Warning: Permanently added '[localhost]:44027' (ECDSA) to the list of known hosts. 2022/09/12 16:44:34 fuzzer started 2022/09/12 16:44:35 dialing manager at localhost:38027 syzkaller login: [ 46.310075] cgroup: Unknown subsys name 'net' [ 46.397824] cgroup: Unknown subsys name 'rlimit' 2022/09/12 16:44:50 syscalls: 2215 2022/09/12 16:44:50 code coverage: enabled 2022/09/12 16:44:50 comparison tracing: enabled 2022/09/12 16:44:50 extra coverage: enabled 2022/09/12 16:44:50 setuid sandbox: enabled 2022/09/12 16:44:50 namespace sandbox: enabled 2022/09/12 16:44:50 Android sandbox: enabled 2022/09/12 16:44:50 fault injection: enabled 2022/09/12 16:44:50 leak checking: enabled 2022/09/12 16:44:50 net packet injection: enabled 2022/09/12 16:44:50 net device setup: enabled 2022/09/12 16:44:50 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/12 16:44:50 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/12 16:44:50 USB emulation: enabled 2022/09/12 16:44:50 hci packet injection: enabled 2022/09/12 16:44:50 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220912) 2022/09/12 16:44:50 802.15.4 emulation: enabled 2022/09/12 16:44:50 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/12 16:44:50 fetching corpus: 50, signal 26629/30211 (executing program) 2022/09/12 16:44:50 fetching corpus: 100, signal 41731/46714 (executing program) 2022/09/12 16:44:50 fetching corpus: 150, signal 52089/58395 (executing program) 2022/09/12 16:44:51 fetching corpus: 200, signal 61631/69101 (executing program) 2022/09/12 16:44:51 fetching corpus: 250, signal 66638/75340 (executing program) 2022/09/12 16:44:51 fetching corpus: 300, signal 69846/79824 (executing program) 2022/09/12 16:44:51 fetching corpus: 350, signal 74834/85866 (executing program) 2022/09/12 16:44:51 fetching corpus: 400, signal 81090/93051 (executing program) 2022/09/12 16:44:51 fetching corpus: 450, signal 87410/100189 (executing program) 2022/09/12 16:44:52 fetching corpus: 500, signal 89896/103752 (executing program) 2022/09/12 16:44:52 fetching corpus: 550, signal 94391/109028 (executing program) 2022/09/12 16:44:52 fetching corpus: 600, signal 99163/114546 (executing program) 2022/09/12 16:44:52 fetching corpus: 650, signal 104365/120302 (executing program) 2022/09/12 16:44:52 fetching corpus: 700, signal 107896/124519 (executing program) 2022/09/12 16:44:53 fetching corpus: 750, signal 110380/127845 (executing program) 2022/09/12 16:44:53 fetching corpus: 800, signal 112922/131143 (executing program) 2022/09/12 16:44:53 fetching corpus: 850, signal 115334/134296 (executing program) 2022/09/12 16:44:53 fetching corpus: 900, signal 118523/138044 (executing program) 2022/09/12 16:44:53 fetching corpus: 950, signal 120383/140634 (executing program) 2022/09/12 16:44:54 fetching corpus: 1000, signal 123237/143988 (executing program) 2022/09/12 16:44:54 fetching corpus: 1050, signal 125309/146694 (executing program) 2022/09/12 16:44:54 fetching corpus: 1100, signal 127237/149187 (executing program) 2022/09/12 16:44:54 fetching corpus: 1150, signal 130050/152462 (executing program) 2022/09/12 16:44:54 fetching corpus: 1200, signal 132069/155037 (executing program) 2022/09/12 16:44:54 fetching corpus: 1250, signal 134110/157587 (executing program) 2022/09/12 16:44:55 fetching corpus: 1300, signal 136090/160040 (executing program) 2022/09/12 16:44:55 fetching corpus: 1350, signal 137919/162414 (executing program) 2022/09/12 16:44:55 fetching corpus: 1400, signal 140208/164992 (executing program) 2022/09/12 16:44:55 fetching corpus: 1450, signal 142404/167527 (executing program) 2022/09/12 16:44:56 fetching corpus: 1500, signal 144189/169728 (executing program) 2022/09/12 16:44:56 fetching corpus: 1550, signal 145461/171498 (executing program) 2022/09/12 16:44:56 fetching corpus: 1600, signal 146186/172846 (executing program) 2022/09/12 16:44:56 fetching corpus: 1650, signal 147507/174642 (executing program) 2022/09/12 16:44:56 fetching corpus: 1700, signal 149753/177052 (executing program) 2022/09/12 16:44:56 