last executing test programs: 11.127795753s ago: executing program 2 (id=1299): fsopen(&(0x7f0000000200)='iso9660\x00', 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, 0x0, 0x0, 0x2, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x2c, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) madvise(&(0x7f0000162000/0x3000)=nil, 0x3000, 0x14) 10.722133266s ago: executing program 3 (id=1303): syz_open_dev$mouse(&(0x7f00000001c0), 0x1, 0x18000) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x40000, 0x0) ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000200)={0x2, &(0x7f0000000180)=[{0x3ff, 0x3, 0xa, 0x3}, {0x5657, 0x9e, 0xf, 0x6}]}) listxattr(0x0, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$sndctrl(&(0x7f0000000100), 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0) syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x10, 0x4f3, 0x74d, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x3, 0x30, 0x5, [{{0x9, 0x4, 0x0, 0x8, 0x1, 0x3, 0x1, 0x1, 0x0, {0x9, 0x21, 0xff, 0x1, 0x1, {0x22, 0xbb0}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x2, 0xba, 0x7}}}}}]}}]}}, &(0x7f00000002c0)={0xa, &(0x7f00000000c0)={0xa, 0x6, 0x250, 0x6, 0x8, 0x54, 0xff, 0x2}, 0x0, 0x0}) r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r4 = openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00', 0x49}) socket$inet6_sctp(0xa, 0x5, 0x84) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_int(r6, 0x1, 0x8, 0x0, &(0x7f0000000080)) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8) ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, &(0x7f0000000440)={0x1, 0x20000006}) ioctl$SNDRV_TIMER_IOCTL_START(r3, 0x54a0) close_range(r3, 0xffffffffffffffff, 0x400000000000000) 9.811396947s ago: executing program 2 (id=1306): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00'}) sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002bbd7000fedbdf252500000008000300"], 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x40) 9.258083808s ago: executing program 2 (id=1308): socket$kcm(0x11, 0x200000000000002, 0x300) r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$PPPIOCGL2TPSTATS(0xffffffffffffffff, 0x40047459, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd8010203010902"], 0x0) r3 = socket$inet_smc(0x2b, 0x1, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendto$inet(r3, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0) connect(r3, &(0x7f0000000080)=@un=@abs, 0x80) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x40, 0x0, 0x0) r5 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000000)={r6}, 0x8) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, 0x0) openat$fb0(0xffffffffffffff9c, 0x0, 0x180300, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x9, &(0x7f0000000240)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000002f000000b709000000000000850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x50, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x8, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000620108000000000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 5.814362459s ago: executing program 3 (id=1318): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00'}) sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002bbd7000fedbdf252500000008000300"], 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x40) 5.759731221s ago: executing program 0 (id=1319): ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2d0, 0x18d, 0x1, 0x2, 0xd59f80, 0x3, 0x9, 0xfe, 0x8, 0x7, 0x722, 0x1ff, 0x2800, 0x7f, 0x3c, 0x1d, {0x2, 0xfffffffe}, 0x3, 0xed}}) 5.538116078s ago: executing program 0 (id=1320): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00', @ANYRES16=r0, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r2, @ANYBLOB='\b\x00&'], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 5.450387408s ago: executing program 3 (id=1322): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c00)=@delchain={0x1e4, 0x65, 0x2, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0xa}, {0x0, 0x1}, {0x0, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x11c, 0x2, [@TCA_CGROUP_ACT={0xb0, 0x1, [@m_csum={0xac, 0x4, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x101, 0xc03a, 0x4, 0x7, 0x1}, 0x5c}}]}, {0x61, 0x6, "e74670b59cabc7fa65697fe66a1ce059a1d20f485ae35387641d50a8c5c10c4c6cedb532531e5f7e635039fa9779c4a2c773aacace496b10b0ff8db305aab6261fa1aa50614ac51e5a7a1f2ff850a61103f39752f321152b34d838a149"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}, @TCA_CGROUP_EMATCHES={0x68, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x4}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x40, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x2, 0x0, 0x0, {{0x0, 0x4, 0xb}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x26, 0x73, 0x1}, {0x1, 0xd6}}}]}}, @TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x200, 0x8, 0x1}, {0x4, 0x3, 0x6}}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x80, 0x7, 0x400}, {{0x4, 0x1, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6a}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x7}}]}]}}, @filter_kind_options=@f_flower={{0xb}, {0x48, 0x2, [@TCA_FLOWER_KEY_ICMPV6_TYPE={0x5}, @TCA_FLOWER_KEY_ENC_UDP_DST_PORT={0x6}, @TCA_FLOWER_KEY_VLAN_PRIO={0x5, 0x18, 0x5}, @TCA_FLOWER_KEY_IPV6_SRC_MASK={0x14, 0xf, [0xffffffff, 0xff000000, 0xffffffff, 0xff000000]}, @TCA_FLOWER_KEY_IP_TTL_MASK={0x5, 0x4c, 0x1}, @TCA_FLOWER_KEY_ICMPV4_CODE_MASK={0x5}, @TCA_FLOWER_KEY_ENC_IP_TOS={0x5, 0x50, 0x2}]}}, @filter_kind_options=@f_matchall={{0xd}, {0x34, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xc, 0x3}}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x1}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0xffe0, 0xffe0}}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0xfff3, 0xd}}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x1}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0x4, 0xf}}]}}]}, 0x1e4}, 0x1, 0x0, 0x0, 0x81}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0x402}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 5.394144392s ago: executing program 2 (id=1323): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, 0x0, 0x0) 5.355746673s ago: executing program 0 (id=1324): r0 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r0, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000000) 5.220685721s ago: executing program 2 (id=1326): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000002280)={'ipvlan0\x00', 0x100}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000080)={'nicvf0\x00', 0x400}) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x80002, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[], 0x2a, 0x0) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = syz_io_uring_setup(0x988, &(0x7f0000000280)={0x0, 0x9bee, 0x8, 0xfffffffd, 0x25d}, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_STATX={0x15, 0x4, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000040)='./file0\x00', 0x2, 0x4000, 0x1}) io_uring_enter(r2, 0x52de, 0xf62e, 0x8, 0x0, 0x0) 5.219611623s ago: executing program 3 (id=1327): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1e7d, 0x2d50, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x4, [{{0x9, 0x4, 0x0, 0x0, 0x4, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x3}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0xee}}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000d40)={0x2c, &(0x7f0000000080)=ANY=[@ANYBLOB='\x00!'], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000640)={0x84, &(0x7f00000001c0)={0x40, 0x17, 0x8, "6b5f8d370778fa8e"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000400)=@ethtool_ringparam={0x12, 0x0, 0x20040001, 0x0, 0x1}}) syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000180)) sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, 0x0, 0x4000) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="01020000000000001c0012000c000100626f6e64000000000c000200080001000599"], 0x3c}}, 0x8000) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r6, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x4048841) sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="6400000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000003c0012800e00010069703667726574617000000028000280060003000100000014000700"/54], 0x64}}, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000340)=@raw=[@map_idx={0x18, 0x0, 0x5, 0x0, 0x8}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}, @exit], &(0x7f0000000440)='syzkaller\x00', 0x5a, 0x7f, &(0x7f0000000480)=""/127, 0x40f00, 0xf, '\x00', r4, @fallback=0x30, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x8, 0x3}, 0x8, 0x10, &(0x7f0000000540)={0x1, 0xb, 0xfffffe00, 0x4}, 0x10, 0x0, 0xffffffffffffffff, 0x1, &(0x7f0000000580)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f00000005c0)=[{0x0, 0x5, 0x9, 0x8}], 0x10, 0xf6, @void, @value}, 0x94) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000008c0)={@map, 0x20, 0x0, 0x2, &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xa, 0x0, &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000840)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000880)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0}, 0x40) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000940)='#\xc1%,K+}#-\x00', 0x0}, 0x30) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000009c0)=ANY=[@ANYRES32=r5, @ANYRES32=r7, @ANYBLOB="00000000200000003bf754b00ec1adc200000000", @ANYRES32=r9, @ANYRES64=r8], 0x20) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x770, 0x0, 0xbabd}, 0x1c) r10 = socket$netlink(0x10, 0x3, 0x4) write(r10, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27) 5.159090704s ago: executing program 0 (id=1328): syz_open_dev$mouse(&(0x7f00000001c0), 0x1, 0x18000) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x40000, 0x0) ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000200)={0x2, &(0x7f0000000180)=[{0x3ff, 0x3, 0xa, 0x3}, {0x5657, 0x9e, 0xf, 0x6}]}) listxattr(0x0, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0xc1105511, &(0x7f0000000040)={0x8, 0x3, 0x2, 0x4, 'syz1\x00', 0x2}) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0) syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x10, 0x4f3, 0x74d, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x3, 0x30, 0x5, [{{0x9, 0x4, 0x0, 0x8, 0x1, 0x3, 0x1, 0x1, 0x0, {0x9, 0x21, 0xff, 0x1, 0x1, {0x22, 0xbb0}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x2, 0xba, 0x7}}}}}]}}]}}, &(0x7f00000002c0)={0xa, &(0x7f00000000c0)={0xa, 0x6, 0x250, 0x6, 0x8, 0x54, 0xff, 0x2}, 0x0, 0x0}) r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r4 = openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00', 0x49}) socket$inet6_sctp(0xa, 0x5, 0x84) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_int(r6, 0x1, 0x8, 0x0, &(0x7f0000000080)) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8) ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, &(0x7f0000000440)={0x1, 0x20000006}) ioctl$SNDRV_TIMER_IOCTL_START(r3, 0x54a0) close_range(r3, 0xffffffffffffffff, 0x400000000000000) 5.082975057s ago: executing program 4 (id=1329): r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05604, &(0x7f0000000180)={0xd, @vbi}) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r3, 0x29, 0x1a, &(0x7f0000000100)=0x401, 0x4) setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) bind$inet6(r4, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c) bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) r5 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r5, &(0x7f0000000b40)={0x2, 0x4e22, @multicast1}, 0x10) sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xcc, 0x19, 0x1, 0x0, 0x0, {{@in=@private, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {0x0, 0x1}, 0x0, 0xfffffffd, 0x0, 0x0, 0x2}, [@srcaddr={0x14, 0xd, @in6=@local}]}, 0xcc}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x5b5d}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @empty}]}]}, @IFLA_ALT_IFNAME={0x14, 0x35, 'wg1\x00'}]}, 0x50}}, 0x0) 4.785624532s ago: executing program 4 (id=1330): r0 = syz_open_dev$vbi(0x0, 0x1, 0x2) ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2d0, 0x18d, 0x1, 0x2, 0xd59f80, 0x3, 0x9, 0xfe, 0x8, 0x7, 0x722, 0x1ff, 0x2800, 0x7f, 0x3c, 0x1d, {0x2, 0xfffffffe}, 0x3, 0xed}}) 4.558590173s ago: executing program 4 (id=1331): fsopen(&(0x7f0000000200)='iso9660\x00', 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) madvise(&(0x7f0000162000/0x3000)=nil, 0x3000, 0x14) 3.373010642s ago: executing program 1 (id=1334): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00', @ANYRES16=r0, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r2, @ANYBLOB='\b\x00&'], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 3.038233922s ago: executing program 1 (id=1335): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x123000, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x19) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002fc0)=@newtaction={0x2f8, 0x30, 0x100, 0x70bd2b, 0x25dfdbff, {}, [{0x2e4, 0x1, [@m_skbedit={0x120, 0x19, 0x0, 0x0, {{0xc}, {0x34, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x10, 0xa}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0xd}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x1}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x1, 0x1, 0x2, 0x6, 0x101}}]}, {0xc2, 0x6, "de616dd9ce3b892bb6fafca061bed3e644dcf9151f4527045657b89def02bb9cad6c62f8293cff1e7df3eb0803889f2fd92b151ed17ab9007c47463bf4e7afe47ab1d24292b0103cbbc15977a51c0ae02a16535a666c86a6321ae76cba859e771aa7d0ff9fa043e50e56e0f68419fd47894ab8f8d473fc2af5fc18fb9399fdbb44bce22ac4c64feea69875f61ef4f46591d0547ce0f025b0a5f6dc470fd9635a05e318fa41b23e07582b3128621edbf17703923cea8b079f042f9924f50c"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_xt={0x190, 0x11, 0x0, 0x0, {{0x7}, {0x160, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8, 0x3, 0x81b8}, @TCA_IPT_INDEX={0x8, 0x3, 0x5}, @TCA_IPT_TARG={0x71, 0x6, {0x18, 'mangle\x00', 0x5, 0x6d5, "ab0275204abae93fead4d689778f27ae4cf50f2c1605c8bc53bc1513b545f339676e5579cda4d31cb6b71ee31e57f7ddc108ec0cc2c53c8fae7cab8def179974adcdc89699848c"}}, @TCA_IPT_INDEX={0x8, 0x3, 0x10}, @TCA_IPT_TARG={0x2a, 0x6, {0xde1, 'security\x00', 0xfd, 0x6}}, @TCA_IPT_INDEX={0x8, 0x3, 0x901c}, @TCA_IPT_INDEX={0x8, 0x3, 0x7}, @TCA_IPT_TARG={0x91, 0x6, {0x4, 'mangle\x00', 0x3, 0x0, "1efb1be8e570408d48a3ad0611d172f18e1ec2d311050303b04a5694f2854087a957e283bbd92b645b3bd9fc303330857d33f51fefa065d4a7d893d6d4987bfecac402f61f90ecf7c111760ecb6964bd7227dfebc76724acb4226099355b787481a4513280f6f5"}}]}, {0x9, 0x6, "51eb4b8bb0"}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}, @m_sample={0x30, 0x10, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x2f8}}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7ffffffd) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) mremap(&(0x7f0000724000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000290000/0x4000)=nil) munlockall() bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1600000003100000fd0900008400000005010000", @ANYRES32, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\t'], 0x50) 2.737501071s ago: executing program 1 (id=1336): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, 0x0, 0x0) 2.553711097s ago: executing program 2 (id=1337): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x8) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) openat$audio(0xffffff9c, 0x0, 0x402, 0x0) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) recvfrom$inet(r0, &(0x7f0000000140)=""/29, 0x1d, 0x80002100, &(0x7f00000001c0)={0x2, 0x4e23, @broadcast}, 0x10) ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f0000000100)=0x3) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r5, 0xc0845657, &(0x7f0000000040)={0x0, @bt={0xa00, 0x63c, 0x1, 0x2, 0xd59f83, 0x19f2, 0x3f, 0x19ef, 0x3, 0x4, 0x2800, 0x2801, 0x2, 0xba2, 0x0, 0x38, {0x8, 0xffffffff}, 0xd1, 0x9}}) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$inet6(0x10, 0x80000, 0x3) sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x8910, &(0x7f0000000280)={0xa, 0xfffc, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socket(0x400000000010, 0x3, 0x0) r6 = socket$unix(0x1, 0x1, 0x0) r7 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) read$nci(r7, &(0x7f0000002780)=""/3, 0x3) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'veth0_to_team\x00'}) request_key(&(0x7f00000010c0)='dns_resolver\x00', &(0x7f0000001100)={'syz', 0x2}, 0x0, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xc4, 0x19, 0x1, 0x0, 0x0, {{@in6=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x4e23, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x1, 0x6}, 0x8, 0x1, 0x1}, [@mark={0xc, 0x15, {0x0, 0xffff}}]}, 0xc4}}, 0x0) r8 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r8, &(0x7f0000000040)={0x4000000, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0xf, 0x8, 0x0, 0x2, 0x0, 0x0, 0x25dfdbfe}, 0x10}}, 0x0) syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0) 2.433471254s ago: executing program 1 (id=1338): r0 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r0, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000000) 2.239494627s ago: executing program 3 (id=1339): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000ec0)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000c80)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="030328bd7000000000000a00000008000300", @ANYRES32=r1], 0x1c}}, 0x0) 2.0776464s ago: executing program 1 (id=1340): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001400b59500000000000000000a000000", @ANYRES32=r3, @ANYBLOB="14000200fe8000000000000000000000000000aa080009003f0c0000140001"], 0x48}}, 0x0) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmmsg(r1, &(0x7f0000000000), 0x4000000000001f2, 0x0) (fail_nth: 15) 1.808036828s ago: executing program 3 (id=1341): r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000040)={&(0x7f0000000000), &(0x7f00000000c0)=""/156, 