last executing test programs: 21.342485469s ago: executing program 4 (id=4377): r0 = socket$kcm(0x10, 0x400000002, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="300000001300f5d100"/20, @ANYRES32=r2, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\r\x00\x00\x00\x00\x00\b\x00)'], 0x30}, 0x1, 0x0, 0x0, 0x40010}, 0x40840) r3 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e20}, 0x1c) listen(r3, 0x80080400) r4 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r4, &(0x7f0000e5c000)={0x2, 0x4e23, @remote}, 0x10) getsockopt$inet_int(r4, 0x10d, 0xe3, &(0x7f0000000040), &(0x7f0000000080)=0x4) sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)="7700000018007f0137", 0x9}, {&(0x7f0000000140)="78cabf2dfb73fc0a00250080f2dc0689258f2e1800b8f9e6aaeb1ae2f6c8bcb5ee52dc06249798093c5102a1bca0b646a7ce904f346b788b3219c233e60ddc36024a99a63e72572c9f9b06f96137c8af12b66cb0e031713a0ffb0f5fe4ca08fd3c67e8f319b8f3a9bb2fa7d5ee75", 0x6e}], 0x2}, 0x0) 20.158047902s ago: executing program 4 (id=4380): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x44}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r5 = socket$nl_sock_diag(0x10, 0x3, 0x4) r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r6, 0x7a7, &(0x7f0000000080)=0xb0000) prctl$PR_GET_TSC(0x43, &(0x7f0000000080)) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x6, 0x2172, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x9, &(0x7f0000000000), 0x0) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000002000/0x4000)=nil) r7 = socket$inet_smc(0x2b, 0x1, 0x0) sendto$inet(r7, 0x0, 0x0, 0x20000000, 0x0, 0x0) bind$inet(r7, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10) setsockopt$inet_tcp_int(r7, 0x6, 0x19, &(0x7f0000000180)=0x200, 0x4) connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) sendto$inet(r7, &(0x7f0000000040)='u', 0xa792a, 0x801, 0x0, 0x0) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r6, 0x7a8, &(0x7f0000000640)={{@my=0x1}, @hyper, 0x0, 0x0, 0xe9b2, 0x20000000, 0x2}) bind$netlink(r5, 0x0, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000080)=ANY=[@ANYBLOB="1b00"], 0x1c}}, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x334, 0x160, 0x2b8, 0x0, 0x160, 0x6000000, 0x26c, 0x3a8, 0x3a8, 0x26c, 0x3a8, 0x3, 0x0, {[{{@ipv6={@remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'wg2\x00', 'bond0\x00', {}, {}, 0x5c}, 0x0, 0xf8, 0x160, 0x0, {0xd2030000}, [@common=@frag={{0x30}}, @common=@inet=@ecn={{0x24}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0xa4, 0x10c}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x390) recvmmsg(r8, &(0x7f00000005c0)=[{{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f00000030c0)=""/4082, 0xff2}], 0x1}}], 0x1, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) 18.121834024s ago: executing program 2 (id=4396): openat$nvram(0xffffff9c, &(0x7f0000000400), 0x8080, 0x0) openat$nvram(0xffffff9c, &(0x7f00000024c0), 0x480, 0x0) 18.002516119s ago: executing program 2 (id=4397): r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000000c0)=0x3, 0x4) r1 = open_tree(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) write$char_usb(r1, &(0x7f0000000300)="865d33d1cf6858f0f86471ec83e720167b990f723625181f228e8a69f920404a67746a83185f100b9441fe5d11f4c8c8cd1a6d1b5809f4726fd729afd9f4230df14db080c4b3ff2d9d5c4fbaa47fb044bfdc11c83b5440dc9944d7734c3cc83a", 0x60) r2 = syz_io_uring_setup(0x3b, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000), &(0x7f0000000100)=0x0) syz_io_uring_setup(0x29d6, &(0x7f00000003c0)={0x0, 0x7322, 0x8, 0x0, 0x80002ce}, &(0x7f0000000240)=0x0, &(0x7f0000000200)) syz_io_uring_submit(r4, r3, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x9, 0x0, 0x1, 0x1}) io_uring_enter(r2, 0x306f, 0x0, 0x0, 0x0, 0x0) io_uring_enter(r2, 0x46f6, 0x0, 0x0, 0x0, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) socket$tipc(0x1e, 0x5, 0x0) r5 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r5, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0}, 0x0) r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r6, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r7, 0xc018643a, &(0x7f0000000000)={0x4000000, 0x8000000}) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x4}, 0x62, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r6, 0xc01064b5, &(0x7f0000000140)={&(0x7f00000006c0)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r6, 0xc02064b6, &(0x7f00000003c0)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_SETCRTC(r6, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b4bc323ef77d1f000071849800000000deff00000000e6ffffff00"}}) 16.859538608s ago: executing program 4 (id=4401): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000000c0)={[{0x2, 0x0, 0x0, 0x0, 0xfe}, {0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x40}], 0x5}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x10, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085100000fdfffb17c600000000"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94) ioctl$KVM_RUN(r2, 0xae80, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x3, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}, {0x9, 0x81, 0x6, 0x7fff}, {0x1, 0xb, 0x7, 0x4}]}) 16.567954561s ago: executing program 1 (id=4404): r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x0) rseq(&(0x7f0000000040), 0x20, 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000083c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0) readv(r1, &(0x7f0000000200)=[{&(0x7f0000003140)=""/4096, 0xe}], 0x1) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r3 = accept4(r2, 0x0, 0x0, 0x0) sendmmsg$inet6(r3, &(0x7f0000002040)=[{{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000180)="0478", 0x2}, {&(0x7f00000005c0)="986f34c5cb778924a6326a7cf303f16cf8cb8549e6e5848d27b5161c970fba87bf2cafb5e6addfc4ecfb52b56d", 0x2d}], 0x2}}], 0x1, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000600)=[{&(0x7f0000000380)}], 0x1, 0x800000, 0x0) r4 = openat$vcs(0xffffff9c, &(0x7f0000000000), 0x101000, 0x0) bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e23, @rand_addr=0x64010100}, 0x10) io_setup(0x3, &(0x7f0000000000)=0x0) io_submit(r5, 0x1, &(0x7f00000012c0)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x2004, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3947b55cadf8a07e}]) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, 0xffffffffffffffff) ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000200)={0x0, {}, 0x0, {}, 0x40, 0x3, 0x11, 0x9, "4b8b3ea46929dfed0b2f34380d308f95a023d009852471dd5a94a9fe9549918ae7fd1f0e0a5b861375b108403362cfe0f4fccffb1b6a2115354d4df15d017a3f", "2363e38d9acc6c25af21ca2af6d20000b4ffb8cbcd13fb80c92dc801004dcdec", [0x1, 0x7]}) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) ioctl$LOOP_CLR_FD(r0, 0x4c01) 15.76353165s ago: executing program 2 (id=4406): syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0) r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x1}, 0x68, 0x0) readv(r0, &(0x7f00000004c0)=[{&(0x7f0000000600)=""/142, 0x8e}, {0x0}], 0x2) syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) socket(0xa, 0x3, 0x3a) syz_io_uring_setup(0x1d5b, &(0x7f0000000240)={0x0, 0x6c4e, 0x4, 0x0, 0x23e}, &(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0) ioctl$VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0) r4 = eventfd2(0x0, 0x0) write$eventfd(r4, &(0x7f00000000c0), 0x8) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)=0x1000000000000d, 0x12) 15.762610713s ago: executing program 4 (id=4407): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = msgget$private(0x0, 0x301) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=ANY=[@ANYBLOB="3000000018000100000000000000000002000000000000090000000006001500040000000c00168008000200ac14143a9d63e1524f865b4206260f271c48e8783fba633943f805d0ec68c095c5a8c105c64a494f23a846a7989f792e0e2fa8869e2fbdc74bffdc985f4ca9bb8026b58682fdb8950759029dd6b22a401bf4042f09f9f6d84e5af80bdf3d8dc489acee09d9306dc40e456fafa0ee53a992fd67de74c1af4645b14ccf52522c4125ae6338d03c0ac21364b49d84a7681db954e6841b7d46dc5323f499088420ba8a85b1607c3ad6a7795a139eaa10fd14c556516af87e7894e952da9be3dc"], 0x30}}, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000300)=0x14) r2 = socket$packet(0x11, 0xa, 0x300) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x8) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x0, &(0x7f00000005c0)=0x4, 0x4) r5 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0) syz_usb_control_io(r5, 0x0, 0x0) syz_usb_control_io$hid(r5, 0x0, 0x0) syz_usb_control_io(r5, 0x0, 0x0) syz_usb_control_io$printer(r5, 0x0, 0x0) syz_usb_control_io(r5, 0x0, &(0x7f0000000840)={0x84, &(0x7f0000000340)={0x40, 0xf, 0x1, 'V'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r5, 0x0, 0x0) syz_usb_control_io$hid(r5, 0x0, &(0x7f0000000780)={0x2c, &(0x7f0000000440)=ANY=[@ANYBLOB="00170004000061cf4361fc95a7335353e434eb9fa55cc6c98f8fbb568d5b903414128951319b2b717505861d3b79f5e402bf07aa165414102ebde998d9912df6c706f2c61a9718c291e15179c58b76507ce0345d4be60bf454a164e68a82b8a9168bec89ae5cb5806b38393bde2c09fff0ecab65179be3ee8547bfe94b503a03e06cbacb391d8bfb426b72c7056f9500988357e5af6f7bc12a0c448745e2675f5f8829"], 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(r5, 0x0, 0x0) syz_usb_control_io$printer(r5, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r5, 0x0, &(0x7f0000000280)={0x1c, &(0x7f0000000180)={0x20, 0x7}, 0x0, 0x0}) syz_usb_control_io$printer(r5, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r5, 0x0, 0x0) r6 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000280)={'wg0\x00', 0x0}) getpeername$packet(r2, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000380)=0x14) sendmsg$ETHTOOL_MSG_RINGS_GET(r4, &(0x7f0000000580)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000540)={&(0x7f0000001200)=ANY=[@ANYRES32=r9, @ANYRES16=0x0, @ANYBLOB="08002bbd7000fcdbdf250f0000000c08018008000100", @ANYRES8, @ANYBLOB="70000180080003000100000008000100", @ANYRES64=r1, @ANYRES64=r0, @ANYRES32=r7, @ANYBLOB="14000200766c616e300000000000000000000000080003000300000014000200776c616e300000000000000000000000080003000300000008000300010000002c0001800800030002000000080003000000000008000300020000", @ANYRES32=r7, @ANYBLOB="20000180080003000200000014000200626f6e645f736c6176655f31000000003800018014000200766c616e30000000000000000000000008000100", @ANYRES32=r7, @ANYBLOB="584fd090", @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=r9, @ANYRES64=r8, @ANYRES32=r7, @ANYBLOB="e052a691b1b5eca67a2a032833c10abad3635e602a2868985082cc3ec39b9278e4872e8c893e1f82a3f653a67676857f50ea1693af04c0ca180dc923a706bb4703fd422e55f9ed912f57289a34b61202f9e1a0b128de540000000001cc6de8f3390fcc275211d9b898a317c5d8c7dba99253bbec72c145cb7affe6af23700ac795f1a8aec5940fdb490a00"/155], 0x114}, 0x1, 0x0, 0x0, 0x200048c0}, 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000400)=@o_path={&(0x7f00000003c0)='./file0\x00', 0x0, 0x4008, r0}, 0x14) socket$inet_udplite(0x2, 0x2, 0x88) 15.648848012s ago: executing program 1 (id=4408): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@ipv4_newroute={0x30, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_DST={0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x3a}}}]}, 0x30}}, 0x0) (fail_nth: 2) 15.023679142s ago: executing program 3 (id=4410): openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000001980)={0x9, {"a2e3ad084fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b34373b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d336d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295f8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df0784c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441c34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb623d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d618e462071115c8982ba46af4d6adcc9f68a75b939f7ff5153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af44863c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bccf4e4dd3a1503bebc26407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510b00", 0x1000}}, 0x1006) r2 = fsopen(&(0x7f0000000180)='efs\x00', 0x0) r3 = dup2(r2, r2) fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f0000000040)='source', 0x0, r2) r4 = socket$igmp(0x2, 0x3, 0x2) r5 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000240)={'syz_tun\x00', 0x0}) bind$packet(r5, &(0x7f0000000300)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @remote}, 0x14) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00') preadv(r7, &(0x7f0000000000)=[{&(0x7f0000000480)=""/176, 0xb0}], 0x1, 0x0, 0x0) getsockopt$MRT(r4, 0x0, 0xcf, &(0x7f0000000040), &(0x7f0000000080)=0xfffffffffffffcca) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000240), 0x400, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 14.685069847s ago: executing program 1 (id=4411): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'nicvf0\x00', 0x0}) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000140)=0x8, 0x4) sendto$packet(r0, &(0x7f0000000340)="05030006e8fe091c6202a0ffffffff006003000000007fd9a6395059e7ef3c2d35b0a58c98e8141434e3177f430d57", 0x2f, 0x0, &(0x7f0000000a80)={0x11, 0x10, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) 14.386911587s ago: executing program 1 (id=4412): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = landlock_create_ruleset(&(0x7f0000000140)={0x0, 0x2}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) r1 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0) landlock_restrict_self(r1, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901) move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) r3 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2) ioctl$VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f0000000100)=@multiplanar_mmap={0x8, 0x4, 0x4, 0x8, 0x2800000, {0x0, 0xea60}, {0x2, 0x1, 0x9, 0x13, 0x8, 0x6, "a72042ad"}, 0x4, 0x1, {0x0}, 0x2}) chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00') r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0/../file0/../file0/../file0\x00') r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ppoll(&(0x7f0000000100)=[{r5}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 14.355296275s ago: executing program 4 (id=4413): ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000140)={@hyper, 0x6b8e7c38c0098cea}) 14.123462434s ago: executing program 4 (id=4414): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=0x0, 0x0) syz_io_uring_submit(r3, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) socket$inet6_sctp(0xa, 0x5, 0x84) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@ipv4_newroute={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc8}}, 0x1c}}, 0x0) r6 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$UI_SET_EVBIT(r6, 0x40045564, 0x11) ioctl$UI_SET_LEDBIT(r6, 0x40045569, 0x3) ioctl$UI_DEV_SETUP(r6, 0x405c5503, &(0x7f0000000100)={{}, 'syz0\x00'}) ioctl$UI_DEV_CREATE(r6, 0x5501) ioctl$UI_DEV_DESTROY(r6, 0x5502) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e000000200002800400120005001600020000000600180000"], 0x54}}, 0x0) r7 = creat(&(0x7f0000000280)='./file0\x00', 0xc2) r8 = socket$inet(0x2, 0x3, 0x4) r9 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x274, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x9c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x0, 0x0, 0x0, 0x5000000}}, @TCA_HTB_INIT={0x18, 0x2, {0x3, 0xfffffffc}}, @TCA_HTB_INIT={0x18}, @TCA_HTB_DIRECT_QLEN={0x8}, @TCA_HTB_INIT={0x18}, @TCA_HTB_INIT={0x18}, @TCA_HTB_INIT={0x18}]}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}}, {0x4}}]}, @TCA_STAB={0x188, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x4, 0x9, 0x965, 0x8, 0x2, 0x28, 0x80000001, 0x1}}, {0x6, 0x2, [0xa]}}, {{0x1c, 0x1, {0xc9, 0xf, 0x19, 0x4, 0x1, 0x9, 0x5, 0x3}}, {0xa, 0x2, [0x8, 0xa839, 0x3]}}, {{0x1c, 0x1, {0x9, 0x6, 0xa, 0xb8, 0x0, 0x8001, 0x8001, 0x5}}, {0xe, 0x2, [0x3, 0x4, 0xd, 0x681, 0x1]}}, {{0x1c, 0x1, {0x4, 0xc6, 0x5, 0xc, 0x2, 0x800, 0x5, 0x2}}, {0x8, 0x2, [0x8001, 0xff]}}, {{0x1c, 0x1, {0x6, 0x8, 0x2, 0x2, 0x1, 0xf, 0xffff, 0x2}}, {0x8, 0x2, [0x6, 0x7]}}, {{0x1c, 0x1, {0x4, 0x32, 0x56e, 0x2, 0x1, 0x5, 0x7, 0x2}}, {0x8, 0x2, [0x4, 0x2]}}, {{0x1c, 0x1, {0x7, 0x0, 0x37b5, 0x1, 0x1, 0x8, 0x970, 0x3}}, {0xa, 0x2, [0x8, 0xf, 0x6]}}, {{0x1c, 0x1, {0xb, 0x7, 0xfffc, 0xa, 0x1, 0x1, 0xfffffff0, 0x7}}, {0x12, 0x2, [0x1, 0x1, 0x2, 0x2, 0x2, 0x800, 0xe]}}, {{0x1c, 0x1, {0x66, 0x0, 0x3, 0x6, 0x0, 0x7f, 0xda18, 0x1}}, {0x6, 0x2, [0x2]}}, {{0x1c, 0x1, {0x3, 0x5, 0x4, 0x4, 0x2, 0x4, 0x8, 0x2}}, {0x8, 0x2, [0x6, 0x6]}}]}]}, 0x274}}, 0x0) write$binfmt_script(r7, &(0x7f00000000c0)={'#! ', './file0', [{0x20, '\t\n\v\xed\x14\x9e\xed\x04F\x05\x00\x00\x00\x00\x00\x00\x00C\xb6dd\x82\x85Y\xc3:B>$\xee\xdda\xae\x18\x02D\xd0H\x10\xf4L\xb2\f\xb0t\xe3j\x95\x96m+\x0f\x8c7P\x00?\x14q\x013\x90\xae\xbf\xc7\x00\x1c\xb6\xefi\xf8$k\xb4\xca\x1a\xe9\xac\xc4\x17\xd1\x86?\xf1\x7f=\xa4\f*\xfd\xe1\xe5\x98\x92q\x06\x1b^\xe1\x9ch:\xdcw9\r\xf2\xd1\x9b\xfb\xcb\xa9\x91s\xc6\xcd\x92\xd9\xc7\xd7\xd0@<\x12\xb5\xa8\x81\xf3u\x82\x15\xde\xfeP\xa1\x83l\x92\xaf\xf5\xf8\xb0U6\xf3q\x9b_\xdb\xa6d\xee\x1e\xd2\x1aa\xd1\xb0\x19\x93\xaa\xf55._\x04:\x86k\xe6\t/\x1e\xdf\xae\x1a\xad\xedJ\x14\xb8d\x8d\xb8\xe7H\xb3\xa4\xdcT\xcfF\xeb\"\x88@\x83MKT\x92Ub\x93\xf1?J\x9f\xee\xa5\xf5S\xc2\xec\xbe;m\x85\xc7\xfd!\x86\xfd.\xcf\x98\x888\xb8F-\xbf\xa59l\xc5\x1f\x00l\x0e\xe9\xd2o\x14G\x01\xa8X'}]}, 0x104) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) socket(0x200000100000011, 0x3, 0x0) 14.071748757s ago: executing program 1 (id=4415): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, 0x0, 0x0) 13.942638009s ago: executing program 2 (id=4416): r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000000c0)=0x3, 0x4) r1 = open_tree(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) write$char_usb(r1, &(0x7f0000000300)="865d33d1cf6858f0f86471ec83e720167b990f723625181f228e8a69f920404a67746a83185f100b9441fe5d11f4c8c8cd1a6d1b5809f4726fd729afd9f4230df14db080c4b3ff2d9d5c4fbaa47fb044bfdc11c83b5440dc9944d7734c3cc83a", 0x60) r2 = syz_io_uring_setup(0x3b, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000), &(0x7f0000000100)=0x0) syz_io_uring_setup(0x29d6, &(0x7f00000003c0)={0x0, 0x7322, 0x8, 0x0, 0x80002ce}, &(0x7f0000000240)=0x0, &(0x7f0000000200)) syz_io_uring_submit(r4, r3, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x9, 0x0, 0x1, 0x1}) io_uring_enter(r2, 0x306f, 0x0, 0x0, 0x0, 0x0) io_uring_enter(r2, 0x46f6, 0x0, 0x0, 0x0, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) socket$tipc(0x1e, 0x5, 0x0) r5 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r5, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0}, 0x0) r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r6, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r7, 0xc018643a, &(0x7f0000000000)={0x4000000, 0x8000000}) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x4}, 0x62, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r6, 0xc01064b5, &(0x7f0000000140)={&(0x7f00000006c0)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r6, 0xc02064b6, &(0x7f00000003c0)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_SETCRTC(r6, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b4bc323ef77d1f000071849800000000deff00000000e6ffffff00"}}) 13.376314596s ago: executing program 0 (id=4417): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) r0 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x7}, 0x1c) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x4) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) r6 = socket$inet_tcp(0x2, 0x1, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xc) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mremap(&(0x7f00002d7000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) r7 = userfaultfd(0x801) ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000001c0)) ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000400)={&(0x7f0000b36000/0x12000)=nil, &(0x7f0000167000/0x1000)=nil, 0x12000}) syz_io_uring_setup(0x6866, &(0x7f00000003c0)={0x0, 0x0, 0x2000}, &(0x7f0000000080), &(0x7f0000000140)) close_range(r6, 0xffffffffffffffff, 0x0) r8 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r8, 0x10f, 0x87, &(0x7f0000000100)=@req3={0x3, 0x1000, 0x5, 0xf, 0x1000, 0xfffffe00, 0x100}, 0x1c) sendmmsg(r8, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000000), 0x4) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x108}}, 0x0) 12.672725594s ago: executing program 0 (id=4418): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000280), 0xffffffffffffffff) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) sendmsg$BATADV_CMD_SET_MESH(r0, 0x0, 0x0) 12.657521314s ago: executing program 3 (id=4419): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x402, 0x0) ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000080)=0x8001) ioctl$SNDCTL_DSP_SUBDIVIDE(r1, 0xc0045009, &(0x7f0000000000)=0x1) close_range(r0, 0xffffffffffffffff, 0x0) 12.339765404s ago: executing program 0 (id=4420): r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = fsopen(&(0x7f0000000080)='bpf\x00', 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events\x00', 0x7a05, 0x1700) pwritev(r3, &(0x7f0000000440)=[{0x0}], 0x1, 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0) fsconfig$FSCONFIG_SET_PATH(r1, 0x3, &(0x7f0000000140)='rw\x00\x87OG\xed\xde.#@\xb9\xab\xecK]\xb4@\xa9\xb2\xfe\x94\x94\x7f\xfd\xd5,\x18\v\xee\xa3\x1e\x1c\xe7\xd2D\xd3\xbd\xe7y\x17\xdd!\xcf\xe0T\xa0\xbas\xef\xdcZ\xed\xdf\xf8\x10\xbc\x0f\x97\xc3\xb9z7\b\xd6\x99v\x89z\xbb\xcc\xaeW6\x18\xf7\xbf\xfa+\xe1\xdc~\xf1\xf4j9&\x86\xe57\xb8\x88\xafP \x1e\xb0)\"\x10\xd4^\xe7\xf6\x93\xb3nr\x01\x11]\xaa\xc9&D.\xd1\x00\xca\xae\xca\xdf\x1c\x80\xd3W_\xdd\xd6\xbeC\x82\x8c)\x164w\x00\xdf\x8f\x17\xe3\xb2\xbf,\xad\xb1L\x7f=\xe9@\xae\xd6\x04m\xc7\az\xb8\x04m1\xfd\x9a\x81\xd6\xd6FbF~\xd9\"X#$\xb9\x1b\xf90\x14Z\xbaL\xba\x13~cO\x94\xde\tM.CnO\xeb8\xea\xa5\x96\xfe\x8e\x19\xa4\azKg0\xaf\xd8`\xaa{r\x03\xaf\x15\xc9\xf6\x045\xc4(\xca\x93Jz\xbb\x184,j\x98\x12?