fetching corpus: 1750, signal 151004/178732 (executing program) 2022/09/12 16:44:57 fetching corpus: 1800, signal 151889/180136 (executing program) 2022/09/12 16:44:57 fetching corpus: 1850, signal 153600/182093 (executing program) 2022/09/12 16:44:57 fetching corpus: 1900, signal 155946/184426 (executing program) 2022/09/12 16:44:57 fetching corpus: 1950, signal 157801/186411 (executing program) 2022/09/12 16:44:57 fetching corpus: 2000, signal 158817/187796 (executing program) 2022/09/12 16:44:58 fetching corpus: 2050, signal 159979/189236 (executing program) 2022/09/12 16:44:58 fetching corpus: 2100, signal 161054/190620 (executing program) 2022/09/12 16:44:58 fetching corpus: 2150, signal 162290/192127 (executing program) 2022/09/12 16:44:58 fetching corpus: 2200, signal 163869/193776 (executing program) 2022/09/12 16:44:58 fetching corpus: 2250, signal 165041/195161 (executing program) 2022/09/12 16:44:58 fetching corpus: 2300, signal 165924/196374 (executing program) 2022/09/12 16:44:59 fetching corpus: 2350, signal 167078/197744 (executing program) 2022/09/12 16:44:59 fetching corpus: 2400, signal 168788/199389 (executing program) 2022/09/12 16:44:59 fetching corpus: 2450, signal 170329/200928 (executing program) 2022/09/12 16:44:59 fetching corpus: 2500, signal 171412/202126 (executing program) 2022/09/12 16:44:59 fetching corpus: 2550, signal 172888/203574 (executing program) 2022/09/12 16:45:00 fetching corpus: 2600, signal 173659/204635 (executing program) 2022/09/12 16:45:00 fetching corpus: 2650, signal 174397/205701 (executing program) 2022/09/12 16:45:00 fetching corpus: 2700, signal 175600/206899 (executing program) 2022/09/12 16:45:00 fetching corpus: 2750, signal 176405/207921 (executing program) 2022/09/12 16:45:00 fetching corpus: 2800, signal 177228/208956 (executing program) 2022/09/12 16:45:00 fetching corpus: 2850, signal 178354/210120 (executing program) 2022/09/12 16:45:01 fetching corpus: 2900, signal 179227/211146 (executing program) 2022/09/12 16:45:01 fetching corpus: 2950, signal 180248/212248 (executing program) 2022/09/12 16:45:01 fetching corpus: 3000, signal 181315/213315 (executing program) 2022/09/12 16:45:01 fetching corpus: 3050, signal 182707/214636 (executing program) 2022/09/12 16:45:01 fetching corpus: 3100, signal 183630/215575 (executing program) 2022/09/12 16:45:02 fetching corpus: 3150, signal 184477/216482 (executing program) 2022/09/12 16:45:02 fetching corpus: 3200, signal 185158/217311 (executing program) 2022/09/12 16:45:02 fetching corpus: 3250, signal 186349/218376 (executing program) 2022/09/12 16:45:02 fetching corpus: 3300, signal 187084/219226 (executing program) 2022/09/12 16:45:02 fetching corpus: 3350, signal 188119/220181 (executing program) 2022/09/12 16:45:02 fetching corpus: 3400, signal 189080/221055 (executing program) 2022/09/12 16:45:03 fetching corpus: 3450, signal 189724/221768 (executing program) 2022/09/12 16:45:03 fetching corpus: 3500, signal 190848/222723 (executing program) 2022/09/12 16:45:03 fetching corpus: 3550, signal 191347/223390 (executing program) 2022/09/12 16:45:03 fetching corpus: 3600, signal 191967/224096 (executing program) 2022/09/12 16:45:03 fetching corpus: 3650, signal 192616/224746 (executing program) 2022/09/12 16:45:03 fetching corpus: 3700, signal 193427/225482 (executing program) 2022/09/12 16:45:04 fetching corpus: 3750, signal 194267/226224 (executing program) 2022/09/12 16:45:04 fetching corpus: 3800, signal 195168/226990 (executing program) 2022/09/12 16:45:04 fetching corpus: 3850, signal 195890/227696 (executing program) 2022/09/12 16:45:04 fetching corpus: 3900, signal 196305/228281 (executing program) 2022/09/12 16:45:04 fetching corpus: 3950, signal 196922/228952 (executing program) 2022/09/12 16:45:04 fetching corpus: 4000, signal 197716/229624 (executing program) 2022/09/12 16:45:05 fetching corpus: 4050, signal 198525/230300 (executing program) 2022/09/12 16:45:05 fetching corpus: 4100, signal 199204/230904 (executing program) 2022/09/12 16:45:05 