0x9c}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r2, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce8514000400e76a686bac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) recvmmsg(r3, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0) setsockopt$inet_int(r3, 0x0, 0x17, &(0x7f0000000180)=0x6, 0x4) bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x2e, &(0x7f0000000500)={@broadcast, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000012c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELSETELEM={0xa10, 0xe, 0xa, 0x3, 0x0, 0x0, {0x3, 0x0, 0x8}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x8c0, 0x3, 0x0, 0x1, [{0x418, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_EXPR={0x64, 0x7, 0x0, 0x1, @exthdr={{0xb}, @val={0x54, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x10}, @NFTA_EXTHDR_FLAGS={0x8}, @NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0xed}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_EXTHDR_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}, @NFTA_EXTHDR_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0xe7}, @NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0x84}, @NFTA_EXTHDR_SREG={0x8}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x10}]}}}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_KEY={0x240, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x52, 0x1, "850a4ef0dc7822d18193bf9e57a7f023e9dd62ca3cc8dc2cfa12fc662a08ce61b2d10ca902270c19348c95f18824453cb7fdf119bee4a32849d64413a33282c136bf92f40e2890a74fad637d4d35"}, @NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}]}, @NFTA_DATA_VERDICT={0x4c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VALUE={0x54, 0x1, "261ffc47e71d9e8f77cb0d55883542da7be157be1201b39b32d58c89e533486d5fe4964154658b8600beb8c1722bf3fc6b8504f4899ea731d4a8a02ccd27e5fdb70e8acd89bd113a2e0275883244a689"}, @NFTA_DATA_VALUE={0xe8, 0x1, "686f7fd20b952a36a9c014377b1260dd87378bb8ff7996675c1bd15ee3538e1f5f495c356af34dcec7e9b9b326996d347eca190c993991afff8faff6bbb8f59aa396e157879d5934075f8d10b5f6f30d60099ba7c162db3ae957a6d333813e630d07cd8c03b85bcd7c437972973bd07b643e75130845862866890eadc9f294612feb720fd49862ce7a8d26b40bd0b3c4c14af6adbf35d3097639dfe3304bb64581838992dd7bc7c9132cdefaff0bad421131cc0eed82de6a74d466dd12069de393fc6baccb08f66fa38970d31e4100433eacb746eb70345b251fb530766aa5e93d9e4f1c"}, @NFTA_DATA_VERDICT={0x20, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}]}, @NFTA_SET_ELEM_KEY={0xb4, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x4f, 0x1, "e5b96f0eb9b60e2001bd46620837cce884f8b7e2aa472fa704a6aee6604bfc80c1ff0464337465c6d267fc2de09449b7e225b258c6179baca113cd1e40c175e2b4af651fb8266578598bdb"}, @NFTA_DATA_VERDICT={0x60, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x75e}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_USERDATA={0x8f, 0x6, 0x1, 0x0, "662cf42234a7c215ede4b724981d44ef9a9a86025d6c1c844b5e71a61277f32ad312ec46df5dd0ba0b2f5fce2d29a992b057205f03f33be8bb63d486b7f48df5aff7629a007389a14ea7037dd1d1317f3e06954d84edd13192b1193e3da3a4cc71c155e9e4ad8aa279aa7697b17ec64d1d6e3147ed60c618dad95db68285b588a20c64480e67fe352313de"}]}, {0x4a4, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x37}, @NFTA_SET_ELEM_EXPRESSIONS={0xec, 0xb, 0x0, 0x1, [{0x5c, 0x1, 0x0, 0x1, @queue={{0xa}, @val={0x4c, 0x2, 0x0, 0x1, [@NFTA_QUEUE_SREG_QNUM={0x8, 0x4, 0x1, 0x0, 0x17}, @NFTA_QUEUE_TOTAL={0x6, 0x2, 0x1, 0x0, 0x5}, @NFTA_QUEUE_SREG_QNUM={0x8, 0x4, 0x1, 0x0, 0x16}, @NFTA_QUEUE_FLAGS={0x6, 0x3, 0x1, 0x0, 0x2}, @NFTA_QUEUE_TOTAL={0x6, 0x2, 0x1, 0x0, 0xfffd}, @NFTA_QUEUE_NUM={0x6, 0x1, 0x1, 0x0, 0x5}, @NFTA_QUEUE_FLAGS={0x6}, @NFTA_QUEUE_SREG_QNUM={0x8, 0x4, 0x1, 0x0, 0xd}, @NFTA_QUEUE_SREG_QNUM={0x8, 0x4, 0x1, 0x0, 0x15}]}}}, {0x70, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x60, 0x2, 0x0, 0x1, [@NFTA_LIMIT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}, @NFTA_LIMIT_BURST={0x8}, @NFTA_LIMIT_TYPE={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x3}, @NFTA_LIMIT_TYPE={0x8}, @NFTA_LIMIT_TYPE={0x8}, @NFTA_LIMIT_BURST={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_LIMIT_BURST={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0xed0}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x1}]}}}, {0x10, 0x1, 0x0, 0x1, @lookup={{0xb}, @void}}, {0xc, 0x1, 0x0, 0x1, @cmp={{0x8}, @void}}]}, @NFTA_SET_ELEM_KEY_END={0x3a8, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x38, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}]}, @NFTA_DATA_VALUE={0x16, 0x1, "1d75a9a51a009748a7f5ca50bd4950429b70"}, @NFTA_DATA_VALUE={0xce, 0x1, "06eb79edde484fdbfefded6e36727b86d0b8f62fa52a646719d2d1eb23a9e855b177e8a0c612c09940d7e3af40e0530f4004c0ef83acec1449298edf1fd722acd9d344de2ce94523ab4fd214fc295918934e2065d426b56fd248c75bffb5894d6b3dea9b488dc5075047a969f76486dfeb41096b16bdd2b35c9b1dea163aceb086581f1ca5069ce3c27917cdf59dab2eb238a50e2e2bb5466966672ce35dd66b03e34bc3e814879fd27169e9d4606d16d4402612dc4d020586b8b6fcf64d6a008929ee5d6df75571ba98"}, @NFTA_DATA_VALUE={0xa3, 0x1, "ee42f39e7da7276093465b62c3fc586f7cb2daecf896846770a21f4992a6ce937712499f125eb7c2411a666fea7bf5329743fb34e002c061be13abee2d9c82e9e2e0c5d6a360ce0564a00951b644d979bbf4ccd57cfe6c1416893bd231c0cb119bc23cb1d8814b57fa8a600b55786442c551881a05fae94627e8a909fe442e27c57bb50b6c08e3dddda5207ebd1bfde42e2eaa92e7178d2e7aa7d0c3a34199"}, @NFTA_DATA_VALUE={0xab, 0x1, "32687d33d82211647bc9b007d985f410784503ffa9509c803fd91d47a808f11c9dd77a538b8bd690456464c5507e8be4005ef4dc9631d2971a99c3b54237b989ba769778233bf0e3e6927395280612aa376b4aac754d13e0eaedfca44dab579d1f55cad192cb9d01adf2e3a1a0118351fe5e289bcb0784916beb4dd788755656537a5c35d374224a8cf6c35b1848842a24b99c6651c9d47c1a4a13f195e2c660a82aa8ccf56db8"}, @NFTA_DATA_VERDICT={0x38, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VALUE={0xf9, 0x1, "fc148af753fd6e2e92839bd95ca06adf83e4cf592b220e35133f689454bbe3e1daca1457f038a2ce9d245e50bc4b7fa7014b93f46d8c964a59ddea542d68cca955168863f1b78b09b4c7c808a0fc8c8f2c8e897073a3ebb3f18b8734da61c183c925a088ffe95df7b3e6b653b2996f313ca3f23087206705019fde80474ec1c6de218d325469c67eb59f931dcf7deac8e6c95f644eaf9a7355c36a515d39031844e960c03bacdba51c47af3fae0744c78f02f8eae268d7ef30234b5d6addf24dce9fbc4883b8a2ca04812b24d12d2a3f541d4ebf22e61ad43ddff34fbeb519e5418f4c28c9e431904c6c4b535d30d791abc4c78c03"}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x12c, 0x3, 0x0, 0x1, [{0x74, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_EXPRESSIONS={0x58, 0xb, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @match={{0xa}, @void}}, {0x44, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0xffffffff}, @NFTA_NG_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_NG_TYPE={0x8}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0x17}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x7}]}}}]}, @NFTA_SET_ELEM_EXPR={0xc, 0x7, 0x0, 0x1, @log={{0x8}, @void}}]}, {0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}]}, {0xa4, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPR={0x10, 0x7, 0x0, 0x1, @match={{0xa}, @void}}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_TIMEOUT={0xc}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_USERDATA={0x6f, 0x6, 0x1, 0x0, "9e6b40c8e9d80d67967121025d4f8fba86b2afccf59f0132f1ae1d19cd583a93a3951580ea723665e0a327cce21c5db486ef35b356a3cfbff005a011a1f69bd293400dfb215ec0d58f057b2b8c3168dcd417e0756b700a8f9f2f162c38f30b94d65c3d77d7b5a2312eaa0f"}]}]}]}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}], {0x14}}, 0xa80}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) syz_usb_connect(0x0, 0x34, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000092df5510ac05269289b201020301090222000100000000090400000103e900000907000000000000000705d77b5d"], 0x0) ioctl$FBIOBLANK(0xffffffffffffffff, 0x4611, 0x0) 901.238015ms ago: executing program 4 (id=1342): socket(0x10, 0x3, 0x0) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x24004000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$unix(0x1, 0x2, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1) r4 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) r5 = io_uring_setup(0x1de0, &(0x7f0000000440)={0x0, 0x0, 0x40, 0xfffffff9, 0xd4}) io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0x1d, 0x20000038, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x50, r3, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x50}, 0x1, 0x0, 0x0, 0x91}, 0x24044884) 773.943922ms ago: executing program 1 (id=1343): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x8002, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r4, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06864ce, &(0x7f0000000440)={r5, 0x0, 0x0, 0x0, 0x0, [0x0], [], [], [0x0, 0x0, 0xfffffffffffffffa]}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000080)={r6}) 420.570384ms ago: executing program 0 (id=1344): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0xffffffff}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x4}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0xff0a, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x10}]}}}]}]}], {0x14}}, 0xbc}}, 0x0) 161.899707ms ago: executing program 4 (id=1345): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000100)=@raw={'raw\x00', 0x9, 0x3, 0x200, 0x90, 0xffffffff, 0xffffffff, 0x90, 0xffffffff, 0x190, 0xffffffff, 0xffffffff, 0x190, 0xffffffff, 0x3, 0x0, {[{{@ip={@broadcast, @multicast1, 0xffffff00, 0x58f6bc870e4179dd, 'wg1\x00', 'ip6erspan0\x00', {}, {}, 0x21, 0xb74f48e09d354804, 0x4}, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x14}, @rand_addr=0x64010101, 0xff000000, 0xffffff00, 'pimreg1\x00', 'batadv0\x00', {}, {0xff}, 0xc, 0x3, 0x6c}, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x1, 0x5, 0x4, 'syz1\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x60) 65.493184ms ago: executing program 0 (id=1346): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000400)={0x8, 0x0, [{0x80000001, 0x405, 0x0, 0x203, 0x7, 0x80000000, 0xc}, {0x6, 0x5, 0x5, 0x745, 0xfa1e, 0xa, 0x1}, {0x40000000, 0x2, 0x4, 0x0, 0xa7, 0x3}, {0x2, 0x2, 0x0, 0x4, 0x53b, 0x2, 0xb}, {0x0, 0x5, 0x2, 0x10000, 0x9, 0x5, 0x10000}, {0x80000007, 0xffff0004, 0x7, 0x10, 0x7, 0x9, 0xb}, {0x6, 0x80, 0x4, 0x1, 0x6, 0x0, 0x9}, {0xa, 0x8, 0x2, 0x80000001, 0x4a4, 0xdd4eccf, 0xfffffbff}]}) r3 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_group_source_req(r3, 0x0, 0x2c, &(0x7f00000001c0)={0x80, {{0x2, 0x4e20, @multicast2}}, {{0x2, 0x4e24, @loopback}}}, 0x108) r4 = socket(0x4, 0x4, 0x0) sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0}}, 0x48000) r5 = socket$alg(0x26, 0x5, 0x0) socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(ecb-aes-aesni)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000040)="11da3cf44b1a8c3d8a39ccbd630e8ef9170ccf07ef1800322de53ae3b183ee66", 0x20) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000001800)=@mangle={'mangle\x00', 0x10, 0x6, 0x1510, 0xd0, 0x13c8, 0x11d0, 0x11d0, 0x12a0, 0x1498, 0x1498, 0x1498, 0x1498, 0x11d0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0, 0x0, {0x7a00000000000000}}, @HL={0x28}}, {{@ipv6={@dev, @loopback, [0x0, 0x0, 0xff000000], [0x0, 0x0, 0xffffffff], 'pim6reg\x00', 'sit0\x00', {}, {0xff}}, 0x0, 0x10d8, 0x1100, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x1, 0x0, 0x1, './cgroup.cpu/syz0\x00', 0x40, {0x9faf}}}]}, @HL={0x28}}, {{@ipv6={@dev={0xfe, 0x80, '\x00', 0x33}, @private2={0xfc, 0x2, '\x00', 0x1}, [0x7f8000ff, 0xffffff00, 0xffffff00], [0xffffff00, 0xffffff00, 0xff000000, 0xffff00], 'wlan1\x00', 'macvtap0\x00', {}, {0xff}, 0x88, 0xb, 0x1, 0x4}, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @local}, @private2={0xfc, 0x2, '\x00', 0x1}, [0xffffffff, 0xffffff00, 0xffffff00, 0xff], [0xff, 0xff000000, 0xffffff00], 'veth1_to_batadv\x00', 'geneve0\x00', {}, {}, 0x73, 0xe, 0x6, 0x58}, 0x0, 0xa8, 0xd0}, @inet=@TOS={0x28, 'TOS\x00', 0x0, {0x3, 0x9}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x1570) close(0x3) openat$dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3) r7 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r7, 0x0, 0x60, &(0x7f0000001040)={'filter\x00', 0x10, 0x4, 0x418, 0x220, 0x220, 0x220, 0x330, 0x330, 0x330, 0x8000000, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @empty, @multicast2, @multicast2, 0x1, 0xffffffff}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}, @mac=@remote, @rand_addr=0x64010102, @local, 0x4, 0x1}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, @empty, @loopback, @empty, 0x1, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x468) socket$inet_udplite(0x2, 0x2, 0x88) openat$ptp0(0xffffffffffffff9c, 0x0, 0x8a140, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$l2tp6(0xa, 0x2, 0x73) ioctl$sock_netdev_private(0xffffffffffffffff, 0x8927, 0x0) mincore(&(0x7f0000451000/0x1000)=nil, 0x1000, 0x0) 0s ago: executing program 4 (id=1347): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) r2 = socket(0x10, 0x803, 0x0) sendto(r2, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000000c0)=""/100, 0x64}, {&(0x7f0000000380)=""/156, 0x9c}, {&(0x7f0000001fc0)=""/4111, 0x100f}, {&(0x7f0000000a00)=""/202, 0xca}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000540)=""/76, 0x4c}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f00000001c0)=""/17, 0x11}, {&(0x7f0000000300)=""/106, 0x6a}, {&(0x7f0000000440)=""/214, 0xd6}, {&(0x7f0000000780)=""/203, 0xcb}, {&(0x7f00000006c0)=""/122, 0x7a}], 0xc, 0x0, 0x0, 0xb00}, 0x40d60b70}], 0x1, 0x0, 0x0) syz_open_dev$vim2m(&(0x7f00000000c0), 0xd2, 0x2) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r4 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) writev(r4, &(0x7f0000000900)=[{&(0x7f0000000800)='@', 0x1}], 0x1) r5 = landlock_create_ruleset(&(0x7f00000002c0)={0x2da8}, 0x18, 0x0) landlock_restrict_self(r5, 0x0) link(&(0x7f0000000140)='.\x00', &(0x7f0000000180)='./file0\x00') ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f0000000100)={0x0, 0xa00}) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000000640)={0x70, 0x3, 0x1, 0x3, 0x0, 0x0, {0x5, 0x0, 0x1}, [@CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x1}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x8}, @CTA_LABELS_MASK={0xc, 0x17, [0xba, 0x1b1a]}, @CTA_ID={0x8, 0xc, 0x1, 0x0, 0x2}, @CTA_PROTOINFO={0x8, 0x4, 0x0, 0x1, @CTA_PROTOINFO_TCP={0x4}}, @CTA_PROTOINFO={0x30, 0x4, 0x0, 0x1, @CTA_PROTOINFO_DCCP={0x2c, 0x2, 0x0, 0x1, [@CTA_PROTOINFO_DCCP_ROLE={0x5, 0x2, 0x9}, @CTA_PROTOINFO_DCCP_ROLE={0x5, 0x2, 0xd}, @CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ={0xc, 0x3, 0x1, 0x0, 0x7ff}, @CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ={0xc, 0x3, 0x1, 0x0, 0x1}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x1}, 0x0) r6 = accept$alg(r3, 0x0, 0x0) sendmsg$alg(r6, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@assoc={0x18, 0x117, 0x4, 0xd4e5}], 0x18}, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r7, &(0x7f00000004c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1808400}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x2c, r8, 0x810, 0x70bd25, 0x25dfdbfb, {}, [@ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24044011}, 0x200000c1) write$binfmt_script(r6, &(0x7f0000000600), 0xfec8) recvmmsg(r6, &(0x7f00000008c0)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000a80)=""/218, 0xfeb8}], 0x1, 0x0, 0x0, 0x2000000}}], 0x1, 0xcb, 0x0) kernel console output (not intermixed with test programs): e=1326 audit(1744757693.480:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8870 comm="syz.3.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 319.249882][ T8884] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1028'. [ 319.260047][ T8884] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1028'. [ 319.279963][ T5930] usb 4-1: config 1 interface 0 has no altsetting 0 [ 319.306822][ T30] audit: type=1326 audit(1744757693.480:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8870 comm="syz.3.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 319.310368][ T5930] usb 4-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40 [ 319.443253][ T5930] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 319.492064][ T5930] usb 4-1: Product: syz [ 319.504928][ T30] audit: type=1326 audit(1744757693.480:1051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8870 comm="syz.3.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 319.537975][ T5930] usb 4-1: Manufacturer: syz [ 319.556865][ T5930] usb 4-1: SerialNumber: syz [ 319.598002][ T30] audit: type=1326 audit(1744757693.510:1052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8870 comm="syz.3.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 319.620649][ C0] vkms_vblank_simulate: vblank timer overrun [ 319.629128][ T30] audit: type=1326 audit(1744757693.510:1053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8870 comm="syz.3.