\xc5\xbc \xb3\xe0v\xedO=B\x11\xf1\x96\xd1\xbb\b0\xb1\x81\x1c\xbd\xb9\x91\xce\xa0\xa5\x95\xd7\x95\xc3\xa3-9uo\x15\xb0uj\xfdI`\'-\xe9\x90\xc1\xa7G\b\x1a{\b\xb4\xf9\xcf,_44\xea\xbe\x15U\xcb\x15\xec_t\xda\xd4e\x1c\x7f\x16{\x86\x9c\x97\x80\xc4\xc3X\x8c\xdf\x06\xf5r\xfa\xe6\xa7\xd7\xb6\xf1\xc5\r\xb8\x06\xb6\x9a\xe6\x16\x86\xc5\x9e]\xd1;\x03\f\xdf\x92\xf6*\x9fI\x17', &(0x7f0000000100)='./file0/file0\x00', r0) 12.301092912s ago: executing program 3 (id=4421): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000002240)={&(0x7f0000002340)={0x48, r3, 0x100, 0x0, 0x0, {{}, {@void, @val={0xc, 0x99, {0x3, 0x31}}}}, [@NL80211_PMSR_ATTR_PEERS={0x28, 0xe, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x3}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}]}]}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4014}, 0x0) r4 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x8c3\x13\v\xc7\x14\xa7\xe6', 0x2) r5 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r5, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r5, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r7, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1) r8 = openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) r9 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') ioctl$vim2m_VIDIOC_STREAMOFF(r9, 0xc0405626, &(0x7f0000000040)) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r9, 0xc018937a, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r8, {0x6}}, './file0\x00'}) ioctl$VIDIOC_G_EXT_CTRLS(r8, 0xc0185648, &(0x7f0000000100)={0x0, 0x7, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f90b, 0x0, '\x00', @p_u32=0x0}}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r10, 0x0, r7, 0x0, 0x10000008ebc, 0x0) read$FUSE(r10, &(0x7f0000000200)={0x2020}, 0x2020) splice(r6, 0x0, r11, 0x0, 0x25a5, 0x0) ftruncate(r4, 0xffff) fcntl$addseals(r4, 0x409, 0x7) r12 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2) r13 = ioctl$UDMABUF_CREATE(r12, 0x40187542, &(0x7f0000000000)={r4, 0x0, 0x0, 0x2000}) ioctl$DMA_BUF_SET_NAME_A(r13, 0x40046201, &(0x7f0000000080)='(!,\x00') ioctl$DMA_BUF_IOCTL_SYNC(r13, 0x40046201, &(0x7f0000000040)) r14 = socket(0x1d, 0x2, 0x6) setsockopt$ALG_SET_AEAD_AUTHSIZE(r14, 0x6a, 0x5, 0x20000002, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000800000000003b00000008000300", @ANYRES32=r15, @ANYBLOB="48003300d0000000ffffffffffff08021100000050505050505000000f"], 0x64}}, 0x0) 12.045427233s ago: executing program 0 (id=4422): openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000001980)={0x9, {"a2e3ad084fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b34373b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d336d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295f8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df0784c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441c34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb623d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d618e462071115c8982ba46af4d6adcc9f68a75b939f7ff5153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af44863c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bccf4e4dd3a1503bebc26407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510b00", 0x1000}}, 0x1006) r2 = fsopen(&(0x7f0000000180)='efs\x00', 0x0) r3 = dup2(r2, r2) fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f0000000040)='source', 0x0, r2) r4 = socket$igmp(0x2, 0x3, 0x2) r5 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000240)={'syz_tun\x00', 0x0}) bind$packet(r5, &(0x7f0000000300)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @remote}, 0x14) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00') preadv(r7, &(0x7f0000000000)=[{&(0x7f0000000480)=""/176, 0xb0}], 0x1, 0x0, 0x0) getsockopt$MRT(r4, 0x0, 0xcf, &(0x7f0000000040), &(0x7f0000000080)=0xfffffffffffffcca) close_range(r1, 0xffffffffffffffff, 0x0) 11.883561923s ago: executing program 2 (id=4423): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x200000c0, 0xffffffff, 0xfffffff8}, 0x10) r1 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x105081, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000080)={0xeeee0000, 0x117000}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000001a0001000000000000000000a343200000000000000000f507000f0007000000"], 0x24}}, 0x0) mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000140000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r4 = socket$rds(0x15, 0x5, 0x0) bind$rds(r4, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) setsockopt$RDS_RECVERR(r4, 0x114, 0x5, &(0x7f0000000000)=0x1, 0x4) sendmsg$rds(r4, &(0x7f0000000900)={&(0x7f00000000c0)={0x2, 0x0, @private=0xa010102}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@fadd={0x58, 0x114, 0x6, {{0x0, 0x20003000}, 0x0, 0x0, 0x8, 0xb84, 0x0, 0x0, 0x1}}], 0x58}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r5, 0x6, 0x2, &(0x7f00000000c0)=0x81, 0x4) bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x2b) pipe(&(0x7f0000000480)) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000340)={'#! ', './file0'}, 0xb) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r6, 0x0) sendto$inet(r5, &(0x7f00000001c0)="fbd5f12f5572b12b42e9678b0030eff9f3ae62755a76395d72430000aebe2b108a87e865501a5f9e0383611afdd3f83ac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a091405f44b8fd9b330babe36307b6041270ae01f1a1f5e3f650fc3b0756d481c364fca000000000000f76d", 0x76, 0x404c884, 0x0, 0x0) setsockopt$inet_tcp_int(r5, 0x6, 0xc, &(0x7f0000000040), 0x4) listxattr(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)=""/25, 0x19) read$FUSE(r3, &(0x7f0000006340)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r3, &(0x7f0000001200)={0x50, 0x0, r7}, 0x50) syz_fuse_handle_req(r3, &(0x7f0000003940)="d17fdfbd6c47af662bcf5804c3204d8e59b37bb19af58bec2959e2c7ffb1e21aca38826f9c833761f7c98a7ea74348032318e49255c903194519f5c1efc06bb0a4c4bd534298508d0f8e31fe24e1aa13bf6ab8dec3b7dc8108f0989516955acd9c548d298d05913cdac082ba5e32cb777a0507e4ecfd1e5e307a61ffed46475813f8ea8144f4456a3352ac3d812572ffd1d71a48380f32fd060dea2c18a0af7e9798ecf1fe26fb15dcbc0b7034532cca325e6b4741b1c5c476c9a10242ad287c5a130d674b043d26f1ec9617d5cecd2e0d2fe3914e1aee7fe92ecb779c73126ff6adc8ec8ce95dcad96792f957f738156d32ad987f9808338f7e7ee3fbb27a7541e07f4c295480047778c1020c450e772751056f2d316b628b4ee48e6174f3508acd07600e9ae7849716ae4aef7e4c1b81bf94a1c685180f0673dce1ee8f427a389646d4275989fa746c2773c6eac97ad8342f35746607a9b70d661b6d2ebf194a94602d805199d97d4417713cc922f7935d6bf2faa9d1f9756a5a17e389deb87b2cc285995ad4f6ccd06725e8caf5548cc03548c878ef2319587b8abdb99d9af7e7e4aa304c1cd4e8811c1972242234e41979ac03dae9aca6303c7aa1ffd3b05f0ecc97787912fe26c5069838af3d3cd8589cb14d3b1a0ae5cecb0493923a9a79087d29cdb47a19ce51e9fa9eaae18a0bb82d37fdeb4e27aaafa4a110d1f522c27763d9a377e4c4e1ae3be301ce780dbb2e10f4de465163cb1176b865bfc60c07b00140b3aaa592616ea3b3a0b30e24af8ed7fe673846dbebdbf5461eec689c31798a4b86dd4bb22e39084298cd0d44774d932abd1dd78324581a2fed35d39af9b8f19b7c24cc32790f122a3bbabc19ccc546fb220c3ec3325f0c16221ee4ec2f15cd0876310ac8c300e8015b2b8d02d060be174f9d741910c29256e6537a9a194a1377e11906feb14a579f6c68cd5d05afc5a8610ccd24c4801632afcdf2bf88714306b19416c36d28eb9bac6d764db567f2b89596d7437988c4f4de80085134c3d9e1a692a54e5c910b4c2906920c719450b539ffb28126b87e029a4e297823f7aa2b5df8002be3b51fd8f43c9b27812dbfa58a693b5a8e83b07e902a4bd320c9955bf81b6c435061294b8633edd33cea414f5ba1298fc02de63f27b22205d1777b63e8c4021f437ed44c3e5701d5cfde110ae48e11da31ac1c03f413434e25f79abd7f3d214efce55b2775fbadfaecfe281ecce78658805d9d739e2e0b46e7d42655950991d5d9e1aafb956f3a66acc3b7948e8e40113ca0e1d7919da6c5981634e571d997e98637355941afcd53ce487f88dee8c2bd0c1866c4cd2c8218f265dc46fafbe64b68dbf152fcd1c4851cf4633daf838e8c2dc740ce258b25f27978ed8c13698da414e1aeacbed4d595116a0ca15996b5bfa6d71cc906c7a189f3563e810255d49a0243d2f027bd820d929ca3ad0646a5a65b2030c1d8c8edfb364dc5371e9d68621f951be92ece67242bbd7be296132551111b66bcdec0cd67dcb9140f04d6baf7e1aa2785e9093d2dbeffae794f36ebadcee71fe51d347ac44d33b8b581c853f2886d8f1ed26c21ff7c35eb7803d1a1ec60729dc1e63b08b4aaed3fdbc97279e7c624113e26ac52bad5bfd38e8ddce57cb0ce28c9e8fd0b6bdf370f3d72d9416f4a44e27aa59ee21e132c41f103485cbc41a167238e154ac70bc0e4fcacaa1a3bcc1f42a17f8a454fdd3960ff5338be19aa74f21471e1bef49beafcda6fba4c518c16c99bfab28df652388f3c2988829d66a7389400386eeee025e2edba5f94670afe778832d325a639b9fea08dcf79991a197582be197c0b7fd5a255411c0a12cf47bbdd2e4f15a36229065acdf6e1e2eae389fa6a37209ce7049f21743c6282e31d6890c370cd3efb2d6f4d0fb657e1b05facc2d312826024682b0c724f62cf63eebf1422b95bfbf10dd8431fbd22e17639ec20491d3f41c81290e4946f14f14e89be23f4d40f449fec3d9a7df2023a15ad6338f149b224315122bb5290fb29fb851b6720ead2db4af041f3cb83b4731b6748d68ee8ed0716adeac02e259759a29dc8dc1e3c0f37c534dfb1e332039b986a92e0d08ad12c23048ef609e40d97fa55708783ac476bb7527e8a68b0cb88f16eed5a39a177260c871d0115c17209d59c007944cd8c3d375fadc0d67d1da17f70c245b4b4eb170b15fff99b731ae2750c6c7254829f9900e31352d8d0a938da1015e16854418f1b50b51ac35b9af6c3989047ce3fcc3206f3a6f8b72afb085affe76e5764fac0953aae72a3e3515a24834fd37f562014fdc815315217f6bdef93af98dc0fb59249b745f6e0871f427692231aefb0416bff43f426f8bac1260db4469ce4c13becfeb4fb427138eae3e43c324d412e767024e0ca72f23e3dca101a6a399b9aae200e02a6c3bb1e763de1ab851a42afe76a3c0126ed91d011f7cb3f5faf1827f1ba250510a8245c1acabfa9a8b98d2344a7ebf6921bd2ee61be66221e58848f1726a2c78ff164aa1f15cdd3e993f91cbf8a534d78204a727db4aa3cbf8f8e8e9498fe1c5c5a6bf1b8e9c0c11141d0f903c9506c1452315a8cc5576720de5412763a84fcbd830c2421364ea3ac1093f64a94c7ab8cdea346f8019dfb2c90803d2ead58e9e161584c910506d1871a427c0a337994da3c411d7c6b739a050dedfc629feaa01e574e5d2ac505ab70dee7f2b217bb501212edc2690926ff8c8d51104c286f9e6569625a3da4447644090db10037196d020af9c8199b4291fe0660c38f9bd850ec3dc1540da1b8d02f8cf2f796a02de745c580de00ed76cdccce3882f1b07ccde6bb5da6c2608189635383286b90a762a08d9b26972f7723e29a02404776f80eb1e5acce185c4381893e42576b6217e4ba5b74181e3b7c16aa787be723d5383d0ea746e1cb1f517319decb9ec65accddcd3f8c6e8c515453a2e1cca12627cede631d363ff1871bc7efa48a9b7e2e8d02872633d8ad13a53cfee5b10b1d571be4aca2a01550cd9d9d74705e0c7a650d06aab7de75ee1075c9173bce2e941649798d76af5cfff178df0d59908c956282fef2f627f89504d61b8cd9332981ce67716bd66d87b82ca1b6475bcc1e42531c16971d935e6397a32be59c6e08729571c8e0a5ee4a233e1e92657e5c80d88c64ee813f54b712fd3568680c9ca889df5772de264d9f21777f99e7bb7f79edf1f471f4de761ecccf15c7264715bf146945a3a511c5860a7b6ca97023c979b06c56c380a423ea982877aeba24d9f0787a64bea7767aeb55ffe60231ec28635160d75e2ba07758d9975fb0223205bc59eb5fdd86f19ca7384cfbfd0c30041049111d61fa360c97fe57a9391f7434a2c220f51df4ecd153ee7be78fcff701709571a59305f6151ec9fb0a5d2d03fff3a47881696015a8975faed2870be734d2f8e4835ecbbfd03c22575898bd616c06c71a5f3f81ff1b492ee3a7822b20d07ebd4879f4500f1c66895628ce47c798facb9b3cfd77ef6924636a692b452719793beb2a4c0421c36ab696d824a0527abf20c22c8246d09c7f7d17a8a54650fe4ec044306a85cbe9b7a947760c2639cbcba25d8f59da5738b3c3114559d134f916f62dd747ae9edadf224c0d6ab0d1e7581489bc420042f8318b50f9a63aad1b6f90a561aa8427547ad8cccdb3d1696f1913cd2dbd1a894639b85a21c304a65a704d014eff6a211833d7af6fde970f704c874220cf46a60424f441d9337862cb9f04da04af796805ef8f6b9291074bde2546ceaeb33b4bd8e13e1b6e243bf8a2c54d71564fa8ed8435e9b3027468d7895bfac6c3e67c02fec2c33d1f483d48fdea34541ce766b5d7c95dd320a668dc2beed5d92d2697f0246d3427f49d3ea5d31360d8a1e6b455655835d83380661456ad8f8564b7c2b47ec35c2e76e67d31de1021a3c01f786dc831835332357f7a797f1d27b59b40f353a2e44afebd67f2580e1ebe7326766eb59c4b673c2bf63f3c6bac67f6b7ed9ce8fd1e41df73e90c52bfe579773e8155fa0a2ec0b861b2d655a54fe81840d1d1c776f15865b56e50e35d0a073f219c90a81309cd21480a1a656ed992a4f31130a822af4359e001608820b9dd05a1736a909d4d6bef9358525243196998ac26f3545aef766dc37e2fae2f851d2cda53b3a3b1789dcc915641b5fbb1ad4edc414494bd81e4b10fa56de8d36d1827bd1c889afc1a6d773ebc71eac00b2a7211d33709c6454462ef9d6a4dc05f7a6d321cac0eee683e8421a03e98788be24201fc5cecc506075f3f689be74f9112e3307692f0a01ab5c73447ea37a52a81e3421f94b7f7152bd55d5550f837c7961c05aa5d59ddf80c194585ffed24a95bbceb16e0931806b49282530fb87857d6b3fad8b0079e94f66580c563cc728212fbbd0f1dd47822d666ffb2b02515e97f529e0bba8970bd68648cee3a1c86bb9a611a78d5436b244f27f27c04305b9cb0da5291eb10ca6fbcae09b2e9b99daa761f06e36c9b1ced46112a4173c1e3e97b131cd37b6e2c27bc293e2dee49c1fdb3da47639aec5c0b9a60d137b1b202fcffadb9fe59776b6cf1c2481e15ba6f158de76e6421ad8e3ef3a0f0a18811ee9a10d9eb7ad8269831d7d66a3a7c8f938f0e2da87ef58d4c09d763c0194304e6eae231eaef8091d678097cc817f2f6e11555f95f327554b4de39fd047c45d46cfa476849f7f75e14ca35d13e3a803ecd11f4bcb3f6cfca8d04eca957eb59124dfd4a4270407c38c9f13935f897a9bc48fdbc8d76ae577363cc0adce3b1a474ee164332742bd74f58cb540be67a2c2f423d9f1b93915f5c6dbbbb26cb7f47493b442fc1d8882d718fd3617a1d32b86fddc39268c7ef79e82e0b4e2f971604a89f1721b4a15bde76c9dda6a8c401961911cc02bbe4ee9bf160848d72978f104b54c93dd576d70badf62a2de26beb9d208b95a1f2beeaa67c26afc6d2c4a9a736734d1a2f5bd8f5befbf92e87f842f3cc2a5732bcffdece33160e9e9b549ae9ac15b0bce8815b22a606ead668b901cf3fb59439be722f833d13bb29182136ffc563fa3d1216e8cd726f215578b9766605df976c583c8000bda3592d256fa887419d477e27d96005be32cc880e4a9684d19e2f3f4c3ecd2d413fd051799e947ff84e5be1ec04089ef78e18933f24cde94a9e6ff9855109e3cf6584a1b261367264f7d95aa5c6f0eb3c5579d401abcb6c6bf296011ad8b81c46774365e3cd2deb31c7b3768d4178f6187c2570cff5fbe2772bb112dfc4bf305698a043a65a7427ac03901fa0c79f770caec8e91960d2ab9706ef2a574e4c1b77d24551205e701cf8bd3c70f484aafa71ebe35dd084ad6345e0e96d2112c77311ac410b59c86c04d7b5a56b4f907a4dfb5ad337ddc843e3aaaac98b034c1b487fb2a04ba7a06bb3d23bb442f2bdcca6efaa047e723736f06fdaf1e1ac7637965bb062c145194187559ff07058d214a798ee7a309860eb371ad0ab7526a6ceee51c7092f49288d9a6bbc81612a3bbf5f03b9484d1990908a610ea355411f795d52d5c71598bc69a15644e6d8427c4867f8999b56dfece1744075ec960d9c96ba794042232cec04deba693dd9715b54f1e537b1795e7b77ea332f8341ec3b98eb5ae487025380996fd08d6ee4860a9c0f8922edac2a2086a469e9a2acb23226fce5c76aefb598a81be6db36b002e07cbdaa4a33c06f5217dff9bb50a438e3fd93297c3913f4e68956025c029e0e7df13e3cee53eacf5a5f8515a4b861503e2b6cad80e845cf6cd98e3874e79e02da58c93ea9e082b7933d8b3f67dda701dc6448cd9e71d7421cdf6d64bdf5203d846bf69255dfe9ba880d0db2add2ac7036a148bda78d1584324a984dcb8c94f782c975f43c9e72e94bf7cc4ffff53fd459bffd73bee3616e4f9056ee5b4cb66b2aececcc742b40ce0e236f81edb13e14c37d050a51c7c0c58774221187f313706ea154ed46c9506dc270d67deaa88a183f899530b6892a17f2fa70398f106f45f5da8f797278c7262169e30e4087f3358fed6b740ec49f0d6093eb9c43434873a21d62515f9c6b9a8105140e7ddd5088bbfdc234eeb0178e9c3e48a7ac32dde6b0da16104eed0808efc90081b46fe162ceae47d6dc32fa4444810b88a6c35828f0b6371a766901a6a1187095279e3fec4ef6d09b84fa00e127af36487cd8d12babd7d533b1fb415bf07f254d4d2a163305f87da3d36138b2278de5c35818223deb839ca390de6bdec815f44216568fe013cb48289588451354ffc9080342e8fda0ffafa8773c5698a540ff30e03cf82da3c0489d2f36715a1096780f725e0911296a16f485815f21b1bf8ff3bdfd1aba3f5cf31cf7751278fb5cdb92fe4bd2c6d79f8d4f7904a2baa87d5b7fdce4528ebf532d654187108390c3bf28f418ca707ef7e5040f64a38ceed4d36088d951e4095d97a39482c9579f5fbf7d4c564facdcace3fae5670e92068671782aee1f187e9c34fa97504189a25f9a8ef098f6ebfedd3769c4885c1bcbe9ebf52b53768a4fec9bff84651e9a4ebdfe4ccbd7a11f680ba01ace456a53f807a9f2982110b4293e00516dc4f028e44782824fec39942443356cf6bd319311aca2897bb969616857311c8bd5add8b8564e6929b4586a39dc0af108183fd851df3f31e5ab43c461e9cd4e194e7f727812a4bd26007a7d9999529e7c19f0f9671d4826e21ecf3fb27127bd829b06916b490c5a7f51f59d83b4512fba695f5e6fc7acdb883e202c86d5124c32db72f24afe6cb6cb93507c7bab20a19082561fa60045acd9332d8ded830137ccd02a2b0111e65b539b4ac0865d4add6de4f08bc875dda926d66e8e3571dd99830f7f018c76c00189993314f20d16a6735f7762f2866dda16e3ce86d96951452d6496bdaeb6852e3874c619a8b23efb9cf0009f9f63cc7b291c605c1c2b3f8fcbe5d3069141ae56247507c08f3f4e4e3f76cde0f2e5c937f1314f08426c1a129ef10276141d35494cd3e25917a072a7868c7b4ff028ec750768a1a66009778eec09f966888828bb09b7d6ef9c361d7f4a5baa70f19d60f2e73c337f75163c26ffb5cc17874ce1a13e055cbac34f15b89bed79cea7608b23b10f320868cbdde6b7007db35d39d0b01d703bc12c357d8a89897418334a2f4cf3c4c0f33dc3484fd701dc67b51f0fb70ae24456f7047887b92cf2dceb9004a3596e55891c797941537f5cebe8a308dcf5f99d462ec2c1579d26ca277ee8f69ce6db28f3681f73582e83e20825b2ae61f3e0544c7dbf6e60aad1f0849282170d088a59cf763f55d27e65489fff5fe018d278c83c09ff2525f6d978d98d03bad844448e855dc33ae69f80ff703f8c74b9d0e71d4ee579d6de9bfb0cce5f0012619cc35e3145b3a0f70da426ca0def75b84ca98809b2012446d4565cf26d317ac0dd1a6c002d9c888a443a848fb7741fb0df21d058c2ab8233e43148dec429d65c5ba766c412f56ca08e49c53225f5c9b5d709796be472bde5fef7d8ce939c6ab55b61359daaf98397d908fbec2bd707554c6d42598d9061c569c8fb4385fe45f1d6d922f7c81fc1fa22c0be5d26f8eb84f54e0bd93e6ea834abb2ddcbb3957f911a1525231b400ef43210191526ea9ec2303657a39f88c004da85a389086a5f8794206d42d07ff73b31d5fdf29679de6ba9524adf2cc01cc2b66ef11015dd0807ef4007feaee799a93576da05504d04437278598093746aad4516e2f2f6ad678a9d9e6df6b837bf034231b9bb85e52e4bd562dc06e384ae3ce70d44c62dd96b9fd5ac06a535f190ef2ca75ded341c879f36e5dbfb3f7ceac701111b767481ab11e12e2913c4dcbd2124e7a75cfbfa7322303d007d65859cf22d0a99b65a126bd11e79b0da755c01a9eff85d6156bc58746d3250d2d3c778cef28379ed8a8cc9ef9180edb770cab6617a35df829066a084f63294e647ddd75de79c8f66beb11b9d93285673a51b54603428663b0583459c0256d6515898ca977da7294c5f55369286f12a9467e7d89806b6ec58a818226a6ad97665464806b16723b1e8829a1d37d9ffdb6758a6027042135adab41eb9fe018c8635c0703f37cfff9d59ed46eaeb1e9b6bc1a007cc9830281f08a5a40f5a6bf2eaebb626986ad533b64b3e9cf337d52e32524639562ca12fad43250ef13d179ee90fa45a1787c9a581ebf0eef4cbe3c46b38be79638a4701815a03e93b7bf8fe7c0e8c9abb581d31b5075c0d5b10e68e6f4631057ca99653d4a6a5d0cab77ba68362db99a3d5004beacb92d17d358ed9327e6e5c52bc0876133161a93ca81062d9af63f2fe9b92c213a4ac66c2fb2b5df7a7dbb37d65a6adceb55c8867f3a70d933be6620153570df7fad76f39a1fd38f3814bdc2fa3a07893542367aa8300c84ab724c8ad416001fa7157ed09f8448cd13f85084328712681d7e16e1f1286e4d81ad501daad2220df0e6f33afd41326afa176cf647248e914c3438c091b21763f0a4a610ba61ed3b12773052ca47ad834bb6aad62c93fd3254cc41c079c8a200d5f1363fc0d9b9240c2212e16e07d1f9c98f73e044cfda3aad239f53167433c45feac2826a9a12af478086a74d81966f534454c9efd89d6ec3aec8b593073c29552cadf4164b6db1a027f106f9f64814bb8546c89d07d5e381ee81a70b31a69d471fa592354ce23ed87b20dba1ed739769d8c20142382391f0e9e2089f3392cda5c2d77a5aa703f6429c7c759856c57e70997e70cf04cb56e4eb62fe4a6d34d0ac748c4aa222719661ee1ed563c03ed80bb81db2a277740848bd8f871002bd973181c5c652bc5018c3f89fc0bb23adc587d3529610fd6895be492b4cfb12aea78083a4066e119713574197a1e8f0c4b0ba6f222f9115d0a2c593f956f967df13e7b03705fcaecf0bca8e7e254e19b6687660615d33e20f56cf4e0da2c176c04555d083676d34c9bfd971924e05002affee50678c157d1c033991c17c4dfca0451ac5bdeb6743040222ad7dfc32e5fa514db8c210ce394631e3f11704e873d4e91f0126bf35275fe49290ddde6547885a293eb5ee36b55507ef071ed88b31c544803384779315438417c1cfa306f81a8730c62aa213cfe44e509f9917fd52cefbac2a23bbd0c3b3781011f3365728005cb78239b81b3993a4ac7c71d96669fdd9de3ad7f77bce98ae431f29af39d5e22814ecb9ac20bd993b6e8c7f0efb2bfce173edf377db91cce833354cb55cdea1e6bc3e56ae4075aadc659dbc3fd1e585703306f9f645913587c8447498eb3234f30c3834798d0f06dc79d1606f4dac574805c67e0c3f65fff04dc2790ae403e1ca5cb2c6ca8bebc615f4124223f02c641b94847111fdf2a82e8a69e49bb3eb7ffbfbb59bda7f547568ce747de7c4d4f6d04283e882fa776d426406e2751cba6dae7882f16b8f0f61fd1821f3e442a91bd844ebc1107849549c8865be5c6a21a12888e4fd745020841722e08752ba33217fb3eeca40ed8171847651a6931e35677a80f2e2b0b3a6a7456691b90e67fdc5577c6d147ef4fd786c2fcd5823b6e9f157b2904c2a2f9f6099983527c8d2dca387eaec67145324b3dbd7daf21765c0aa7d7af26ec27c96f8a1c39623872291bf4e6b487908c0b20c0cba74731ff010cd912850b99c6db9a98e3547cb94ab98d97674c20e8725ed17cad519a22b92fb61ef2b686c9f09a7fbae49690f742d92bb624e00b934ec130f2d578bb42b24b4dd1e7ab6b40237dea57db273c0ee0382ff67ac32bb88894e603fe73c99bbf18b3d6d30a3e12c64f9de3c9071a9b3fbdcffc37efbfa5ea048bf3b7eaa7ff8e47d990a38ac77e68d844c8e3e59d1fc490a76bbee46c064b76432a6c4a0ecba48a4947f2875ff887a33c365858d568f06f32e768bb7a227e8039b49e634702e45f057fe86224b5b2449f567733ea5d3658c2e818b3717df3f7313785b67e82ec0fd53d45e158e8ad43773146b60f2ef6a34cc56a7aeae4f86301f18b3c6cc7abf32ee76d0a4f084425466a8893c5de989edea9bdc0048256b0667fcad5ef7057a8db0ee533e7e3f44bf1876575428ad579fdce5dd2ed04830c6802ed3862e6c42cf7967a0a4af09aa96ff74bb13bb9610ba35101574bcf9a36d566dc2371cac203875fbafd0bc4897801ada1157abe75858c34333beb0208254fa2bff197c8db7dda75c7645c6863a765ea34db0de601558893d8ea9ce75d935a2c6f822e595d7c90672618a213fb93cccf12b3288a19f3f84e6f310f8ea0fd786276c7802734974a197097d2331274a00b37bda18b2c761c8acda5742c39488e68ddd219b000506b4b76678bb680fb39a4658d2ca9261e27d17c318567c0c45cbf96611f40124d1bf4d499a5f51e63d8575ba7cc53478848a6ad3e513e581bac08675e16014c37b459d2c182a77c4cbaff021c527d9d21e15abcaca42c163f88ae051596b8e6e020d57e84be15cef296853b5071d40fe021dd4a019ad6fbba693a9e93e23bba6de4b5d60df012ab34cfb8bb59dcbc844f9befacdae57d225bf5affe3b3733ed2ca47eeab904db9c87e034384fe8d9a20733fe55d3f7ab2a949a3b62f01ebf324f26703f442bbf6448eb3654ab900e918d720a2b52d12aa7e197ca43db4fe8a2cdcacb58ad44d6de3ee141699062bfe503938209303cbc379e6757f5debc30d20606c0159523dc047e11724d7bf2dd41a7bb292fe26dd72cc326a5ee7459d0346f651a58db290d0afcfab5186cc910b0453583af4fbb2376581777baa2a9b1b24d073008d2f30483f872243c51bb4c5a0e20cc0d443e769fae843fb6819f3e8d735f263b1494516f8e71cf6514448d5c33a58a4f6968b779cfe422c2a8181cc73ec78ee79a0adefc4225f2cd64717ad99916a176db9047c211b4998eaac933655f5d802293bdd9c914e25a2441c50dadeafb0150d8bd87e70589ce6c9a36ad06999dad089fc39254998be6ec9ea97fcad5a028c78a14c5f63aafc759c676531219ed2d0736175aa2a98f38dfbd99c56e2f01fd0644b04cfc2ee0a03301593e3dbf795ae66598a0649d889c3302c4be855b99dfaab17d81705eab81f47bd4505ad10fe242d2f6696af892395917fe72c42cbed44b686aca0b835f717c9993fea7fa5ea61b8282ce9816634f345c2dd628cfd7d5d67cfe2d4d12604ff75502bc9dc559963499fbbe72d852eacde22ac55cb444db57c17c5516cc4d0830855557db77277924f45f871a52263fc98ffb60a40fe474cd39d963faa94a8d50e365bdb28df3e962f8830d937c11b7b5e128675546ba1a2dc6bfd41952c3e870bbf9acedcdbf7a850eed8c7a7e8bc51edd6f458d2777e8afa376bf4dbed32a79cfd964edae8b7736b89cbffac5f36a203583faa2ad099907edb43ab698598e7317f187f112aeecb60b204cd4dc6218ef1bdafb4571bece2ede11c235ffd8eb8c51c2f70eaccbd823d671e2c95b95002d858966ddcddb3a3513fc9e4b02c3d614a800a13f8ef81682903f4908ecc5c901df5879023b7c67d6573eb96cff6e592df18c00dc2e90ed6b", 0x2000, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x18, 0x0, 0x7, {0x6}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 10.76720927s ago: executing program 2 (id=4424): mkdir(&(0x7f0000000000)='./file0\x00', 0x18) read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) capset(&(0x7f0000002080)={0x20080522, r2}, &(0x7f00000020c0)={0x6, 0x9, 0x101, 0x9, 0x1, 0xc0da}) r3 = socket$l2tp6(0xa, 0x2, 0x73) ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f0000002100)={0x0, 0x0, 0x5, 0x0, '\x00', [{0xd56, 0x5, 0xf, 0x3, 0x9, 0x1000}, {0xe0, 0x8, 0x7f1, 0x7, 0x0, 0x7fffffffffffffff}], ['\x00', '\x00', '\x00', '\x00', '\x00']}) r4 = openat$kvm(0xffffff9c, &(0x7f0000002300), 0x167380, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r4, 0xc004ae02, &(0x7f0000002340)={0x3, [0x0, 0x0, 0x0]}) bind$l2tp6(r3, &(0x7f0000002380)={0xa, 0x0, 0x89, @local, 0x6, 0x1}, 0x20) r5 = open(&(0x7f00000023c0)='./file0\x00', 0x400, 0x80) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000002400)={0x0, 0x9}, &(0x7f0000002440)=0x8) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f0000002480)={r6, 0xfd, "90b3dadacebe11d489c601337ed5d732a6a5da441a6d42d9c4c4fa07e5671e48d1e2df57d1dfd362133b963b47aaf76468e8cc9626721fda731ef31280e76c5e260b58ff016ef48764c4b216313014ce5191e2689ac8f1b84d7eee18effaaf17d37b40669bc21556cd596d05d8b14d34b5ad12405e32d608690dbdeb5363631f9f6cf8b08eb51b4b223e6f2d8bcfc2374cd37fe63d57e007cf33284e4d9545b35a3f42f6722957962ab8d941e8f51ea4274eb0ef279cc50b0c0b0268ecab8dd0993d3b02750524a4870d1665f2309d1abf6f7edc98fcbb8d79fde1d81b2d3b0fbdf43fdec2d3111483c3e890ba99823b7b17fda9d3f7ed23ec48852f46"}, &(0x7f00000025c0)=0x105) sendmsg$nl_route(r5, &(0x7f00000026c0)={&(0x7f0000002600)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000002680)={&(0x7f0000002640)=@ipv4_newrule={0x38, 0x20, 0x300, 0x2, 0x25dfdbfe, {0x2, 0x14, 0x14, 0xa, 0xa, 0x0, 0x0, 0x5, 0x10}, [@FRA_DST={0x8, 0x1, @multicast2}, @FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0xe3f}, @FRA_SRC={0x8, 0x2, @empty}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r7 = openat$vimc1(0xffffff9c, &(0x7f0000002700), 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r7, 0xc0f8565c, &(0x7f0000002740)={0x902b, 0xccb1, 0x4, {0x9, @pix_mp={0xccac, 0x8001, 0x97a7403, 0x1, 0xd, [{0x5, 0xffff}, {0x1, 0x8001}, {0x3, 0xf}, {0x6, 0xffffbc32}, {0x1, 0xc2}, {0x3f, 0x7ff}, {0x3}, {0x2, 0x7fff}], 0x3, 0x5, 0x6, 0x1, 0x1}}, 0x12d2}) read$usbmon(r5, &(0x7f0000002840)=""/74, 0x4a) madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0xe) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r7, 0xc0845657, &(0x7f00000028c0)={0x0, @bt={0x3, 0x88d3, 0x1, 0x1, 0x5, 0xd1b, 0x7, 0x1, 0xfffffffb, 0x7, 0xc, 0xf7, 0x5, 0x1, 0x4, 0x1d, {0x8fce, 0x400}, 0x9, 0x1}}) r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$SO_TIMESTAMPING(r8, 0x1, 0x44, &(0x7f0000002980), &(0x7f00000029c0)=0x4) ioctl$KVM_CAP_X86_BUS_LOCK_EXIT(r5, 0x4068aea3, &(0x7f0000002a00)={0xc1, 0x0, 0x5}) ioctl$EVIOCGVERSION(r5, 0x80044501, &(0x7f0000002a80)=""/67) mbind(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, &(0x7f0000002b00)=0x5, 0x3, 0x0) r9 = socket$netlink(0x10, 0x3, 0x4) ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f0000002b40)=0x0) sendmmsg(r9, &(0x7f0000004000)=[{{&(0x7f0000002b80)=@nfc={0x27, r10, 0x0, 0x1}, 0x80, &(0x7f0000003d00)=[{&(0x7f0000002c00)="f34abac26af80f898d12057c427097b09a114177a0c1bfe153862378b98c58076fc5a08356a7abb39af98da081340ace9d07ca84f86584ccfbf2b890b6a2a70fb35cfe2c716e4c5fa96c2a46fd8432bd8433bbec1beb250c8fea673421f1a358a559ad69cd3da5b13960fe2ffdbdf2e2d21c", 0x72}, {&(0x7f0000002c80)="3691235c7e21a7b245dfa1cf525c87dc68327804c4bf183402506712ae2376dda0b4e7ac7b", 0x25}, {&(0x7f0000002cc0)="f16d25d66f280067cb6ac193020b80ac7c51dd1bcb9f603114ec542316cdc636a87f65e5f9718dc70501e948577bf2e2830c315110973b9e09f83d3162", 