fetching corpus: 4150, signal 199962/231517 (executing program) 2022/09/12 16:45:05 fetching corpus: 4200, signal 200859/232177 (executing program) 2022/09/12 16:45:05 fetching corpus: 4250, signal 201302/232720 (executing program) 2022/09/12 16:45:05 fetching corpus: 4300, signal 202118/233368 (executing program) 2022/09/12 16:45:06 fetching corpus: 4350, signal 202625/233863 (executing program) 2022/09/12 16:45:06 fetching corpus: 4400, signal 203482/234496 (executing program) 2022/09/12 16:45:06 fetching corpus: 4450, signal 204271/235110 (executing program) 2022/09/12 16:45:06 fetching corpus: 4500, signal 205274/235713 (executing program) 2022/09/12 16:45:06 fetching corpus: 4550, signal 205920/236224 (executing program) 2022/09/12 16:45:06 fetching corpus: 4600, signal 206987/236897 (executing program) 2022/09/12 16:45:07 fetching corpus: 4650, signal 207663/237398 (executing program) 2022/09/12 16:45:07 fetching corpus: 4700, signal 208330/237867 (executing program) 2022/09/12 16:45:07 fetching corpus: 4750, signal 209127/238352 (executing program) 2022/09/12 16:45:07 fetching corpus: 4800, signal 209900/238908 (executing program) 2022/09/12 16:45:07 fetching corpus: 4850, signal 210315/239285 (executing program) 2022/09/12 16:45:07 fetching corpus: 4900, signal 211139/239753 (executing program) 2022/09/12 16:45:08 fetching corpus: 4950, signal 211732/240156 (executing program) 2022/09/12 16:45:08 fetching corpus: 5000, signal 212570/240601 (executing program) 2022/09/12 16:45:08 fetching corpus: 5050, signal 213342/241008 (executing program) 2022/09/12 16:45:08 fetching corpus: 5100, signal 213828/241337 (executing program) 2022/09/12 16:45:08 fetching corpus: 5150, signal 214708/241759 (executing program) 2022/09/12 16:45:08 fetching corpus: 5200, signal 215220/242122 (executing program) 2022/09/12 16:45:09 fetching corpus: 5250, signal 215807/242459 (executing program) 2022/09/12 16:45:09 fetching corpus: 5300, signal 216555/242864 (executing program) 2022/09/12 16:45:09 fetching corpus: 5350, signal 217037/243186 (executing program) 2022/09/12 16:45:09 fetching corpus: 5400, signal 217681/243508 (executing program) 2022/09/12 16:45:09 fetching corpus: 5450, signal 218238/243854 (executing program) 2022/09/12 16:45:09 fetching corpus: 5500, signal 218837/244122 (executing program) 2022/09/12 16:45:10 fetching corpus: 5550, signal 219530/244397 (executing program) 2022/09/12 16:45:10 fetching corpus: 5600, signal 220242/244669 (executing program) 2022/09/12 16:45:10 fetching corpus: 5650, signal 220729/244928 (executing program) 2022/09/12 16:45:10 fetching corpus: 5700, signal 221278/245123 (executing program) 2022/09/12 16:45:11 fetching corpus: 5750, signal 221764/245343 (executing program) 2022/09/12 16:45:11 fetching corpus: 5800, signal 222709/245807 (executing program) 2022/09/12 16:45:11 fetching corpus: 5850, signal 223264/246042 (executing program) 2022/09/12 16:45:11 fetching corpus: 5900, signal 223854/246288 (executing program) 2022/09/12 16:45:11 fetching corpus: 5950, signal 224388/246440 (executing program) 2022/09/12 16:45:11 fetching corpus: 6000, signal 224877/246460 (executing program) 2022/09/12 16:45:12 fetching corpus: 6050, signal 225270/246503 (executing program) 2022/09/12 16:45:12 fetching corpus: 6100, signal 225901/246513 (executing program) 2022/09/12 16:45:12 fetching corpus: 6150, signal 226760/246520 (executing program) 2022/09/12 16:45:12 fetching corpus: 6200, signal 227459/246530 (executing program) 2022/09/12 16:45:12 fetching corpus: 6250, signal 228045/246582 (executing program) 2022/09/12 16:45:12 fetching corpus: 6300, signal 228744/246583 (executing program) 2022/09/12 16:45:13 fetching corpus: 6350, signal 229468/246691 (executing program) 2022/09/12 16:45:13 fetching corpus: 6400, signal 230029/246712 (executing program) 2022/09/12 16:45:13 fetching corpus: 6450, signal 230601/246714 (executing program) 2022/09/12 16:45:13 fetching corpus: 6500, signal 231187/246733 (executing program) 2022/09/12 16:45:13 