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 319.651582][ C0] vkms_vblank_simulate: vblank timer overrun [ 319.663565][ T10] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 319.684935][ T980] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 319.945718][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 319.968805][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 319.981627][ T980] usb 2-1: config 0 has no interfaces? [ 320.068622][ T10] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 320.171688][ T980] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 320.185312][ T980] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 320.211556][ T980] usb 2-1: Product: syz [ 320.216172][ T10] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 320.225617][ T980] usb 2-1: Manufacturer: syz [ 320.230372][ T980] usb 2-1: SerialNumber: syz [ 320.245224][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 320.259254][ T980] usb 2-1: config 0 descriptor?? [ 320.275946][ T10] usb 1-1: config 0 descriptor?? [ 320.536880][ T8884] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1028'. [ 320.696191][ T10] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 320.707860][ T10] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving [ 320.764952][ T10] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 320.956508][ T10] usb 1-1: USB disconnect, device number 33 [ 321.586487][ T5930] usbhid 4-1:1.0: can't add hid device: -71 [ 321.622471][ T5930] usbhid 4-1:1.0: probe with driver usbhid failed with error -71 [ 321.678607][ T5930] usb 4-1: USB disconnect, device number 26 [ 322.366277][ T8909] netlink: 'syz.0.1036': attribute type 21 has an invalid length. [ 322.396476][ T8909] netlink: 160 bytes leftover after parsing attributes in process `syz.0.1036'. [ 322.505404][ T24] usb 2-1: USB disconnect, device number 28 [ 323.114405][ T8922] netlink: 'syz.4.1038': attribute type 72 has an invalid length. [ 323.145620][ T8922] netlink: 'syz.4.1038': attribute type 8 has an invalid length. [ 323.703442][ T8939] syz_tun: entered allmulticast mode [ 323.709980][ T8938] syz_tun: left allmulticast mode [ 323.803972][ T24] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 323.868650][ T5930] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 323.958935][ T8945] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1050'. [ 324.067067][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 324.109292][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 324.137872][ T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 324.151617][ T5930] usb 2-1: Using ep0 maxpacket: 8 [ 324.183167][ T24] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 324.196545][ T5930] usb 2-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 324.208493][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 324.221466][ T5930] usb 2-1: config 2 has 0 interfaces, different from the descriptor's value: 1 [ 324.248061][ T24] usb 5-1: config 0 descriptor?? [ 324.311733][ T10] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 324.324855][ T5930] usb 2-1: New USB device found, idVendor=0bfd, idProduct=010e, bcdDevice=e8.14 [ 324.346262][ T5930] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 324.360533][ T5930] usb 2-1: Product: syz [ 324.365214][ T5930] usb 2-1: Manufacturer: syz [ 324.372885][ T5930] usb 2-1: SerialNumber: syz [ 324.481568][ T10] usb 1-1: Using ep0 maxpacket: 16 [ 324.519924][ T10] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 324.546073][ T10] usb 1-1: config 0 has no interface number 0 [ 324.585887][ T10] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 324.628264][ T10] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 324.658929][ T8953] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 324.668729][ T8953] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 324.697515][ T10] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 324.734031][ T10] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 324.734593][ T24] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 324.770511][ T10] usb 1-1: Product: syz [ 324.775917][ T10] usb 1-1: SerialNumber: syz [ 324.800609][ T8955] netlink: 892 bytes leftover after parsing attributes in process `syz.3.1054'. [ 324.814916][ T24] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving [ 324.821791][ T10] usb 1-1: config 0 descriptor?? [ 324.837751][ T10] cm109 1-1:0.8: invalid payload size 0, expected 4 [ 324.850945][ T10] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input10 [ 324.880922][ T24] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 325.040909][ T24] usb 5-1: USB disconnect, device number 35 [ 325.696465][ T8961] FAULT_INJECTION: forcing a failure. [ 325.696465][ T8961] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 325.741660][ T8961] CPU: 0 UID: 0 PID: 8961 Comm: syz.3.1057 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) [ 325.741698][ T8961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 325.741710][ T8961] Call Trace: [ 325.741717][ T8961] [ 325.741725][ T8961] dump_stack_lvl+0x241/0x360 [ 325.741762][ T8961] ? __pfx_dump_stack_lvl+0x10/0x10 [ 325.741789][ T8961] ? __pfx__printk+0x10/0x10 [ 325.741829][ T8961] should_fail_ex+0x424/0x570 [ 325.741858][ T8961] _copy_from_user+0x2d/0xb0 [ 325.741887][ T8961] copy_msghdr_from_user+0xb3/0x580 [ 325.741922][ T8961] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 325.741945][ T8961] ? __fget_files+0x2a/0x420 [ 325.741966][ T8961] ? __fget_files+0x2a/0x420 [ 325.741994][ T8961] __sys_sendmsg+0x20a/0x360 [ 325.742033][ T8961] ? __pfx___sys_sendmsg+0x10/0x10 [ 325.742114][ T8961] ? do_syscall_64+0xb6/0x230 [ 325.742143][ T8961] do_syscall_64+0xf3/0x230 [ 325.742167][ T8961] ? clear_bhb_loop+0x45/0xa0 [ 325.742190][ T8961] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.742209][ T8961] RIP: 0033:0x7f1c5718e169 [ 325.742227][ T8961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 325.742244][ T8961] RSP: 002b:00007f1c57f76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 325.742268][ T8961] RAX: ffffffffffffffda RBX: 00007f1c573b5fa0 RCX: 00007f1c5718e169 [ 325.742282][ T8961] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 325.742295][ T8961] RBP: 00007f1c57f76090 R08: 0000000000000000 R09: 0000000000000000 [ 325.742307][ T8961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 325.742319][ T8961] R13: 0000000000000000 R14: 00007f1c573b5fa0 R15: 00007f1c574dfa28 [ 325.742350][ T8961] [ 326.532124][ T24] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 326.696814][ T5930] usb 2-1: USB disconnect, device number 29 [ 326.744630][ T24] usb 3-1: config 0 has no interfaces? [ 326.786946][ T24] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 326.801289][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.810078][ T24] usb 3-1: Product: syz [ 326.851727][ T50] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 326.863859][ T24] usb 3-1: Manufacturer: syz [ 326.907275][ T24] usb 3-1: SerialNumber: syz [ 326.974590][ T8977] sctp: [Deprecated]: syz.1.1063 (pid 8977) Use of struct sctp_assoc_value in delayed_ack socket option. [ 326.974590][ T8977] Use struct sctp_sack_info instead [ 326.994875][ T24] usb 3-1: config 0 descriptor?? [ 327.004872][ T50] usb 5-1: Using ep0 maxpacket: 32 [ 327.018460][ T50] usb 5-1: config 0 has an invalid interface number: 136 but max is 0 [ 327.027451][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 327.029951][ T50] usb 5-1: config 0 has no interface number 0 [ 327.036356][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 327.045256][ T50] usb 5-1: config 0 interface 136 altsetting 0 has an endpoint descriptor with address 0xAD, changing to 0x8D [ 327.052036][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 327.071640][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 327.078972][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 327.080833][ T50] usb 5-1: config 0 interface 136 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0 [ 327.086538][ T5930] usb 1-1: USB disconnect, device number 34 [ 327.086693][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 327.086714][ C0] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 327.129932][ T8978] use of bytesused == 0 is deprecated and will be removed in the future, [ 327.152429][ T5930] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 327.172809][ T8978] use the actual size instead. [ 327.297123][ T8981] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1064'. [ 327.352089][ T8984] netlink: 892 bytes leftover after parsing attributes in process `syz.3.1065'. [ 327.391590][ T50] usb 5-1: config 0 interface 136 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 0 [ 327.420025][ T50] usb 5-1: config 0 interface 136 altsetting 0 endpoint 0x1 has invalid maxpacket 1024, setting to 64 [ 327.458577][ T50] usb 5-1: config 0 interface 136 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 327.486861][ T50] usb 5-1: New USB device found, idVendor=0763, idProduct=1021, bcdDevice=8e.c0 [ 327.546483][ T50] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 327.586378][ T50] usb 5-1: config 0 descriptor?? [ 327.607328][ T50] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 328.018609][ T50] usb 5-1: USB disconnect, device number 36 [ 328.104650][ T5853] udevd[5853]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.136/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 328.441877][ T10] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 328.541744][ T5930] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 328.924240][ T30] kauditd_printk_skb: 50 callbacks suppressed [ 328.924262][ T30] audit: type=1326 audit(1744757703.910:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.4.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 328.951551][ T5930] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 328.966969][ T5930] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 328.978024][ T10] usb 2-1: config 0 has no interfaces? [ 329.019315][ T30] audit: type=1326 audit(1744757703.910:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.4.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 329.094134][ T5930] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 329.129873][ T5930] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 329.159869][ T5930] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 329.168625][ T9] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 329.177329][ T10] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 329.198094][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 329.217195][ T30] audit: type=1326 audit(1744757703.910:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.4.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 329.250827][ T5930] usb 4-1: config 0 descriptor?? [ 329.267310][ T10] usb 2-1: Product: syz [ 329.297512][ T10] usb 2-1: Manufacturer: syz [ 329.301625][ T30] audit: type=1326 audit(1744757703.910:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.4.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 329.311457][ T10] usb 2-1: SerialNumber: syz [ 329.351594][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 329.367925][ T30] audit: type=1326 audit(1744757703.910:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.4.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 329.456147][ T9] usb 5-1: unable to get BOS descriptor or descriptor too short [ 329.466872][ T10] usb 2-1: config 0 descriptor?? [ 329.477789][ T30] audit: type=1326 audit(1744757703.910:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.4.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 329.521605][ T9] usb 5-1: config 1 interface 0 has no altsetting 0 [ 329.607165][ T9] usb 5-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40 [ 329.629025][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 329.647633][ T9] usb 5-1: Product: syz [ 329.656698][ T9] usb 5-1: Manufacturer: syz [ 329.671064][ T9] usb 5-1: SerialNumber: syz [ 329.706089][ T5930] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 329.716555][ T5930] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving [ 329.743404][ T5930] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 329.847825][ T30] audit: type=1326 audit(1744757703.920:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.4.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 329.974363][ T5930] usb 4-1: USB disconnect, device number 27 [ 330.067169][ T30] audit: type=1326 audit(1744757703.920:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.4.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 330.142086][ T30] audit: type=1326 audit(1744757703.920:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.4.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 330.228201][ T30] audit: type=1326 audit(1744757703.920:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.4.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 331.131709][ T5930] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 331.340566][ T5930] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 331.384982][ T5930] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 331.462045][ T50] usb 3-1: USB disconnect, device number 21 [ 331.468505][ T5930] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 331.649796][ T5930] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 331.696040][ T5930] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 331.779316][ T9015] bridge0: port 3(team0) entered disabled state [ 331.785827][ T9015] bridge0: port 2(bridge_slave_1) entered disabled state [ 331.793125][ T9015] bridge0: port 1(bridge_slave_0) entered disabled state [ 331.805571][ T5930] usb 1-1: config 0 descriptor?? [ 331.932565][ T50] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 332.025586][ T9015] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 332.065151][ T9015] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 332.132481][ T50] usb 3-1: Using ep0 maxpacket: 16 [ 332.159290][ T50] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11 [ 332.178644][ T50] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 332.239555][ T50] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 332.279620][ T50] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 332.309566][ T50] usb 3-1: config 0 descriptor?? [ 332.338371][ T5892] usb 2-1: USB disconnect, device number 30 [ 332.391299][ T5930] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving [ 332.471307][ T9015] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 332.482886][ T5930] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 332.511565][ T9015] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 332.536549][ T9015] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 332.547019][ T9015] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 332.570268][ T9023] netlink: 892 bytes leftover after parsing attributes in process `syz.1.1077'. [ 332.718026][ T9015] ip6erspan0: left promiscuous mode [ 332.726999][ T9015] gtp0: left promiscuous mode [ 332.968764][ T9019] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1076'. [ 333.045912][ T9019] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1076'. [ 333.097468][ T50] usbhid 3-1:0.0: can't add hid device: -71 [ 333.123870][ T9] usbhid 5-1:1.0: can't add hid device: -71 [ 333.131647][ T50] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 333.156925][ T9] usbhid 5-1:1.0: probe with driver usbhid failed with error -71 [ 333.227103][ T50] usb 3-1: USB disconnect, device number 22 [ 333.230569][ T9] usb 5-1: USB disconnect, device number 37 [ 333.581558][ T24] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 333.862750][ C1] plantronics 0003:047F:FFFF.0008: usb_submit_urb(ctrl) failed: -1 [ 333.917937][ T24] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 333.953067][ T24] usb 4-1: config 1 has an invalid interface descriptor of length 8, skipping [ 334.026193][ T24] usb 4-1: config 1 has an invalid descriptor of length 221, skipping remainder of the config [ 334.030106][ T9041] netlink: 'syz.1.1083': attribute type 1 has an invalid length. [ 334.084931][ T24] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 334.141490][ T5890] usb 1-1: reset high-speed USB device number 35 using dummy_hcd [ 334.178787][ T24] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 334.242110][ T9041] ip6erspan0: entered promiscuous mode [ 334.259494][ T24] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 334.321504][ T24] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 334.329709][ T24] usb 4-1: Product: syz [ 334.336715][ T9041] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1083'. [ 334.371463][ T24] usb 4-1: Manufacturer: syz [ 334.404511][ T9048] FAULT_INJECTION: forcing a failure. [ 334.404511][ T9048] name failslab, interval 1, probability 0, space 0, times 0 [ 334.419321][ T24] cdc_wdm 4-1:1.0: skipping garbage [ 334.421239][ T9050] FAULT_INJECTION: forcing a failure. [ 334.421239][ T9050] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 334.433364][ T24] cdc_wdm 4-1:1.0: probe with driver cdc_wdm failed with error -22 [ 334.473854][ T9050] CPU: 0 UID: 0 PID: 9050 Comm: syz.0.1087 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) [ 334.473886][ T9050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 334.473898][ T9050] Call Trace: [ 334.473905][ T9050] [ 334.473913][ T9050] dump_stack_lvl+0x241/0x360 [ 334.473949][ T9050] ? __pfx_dump_stack_lvl+0x10/0x10 [ 334.473986][ T9050] ? __pfx__printk+0x10/0x10 [ 334.474026][ T9050] should_fail_ex+0x424/0x570 [ 334.474053][ T9050] _copy_from_user+0x2d/0xb0 [ 334.474082][ T9050] copy_msghdr_from_user+0xb3/0x580 [ 334.474115][ T9050] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 334.474138][ T9050] ? __fget_files+0x2a/0x420 [ 334.474161][ T9050] ? __fget_files+0x2a/0x420 [ 334.474189][ T9050] __sys_sendmsg+0x20a/0x360 [ 334.474216][ T9050] ? __pfx___sys_sendmsg+0x10/0x10 [ 334.474296][ T9050] ? do_syscall_64+0xb6/0x230 [ 334.474324][ T9050] do_syscall_64+0xf3/0x230 [ 334.474347][ T9050] ? clear_bhb_loop+0x45/0xa0 [ 334.474370][ T9050] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.474388][ T9050] RIP: 0033:0x7feaa0d8e169 [ 334.474406][ T9050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 334.474422][ T9050] RSP: 002b:00007feaa1c0e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 334.474444][ T9050] RAX: ffffffffffffffda RBX: 00007feaa0fb5fa0 RCX: 00007feaa0d8e169 [ 334.474459][ T9050] RDX: 0000000000001040 RSI: 00002000000006c0 RDI: 0000000000000003 [ 334.474472][ T9050] RBP: 00007feaa1c0e090 R08: 0000000000000000 R09: 0000000000000000 [ 334.474484][ T9050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 334.474496][ T9050] R13: 0000000000000000 R14: 00007feaa0fb5fa0 R15: 00007feaa10dfa28 [ 334.474527][ T9050] [ 334.476031][ T9048] CPU: 1 UID: 0 PID: 9048 Comm: syz.4.1086 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) [ 334.476057][ T9048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 334.476068][ T9048] Call Trace: [ 334.476076][ T9048] [ 334.476083][ T9048] dump_stack_lvl+0x241/0x360 [ 334.476115][ T9048] ? __pfx_dump_stack_lvl+0x10/0x10 [ 334.476141][ T9048] ? __pfx__printk+0x10/0x10 [ 334.476172][ T9048] ? __pfx___might_resched+0x10/0x10 [ 334.476201][ T9048] should_fail_ex+0x424/0x570 [ 334.476227][ T9048] should_failslab+0xac/0x100 [ 334.476254][ T9048] kmem_cache_alloc_lru_noprof+0x7d/0x390 [ 334.476280][ T9048] ? __d_alloc+0x31/0x740 [ 334.476303][ T9048] __d_alloc+0x31/0x740 [ 334.476328][ T9048] d_alloc_pseudo+0x1f/0xb0 [ 334.476349][ T9048] alloc_file_pseudo+0x143/0x320 [ 334.476375][ T9048] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 334.476393][ T9048] ? rcu_is_watching+0x15/0xb0 [ 334.476417][ T9048] ? hugetlbfs_get_inode+0x45f/0x690 [ 334.476446][ T9048] hugetlb_file_setup+0x38a/0x5c0 [ 334.476471][ T9048] ksys_mmap_pgoff+0x20e/0x720 [ 334.476505][ T9048] do_syscall_64+0xf3/0x230 [ 334.476530][ T9048] ? clear_bhb_loop+0x45/0xa0 [ 334.476552][ T9048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.476570][ T9048] RIP: 0033:0x7f882338e169 [ 334.476588][ T9048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 334.476604][ T9048] RSP: 002b:00007f8824242038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 334.476626][ T9048] RAX: ffffffffffffffda RBX: 00007f88235b5fa0 RCX: 00007f882338e169 [ 334.476641][ T9048] RDX: 0000000000000003 RSI: 0000000000ff5000 RDI: 0000200000000000 [ 334.476660][ T9048] RBP: 00007f8824242090 R08: ffffffffffffffff R09: 0000000000000000 [ 334.476673][ T9048] R10: 000200000005c832 R11: 0000000000000246 R12: 0000000000000001 [ 334.476686][ T9048] R13: 0000000000000000 R14: 00007f88235b5fa0 R15: 00007f88236dfa28 [ 334.476731][ T9048] [ 334.857431][ C1] vkms_vblank_simulate: vblank timer overrun [ 334.991891][ T9] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 335.143603][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 335.266633][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 335.296965][ T9054] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 335.326430][ T9054] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 335.337966][ T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 335.343562][ T5891] usb 1-1: USB disconnect, device number 35 [ 335.392317][ T9064] fuse: Bad value for 'fd' [ 335.393729][ T9] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 335.463313][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.511649][ T9] usb 3-1: config 0 descriptor?? [ 335.943986][ T9] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0 [ 335.964491][ T9] plantronics 0003:047F:FFFF.0009: No inputs registered, leaving [ 335.995685][ T9] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 336.236729][ T5891] usb 3-1: USB disconnect, device number 23 [ 336.500700][ T9082] net_ratelimit: 31 callbacks suppressed [ 336.500722][ T9082] dccp_v4_rcv: dropped packet with invalid checksum [ 336.614592][ T9083] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1098'. [ 336.635837][ T9083] bridge0: port 1(bridge_slave_0) entered blocking state [ 336.643141][ T9083] bridge0: port 1(bridge_slave_0) entered forwarding state [ 336.711644][ T9083] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 336.821075][ T9] usb 4-1: USB disconnect, device number 28 [ 337.020065][ T9089] syz_tun: entered allmulticast mode [ 337.053944][ T9089] batadv_slave_1: entered allmulticast mode [ 337.171217][ T9088] syz_tun: left allmulticast mode [ 337.187806][ T9088] batadv_slave_1: left allmulticast mode [ 338.125082][ T9] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 338.238597][ T9112] FAULT_INJECTION: forcing a failure. [ 338.238597][ T9112] name failslab, interval 1, probability 0, space 0, times 0 [ 338.243595][ T9109] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1108'. [ 338.286166][ T9112] CPU: 0 UID: 0 PID: 9112 Comm: syz.2.1109 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) [ 338.286197][ T9112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 338.286208][ T9112] Call Trace: [ 338.286217][ T9112] [ 338.286226][ T9112] dump_stack_lvl+0x241/0x360 [ 338.286261][ T9112] ? __pfx_dump_stack_lvl+0x10/0x10 [ 338.286289][ T9112] ? __pfx__printk+0x10/0x10 [ 338.286320][ T9112] ? __pfx___might_resched+0x10/0x10 [ 338.286349][ T9112] should_fail_ex+0x424/0x570 [ 338.286377][ T9112] should_failslab+0xac/0x100 [ 338.286405][ T9112] __kmalloc_noprof+0xdf/0x4d0 [ 338.286430][ T9112] ? tomoyo_realpath_from_path+0xc2/0x5e0 [ 338.286458][ T9112] ? tomoyo_realpath_from_path+0xcf/0x5e0 [ 338.286492][ T9112] tomoyo_realpath_from_path+0xcf/0x5e0 [ 338.286535][ T9112] tomoyo_path_number_perm+0x245/0x790 [ 338.286565][ T9112] ? tomoyo_path_number_perm+0x215/0x790 [ 338.286592][ T9112] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 338.286625][ T9112] ? ksys_write+0x24e/0x2d0 [ 338.286654][ T9112] ? __lock_acquire+0xad5/0xd80 [ 338.286701][ T9112] ? __fget_files+0x2a/0x420 [ 338.286719][ T9112] ? __fget_files+0x2a/0x420 [ 338.286741][ T9112] ? __fget_files+0x2a/0x420 [ 338.286764][ T9112] security_file_ioctl+0xc6/0x2a0 [ 338.286791][ T9112] __se_sys_ioctl+0x46/0x160 [ 338.286817][ T9112] do_syscall_64+0xf3/0x230 [ 338.286842][ T9112] ? clear_bhb_loop+0x45/0xa0 [ 338.286866][ T9112] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.286884][ T9112] RIP: 0033:0x7f1bfa38e169 [ 338.286914][ T9112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 338.286930][ T9112] RSP: 002b:00007f1bfb180038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 338.286953][ T9112] RAX: ffffffffffffffda RBX: 00007f1bfa5b5fa0 RCX: 00007f1bfa38e169 [ 338.286966][ T9112] RDX: 0000200000000000 RSI: 0000000000008916 RDI: 0000000000000003 [ 338.286978][ T9112] RBP: 00007f1bfb180090 R08: 0000000000000000 R09: 0000000000000000 [ 338.286989][ T9112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 338.286999][ T9112] R13: 0000000000000000 R14: 00007f1bfa5b5fa0 R15: 00007f1bfa6dfa28 [ 338.287029][ T9112] [ 338.287074][ T9112] ERROR: Out of memory at tomoyo_realpath_from_path. [ 338.533431][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 338.544924][ T9] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87 [ 338.559739][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 338.584099][ T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 338.602613][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 338.610784][ T9] usb 1-1: Product: syz [ 338.626536][ T9] usb 1-1: Manufacturer: syz [ 338.631204][ T9] usb 1-1: SerialNumber: syz [ 338.682709][ T9] usb 1-1: config 0 descriptor?? [ 339.006982][ T9] appledisplay 1-1:0.0: Error while getting initial brightness: -110 [ 339.016058][ T30] kauditd_printk_skb: 50 callbacks suppressed [ 339.016073][ T30] audit: type=1326 audit(1744757713.960:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 339.051975][ T30] audit: type=1326 audit(1744757713.960:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 339.075749][ T9] appledisplay 1-1:0.0: probe with driver appledisplay failed with error -110 [ 339.120395][ T30] audit: type=1326 audit(1744757713.970:1166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 339.151299][ T30] audit: type=1326 audit(1744757713.970:1167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 339.186013][ T30] audit: type=1326 audit(1744757713.970:1168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 339.202905][ T5891] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 339.232298][ T10] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 339.248186][ T30] audit: type=1326 audit(1744757713.970:1169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 339.289093][ T30] audit: type=1326 audit(1744757713.970:1170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 339.317465][ T30] audit: type=1326 audit(1744757713.970:1171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 339.348398][ T30] audit: type=1326 audit(1744757713.970:1172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 339.395043][ T10] usb 5-1: Using ep0 maxpacket: 16 [ 339.467019][ T10] usb 5-1: unable to get BOS descriptor or descriptor too short [ 339.495158][ T10] usb 5-1: config 1 interface 0 has no altsetting 0 [ 339.528420][ T30] audit: type=1326 audit(1744757713.970:1173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 339.561895][ T10] usb 5-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40 [ 339.593641][ T5891] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 339.611324][ T5891] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 339.632286][ T5891] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 339.651611][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 339.659774][ T10] usb 5-1: Product: syz [ 339.665482][ T10] usb 5-1: Manufacturer: syz [ 339.670284][ T10] usb 5-1: SerialNumber: syz [ 339.968960][ T5891] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 339.983092][ T5891] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 340.007906][ T5891] usb 4-1: config 0 descriptor?? [ 340.708164][ T5891] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0 [ 340.722187][ T5891] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving [ 340.745693][ T5891] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 340.861099][ T9] usb 1-1: USB disconnect, device number 36 [ 341.024907][ T5891] usb 4-1: USB disconnect, device number 29 [ 341.444607][ T9] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 341.604439][ T9] usb 3-1: config 0 has an invalid interface number: 156 but max is 0 [ 341.616355][ T9] usb 3-1: config 0 has no interface number 0 [ 341.625218][ T9] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 341.643808][ T9] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 341.673594][ T9] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 341.782992][ T9] usb 3-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 341.920303][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 341.976542][ T10] usbhid 5-1:1.0: can't add hid device: -71 [ 341.989614][ T10] usbhid 5-1:1.0: probe with driver usbhid failed with error -71 [ 342.006105][ T9] usb 3-1: config 0 descriptor?? [ 342.026810][ T9] gspca_main: spca561-2.14.0 probing abcd:cdee [ 342.042022][ T10] usb 5-1: USB disconnect, device number 38 [ 342.354528][ T9] spca561 3-1:0.156: probe with driver spca561 failed with error -22 [ 342.422239][ T9] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 342.444138][ T9] usb 3-1: MIDIStreaming interface descriptor not found [ 342.538147][ T9] snd-usb-audio 3-1:0.156: probe with driver snd-usb-audio failed with error -12 [ 342.559721][ T9] usb 3-1: USB disconnect, device number 24 [ 342.582021][ T10] usb 5-1: new full-speed USB device number 39 using dummy_hcd [ 342.750144][ T10] usb 5-1: config 0 has no interfaces? [ 342.785744][ T10] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 342.796139][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 342.807251][ T5853] udevd[5853]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.156/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 342.810246][ T10] usb 5-1: Product: syz [ 342.828596][ T10] usb 5-1: Manufacturer: syz [ 342.833845][ T10] usb 5-1: SerialNumber: syz [ 342.842933][ T10] usb 5-1: config 0 descriptor?? [ 343.339632][ T9173] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1128'. [ 343.411692][ T5891] usb 1-1: new full-speed USB device number 37 using dummy_hcd [ 343.587883][ T5891] usb 1-1: config 0 has no interfaces? [ 343.601617][ T5891] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 343.618107][ T5891] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 343.646156][ T5891] usb 1-1: Product: syz [ 343.669642][ T5891] usb 1-1: Manufacturer: syz [ 343.686705][ T5891] usb 1-1: SerialNumber: syz [ 343.713271][ T5891] usb 1-1: config 0 descriptor?? [ 344.281597][ T5891] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 344.399861][ T9167] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1126'. [ 344.440832][ T5891] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 344.440886][ T5891] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 344.440910][ T5891] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 344.440956][ T5891] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 344.440980][ T5891] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 344.445340][ T5891] usb 2-1: config 0 descriptor?? [ 344.976596][ T5891] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 345.007355][ T5891] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving [ 345.100937][ T9184] syzkaller0: entered promiscuous mode [ 345.138161][ T5891] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 345.141520][ T9184] syzkaller0: entered allmulticast mode [ 345.224727][ T5891] usb 2-1: USB disconnect, device number 31 [ 345.276722][ T10] usb 5-1: USB disconnect, device number 39 [ 345.687327][ T9194] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1136'. [ 346.184885][ T5891] usb 1-1: USB disconnect, device number 37 [ 346.946543][ T9208] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1140'. [ 347.656023][ T9194] tipc: Started in network mode [ 347.663457][ T9194] tipc: Node identity 4, cluster identity 4711 [ 347.670577][ T9194] tipc: Node number set to 4 [ 348.162992][ T30] kauditd_printk_skb: 51 callbacks suppressed [ 348.163014][ T30] audit: type=1326 audit(1744757723.170:1225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.3.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 348.191972][ T5891] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 348.227785][ T9228] FAULT_INJECTION: forcing a failure. [ 348.227785][ T9228] name failslab, interval 1, probability 0, space 0, times 0 [ 348.332492][ T30] audit: type=1326 audit(1744757723.170:1226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.3.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 348.365061][ T30] audit: type=1326 audit(1744757723.170:1227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.3.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 348.405707][ T30] audit: type=1326 audit(1744757723.170:1228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.3.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 348.468923][ T9228] CPU: 0 UID: 0 PID: 9228 Comm: syz.0.1146 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) [ 348.468945][ T9228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 348.468952][ T9228] Call Trace: [ 348.468957][ T9228] [ 348.468963][ T9228] dump_stack_lvl+0x241/0x360 [ 348.468985][ T9228] ? __pfx_dump_stack_lvl+0x10/0x10 [ 348.469002][ T9228] ? __pfx__printk+0x10/0x10 [ 348.469020][ T9228] ? __pfx___might_resched+0x10/0x10 [ 348.469037][ T9228] should_fail_ex+0x424/0x570 [ 348.469052][ T9228] should_failslab+0xac/0x100 [ 348.469069][ T9228] kmem_cache_alloc_lru_noprof+0x7d/0x390 [ 348.469085][ T9228] ? sock_alloc_inode+0x28/0xc0 [ 348.469103][ T9228] sock_alloc_inode+0x28/0xc0 [ 348.469117][ T9228] ? __pfx_sock_alloc_inode+0x10/0x10 [ 348.469130][ T9228] alloc_inode+0x69/0x1b0 [ 348.469147][ T9228] __sock_create+0x127/0xa30 [ 348.469169][ T9228] __sys_socket+0x14d/0x3c0 [ 348.469187][ T9228] ? __pfx___sys_socket+0x10/0x10 [ 348.469209][ T9228] __x64_sys_socket+0x7a/0x90 [ 348.469225][ T9228] do_syscall_64+0xf3/0x230 [ 348.469240][ T9228] ? clear_bhb_loop+0x45/0xa0 [ 348.469253][ T9228] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.469264][ T9228] RIP: 0033:0x7feaa0d90087 [ 348.469275][ T9228] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 348.469285][ T9228] RSP: 002b:00007feaa1c0cfa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 348.469299][ T9228] RAX: ffffffffffffffda RBX: 00007feaa0fb5fa0 RCX: 00007feaa0d90087 [ 348.469308][ T9228] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 348.469315][ T9228] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 348.469322][ T9228] R10: 00002000000000c0 R11: 0000000000000286 R12: 0000000000000001 [ 348.469330][ T9228] R13: 0000000000000000 R14: 00007feaa0fb5fa0 R15: 00007feaa10dfa28 [ 348.469347][ T9228] [ 348.469354][ T9228] socket: no more sockets [ 348.511570][ T30] audit: type=1326 audit(1744757723.170:1229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.3.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 348.583594][ T9] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 348.756346][ T5891] usb 3-1: config 0 has no interfaces? [ 348.816873][ T5891] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 348.945920][ T5891] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 348.964948][ T5891] usb 3-1: Product: syz [ 348.969350][ T5891] usb 3-1: Manufacturer: syz [ 348.989214][ T5891] usb 3-1: SerialNumber: syz [ 349.007485][ T5891] usb 3-1: config 0 descriptor?? [ 349.013539][ T30] audit: type=1326 audit(1744757723.170:1230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.3.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 349.036071][ C1] vkms_vblank_simulate: vblank timer overrun [ 349.058455][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 349.065475][ T30] audit: type=1326 audit(1744757723.170:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.3.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 349.121296][ T30] audit: type=1326 audit(1744757723.170:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.3.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 349.128027][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 349.169675][ T30] audit: type=1326 audit(1744757723.170:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.3.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 349.230475][ T30] audit: type=1326 audit(1744757723.170:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.3.