0x3d}, {&(0x7f0000002d00)="8fffe0b71bd56a310f1460173ce54fa1553db42f7ab3a9484999388d0ba7df63c0fd5269891573f365bd7f9afe1912e6f6f1b014b5482db0388d8e5a3f6bf3f98fdf7db4c8e102cc96e6e62b0a02ef7efef358675c05980095fa3e2f63c5afc4304ee4dbba130ac9baa16ac3c26d44cfc4025e5062d659da2ee67c507e22cca1c792e9af5e26ae95d75ee31ac704311002ca6b88a901b55bdfdc902e8bbdde61f2bcc24445f8d0e24084779287ec2891872f286495d93584a30dc7d4530a712a3af33a26bb7683ab731df7a5e02f5c0977140637ac51d3129cb4dcd4186e8e53430dc324da2819ee4ee0c65f9940a74b2fa1469787e1b06a4a56410ca454e6c68fc6a441c60c68be09e2f300a4cf1dbd98e3efc0c5ed235b90ac60050f740e9f663e7c9b39dccf3c7833dd0cd5198bc1e550a4cbcc280977afc342e8505e126049bbfb967110c8dc1a1d1fb7ffe8b1056226d392ff3591068a2bf0c6cf6f7c04b1153d8c9934d36b4273f5bebbbff2e7775166415baf1083bf60139b9cc962142a37f6a90b244152e9b7738e56fb653c39782dfaf1d6c77054b8b1693e3fbebd680a3930292c575c0693768abb2c3f126cc159c90fcaf035660c7f694a17a3cb3897e38463c14aa4d103b634ff9a07f55df8786de1a7916ed180ace20c14514eadcfb95fe5151f11b74dee3cd3476b4b4525dfdf25444e4f7f713c458041f2ec2ad07099f30fbd199cc35b05ccbd89e916f6d852643dea0872f18f6e24de0c0f2abdba5ee8c554eec6523f62108f208af14359483a990ee428cc57f3d99b5034414b369d3c59f00e78980b99644341956d7b0c0c2eacaed2d4574e82f82b83400542deef676a67a01beb422dab1f11d2416544b840437c1c047a0001669a23b2e4cabaf057cfa376403ffa11b4afaf5806db4babf238d579df7712b3f949f5f51bb62cf6dbf3a25d563ae4bc6c2dbebcb1c1719636c12dec5745c3da4f6af16f61519d14dd1a94abd7d0cf41d68ee667ce97e7465bbc9b798a4d533557cb3ccf8846a7d694903d69cdb49a74e73d255418185762609a70ffed487b79fab1a95d07086a25d7f5268ed4f603c431a9d27a1c53350572299461276498ae0f3de7c4dd501d93c9e8e95d266a966f9e80e8842430f567afbcd8f0a3a22758d09ee36397b467347054875cc4ee2cf13480e77fd588e2be7fedc33b64baa5b0ee4a09d15b11bdd319976bb8b5c758f35216e91b24f403a3dc8ac5f84d7bf052a1b9bf7710be007e95107ff450e187d61bf15c0902899587186046533a83274b70c710f9140271bdbcba14f097ff2e129cab4f571bef492c2b6cfa2c894701b42be9316fd2ee4d0aca0a2d6f5f4c037e9a415268c1c792f9c4ee9d530cea6c6c0a38a3119ec540f36b9d0f8530fedca931bc087547b54099ac5b0091217f1ed8b4a5fb8e5e5249818fb7f7769263d237a639c3161f61d27aefc82b8c9b53604ddcd4740b1100d898c7bdcd6564de999748173345bc55bdff3b5b56baded34da384efce9553dd90da7dcfcd8f3e91dffa9f3bea298977948c78bfa406cd0133ac32276d12504521d6cd3d0760fec0bf716d77341fc83463221003a0dda944367cd15f2514d9df52eb6930798b4a8dde01e1c243b0ba6a063b17a3f4a7c1a8d560716b269e543826d2e0096ebfeb451d8b8eb25c7d75210ea0696b8de947e681263e1fec549af9deb096930d1617cc74acd33cbb73d517a68d4d472732ea604d6919bdf337327bb8e9c86764de9206fc201cba91a9ecea71322b4016eefc43b2d6f326b2232c74ab1c8c4eb957cc063b8a067362ac4fcfe87f42bca44ebb563d22a297a92567bd75b0948473025d6b9536dcc23c43a2f9463455633658b3b813f06384e6bb8b642c518f78c4246f784834e1a944e7aeab40f075eecebbd8ba0bd9ab4999f131f49d6c829e4d78fdd1c5655505a28a65854b93ff629e2ec5976ecfaf553b126fe6c82d0af961c64840b4d5fdb9e34a45ce4702a742211c2e72e5ae9fc426db65229e778f9f00b996ed990ae158ebfb2637f6a6c0a444d37991f60bd69783b88f32f42837d42342b19fd9d43d273b11499d9dba3b5c8b5b91071e166693b4cc31d6953c9dcd3b78137136685b75c7f6c0c802d14a0fba9e61ba526ce72db3a5ac5ea72ded4030aeee2b554e81427ecd1275a0d789877b429ecdba677338e3349b9ddab38a6f2b039abfd4d864f4ff6aedfab63a9e32d77fedc9d89f6f80d4da08e3ecb1d164e867578f6144ad6bfa2d71ccfdd9ad900ae6a38e51fcd9dc38a239f72ccfa86c65611faaf1b1136f5fb952046e8d35ae2be9cb5d1ea139ca11b38a3e1e1250cdc8030c5f2eb7e7e29af7672de5038861b43f9995e338c5cc4f3628d5a9c4d175d260ad0d6c85ea89edaf53faaf173633a6cdbbc99acc314e6a3b40470dc4e3c7054393390363830bb74bedf255052bd7b2cc86e81caa33623c14f09b8907ebb5e8d6e87008ffd8aa446e363811addf9274fd20e9d2a7d382141c2fe79ae3dab8cfa6e47e46e01f44ab29c6bbfe11987b2a78946f52936d6d9718c7f126376a979d920f13798ea42facb84c422b28fab1a11663e829ed95572c32e6a5e47fa202116a86e9eaf45a012ac1c4791618f2e852e5aa0965546b5f8f27a11ce8892866e7d6ecde1858703b89877222776e8b4cbb21b75dcd9348bd94c676c8b40311a8b188546094fb64750eb3add072737686267bbb204f923ccd9d265b947f757c4c8524b8e2c9c4e209b3fee168c61fb29f30aa1ab8e618ce847b1fa4f06732b584aba39e802ff0d2d3d9d0c18bdb0d2782f5cbda0209b2b9be1d2731b51f60ff8d9dfb0d3abd196416ad81e3379e31490dd11648ce1fa8c4ff85aa91d5b0a14ddf4c0beabaf3b300bf7d3a53268d5a871f8c4838da8a1c78a2fd3a5cbbe336e5bbbedb186d438fbba87ee0b665ac6293f6f22f9a2d29df2158fbde8fe17ec9f53629b587995085635d4eecfae9762e8f5da07224d856d2220ea7d61f6ba7045823964010ff58e797e92da29d42f47211a3a986a3a6468c90537024244dd601deb75056e08b353188482782c02d025236e8289e522c00037b395016979a8143d75fee7e0b1c65fdfe37fb0ef2586d2c06863228b20adfa2a01aacedf50d386f8c180050550c69fa872d3dce23137d9ce0e16e7700bd2269bae387630edf9e2cdbef85022a09b9f09454b6845417b9a8c2b3cd3790f07382e5b44cd5578cfc6fa61b6d7e23b5530932b1afd8a440ece7d4f3ad07d5858624026bfbbe8261eb71218d621f823b3e0d2730eeeb2db1c10f0d988845c4351877f2f8bd6f7c3f6c97177bcddb9fa32d028965c73216a18f5e5b6a33499e5a41240777797dd495cc50e75e0385f16ab97516cd376e911e7c3f7f839b2ab06393c6552f02f593c4795f09ae36b8991c35ebbc3c0bbc664f75d0b380cdb43e0a79cb89b47a0e27a4aca4544753ae883c215a05a5fa1490adb3732b294498877171d05d8d5e9c2bdbe29592ed5c1e07cb634fde29a11f106d7cc4bc4739b7ad229fb1b71cf4b397d7178e44916ac2d794b987dfc8963533805214b3026a4023799cf6be327a1219d48d36f447d8861a59b4558c99b22e3d1dabaf0fd7c688370acd218daed053c80b73a26c80974c88047558f8db3bbc4a5d6f12f317583d218bedf7cc445720a14d12c09dab939580814f7c8d9f79a0a71b70b6a5e99216aabe4cf1010f0f5907c642dc3ea7751e04920d42e385b1cda462ef547073a63b5f7b8732181407932a755562fb3d5fb498f4f24f6fd410b85a3f260c55fcded1e5c2fc5644b81a9b9ee5186b06dc36554e8e8fdc28d7a175f79dd33c01f5ba7787df0e4368ac7c1a8037b10b96c16a5498e05809ba8a2ffbdf204ef4393b7400c54e58f3a24e4ec66ce66f5a7c0c9d1a43e25328f9df9eb4e09a294d766d30bcefd89835c02fdf2dd0b5c32973a180755d88779a2db9416d6b860093bc26708b91f9fc556f3887a83b768c37c710271b94a105554fca7cf46645a85383daf7970aaa6d303c803f4a9be8894a01791a8247db7c824b82c9ac385af5d4746ae32486f3043431da74d02da38a17d21267b5cbfdc87ea3b0e7b49af3ad17cfebae4aa38bb710adde43342e8fd311e1d39228779e89af6207ff3445eb8462fb848223e9b06be4472c438df7c7d73e8823d87e7413c485bc0bea313c2d4374d63a26d4af90b29753a155750ac3eeba9a057aabe2405525119f1b0e38fd76318e32ec1bb82ba6ae39bc7fc2c0587f57a36ff30d1dfb391430ae0bb415e2b622db49c1db24bcaddddc74eec6598d3e7d94c91bb8f911329edaba446fdb8329ef53b83908e6ce59d4278b566d494e1c938119457856f448da7f11579715b83a487f00c8d43d3453bd72437e13cb7dd3ede4ee9dcf2cc3314cf8d3b672caeefd3d4d6cb93dfce3d13ab5c695e280c591e91c4cf0fd7d3a4990cee308b2eed9529aee989a9fc0981f562c7403b0c00d9619986638364f18e3b0ece99b8d929da2c6293910b4b4649555f3ba27a08157ab210e8f1902a5382df984c1cdeba8687d7d271a39823dc005c695cc65f2f87f0a811c4c582a67bdd2961c056ef9d7fa185e2d4141da276a736d3a183345838d60726feee7850faa7b15824974da02e664d5548140d9cf19527ecc4b49a9992e4dbdfe119f0f69b498d5b47de9e5632cc940734f41a29708559b4a57d4c5a68c8fc0b1be0dd1e83fd8135e5687358d974255cef5190bc7afe7ea29cdd7c37d8413b6551c1b0bb7915c4d9c10f85fadf4cb4a5a14aa8ca7c5f8f17bd80086288e1871decde216c5737dfef3f733016981584d108dd781f67a8fb8c9558b44287b1119aa16b32f40c5ee6e21a9686af6686019f490fe42e1bc4820302b3337761ce8a33f44bb578f30e7e1d8bd675ffb762b208cf2b39ff6a96d5ed3f892fa8e337f4f908fd0047f053fa8767c80ffe5a696da6dcb97fcb51ece7f7560399d89aa0bf932c069b878b019d674394c783008f05cf6f211d1367b8fc341c6d76ca1da25edf82cffb5ed949f0e8ab77d86d7dda323f825e64f9f1c4cec770af3f4a952e76346eefa24e3ec2d663a65650dc21dbd1ef39dd9c5fd8fed11cfde19478d0defe5c5c202360601c318983582eda634a6ee0016f83fc8646e38c18ad652edec72601475cda49eda63d3acc047dc09527e6b2a17d6c8e51f47a48a4a647c4f8514da6756062e763f550fca20eda0fc63c4901a72ebf163938260b29fbd33e8ca554507915f2b06130841f3e69efe2574593510f981b73a616a9ca86d9fe8248c5f486c7def31da3f3a3c42dbab81d3e1cd6de72b2e909d9f5b6c1c7a2d400c7cbf2e41a502e61599ceba6810eecb3a2b71353242741e1d0e050d909cdacecfdc2affeb10f4b60a637413850eb17fd41f584d0731ae3c75f25b34dbefa97505e15ebf6f504f4d0d72b369f1e604caeec1b114a588c9228e575a677e6daae89a23902d0cda22e96f79a4705b44b91c2ef2e24367069cd250587f9064e2de1b1cf3f1a5ffa02662f4613923b6ab703a7fb72de6af551865acf375ae2b8085ee6898122f2937e9be08be32a6fa1280f21492dbe2cf8161cddd5d297edca1e46a250f1a19ad357ea282bfe01f71aaff6a28b314af5ab21e07f1ff048419f46cc68c3de63703f210472ab85f5e93dc6e09697dda70d544ffe6ab6af80392cd1fd4fce4fb77849b5a6f558b0e7c1585e523a96c95b4be40e8e3a25eb9ffe69b4765", 0x1000}], 0x4, &(0x7f0000003d40)=[{0x50, 0x6, 0x9c63, "fbfcb6f19fb0eb6078c2470c170940b2536fe8ddd7362e42b49ad2b15bee8f1b9bbccb8a064d056cdbf128c92b838d75fabbe3d40e4142d2a82dcfa1cbe6dbf18b7f861f"}, {0x104, 0x110, 0x0, "54dfdb6f66bb8967ef670947e168b6f9bf17e9cae6efc67e404db12daa9f198c661b74d4aa7afc52da59b014908d470c26b606cc02fce64df5d00285145a0dff0377a0a5d2b868cea176c2b35e8f8a9fcbfe1b30a5754606f1f8a1aa48fcec579a1329252756bce154d2b14461d076180aa9104ed9bbf666725ceaa9f859be8e7e5842c6db7375260079c224806e1c37c07516ea6f8cbd02d8ecc01cd2b8cdedfeb29d451e6beef6aba0ace584996cd94058dfabfba5d565b9a2994b6ae02062a4436934e1d08a2b9bb50523b798dc217fc157130b67d4cd9e20b74cde9cfa0bdbcafd718ced639f3a965a38b8f6beb8e72fee26492d5e"}, {0x98, 0x116, 0xfffffffb, "6b9614d4b6bdd912c1f5e8b1857a4fa1e70c1ea3317bc22442f8f1566d98577f873a1a33fd3832a93f9731758ddb3e7ac0fc9dcc0953ac41d81dbf79286b9c53c2e1efec6c5ff2652b463e308900e146dfa741a509c04d32daa5927aab7e9071febb570769a74014af4d1a827ca48580c27f3e8c03b05703fe31c950390e2b3ad2473898c3b4991957fd"}, {0xb4, 0x110, 0x2, "50d34f7f566409ea932c52da224b68110e7de2f75d6b1c3de08002ae0c4f63265cedfb30b9a1524b26aac0775bd2bb43d08dc5183675ba734a9e3d1418ad34c87bf5239f47d2428b95c11df746f26d7bbd5fdc1a363c31024667a08f893d59708fc159397cf67f1ddee18799a9dcc14d7c6441b67fb66752deb0b3d27b0a46ff352f7f211fd9fe2964d9e9377fbf434ce5e61694d59ee78071095423098e881f9fd8295a736a1abf"}], 0x2a0}}], 0x1, 0x0) timer_create(0x0, &(0x7f0000004140)={0x0, 0x39, 0x1, @thr={&(0x7f0000004040)="f8285779bc0d49736b957a3b", &(0x7f0000004080)="1d86aaf5f14259ec340fe2bff9556cf93bdedd0a07188ebf115c5fc43107d5441ee6b9859b9f6b5737ea70c80a06fa7c9077f24a1233b4f394895f2a6d0bc7c1af17007584a2a56808947b942bd433a62007b1c0ac751b71c8643153d0c6358db2a943eaafc12ece7801c8f67fdbf421a9ee7c6ee5c3c7415ec3563633e1b57e2b7d964b9c3709f5fef044193ed4a8a947663b61061f0190ecf71e396744a58296b23506db01ea9787b583"}}, &(0x7f0000004180)=0x0) timer_gettime(r11, &(0x7f00000041c0)) r12 = openat$cuse(0xffffff9c, &(0x7f0000004280), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000004200)='./file0\x00', &(0x7f0000004240), 0x10000, &(0x7f00000042c0)={{'fd', 0x3d, r12}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id', 0x3d, r0}, 0x2c, {'group_id', 0x3d, r1}, 0x2c, {[{@default_permissions}, {@max_read={'max_read', 0x3d, 0x44}}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@euid_gt={'euid>', 0xee00}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000043c0)={'wlan0\x00'}) 10.714577537s ago: executing program 0 (id=4425): ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000140)={@hyper, 0x6b8e7c38c0098cea}) 10.624043401s ago: executing program 0 (id=4426): r0 = socket$rxrpc(0x21, 0x2, 0xa) connect$rxrpc(r0, &(0x7f0000000000)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @mcast1}}, 0x24) sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c00}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @private2}, 0x1c) listen(r1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7f}, 0x1c) bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) listen(r2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x4) writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001500add427323b470c45b4560a067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03a04000000ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$sock_SIOCGIFVLAN_GET_VLAN_VID_CMD(r0, 0x8982, &(0x7f0000000040)) syz_usb_connect$printer(0x2, 0x0, 0x0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x71, &(0x7f0000000440)=ANY=[@ANYBLOB="71039481d21a8f98799b5ee9e087a424856f5b5026be9facabe069e79859d9c1ac37"]}]}) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x3, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}) syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de0108000109021b0001000003000904000001785ecc00090585020004"], 0x0) getsockopt$IP6T_SO_GET_INFO(r2, 0x29, 0x40, &(0x7f00000002c0)={'raw\x00', 0x0, [0xff, 0x3, 0x7, 0xff, 0x8967]}, &(0x7f0000000340)=0x54) ioctl$KVM_RUN(r7, 0xae80, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) bpf$ITER_CREATE(0x21, &(0x7f0000000280)={r6}, 0x8) sendmsg$nl_route(r8, &(0x7f0000002140)={0x0, 0x0, &(0x7f0000002100)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000002100010000000000000000000a00000000000000000000001400110076657468315fb8746f5f627269646765"], 0x38}}, 0x0) 4.387714471s ago: executing program 1 (id=4427): timerfd_create(0x0, 0x0) r0 = syz_io_uring_setup(0x690e, &(0x7f0000000340)={0x0, 0xfffffffd, 0x10100}, &(0x7f0000000200), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x1b67, &(0x7f00000003c0), &(0x7f0000000240)=0x0, &(0x7f0000000180)) syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x8}) io_uring_enter(r0, 0x184c, 0x0, 0x0, 0x0, 0x0) 3.74574686s ago: executing program 3 (id=4429): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat2(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x200080, 0x20, 0x2}, 0x18) getsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000100)=0x48) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEL_MPATH(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r3, 0x4, 0x70bd27, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x3, 0x33}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000810}, 0x400c080) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000300)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="2c0000001a000100000000000000000002000000000000000000000008000300", @ANYRES32=r4, @ANYBLOB="08000100e0"], 0x2c}}, 0x0) 328.933011ms ago: executing program 3 (id=4432): r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = fsopen(&(0x7f0000000080)='bpf\x00', 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events\x00', 0x7a05, 0x1700) pwritev(r3, &(0x7f0000000440)=[{0x0}], 0x1, 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0) fsconfig$FSCONFIG_SET_PATH(r1, 0x3, &(0x7f0000000140)='rw\x00\x87OG\xed\xde.#@\xb9\xab\xecK]\xb4@\xa9\xb2\xfe\x94\x94\x7f\xfd\xd5,\x18\v\xee\xa3\x1e\x1c\xe7\xd2D\xd3\xbd\xe7y\x17\xdd!\xcf\xe0T\xa0\xbas\xef\xdcZ\xed\xdf\xf8\x10\xbc\x0f\x97\xc3\xb9z7\b\xd6\x99v\x89z\xbb\xcc\xaeW6\x18\xf7\xbf\xfa+\xe1\xdc~\xf1\xf4j9&\x86\xe57\xb8\x88\xafP \x1e\xb0)\"\x10\xd4^\xe7\xf6\x93\xb3nr\x01\x11]\xaa\xc9&D.\xd1\x00\xca\xae\xca\xdf\x1c\x80\xd3W_\xdd\xd6\xbeC\x82\x8c)\x164w\x00\xdf\x8f\x17\xe3\xb2\xbf,\xad\xb1L\x7f=\xe9@\xae\xd6\x04m\xc7\az\xb8\x04m1\xfd\x9a\x81\xd6\xd6FbF~\xd9\"X#$\xb9\x1b\xf90\x14Z\xbaL\xba\x13~cO\x94\xde\tM.CnO\xeb8\xea\xa5\x96\xfe\x8e\x19\xa4\azKg0\xaf\xd8`\xaa{r\x03\xaf\x15\xc9\xf6\x045\xc4(\xca\x93Jz\xbb\x184,j\x98\x12?\xc5\xbc \xb3\xe0v\xedO=B\x11\xf1\x96\xd1\xbb\b0\xb1\x81\x1c\xbd\xb9\x91\xce\xa0\xa5\x95\xd7\x95\xc3\xa3-9uo\x15\xb0uj\xfdI`\'-\xe9\x90\xc1\xa7G\b\x1a{\b\xb4\xf9\xcf,_44\xea\xbe\x15U\xcb\x15\xec_t\xda\xd4e\x1c\x7f\x16{\x86\x9c\x97\x80\xc4\xc3X\x8c\xdf\x06\xf5r\xfa\xe6\xa7\xd7\xb6\xf1\xc5\r\xb8\x06\xb6\x9a\xe6\x16\x86\xc5\x9e]\xd1;\x03\f\xdf\x92\xf6*\x9fI\x17', &(0x7f0000000100)='./file0/file0\x00', r0) 0s ago: executing program 3 (id=4434): add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) socket$inet6(0xa, 0x1, 0x6) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x74}}, 0x0) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000700)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000006c0), 0x2, 0x6}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000680)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000400), 0x106}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000b80)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000b40), 0x106}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000900), 0x111}}, 0x20) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040), 0x13f, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100), 0x111}}, 0x20) writev(r2, &(0x7f0000000140)=[{&(0x7f0000000740)="ed68b28495cabcd7e283f7b95277aaf3262cc46393c2eb32cc99789ad8ff9951b5df4eb5af895e768f82f0e1720835d9848f5b67fe28886f740fdf645f7a8c7a43b0c51cf17848d8e04e8eb61972df7d164c3e6eb999e0fdd3b8620b31d03e37ccec089e0f776be603a3b6", 0x6b}, {&(0x7f0000000180)="d1c1816de9e48fc4192b0b54f7e04fefdc48b7acbcfaaccdfe1727cb3cf863f7142c3742548ba0801731e325c79f6749ee63e35c4f948fdd8bc9ac5f9e68a601c87e7c5faa22e70185d636616006d719e3a9805671b7ad6ebe66812d248630b6c22745933db799af", 0x68}, {&(0x7f0000000940)="dda6def6b5be0114ea3f0193da0da80059a8444617b8572786f065c32653d309ebe153bddc500032452baebbea16eb0596c1444de52d01e9deb184c9dcde363c8b3992c03c899fe2e26c2e2aa0f21d44c7c3969ab41f572d214366f39a60afdb9d2f26905577661bb94d3f8a128f9ac46c0c2200000000000000d459e0903c2c31ecd619a2c1c07ea6e5c864c05b75b669260764aa2c6c08076e6495e31e9ae4650ab54175b0af29f8619dd6a33a5f92255a5d601e88b1219cad05d347f8c8d15221f17ab0c898a522da6304132e35d14eb2804b7c2b09648d266fc65803819a6f70554f4c4811491c2da7577ec1dc0b50c3a461503e4930e140b288d228eac07da14e14055959341e3681506b57f66d58fbbfbcac3fea7c82cfc2bd885f34807b8b8c02320c521adc24eb8468cf4ffc80626ebb1c4a1be68f39c4ac615e9284609a346d70590040e2fc14b460ddb441263bc9abeb6b1d72ae11130210b0263aa6699f5ff1bab0e005fbe266a78c908d649c2eb532", 0x175}, {&(0x7f0000000540)="e7e00aa6f9ba0bb45fe5022b13dad08eb60aa81bd028d42f6635d9cfc3358f37abf9c570146f3b436e7889e031b95091a3cf9222cb938c54185a899d3f68315f0135f2897cf2359e8951bf1cdad746d23faf2e8a49c59df307b10b8a4c53b3b3e488ff059ef864cb18f9f2de8de30a67b6dff3eb6a8a392aa20370a8d2f87922652f9d36d3b6644c", 0x88}], 0x4) r4 = syz_usbip_server_init(0x3) write$usbip_server(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="00000002"], 0x30) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @dev, 0x34}]}, &(0x7f0000002100)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000300)={r5, @in6={{0xa, 0x4e23, 0x7ff, @dev={0xfe, 0x80, '\x00', 0x39}, 0x4000000}}, 0x1, 0x1}, &(0x7f0000000240)=0x88) r6 = socket$kcm(0x10, 0x2, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100009e173610ef171e7206de010203f6090212000100000000090400000002"], 0x0) add_key$fscrypt_v1(&(0x7f0000000000), 0x0, &(0x7f0000000080)={0x0, "5d9bc136c963254c661fb620148b6f72ca6ae2a44829bfa79ec13499f8ec9077d85d879711d98bb1687ad36dfe5f14a7b0ce15c1e6be0e7ecabfdfde0dfa00b1", 0x100000}, 0x48, 0xffffffffffffffff) sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602020000000e000a000d000000028000001294", 0x2e}], 0x1}, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[], 0x7c}}, 0x5) kernel console output (not intermixed with test programs): slave_1: entered promiscuous mode [ 889.704023][T20515] macsec2: entered promiscuous mode [ 889.716090][ T940] usb 1-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 889.728545][ T940] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 889.729986][T20515] team0: entered promiscuous mode [ 889.752661][ T940] usb 1-1: config 0 descriptor?? [ 889.763959][T20517] program syz.1.4171 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 889.767503][ T940] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 889.777469][T20515] macsec2: entered allmulticast mode [ 889.802375][T20515] team0: entered allmulticast mode [ 889.820468][T20515] team_slave_0: entered allmulticast mode [ 889.840510][T20515] team_slave_1: entered allmulticast mode [ 889.866184][T20515] team0: left allmulticast mode [ 889.880473][T20515] team_slave_0: left allmulticast mode [ 889.893334][T20515] team_slave_1: left allmulticast mode [ 889.907681][T20515] team0: left promiscuous mode [ 889.916953][T20515] team_slave_0: left promiscuous mode [ 889.922543][T20515] team_slave_1: left promiscuous mode [ 890.183827][ T5289] usb 2-1: new high-speed USB device number 96 using dummy_hcd [ 890.342134][ T5289] usb 2-1: Using ep0 maxpacket: 8 [ 890.376600][ T5289] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 890.399559][ T5289] usb 2-1: config 1 has no interface number 1 [ 890.420483][ T5289] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 890.457149][ T5289] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 890.467050][ T5289] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 890.480591][ T5289] usb 2-1: Product: syz [ 890.484888][ T5289] usb 2-1: Manufacturer: syz [ 890.504398][ T5289] usb 2-1: SerialNumber: syz [ 890.750657][ T5289] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 890.795495][ T5289] usb 2-1: USB disconnect, device number 96 [ 890.839702][T16876] udevd[16876]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 890.931200][T11757] usb 4-1: new high-speed USB device number 101 using dummy_hcd [ 891.050691][T17566] usb 3-1: new high-speed USB device number 74 using dummy_hcd [ 891.112027][T11757] usb 4-1: Using ep0 maxpacket: 8 [ 891.122005][T11757] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 891.130168][T11757] usb 4-1: config 0 has no interface number 0 [ 891.147543][T11757] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 891.159103][T11757] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 891.180461][T11757] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 891.201451][T11757] usb 4-1: config 0 descriptor?? [ 891.216331][T17566] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 891.227277][T11757] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 891.266412][T17566] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 891.286225][T17566] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 891.305169][T17566] usb 3-1: config 0 descriptor?? [ 891.324717][T17566] pwc: Askey VC010 type 2 USB webcam detected. [ 891.388009][T20537] netlink: 75 bytes leftover after parsing attributes in process `syz.1.4177'. [ 891.541848][T17566] pwc: send_video_command error -71 [ 891.548808][T17566] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 891.569401][T17566] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71 [ 891.602936][T17566] usb 3-1: USB disconnect, device number 74 [ 891.645197][T20544] FAULT_INJECTION: forcing a failure. [ 891.645197][T20544] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 891.680298][T20544] CPU: 0 UID: 0 PID: 20544 Comm: syz.1.4179 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 891.691262][T20544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 891.701357][T20544] Call Trace: [ 891.704673][T20544] [ 891.707646][T20544] dump_stack_lvl+0x241/0x360 [ 891.712373][T20544] ? __pfx_dump_stack_lvl+0x10/0x10 [ 891.717620][T20544] ? __pfx__printk+0x10/0x10 [ 891.722297][T20544] ? __pfx_lock_release+0x10/0x10 [ 891.727392][T20544] ? validate_chain+0x11e/0x5920 [ 891.732379][T20544] should_fail_ex+0x3b0/0x4e0 [ 891.737118][T20544] _copy_from_iter+0x1ed/0x1d60 [ 891.742016][T20544] ? __pfx_validate_chain+0x10/0x10 [ 891.747262][T20544] ? __pfx__copy_from_iter+0x10/0x10 [ 891.752599][T20544] tun_get_user+0x445/0x47e0 [ 891.757228][T20544] ? __pfx_lock_release+0x10/0x10 [ 891.762307][T20544] ? __lock_acquire+0x1384/0x2050 [ 891.767388][T20544] ? __pfx_tun_get_user+0x10/0x10 [ 891.772471][T20544] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 891.777966][T20544] ? tun_get+0x1e/0x2f0 [ 891.782157][T20544] ? __pfx_lock_release+0x10/0x10 [ 891.787236][T20544] ? tun_get+0x1e/0x2f0 [ 891.791427][T20544] ? tun_get+0x27d/0x2f0 [ 891.795700][T20544] tun_chr_write_iter+0x10d/0x1f0 [ 891.800759][T20544] vfs_write+0xa6d/0xc90 [ 891.805036][T20544] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 891.810611][T20544] ? __pfx_vfs_write+0x10/0x10 [ 891.815494][T20544] ? fdget_pos+0x19a/0x320 [ 891.819933][T20544] ksys_write+0x183/0x2b0 [ 891.824284][T20544] ? __pfx_ksys_write+0x10/0x10 [ 891.829182][T20544] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 891.836059][T20544] ? lockdep_hardirqs_on+0x99/0x150 [ 891.841289][T20544] __do_fast_syscall_32+0xb4/0x110 [ 891.846690][T20544] ? exc_page_fault+0x590/0x8c0 [ 891.851571][T20544] do_fast_syscall_32+0x34/0x80 [ 891.856436][T20544] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 891.862785][T20544] RIP: 0023:0xf7f42579 [ 891.866872][T20544] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 891.886608][T20544] RSP: 002b:00000000f56c656c EFLAGS: 00000206 ORIG_RAX: 0000000000000004 [ 891.895077][T20544] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240 [ 891.903078][T20544] RDX: 0000000000000066 RSI: 0000000000000000 RDI: 0000000000000000 [ 891.911070][T20544] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 891.919062][T20544] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 891.927070][T20544] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 891.935105][T20544] [ 891.938334][ C0] vkms_vblank_simulate: vblank timer overrun [ 891.969501][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 891.990559][ T5289] usb 5-1: new high-speed USB device number 83 using dummy_hcd [ 892.161784][ T5289] usb 5-1: device descriptor read/64, error -71 [ 892.360620][T17566] usb 3-1: new high-speed USB device number 75 using dummy_hcd [ 892.400727][ T5289] usb 5-1: new high-speed USB device number 84 using dummy_hcd [ 892.502309][ T8] usb 4-1: USB disconnect, device number 101 [ 892.510820][ T8] iowarrior 4-1:0.1: I/O-Warror #0 now disconnected [ 892.527679][T17566] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 892.550912][ T5289] usb 5-1: device descriptor read/64, error -71 [ 892.560584][T17566] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 892.569758][T17566] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 892.582569][T17566] usb 3-1: config 0 descriptor?? [ 892.603524][T17566] pwc: Askey VC010 type 2 USB webcam detected. [ 892.661234][ T5289] usb usb5-port1: attempt power cycle [ 893.004967][ T5289] usb 5-1: new high-speed USB device number 85 using dummy_hcd [ 893.034057][ T5289] usb 5-1: device descriptor read/8, error -71 [ 893.116968][T20535] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 893.140755][T20535] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 893.158101][T17566] pwc: recv_control_msg error -32 req 02 val 2b00 [ 893.162618][T20555] FAULT_INJECTION: forcing a failure. [ 893.162618][T20555] name failslab, interval 1, probability 0, space 0, times 0 [ 893.177670][T20555] CPU: 1 UID: 0 PID: 20555 Comm: syz.3.4182 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 