fetching corpus: 6550, signal 231709/246735 (executing program) 2022/09/12 16:45:13 fetching corpus: 6600, signal 232425/246736 (executing program) 2022/09/12 16:45:14 fetching corpus: 6650, signal 233031/246743 (executing program) 2022/09/12 16:45:14 fetching corpus: 6700, signal 233843/246755 (executing program) 2022/09/12 16:45:14 fetching corpus: 6750, signal 234314/246824 (executing program) 2022/09/12 16:45:14 fetching corpus: 6800, signal 234880/246843 (executing program) 2022/09/12 16:45:14 fetching corpus: 6850, signal 235341/246852 (executing program) 2022/09/12 16:45:14 fetching corpus: 6900, signal 235855/246867 (executing program) 2022/09/12 16:45:15 fetching corpus: 6950, signal 236377/246904 (executing program) 2022/09/12 16:45:15 fetching corpus: 7000, signal 236794/246920 (executing program) 2022/09/12 16:45:15 fetching corpus: 7015, signal 237014/246924 (executing program) 2022/09/12 16:45:15 fetching corpus: 7015, signal 237014/246924 (executing program) 2022/09/12 16:45:17 starting 8 fuzzer processes 16:45:17 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000380)='net/ipv6_route\x00') read$hiddev(r0, &(0x7f0000000040)=""/169, 0x200000e9) 16:45:17 executing program 2: nanosleep(&(0x7f0000008880), 0x0) 16:45:17 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) 16:45:17 executing program 3: r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x3f0, 0x6c17, 0x40, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x7, 0x1, 0x3, 0x0, "", {{}, [{}]}}}]}}]}}, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000400)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0x0, 0x1}}) 16:45:17 executing program 4: openat$procfs(0xffffffffffffff9c, &(0x7f0000008cc0)='/proc/vmstat\x00', 0x300, 0x0) [ 88.215622] audit: type=1400 audit(1663001117.524:6): avc: denied { execmem } for pid=286 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 16:45:17 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000000)=0x40007, 0x4) 16:45:17 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x18, &(0x7f0000000000), 0xc) 16:45:17 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)={0x28, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}]}, 0x28}}, 0x0) [ 89.457535] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 89.464713] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 89.465774] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 89.468837] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 89.470570] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 89.475520] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 89.476403] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 89.477770] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 89.478887] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 89.486944] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 89.488533] Bluetooth: hci0: HCI_REQ-0x0c1a [ 89.497758] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 89.498947] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 89.507552] Bluetooth: hci1: HCI_REQ-0x0c1a [ 89.565678] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 89.571929] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 89.573200] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 89.574514] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 89.579651] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 89.580740] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 89.590229] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 89.596303] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 89.596758] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 89.608716] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 89.610452] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 89.612742] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 89.629398] Bluetooth: hci5: HCI_REQ-0x0c1a [ 89.683749] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 89.692650] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 