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1c5718cad0 code=0x7ffc0000 [ 349.253737][ C1] vkms_vblank_simulate: vblank timer overrun [ 349.531793][ T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 349.556909][ T9] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 349.573239][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 349.628983][ T9] usb 2-1: config 0 descriptor?? [ 349.651551][ T980] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 349.817353][ T980] usb 1-1: config 0 has no interfaces? [ 349.848373][ T980] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d8.3b [ 349.858754][ T980] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 349.889340][ T980] usb 1-1: Product: syz [ 349.901429][ T980] usb 1-1: Manufacturer: syz [ 349.912047][ T980] usb 1-1: SerialNumber: syz [ 349.925775][ T980] usb 1-1: config 0 descriptor?? [ 350.237524][ T9] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 350.247001][ T9] plantronics 0003:047F:FFFF.000C: No inputs registered, leaving [ 350.273612][ T9] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 350.504954][ T9] usb 2-1: USB disconnect, device number 32 [ 350.562268][ T980] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 350.792919][ T980] usb 5-1: Using ep0 maxpacket: 32 [ 350.938436][ T5891] usb 3-1: USB disconnect, device number 25 [ 351.019501][ T980] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 351.047182][ T980] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 351.077070][ T980] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 351.097748][ T980] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.160132][ T980] usb 5-1: config 0 descriptor?? [ 351.694361][ T9244] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 351.726160][ T9266] loop2: detected capacity change from 0 to 7 [ 351.745755][ T9266] Dev loop2: unable to read RDB block 7 [ 351.753268][ T9266] loop2: AHDI p1 p2 p3 [ 351.757816][ T9266] loop2: partition table partially beyond EOD, truncated [ 351.780928][ T9267] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1156'. [ 351.803165][ T9266] loop2: p1 start 1601398130 is beyond EOD, truncated [ 351.821089][ T9266] loop2: p2 start 1702059890 is beyond EOD, truncated [ 352.187883][ T5841] Dev loop2: unable to read RDB block 7 [ 352.205912][ T5841] loop2: AHDI p1 p2 p3 [ 352.305237][ T5841] loop2: partition table partially beyond EOD, truncated [ 352.317552][ T5841] loop2: p1 start 1601398130 is beyond EOD, truncated [ 352.328220][ T5841] loop2: p2 start 1702059890 is beyond EOD, truncated [ 352.345376][ T9268] Dev loop2: unable to read RDB block 7 [ 352.351865][ T9268] loop2: AHDI p1 p2 p3 [ 352.356267][ T9268] loop2: partition table partially beyond EOD, truncated [ 352.388655][ T9268] loop2: p1 start 1601398130 is beyond EOD, truncated [ 352.395679][ T9268] loop2: p2 start 1702059890 is beyond EOD, truncated [ 352.933487][ T9] usb 1-1: USB disconnect, device number 38 [ 353.112617][ T9277] xt_CT: You must specify a L4 protocol and not use inversions on it [ 353.441891][ T30] kauditd_printk_skb: 20 callbacks suppressed [ 353.441914][ T30] audit: type=1326 audit(1744757728.420:1255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9281 comm="syz.3.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 353.522181][ T980] usbhid 5-1:0.0: can't add hid device: -71 [ 353.538476][ T980] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 353.597358][ T980] usb 5-1: USB disconnect, device number 40 [ 353.620199][ T30] audit: type=1326 audit(1744757728.420:1256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9281 comm="syz.3.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 353.682331][ T30] audit: type=1326 audit(1744757728.420:1257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9281 comm="syz.3.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 353.776369][ T9291] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1165'. [ 353.784094][ T30] audit: type=1326 audit(1744757728.420:1258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9281 comm="syz.3.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 354.277225][ T30] audit: type=1326 audit(1744757728.420:1259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9281 comm="syz.3.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 354.411471][ T30] audit: type=1326 audit(1744757728.420:1260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9281 comm="syz.3.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 354.471701][ T24] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 354.511799][ T30] audit: type=1326 audit(1744757728.420:1261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9281 comm="syz.3.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 354.611674][ T30] audit: type=1326 audit(1744757728.420:1262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9281 comm="syz.3.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 354.697309][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 354.710884][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 354.724164][ T30] audit: type=1326 audit(1744757728.420:1263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9281 comm="syz.3.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 354.771517][ T24] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 354.801449][ T24] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 354.811107][ T30] audit: type=1326 audit(1744757728.420:1264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9281 comm="syz.3.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 354.875239][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 354.925508][ T24] usb 3-1: config 0 descriptor?? [ 355.345640][ T24] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 355.371097][ T24] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving [ 355.403109][ T24] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 355.411779][ T9307] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1168'. [ 355.624219][ T980] usb 3-1: USB disconnect, device number 26 [ 355.687371][ T9316] netlink: 'syz.0.1169': attribute type 23 has an invalid length. [ 355.792350][ T9316] netlink: 368 bytes leftover after parsing attributes in process `syz.0.1169'. [ 356.031899][ T24] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 356.293353][ T24] usb 5-1: config 0 has no interfaces? [ 356.634815][ T24] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d8.3b [ 356.684625][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 356.703813][ T24] usb 5-1: Product: syz [ 356.708168][ T24] usb 5-1: Manufacturer: syz [ 356.786409][ T24] usb 5-1: SerialNumber: syz [ 356.848979][ T24] usb 5-1: config 0 descriptor?? [ 357.011491][ T5890] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 357.318813][ T5890] usb 3-1: Using ep0 maxpacket: 16 [ 357.352271][ T5890] usb 3-1: config 0 interface 0 has no altsetting 0 [ 357.462698][ T5890] usb 3-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82 [ 357.499765][ T5890] usb 3-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10 [ 357.532763][ T5890] usb 3-1: Product: syz [ 357.549775][ T5890] usb 3-1: Manufacturer: syz [ 357.590705][ T5890] usb 3-1: SerialNumber: syz [ 357.606677][ T5890] usb 3-1: config 0 descriptor?? [ 357.882639][ T9334] FAULT_INJECTION: forcing a failure. [ 357.882639][ T9334] name failslab, interval 1, probability 0, space 0, times 0 [ 357.906978][ T5890] usb 3-1: selecting invalid altsetting 1 [ 357.944403][ T9334] CPU: 1 UID: 0 PID: 9334 Comm: syz.0.1176 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) [ 357.944436][ T9334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 357.944448][ T9334] Call Trace: [ 357.944456][ T9334] [ 357.944464][ T9334] dump_stack_lvl+0x241/0x360 [ 357.944498][ T9334] ? __pfx_dump_stack_lvl+0x10/0x10 [ 357.944524][ T9334] ? __pfx__printk+0x10/0x10 [ 357.944555][ T9334] ? __pfx___might_resched+0x10/0x10 [ 357.944595][ T9334] should_fail_ex+0x424/0x570 [ 357.944621][ T9334] should_failslab+0xac/0x100 [ 357.944653][ T9334] kmem_cache_alloc_node_noprof+0x7d/0x3b0 [ 357.944679][ T9334] ? __alloc_skb+0x1c2/0x480 [ 357.944702][ T9334] __alloc_skb+0x1c2/0x480 [ 357.944727][ T9334] ? __pfx___alloc_skb+0x10/0x10 [ 357.944748][ T9334] ? netlink_autobind+0xd6/0x2f0 [ 357.944772][ T9334] ? netlink_autobind+0x2b0/0x2f0 [ 357.944803][ T9334] netlink_sendmsg+0x638/0xcd0 [ 357.944842][ T9334] ? __pfx_netlink_sendmsg+0x10/0x10 [ 357.944873][ T9334] ? aa_sock_msg_perm+0x91/0x160 [ 357.944905][ T9334] ? __pfx_netlink_sendmsg+0x10/0x10 [ 357.944929][ T9334] __sock_sendmsg+0x221/0x270 [ 357.944958][ T9334] ____sys_sendmsg+0x523/0x860 [ 357.944989][ T9334] ? __pfx_____sys_sendmsg+0x10/0x10 [ 357.945006][ T9334] ? __fget_files+0x2a/0x420 [ 357.945027][ T9334] ? __fget_files+0x2a/0x420 [ 357.945054][ T9334] __sys_sendmsg+0x271/0x360 [ 357.945080][ T9334] ? __pfx___sys_sendmsg+0x10/0x10 [ 357.945157][ T9334] ? do_syscall_64+0xb6/0x230 [ 357.945184][ T9334] do_syscall_64+0xf3/0x230 [ 357.945207][ T9334] ? clear_bhb_loop+0x45/0xa0 [ 357.945229][ T9334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.945248][ T9334] RIP: 0033:0x7feaa0d8e169 [ 357.945265][ T9334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 357.945281][ T9334] RSP: 002b:00007feaa1c0e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 357.945304][ T9334] RAX: ffffffffffffffda RBX: 00007feaa0fb5fa0 RCX: 00007feaa0d8e169 [ 357.945317][ T9334] RDX: 0000000000000050 RSI: 0000200000000240 RDI: 0000000000000003 [ 357.945330][ T9334] RBP: 00007feaa1c0e090 R08: 0000000000000000 R09: 0000000000000000 [ 357.945342][ T9334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 357.945353][ T9334] R13: 0000000000000000 R14: 00007feaa0fb5fa0 R15: 00007feaa10dfa28 [ 357.945383][ T9334] [ 358.188367][ C1] vkms_vblank_simulate: vblank timer overrun [ 358.329610][ T5890] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 358.359429][ T5839] udevd[5839]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 358.380021][ T5890] usb 3-1: USB disconnect, device number 27 [ 358.554114][ T9345] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1180'. [ 358.670629][ T30] kauditd_printk_skb: 24 callbacks suppressed [ 358.670645][ T30] audit: type=1326 audit(1744757733.670:1289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 359.061617][ T30] audit: type=1326 audit(1744757733.710:1290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 359.263009][ T30] audit: type=1326 audit(1744757733.710:1291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 359.285691][ C1] vkms_vblank_simulate: vblank timer overrun [ 359.346234][ T30] audit: type=1326 audit(1744757733.710:1292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 359.399731][ T5890] usb 5-1: USB disconnect, device number 41 [ 359.431720][ T30] audit: type=1326 audit(1744757733.710:1293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 359.454221][ C1] vkms_vblank_simulate: vblank timer overrun [ 359.461824][ T30] audit: type=1326 audit(1744757733.710:1294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 359.486609][ T30] audit: type=1326 audit(1744757733.710:1295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 359.570587][ T30] audit: type=1326 audit(1744757733.710:1296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 359.633510][ T9351] kernel read not supported for file / 7âW)s!Qfsl{Tr)rO2:"T+͟v|ղDvc֠6xc: (pid: 9351 comm: syz.1.1181) [ 359.705772][ T30] audit: type=1326 audit(1744757733.710:1297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 359.736330][ T30] audit: type=1326 audit(1744757733.710:1298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1c5718cad0 code=0x7ffc0000 [ 359.921484][ T5890] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 360.137632][ T5890] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 360.155502][ T5890] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 360.206825][ T5890] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 360.273785][ T5890] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 360.284108][ T5890] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.304803][ T5890] usb 5-1: config 0 descriptor?? [ 360.691501][ T24] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 360.767687][ T5890] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0 [ 360.776047][ T5890] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving [ 360.800712][ T5890] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 360.874132][ T24] usb 3-1: Using ep0 maxpacket: 32 [ 360.933260][ T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 360.957913][ T24] usb 3-1: New USB device found, idVendor=2040, idProduct=4901, bcdDevice=47.77 [ 360.978241][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 361.000640][ T24] usb 3-1: Product: syz [ 361.011348][ T24] usb 3-1: Manufacturer: syz [ 361.020544][ T24] usb 3-1: SerialNumber: syz [ 361.040341][ T5890] usb 5-1: USB disconnect, device number 42 [ 361.111083][ T24] usb 3-1: config 0 descriptor?? [ 361.154253][ T24] hdpvr 3-1:0.0: Could not find bulk-in endpoint [ 361.172359][ T24] hdpvr 3-1:0.0: probe with driver hdpvr failed with error -12 [ 362.482769][ T9387] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1192'. [ 362.562371][ T9396] netlink: 'syz.1.1190': attribute type 1 has an invalid length. [ 362.765563][ T9396] 8021q: adding VLAN 0 to HW filter on device bond1 [ 362.847555][ T9397] bond1: (slave veth3): Enslaving as an active interface with a down link [ 363.332673][ T5890] usb 5-1: new high-speed USB device number 43 using dummy_hcd [ 363.466642][ T980] usb 3-1: USB disconnect, device number 28 [ 363.541264][ T5890] usb 5-1: config 0 has no interfaces? [ 363.599328][ T5890] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d8.3b [ 363.629098][ T5890] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 363.655994][ T5890] usb 5-1: Product: syz [ 363.660373][ T5890] usb 5-1: Manufacturer: syz [ 363.667765][ T5890] usb 5-1: SerialNumber: syz [ 363.680004][ T5890] usb 5-1: config 0 descriptor?? [ 364.219697][ T30] kauditd_printk_skb: 21 callbacks suppressed [ 364.219713][ T30] audit: type=1326 audit(1744757739.220:1320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 364.481721][ T30] audit: type=1326 audit(1744757739.220:1321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 364.563930][ T30] audit: type=1326 audit(1744757739.220:1322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 364.635488][ T30] audit: type=1326 audit(1744757739.220:1323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 364.639776][ T5890] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 364.661201][ T30] audit: type=1326 audit(1744757739.220:1324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 364.792643][ T30] audit: type=1326 audit(1744757739.260:1325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 364.817905][ T30] audit: type=1326 audit(1744757739.260:1326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 364.854469][ T30] audit: type=1326 audit(1744757739.260:1327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 364.879111][ T30] audit: type=1326 audit(1744757739.260:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 365.006588][ T30] audit: type=1326 audit(1744757739.290:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1c5718e169 code=0x7ffc0000 [ 365.030193][ T980] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 365.149580][ T9426] FAULT_INJECTION: forcing a failure. [ 365.149580][ T9426] name failslab, interval 1, probability 0, space 0, times 0 [ 365.163205][ T9426] CPU: 0 UID: 0 PID: 9426 Comm: syz.1.1200 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) [ 365.163225][ T9426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 365.163233][ T9426] Call Trace: [ 365.163237][ T9426] [ 365.163242][ T9426] dump_stack_lvl+0x241/0x360 [ 365.163265][ T9426] ? __pfx_dump_stack_lvl+0x10/0x10 [ 365.163281][ T9426] ? __pfx__printk+0x10/0x10 [ 365.163300][ T9426] ? __pfx___might_resched+0x10/0x10 [ 365.163316][ T9426] should_fail_ex+0x424/0x570 [ 365.163332][ T9426] should_failslab+0xac/0x100 [ 365.163348][ T9426] kmem_cache_alloc_noprof+0x78/0x390 [ 365.163363][ T9426] ? getname_flags+0xb7/0x530 [ 365.163379][ T9426] ? ksys_write+0x24e/0x2d0 [ 365.163393][ T9426] getname_flags+0xb7/0x530 [ 365.163412][ T9426] do_sys_openat2+0xbf/0x1d0 [ 365.163430][ T9426] ? __pfx_do_sys_openat2+0x10/0x10 [ 365.163447][ T9426] ? __fget_files+0x2a/0x420 [ 365.163460][ T9426] ? __fget_files+0x2a/0x420 [ 365.163474][ T9426] __x64_sys_openat+0x249/0x2a0 [ 365.163493][ T9426] ? __pfx___x64_sys_openat+0x10/0x10 [ 365.163515][ T9426] ? do_syscall_64+0xb6/0x230 [ 365.163532][ T9426] do_syscall_64+0xf3/0x230 [ 365.163545][ T9426] ? clear_bhb_loop+0x45/0xa0 [ 365.163559][ T9426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 365.163570][ T9426] RIP: 0033:0x7fd4c118e169 [ 365.163582][ T9426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 365.163591][ T9426] RSP: 002b:00007fd4c206f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 365.163605][ T9426] RAX: ffffffffffffffda RBX: 00007fd4c13b5fa0 RCX: 00007fd4c118e169 [ 365.163614][ T9426] RDX: 0000000000088882 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 365.163622][ T9426] RBP: 00007fd4c206f090 R08: 0000000000000000 R09: 0000000000000000 [ 365.163629][ T9426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 365.163636][ T9426] R13: 0000000000000000 R14: 00007fd4c13b5fa0 R15: 00007fd4c14dfa28 [ 365.163661][ T9426] [ 365.281815][ T5890] usb 4-1: Using ep0 maxpacket: 16 [ 365.447847][ T980] usb 3-1: Using ep0 maxpacket: 16 [ 365.482362][ T980] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87 [ 365.504267][ T980] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 365.541512][ T9] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 365.552662][ T980] usb 3-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 365.562097][ T980] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 365.575378][ T980] usb 3-1: Product: syz [ 365.579631][ T980] usb 3-1: Manufacturer: syz [ 365.595386][ T980] usb 3-1: SerialNumber: syz [ 365.641257][ T980] usb 3-1: config 0 descriptor?? [ 365.703425][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 365.732533][ T9] usb 2-1: config 0 interface 0 has no altsetting 0 [ 365.742821][ T9] usb 2-1: New USB device found, idVendor=17cc, idProduct=041c, bcdDevice= 0.9c [ 365.752323][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 365.768282][ T9] usb 2-1: Product: syz [ 365.788171][ T9] usb 2-1: Manufacturer: syz [ 365.803324][ T9] usb 2-1: SerialNumber: syz [ 365.842637][ T9] usb 2-1: config 0 descriptor?? [ 365.880313][ T24] usb 5-1: USB disconnect, device number 43 [ 365.907315][ T9] usb 2-1: selecting invalid altsetting 1 [ 365.946593][ T5890] usb 4-1: unable to get BOS descriptor or descriptor too short [ 365.965116][ T5890] usb 4-1: config 1 interface 0 has no altsetting 0 [ 365.974203][ T9] snd-usb-caiaq 2-1:0.0: can't set alt interface. [ 365.982092][ T5890] usb 4-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40 [ 365.985306][ T980] appledisplay 3-1:0.0: Error while