893.188488][T20555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 893.198609][T20555] Call Trace: [ 893.201926][T20555] [ 893.204891][T20555] dump_stack_lvl+0x241/0x360 [ 893.209704][T20555] ? __pfx_dump_stack_lvl+0x10/0x10 [ 893.214935][T20555] ? __pfx__printk+0x10/0x10 [ 893.219552][T20555] ? fs_reclaim_acquire+0x93/0x140 [ 893.224680][T20555] ? __pfx___might_resched+0x10/0x10 [ 893.229996][T20555] ? dynamic_dname+0x141/0x1b0 [ 893.234787][T20555] should_fail_ex+0x3b0/0x4e0 [ 893.239496][T20555] ? tomoyo_encode+0x26f/0x540 [ 893.244283][T20555] should_failslab+0xac/0x100 [ 893.249001][T20555] ? tomoyo_encode+0x26f/0x540 [ 893.253799][T20555] __kmalloc_noprof+0xd8/0x400 [ 893.258596][T20555] tomoyo_encode+0x26f/0x540 [ 893.263212][T20555] ? __pfx_ns_dname+0x10/0x10 [ 893.267928][T20555] tomoyo_realpath_from_path+0x59e/0x5e0 [ 893.273596][T20555] tomoyo_path_number_perm+0x23a/0x880 [ 893.279093][T20555] ? __pfx_lock_acquire+0x10/0x10 [ 893.284184][T20555] ? tomoyo_path_number_perm+0x208/0x880 [ 893.289875][T20555] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 893.295891][T20555] ? kstrtouint_from_user+0x128/0x190 [ 893.301320][T20555] ? sb_end_write+0xe9/0x1c0 [ 893.305984][T20555] ? vfs_write+0x7bf/0xc90 [ 893.310447][T20555] ? kmem_cache_free+0x1a2/0x420 [ 893.315429][T20555] ? do_sys_openat2+0x17a/0x1d0 [ 893.320313][T20555] security_file_ioctl_compat+0xc6/0x2a0 [ 893.326285][T20555] __se_compat_sys_ioctl+0xd6/0xc90 [ 893.331513][T20555] ? __pfx___se_compat_sys_ioctl+0x10/0x10 [ 893.337802][T20555] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 893.343857][T20555] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 893.350217][T20555] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 893.356856][T20555] ? lockdep_hardirqs_on+0x99/0x150 [ 893.362143][T20555] __do_fast_syscall_32+0xb4/0x110 [ 893.367299][T20555] ? exc_page_fault+0x590/0x8c0 [ 893.372183][T20555] do_fast_syscall_32+0x34/0x80 [ 893.377052][T20555] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 893.383399][T20555] RIP: 0023:0xf740d579 [ 893.387484][T20555] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 893.407206][T20555] RSP: 002b:00000000f56f656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 893.415760][T20555] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000005000940b [ 893.423752][T20555] RDX: 0000000020000600 RSI: 0000000000000000 RDI: 0000000000000000 [ 893.431835][T20555] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 893.439839][T20555] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 893.448026][T20555] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 893.456049][T20555] [ 893.470910][T17566] pwc: recv_control_msg error -32 req 02 val 2700 [ 893.507015][T17566] pwc: recv_control_msg error -32 req 02 val 2c00 [ 893.513864][ T940] gspca_vc032x: reg_w err -71 [ 893.518923][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 893.527416][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 893.534313][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 893.540868][ T5289] usb 5-1: new high-speed USB device number 86 using dummy_hcd [ 893.548623][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 893.554539][T20555] ERROR: Out of memory at tomoyo_realpath_from_path. [ 893.561662][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 893.568441][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 893.591307][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 893.597842][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 893.603349][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 893.608723][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 893.614231][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 893.619633][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 893.620000][T20559] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 893.625359][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 893.637548][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 893.646111][ T5289] usb 5-1: device descriptor read/8, error -71 [ 893.655024][ T5245] Bluetooth: hci2: unexpected subevent 0x01 length: 78 > 18 [ 893.662585][ T5245] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 893.672508][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 893.677914][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 893.684418][ T940] gspca_vc032x: I2c Bus Busy Wait 00 [ 893.689925][ T940] gspca_vc032x: Unknown sensor... [ 893.695304][ T940] vc032x 1-1:0.0: probe with driver vc032x failed with error -22 [ 893.706363][ T940] usb 1-1: USB disconnect, device number 104 [ 893.762826][ T5289] usb usb5-port1: unable to enumerate USB device [ 894.708803][T20575] netlink: 'syz.1.4188': attribute type 21 has an invalid length. [ 894.716857][T20575] netlink: 128 bytes leftover after parsing attributes in process `syz.1.4188'. [ 894.736288][T20575] netlink: 'syz.1.4188': attribute type 5 has an invalid length. [ 894.757547][T20575] netlink: 3 bytes leftover after parsing attributes in process `syz.1.4188'. [ 894.821090][ T5290] usb 1-1: new high-speed USB device number 105 using dummy_hcd [ 894.940070][T20585] netlink: 'syz.4.4192': attribute type 9 has an invalid length. [ 894.948323][T20585] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.4192'. [ 895.002112][ T5290] usb 1-1: Using ep0 maxpacket: 8 [ 895.015764][ T5290] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 895.025606][ T5290] usb 1-1: config 1 has no interface number 1 [ 895.035235][ T5290] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 895.051498][T20587] netlink: 'syz.4.4192': attribute type 9 has an invalid length. [ 895.057770][ T5290] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 895.070294][ T5290] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 895.073638][T20587] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.4192'. [ 895.085721][ T5290] usb 1-1: Product: syz [ 895.099613][ T5290] usb 1-1: Manufacturer: syz [ 895.104829][ T5290] usb 1-1: SerialNumber: syz [ 895.112299][T11757] usb 2-1: new high-speed USB device number 97 using dummy_hcd [ 895.136348][T20585] dns_resolver: Unsupported content type (98) [ 895.309701][T11757] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 895.321563][T11757] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 895.360534][ T5290] usb 1-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 895.367097][T11757] usb 2-1: config 0 descriptor?? [ 895.375667][T11757] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 895.396563][ T5290] usb 1-1: USB disconnect, device number 105 [ 895.402604][ T940] usb 5-1: new high-speed USB device number 87 using dummy_hcd [ 895.510569][T16876] udevd[16876]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 895.552244][ T940] usb 5-1: Using ep0 maxpacket: 32 [ 895.569361][ T940] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 895.594113][ T940] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 895.611893][ T940] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 895.631528][ T940] usb 5-1: Product: syz [ 895.638194][ T940] usb 5-1: Manufacturer: syz [ 895.650613][ T940] usb 5-1: SerialNumber: syz [ 895.674231][ T940] usb 5-1: bad CDC descriptors [ 895.695418][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 895.695440][ T29] audit: type=1326 audit(1728275644.724:1697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20593 comm="syz.2.4194" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 895.770913][ T29] audit: type=1326 audit(1728275644.724:1698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20593 comm="syz.2.4194" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 895.820594][ T29] audit: type=1326 audit(1728275644.724:1699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20593 comm="syz.2.4194" exe="/root/syz-executor" sig=0 arch=40000003 syscall=444 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 895.853835][ T29] audit: type=1326 audit(1728275644.734:1700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20593 comm="syz.2.4194" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 895.888861][ T9] usb 5-1: USB disconnect, device number 87 [ 895.920442][ T29] audit: type=1326 audit(1728275644.734:1701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20593 comm="syz.2.4194" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 895.990556][ T29] audit: type=1326 audit(1728275644.734:1702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20593 comm="syz.2.4194" exe="/root/syz-executor" sig=0 arch=40000003 syscall=445 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 896.016317][ T29] audit: type=1326 audit(1728275644.734:1703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20593 comm="syz.2.4194" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 896.041722][ T29] audit: type=1326 audit(1728275644.734:1704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20593 comm="syz.2.4194" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 896.066233][ T29] audit: type=1326 audit(1728275644.734:1705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20593 comm="syz.2.4194" exe="/root/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 896.088829][ T29] audit: type=1326 audit(1728275644.774:1706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20593 comm="syz.2.4194" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 896.493705][T20611] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 896.520223][T20611] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 896.561626][T20610] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 896.590485][T17327] Bluetooth: hci0: unexpected subevent 0x01 length: 78 > 18 [ 896.597898][T17327] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 896.761782][T20613] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4200'. [ 896.834109][T20613] batman_adv: batadv1: Adding interface: netdevsim0 [ 896.834133][T20613] batman_adv: batadv1: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 896.834335][T20613] batman_adv: batadv1: Interface activated: netdevsim0 [ 896.879226][T20613] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4200'. [ 896.879311][T20613] batman_adv: batadv1: Interface deactivated: netdevsim0 [ 896.879355][T20613] batman_adv: batadv1: Removing interface: netdevsim0 [ 897.698532][T11757] usb 2-1: USB disconnect, device number 97 [ 898.013572][ T54] Bluetooth: hci2: command 0x0406 tx timeout [ 898.092114][T20634] Failed to get privilege flags for destination (handle=0x2:0x0) [ 898.303050][T20640] netlink: 4272 bytes leftover after parsing attributes in process `syz.2.4210'. [ 898.512139][ T9] usb 1-1: new high-speed USB device number 106 using dummy_hcd [ 898.570785][T17566] pwc: recv_control_msg error -110 req 04 val 1000 [ 898.578024][T17566] pwc: recv_control_msg error -32 req 04 val 1300 [ 898.591635][T17566] pwc: recv_control_msg error -32 req 04 val 1400 [ 898.599020][T17566] pwc: recv_control_msg error -32 req 02 val 2000 [ 898.619099][T17566] pwc: recv_control_msg error -32 req 02 val 2100 [ 898.650303][T17566] pwc: recv_control_msg error -32 req 04 val 1500 [ 898.673260][ T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 898.684322][T17566] pwc: recv_control_msg error -32 req 02 val 2500 [ 898.690967][ T9] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 898.705899][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 898.715593][T17566] pwc: recv_control_msg error -32 req 02 val 2400 [ 898.731437][ T9] usb 1-1: config 0 descriptor?? [ 898.736772][T17566] pwc: recv_control_msg error -32 req 02 val 2600 [ 898.751346][T17566] pwc: recv_control_msg error -32 req 02 val 2900 [ 898.761589][ T9] pwc: Askey VC010 type 2 USB webcam detected. [ 898.779735][T17566] pwc: recv_control_msg error -32 req 02 val 2800 [ 898.808619][T17566] pwc: recv_control_msg error -32 req 04 val 1100 [ 898.824236][T17566] pwc: recv_control_msg error -32 req 04 val 1200 [ 898.864880][T17566] pwc: Registered as video71. [ 898.872039][T17566] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input173 [ 898.935123][T20656] FAULT_INJECTION: forcing a failure. [ 898.935123][T20656] name failslab, interval 1, probability 0, space 0, times 0 [ 898.974605][ T9] pwc: send_video_command error -71 [ 898.979903][ T9] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 898.989620][ T9] Philips webcam 1-1:0.0: probe with driver Philips webcam failed with error -71 [ 898.999392][T20656] CPU: 0 UID: 0 PID: 20656 Comm: syz.3.4216 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 899.010302][T20656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 899.020418][T20656] Call Trace: [ 899.023748][T20656] [ 899.027249][T20656] dump_stack_lvl+0x241/0x360 [ 899.031983][T20656] ? __pfx_dump_stack_lvl+0x10/0x10 [ 899.037245][T20656] ? __pfx__printk+0x10/0x10 [ 899.041935][T20656] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 899.048029][T20656] ? __pfx___might_resched+0x10/0x10 [ 899.053495][T20656] should_fail_ex+0x3b0/0x4e0 [ 899.058246][T20656] should_failslab+0xac/0x100 [ 899.062981][T20656] ? __alloc_skb+0x1c3/0x440 [ 899.067631][T20656] kmem_cache_alloc_node_noprof+0x71/0x320 [ 899.073511][T20656] __alloc_skb+0x1c3/0x440 [ 899.077992][T20656] ? __pfx___alloc_skb+0x10/0x10 [ 899.083784][T20656] ? netlink_autobind+0xd6/0x2f0 [ 899.088770][T20656] ? netlink_autobind+0x2b0/0x2f0 [ 899.093871][T20656] netlink_sendmsg+0x638/0xcb0 [ 899.099177][T20656] ? __pfx_netlink_sendmsg+0x10/0x10 [ 899.104534][T20656] ? __pfx_lock_release+0x10/0x10 [ 899.109636][T20656] ? aa_sock_msg_perm+0x91/0x160 [ 899.114828][T20656] ? __pfx_netlink_sendmsg+0x10/0x10 [ 899.120173][T20656] __sock_sendmsg+0x221/0x270 [ 899.124938][T20656] ____sys_sendmsg+0x52a/0x7e0 [ 899.129770][T20656] ? __pfx_____sys_sendmsg+0x10/0x10 [ 899.135145][T20656] __sys_sendmsg+0x292/0x380 [ 899.139814][T20656] ? __pfx___sys_sendmsg+0x10/0x10 [ 899.145005][T20656] ? __pfx_vfs_write+0x10/0x10 [ 899.149859][T20656] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 899.156530][T20656] ? lockdep_hardirqs_on+0x99/0x150 [ 899.161851][T20656] __do_fast_syscall_32+0xb4/0x110 [ 899.167033][T20656] ? exc_page_fault+0x590/0x8c0 [ 899.171960][T20656] do_fast_syscall_32+0x34/0x80 [ 899.176873][T20656] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 899.183257][T20656] RIP: 0023:0xf740d579 [ 899.187378][T20656] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 899.207143][T20656] RSP: 002b:00000000f56d556c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 899.215629][T20656] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000200007c0 [ 899.223656][T20656] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 899.231676][T20656] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 899.239694][T20656] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 899.247713][T20656] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 899.255844][T20656] [ 899.271198][ T9] usb 1-1: USB disconnect, device number 106 [ 899.313463][T20660] FAULT_INJECTION: forcing a failure. [ 899.313463][T20660] name failslab, interval 1, probability 0, space 0, times 0 [ 899.365493][T20660] CPU: 1 UID: 0 PID: 20660 Comm: syz.4.4217 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 899.376334][T20660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 899.386445][T20660] Call Trace: [ 899.389777][T20660] [ 899.392763][T20660] dump_stack_lvl+0x241/0x360 [ 899.397496][T20660] ? __pfx_dump_stack_lvl+0x10/0x10 [ 899.402756][T20660] ? __pfx__printk+0x10/0x10 [ 899.407414][T20660] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 899.413489][T20660] ? __pfx___might_resched+0x10/0x10 [ 899.418844][T20660] should_fail_ex+0x3b0/0x4e0 [ 899.423598][T20660] should_failslab+0xac/0x100 [ 899.428334][T20660] ? __alloc_skb+0x1c3/0x440 [ 899.432976][T20660] kmem_cache_alloc_node_noprof+0x71/0x320 [ 899.438834][T20660] __alloc_skb+0x1c3/0x440 [ 899.443279][T20660] ? __pfx___alloc_skb+0x10/0x10 [ 899.448249][T20660] ? netlink_autobind+0xd6/0x2f0 [ 899.453237][T20660] ? netlink_autobind+0x2b0/0x2f0 [ 899.458293][T20660] netlink_sendmsg+0x638/0xcb0 [ 899.463080][T20660] ? __pfx_netlink_sendmsg+0x10/0x10 [ 899.468382][T20660] ? __pfx_lock_release+0x10/0x10 [ 899.473429][T20660] ? aa_sock_msg_perm+0x91/0x160 [ 899.478390][T20660] ? __pfx_netlink_sendmsg+0x10/0x10 [ 899.483696][T20660] __sock_sendmsg+0x221/0x270 [ 899.488402][T20660] ____sys_sendmsg+0x52a/0x7e0 [ 899.493188][T20660] ? __pfx_____sys_sendmsg+0x10/0x10 [ 899.498504][T20660] __sys_sendmsg+0x292/0x380 [ 899.503114][T20660] ? __pfx___sys_sendmsg+0x10/0x10 [ 899.508254][T20660] ? __pfx_vfs_write+0x10/0x10 [ 899.513080][T20660] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 899.519723][T20660] ? lockdep_hardirqs_on+0x99/0x150 [ 899.525043][T20660] __do_fast_syscall_32+0xb4/0x110 [ 899.530174][T20660] ? exc_page_fault+0x590/0x8c0 [ 899.535057][T20660] do_fast_syscall_32+0x34/0x80 [ 899.539921][T20660] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 899.546267][T20660] RIP: 0023:0xf7fc0579 [ 899.550455][T20660] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 899.570188][T20660] RSP: 002b:00000000f574656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 899.578629][T20660] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000280 [ 899.586740][T20660] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 899.594822][T20660] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 899.602806][T20660] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 899.610887][T20660] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 899.618886][T20660] [ 899.870484][ T9] usb 1-1: new high-speed USB device number 107 using dummy_hcd [ 900.032664][ T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 900.053583][ T9] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 900.072780][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 900.103643][ T9] usb 1-1: config 0 descriptor?? [ 900.130048][ T9] pwc: Askey VC010 type 2 USB webcam detected. [ 900.302727][T20671] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 900.305659][T20671] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 900.314393][T20669] syz_tun: refused to change device tx_queue_len [ 900.314420][T20669] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 900.321600][T20669] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 900.337185][T20669] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 900.832175][T20692] openvswitch: netlink: Actions may not be safe on all matching packets [ 900.838263][ T9] pwc: recv_control_msg error -71 req 02 val 2b00 [ 900.838793][ T9] pwc: recv_control_msg error -71 req 02 val 2700 [ 900.840081][ T9] pwc: recv_control_msg error -71 req 02 val 2c00 [ 900.840700][ T9] pwc: recv_control_msg error -71 req 04 val 1000 [ 900.841041][ T9] pwc: recv_control_msg error -71 req 04 val 1300 [ 900.841417][ T9] pwc: recv_control_msg error -71 req 04 val 1400 [ 900.841743][ T9] pwc: recv_control_msg error -71 req 02 val 2000 [ 900.842971][ T9] pwc: recv_control_msg error -71 req 02 val 2100 [ 900.845826][ T9] pwc: recv_control_msg error -71 req 04 val 1500 [ 900.846683][ T9] pwc: recv_control_msg error -71 req 02 val 2500 [ 900.847021][ T9] pwc: recv_control_msg error -71 req 02 val 2400 [ 900.847344][ T9] pwc: recv_control_msg error -71 req 02 val 2600 [ 900.848430][T20692] vlan2: entered promiscuous mode [ 900.850558][ T9] pwc: recv_control_msg error -71 req 02 val 2900 [ 900.851432][ T9] pwc: recv_control_msg error -71 req 02 val 2800 [ 900.852424][ T9] pwc: recv_control_msg error -71 req 04 val 1100 [ 900.852757][ T9] pwc: recv_control_msg error -71 req 04 val 1200 [ 900.855556][ T9] pwc: Registered as video72. [ 900.856736][ T9] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input175 [ 900.891511][ T9] usb 1-1: USB disconnect, device number 107 [ 901.332835][ T5290] usb 2-1: new high-speed USB device number 98 using dummy_hcd [ 901.371827][T20703] netlink: 'syz.0.4230': attribute type 29 has an invalid length. [ 901.380912][T20703] netlink: 'syz.0.4230': attribute type 29 has an invalid length. [ 901.383237][T20703] netlink: 'syz.0.4230': attribute type 29 has an invalid length. [ 901.396450][T20703] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4230'. [ 901.396486][T20703] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes. [ 901.500827][ T5290] usb 2-1: Using ep0 maxpacket: 16 [ 901.505013][ T5290] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00 [ 901.505051][ T5290] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 901.505076][ T5290] usb 2-1: Product: syz [ 901.505095][ T5290] usb 2-1: Manufacturer: syz [ 901.505114][ T5290] usb 2-1: SerialNumber: syz [ 901.521018][ T5290] usb 2-1: config 0 descriptor?? [ 901.537665][ T5290] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 901.538411][ T5290] usb 2-1: Detected FT-X [ 901.806409][ T5290] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 901.820064][ T5290] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 901.843501][ T5290] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71 [ 901.874889][T20713] FAULT_INJECTION: forcing a failure. [ 901.874889][T20713] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 901.888565][ T5290] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 901.899294][T20713] CPU: 0 UID: 0 PID: 20713 Comm: syz.4.4235 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 901.910125][T20713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 901.913495][ T5290] usb 2-1: USB disconnect, device number 98 [ 901.920285][T20713] Call Trace: [ 901.929515][T20713] [ 901.932489][T20713] dump_stack_lvl+0x241/0x360 [ 901.937215][T20713] ? __pfx_dump_stack_lvl+0x10/0x10 [ 901.942556][T20713] ? __pfx__printk+0x10/0x10 [ 901.947213][T20713] should_fail_ex+0x3b0/0x4e0 [ 901.951949][T20713] _copy_from_user+0x2f/0xe0 [ 901.956592][T20713] move_addr_to_kernel+0x82/0x150 [ 901.961672][T20713] get_compat_msghdr+0x425/0x730 [ 901.966650][T20713] ? __pfx_get_compat_msghdr+0x10/0x10 [ 901.972124][T20713] ? __fget_files+0x3f3/0x470 [ 901.976857][T20713] __sys_sendmsg+0x25d/0x380 [ 901.981484][T20713] ? __pfx___sys_sendmsg+0x10/0x10 [ 901.986662][T20713] ? __pfx_vfs_write+0x10/0x10 [ 901.991508][T20713] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 901.998169][T20713] ? lockdep_hardirqs_on+0x99/0x150 [ 902.003436][T20713] __do_fast_syscall_32+0xb4/0x110 [ 902.008597][T20713] ? exc_page_fault+0x590/0x8c0 [ 902.013604][T20713] do_fast_syscall_32+0x34/0x80 [ 902.018501][T20713] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 902.024880][T20713] RIP: 0023:0xf7fc0579 [ 902.029097][T20713] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 902.048751][T20713] RSP: 002b:00000000f574656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 902.057221][T20713] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000240 [ 902.065241][T20713] RDX: 0000000004044044 RSI: 0000000000000000 RDI: 0000000000000000 [ 902.073328][T20713] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 902.081356][T20713] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 902.089371][T20713] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 902.097408][T20713] [ 902.106477][ T5290] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 902.117506][ T5290] ftdi_sio 2-1:0.0: device disconnected [ 902.182320][T20715] input: syz0 as /devices/virtual/input/input176 [ 902.277780][T20721] netlink: 64 bytes leftover after parsing attributes in process `syz.4.4236'. [ 902.291010][T20717] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4234'. [ 902.465289][T20726] loop2: detected capacity change from 0 to 7 [ 902.484791][T20726] Dev loop2: unable to read RDB block 7 [ 902.500161][T20726] loop2: unable to read partition table [ 902.520694][T17566] usb 4-1: new high-speed USB device number 102 using dummy_hcd [ 902.539632][T20726] loop2: partition table beyond EOD, truncated [ 902.559443][T20726] loop_reread_partitions: partition scan of loop2 (þ被) failed (rc=-5) [ 902.680482][T17566] usb 4-1: Using ep0 maxpacket: 32 [ 902.689506][T17566] usb 4-1: config index 0 descriptor too short (expected 156, got 27) [ 902.708432][T17566] usb 4-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 902.729318][T17566] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 902.744845][T17566] usb 4-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 902.759234][T17566] usb 4-1: config 0 interface 0 has no altsetting 0 [ 902.766153][ T9] usb 5-1: new high-speed USB device number 88 using dummy_hcd [ 902.780913][T17566] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 902.793473][T17566] usb 4-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 902.802341][T17566] usb 4-1: Product: syz [ 902.806520][T17566] usb 4-1: Manufacturer: syz [ 902.811412][T17566] usb 4-1: SerialNumber: syz [ 902.827205][T17566] usb 4-1: config 0 descriptor?? [ 902.868718][T17566] ldusb 4-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 902.870958][T20732] input: syz0 as /devices/virtual/input/input177 [ 902.925117][T20732] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4241'. [ 902.997658][T17566] ldusb 4-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 903.050749][ T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 903.061392][ T9] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 903.070909][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 903.112828][ T9] usb 5-1: config 0 descriptor?? [ 903.132338][ T9] pwc: Askey VC010 type 2 USB webcam detected. [ 903.135285][ T54] Bluetooth: hci4: command 0x0406 tx timeout [ 903.579169][ T9] pwc: send_video_command error -71 [ 903.584611][ T9] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 903.592471][ T9] Philips webcam 5-1:0.0: probe with driver Philips webcam failed with error -71 [ 903.621325][ T9] usb 5-1: USB disconnect, device number 88 [ 903.627704][T20736] FAULT_INJECTION: forcing a failure. [ 903.627704][T20736] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 903.646130][T20736] CPU: 1 UID: 0 PID: 20736 Comm: syz.0.4244 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 903.656934][T20736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 903.667207][T20736] Call Trace: [ 903.670505][T20736] [ 903.673456][T20736] dump_stack_lvl+0x241/0x360 [ 903.678269][T20736] ? __pfx_dump_stack_lvl+0x10/0x10 [ 903.683499][T20736] ? __pfx__printk+0x10/0x10 [ 903.688153][T20736] should_fail_ex+0x3b0/0x4e0 [ 903.692851][T20736] _copy_from_user+0x2f/0xe0 [ 903.697464][T20736] move_addr_to_kernel+0x82/0x150 [ 903.702541][T20736] get_compat_msghdr+0x425/0x730 [ 903.707517][T20736] ? __pfx_get_compat_msghdr+0x10/0x10 [ 903.713081][T20736] ? __fget_files+0x3f3/0x470 [ 903.717793][T20736] __sys_sendmsg+0x25d/0x380 [ 903.722412][T20736] ? __pfx___sys_sendmsg+0x10/0x10 [ 903.727552][T20736] ? __pfx_vfs_write+0x10/0x10 [ 903.732363][T20736] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 903.738971][T20736] ? lockdep_hardirqs_on+0x99/0x150 [ 903.744188][T20736] __do_fast_syscall_32+0xb4/0x110 [ 903.749308][T20736] ? exc_page_fault+0x590/0x8c0 [ 903.754173][T20736] do_fast_syscall_32+0x34/0x80 [ 903.759025][T20736] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 903.765375][T20736] RIP: 0023:0xf73cd579 [ 903.769460][T20736] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 903.789081][T20736] RSP: 002b:00000000f56b656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 903.797618][T20736] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040 [ 903.805631][T20736] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 903.813628][T20736] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 903.821620][T20736] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 903.829603][T20736] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 903.837593][T20736] [ 903.944122][T20739] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 903.953509][T20739] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 904.048486][T20745] FAULT_INJECTION: forcing a failure. [ 904.048486][T20745] name failslab, interval 1, probability 0, space 0, times 0 [ 904.069889][T20745] CPU: 1 UID: 0 PID: 20745 Comm: syz.1.4247 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 904.080734][T20745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 904.090840][T20745] Call Trace: [ 904.094248][T20745] [ 904.097632][T20745] dump_stack_lvl+0x241/0x360 [ 904.102338][T20745] ? __pfx_dump_stack_lvl+0x10/0x10 [ 904.107665][T20745] ? __pfx__printk+0x10/0x10 [ 904.112286][T20745] ? fs_reclaim_acquire+0x93/0x140 [ 904.117428][T20745] ? __pfx___might_resched+0x10/0x10 [ 904.122864][T20745] should_fail_ex+0x3b0/0x4e0 [ 904.127599][T20745] ? tomoyo_encode+0x26f/0x540 [ 904.132410][T20745] should_failslab+0xac/0x100 [ 904.137111][T20745] ? tomoyo_encode+0x26f/0x540 [ 904.141902][T20745] __kmalloc_noprof+0xd8/0x400 [ 904.146694][T20745] tomoyo_encode+0x26f/0x540 [ 904.151334][T20745] tomoyo_realpath_from_path+0x59e/0x5e0 [ 904.157008][T20745] tomoyo_path_number_perm+0x23a/0x880 [ 904.162598][T20745] ? tomoyo_path_number_perm+0x208/0x880 [ 904.168285][T20745] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 904.174304][T20745] ? __pfx_lock_acquire+0x10/0x10 [ 904.179455][T20745] ? __fget_files+0x29/0x470 [ 904.184099][T20745] ? __fget_files+0x3f3/0x470 [ 904.188802][T20745] security_file_ioctl_compat+0xc6/0x2a0 [ 904.194468][T20745] __se_compat_sys_ioctl+0xd6/0xc90 [ 904.199697][T20745] ? __pfx___se_compat_sys_ioctl+0x10/0x10 [ 904.205526][T20745] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 904.211538][T20745] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 904.217898][T20745] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 904.224509][T20745] ? lockdep_hardirqs_on+0x99/0x150 [ 904.229735][T20745] __do_fast_syscall_32+0xb4/0x110 [ 904.234861][T20745] ? exc_page_fault+0x590/0x8c0 [ 904.239739][T20745] do_fast_syscall_32+0x34/0x80 [ 904.244617][T20745] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 904.250959][T20745] RIP: 0023:0xf7f42579 [ 904.255044][T20745] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 904.274840][T20745] RSP: 002b:00000000f56c656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 904.283288][T20745] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c018643a [ 904.291277][T20745] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 904.299265][T20745] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 904.307425][T20745] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 904.315434][T20745] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 904.323449][T20745] [ 904.329483][T20745] ERROR: Out of memory at tomoyo_realpath_from_path. [ 904.347043][T17566] usb 4-1: USB disconnect, device number 102 [ 904.382078][T17566] ldusb 4-1:0.0: LD USB Device #0 now disconnected [ 904.408854][T20750] bridge0: port 3(syz_tun) entered blocking state [ 904.415937][T20750] bridge0: port 3(syz_tun) entered disabled state [ 904.422747][T20750] syz_tun: entered allmulticast mode [ 904.429135][T20750] syz_tun: entered promiscuous mode [ 904.470669][T11757] usb 3-1: USB disconnect, device number 75 [ 904.533710][ T9] usb 5-1: new high-speed USB device number 89 using dummy_hcd [ 904.671889][ T1831] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 904.741238][ T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 904.751875][ T9] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 904.774040][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 904.829012][ T9] usb 5-1: config 0 descriptor?? [ 904.863087][ T9] pwc: Askey VC010 type 2 USB webcam detected. [ 904.869350][ T1831] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 904.948735][ T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 904.962050][ T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 904.971463][ T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 905.008113][ T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 905.009043][ T1831] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 905.028204][ T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 905.040613][T17566] usb 1-1: new high-speed USB device number 108 using dummy_hcd [ 905.048585][ T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 905.061098][T10910] usb 2-1: new high-speed USB device number 99 using dummy_hcd [ 905.142610][T20759] netlink: 'syz.3.4252': attribute type 9 has an invalid length. [ 905.153686][ T1831] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 905.160465][T20759] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.4252'. [ 905.201823][T17566] usb 1-1: Using ep0 maxpacket: 16 [ 905.232266][T17566] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 905.235251][T10910] usb 2-1: Using ep0 maxpacket: 32 [ 905.252163][T17566] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 905.268273][T17566] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 905.274328][T10910] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 1024, setting to 64 [ 905.282200][T20763] dns_resolver: Unsupported content type (98) [ 905.296240][T20761] netlink: 'syz.3.4252': attribute type 9 has an invalid length. [ 905.309721][T10910] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid maxpacket 512, setting to 64 [ 905.324346][T10910] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1c.48 [ 905.333890][T10910] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 905.342042][T10910] usb 2-1: Product: syz [ 905.346254][T10910] usb 2-1: Manufacturer: syz [ 905.350993][T10910] usb 2-1: SerialNumber: syz [ 905.357734][T10910] usb 2-1: config 0 descriptor?? [ 905.388997][T20761] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.4252'. [ 905.390557][T17566] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 905.431568][T17566] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 905.451694][T17566] usb 1-1: config 0 descriptor?? [ 905.589515][T10910] ath6kl: Failed to submit usb control message: -71 [ 905.614297][T20760] chnl_net:caif_netlink_parms(): no params data found [ 905.622047][ T5290] usb 4-1: new high-speed USB device number 103 using dummy_hcd [ 905.630968][T10910] ath6kl: unable to send the bmi data to the device: -71 [ 905.638049][T10910] ath6kl: Unable to send get target info: -71 [ 905.675712][T10910] ath6kl: Failed to init ath6kl core: -71 [ 905.695369][T10910] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 905.747412][T10910] usb 2-1: USB disconnect, device number 99 [ 905.770067][ T1831] bridge_slave_1: left allmulticast mode [ 905.782916][ T1831] bridge_slave_1: left promiscuous mode [ 905.788872][ T1831] bridge0: port 2(bridge_slave_1) entered disabled state [ 905.817426][ T1831] bridge_slave_0: left allmulticast mode [ 905.830608][ T1831] bridge_slave_0: left promiscuous mode [ 905.831794][ T5290] usb 4-1: Using ep0 maxpacket: 32 [ 905.841190][ T1831] bridge0: port 1(bridge_slave_0) entered disabled state [ 905.856848][ T5290] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 905.876747][ T5290] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 905.888571][ T5290] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 905.908834][ T5290] usb 4-1: Product: syz [ 905.917305][ T5290] usb 4-1: Manufacturer: syz [ 905.927913][ T5290] usb 4-1: SerialNumber: syz [ 905.929276][T17566] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0019/input/input178 [ 905.987182][ T5290] usb 4-1: bad CDC descriptors [ 906.248358][ T5290] usb 4-1: USB disconnect, device number 103 [ 906.280451][T17566] microsoft 0003:045E:07DA.0019: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 906.518885][T20787] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 906.536394][T20781] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 906.549211][T20787] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 906.576926][ T5245] Bluetooth: hci2: unexpected subevent 0x01 length: 78 > 18 [ 906.584811][ T5245] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 906.712763][ T1831] dvmrp0 (unregistering): left allmulticast mode [ 906.934818][T20797] netlink: 64 bytes leftover after parsing attributes in process `syz.3.4257'. [ 907.140150][ T54] Bluetooth: hci3: command tx timeout [ 907.226789][T20800] input: syz0 as /devices/virtual/input/input179 [ 907.234085][ T940] usb 1-1: reset high-speed USB device number 108 using dummy_hcd [ 907.244810][ T1831] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 907.296285][ T1831] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 907.356340][ T1831] bond0 (unregistering): Released all slaves [ 907.529612][T20800] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4258'. [ 907.618360][ T1831] tipc: Disabling bearer [ 907.649577][ T1831] tipc: Left network mode [ 908.157675][T20760] bridge0: port 1(bridge_slave_0) entered blocking state [ 908.220991][T20760] bridge0: port 1(bridge_slave_0) entered disabled state [ 908.229140][T20760] bridge_slave_0: entered allmulticast mode [ 908.289461][T20760] bridge_slave_0: entered promiscuous mode [ 908.299133][T20760] bridge0: port 2(bridge_slave_1) entered blocking state [ 908.306955][T20760] bridge0: port 2(bridge_slave_1) entered disabled state [ 908.314435][T20760] bridge_slave_1: entered allmulticast mode [ 908.322129][T20760] bridge_slave_1: entered promiscuous mode [ 908.378703][T20829] FAULT_INJECTION: forcing a failure. [ 908.378703][T20829] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 908.452066][T20829] CPU: 0 UID: 0 PID: 20829 Comm: syz.0.4264 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 908.463092][T20829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 908.473288][T20829] Call Trace: [ 908.476613][T20829] [ 908.479766][T20829] dump_stack_lvl+0x241/0x360 [ 908.484500][T20829] ? __pfx_dump_stack_lvl+0x10/0x10 [ 908.489755][T20829] ? __pfx__printk+0x10/0x10 [ 908.494427][T20829] ? __pfx_lock_release+0x10/0x10 [ 908.499511][T20829] ? __lock_acquire+0x1384/0x2050 [ 908.504604][T20829] should_fail_ex+0x3b0/0x4e0 [ 908.509357][T20829] _copy_from_user+0x2f/0xe0 [ 908.514039][T20829] kstrtouint_from_user+0xc6/0x190 [ 908.519209][T20829] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 908.524983][T20829] ? __pfx_lock_acquire+0x10/0x10 [ 908.530083][T20829] proc_fail_nth_write+0xaa/0x2d0 [ 908.535170][T20829] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 908.541118][T20829] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 908.546920][T20829] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 908.552613][T20829] vfs_write+0x29c/0xc90 [ 908.556931][T20829] ? __pfx_vfs_write+0x10/0x10 [ 908.561809][T20829] ? __fget_files+0x3f3/0x470 [ 908.566507][T20829] ? fdget_pos+0x24e/0x320 [ 908.570940][T20829] ksys_write+0x183/0x2b0 [ 908.575289][T20829] ? __pfx_ksys_write+0x10/0x10 [ 908.580153][T20829] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 908.586781][T20829] ? lockdep_hardirqs_on+0x99/0x150 [ 908.592020][T20829] __do_fast_syscall_32+0xb4/0x110 [ 908.597164][T20829] ? exc_page_fault+0x590/0x8c0 [ 908.602051][T20829] do_fast_syscall_32+0x34/0x80 [ 908.607003][T20829] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 908.613344][T20829] RIP: 0023:0xf73cd579 [ 908.617436][T20829] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 908.637247][T20829] RSP: 002b:00000000f56955a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000004 [ 908.645798][T20829] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5695620 [ 908.653795][T20829] RDX: 0000000000000001 RSI: 00000000f73bbff4 RDI: 0000000000000000 [ 908.661779][T20829] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 908.669763][T20829] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 908.677748][T20829] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 908.686006][T20829] [ 908.689049][ C0] vkms_vblank_simulate: vblank timer overrun [ 908.725220][T20835] FAULT_INJECTION: forcing a failure. [ 908.725220][T20835] name failslab, interval 1, probability 0, space 0, times 0 [ 908.787615][T20835] CPU: 0 UID: 0 PID: 20835 Comm: syz.3.4266 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 908.798472][T20835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 908.808610][T20835] Call Trace: [ 908.811928][T20835] [ 908.814889][T20835] dump_stack_lvl+0x241/0x360 [ 908.819580][T20835] ? __pfx_dump_stack_lvl+0x10/0x10 [ 908.824803][T20835] ? __pfx__printk+0x10/0x10 [ 908.829456][T20835] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 908.835586][T20835] ? __pfx___might_resched+0x10/0x10 [ 908.840941][T20835] should_fail_ex+0x3b0/0x4e0 [ 908.845671][T20835] should_failslab+0xac/0x100 [ 908.850374][T20835] ? __alloc_skb+0x1c3/0x440 [ 908.854988][T20835] kmem_cache_alloc_node_noprof+0x71/0x320 [ 908.860827][T20835] __alloc_skb+0x1c3/0x440 [ 908.865264][T20835] ? __pfx___alloc_skb+0x10/0x10 [ 908.870218][T20835] ? netlink_autobind+0xd6/0x2f0 [ 908.875165][T20835] ? netlink_autobind+0x2b0/0x2f0 [ 908.880205][T20835] netlink_sendmsg+0x638/0xcb0 [ 908.884990][T20835] ? __pfx_netlink_sendmsg+0x10/0x10 [ 908.890296][T20835] ? __pfx_lock_release+0x10/0x10 [ 908.895376][T20835] ? aa_sock_msg_perm+0x91/0x160 [ 908.900347][T20835] ? __pfx_netlink_sendmsg+0x10/0x10 [ 908.905659][T20835] __sock_sendmsg+0x221/0x270 [ 908.910368][T20835] ____sys_sendmsg+0x52a/0x7e0 [ 908.915176][T20835] ? __pfx_____sys_sendmsg+0x10/0x10 [ 908.920485][T20835] __sys_sendmsg+0x292/0x380 [ 908.925091][T20835] ? __pfx___sys_sendmsg+0x10/0x10 [ 908.930308][T20835] ? __pfx_vfs_write+0x10/0x10 [ 908.935202][T20835] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 908.941834][T20835] ? lockdep_hardirqs_on+0x99/0x150 [ 908.947083][T20835] __do_fast_syscall_32+0xb4/0x110 [ 908.952224][T20835] ? exc_page_fault+0x590/0x8c0 [ 908.957129][T20835] do_fast_syscall_32+0x34/0x80 [ 908.962004][T20835] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 908.968375][T20835] RIP: 0023:0xf740d579 [ 908.972460][T20835] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 908.992360][T20835] RSP: 002b:00000000f56f656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 909.000811][T20835] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000 [ 909.008800][T20835] RDX: 0000000000008080 RSI: 0000000000000000 RDI: 0000000000000000 [ 909.016781][T20835] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 909.024765][T20835] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 909.032748][T20835] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 909.040740][T20835] [ 909.043863][ C0] vkms_vblank_simulate: vblank timer overrun [ 909.118801][T17566] usb 1-1: USB disconnect, device number 108 [ 909.212856][ T54] Bluetooth: hci3: command tx timeout [ 909.290241][T20848] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4270'. [ 909.345000][T20760] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 909.415364][T20838] syzkaller0: entered promiscuous mode [ 909.428437][T20838] syzkaller0: entered allmulticast mode [ 909.438426][T20852] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4271'. [ 909.447934][T20852] IPv6: NLM_F_CREATE should be specified when creating new route [ 909.478246][T20852] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4271'. [ 909.506280][T20760] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 909.610487][T17566] usb 1-1: new high-speed USB device number 109 using dummy_hcd [ 909.760890][T17566] usb 1-1: Using ep0 maxpacket: 8 [ 909.780081][T17566] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 909.811120][T17566] usb 1-1: config 0 has no interface number 0 [ 909.840779][T20760] team0: Port device team_slave_0 added [ 909.847435][T17566] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 909.866618][T17566] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 909.867895][T20863] FAULT_INJECTION: forcing a failure. [ 909.867895][T20863] name failslab, interval 1, probability 0, space 0, times 0 [ 909.876727][T17566] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 909.890595][ T1831] hsr_slave_0: left promiscuous mode [ 909.908079][T17566] usb 1-1: config 0 descriptor?? [ 909.927428][T17566] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 909.930218][T20863] CPU: 1 UID: 0 PID: 20863 Comm: syz.3.4275 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 909.948669][T20863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 909.958777][T20863] Call Trace: [ 909.962096][T20863] [ 909.965066][T20863] dump_stack_lvl+0x241/0x360 [ 909.969788][T20863] ? __pfx_dump_stack_lvl+0x10/0x10 [ 909.975049][T20863] ? __pfx__printk+0x10/0x10 [ 909.979696][T20863] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 909.985741][T20863] ? __pfx___might_resched+0x10/0x10 [ 909.991169][T20863] should_fail_ex+0x3b0/0x4e0 [ 909.995913][T20863] should_failslab+0xac/0x100 [ 910.000659][T20863] ? __alloc_skb+0x1c3/0x440 [ 910.005317][T20863] kmem_cache_alloc_node_noprof+0x71/0x320 [ 910.011226][T20863] __alloc_skb+0x1c3/0x440 [ 910.015744][T20863] ? __pfx___alloc_skb+0x10/0x10 [ 910.020743][T20863] ? netlink_autobind+0xd6/0x2f0 [ 910.025732][T20863] ? netlink_autobind+0x2b0/0x2f0 [ 910.030900][T20863] netlink_sendmsg+0x638/0xcb0 [ 910.035744][T20863] ? __pfx_netlink_sendmsg+0x10/0x10 [ 910.041093][T20863] ? __pfx_lock_release+0x10/0x10 [ 910.046182][T20863] ? aa_sock_msg_perm+0x91/0x160 [ 910.051179][T20863] ? __pfx_netlink_sendmsg+0x10/0x10 [ 910.056516][T20863] __sock_sendmsg+0x221/0x270 [ 910.061261][T20863] ____sys_sendmsg+0x52a/0x7e0 [ 910.066080][T20863] ? __pfx_____sys_sendmsg+0x10/0x10 [ 910.071426][T20863] __sys_sendmsg+0x292/0x380 [ 910.076064][T20863] ? __pfx___sys_sendmsg+0x10/0x10 [ 910.081238][T20863] ? __pfx_vfs_write+0x10/0x10 [ 910.086084][T20863] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 910.092572][ T9] pwc: recv_control_msg error -110 req 02 val 2b00 [ 910.092710][T20863] ? lockdep_hardirqs_on+0x99/0x150 [ 910.100246][ T9] pwc: recv_control_msg error -32 req 02 val 2700 [ 910.104433][T20863] __do_fast_syscall_32+0xb4/0x110 [ 910.104467][T20863] ? exc_page_fault+0x590/0x8c0 [ 910.104572][T20863] do_fast_syscall_32+0x34/0x80 [ 910.104603][T20863] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 910.104632][T20863] RIP: 0023:0xf740d579 [ 910.104654][T20863] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 910.104677][T20863] RSP: 002b:00000000f56f656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 910.104705][T20863] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200002c0 [ 910.104725][T20863] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 910.120831][ T9] pwc: recv_control_msg error -32 req 02 val 2c00 [ 910.121226][T20863] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 910.138071][ T9] pwc: recv_control_msg error -32 req 04 val 1000 [ 910.156224][T20863] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 910.156258][T20863] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 910.156288][T20863] [ 910.224479][ T9] pwc: recv_control_msg error -32 req 04 val 1300 [ 910.233644][ T9] pwc: recv_control_msg error -32 req 04 val 1400 [ 910.243697][ T9] pwc: recv_control_msg error -32 req 02 val 2000 [ 910.251418][ T9] pwc: recv_control_msg error -32 req 02 val 2100 [ 910.251852][ T1831] hsr_slave_1: left promiscuous mode [ 910.258437][ T9] pwc: recv_control_msg error -32 req 04 val 1500 [ 910.280726][ T9] pwc: recv_control_msg error -32 req 02 val 2500 [ 910.287710][ T1831] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 910.293960][ T9] pwc: recv_control_msg error -32 req 02 val 2400 [ 910.300437][ T1831] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 910.312735][ T9] pwc: recv_control_msg error -32 req 02 val 2600 [ 910.327134][ T1831] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 910.333199][ T9] pwc: recv_control_msg error -32 req 02 val 2900 [ 910.345734][ T1831] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 910.352247][ T9] pwc: recv_control_msg error -32 req 02 val 2800 [ 910.380065][ T9] pwc: recv_control_msg error -32 req 04 val 1100 [ 910.380751][ T9] pwc: recv_control_msg error -32 req 04 val 1200 [ 910.388804][ T9] pwc: Registered as video71. [ 910.393973][ T9] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input180 [ 910.457157][ T1831] veth1_macvtap: left promiscuous mode [ 910.457241][ T1831] veth0_macvtap: left promiscuous mode [ 910.457376][ T1831] veth1_vlan: left promiscuous mode [ 910.457474][ T1831] veth0_vlan: left promiscuous mode [ 911.207673][T20879] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 911.209597][T20879] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 911.295875][ T54] Bluetooth: hci3: command tx timeout [ 911.392708][ T5290] usb 1-1: USB disconnect, device number 109 [ 911.423051][ T5290] iowarrior 1-1:0.1: I/O-Warror #0 now disconnected [ 911.661914][T20884] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 911.687254][ T54] Bluetooth: hci4: unexpected subevent 0x01 length: 78 > 18 [ 911.694883][ T54] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 911.788871][ T1831] team0 (unregistering): Port device team_slave_1 removed [ 911.875155][ T1831] team0 (unregistering): Port device team_slave_0 removed [ 912.682686][T20907] FAULT_INJECTION: forcing a failure. [ 912.682686][T20907] name failslab, interval 1, probability 0, space 0, times 0 [ 912.706636][T20907] CPU: 1 UID: 0 PID: 20907 Comm: syz.3.4288 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 912.717600][T20907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 912.727782][T20907] Call Trace: [ 912.731183][T20907] [ 