89.694694] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 89.695696] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 89.696441] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 89.705153] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 89.716447] Bluetooth: hci2: HCI_REQ-0x0c1a [ 89.741658] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 89.754464] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 89.757917] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 89.757959] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 89.761608] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 89.764077] Bluetooth: hci3: HCI_REQ-0x0c1a [ 89.792845] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 89.803454] Bluetooth: hci4: HCI_REQ-0x0c1a [ 91.535097] Bluetooth: hci1: command 0x0409 tx timeout [ 91.535097] Bluetooth: hci0: command 0x0409 tx timeout [ 91.662423] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 91.663596] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 91.726407] Bluetooth: hci2: command 0x0409 tx timeout [ 91.726571] Bluetooth: hci5: command 0x0409 tx timeout [ 91.790648] Bluetooth: hci3: command 0x0409 tx timeout [ 91.854497] Bluetooth: hci4: command 0x0409 tx timeout [ 93.582407] Bluetooth: hci1: command 0x041b tx timeout [ 93.582962] Bluetooth: hci0: command 0x041b tx timeout [ 93.774424] Bluetooth: hci5: command 0x041b tx timeout [ 93.775072] Bluetooth: hci2: command 0x041b tx timeout [ 93.838989] Bluetooth: hci3: command 0x041b tx timeout [ 93.902569] Bluetooth: hci4: command 0x041b tx timeout [ 95.445943] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 95.449180] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 95.452237] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 95.459940] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 95.462524] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 95.466824] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 95.482161] Bluetooth: hci7: HCI_REQ-0x0c1a [ 95.630507] Bluetooth: hci0: command 0x040f tx timeout [ 95.631679] Bluetooth: hci1: command 0x040f tx timeout [ 95.822441] Bluetooth: hci2: command 0x040f tx timeout [ 95.823083] Bluetooth: hci5: command 0x040f tx timeout [ 95.886417] Bluetooth: hci3: command 0x040f tx timeout [ 95.950414] Bluetooth: hci4: command 0x040f tx timeout [ 97.102460] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 97.550409] Bluetooth: hci7: command 0x0409 tx timeout [ 97.678422] Bluetooth: hci1: command 0x0419 tx timeout [ 97.678990] Bluetooth: hci0: command 0x0419 tx timeout [ 97.870629] Bluetooth: hci5: command 0x0419 tx timeout [ 97.871236] Bluetooth: hci2: command 0x0419 tx timeout [ 97.934475] Bluetooth: hci3: command 0x0419 tx timeout [ 97.998404] Bluetooth: hci4: command 0x0419 tx timeout [ 99.598468] Bluetooth: hci7: command 0x041b tx timeout [ 101.646529] Bluetooth: hci7: command 0x040f tx timeout [ 102.094625] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 103.694668] Bluetooth: hci7: command 0x0419 tx timeout [ 106.958487] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 111.886450] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 114.736517] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 114.745011] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 114.752173] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 114.760496] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 114.765472] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 114.768831] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 114.772668] Bluetooth: hci6: HCI_REQ-0x0c1a [ 116.814532] Bluetooth: hci6: command 0x0409 tx timeout [ 118.862444] Bluetooth: hci6: command 0x041b tx timeout [ 120.910432] Bluetooth: hci6: command 0x040f tx timeout [ 122.958392] Bluetooth: hci6: command 0x0419 tx timeout [ 151.764773] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 151.766104] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 151.768355] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 151.771686] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 