getting initial brightness: -110 [ 365.994699][ T5890] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 366.029400][ T9] usb 2-1: unable to init card! (ret=-5) [ 366.056130][ T9] snd-usb-caiaq 2-1:0.0: probe with driver snd-usb-caiaq failed with error -5 [ 366.061170][ T5890] usb 4-1: Product: syz [ 366.079638][ T980] appledisplay 3-1:0.0: probe with driver appledisplay failed with error -110 [ 366.098249][ T9430] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 366.120577][ T5890] usb 4-1: Manufacturer: syz [ 366.126743][ T5890] usb 4-1: SerialNumber: syz [ 366.150859][ T9] usb 2-1: USB disconnect, device number 33 [ 366.381701][ T24] usb 1-1: new high-speed USB device number 39 using dummy_hcd [ 366.511713][ T9440] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1204'. [ 366.544801][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 366.556371][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 366.595713][ T24] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 366.667196][ T24] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 366.688699][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 366.748600][ T24] usb 1-1: config 0 descriptor?? [ 367.204220][ T24] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 367.213572][ T24] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving [ 367.276286][ T24] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 367.499020][ T24] usb 1-1: USB disconnect, device number 39 [ 367.520412][ T980] usb 3-1: USB disconnect, device number 29 [ 367.783459][ T5890] usbhid 4-1:1.0: can't add hid device: -71 [ 367.818092][ T5890] usbhid 4-1:1.0: probe with driver usbhid failed with error -71 [ 367.880982][ T5890] usb 4-1: USB disconnect, device number 30 [ 367.968889][ T9462] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1213'. [ 368.290445][ T9469] FAULT_INJECTION: forcing a failure. [ 368.290445][ T9469] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 368.385506][ T5890] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 368.501500][ T9469] CPU: 1 UID: 0 PID: 9469 Comm: syz.4.1216 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) [ 368.501532][ T9469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 368.501543][ T9469] Call Trace: [ 368.501552][ T9469] [ 368.501560][ T9469] dump_stack_lvl+0x241/0x360 [ 368.501596][ T9469] ? __pfx_dump_stack_lvl+0x10/0x10 [ 368.501622][ T9469] ? __pfx__printk+0x10/0x10 [ 368.501673][ T9469] should_fail_ex+0x424/0x570 [ 368.501701][ T9469] _copy_to_user+0x31/0xb0 [ 368.501731][ T9469] simple_read_from_buffer+0xc4/0x170 [ 368.501763][ T9469] proc_fail_nth_read+0x1ef/0x260 [ 368.501787][ T9469] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 368.501811][ T9469] ? rw_verify_area+0x246/0x630 [ 368.501832][ T9469] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 368.501855][ T9469] vfs_read+0x21f/0xb90 [ 368.501882][ T9469] ? __pfx___mutex_lock+0x10/0x10 [ 368.501907][ T9469] ? __pfx_vfs_read+0x10/0x10 [ 368.501931][ T9469] ? __fget_files+0x2a/0x420 [ 368.501950][ T9469] ? __fget_files+0x39d/0x420 [ 368.501966][ T9469] ? __fget_files+0x2a/0x420 [ 368.501992][ T9469] ksys_read+0x19d/0x2d0 [ 368.502015][ T9469] ? __pfx_ksys_read+0x10/0x10 [ 368.502043][ T9469] ? do_syscall_64+0xb6/0x230 [ 368.502069][ T9469] do_syscall_64+0xf3/0x230 [ 368.502092][ T9469] ? clear_bhb_loop+0x45/0xa0 [ 368.502116][ T9469] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.502134][ T9469] RIP: 0033:0x7f882338cb7c [ 368.502153][ T9469] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 368.502170][ T9469] RSP: 002b:00007f8824242030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 368.502194][ T9469] RAX: ffffffffffffffda RBX: 00007f88235b5fa0 RCX: 00007f882338cb7c [ 368.502208][ T9469] RDX: 000000000000000f RSI: 00007f88242420a0 RDI: 0000000000000004 [ 368.502219][ T9469] RBP: 00007f8824242090 R08: 0000000000000000 R09: 0000000000000000 [ 368.502231][ T9469] R10: 0000000000010012 R11: 0000000000000246 R12: 0000000000000002 [ 368.502243][ T9469] R13: 0000000000000000 R14: 00007f88235b5fa0 R15: 00007f88236dfa28 [ 368.502274][ T9469] [ 368.830634][ T9468] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1215'. [ 368.885087][ T5890] usb 4-1: config 0 has no interfaces? [ 368.897751][ T5890] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d8.3b [ 368.906991][ T5890] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 368.915357][ T5890] usb 4-1: Product: syz [ 368.919592][ T5890] usb 4-1: Manufacturer: syz [ 368.924240][ T5890] usb 4-1: SerialNumber: syz [ 368.972777][ T5890] usb 4-1: config 0 descriptor?? [ 369.450581][ T30] kauditd_printk_skb: 62 callbacks suppressed [ 369.450598][ T30] audit: type=1326 audit(1744757744.440:1392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bfa38e169 code=0x7ffc0000 [ 369.514848][ T30] audit: type=1326 audit(1744757744.440:1393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bfa38e169 code=0x7ffc0000 [ 369.611633][ T9] usb 5-1: new high-speed USB device number 44 using dummy_hcd [ 369.627613][ T30] audit: type=1326 audit(1744757744.450:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1bfa38e169 code=0x7ffc0000 [ 369.701519][ T980] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 369.724186][ T30] audit: type=1326 audit(1744757744.450:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bfa38e169 code=0x7ffc0000 [ 370.055724][ T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 370.059279][ T30] audit: type=1326 audit(1744757744.450:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1bfa38e169 code=0x7ffc0000 [ 370.071449][ T980] usb 3-1: Using ep0 maxpacket: 16 [ 370.183345][ T9] usb 5-1: New USB device found, idVendor=05f3, idProduct=0240, bcdDevice=1b.24 [ 370.273171][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 370.283244][ T980] usb 3-1: unable to get BOS descriptor or descriptor too short [ 370.296661][ T980] usb 3-1: config 1 interface 0 has no altsetting 0 [ 370.345352][ T980] usb 3-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40 [ 370.360669][ T30] audit: type=1326 audit(1744757744.450:1397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bfa38e169 code=0x7ffc0000 [ 370.365493][ T980] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 370.405720][ T980] usb 3-1: Product: syz [ 370.410120][ T9] usb 5-1: Product: syz [ 370.424792][ T980] usb 3-1: Manufacturer: syz [ 370.438412][ T9] usb 5-1: Manufacturer: syz [ 370.444990][ T980] usb 3-1: SerialNumber: syz [ 370.454294][ T9] usb 5-1: SerialNumber: syz [ 370.454974][ T30] audit: type=1326 audit(1744757744.450:1398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bfa38e169 code=0x7ffc0000 [ 370.699520][ T30] audit: type=1326 audit(1744757744.450:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f1bfa38e169 code=0x7ffc0000 [ 370.735380][ T9] usb 5-1: config 0 descriptor?? [ 370.748741][ T9] powermate 5-1:0.0: probe with driver powermate failed with error -22 [ 370.761006][ T30] audit: type=1326 audit(1744757744.450:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bfa38e169 code=0x7ffc0000 [ 370.783377][ C0] vkms_vblank_simulate: vblank timer overrun [ 370.827174][ T30] audit: type=1326 audit(1744757744.450:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1bfa38e169 code=0x7ffc0000 [ 370.849633][ C0] vkms_vblank_simulate: vblank timer overrun [ 371.099880][ T9] usb 5-1: USB disconnect, device number 44 [ 371.846784][ T24] usb 4-1: USB disconnect, device number 31 [ 372.061547][ T9] usb 1-1: new high-speed USB device number 40 using dummy_hcd [ 372.172512][ T9503] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1226'. [ 372.203665][ T9503] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1226'. [ 372.234110][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 372.258593][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 372.281785][ T9505] vlan1: entered allmulticast mode [ 372.295508][ T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 372.348612][ T9505] veth0_vlan: entered allmulticast mode [ 372.388924][ T9] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 372.430001][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 372.596577][ T9] usb 1-1: config 0 descriptor?? [ 372.641807][ T24] usb 5-1: new high-speed USB device number 45 using dummy_hcd [ 372.844826][ T24] usb 5-1: config 0 has no interfaces? [ 372.853708][ T24] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 372.863324][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 372.873342][ T24] usb 5-1: Product: syz [ 372.889297][ T24] usb 5-1: Manufacturer: syz [ 372.908674][ T24] usb 5-1: SerialNumber: syz [ 373.012688][ T24] usb 5-1: config 0 descriptor?? [ 373.019831][ T9] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 373.047968][ T980] usbhid 3-1:1.0: can't add hid device: -71 [ 373.057109][ T9] plantronics 0003:047F:FFFF.0010: No inputs registered, leaving [ 373.069093][ T980] usbhid 3-1:1.0: probe with driver usbhid failed with error -71 [ 373.115441][ T980] usb 3-1: USB disconnect, device number 30 [ 373.122622][ T9] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 373.288574][ T9] usb 1-1: USB disconnect, device number 40 [ 373.305897][ T9503] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 373.315293][ T9503] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 373.591558][ T24] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 373.671493][ T980] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 373.751464][ T24] usb 2-1: Using ep0 maxpacket: 16 [ 373.760060][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11 [ 373.779687][ T24] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 373.813666][ T24] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 373.832678][ T980] usb 3-1: Using ep0 maxpacket: 16 [ 373.840234][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 373.857777][ T980] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 373.875488][ T980] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 8 [ 373.889906][ T24] usb 2-1: config 0 descriptor?? [ 373.890943][ T980] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 373.917625][ T980] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 373.935478][ T980] usb 3-1: config 1 interface 2 altsetting 1 has an endpoint descriptor with address 0x1A, changing to 0xA [ 373.949007][ T980] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0xA has invalid maxpacket 239, setting to 64 [ 373.969353][ T980] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 373.992720][ T980] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 374.007648][ T980] usb 3-1: Product: syz [ 374.015261][ T980] usb 3-1: Manufacturer: syz [ 374.020841][ T980] usb 3-1: SerialNumber: syz [ 374.257042][ T9516] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 374.276988][ T9516] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 374.555785][ T9518] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1229'. [ 374.565091][ T9518] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1229'. [ 374.576886][ T9516] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 374.617190][ T24] usbhid 2-1:0.0: can't add hid device: -71 [ 374.623399][ T24] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 374.650371][ T9516] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 374.692977][ T24] usb 2-1: USB disconnect, device number 34 [ 375.463419][ T5890] usb 5-1: USB disconnect, device number 45 [ 376.265389][ T5890] usb 5-1: new high-speed USB device number 46 using dummy_hcd [ 376.276974][ T30] kauditd_printk_skb: 62 callbacks suppressed [ 376.276996][ T30] audit: type=1326 audit(1744757751.200:1464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 376.391095][ T9550] fuse: Bad value for 'fd' [ 376.451623][ T10] usb 1-1: new high-speed USB device number 41 using dummy_hcd [ 376.500012][ T30] audit: type=1326 audit(1744757751.200:1465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 376.647717][ T5890] usb 5-1: config 0 has no interfaces? [ 376.664505][ T5890] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d8.3b [ 376.675604][ T5890] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 376.686305][ T10] usb 1-1: Using ep0 maxpacket: 16 [ 376.704326][ T5890] usb 5-1: Product: syz [ 376.708585][ T5890] usb 5-1: Manufacturer: syz [ 376.751085][ T5890] usb 5-1: SerialNumber: syz [ 376.760674][ T5890] usb 5-1: config 0 descriptor?? [ 376.960446][ T10] usb 1-1: unable to get BOS descriptor or descriptor too short [ 376.968495][ T30] audit: type=1326 audit(1744757751.200:1466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 377.093361][ T10] usb 1-1: config 1 interface 0 has no altsetting 0 [ 377.139992][ T30] audit: type=1326 audit(1744757751.200:1467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 377.222625][ T10] usb 1-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40 [ 377.242370][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 377.266718][ T10] usb 1-1: Product: syz [ 377.273234][ T30] audit: type=1326 audit(1744757751.200:1468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 377.309506][ T10] usb 1-1: Manufacturer: syz [ 377.341786][ T10] usb 1-1: SerialNumber: syz [ 377.348564][ T9559] FAULT_INJECTION: forcing a failure. [ 377.348564][ T9559] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 377.375229][ T9559] CPU: 0 UID: 0 PID: 9559 Comm: syz.2.1240 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) [ 377.375263][ T9559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 377.375274][ T9559] Call Trace: [ 377.375281][ T9559] [ 377.375290][ T9559] dump_stack_lvl+0x241/0x360 [ 377.375362][ T9559] ? __pfx_dump_stack_lvl+0x10/0x10 [ 377.375388][ T9559] ? __pfx__printk+0x10/0x10 [ 377.375426][ T9559] should_fail_ex+0x424/0x570 [ 377.375450][ T9559] _copy_from_user+0x2d/0xb0 [ 377.375487][ T9559] move_addr_to_kernel+0x7f/0x170 [ 377.375514][ T9559] __sys_sendto+0x26a/0x4c0 [ 377.375540][ T9559] ? __pfx___sys_sendto+0x10/0x10 [ 377.375573][ T9559] ? __fget_files+0x2a/0x420 [ 377.375608][ T9559] ? ksys_write+0x275/0x2d0 [ 377.375639][ T9559] __x64_sys_sendto+0xde/0x100 [ 377.375662][ T9559] do_syscall_64+0xf3/0x230 [ 377.375685][ T9559] ? clear_bhb_loop+0x45/0xa0 [ 377.375707][ T9559] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 377.375724][ T9559] RIP: 0033:0x7f1bfa38e169 [ 377.375742][ T9559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 377.375758][ T9559] RSP: 002b:00007f1bfb15f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 377.375781][ T9559] RAX: ffffffffffffffda RBX: 00007f1bfa5b6080 RCX: 00007f1bfa38e169 [ 377.375796][ T9559] RDX: 0000000000000001 RSI: 0000200000847fff RDI: 0000000000000003 [ 377.375809][ T9559] RBP: 00007f1bfb15f090 R08: 000020000005ffe4 R09: 000000000000001c [ 377.375822][ T9559] R10: 0000000020004000 R11: 0000000000000246 R12: 0000000000000001 [ 377.375834][ T9559] R13: 0000000000000000 R14: 00007f1bfa5b6080 R15: 00007f1bfa6dfa28 [ 377.375866][ T9559] [ 377.561787][ T30] audit: type=1326 audit(1744757751.200:1469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 377.617833][ T30] audit: type=1326 audit(1744757751.200:1470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 377.857154][ T30] audit: type=1326 audit(1744757751.200:1471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 377.886281][ T9563] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1241'. [ 377.974459][ T9563] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1241'. [ 378.104415][ T30] audit: type=1326 audit(1744757751.200:1472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 378.160288][ T30] audit: type=1326 audit(1744757751.200:1473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feaa0d8cad0 code=0x7ffc0000 [ 378.289607][ T9570] netlink: 'syz.2.1242': attribute type 8 has an invalid length. [ 378.842781][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.849879][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.454013][ T9582] netlink: 'syz.3.1245': attribute type 1 has an invalid length. [ 380.401166][ T10] usbhid 1-1:1.0: can't add hid device: -71 [ 380.442070][ T10] usbhid 1-1:1.0: probe with driver usbhid failed with error -71 [ 380.522253][ T10] usb 1-1: USB disconnect, device number 41 [ 380.969156][ T980] usb 5-1: USB disconnect, device number 46 [ 380.991825][ T10] usb 1-1: new high-speed USB device number 42 using dummy_hcd [ 381.181664][ T10] usb 1-1: Using ep0 maxpacket: 16 [ 381.221533][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11 [ 381.261788][ T10] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 381.263519][ T9596] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1250'. [ 381.286919][ T10] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 381.318816][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 381.323187][ T9598] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1251'. [ 381.347614][ T10] usb 1-1: config 0 descriptor?? [ 381.413457][ T9600] netlink: 'syz.3.1250': attribute type 15 has an invalid length. [ 381.991603][ T30] kauditd_printk_skb: 65 callbacks suppressed [ 381.991626][ T30] audit: type=1326 audit(1744757756.980:1539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9613 comm="syz.4.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 382.028603][ T9587] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1246'. [ 382.065017][ T9587] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1246'. [ 382.145390][ T30] audit: type=1326 audit(1744757756.980:1540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9613 comm="syz.4.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 382.218368][ T10] usbhid 1-1:0.0: can't add hid device: -71 [ 382.237429][ T5930] usb 5-1: new high-speed USB device number 47 using dummy_hcd [ 382.248569][ T30] audit: type=1326 audit(1744757756.980:1541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9613 comm="syz.4.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 382.257772][ T10] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 382.303052][ T10] usb 1-1: USB disconnect, device number 42 [ 382.318574][ T30] audit: type=1326 audit(1744757756.980:1542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9613 comm="syz.4.