912.734239][T20907] dump_stack_lvl+0x241/0x360 [ 912.738972][T20907] ? __pfx_dump_stack_lvl+0x10/0x10 [ 912.744197][T20907] ? __pfx__printk+0x10/0x10 [ 912.748831][T20907] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 912.754847][T20907] ? __pfx___might_resched+0x10/0x10 [ 912.760198][T20907] should_fail_ex+0x3b0/0x4e0 [ 912.764909][T20907] should_failslab+0xac/0x100 [ 912.769614][T20907] ? __alloc_skb+0x1c3/0x440 [ 912.774336][T20907] kmem_cache_alloc_node_noprof+0x71/0x320 [ 912.780196][T20907] __alloc_skb+0x1c3/0x440 [ 912.784632][T20907] ? __pfx___alloc_skb+0x10/0x10 [ 912.789588][T20907] ? netlink_autobind+0xd6/0x2f0 [ 912.794560][T20907] ? netlink_autobind+0x2b0/0x2f0 [ 912.799618][T20907] netlink_sendmsg+0x638/0xcb0 [ 912.804401][T20907] ? __pfx_netlink_sendmsg+0x10/0x10 [ 912.809701][T20907] ? __pfx_lock_release+0x10/0x10 [ 912.814762][T20907] ? aa_sock_msg_perm+0x91/0x160 [ 912.819749][T20907] ? __pfx_netlink_sendmsg+0x10/0x10 [ 912.825078][T20907] __sock_sendmsg+0x221/0x270 [ 912.829787][T20907] ____sys_sendmsg+0x52a/0x7e0 [ 912.834583][T20907] ? __pfx_____sys_sendmsg+0x10/0x10 [ 912.839908][T20907] __sys_sendmsg+0x292/0x380 [ 912.844523][T20907] ? __pfx___sys_sendmsg+0x10/0x10 [ 912.849670][T20907] ? __pfx_vfs_write+0x10/0x10 [ 912.854475][T20907] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 912.861189][T20907] ? lockdep_hardirqs_on+0x99/0x150 [ 912.866414][T20907] __do_fast_syscall_32+0xb4/0x110 [ 912.871540][T20907] ? exc_page_fault+0x590/0x8c0 [ 912.876413][T20907] do_fast_syscall_32+0x34/0x80 [ 912.881277][T20907] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 912.887616][T20907] RIP: 0023:0xf740d579 [ 912.891698][T20907] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 912.911344][T20907] RSP: 002b:00000000f56f656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 912.919874][T20907] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000100 [ 912.927862][T20907] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 912.936019][T20907] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 912.944001][T20907] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 912.952004][T20907] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 912.960030][T20907] [ 913.383111][ T54] Bluetooth: hci3: command tx timeout [ 914.238824][T20920] FAULT_INJECTION: forcing a failure. [ 914.238824][T20920] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 914.238862][T20920] CPU: 1 UID: 0 PID: 20920 Comm: syz.3.4293 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 914.238889][T20920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 914.238903][T20920] Call Trace: [ 914.238913][T20920] [ 914.238923][T20920] dump_stack_lvl+0x241/0x360 [ 914.238954][T20920] ? __pfx_dump_stack_lvl+0x10/0x10 [ 914.238977][T20920] ? __pfx__printk+0x10/0x10 [ 914.239020][T20920] should_fail_ex+0x3b0/0x4e0 [ 914.239057][T20920] strncpy_from_user+0x36/0x250 [ 914.239092][T20920] getname_flags+0xf1/0x540 [ 914.239123][T20920] do_sys_openat2+0xd2/0x1d0 [ 914.239154][T20920] ? __pfx_do_sys_openat2+0x10/0x10 [ 914.239194][T20920] __ia32_compat_sys_openat+0x23f/0x290 [ 914.239228][T20920] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 914.239264][T20920] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 914.239313][T20920] ? lockdep_hardirqs_on+0x99/0x150 [ 914.239347][T20920] __do_fast_syscall_32+0xb4/0x110 [ 914.239370][T20920] ? exc_page_fault+0x590/0x8c0 [ 914.239404][T20920] do_fast_syscall_32+0x34/0x80 [ 914.239426][T20920] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 914.239451][T20920] RIP: 0023:0xf740d579 [ 914.239471][T20920] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 914.239492][T20920] RSP: 002b:00000000f56f6110 EFLAGS: 00000206 ORIG_RAX: 0000000000000127 [ 914.239517][T20920] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f56f6160 [ 914.239534][T20920] RDX: 000000000000a382 RSI: 0000000000000000 RDI: 00000000f73fbff4 [ 914.239549][T20920] RBP: 000000000000a382 R08: 0000000000000000 R09: 0000000000000000 [ 914.239564][T20920] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 914.239578][T20920] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 914.239607][T20920] [ 914.487924][T20923] input: syz0 as /devices/virtual/input/input181 [ 915.429104][T20928] input: syz0 as /devices/virtual/input/input182 [ 916.922291][T20760] team0: Port device team_slave_1 added [ 916.931798][T20923] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4294'. [ 916.962400][T20928] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4295'. [ 917.173042][T20936] input: syz0 as /devices/virtual/input/input183 [ 917.204366][T20760] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 917.216152][T20760] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 917.359796][T20760] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 917.362206][T20936] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4296'. [ 917.383056][T20760] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 917.383079][T20760] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 917.383112][T20760] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 917.736718][T20760] hsr_slave_0: entered promiscuous mode [ 917.759282][T20760] hsr_slave_1: entered promiscuous mode [ 917.770550][ T5290] usb 2-1: new high-speed USB device number 100 using dummy_hcd [ 917.920433][ T5290] usb 2-1: Using ep0 maxpacket: 32 [ 917.922137][ T5290] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 917.924021][ T5290] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 917.924054][ T5290] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 917.924080][ T5290] usb 2-1: Product: syz [ 917.924099][ T5290] usb 2-1: Manufacturer: syz [ 917.924119][ T5290] usb 2-1: SerialNumber: syz [ 917.926366][ T5290] usb 2-1: config 0 descriptor?? [ 918.292766][T20951] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 918.403543][T20966] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4303'. [ 919.153037][T20760] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 919.171917][T20760] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 919.203487][T20760] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 919.206979][T20760] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 919.591751][T20760] 8021q: adding VLAN 0 to HW filter on device bond0 [ 919.657106][T20760] 8021q: adding VLAN 0 to HW filter on device team0 [ 919.673329][ T2935] bridge0: port 1(bridge_slave_0) entered blocking state [ 919.673409][ T2935] bridge0: port 1(bridge_slave_0) entered forwarding state [ 919.695632][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 919.695710][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 919.740909][T20998] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 919.758219][ T54] Bluetooth: hci4: unexpected subevent 0x01 length: 78 > 18 [ 919.758301][ T54] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 919.888115][T20760] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 920.053820][T20760] veth0_vlan: entered promiscuous mode [ 920.075151][T20760] veth1_vlan: entered promiscuous mode [ 920.179547][T20760] veth0_macvtap: entered promiscuous mode [ 920.197266][T20760] veth1_macvtap: entered promiscuous mode [ 920.229061][T20760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 920.229094][T20760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 920.229111][T20760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 920.229130][T20760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 920.229147][T20760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 920.229165][T20760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 920.232309][T20760] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 920.258678][T20760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 920.372843][T20760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 920.372875][T20760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 920.372900][T20760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 920.377870][T20760] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 920.397561][T20760] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 920.397610][T20760] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 920.397645][T20760] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 920.397678][T20760] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 920.615284][T21008] input: syz0 as /devices/virtual/input/input184 [ 920.641671][ T5286] usb 2-1: USB disconnect, device number 100 [ 920.692649][ T2512] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 920.692670][ T2512] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 920.928097][T21016] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4307'. [ 921.056843][ T1831] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 921.056874][ T1831] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 921.482027][T21037] FAULT_INJECTION: forcing a failure. [ 921.482027][T21037] name failslab, interval 1, probability 0, space 0, times 0 [ 921.547779][T21037] CPU: 0 UID: 0 PID: 21037 Comm: syz.2.4259 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 921.558632][T21037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 921.568738][T21037] Call Trace: [ 921.572054][T21037] [ 921.575016][T21037] dump_stack_lvl+0x241/0x360 [ 921.579734][T21037] ? __pfx_dump_stack_lvl+0x10/0x10 [ 921.584977][T21037] ? __pfx__printk+0x10/0x10 [ 921.589616][T21037] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 921.595650][T21037] ? __pfx___might_resched+0x10/0x10 [ 921.601087][T21037] should_fail_ex+0x3b0/0x4e0 [ 921.605840][T21037] should_failslab+0xac/0x100 [ 921.610575][T21037] ? __alloc_skb+0x1c3/0x440 [ 921.615217][T21037] kmem_cache_alloc_node_noprof+0x71/0x320 [ 921.621367][T21037] __alloc_skb+0x1c3/0x440 [ 921.625840][T21037] ? __pfx___alloc_skb+0x10/0x10 [ 921.630842][T21037] ? reacquire_held_locks+0x680/0x690 [ 921.636358][T21037] ? __lock_acquire+0x1384/0x2050 [ 921.641461][T21037] alloc_skb_with_frags+0xc3/0x820 [ 921.646639][T21037] sock_alloc_send_pskb+0x91a/0xa60 [ 921.651908][T21037] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 921.657686][T21037] ? dev_get_by_index+0x23/0x2d0 [ 921.662685][T21037] packet_sendmsg+0x3f33/0x6860 [ 921.667581][T21037] ? mark_lock+0x9a/0x360 [ 921.671959][T21037] ? __pfx___might_resched+0x10/0x10 [ 921.677266][T21037] ? aa_sk_perm+0x96d/0xab0 [ 921.681780][T21037] ? __pfx_packet_sendmsg+0x10/0x10 [ 921.686989][T21037] ? __fget_files+0x29/0x470 [ 921.691635][T21037] ? aa_sock_msg_perm+0x91/0x160 [ 921.696609][T21037] ? __pfx_packet_sendmsg+0x10/0x10 [ 921.701834][T21037] __sock_sendmsg+0x221/0x270 [ 921.706553][T21037] __sys_sendto+0x39b/0x4f0 [ 921.711082][T21037] ? __pfx___sys_sendto+0x10/0x10 [ 921.716113][T21037] ? __mutex_unlock_slowpath+0x21d/0x750 [ 921.721775][T21037] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 921.728122][T21037] __ia32_sys_sendto+0xdd/0x100 [ 921.732990][T21037] __do_fast_syscall_32+0xb4/0x110 [ 921.738115][T21037] ? exc_page_fault+0x590/0x8c0 [ 921.742985][T21037] do_fast_syscall_32+0x34/0x80 [ 921.747839][T21037] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 921.754260][T21037] RIP: 0023:0xf7fc5579 [ 921.758340][T21037] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 921.777950][T21037] RSP: 002b:00000000f572556c EFLAGS: 00000206 ORIG_RAX: 0000000000000171 [ 921.786461][T21037] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100 [ 921.794434][T21037] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000020000000 [ 921.802414][T21037] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000 [ 921.810404][T21037] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 921.818377][T21037] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 921.826362][T21037] [ 922.082098][T21047] netlink: 'syz.0.4314': attribute type 9 has an invalid length. [ 922.090252][T21047] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.4314'. [ 922.214989][T21056] netlink: 'syz.0.4314': attribute type 9 has an invalid length. [ 922.240504][T21056] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.4314'. [ 922.382301][T21047] dns_resolver: Unsupported content type (98) [ 922.539231][T21063] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 922.589681][ T5245] Bluetooth: hci4: unexpected subevent 0x01 length: 78 > 18 [ 922.598324][ T5245] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 922.690634][ T5290] usb 1-1: new high-speed USB device number 110 using dummy_hcd [ 922.871732][ T5290] usb 1-1: Using ep0 maxpacket: 32 [ 922.901937][ T5290] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 922.937826][ T5290] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 922.960443][ T5290] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 922.988975][ T5290] usb 1-1: Product: syz [ 923.000934][ T5290] usb 1-1: Manufacturer: syz [ 923.005617][ T5290] usb 1-1: SerialNumber: syz [ 923.034443][ T5290] usb 1-1: bad CDC descriptors [ 923.228340][T21083] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 923.300648][T21083] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 923.330106][ T5285] usb 1-1: USB disconnect, device number 110 [ 923.597390][T21083] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 923.640652][T21083] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 924.010949][ T9] usb 3-1: new high-speed USB device number 76 using dummy_hcd [ 924.111204][T17566] usb 4-1: new high-speed USB device number 104 using dummy_hcd [ 924.206227][T21112] FAULT_INJECTION: forcing a failure. [ 924.206227][T21112] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 924.231298][ T9] usb 3-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 924.240238][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 924.270556][T21112] CPU: 0 UID: 0 PID: 21112 Comm: syz.0.4327 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 924.281412][T21112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 924.291515][T21112] Call Trace: [ 924.295007][T21112] [ 924.297974][T21112] dump_stack_lvl+0x241/0x360 [ 924.302704][T21112] ? __pfx_dump_stack_lvl+0x10/0x10 [ 924.307950][T21112] ? __pfx__printk+0x10/0x10 [ 924.312612][T21112] should_fail_ex+0x3b0/0x4e0 [ 924.317353][T21112] _copy_from_user+0x2f/0xe0 [ 924.322004][T21112] move_addr_to_kernel+0x82/0x150 [ 924.327096][T21112] __sys_sendto+0x29f/0x4f0 [ 924.331738][T21112] ? __pfx___sys_sendto+0x10/0x10 [ 924.336821][T21112] ? __might_fault+0xaa/0x120 [ 924.341535][T21112] ? vfs_write+0x7bf/0xc90 [ 924.346005][T21112] ? __might_fault+0xc6/0x120 [ 924.350727][T21112] __se_compat_sys_socketcall+0xb18/0x1430 [ 924.356582][T21112] ? __pfx___se_compat_sys_socketcall+0x10/0x10 [ 924.362899][T21112] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 924.369546][T21112] ? lockdep_hardirqs_on+0x99/0x150 [ 924.374808][T21112] __do_fast_syscall_32+0xb4/0x110 [ 924.379973][T21112] ? exc_page_fault+0x590/0x8c0 [ 924.384890][T21112] do_fast_syscall_32+0x34/0x80 [ 924.389776][T21112] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 924.396124][T21112] RIP: 0023:0xf73cd579 [ 924.400205][T21112] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 924.419911][T21112] RSP: 002b:00000000f56b5440 EFLAGS: 00000206 ORIG_RAX: 0000000000000066 [ 924.428356][T21112] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f56b5454 [ 924.436433][T21112] RDX: 0000000000000000 RSI: 00000000f56b5570 RDI: 00000000f73bbff4 [ 924.444431][T21112] RBP: 00000000f56b5570 R08: 0000000000000000 R09: 0000000000000000 [ 924.452425][T21112] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 924.460417][T21112] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 924.468426][T21112] [ 924.540669][T17566] usb 4-1: Using ep0 maxpacket: 16 [ 924.547006][ T9] usb 3-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice= 0.9c [ 924.560265][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 924.578922][T17566] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 924.590303][ T9] usb 3-1: Product: syz [ 924.594734][ T9] usb 3-1: Manufacturer: syz [ 924.599371][ T9] usb 3-1: SerialNumber: syz [ 924.610438][T17566] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 924.630573][T17566] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 924.644703][T17566] usb 4-1: New USB device found, idVendor=04d9, idProduct=a072, bcdDevice= 0.00 [ 924.654350][T17566] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 924.673005][ T9] usb 3-1: config 0 descriptor?? [ 924.687110][T17566] usb 4-1: config 0 descriptor?? [ 924.719304][ T9] ims_pcu 3-1:0.0: Missing CDC union descriptor [ 924.725819][ T9] ims_pcu 3-1:0.0: probe with driver ims_pcu failed with error -22 [ 924.947203][T17566] holtek_mouse 0003:04D9:A072.001A: unknown main item tag 0x0 [ 924.972328][T17566] holtek_mouse 0003:04D9:A072.001A: hidraw0: USB HID v0.00 Device [HID 04d9:a072] on usb-dummy_hcd.3-1/input0 [ 925.059079][ T9] usb 3-1: USB disconnect, device number 76 [ 925.090118][ T29] kauditd_printk_skb: 7 callbacks suppressed [ 925.090140][ T29] audit: type=1326 audit(1728275674.114:1714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21126 comm="syz.0.4329" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x0 [ 925.156780][ T8] usb 4-1: USB disconnect, device number 104 [ 926.247601][T21174] FAULT_INJECTION: forcing a failure. [ 926.247601][T21174] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 926.247641][T21174] CPU: 0 UID: 0 PID: 21174 Comm: syz.3.4338 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 926.247671][T21174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 926.247687][T21174] Call Trace: [ 926.247697][T21174] [ 926.247708][T21174] dump_stack_lvl+0x241/0x360 [ 926.247743][T21174] ? __pfx_dump_stack_lvl+0x10/0x10 [ 926.247769][T21174] ? __pfx__printk+0x10/0x10 [ 926.247811][T21174] ? snprintf+0xda/0x120 [ 926.247843][T21174] should_fail_ex+0x3b0/0x4e0 [ 926.247892][T21174] _copy_to_user+0x2f/0xb0 [ 926.247927][T21174] simple_read_from_buffer+0xca/0x150 [ 926.247970][T21174] proc_fail_nth_read+0x1e9/0x250 [ 926.248011][T21174] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 926.248052][T21174] ? rw_verify_area+0x568/0x6f0 [ 926.248088][T21174] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 926.248128][T21174] vfs_read+0x201/0xbc0 [ 926.248163][T21174] ? __pfx_lock_release+0x10/0x10 [ 926.248203][T21174] ? link_create+0x513/0x860 [ 926.248239][T21174] ? __pfx_vfs_read+0x10/0x10 [ 926.248282][T21174] ? __fget_files+0x3f3/0x470 [ 926.248319][T21174] ? fdget_pos+0x24e/0x320 [ 926.248351][T21174] ksys_read+0x183/0x2b0 [ 926.248377][T21174] ? __pfx_ksys_read+0x10/0x10 [ 926.248404][T21174] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 926.248443][T21174] ? lockdep_hardirqs_on+0x99/0x150 [ 926.248486][T21174] __do_fast_syscall_32+0xb4/0x110 [ 926.248513][T21174] ? exc_page_fault+0x590/0x8c0 [ 926.248551][T21174] do_fast_syscall_32+0x34/0x80 [ 926.248576][T21174] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 926.248604][T21174] RIP: 0023:0xf740d579 [ 926.248626][T21174] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 926.248648][T21174] RSP: 002b:00000000f56f65a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003 [ 926.248677][T21174] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f56f6620 [ 926.248696][T21174] RDX: 000000000000000f RSI: 00000000f73fbff4 RDI: 0000000000000000 [ 926.248712][T21174] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 926.248729][T21174] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 926.248745][T21174] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 926.248778][T21174] [ 926.395877][T21178] netlink: 'syz.3.4340': attribute type 9 has an invalid length. [ 926.459570][T21176] IPVS: stopping backup sync thread 21179 ... [ 926.469576][T21180] dns_resolver: Unsupported content type (98) [ 926.477439][T21179] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_macvtap, syncid = 0, id = 0 [ 926.485887][T21178] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.4340'. [ 926.505304][ T54] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 926.571763][ T54] Bluetooth: hci3: Injecting HCI hardware error event [ 926.575077][ T54] Bluetooth: hci3: hardware error 0x00 [ 926.661672][T21183] netlink: 'syz.2.4341': attribute type 9 has an invalid length. [ 926.661707][T21183] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.4341'. [ 926.707024][T21183] netlink: 'syz.2.4341': attribute type 9 has an invalid length. [ 926.707055][T21183] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.4341'. [ 926.720532][ T9] usb 4-1: new high-speed USB device number 105 using dummy_hcd [ 926.759849][T21185] dns_resolver: Unsupported content type (98) [ 926.876653][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 926.883317][ T9] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 926.915881][ T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 926.933409][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 926.946161][ T9] usb 4-1: Product: syz [ 926.954683][ T9] usb 4-1: Manufacturer: syz [ 926.959519][ T9] usb 4-1: SerialNumber: syz [ 926.976911][T21190] hsr0: entered promiscuous mode [ 926.985021][ T9] usb 4-1: bad CDC descriptors [ 926.996246][T21190] team0: Device macvlan2 is up. Set it down before adding it as a team port [ 927.000874][ T8] usb 3-1: new high-speed USB device number 77 using dummy_hcd [ 927.040734][T21193] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 927.052836][T21193] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 927.103446][T21193] binder: 21189:21193 ioctl 4018620d 20004a80 returned -22 [ 927.112865][T21193] binder: 21189:21193 ioctl c0306201 20004a40 returned -14 [ 927.160499][ T8] usb 3-1: Using ep0 maxpacket: 32 [ 927.162096][ T8] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 927.164266][ T8] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 927.164302][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 927.164327][ T8] usb 3-1: Product: syz [ 927.164345][ T8] usb 3-1: Manufacturer: syz [ 927.164358][ T8] usb 3-1: SerialNumber: syz [ 927.168331][ T8] usb 3-1: bad CDC descriptors [ 927.220095][ T5285] usb 4-1: USB disconnect, device number 105 [ 927.351948][T21201] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 927.353712][ T5245] Bluetooth: hci2: unexpected subevent 0x01 length: 78 > 18 [ 927.353773][ T5245] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 927.402582][ T8] usb 3-1: USB disconnect, device number 77 [ 928.357516][T21221] dccp_close: ABORT with 1 bytes unread [ 928.469218][T21222] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8) [ 928.469302][T21222] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 928.473300][T21222] vhci_hcd vhci_hcd.0: Device attached [ 928.493109][T21224] vhci_hcd: unknown pdu 2 [ 928.513606][ T5908] vhci_hcd: stop threads [ 928.513666][ T5908] vhci_hcd: release socket [ 928.513721][ T5908] vhci_hcd: disconnect device [ 928.531782][T21223] input: syz0 as /devices/virtual/input/input185 [ 928.641465][T21226] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4350'. [ 928.651943][ T54] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 928.720599][ T5286] usb 1-1: new high-speed USB device number 111 using dummy_hcd [ 928.910620][ T5286] usb 1-1: Using ep0 maxpacket: 16 [ 928.911626][ T5286] usb 1-1: too many configurations: 246, using maximum allowed: 8 [ 928.932546][ T5286] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 928.932588][ T5286] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 928.932615][ T5286] usb 1-1: Product: syz [ 928.932635][ T5286] usb 1-1: Manufacturer: syz [ 928.932654][ T5286] usb 1-1: SerialNumber: syz [ 928.937936][ T5286] r8152-cfgselector 1-1: Unknown version 0x0000 [ 928.937968][ T5286] r8152-cfgselector 1-1: config 0 descriptor?? [ 929.048337][ T8] usb 3-1: new high-speed USB device number 78 using dummy_hcd [ 929.189961][T21222] netlink: 'syz.0.4352': attribute type 10 has an invalid length. [ 929.190072][T21222] bridge0: port 3(netdevsim0) entered blocking state [ 929.197939][T21222] bridge0: port 3(netdevsim0) entered disabled state [ 929.198124][T21222] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 929.311463][T21222] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 929.311825][T21222] bridge0: port 3(netdevsim0) entered blocking state [ 929.311883][T21222] bridge0: port 3(netdevsim0) entered forwarding state [ 929.346534][ T8] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 929.346571][ T8] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 929.346596][ T8] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 929.346636][ T8] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 