151.773263] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 151.774616] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 151.784765] Bluetooth: hci0: HCI_REQ-0x0c1a [ 152.023019] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 152.029647] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 152.034373] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 152.038570] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 152.041214] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 152.042255] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 152.055503] Bluetooth: hci1: HCI_REQ-0x0c1a [ 152.299519] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 152.305598] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 152.316818] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 152.318225] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 152.319248] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 152.348977] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 152.349040] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 152.352891] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 152.353853] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 152.358445] Bluetooth: hci2: HCI_REQ-0x0c1a [ 152.404440] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 152.446495] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 152.451164] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 152.460448] Bluetooth: hci3: HCI_REQ-0x0c1a 16:46:22 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x18, &(0x7f0000000000), 0xc) 16:46:22 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x18, &(0x7f0000000000), 0xc) 16:46:22 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x18, &(0x7f0000000000), 0xc) 16:46:23 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000080)={0x0, 0x8000}) 16:46:23 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000080)={0x0, 0x8000}) [ 153.806445] Bluetooth: hci0: command 0x0409 tx timeout 16:46:23 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000080)={0x0, 0x8000}) [ 154.062572] Bluetooth: hci1: command 0x0409 tx timeout 16:46:23 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000080)={0x0, 0x8000}) 16:46:23 executing program 5: add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffd) r0 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f0000000200)={'fscrypt:', @desc2}, &(0x7f00000002c0)={0x0, "250f1a93b893897973644e9ef8ed62a1b1a31fba02d2d3aa3531196d619f144efeb878d4e77f8cf1d912bfe5ed77c06aebdb0f9882738e1889cb964ed88176a0", 0x1b}, 0x48, r0) request_key(&(0x7f00000000c0)='id_legacy\x00', &(0x7f0000000140)={'syz', 0x0}, &(0x7f0000000180)=':B@}-\\(\x00', r1) [ 154.254433] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 154.254453] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 154.382682] Bluetooth: hci2: command 0x0409 tx timeout [ 154.510479] Bluetooth: hci3: command 0x0409 tx timeout [ 155.854499] Bluetooth: hci0: command 0x041b tx timeout [ 156.110441] Bluetooth: hci1: command 0x041b tx timeout [ 156.430451] Bluetooth: hci2: command 0x041b tx timeout [ 156.558405] Bluetooth: hci3: command 0x041b tx timeout [ 157.283863] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 157.289612] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 157.292429] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 157.296616] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 157.297884] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 157.299303] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 157.303663] Bluetooth: hci4: HCI_REQ-0x0c1a [ 157.902425] Bluetooth: hci0: command 0x040f tx timeout [ 158.158489] Bluetooth: hci1: command 0x040f tx timeout [ 158.478407] Bluetooth: hci2: command 0x040f tx timeout [ 158.606467] Bluetooth: hci3: command 0x040f tx timeout [ 159.310477] Bluetooth: hci4: command 0x0409 tx timeout [ 159.566492] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 159.950393] Bluetooth: hci0: command 0x0419 tx timeout [ 