has an invalid bInterval 60, changing to 9 [ 702.844087][ T5888] usb 3-1: config 1 interface 0 altsetting 93 bulk endpoint 0x82 has invalid maxpacket 96 [ 702.864624][ T5888] usb 3-1: config 1 interface 0 altsetting 93 bulk endpoint 0x3 has invalid maxpacket 1023 [ 702.886241][ T5888] usb 3-1: config 1 interface 0 altsetting 93 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 702.902780][ T5888] usb 3-1: config 1 interface 0 has no altsetting 0 [ 702.911378][ T5888] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 702.930628][ T5888] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 702.948408][ T5888] usb 3-1: SerialNumber: syz [ 702.964666][T14318] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 702.973505][T14318] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 703.201928][T14318] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 703.211163][T14318] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 703.261182][T14334] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2620'. [ 703.270361][T14334] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2620'. [ 703.316908][T14334] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2620'. [ 703.628877][ T5888] cdc_ether 3-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.2-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 703.716319][ T8708] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 703.878365][ T8708] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 703.901705][ T8708] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 703.924784][ T8708] usb 4-1: config 1 has no interface number 0 [ 703.938089][ T8708] usb 4-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 703.959228][ T8708] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 703.976186][ T8708] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 703.994895][ T8708] usb 4-1: Product: syz [ 704.004703][ T8708] usb 4-1: Manufacturer: syz [ 704.010316][ T8708] usb 4-1: SerialNumber: syz [ 704.028392][ T8708] usb 4-1: selecting invalid altsetting 1 [ 704.191805][T14359] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 704.222719][T14359] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 704.248167][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 68! [ 704.256167][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 7c! [ 704.264254][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 36! [ 704.272704][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 90! [ 704.283248][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 01! [ 704.290729][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 01! [ 704.298321][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 06! [ 704.305754][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 01! [ 704.315036][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 3c! [ 704.322572][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification ff! [ 704.339073][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 01! [ 704.346920][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 01! [ 704.354362][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 0d! [ 704.362943][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 01! [ 704.371504][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 05! [ 704.379530][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 05! [ 704.388746][ C0] cdc_ether 3-1:1.0 eth1: CDC: unexpected notification 81! [ 704.443240][ T8708] cdc_ncm 4-1:1.1: failed GET_NTB_PARAMETERS [ 704.451896][ T8708] cdc_ncm 4-1:1.1: bind() failure [ 704.476639][ T8708] usb 4-1: USB disconnect, device number 39 [ 704.492070][ T5836] udevd[5836]: setting owner of /dev/bus/usb/004/039 to uid=0, gid=0 failed: No such file or directory [ 704.629907][ T5888] usb 3-1: USB disconnect, device number 28 [ 704.650620][ T5888] cdc_ether 3-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.2-1, CDC Ethernet Device [ 706.486225][ T5888] usb 2-1: new high-speed USB device number 41 using dummy_hcd [ 706.673935][ T5888] usb 2-1: config 0 has no interfaces? [ 706.688669][ T5888] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 706.702995][ T5888] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 706.724662][ T5888] usb 2-1: Product: syz [ 706.736892][ T5888] usb 2-1: Manufacturer: syz [ 706.741554][ T5888] usb 2-1: SerialNumber: syz [ 706.858862][ T5888] usb 2-1: config 0 descriptor?? [ 