929.346670][ T8] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 929.348650][ T8] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 929.348681][ T8] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 929.348699][ T8] usb 3-1: Product: syz [ 929.348712][ T8] usb 3-1: Manufacturer: syz [ 929.368116][ T8] cdc_wdm 3-1:1.0: skipping garbage [ 929.368135][ T8] cdc_wdm 3-1:1.0: skipping garbage [ 929.400499][ T8] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 929.400528][ T8] cdc_wdm 3-1:1.0: Unknown control protocol [ 929.575440][ T8] usb 3-1: USB disconnect, device number 78 [ 929.895069][T21234] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.4356'. [ 929.952879][T21234] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4356'. [ 929.952905][T21234] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4356'. [ 930.100449][ T8] usb 3-1: new high-speed USB device number 79 using dummy_hcd [ 930.225518][ T5290] r8152-cfgselector 1-1: USB disconnect, device number 111 [ 930.262220][ T8] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 930.271285][ T8] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 930.271320][ T8] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 930.271366][ T8] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 930.271398][ T8] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 930.273114][ T8] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 930.338959][ T8] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 930.338995][ T8] usb 3-1: Product: syz [ 930.339016][ T8] usb 3-1: Manufacturer: syz [ 930.343934][ T8] cdc_wdm 3-1:1.0: skipping garbage [ 930.343963][ T8] cdc_wdm 3-1:1.0: skipping garbage [ 930.347850][ T8] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 930.347882][ T8] cdc_wdm 3-1:1.0: Unknown control protocol [ 930.715634][T21239] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 930.766952][T21239] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 930.813712][T21243] netlink: 'syz.3.4359': attribute type 9 has an invalid length. [ 930.821706][T21243] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.4359'. [ 930.832838][T21243] dns_resolver: Unsupported content type (98) [ 930.865579][T21244] netlink: 'syz.1.4358': attribute type 9 has an invalid length. [ 930.880462][T21244] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.4358'. [ 930.944192][T21247] netlink: 'syz.1.4358': attribute type 9 has an invalid length. [ 930.955812][T21247] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.4358'. [ 930.997087][T21244] dns_resolver: Unsupported content type (98) [ 931.081215][ T8] usb 4-1: new high-speed USB device number 106 using dummy_hcd [ 931.169929][T21248] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 931.180813][T21248] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 931.190996][T21252] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 931.199563][ T54] Bluetooth: hci0: unexpected subevent 0x01 length: 78 > 18 [ 931.207080][ T54] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 931.240576][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 931.247816][ T8] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 931.261147][ T9] usb 2-1: new high-speed USB device number 101 using dummy_hcd [ 931.274347][ T8] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 931.286565][ C0] wdm_int_callback: 105 callbacks suppressed [ 931.286593][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 931.287086][ T5286] usb 3-1: USB disconnect, device number 79 [ 931.292621][ C0] wdm_int_callback: 105 callbacks suppressed [ 931.292644][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 931.292667][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 931.300435][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 931.370952][ T8] usb 4-1: Product: syz [ 931.375191][ T8] usb 4-1: Manufacturer: syz [ 931.379823][ T8] usb 4-1: SerialNumber: syz [ 931.411111][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 931.418527][ T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 931.430557][ T8] usb 4-1: bad CDC descriptors [ 931.453725][ T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 931.470505][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 931.478607][ T9] usb 2-1: Product: syz [ 931.490677][ T9] usb 2-1: Manufacturer: syz [ 931.495351][ T9] usb 2-1: SerialNumber: syz [ 931.537996][ T9] usb 2-1: bad CDC descriptors [ 931.645246][ T9] usb 4-1: USB disconnect, device number 106 [ 931.767636][ T5286] usb 2-1: USB disconnect, device number 101 [ 931.773921][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.773977][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.449156][T21270] input: syz0 as /devices/virtual/input/input186 [ 932.558004][T21271] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4366'. [ 933.420769][ T9] usb 2-1: new high-speed USB device number 102 using dummy_hcd [ 933.790553][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 933.810597][ T5290] usb 1-1: new high-speed USB device number 112 using dummy_hcd [ 933.838463][ T9] usb 2-1: unable to get BOS descriptor or descriptor too short [ 933.870506][ T9] usb 2-1: string descriptor 0 read error: -22 [ 933.870604][ T9] usb 2-1: New USB device found, idVendor=1415, idProduct=0003, bcdDevice=65.5d [ 933.870634][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 933.896470][ T9] usb 2-1: config 0 descriptor?? [ 933.950666][ T5290] usb 1-1: device descriptor read/64, error -71 [ 933.953893][T21294] input: syz0 as /devices/virtual/input/input187 [ 933.974004][T21294] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4373'. [ 934.189558][T21297] netlink: 'syz.3.4376': attribute type 9 has an invalid length. [ 934.189669][T21297] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.4376'. [ 934.190729][ T5290] usb 1-1: new high-speed USB device number 113 using dummy_hcd [ 934.193729][T21297] dns_resolver: Unsupported content type (98) [ 934.340754][ T5290] usb 1-1: device descriptor read/64, error -71 [ 934.440495][ T5289] usb 4-1: new high-speed USB device number 107 using dummy_hcd [ 934.460936][ T5290] usb usb1-port1: attempt power cycle [ 934.600735][ T5289] usb 4-1: Using ep0 maxpacket: 32 [ 934.614474][ T5289] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 934.633602][ T5289] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 934.655968][T21303] netlink: 67 bytes leftover after parsing attributes in process `syz.4.4377'. [ 934.655992][T21303] IPv6: NLM_F_CREATE should be specified when creating new route [ 934.656062][T21303] IPv6: Can't replace route, no match found [ 934.690122][ T5289] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 934.690160][ T5289] usb 4-1: Product: syz [ 934.690179][ T5289] usb 4-1: Manufacturer: syz [ 934.690198][ T5289] usb 4-1: SerialNumber: syz [ 934.743378][ T5289] usb 4-1: bad CDC descriptors [ 934.811053][ T5290] usb 1-1: new high-speed USB device number 114 using dummy_hcd [ 934.841306][ T5290] usb 1-1: device descriptor read/8, error -71 [ 934.938252][ T8] usb 4-1: USB disconnect, device number 107 [ 934.963786][T21305] netlink: 392 bytes leftover after parsing attributes in process `syz.2.4378'. [ 935.090747][ T5290] usb 1-1: new high-speed USB device number 115 using dummy_hcd [ 935.161205][ T5290] usb 1-1: device descriptor read/8, error -71 [ 935.270862][ T5290] usb usb1-port1: unable to enumerate USB device [ 935.393207][ T9] dvb-usb: found a 'Sony PlayTV' in cold state, will try to load a firmware [ 935.403377][ T9] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [ 935.449285][ T9] dib0700: firmware download failed at 7 with -22 [ 935.473088][ T9] usb 2-1: USB disconnect, device number 102 [ 935.541931][T21311] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 935.585525][T21311] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 935.613980][T21311] bond_slave_0: entered promiscuous mode [ 935.620441][T21311] bond_slave_1: entered promiscuous mode [ 935.656491][T21311] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 935.695468][T21311] team0: Port device macvlan2 added [ 935.731833][T21316] IPVS: stopping backup sync thread 21319 ... [ 935.737402][T21319] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_macvtap, syncid = 0, id = 0 [ 935.874017][T21321] FAULT_INJECTION: forcing a failure. [ 935.874017][T21321] name failslab, interval 1, probability 0, space 0, times 0 [ 935.892950][T21321] CPU: 0 UID: 0 PID: 21321 Comm: syz.3.4384 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 935.903800][T21321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 935.914082][T21321] Call Trace: [ 935.917401][T21321] [ 935.920362][T21321] dump_stack_lvl+0x241/0x360 [ 935.925091][T21321] ? __pfx_dump_stack_lvl+0x10/0x10 [ 935.930338][T21321] ? __pfx__printk+0x10/0x10 [ 935.934992][T21321] ? fs_reclaim_acquire+0x93/0x140 [ 935.940157][T21321] ? __pfx___might_resched+0x10/0x10 [ 935.945498][T21321] ? dynamic_dname+0x141/0x1b0 [ 935.950319][T21321] should_fail_ex+0x3b0/0x4e0 [ 935.955061][T21321] ? tomoyo_encode+0x26f/0x540 [ 935.959877][T21321] should_failslab+0xac/0x100 [ 935.964609][T21321] ? tomoyo_encode+0x26f/0x540 [ 935.969436][T21321] __kmalloc_noprof+0xd8/0x400 [ 935.974275][T21321] tomoyo_encode+0x26f/0x540 [ 935.978936][T21321] ? __pfx_anon_inodefs_dname+0x10/0x10 [ 935.984817][T21321] tomoyo_realpath_from_path+0x59e/0x5e0 [ 935.990515][T21321] tomoyo_path_number_perm+0x23a/0x880 [ 935.996038][T21321] ? tomoyo_path_number_perm+0x208/0x880 [ 936.001786][T21321] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 936.007882][T21321] ? __pfx_lock_acquire+0x10/0x10 [ 936.013191][T21321] ? __fget_files+0x29/0x470 [ 936.017871][T21321] ? __fget_files+0x3f3/0x470 [ 936.022610][T21321] security_file_ioctl_compat+0xc6/0x2a0 [ 936.028316][T21321] __se_compat_sys_ioctl+0xd6/0xc90 [ 936.033629][T21321] ? __pfx___se_compat_sys_ioctl+0x10/0x10 [ 936.039574][T21321] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 936.045602][T21321] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 936.052028][T21321] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 936.058901][T21321] ? lockdep_hardirqs_on+0x99/0x150 [ 936.064253][T21321] __do_fast_syscall_32+0xb4/0x110 [ 936.069421][T21321] ? exc_page_fault+0x590/0x8c0 [ 936.074339][T21321] do_fast_syscall_32+0x34/0x80 [ 936.079269][T21321] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 936.085711][T21321] RIP: 0023:0xf740d579 [ 936.089825][T21321] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 936.110242][T21321] RSP: 002b:00000000f56f656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 936.118856][T21321] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c028ae92 [ 936.126848][T21321] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 936.134848][T21321] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 936.142939][T21321] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 936.151227][T21321] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 936.159248][T21321] [ 936.207717][T21321] ERROR: Out of memory at tomoyo_realpath_from_path. [ 936.755555][T21340] FAULT_INJECTION: forcing a failure. [ 936.755555][T21340] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 936.755595][T21340] CPU: 1 UID: 0 PID: 21340 Comm: syz.0.4390 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 936.755625][T21340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 936.755641][T21340] Call Trace: [ 936.755652][T21340] [ 936.755664][T21340] dump_stack_lvl+0x241/0x360 [ 936.755696][T21340] ? __pfx_dump_stack_lvl+0x10/0x10 [ 936.755723][T21340] ? __pfx__printk+0x10/0x10 [ 936.755772][T21340] should_fail_ex+0x3b0/0x4e0 [ 936.755818][T21340] strncpy_from_user+0x36/0x250 [ 936.755857][T21340] getname_flags+0xf1/0x540 [ 936.755901][T21340] do_sys_openat2+0xd2/0x1d0 [ 936.755936][T21340] ? __pfx_do_sys_openat2+0x10/0x10 [ 936.755981][T21340] __ia32_compat_sys_openat+0x23f/0x290 [ 936.756018][T21340] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 936.756060][T21340] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 936.756099][T21340] ? lockdep_hardirqs_on+0x99/0x150 [ 936.756137][T21340] __do_fast_syscall_32+0xb4/0x110 [ 936.756163][T21340] ? exc_page_fault+0x590/0x8c0 [ 936.756202][T21340] do_fast_syscall_32+0x34/0x80 [ 936.756227][T21340] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 936.756255][T21340] RIP: 0023:0xf73cd579 [ 936.756276][T21340] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 936.756298][T21340] RSP: 002b:00000000f56b656c EFLAGS: 00000206 ORIG_RAX: 0000000000000127 [ 936.756327][T21340] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000200024c0 [ 936.756346][T21340] RDX: 0000000000000480 RSI: 0000000000000000 RDI: 0000000000000000 [ 936.756362][T21340] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 936.756379][T21340] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 936.756395][T21340] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 936.756426][T21340] [ 936.800627][ T8] usb 4-1: new high-speed USB device number 108 using dummy_hcd [ 936.860026][T21342] netlink: 67 bytes leftover after parsing attributes in process `syz.0.4391'. [ 936.860059][T21342] IPv6: NLM_F_CREATE should be specified when creating new route [ 936.860162][T21342] IPv6: Can't replace route, no match found [ 936.964297][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 936.987437][ T8] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 936.988812][ T8] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 936.988846][ T8] usb 4-1: New USB device strings: Mfr=1, Product=8, SerialNumber=0 [ 936.988871][ T8] usb 4-1: Product: syz [ 936.988890][ T8] usb 4-1: Manufacturer: syz [ 936.991109][ T8] usb 4-1: config 0 descriptor?? [ 936.991776][T21331] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 937.220553][ T5286] usb 4-1: USB disconnect, device number 108 [ 938.622583][T21364] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4399'. [ 938.970758][T17327] Bluetooth: hci1: command 0x0406 tx timeout [ 939.290762][ T8] usb 1-1: new high-speed USB device number 116 using dummy_hcd [ 939.383797][T21378] FAULT_INJECTION: forcing a failure. [ 939.383797][T21378] name failslab, interval 1, probability 0, space 0, times 0 [ 939.427700][T21378] CPU: 0 UID: 0 PID: 21378 Comm: syz.3.4405 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 939.438556][T21378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 939.448662][T21378] Call Trace: [ 939.451982][T21378] [ 939.454950][T21378] dump_stack_lvl+0x241/0x360 [ 939.459675][T21378] ? __pfx_dump_stack_lvl+0x10/0x10 [ 939.464916][T21378] ? __pfx__printk+0x10/0x10 [ 939.469568][T21378] ? kmem_cache_alloc_lru_noprof+0x49/0x2b0 [ 939.475525][T21378] ? __pfx___might_resched+0x10/0x10 [ 939.480869][T21378] should_fail_ex+0x3b0/0x4e0 [ 939.485679][T21378] ? __d_alloc+0x31/0x700 [ 939.490056][T21378] should_failslab+0xac/0x100 [ 939.494789][T21378] ? __d_alloc+0x31/0x700 [ 939.499171][T21378] kmem_cache_alloc_lru_noprof+0x71/0x2b0 [ 939.504949][T21378] __d_alloc+0x31/0x700 [ 939.509159][T21378] d_alloc_parallel+0xdf/0x1600 [ 939.514063][T21378] ? __asan_memset+0x23/0x50 [ 939.518707][T21378] ? __asan_memset+0x23/0x50 [ 939.523352][T21378] ? lockdep_init_map_type+0xa1/0x910 [ 939.528790][T21378] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 939.534653][T21378] ? __pfx_d_alloc_parallel+0x10/0x10 [ 939.540121][T21378] ? __init_waitqueue_head+0xae/0x150 [ 939.545575][T21378] proc_fill_cache+0x296/0x420 [ 939.550399][T21378] ? __pfx_lock_acquire+0x10/0x10 [ 939.555489][T21378] ? __pfx_proc_pident_instantiate+0x10/0x10 [ 939.561527][T21378] ? __pfx_proc_fill_cache+0x10/0x10 [ 939.566862][T21378] ? __pfx_filldir64+0x10/0x10 [ 939.571796][T21378] proc_pident_readdir+0x377/0x4b0 [ 939.576995][T21378] iterate_dir+0x571/0x800 [ 939.581464][T21378] __se_sys_getdents64+0x1d3/0x4a0 [ 939.586631][T21378] ? __pfx___se_sys_getdents64+0x10/0x10 [ 939.592479][T21378] ? __pfx_filldir64+0x10/0x10 [ 939.597293][T21378] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 939.604033][T21378] ? lockdep_hardirqs_on+0x99/0x150 [ 939.609289][T21378] __do_fast_syscall_32+0xb4/0x110 [ 939.614445][T21378] ? exc_page_fault+0x590/0x8c0 [ 939.619356][T21378] do_fast_syscall_32+0x34/0x80 [ 939.624246][T21378] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 939.630620][T21378] RIP: 0023:0xf740d579 [ 939.634737][T21378] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 939.654511][T21378] RSP: 002b:00000000f56d556c EFLAGS: 00000206 ORIG_RAX: 00000000000000dc [ 939.662986][T21378] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020002f40 [ 939.682482][T21378] RDX: 0000000000000ffc RSI: 0000000000000000 RDI: 0000000000000000 [ 939.690598][T21378] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 939.698619][T21378] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 939.706736][T21378] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 939.714780][T21378] [ 939.865821][ T8] usb 1-1: config index 0 descriptor too short (expected 9, got 0) [ 939.891493][ T8] usb 1-1: can't read configurations, error -22 [ 940.051323][ T8] usb 1-1: new high-speed USB device number 117 using dummy_hcd [ 940.098936][T21386] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 940.120650][T21386] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 940.140398][T21385] FAULT_INJECTION: forcing a failure. [ 940.140398][T21385] name failslab, interval 1, probability 0, space 0, times 0 [ 940.209901][T21385] CPU: 0 UID: 0 PID: 21385 Comm: syz.1.4408 Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 940.220752][T21385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 940.230856][T21385] Call Trace: [ 940.234173][T21385] [ 940.237141][T21385] dump_stack_lvl+0x241/0x360 [ 940.241869][T21385] ? __pfx_dump_stack_lvl+0x10/0x10 [ 940.247114][T21385] ? __pfx__printk+0x10/0x10 [ 940.251763][T21385] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 940.257798][T21385] ? __pfx___might_resched+0x10/0x10 [ 940.263142][T21385] should_fail_ex+0x3b0/0x4e0 [ 940.267879][T21385] should_failslab+0xac/0x100 [ 940.272607][T21385] ? __alloc_skb+0x1c3/0x440 [ 940.277241][T21385] kmem_cache_alloc_node_noprof+0x71/0x320 [ 940.283105][T21385] __alloc_skb+0x1c3/0x440 [ 940.287571][T21385] ? __pfx___alloc_skb+0x10/0x10 [ 940.292554][T21385] ? netlink_autobind+0xd6/0x2f0 [ 940.297536][T21385] ? netlink_autobind+0x2b0/0x2f0 [ 940.302609][T21385] netlink_sendmsg+0x638/0xcb0 [ 940.307424][T21385] ? __pfx_netlink_sendmsg+0x10/0x10 [ 940.312754][T21385] ? __pfx_lock_release+0x10/0x10 [ 940.317835][T21385] ? aa_sock_msg_perm+0x91/0x160 [ 940.322824][T21385] ? __pfx_netlink_sendmsg+0x10/0x10 [ 940.328148][T21385] __sock_sendmsg+0x221/0x270 [ 940.332878][T21385] ____sys_sendmsg+0x52a/0x7e0 [ 940.338043][T21385] ? __pfx_____sys_sendmsg+0x10/0x10 [ 940.343390][T21385] __sys_sendmsg+0x292/0x380 [ 940.348032][T21385] ? __pfx___sys_sendmsg+0x10/0x10 [ 940.353202][T21385] ? __pfx_vfs_write+0x10/0x10 [ 940.358043][T21385] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 940.364689][T21385] ? lockdep_hardirqs_on+0x99/0x150 [ 940.369942][T21385] __do_fast_syscall_32+0xb4/0x110 [ 940.375096][T21385] ? exc_page_fault+0x590/0x8c0 [ 940.380003][T21385] do_fast_syscall_32+0x34/0x80 [ 940.384897][T21385] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 940.391270][T21385] RIP: 0023:0xf7f42579 [ 940.395388][T21385] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 940.415137][T21385] RSP: 002b:00000000f56c656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 940.423607][T21385] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000 [ 940.431623][T21385] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 940.439656][T21385] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 940.447666][T21385] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 940.455682][T21385] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 940.463711][T21385] [ 940.487020][ T9] usb 3-1: new high-speed USB device number 80 using dummy_hcd [ 940.623924][ T8] usb 1-1: config index 0 descriptor too short (expected 9, got 0) [ 940.623968][ T8] usb 1-1: can't read configurations, error -22 [ 940.631587][ T8] usb usb1-port1: attempt power cycle [ 940.710697][ T9] usb 3-1: Using ep0 maxpacket: 8 [ 940.731328][ T9] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 940.731365][ T9] usb 3-1: config 0 has no interface number 0 [ 940.731406][ T9] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 940.731452][ T9] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 940.731481][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 940.822421][ T9] usb 3-1: config 0 descriptor?? [ 940.834135][ T9] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 940.991505][ T8] usb 1-1: new high-speed USB device number 118 using dummy_hcd [ 941.030497][ T8] usb 1-1: config index 0 descriptor too short (expected 9, got 0) [ 941.030543][ T8] usb 1-1: can't read configurations, error -22 [ 941.056213][ T9] usb 3-1: USB disconnect, device number 80 [ 941.058141][ T9] iowarrior 3-1:0.1: I/O-Warror #0 now disconnected [ 941.167064][ T8] usb 1-1: new high-speed USB device number 119 using dummy_hcd [ 941.189146][ T8] usb 1-1: config index 0 descriptor too short (expected 9, got 0) [ 941.189191][ T8] usb 1-1: can't read configurations, error -22 [ 941.189672][ T8] usb usb1-port1: unable to enumerate USB device [ 941.914602][T21402] input: syz0 as /devices/virtual/input/input189 [ 943.984591][T21427] atomic_op ffff88805d612998 conn xmit_atomic 0000000000000000 [ 945.380555][ T5289] usb 1-1: new high-speed USB device number 120 using dummy_hcd [ 945.540543][ T5289] usb 1-1: Using ep0 maxpacket: 32 [ 945.556942][ T5289] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 945.576163][ T5289] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 945.589811][ T5289] usb 1-1: New USB device strings: Mfr=1, Product=8, SerialNumber=0 [ 945.604421][ T5289] usb 1-1: Product: syz [ 945.608829][ T5289] usb 1-1: Manufacturer: syz [ 945.618590][ T5289] usb 1-1: config 0 descriptor?? [ 945.639649][T21434] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 950.956956][T18091] syz_tun (unregistering): left allmulticast mode [ 950.969783][T18091] syz_tun (unregistering): left promiscuous mode [ 950.997385][T18091] bridge0: port 3(syz_tun) entered disabled state [ 951.123880][T21402] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4414'. [ 952.265656][T17566] usb 5-1: USB disconnect, device number 89 [ 952.816761][T17327] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 952.831134][T17327] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 952.842633][T17327] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 952.851073][T17327] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 952.858972][T17327] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 952.867018][T17327] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 953.092452][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 953.119164][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 953.140692][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 953.151300][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 953.159037][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 953.168360][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 954.890595][ T54] Bluetooth: hci2: command tx timeout [ 954.996828][ T8] usb 1-1: USB disconnect, device number 120 [ 955.210533][ T54] Bluetooth: hci1: command tx timeout [ 956.103624][T21451] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8) [ 956.110909][T21451] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 956.181380][T21451] vhci_hcd vhci_hcd.0: Device attached [ 956.380088][T17327] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 956.394599][T17327] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 956.416030][T17327] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 956.428466][T17327] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 956.442883][T17327] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 956.451000][ T9] usb 15-1: new high-speed USB device number 2 using vhci_hcd [ 956.458962][T17327] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 956.589553][ T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 956.606956][ T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 956.618770][ T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 956.640111][ T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 956.650804][ T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 956.660099][ T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 956.667558][ T8] usb 4-1: new high-speed USB device number 109 using dummy_hcd [ 