160.206404] Bluetooth: hci1: command 0x0419 tx timeout [ 160.526509] Bluetooth: hci2: command 0x0419 tx timeout [ 160.654508] Bluetooth: hci3: command 0x0419 tx timeout [ 161.358497] Bluetooth: hci4: command 0x041b tx timeout [ 163.406501] Bluetooth: hci4: command 0x040f tx timeout [ 164.430416] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 165.454883] Bluetooth: hci4: command 0x0419 tx timeout [ 167.066109] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 167.069375] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 167.071453] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 167.076039] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 167.079482] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 167.081971] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 167.095426] Bluetooth: hci5: HCI_REQ-0x0c1a [ 169.166472] Bluetooth: hci5: command 0x0409 tx timeout [ 171.214523] Bluetooth: hci5: command 0x041b tx timeout [ 173.262392] Bluetooth: hci5: command 0x040f tx timeout [ 175.311425] Bluetooth: hci5: command 0x0419 tx timeout [ 205.444850] audit: type=1400 audit(1663001234.756:7): avc: denied { open } for pid=6358 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 205.446926] audit: type=1400 audit(1663001234.756:8): avc: denied { kernel } for pid=6358 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 206.077842] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 206.078782] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 206.093503] ------------[ cut here ]------------ [ 206.093524] [ 206.093527] ====================================================== [ 206.093530] WARNING: possible circular locking dependency detected [ 206.093535] 6.0.0-rc5-next-20220912 #1 Not tainted [ 206.093541] ------------------------------------------------------ [ 206.093544] syz-executor.1/6405 is trying to acquire lock: [ 206.093550] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 206.093587] [ 206.093587] but task is already holding lock: [ 206.093590] ffff88800ec19c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 206.093618] [ 206.093618] which lock already depends on the new lock. [ 206.093618] [ 206.093621] [ 206.093621] the existing dependency chain (in reverse order) is: [ 206.093624] [ 206.093624] -> #3 (&ctx->lock){....}-{2:2}: [ 206.093638] _raw_spin_lock+0x2a/0x40 [ 206.093656] __perf_event_task_sched_out+0x53b/0x18d0 [ 206.093668] __schedule+0xedd/0x2470 [ 206.093678] schedule+0xda/0x1b0 [ 206.093687] exit_to_user_mode_prepare+0x114/0x1a0 [ 206.093708] syscall_exit_to_user_mode+0x19/0x40 [ 206.093726] do_syscall_64+0x48/0x90 [ 206.093739] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 206.093757] [ 206.093757] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 206.093771] _raw_spin_lock_nested+0x30/0x40 [ 206.093785] raw_spin_rq_lock_nested+0x1e/0x30 [ 206.093799] task_fork_fair+0x63/0x4d0 [ 206.093816] sched_cgroup_fork+0x3d0/0x540 [ 206.093830] copy_process+0x3f9e/0x6df0 [ 206.093841] kernel_clone+0xe7/0x890 [ 206.093854] user_mode_thread+0xad/0xf0 [ 206.093864] rest_init+0x24/0x250 [ 206.093880] arch_call_rest_init+0xf/0x14 [ 206.093900] start_kernel+0x4c1/0x4e6 [ 206.093917] secondary_startup_64_no_verify+0xe0/0xeb [ 206.093932] [ 206.093932] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 206.093945] _raw_spin_lock_irqsave+0x39/0x60 [ 206.093960] try_to_wake_up+0xab/0x1920 [ 206.093973] up+0x75/0xb0 [ 206.093985] __up_console_sem+0x6e/0x80 [ 206.094002] console_unlock+0x46a/0x590 [ 206.094018] do_con_write+0xc05/0x1d50 [ 206.094029] con_write+0x21/0x40 [ 206.094039] n_tty_write+0x4d4/0xfe0 [ 206.094052] file_tty_write.constprop.0+0x49c/0x8f0 [ 206.094064] vfs_write+0x9c3/0xd90 [ 206.094083] ksys_write+0x127/0x250 [ 206.094100] do_syscall_64+0x3b/0x90 [ 206.094113] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 206.094130] [ 206.094130] -> #0 ((console_sem).lock){....