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 382.471656][ T5930] usb 5-1: Using ep0 maxpacket: 16 [ 382.548810][ T5930] usb 5-1: unable to get BOS descriptor or descriptor too short [ 382.604147][ T30] audit: type=1326 audit(1744757756.980:1543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9613 comm="syz.4.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 382.669170][ T5930] usb 5-1: config 1 interface 0 has no altsetting 0 [ 382.681605][ T5890] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 382.828388][ T5930] usb 5-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40 [ 382.867063][ T5890] usb 2-1: config 0 has no interfaces? [ 382.878252][ T5890] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d8.3b [ 382.893906][ T5890] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 382.928905][ T5890] usb 2-1: Product: syz [ 382.939747][ T30] audit: type=1326 audit(1744757756.980:1544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9613 comm="syz.4.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 382.947340][ T5890] usb 2-1: Manufacturer: syz [ 382.975335][ T5930] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 383.046852][ T5890] usb 2-1: SerialNumber: syz [ 383.071481][ T5930] usb 5-1: Product: syz [ 383.073705][ T5890] usb 2-1: config 0 descriptor?? [ 383.143326][ T5930] usb 5-1: Manufacturer: syz [ 383.375550][ T5930] usb 5-1: SerialNumber: syz [ 383.471590][ T30] audit: type=1326 audit(1744757756.980:1545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9613 comm="syz.4.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 383.620564][ T30] audit: type=1326 audit(1744757756.980:1546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9613 comm="syz.4.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 383.704708][ T30] audit: type=1326 audit(1744757756.980:1547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9613 comm="syz.4.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 384.000196][ T30] audit: type=1326 audit(1744757756.990:1548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9613 comm="syz.4.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 385.566080][ T5930] usbhid 5-1:1.0: can't add hid device: -71 [ 385.584348][ T5930] usbhid 5-1:1.0: probe with driver usbhid failed with error -71 [ 385.706790][ T5930] usb 5-1: USB disconnect, device number 47 [ 385.741574][ T980] usb 1-1: new full-speed USB device number 43 using dummy_hcd [ 385.936200][ T980] usb 1-1: config 0 has no interfaces? [ 386.047788][ T980] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 386.092440][ T980] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 386.155475][ T980] usb 1-1: Product: syz [ 386.212836][ T980] usb 1-1: Manufacturer: syz [ 386.223184][ T980] usb 1-1: SerialNumber: syz [ 386.262349][ T980] usb 1-1: config 0 descriptor?? [ 386.264617][ T5890] usb 2-1: USB disconnect, device number 35 [ 386.492084][ T5930] usb 5-1: new high-speed USB device number 48 using dummy_hcd [ 386.683521][ T5930] usb 5-1: Using ep0 maxpacket: 8 [ 386.687273][ T5930] usb 5-1: config 255 has an invalid interface number: 148 but max is 1 [ 386.687317][ T5930] usb 5-1: config 255 has an invalid interface number: 126 but max is 1 [ 386.687341][ T5930] usb 5-1: config 255 has no interface number 0 [ 386.687359][ T5930] usb 5-1: config 255 has no interface number 1 [ 386.687418][ T5930] usb 5-1: config 255 interface 148 altsetting 8 endpoint 0x1 has invalid maxpacket 1023, setting to 64 [ 386.687447][ T5930] usb 5-1: config 255 interface 148 altsetting 8 endpoint 0xE has invalid maxpacket 512, setting to 64 [ 386.687474][ T5930] usb 5-1: config 255 interface 148 altsetting 8 has a duplicate endpoint with address 0x3, skipping [ 386.687515][ T5930] usb 5-1: config 255 interface 126 altsetting 255 endpoint 0xC has invalid maxpacket 1023, setting to 64 [ 386.687541][ T5930] usb 5-1: config 255 interface 126 altsetting 255 endpoint 0xF has an invalid bInterval 255, changing to 7 [ 386.687568][ T5930] usb 5-1: config 255 interface 126 altsetting 255 has a duplicate endpoint with address 0xE, skipping [ 386.687591][ T5930] usb 5-1: config 255 interface 126 altsetting 255 has an invalid descriptor for endpoint zero, skipping [ 386.687613][ T5930] usb 5-1: config 255 interface 126 altsetting 255 has a duplicate endpoint with address 0x8, skipping [ 386.687637][ T5930] usb 5-1: config 255 interface 126 altsetting 255 endpoint 0x4 has invalid maxpacket 1608, setting to 1024 [ 386.687662][ T5930] usb 5-1: config 255 interface 126 altsetting 255 bulk endpoint 0x4 has invalid maxpacket 1024 [ 386.687690][ T5930] usb 5-1: config 255 interface 148 has no altsetting 0 [ 386.687709][ T5930] usb 5-1: config 255 interface 126 has no altsetting 0 [ 386.719172][ T5930] usb 5-1: New USB device found, idVendor=0e8d, idProduct=763f, bcdDevice=66.8e [ 386.719209][ T5930] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 386.719231][ T5930] usb 5-1: Product: 퉒ʪ吊됀뵗팾褬٢䍮䜿㿽꣔켙뾄焘턺茑䉂詽폤蚍觟雤ֹḡ༖助뜶⫞콏셯ん㨭弲㓵椂䖠↝ꎘ쭀뭉益慰Ɑ韭䁘벐Ო喭葯暪戦닼哔曇痻儆Ṝ࿲笁Ụ蛉븎 [ 386.719256][ T5930] usb 5-1: Manufacturer: ᐊ [ 386.719272][ T5930] usb 5-1: SerialNumber: 囀螺绕匀ᚣ岣鋑뫆隡켐ﵹ쁾꘶䯙쮘竡ꔐ莵 [ 386.801566][ T5890] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 386.910738][ T9676] fuse: Unknown parameter '0x0000000000000009' [ 386.951861][ T5890] usb 2-1: Using ep0 maxpacket: 16 [ 386.955812][ T5890] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11 [ 386.955850][ T5890] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 386.955895][ T5890] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 386.955917][ T5890] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 386.958531][ T5890] usb 2-1: config 0 descriptor?? [ 387.319020][ T9678] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 387.319382][ T9678] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 387.930263][ T9665] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1273'. [ 387.930329][ T9665] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1273'. [ 388.345291][ T5890] usbhid 2-1:0.0: can't add hid device: -71 [ 388.391131][ T5890] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 388.418262][ T5930] usb 5-1: USB disconnect, device number 48 [ 388.421568][ T5890] usb 2-1: USB disconnect, device number 36 [ 388.669764][ T980] usb 1-1: USB disconnect, device number 43 [ 389.277895][ T30] kauditd_printk_skb: 56 callbacks suppressed [ 389.277916][ T30] audit: type=1326 audit(1744757764.280:1605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9690 comm="syz.4.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 389.391267][ T30] audit: type=1326 audit(1744757764.290:1606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9690 comm="syz.4.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 389.581574][ T980] usb 5-1: new high-speed USB device number 49 using dummy_hcd [ 389.731460][ T5930] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 389.746872][ T980] usb 5-1: Using ep0 maxpacket: 16 [ 389.771464][ T30] audit: type=1326 audit(1744757764.320:1607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9690 comm="syz.4.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 389.793662][ T980] usb 5-1: unable to get BOS descriptor or descriptor too short [ 389.815788][ T980] usb 5-1: config 1 interface 0 has no altsetting 0 [ 389.842004][ T980] usb 5-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40 [ 389.853533][ T980] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 389.867729][ T980] usb 5-1: Product: syz [ 389.884791][ T980] usb 5-1: Manufacturer: syz [ 389.900134][ T980] usb 5-1: SerialNumber: syz [ 389.962787][ T30] audit: type=1326 audit(1744757764.320:1608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9690 comm="syz.4.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 390.047716][ T30] audit: type=1326 audit(1744757764.320:1609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9690 comm="syz.4.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 390.276809][ T30] audit: type=1326 audit(1744757764.320:1610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9690 comm="syz.4.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 390.329976][ T5930] usb 2-1: config 0 has no interfaces? [ 390.344674][ T5930] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d8.3b [ 390.358871][ T5930] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 390.430066][ T5930] usb 2-1: Product: syz [ 390.441300][ T5930] usb 2-1: Manufacturer: syz [ 390.455561][ T5930] usb 2-1: SerialNumber: syz [ 390.479624][ T30] audit: type=1326 audit(1744757764.330:1611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9690 comm="syz.4.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 390.568627][ T5930] usb 2-1: config 0 descriptor?? [ 390.724105][ T30] audit: type=1326 audit(1744757764.330:1612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9690 comm="syz.4.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 390.866657][ T30] audit: type=1326 audit(1744757764.330:1613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9690 comm="syz.4.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 391.214369][ T30] audit: type=1326 audit(1744757764.330:1614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9690 comm="syz.4.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f882338e169 code=0x7ffc0000 [ 391.282438][ T5930] usb 1-1: new high-speed USB device number 44 using dummy_hcd [ 391.452744][ T5930] usb 1-1: Using ep0 maxpacket: 16 [ 391.534875][ T5930] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11 [ 391.547455][ T5930] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 391.572770][ T5930] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 391.600173][ T5930] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 391.722246][ T9721] FAULT_INJECTION: forcing a failure. [ 391.722246][ T9721] name failslab, interval 1, probability 0, space 0, times 0 [ 391.809057][ T9721] CPU: 1 UID: 0 PID: 9721 Comm: syz.2.1290 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) [ 391.809090][ T9721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 391.809101][ T9721] Call Trace: [ 391.809109][ T9721] [ 391.809118][ T9721] dump_stack_lvl+0x241/0x360 [ 391.809147][ T9721] ? __pfx_dump_stack_lvl+0x10/0x10 [ 391.809164][ T9721] ? __pfx__printk+0x10/0x10 [ 391.809182][ T9721] ? __pfx___might_resched+0x10/0x10 [ 391.809208][ T9721] should_fail_ex+0x424/0x570 [ 391.809243][ T9721] should_failslab+0xac/0x100 [ 391.809270][ T9721] kmem_cache_alloc_noprof+0x78/0x390 [ 391.809293][ T9721] ? security_inode_alloc+0x37/0x310 [ 391.809313][ T9721] security_inode_alloc+0x37/0x310 [ 391.809331][ T9721] inode_init_always_gfp+0xa0f/0xd90 [ 391.809353][ T9721] ? __pfx_sock_alloc_inode+0x10/0x10 [ 391.809380][ T9721] alloc_inode+0xa3/0x1b0 [ 391.809407][ T9721] __sock_create+0x127/0xa30 [ 391.809443][ T9721] __sys_socket+0x14d/0x3c0 [ 391.809462][ T9721] ? __pfx___sys_socket+0x10/0x10 [ 391.809486][ T9721] __x64_sys_socket+0x7a/0x90 [ 391.809505][ T9721] do_syscall_64+0xf3/0x230 [ 391.809529][ T9721] ? clear_bhb_loop+0x45/0xa0 [ 391.809551][ T9721] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.809569][ T9721] RIP: 0033:0x7f1bfa390087 [ 391.809591][ T9721] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 391.809606][ T9721] RSP: 002b:00007f1bfb17efa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 391.809621][ T9721] RAX: ffffffffffffffda RBX: 00007f1bfa5b5fa0 RCX: 00007f1bfa390087 [ 391.809629][ T9721] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 391.809636][ T9721] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 391.809643][ T9721] R10: 00002000000000c0 R11: 0000000000000286 R12: 0000000000000001 [ 391.809650][ T9721] R13: 0000000000000000 R14: 00007f1bfa5b5fa0 R15: 00007f1bfa6dfa28 [ 391.809679][ T9721] [ 392.225721][ T9721] socket: no more sockets [ 392.253676][ T5930] usb 1-1: config 0 descriptor?? [ 392.750404][ T9726] netlink: 144 bytes leftover after parsing attributes in process `syz.2.1292'. [ 392.824622][ T980] usbhid 5-1:1.0: can't add hid device: -71 [ 392.846468][ T980] usbhid 5-1:1.0: probe with driver usbhid failed with error -71 [ 392.876423][ T980] usb 5-1: USB disconnect, device number 49 [ 392.904772][ T9719] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1289'. [ 392.914316][ T9719] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1289'. [ 393.037431][ T5930] usbhid 1-1:0.0: can't add hid device: -71 [ 393.047398][ T5930] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 393.064973][ T5930] usb 1-1: USB disconnect, device number 44 [ 393.099978][ T9729] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1293'. [ 393.220384][ T5891] usb 2-1: USB disconnect, device number 37 [ 393.330633][ T9736] "syz.4.1296" (9736) uses obsolete ecb(arc4) skcipher [ 394.062587][ T9754] syzkaller1: entered promiscuous mode [ 394.086090][ T9754] syzkaller1: entered allmulticast mode [ 394.293190][ T5930] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 394.453670][ T30] kauditd_printk_skb: 91 callbacks suppressed [ 394.453689][ T30] audit: type=1326 audit(1744757769.460:1706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9751 comm="syz.3.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c5718dd6b code=0x7ffc0000 [ 394.550379][ T30] audit: type=1326 audit(1744757769.490:1707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9751 comm="syz.3.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c5718dd6b code=0x7ffc0000 [ 394.578641][ T30] audit: type=1326 audit(1744757769.540:1708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9751 comm="syz.3.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c5718dd6b code=0x7ffc0000 [ 394.637862][ T30] audit: type=1326 audit(1744757769.620:1709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9751 comm="syz.3.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c5718dd6b code=0x7ffc0000 [ 394.674773][ T980] usb 5-1: new high-speed USB device number 50 using dummy_hcd [ 394.708998][ T5930] usb 4-1: Using ep0 maxpacket: 16 [ 394.720876][ T30] audit: type=1326 audit(1744757769.720:1710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9751 comm="syz.3.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c5718dd6b code=0x7ffc0000 [ 394.809916][ T5930] usb 4-1: unable to get BOS descriptor or descriptor too short [ 394.830552][ T5930] usb 4-1: config 1 interface 0 has no altsetting 0 [ 394.873909][ T5930] usb 4-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40 [ 394.908010][ T30] audit: type=1326 audit(1744757769.720:1711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9751 comm="syz.3.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c5718dd6b code=0x7ffc0000 [ 394.947697][ T5930] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 394.960612][ T980] usb 5-1: config 0 has no interfaces? [ 395.002465][ T5930] usb 4-1: Product: syz [ 395.006729][ T5930] usb 4-1: Manufacturer: syz [ 395.020924][ T9765] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1306'. [ 395.035939][ T980] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 395.055740][ T980] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 395.064475][ T5930] usb 4-1: SerialNumber: syz [ 395.075162][ T980] usb 5-1: Product: syz [ 395.089581][ T30] audit: type=1326 audit(1744757769.750:1712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9751 comm="syz.3.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c5718dd6b code=0x7ffc0000 [ 395.118098][ T980] usb 5-1: Manufacturer: syz [ 395.124384][ T980] usb 5-1: SerialNumber: syz [ 395.149659][ T30] audit: type=1326 audit(1744757769.750:1713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9751 comm="syz.3.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c5718dd6b code=0x7ffc0000 [ 395.197038][ T980] usb 5-1: config 0 descriptor?? [ 395.247459][ T30] audit: type=1326 audit(1744757769.750:1714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9751 comm="syz.3.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c5718dd6b code=0x7ffc0000 [ 395.375580][ T30] audit: type=1326 audit(1744757769.810:1715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9751 comm="syz.3.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c5718dd6b code=0x7ffc0000 [ 395.534567][ T9773] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 395.543755][ T9773] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 396.321690][ T10] usb 1-1: new high-speed USB device number 45 using dummy_hcd [ 396.471630][ T10] usb 1-1: Using ep0 maxpacket: 16 [ 396.486229][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11 [ 396.528929][ T10] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 396.609836][ T10] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 396.646847][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 396.711948][ T10] usb 1-1: config 0 descriptor?? [ 397.251483][ T980] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 397.350993][ T9780] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1312'. [ 397.360254][ T9780] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1312'. [ 397.401209][ T10] usbhid 1-1:0.0: can't add hid device: -71 [ 397.408595][ T10] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 397.424609][ T5892] usb 5-1: USB disconnect, device number 50 [ 397.433074][ T980] usb 2-1: device descriptor read/64, error -71 [ 397.459505][ T10] usb 1-1: USB disconnect, device number 45 [ 397.704856][ T980] usb 2-1: new high-speed USB device number 39 using dummy_hcd [ 397.841516][ T980] usb 2-1: device descriptor read/64, error -71 [ 397.966957][ T980] usb usb2-port1: attempt power cycle [ 398.361601][ T980] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 398.408118][ T980] usb 2-1: device descriptor read/8, error -71 [ 398.639095][ T5930] usbhid 4-1:1.0: can't add hid device: -71 [ 398.681768][ T5930] usbhid 4-1:1.0: probe with driver usbhid failed with error -71 [ 398.741169][ T5930] usb 4-1: USB disconnect, device number 32 [ 398.752884][ T980] usb 2-1: new high-speed USB device number 41 using dummy_hcd [ 398.840666][ T9799] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1318'. [ 398.852736][ T980] usb 2-1: device descriptor read/8, error -71 [ 398.965980][ T980] usb usb2-port1: unable to enumerate USB device [ 399.438104][ T9820] wg1: entered promiscuous mode [ 399.523565][ T9820] wg1: entered allmulticast mode [ 399.541625][ T30] kauditd_printk_skb: 36 callbacks suppressed [ 399.541671][ T30] audit: type=1326 audit(1744757774.490:1752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9816 comm="syz.0.