956.880433][ T8] usb 4-1: Using ep0 maxpacket: 16 [ 956.888521][ T8] usb 4-1: too many configurations: 246, using maximum allowed: 8 [ 956.975223][ T8] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 956.984729][T17327] Bluetooth: hci2: command tx timeout [ 956.999808][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 957.008450][ T8] usb 4-1: Product: syz [ 957.018297][ T8] usb 4-1: Manufacturer: syz [ 957.027381][ T8] usb 4-1: SerialNumber: syz [ 957.043996][ T8] r8152-cfgselector 4-1: Unknown version 0x0000 [ 957.059267][ T8] r8152-cfgselector 4-1: config 0 descriptor?? [ 957.290527][T17327] Bluetooth: hci1: command tx timeout [ 958.490675][T17327] Bluetooth: hci0: command tx timeout [ 958.730579][T17327] Bluetooth: hci3: command tx timeout [ 959.050611][T17327] Bluetooth: hci2: command tx timeout [ 959.370669][T17327] Bluetooth: hci1: command tx timeout [ 960.570776][T17327] Bluetooth: hci0: command tx timeout [ 960.810640][T17327] Bluetooth: hci3: command tx timeout [ 961.130817][T17327] Bluetooth: hci2: command tx timeout [ 961.456303][T17327] Bluetooth: hci1: command tx timeout [ 962.650513][T17327] Bluetooth: hci0: command tx timeout [ 962.890541][T17327] Bluetooth: hci3: command tx timeout [ 964.730625][T17327] Bluetooth: hci0: command tx timeout [ 964.970601][T17327] Bluetooth: hci3: command tx timeout [ 966.178115][ T54] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 966.190984][ T54] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 966.200072][ T54] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 966.210894][ T54] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 966.226528][ T54] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 966.237881][ T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 967.373760][T21451] netlink: 'syz.3.4434': attribute type 10 has an invalid length. [ 967.390761][T21451] bridge0: port 3(netdevsim0) entered blocking state [ 967.397741][T21451] bridge0: port 3(netdevsim0) entered disabled state [ 967.417636][T21451] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 967.431548][T21451] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 967.447422][T21451] bridge0: port 3(netdevsim0) entered blocking state [ 967.454247][T21451] bridge0: port 3(netdevsim0) entered forwarding state [ 968.330603][ T54] Bluetooth: hci5: command tx timeout [ 970.410559][ T54] Bluetooth: hci5: command tx timeout [ 972.490670][ T54] Bluetooth: hci5: command tx timeout [ 974.570525][ T54] Bluetooth: hci5: command tx timeout [ 993.227793][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.234309][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 1013.013816][T17327] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1013.024354][T17327] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1013.038893][T17327] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1013.048724][T17327] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1013.056888][T17327] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1013.070665][T17327] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1013.157044][T17327] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1013.169627][T17327] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1013.178899][T17327] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1013.198846][T17327] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1013.206735][T17327] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 1013.219089][T17327] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1015.136573][ T54] Bluetooth: hci4: command tx timeout [ 1015.300591][ T54] Bluetooth: hci6: command tx timeout [ 1016.572954][T17327] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 1016.586549][T17327] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 1016.597338][T17327] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 1016.610524][T17327] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 1016.621868][T17327] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 1016.629297][T17327] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 1016.720021][ T54] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 1016.739604][ T54] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 1016.752868][ T54] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 1016.763022][ T54] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 1016.770910][ T54] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 1016.778342][ T54] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 1017.210591][ T54] Bluetooth: hci4: command tx timeout [ 1017.372783][ T54] Bluetooth: hci6: command tx timeout [ 1018.730546][ T54] Bluetooth: hci7: command tx timeout [ 1018.811112][ T54] Bluetooth: hci8: command tx timeout [ 1019.290514][ T54] Bluetooth: hci4: command tx timeout [ 1019.450559][ T54] Bluetooth: hci6: command tx timeout [ 1020.812780][ T54] Bluetooth: hci7: command tx timeout [ 1020.890729][ T54] Bluetooth: hci8: command tx timeout [ 1021.370551][ T54] Bluetooth: hci4: command tx timeout [ 1021.530494][ T54] Bluetooth: hci6: command tx timeout [ 1022.895691][ T54] Bluetooth: hci7: command tx timeout [ 1022.970512][ T54] Bluetooth: hci8: command tx timeout [ 1024.970461][ T54] Bluetooth: hci7: command tx timeout [ 1025.050555][ T54] Bluetooth: hci8: command tx timeout [ 1026.271195][T17327] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 1026.282817][T17327] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 1026.291474][T17327] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 1026.301895][T17327] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 1026.309633][T17327] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 1026.317373][T17327] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 1028.410795][T17327] Bluetooth: hci9: command tx timeout [ 1030.490624][ T54] Bluetooth: hci9: command tx timeout [ 1032.570919][ T54] Bluetooth: hci9: command tx timeout [ 1034.650670][ T54] Bluetooth: hci9: command tx timeout [ 1054.658482][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.664960][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 1074.758459][T17327] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 1074.777889][T17327] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 1074.788515][T17327] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 1074.798581][T17327] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 1074.806732][T17327] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 1074.814425][T17327] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 1074.946361][ T54] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 1074.959243][ T54] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 1074.980583][ T54] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 1074.995154][ T54] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 1075.006601][ T54] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 1075.014590][ T54] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 1076.906833][ T5245] Bluetooth: hci10: command tx timeout [ 1077.140875][ T5245] Bluetooth: hci11: command tx timeout [ 1077.203609][T21504] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 1077.217618][T21504] Bluetooth: hci1: command 0x0406 tx timeout [ 1077.223901][T21504] Bluetooth: hci2: command 0x0406 tx timeout [ 1077.238166][T21504] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 1077.250825][T21504] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 1077.259075][T21509] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 1077.267509][T21509] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 1077.275074][T21509] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 1077.396169][T21508] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 1077.409004][T21508] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 1077.419520][T21508] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 1077.432598][T21508] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 1077.440790][T21508] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 1077.451621][T21508] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 1078.970527][ T5245] Bluetooth: hci10: command tx timeout [ 1079.210435][ T5245] Bluetooth: hci11: command tx timeout [ 1081.055587][T21514] Bluetooth: hci10: command tx timeout [ 1081.290495][T21514] Bluetooth: hci11: command tx timeout [ 1082.330566][T21514] Bluetooth: hci0: command 0x0406 tx timeout [ 1082.336737][T21514] Bluetooth: hci3: command 0x0406 tx timeout [ 1083.130807][T21515] Bluetooth: hci10: command tx timeout [ 1083.370499][T21515] Bluetooth: hci11: command tx timeout [ 1087.438217][T21504] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 1087.453930][T21504] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 1087.471036][T21504] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 1087.484557][T21504] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 1087.500591][T21504] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 1087.508196][T21504] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 1092.578593][T21514] Bluetooth: hci5: command 0x0406 tx timeout [ 1116.093427][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.099842][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 1124.410725][ T30] INFO: task kworker/0:1:9 blocked for more than 143 seconds. [ 1124.418268][ T30] Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1124.459171][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1124.506903][ T30] task:kworker/0:1 state:D stack:19128 pid:9 tgid:9 ppid:2 flags:0x00004000 [ 1124.543001][ T30] Workqueue: usb_hub_wq hub_event [ 1124.548144][ T30] Call Trace: [ 1124.645396][ T30] [ 1124.648416][ T30] __schedule+0x1895/0x4b30 [ 1124.710537][ T30] ? __pfx___schedule+0x10/0x10 [ 1124.715661][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1124.759376][ T30] ? __pfx_lock_release+0x10/0x10 [ 1124.787508][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 1124.816229][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 1124.850309][ T30] ? schedule+0x90/0x320 [ 1124.854650][ T30] schedule+0x14b/0x320 [ 1124.910328][ T30] usb_kill_urb+0x1c9/0x300 [ 1124.914989][ T30] ? __pfx_usb_kill_urb+0x10/0x10 [ 1124.920069][ T30] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1125.006240][ T30] usb_start_wait_urb+0x1b0/0x520 [ 1125.034037][ T30] ? __pfx_usb_start_wait_urb+0x10/0x10 [ 1125.039698][ T30] ? __kmalloc_noprof+0x21a/0x400 [ 1125.078843][ T30] usb_control_msg+0x2b1/0x4c0 [ 1125.095776][ T30] ? __pfx_usb_control_msg+0x10/0x10 [ 1125.124799][ T30] ? __kasan_kmalloc+0x98/0xb0 [ 1125.129659][ T30] ? hub_port_init+0x178/0x2670 [ 1125.160396][ T30] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 1125.199706][ T30] hub_port_init+0xc21/0x2670 [ 1125.210520][ T30] hub_event+0x2962/0x5150 [ 1125.215068][ T30] ? __pfx_hub_event+0x10/0x10 [ 1125.219892][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 1125.276723][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1125.296346][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1125.320209][ T30] ? process_scheduled_works+0x976/0x1850 [ 1125.326234][ T30] process_scheduled_works+0xa63/0x1850 [ 1125.370038][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 1125.390422][ T30] ? assign_work+0x364/0x3d0 [ 1125.395297][ T30] worker_thread+0x870/0xd30 [ 1125.399961][ T30] ? __kthread_parkme+0x169/0x1d0 [ 1125.447422][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1125.470455][ T30] kthread+0x2f0/0x390 [ 1125.505135][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1125.520164][ T30] ? __pfx_kthread+0x10/0x10 [ 1125.540461][ T30] ret_from_fork+0x4b/0x80 [ 1125.544982][ T30] ? __pfx_kthread+0x10/0x10 [ 1125.549628][ T30] ret_from_fork_asm+0x1a/0x30 [ 1125.584580][ T30] [ 1125.595110][ T30] INFO: task kworker/u8:4:62 blocked for more than 144 seconds. [ 1125.620528][ T30] Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 1125.644961][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1125.677301][ T30] task:kworker/u8:4 state:D stack:19920 pid:62 tgid:62 ppid:2 flags:0x00004000 [ 1125.726248][ T30] Workqueue: netns cleanup_net [ 1125.746344][ T30] Call Trace: [ 1125.749700][ T30] [ 1125.764199][ T30] __schedule+0x1895/0x4b30 [ 1125.768826][ T30] ? __pfx___schedule+0x10/0x10 [ 1125.797992][ T30] ? __pfx_lock_release+0x10/0x10 [ 1125.816196][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1125.826663][ T30] ? kthread_data+0x52/0xd0 [ 1125.840754][ T30] ? schedule+0x90/0x320 [ 1125.855419][ T30] ? wq_worker_sleeping+0x66/0x240 [ 1125.866855][ T30] ? schedule+0x90/0x320 [ 1125.880321][ T30] schedule+0x14b/0x320 [ 1125.897238][ T30] schedule_preempt_disabled+0x13/0x30 [ 1125.906973][ T30] __mutex_lock+0x6a7/0xd70 [ 1125.925538][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1125.940288][ T30] ? __mutex_lock+0x52a/0xd70 [ 1125.949207][ T30] ? nsim_destroy+0x71/0x5c0 [ 1125.958675][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1125.987423][ T30] ? __pfx_mntput_no_expire+0x10/0x10 [ 1126.016674][ T30] ? _raw_spin_unlock+0x28/0x50 [ 1126.025637][ T30] ? simple_release_fs+0x9c/0xd0 [ 1126.043752][ T30] nsim_destroy+0x71/0x5c0 [ 1126.048278][ T30] ? nsim_dev_reload_destroy+0x28a/0x490 [ 1126.070312][ T30] __nsim_dev_port_del+0x14b/0x1b0 [ 1126.075572][ T30] nsim_dev_reload_destroy+0x28a/0x490 [ 1126.094575][ T30] nsim_dev_reload_down+0x98/0xd0 [ 1126.099697][ T30] devlink_reload+0x18b/0x870 [ 1126.106991][ T30] ? __pfx_devlink_reload+0x10/0x10 [ 1126.117447][ T30] devlink_pernet_pre_exit+0x1f3/0x440 [ 1126.124589][ T30] ? __pfx_devlink_pernet_pre_exit+0x10/0x10 [ 1126.136915][ T30] ? class_remove_file_ns+0x121/0x160 [ 1126.144011][ T30] cleanup_net+0x615/0xcc0 [ 1126.148515][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 1126.158838][ T30] ? process_scheduled_works+0x976/0x1850 [ 1126.166219][ T30] process_scheduled_works+0xa63/0x1850 [ 1126.178318][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 1126.186094][ T30] ? assign_work+0x364/0x3d0 [ 1126.197415][ T30] worker_thread+0x870/0xd30 [ 1126.203682][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1126.210092][ T30] ? __kthread_parkme+0x169/0x1d0 [ 1126.223146][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1126.228340][ T30] kthread+0x2f0/0x390 [ 1126.237556][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1126.244405][ T30] ? __pfx_kthread+0x10/0x10 [ 1126.249059][ T30] ret_from_fork+0x4b/0x80 [ 1126.260286][ T30] ? __pfx_kthread+0x10/0x10 [ 1126.265119][ T30] ret_from_fork_asm+0x1a/0x30 [ 1126.269992][ T30] [ 1126.302235][ T30] INFO: task kworker/u8:8:2551 blocked for more than 145 seconds. [ 1126.358741][T21509] Bluetooth: hci12: command tx timeout [ 1126.448612][ T30] Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 1126.476276][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1126.496459][ T30] task:kworker/u8:8 state:D stack:20480 pid:2551 tgid:2551 ppid:2 flags:0x00004000 [ 1126.535184][ T30] Workqueue: events_unbound linkwatch_event [ 1126.544078][ T30] Call Trace: [ 1126.547432][ T30] [ 1126.570445][ T30] __schedule+0x1895/0x4b30 [ 1126.575071][ T30] ? __pfx___schedule+0x10/0x10 [ 1126.579997][ T30] ? __pfx_lock_release+0x10/0x10 [ 1126.605572][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1126.626851][ T30] ? kthread_data+0x52/0xd0 [ 1126.646187][ T30] ? schedule+0x90/0x320 [ 1126.651026][ T30] ? wq_worker_sleeping+0x66/0x240 [ 1126.656215][ T30] ? schedule+0x90/0x320 [ 1126.686231][ T30] schedule+0x14b/0x320 [ 1126.701186][ T30] schedule_preempt_disabled+0x13/0x30 [ 1126.706829][ T30] __mutex_lock+0x6a7/0xd70 [ 1126.730671][ T30] ? __mutex_lock+0x52a/0xd70 [ 1126.735443][ T30] ? linkwatch_event+0xe/0x60 [ 1126.760442][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1126.765590][ T30] ? process_scheduled_works+0x976/0x1850 [ 1126.790413][ T30] linkwatch_event+0xe/0x60 [ 1126.795014][ T30] process_scheduled_works+0xa63/0x1850 [ 1126.810357][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 1126.816441][ T30] ? assign_work+0x364/0x3d0 [ 1126.848070][ T30] worker_thread+0x870/0xd30 [ 1126.860512][ T30] ? __kthread_parkme+0x169/0x1d0 [ 1126.865639][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1126.890295][ T30] kthread+0x2f0/0x390 [ 1126.894463][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1126.899645][ T30] ? __pfx_kthread+0x10/0x10 [ 1126.923080][ T30] ret_from_fork+0x4b/0x80 [ 1126.927592][ T30] ? __pfx_kthread+0x10/0x10 [ 1126.950291][ T30] ret_from_fork_asm+0x1a/0x30 [ 1126.955212][ T30] [ 1126.986322][ T30] INFO: task syz-executor:21442 blocked for more than 145 seconds. [ 1127.025944][ T30] Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 1127.049364][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1127.076900][ T30] task:syz-executor state:D stack:25488 pid:21442 tgid:21442 ppid:1 flags:0x20004006 [ 1127.110965][ T30] Call Trace: [ 1127.114324][ T30] [ 1127.117563][ T30] __schedule+0x1895/0x4b30 [ 1127.135040][ T30] ? __pfx___schedule+0x10/0x10 [ 1127.139999][ T30] ? __pfx_lock_release+0x10/0x10 [ 1127.170449][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1127.176034][ T30] ? schedule+0x90/0x320 [ 1127.200512][ T30] schedule+0x14b/0x320 [ 1127.204781][ T30] schedule_preempt_disabled+0x13/0x30 [ 1127.220371][ T30] __mutex_lock+0x6a7/0xd70 [ 1127.224976][ T30] ? __mutex_lock+0x52a/0xd70 [ 1127.229792][ T30] ? ip_tunnel_init_net+0x20e/0x720 [ 1127.266186][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1127.280502][ T30] ? read_word_at_a_time+0xe/0x20 [ 1127.285616][ T30] ? sized_strscpy+0x8d/0x220 [ 1127.315565][ T30] ip_tunnel_init_net+0x20e/0x720 [ 1127.323050][ T30] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 1127.328697][ T30] vti_init_net+0x2e/0xf0 [ 1127.350369][ T30] ops_init+0x31e/0x590 [ 1127.354634][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 1127.360086][ T30] setup_net+0x287/0x9e0 [ 1127.400507][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 1127.406155][ T30] ? __pfx_setup_net+0x10/0x10 [ 1127.430519][ T30] copy_net_ns+0x33f/0x570 [ 1127.435040][ T30] create_new_namespaces+0x425/0x7b0 [ 1127.450382][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 1127.456210][ T30] ksys_unshare+0x57d/0xa70 [ 1127.477630][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 1127.516258][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1127.537800][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 1127.551791][ T30] __ia32_sys_unshare+0x37/0x40 [ 1127.556813][ T30] __do_fast_syscall_32+0xb4/0x110 [ 1127.587743][ T30] ? exc_page_fault+0x590/0x8c0 [ 1127.600489][ T30] do_fast_syscall_32+0x34/0x80 [ 1127.605439][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1127.639427][ T30] RIP: 0023:0xf7f21579 [ 1127.660519][ T30] RSP: 002b:00000000f750ff7c EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 1127.669033][ T30] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 0000000000000000 [ 1127.702783][ T30] RDX: 00000000f73abff4 RSI: 00000000f728224b RDI: 0000000030000000 [ 1127.724323][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1127.749420][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1127.780301][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1127.788375][ T30] [ 1127.810508][ T30] INFO: task syz-executor:21444 blocked for more than 146 seconds. [ 1127.818574][ T30] Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 1128.466539][T17327] Bluetooth: hci12: command tx timeout [ 1128.472207][T21509] Bluetooth: hci13: command tx timeout [ 1129.970622][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1130.028434][ T30] task:syz-executor state:D stack:26016 pid:21444 tgid:21444 ppid:1 flags:0x20004006 [ 1130.072997][ T30] Call Trace: [ 1130.076445][ T30] [ 1130.079420][ T30] __schedule+0x1895/0x4b30 [ 1130.097302][ T30] ? __pfx___schedule+0x10/0x10 [ 1130.103772][ T30] ? __pfx_lock_release+0x10/0x10 [ 1130.108880][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1130.119627][ T30] ? schedule+0x90/0x320 [ 1130.126707][ T30] schedule+0x14b/0x320 [ 1130.136608][ T30] schedule_preempt_disabled+0x13/0x30 [ 1130.143716][ T30] __mutex_lock+0x6a7/0xd70 [ 1130.148291][ T30] ? __mutex_lock+0x52a/0xd70 [ 1130.158244][ T30] ? ip_tunnel_init_net+0x20e/0x720 [ 1130.165165][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1130.176029][ T30] ip_tunnel_init_net+0x20e/0x720 [ 1130.185139][ T30] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 1130.196475][ T30] ? ops_init+0x75/0x590 [ 1130.202925][ T30] ops_init+0x31e/0x590 [ 1130.207348][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 1130.219135][ T30] setup_net+0x287/0x9e0 [ 1130.225128][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 1130.235865][ T30] ? __pfx_setup_net+0x10/0x10 [ 1130.242274][ T30] copy_net_ns+0x33f/0x570 [ 1130.246770][ T30] create_new_namespaces+0x425/0x7b0 [ 1130.257406][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 1130.266026][ T30] ksys_unshare+0x57d/0xa70 [ 1130.275842][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 1130.282493][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1130.296711][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 1130.306516][ T30] __ia32_sys_unshare+0x37/0x40 [ 1130.316540][ T30] __do_fast_syscall_32+0xb4/0x110 [ 1130.323461][ T30] ? exc_page_fault+0x590/0x8c0 [ 1130.328393][ T30] do_fast_syscall_32+0x34/0x80 [ 1130.340151][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1130.348132][ T30] RIP: 0023:0xf744d579 [ 1130.357345][ T30] RSP: 002b:00000000f759ff7c EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 1130.367441][ T30] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 0000000000000000 [ 1130.380387][ T30] RDX: 00000000f743bff4 RSI: 00000000f731224b RDI: 0000000030000000 [ 1130.392912][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1130.405715][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1130.418327][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1130.430398][ T30] [ 1130.491810][T21515] Bluetooth: hci12: command tx timeout [ 1130.498830][T21513] Bluetooth: hci13: command tx timeout [ 1131.310397][ T30] INFO: task syz-executor:21457 blocked for more than 150 seconds. [ 1131.318464][ T30] Not tainted 6.12.0-rc1-syzkaller-00381-g2a130b7e1fcd #0 [ 1131.342490][ T940] r8152-cfgselector 4-1: USB disconnect, device number 109 [ 1133.490440][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1133.499195][ T30] task:syz-executor state:D stack:26432 pid:21457 tgid:21457 ppid:1 flags:0x20004006 [ 1133.525161][T21504] Bluetooth: hci14: command tx timeout [ 1133.532467][T21504] Bluetooth: hci13: command tx timeout [ 1133.538009][T21504] Bluetooth: hci12: command tx timeout [ 1133.659640][ T30] Call Trace: [ 1133.677535][ T30] [ 1133.690578][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 1133.695790][ T30] ? __pfx_try_to_wake_up+0x10/0x10 [ 1133.726388][ T30] ? addrconf_notify+0x6a7/0x1020 [ 1133.734717][ T30] ? __pfx___schedule+0x10/0x10 [ 1133.739746][ T30] ? __pfx_lock_release+0x10/0x10 [ 1133.751295][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1133.756843][ T30] ? schedule+0x90/0x320 [ 1133.768470][ T30] ? schedule+0x14b/0x320 [ 1133.775703][ T30] ? schedule_preempt_disabled+0x13/0x30 [ 1133.785862][ T30] ? __mutex_lock+0x6a7/0xd70 [ 1133.793289][ T30] ? __mutex_lock+0x52a/0xd70 [ 1133.798040][ T30] ? ip_tunnel_init_net+0x20e/0x720 [ 1133.807529][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1133.816884][ T30] ? read_word_at_a_time+0xe/0x20 [ 1133.825911][ T30] ? sized_strscpy+0x8d/0x220 [ 1133.833375][ T30] ? ip_tunnel_init_net+0x20e/0x720 [ 1133.838660][ T30] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 1133.849018][ T30] ? ops_init+0x75/0x590 [ 1133.857512][ T30] ? ops_init+0x31e/0x590 [ 1133.865940][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 1133.875362][ T30] ? setup_net+0x287/0x9e0 [ 1133.879866][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 1133.891576][ T30] ? __pfx_setup_net+0x10/0x10 [ 1133.896447][ T30] ? copy_net_ns+0x33f/0x570 [ 1133.907737][ T30] ? create_new_namespaces+0x425/0x7b0 [ 1133.913771][ T30] ? unshare_nsproxy_namespaces+0x124/0x180 [ 1133.919753][ T30] ? ksys_unshare+0x57d/0xa70 [ 1133.930457][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 1133.935657][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1133.949342][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 1133.956851][ T30] ? __ia32_sys_unshare+0x37/0x40 [ 1133.968166][ T30] ? __do_fast_syscall_32+0xb4/0x110 [ 1133.976723][ T30] ? exc_page_fault+0x590/0x8c0 [ 1133.988430][ T30] ? do_fast_syscall_32+0x34/0x80 [ 1133.993923][ T30] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1134.006793][ T30]