706.878068][T14422] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2631'. [ 709.886629][ T5888] usb 2-1: USB disconnect, device number 41 [ 710.556926][ T5888] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 710.899768][ T5888] usb 2-1: Using ep0 maxpacket: 32 [ 710.915455][ T5888] usb 2-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7 [ 710.956505][ T5888] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 710.986955][ T5888] usb 2-1: config 0 descriptor?? [ 711.018461][ T5888] gspca_main: sq930x-2.14.0 probing 041e:403c [ 711.531862][T14516] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2655'. [ 711.621767][T14517] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2654'. [ 712.296215][ T5888] gspca_sq930x: reg_w 0105 bf00 failed -71 [ 712.302238][ T5888] sq930x 2-1:0.0: probe with driver sq930x failed with error -71 [ 712.331572][ T5888] usb 2-1: USB disconnect, device number 42 [ 713.026275][ T5893] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 713.200117][ T5893] usb 4-1: Using ep0 maxpacket: 16 [ 713.234632][ T5893] usb 4-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 713.270235][ T5893] usb 4-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00 [ 713.296200][ T5893] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 713.748830][ T5893] usb 4-1: USB disconnect, device number 40 [ 713.761306][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 713.761321][ T30] audit: type=1326 audit(1743222304.996:25721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14547 comm="syz.1.2668" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f519318d169 code=0x0 [ 714.336910][T14557] [ 714.339297][T14557] ====================================================== [ 714.346340][T14557] WARNING: possible circular locking dependency detected [ 714.353385][T14557] 6.14.0-syzkaller-07540-geff5f16bfd87 #0 Not tainted [ 714.360172][T14557] ------------------------------------------------------ [ 714.367222][T14557] syz.2.2670/14557 is trying to acquire lock: [ 714.373305][T14557] ffffffff900e2908 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_getsockopt+0x11ae/0x2ba0 [ 714.382411][T14557] [ 714.382411][T14557] but task is already holding lock: [ 714.389792][T14557] ffff8880246f9620 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_getsockopt+0x131/0x400 [ 714.399915][T14557] [ 714.399915][T14557] which lock already depends on the new lock. [ 714.399915][T14557] [ 714.410323][T14557] [ 714.410323][T14557] the existing dependency chain (in reverse order) is: [ 714.419350][T14557] [ 714.419350][T14557] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 714.427980][T14557] lock_acquire+0x116/0x2f0 [ 714.433022][T14557] __mutex_lock+0x1a5/0x10c0 [ 714.438139][T14557] smc_switch_to_fallback+0x35/0xda0 [ 714.443953][T14557] smc_sendmsg+0x11f/0x530 [ 714.448902][T14557] __sock_sendmsg+0x221/0x270 [ 714.454105][T14557] __sys_sendto+0x365/0x4c0 [ 714.459137][T14557] __x64_sys_sendto+0xde/0x100 [ 714.464429][T14557] do_syscall_64+0xf3/0x230 [ 714.469459][T14557] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 714.475876][T14557] [ 714.475876][T14557] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 714.483538][T14557] lock_acquire+0x116/0x2f0 [ 714.488579][T14557] lock_sock_nested+0x48/0x100 [ 714.493865][T14557] do_ip_setsockopt+0x17e9/0x39c0 [ 714.499420][T14557] ip_setsockopt+0x63/0x100 [ 714.504456][T14557] do_sock_setsockopt+0x3b1/0x710 [ 714.510009][T14557] __x64_sys_setsockopt+0x1ee/0x280 [ 714.515734][T14557] do_syscall_64+0xf3/0x230 [ 714.520759][T14557] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 714.527175][T14557] [ 714.527175][T14557] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 714.534406][T14557] validate_chain+0xa69/0x24e0 [ 714.539697][T14557] __lock_acquire+0xad5/0xd80 [ 714.544905][T14557] lock_acquire+0x116/0x2f0 [ 714.549953][T14557] __mutex_lock+0x1a5/0x10c0 [ 714.555072][T14557] do_ip_getsockopt+0x11ae/0x2ba0 [ 714.560627][T14557] ip_getsockopt+0xef/0x2e0 [ 714.565661][T14557] ipv6_getsockopt+0x1bc/0x360 [ 714.570949][T14557] tcp_getsockopt+0x16f/0x1d0 [ 714.576153][T14557] smc_getsockopt+0x1c6/0x400 [ 714.581365][T14557] do_sock_getsockopt+0x391/0x740 [ 714.586916][T14557] __x64_sys_getsockopt+0x2a3/0x370 [ 714.592643][T14557] do_syscall_64+0xf3/0x230 [ 714.597670][T14557] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 714.604088][T14557] [ 714.604088][T14557] other info that might