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 399.582411][ T5891] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 399.663321][ T30] audit: type=1326 audit(1744757774.490:1753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9816 comm="syz.0.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 399.706430][ T30] audit: type=1326 audit(1744757774.490:1754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9816 comm="syz.0.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 399.738040][ T30] audit: type=1326 audit(1744757774.490:1755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9816 comm="syz.0.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 399.781583][ T30] audit: type=1326 audit(1744757774.490:1756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9816 comm="syz.0.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 399.819123][ T5930] usb 1-1: new high-speed USB device number 46 using dummy_hcd [ 399.821608][ T5891] usb 4-1: Using ep0 maxpacket: 16 [ 399.849381][ T5891] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11 [ 399.869452][ T5891] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 399.890524][ T30] audit: type=1326 audit(1744757774.490:1757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9816 comm="syz.0.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 399.944745][ T5891] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 400.061496][ T5930] usb 1-1: Using ep0 maxpacket: 16 [ 400.104961][ T5891] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 400.116410][ T30] audit: type=1326 audit(1744757774.490:1758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9816 comm="syz.0.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 400.145286][ T5891] usb 4-1: config 0 descriptor?? [ 400.160175][ T30] audit: type=1326 audit(1744757774.490:1759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9816 comm="syz.0.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 400.183524][ T30] audit: type=1326 audit(1744757774.490:1760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9816 comm="syz.0.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 400.256692][ T5930] usb 1-1: unable to get BOS descriptor or descriptor too short [ 400.324966][ T5930] usb 1-1: config 1 interface 0 has no altsetting 0 [ 400.342059][ T9830] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1332'. [ 400.416484][ T5930] usb 1-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40 [ 400.421491][ T30] audit: type=1326 audit(1744757774.490:1761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9816 comm="syz.0.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaa0d8e169 code=0x7ffc0000 [ 400.448728][ T5930] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 400.448761][ T5930] usb 1-1: Product: syz [ 400.448778][ T5930] usb 1-1: Manufacturer: syz [ 400.549943][ T5930] usb 1-1: SerialNumber: syz [ 400.740802][ T9835] FAULT_INJECTION: forcing a failure. [ 400.740802][ T9835] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 400.763038][ T9835] CPU: 0 UID: 0 PID: 9835 Comm: syz.1.1333 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) [ 400.763068][ T9835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 400.763086][ T9835] Call Trace: [ 400.763093][ T9835] [ 400.763102][ T9835] dump_stack_lvl+0x241/0x360 [ 400.763138][ T9835] ? __pfx_dump_stack_lvl+0x10/0x10 [ 400.763173][ T9835] ? __pfx__printk+0x10/0x10 [ 400.763212][ T9835] should_fail_ex+0x424/0x570 [ 400.763239][ T9835] _copy_to_iter+0x43f/0x1c90 [ 400.763280][ T9835] ? __pfx__copy_to_iter+0x10/0x10 [ 400.763304][ T9835] ? __x64_sys_recvmmsg+0x1ca/0x260 [ 400.763326][ T9835] ? do_syscall_64+0xf3/0x230 [ 400.763349][ T9835] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 400.763379][ T9835] ? skb_recv_datagram+0x26e/0x310 [ 400.763403][ T9835] __skb_datagram_iter+0x101/0x940 [ 400.763428][ T9835] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 400.763458][ T9835] skb_copy_datagram_iter+0xd1/0x250 [ 400.763483][ T9835] netlink_recvmsg+0x2d4/0x1180 [ 400.763519][ T9835] ? __pfx_netlink_recvmsg+0x10/0x10 [ 400.763546][ T9835] ? __kmalloc_noprof+0x2ae/0x4d0 [ 400.763573][ T9835] ? __pfx_aa_sk_perm+0x10/0x10 [ 400.763603][ T9835] ? aa_sock_msg_perm+0x91/0x160 [ 400.763629][ T9835] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 400.763646][ T9835] ? __pfx_netlink_recvmsg+0x10/0x10 [ 400.763674][ T9835] sock_recvmsg+0x22f/0x280 [ 400.763704][ T9835] ____sys_recvmsg+0x1c8/0x480 [ 400.763735][ T9835] ? __pfx_____sys_recvmsg+0x10/0x10 [ 400.763782][ T9835] do_recvmmsg+0x428/0xab0 [ 400.763817][ T9835] ? __pfx_do_recvmmsg+0x10/0x10 [ 400.763859][ T9835] ? __lock_acquire+0xad5/0xd80 [ 400.763913][ T9835] ? get_timespec64+0x1a8/0x290 [ 400.763950][ T9835] __x64_sys_recvmmsg+0x1ca/0x260 [ 400.763974][ T9835] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 400.764001][ T9835] ? do_syscall_64+0xb6/0x230 [ 400.764026][ T9835] do_syscall_64+0xf3/0x230 [ 400.764048][ T9835] ? clear_bhb_loop+0x45/0xa0 [ 400.764072][ T9835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 400.764091][ T9835] RIP: 0033:0x7fd4c118e169 [ 400.764110][ T9835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 400.764126][ T9835] RSP: 002b:00007fd4c206f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 400.764148][ T9835] RAX: ffffffffffffffda RBX: 00007fd4c13b5fa0 RCX: 00007fd4c118e169 [ 400.764176][ T9835] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003 [ 400.764188][ T9835] RBP: 00007fd4c206f090 R08: 0000200000003700 R09: 0000000000000000 [ 400.764200][ T9835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 400.764212][ T9835] R13: 0000000000000000 R14: 00007fd4c13b5fa0 R15: 00007fd4c14dfa28 [ 400.764242][ T9835] [ 400.765882][ T9814] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1327'. [ 401.271900][ T9814] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1327'. [ 401.507046][ T5891] usbhid 4-1:0.0: can't add hid device: -71 [ 401.513440][ T5891] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 401.646756][ T5891] usb 4-1: USB disconnect, device number 33 [ 402.685918][ T9856] FAULT_INJECTION: forcing a failure. [ 402.685918][ T9856] name failslab, interval 1, probability 0, space 0, times 0 [ 402.791555][ T9856] CPU: 1 UID: 0 PID: 9856 Comm: syz.1.1340 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) [ 402.791589][ T9856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 402.791602][ T9856] Call Trace: [ 402.791610][ T9856] [ 402.791619][ T9856] dump_stack_lvl+0x241/0x360 [ 402.791658][ T9856] ? __pfx_dump_stack_lvl+0x10/0x10 [ 402.791685][ T9856] ? __pfx__printk+0x10/0x10 [ 402.791717][ T9856] ? ref_tracker_alloc+0x316/0x4c0 [ 402.791740][ T9856] should_fail_ex+0x424/0x570 [ 402.791766][ T9856] should_failslab+0xac/0x100 [ 402.791793][ T9856] kmem_cache_alloc_noprof+0x78/0x390 [ 402.791818][ T9856] ? skb_clone+0x20c/0x390 [ 402.791844][ T9856] skb_clone+0x20c/0x390 [ 402.791868][ T9856] __netlink_deliver_tap+0x3c4/0x7f0 [ 402.791901][ T9856] ? netlink_deliver_tap+0x2e/0x1b0 [ 402.791916][ T9856] netlink_deliver_tap+0x19d/0x1b0 [ 402.791933][ T9856] netlink_sendskb+0x68/0x140 [ 402.791951][ T9856] netlink_unicast+0x39f/0x9a0 [ 402.791972][ T9856] ? __asan_memcpy+0x40/0x70 [ 402.792000][ T9856] ? __pfx_netlink_unicast+0x10/0x10 [ 402.792024][ T9856] ? ref_tracker_free+0x63e/0x7e0 [ 402.792051][ T9856] netlink_rcv_skb+0x296/0x480 [ 402.792068][ T9856] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 402.792086][ T9856] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 402.792130][ T9856] ? netlink_deliver_tap+0x2e/0x1b0 [ 402.792159][ T9856] ? netlink_deliver_tap+0x2e/0x1b0 [ 402.792186][ T9856] netlink_unicast+0x7f8/0x9a0 [ 402.792213][ T9856] ? __pfx_netlink_unicast+0x10/0x10 [ 402.792229][ T9856] ? skb_put+0x114/0x1f0 [ 402.792243][ T9856] netlink_sendmsg+0x8c3/0xcd0 [ 402.792273][ T9856] ? __pfx_netlink_sendmsg+0x10/0x10 [ 402.792304][ T9856] ? aa_sock_msg_perm+0x91/0x160 [ 402.792335][ T9856] ? __pfx_netlink_sendmsg+0x10/0x10 [ 402.792358][ T9856] __sock_sendmsg+0x221/0x270 [ 402.792379][ T9856] ____sys_sendmsg+0x523/0x860 [ 402.792398][ T9856] ? __pfx_____sys_sendmsg+0x10/0x10 [ 402.792421][ T9856] __sys_sendmmsg+0x3a0/0x7b0 [ 402.792455][ T9856] ? __pfx___sys_sendmmsg+0x10/0x10 [ 402.792515][ T9856] ? rcu_read_lock_any_held+0xbb/0x160 [ 402.792532][ T9856] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 402.792548][ T9856] ? vfs_write+0xb29/0xd10 [ 402.792568][ T9856] ? ksys_write+0x24e/0x2d0 [ 402.792588][ T9856] ? __mutex_unlock_slowpath+0x229/0x800 [ 402.792645][ T9856] ? ksys_write+0x275/0x2d0 [ 402.792676][ T9856] __x64_sys_sendmmsg+0xa0/0xb0 [ 402.792690][ T9856] do_syscall_64+0xf3/0x230 [ 402.792705][ T9856] ? clear_bhb_loop+0x45/0xa0 [ 402.792718][ T9856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 402.792731][ T9856] RIP: 0033:0x7fd4c118e169 [ 402.792748][ T9856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 402.792764][ T9856] RSP: 002b:00007fd4c204e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 402.792786][ T9856] RAX: ffffffffffffffda RBX: 00007fd4c13b6080 RCX: 00007fd4c118e169 [ 402.792800][ T9856] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 0000000000000004 [ 402.792812][ T9856] RBP: 00007fd4c204e090 R08: 0000000000000000 R09: 0000000000000000 [ 402.792824][ T9856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 402.792832][ T9856] R13: 0000000000000000 R14: 00007fd4c13b6080 R15: 00007fd4c14dfa28 [ 402.792850][ T9856] [ 403.610776][ T9861] netlink: 'syz.4.1342': attribute type 10 has an invalid length. [ 403.758885][ T9861] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 404.021532][ T10] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 404.039840][ T5930] usbhid 1-1:1.0: can't add hid device: -71 [ 404.083770][ T5930] usbhid 1-1:1.0: probe with driver usbhid failed with error -71 [ 404.093246][ T9861] syz.4.1342 (9861) used greatest stack depth: 19128 bytes left [ 404.191315][ T9872] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1344'. [ 404.212879][ T10] usb 4-1: Using ep0 maxpacket: 16 [ 404.223648][ T10] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87 [ 404.240477][ T5930] usb 1-1: USB disconnect, device number 46 [ 404.251040][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 404.317795][ T10] usb 4-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 404.335151][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 404.356641][ T10] usb 4-1: Product: syz [ 404.412474][ T10] usb 4-1: Manufacturer: syz [ 404.435390][ T10] usb 4-1: SerialNumber: syz [ 404.459370][ T10] usb 4-1: config 0 descriptor?? [ 404.754784][ T10] appledisplay 4-1:0.0: Error while getting initial brightness: -110 [ 404.765991][ T10] appledisplay 4-1:0.0: probe with driver appledisplay failed with error -110 [ 404.808702][ T9877] [ 404.811065][ T9877] ====================================================== [ 404.818089][ T9877] WARNING: possible circular locking dependency detected [ 404.825146][ T9877] 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 Not tainted [ 404.832299][ T9877] ------------------------------------------------------ [ 404.839333][ T9877] syz.0.1346/9877 is trying to acquire lock: [ 404.845332][ T9877] ffffffff900fd588 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_setsockopt+0x10f0/0x39c0 [ 404.854444][ T9877] [ 404.854444][ T9877] but task is already holding lock: [ 404.861964][ T9877] ffff888062752d28 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x1b2/0xd50 [ 404.872291][ T9877] [ 404.872291][ T9877] which lock already depends on the new lock. [ 404.872291][ T9877] [ 404.882816][ T9877] [ 404.882816][ T9877] the existing dependency chain (in reverse order) is: [ 404.891835][ T9877] [ 404.891835][ T9877] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 404.900547][ T9877] lock_acquire+0x116/0x2f0 [ 404.905586][ T9877] __mutex_lock+0x1a5/0x10c0 [ 404.910705][ T9877] smc_switch_to_fallback+0x35/0xda0 [ 404.916530][ T9877] smc_sendmsg+0x11f/0x530 [ 404.921469][ T9877] __sock_sendmsg+0x221/0x270 [ 404.926677][ T9877] __sys_sendto+0x365/0x4c0 [ 404.931704][ T9877] __x64_sys_sendto+0xde/0x100 [ 404.937000][ T9877] do_syscall_64+0xf3/0x230 [ 404.942122][ T9877] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 404.948541][ T9877] [ 404.948541][ T9877] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 404.956461][ T9877] lock_acquire+0x116/0x2f0 [ 404.961592][ T9877] lock_sock_nested+0x48/0x100 [ 404.967776][ T9877] do_ip_setsockopt+0x17e9/0x39c0 [ 404.973357][ T9877] ip_setsockopt+0x63/0x100 [ 404.978414][ T9877] do_sock_setsockopt+0x3b1/0x710 [ 404.983979][ T9877] __x64_sys_setsockopt+0x1ee/0x280 [ 404.990064][ T9877] do_syscall_64+0xf3/0x230 [ 404.995188][ T9877] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 405.001699][ T9877] [ 405.001699][ T9877] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 405.009110][ T9877] validate_chain+0xa69/0x24e0 [ 405.014759][ T9877] __lock_acquire+0xad5/0xd80 [ 405.019965][ T9877] lock_acquire+0x116/0x2f0 [ 405.025170][ T9877] __mutex_lock+0x1a5/0x10c0 [ 405.030291][ T9877] do_ip_setsockopt+0x10f0/0x39c0 [ 405.036017][ T9877] ip_setsockopt+0x63/0x100 [ 405.041066][ T9877] smc_setsockopt+0x25c/0xd50 [ 405.046284][ T9877] do_sock_setsockopt+0x3b1/0x710 [ 405.051834][ T9877] __x64_sys_setsockopt+0x1ee/0x280 [ 405.057730][ T9877] do_syscall_64+0xf3/0x230 [ 405.062776][ T9877] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 405.069369][ T9877] [ 405.069369][ T9877] other info that might help us debug this: [ 405.069369][ T9877] [ 405.079603][ T9877] Chain exists of: [ 405.079603][ T9877] rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock [ 405.079603][ T9877] [ 405.093612][ T9877] Possible unsafe locking scenario: [ 405.093612][ T9877] [ 405.101064][ T9877] CPU0 CPU1 [ 405.106432][ T9877] ---- ---- [ 405.111969][ T9877] lock(&smc->clcsock_release_lock); [ 405.117495][ T9877] lock(sk_lock-AF_INET); [ 405.124447][ T9877] lock(&smc->clcsock_release_lock); [ 405.132435][ T9877] lock(rtnl_mutex); [ 405.136507][ T9877] [ 405.136507][ T9877] *** DEADLOCK *** [ 405.136507][ T9877] [ 405.145011][ T9877] 1 lock held by syz.0.1346/9877: [ 405.150085][ T9877] #0: ffff888062752d28 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x1b2/0xd50 [ 405.160717][ T9877] [ 405.160717][ T9877] stack backtrace: [ 405.166638][ T9877] CPU: 1 UID: 0 PID: 9877 Comm: syz.0.1346 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) [ 405.166658][ T9877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 405.166668][ T9877] Call Trace: [ 405.166674][ T9877] [ 405.166681][ T9877] dump_stack_lvl+0x241/0x360 [ 405.166707][ T9877] ? __pfx_dump_stack_lvl+0x10/0x10 [ 405.166728][ T9877] ? __pfx__printk+0x10/0x10 [ 405.166748][ T9877] ? print_lock+0x171/0x1a0 [ 405.166769][ T9877] print_circular_bug+0x2e1/0x300 [ 405.166789][ T9877] check_noncircular+0x142/0x160 [ 405.166811][ T9877] validate_chain+0xa69/0x24e0 [ 405.166838][ T9877] __lock_acquire+0xad5/0xd80 [ 405.166855][ T9877] lock_acquire+0x116/0x2f0 [ 405.166870][ T9877] ? do_ip_setsockopt+0x10f0/0x39c0 [ 405.166891][ T9877] __mutex_lock+0x1a5/0x10c0 [ 405.166909][ T9877] ? do_ip_setsockopt+0x10f0/0x39c0 [ 405.166924][ T9877] ? preempt_schedule+0xe4/0xf0 [ 405.166939][ T9877] ? preempt_schedule_common+0x84/0xd0 [ 405.166955][ T9877] ? look_up_lock_class+0x7b/0x170 [ 405.166972][ T9877] ? register_lock_class+0x54/0x330 [ 405.166986][ T9877] ? do_ip_setsockopt+0x10f0/0x39c0 [ 405.167003][ T9877] ? __pfx___mutex_lock+0x10/0x10 [ 405.167019][ T9877] ? __lock_acquire+0xad5/0xd80 [ 405.167037][ T9877] ? __pfx___mutex_trylock_common+0x10/0x10 [ 405.167057][ T9877] do_ip_setsockopt+0x10f0/0x39c0 [ 405.167084][ T9877] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 405.167103][ T9877] ? smc_setsockopt+0x1b2/0xd50 [ 405.167120][ T9877] ? __pfx___mutex_lock+0x10/0x10 [ 405.167137][ T9877] ? futex_wake+0x525/0x5d0 [ 405.167154][ T9877] ip_setsockopt+0x63/0x100 [ 405.167170][ T9877] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 405.167191][ T9877] smc_setsockopt+0x25c/0xd50 [ 405.167209][ T9877] ? __pfx_aa_sk_perm+0x10/0x10 [ 405.167226][ T9877] ? __pfx_smc_setsockopt+0x10/0x10 [ 405.167242][ T9877] ? aa_sock_opt_perm+0x79/0x120 [ 405.167262][ T9877] ? __pfx_smc_setsockopt+0x10/0x10 [ 405.167277][ T9877] do_sock_setsockopt+0x3b1/0x710 [ 405.167294][ T9877] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 405.167308][ T9877] ? __fget_files+0x2a/0x420 [ 405.167322][ T9877] ? __fget_files+0x39d/0x420 [ 405.167335][ T9877] ? __fget_files+0x2a/0x420 [ 405.167349][ T9877] __x64_sys_setsockopt+0x1ee/0x280 [ 405.167366][ T9877] do_syscall_64+0xf3/0x230 [ 405.167383][ T9877] ? clear_bhb_loop+0x45/0xa0 [ 405.167399][ T9877] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 405.167413][ T9877] RIP: 0033:0x7feaa0d8e169 [ 405.167427][ T9877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 405.167440][ T9877] RSP: 002b:00007feaa1c0e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 405.167457][ T9877] RAX: ffffffffffffffda RBX: 00007feaa0fb5fa0 RCX: 00007feaa0d8e169 [ 405.167469][ T9877] RDX: 000000000000002c RSI: 0000000000000000 RDI: 0000000000000006 [ 405.167478][ T9877] RBP: 00007feaa0e10a68 R08: 0000000000000108 R09: 0000000000000000 [ 405.167489][ T9877] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000000 [ 405.167499][ T9877] R13: 0000000000000000 R14: 00007feaa0fb5fa0 R15: 00007feaa10dfa28 [ 405.167514][ T9877] [ 405.477225][ C1] vkms_vblank_simulate: vblank timer overrun [ 405.707791][ T9880] trusted_key: syz.4.1347 sent an empty control message without MSG_MORE. [ 406.375251][ T10] usb 4-1: USB disconnect, device number 34