help us debug this: [ 714.604088][T14557] [ 714.614322][T14557] Chain exists of: [ 714.614322][T14557] rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock [ 714.614322][T14557] [ 714.627897][T14557] Possible unsafe locking scenario: [ 714.627897][T14557] [ 714.635362][T14557] CPU0 CPU1 [ 714.640725][T14557] ---- ---- [ 714.646089][T14557] lock(&smc->clcsock_release_lock); [ 714.651476][T14557] lock(sk_lock-AF_INET); [ 714.658418][T14557] lock(&smc->clcsock_release_lock); [ 714.666330][T14557] lock(rtnl_mutex); [ 714.670320][T14557] [ 714.670320][T14557] *** DEADLOCK *** [ 714.670320][T14557] [ 714.678463][T14557] 1 lock held by syz.2.2670/14557: [ 714.683569][T14557] #0: ffff8880246f9620 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_getsockopt+0x131/0x400 [ 714.694128][T14557] [ 714.694128][T14557] stack backtrace: [ 714.700018][T14557] CPU: 0 UID: 0 PID: 14557 Comm: syz.2.2670 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) [ 714.700041][T14557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 714.700053][T14557] Call Trace: [ 714.700062][T14557] [ 714.700071][T14557] dump_stack_lvl+0x241/0x360 [ 714.700098][T14557] ? __pfx_dump_stack_lvl+0x10/0x10 [ 714.700122][T14557] ? __pfx__printk+0x10/0x10 [ 714.700144][T14557] ? print_lock+0x171/0x1a0 [ 714.700162][T14557] print_circular_bug+0x2e1/0x300 [ 714.700190][T14557] check_noncircular+0x142/0x160 [ 714.700211][T14557] validate_chain+0xa69/0x24e0 [ 714.700238][T14557] __lock_acquire+0xad5/0xd80 [ 714.700267][T14557] lock_acquire+0x116/0x2f0 [ 714.700292][T14557] ? do_ip_getsockopt+0x11ae/0x2ba0 [ 714.700321][T14557] __mutex_lock+0x1a5/0x10c0 [ 714.700338][T14557] ? do_ip_getsockopt+0x11ae/0x2ba0 [ 714.700364][T14557] ? __lock_acquire+0xad5/0xd80 [ 714.700390][T14557] ? do_ip_getsockopt+0x11ae/0x2ba0 [ 714.700415][T14557] ? __pfx___mutex_lock+0x10/0x10 [ 714.700438][T14557] do_ip_getsockopt+0x11ae/0x2ba0 [ 714.700464][T14557] ? lockdep_hardirqs_on+0x9d/0x150 [ 714.700480][T14557] ? __pfx_do_ip_getsockopt+0x10/0x10 [ 714.700506][T14557] ? rcu_is_watching+0x15/0xb0 [ 714.700524][T14557] ? trace_sched_exit_tp+0x3c/0x120 [ 714.700549][T14557] ? __schedule+0x1ba6/0x5240 [ 714.700581][T14557] ? schedule+0x163/0x360 [ 714.700607][T14557] ? look_up_lock_class+0x7b/0x170 [ 714.700624][T14557] ? register_lock_class+0x54/0x330 [ 714.700652][T14557] ip_getsockopt+0xef/0x2e0 [ 714.700679][T14557] ? __pfx_ip_getsockopt+0x10/0x10 [ 714.700705][T14557] ? __pfx___mutex_trylock_common+0x10/0x10 [ 714.700726][T14557] ? rcu_is_watching+0x15/0xb0 [ 714.700746][T14557] ipv6_getsockopt+0x1bc/0x360 [ 714.700767][T14557] ? __pfx_ipv6_getsockopt+0x10/0x10 [ 714.700789][T14557] ? smc_getsockopt+0x131/0x400 [ 714.700814][T14557] tcp_getsockopt+0x16f/0x1d0 [ 714.700833][T14557] ? __pfx_tcp_getsockopt+0x10/0x10 [ 714.700852][T14557] ? sock_common_getsockopt+0x2e/0xb0 [ 714.700873][T14557] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 714.700891][T14557] smc_getsockopt+0x1c6/0x400 [ 714.700915][T14557] ? __pfx_smc_getsockopt+0x10/0x10 [ 714.700940][T14557] ? __pfx_smc_getsockopt+0x10/0x10 [ 714.700964][T14557] do_sock_getsockopt+0x391/0x740 [ 714.700988][T14557] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 714.701010][T14557] ? __fget_files+0x2a/0x420 [ 714.701027][T14557] ? __fget_files+0x39d/0x420 [ 714.701042][T14557] ? __fget_files+0x2a/0x420 [ 714.701059][T14557] __x64_sys_getsockopt+0x2a3/0x370 [ 714.701084][T14557] ? __pfx___x64_sys_getsockopt+0x10/0x10 [ 714.701109][T14557] ? do_syscall_64+0xb6/0x230 [ 714.701127][T14557] do_syscall_64+0xf3/0x230 [ 714.701144][T14557] ? clear_bhb_loop+0x45/0xa0 [ 714.701163][T14557] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 714.701187][T14557] RIP: 0033:0x7f8f8e38d169 [ 714.701204][T14557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 714.701220][T14557] RSP: 002b:00007f8f8f1b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 714.701239][T14557] RAX: ffffffffffffffda RBX: 00007f8f8e5a5fa0 RCX: 00007f8f8e38d169 [ 714.701256][T14557] RDX: 0000000000000030 RSI: 0000000000000000 RDI: 0000000000000003 [ 714.701267][T14557] RBP: 00007f8f8e40e2a0 R08: 0000200000000080 R09: 0000000000000000 [ 714.701279][T14557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 714.701289][T14557] R13: 0000000000000000 R14: 00007f8f8e5a5fa0 R15: 00007f8f8e6cfa28 [ 714.701307][T14557] [ 715.048745][ C0] vkms_vblank_simulate: vblank timer overrun