}-{2:2}: [ 206.094143] __lock_acquire+0x2a02/0x5e70 [ 206.094160] lock_acquire+0x1a2/0x530 [ 206.094176] _raw_spin_lock_irqsave+0x39/0x60 [ 206.094191] down_trylock+0xe/0x70 [ 206.094203] __down_trylock_console_sem+0x3b/0xd0 [ 206.094220] vprintk_emit+0x16b/0x560 [ 206.094236] vprintk+0x84/0xa0 [ 206.094253] _printk+0xba/0xf1 [ 206.094271] report_bug.cold+0x72/0xab [ 206.094283] handle_bug+0x3c/0x70 [ 206.094295] exc_invalid_op+0x14/0x50 [ 206.094308] asm_exc_invalid_op+0x16/0x20 [ 206.094324] group_sched_out.part.0+0x2c7/0x460 [ 206.094335] ctx_sched_out+0x8f1/0xc10 [ 206.094344] __perf_event_task_sched_out+0x6d0/0x18d0 [ 206.094356] __schedule+0xedd/0x2470 [ 206.094366] schedule+0xda/0x1b0 [ 206.094375] exit_to_user_mode_prepare+0x114/0x1a0 [ 206.094394] syscall_exit_to_user_mode+0x19/0x40 [ 206.094411] do_syscall_64+0x48/0x90 [ 206.094424] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 206.094441] [ 206.094441] other info that might help us debug this: [ 206.094441] [ 206.094443] Chain exists of: [ 206.094443] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 206.094443] [ 206.094458] Possible unsafe locking scenario: [ 206.094458] [ 206.094461] CPU0 CPU1 [ 206.094463] ---- ---- [ 206.094465] lock(&ctx->lock); [ 206.094471] lock(&rq->__lock); [ 206.094478] lock(&ctx->lock); [ 206.094484] lock((console_sem).lock); [ 206.094490] [ 206.094490] *** DEADLOCK *** [ 206.094490] [ 206.094491] 2 locks held by syz-executor.1/6405: [ 206.094498] #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 206.094523] #1: ffff88800ec19c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 206.094551] [ 206.094551] stack backtrace: [ 206.094554] CPU: 0 PID: 6405 Comm: syz-executor.1 Not tainted 6.0.0-rc5-next-20220912 #1 [ 206.094566] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 206.094575] Call Trace: [ 206.094578] [ 206.094582] dump_stack_lvl+0x8b/0xb3 [ 206.094596] check_noncircular+0x263/0x2e0 [ 206.094613] ? format_decode+0x26c/0xb50 [ 206.094628] ? print_circular_bug+0x450/0x450 [ 206.094645] ? enable_ptr_key_workfn+0x20/0x20 [ 206.094660] ? format_decode+0x26c/0xb50 [ 206.094675] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 206.094693] __lock_acquire+0x2a02/0x5e70 [ 206.094715] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 206.094739] lock_acquire+0x1a2/0x530 [ 206.094756] ? down_trylock+0xe/0x70 [ 206.094770] ? rcu_read_unlock+0x40/0x40 [ 206.094790] ? __lock_acquire+0x164d/0x5e70 [ 206.094809] ? vprintk+0x84/0xa0 [ 206.094827] _raw_spin_lock_irqsave+0x39/0x60 [ 206.094842] ? down_trylock+0xe/0x70 [ 206.094856] down_trylock+0xe/0x70 [ 206.094870] ? vprintk+0x84/0xa0 [ 206.094887] __down_trylock_console_sem+0x3b/0xd0 [ 206.094905] vprintk_emit+0x16b/0x560 [ 206.094924] vprintk+0x84/0xa0 [ 206.094942] _printk+0xba/0xf1 [ 206.094960] ? record_print_text.cold+0x16/0x16 [ 206.094982] ? report_bug.cold+0x66/0xab [ 206.094996] ? group_sched_out.part.0+0x2c7/0x460 [ 206.095007] report_bug.cold+0x72/0xab [ 206.095022] handle_bug+0x3c/0x70 [ 206.095036] exc_invalid_op+0x14/0x50 [ 206.095050] asm_exc_invalid_op+0x16/0x20 [ 206.095067] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 206.095080] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 206.095092] RSP: 0018:ffff888036287c48 EFLAGS: 00010006 [ 206.095101] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 206.095109] RDX: ffff888036441ac0 RSI: ffffffff81566027 RDI: 0000000000000005 [ 206.095117] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 206.095124] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88800ec19c00 [ 206.095132] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 206.095143] ? group_sched_out.part.0+0x2c7/0x460 [ 206.095156] ? group_sched_out.part.0+0x2c7/0x460 [ 206.095169] ctx_sched_out+0x8f1/0xc10 [ 206.095182] __perf_event_task_sched_out+0x6d0/0x18d0 [ 206.095197] ? lock_is_held_type+0xd7/0x130 [ 206.095216] ? __perf_cgroup_move+0x160/0x160 [ 206.095227] ? set_next_entity+0x304/0x550 [ 206.095245] ? update_curr+0x267/0x740 [ 206.095264] ? lock_is_held_type+0xd7/0x130 [ 206.095283] __schedule+0xedd/0x2470 [ 206.095296] ? io_schedule_timeout+0x150/0x150 [ 206.095308] ? rcu_read_lock_sched_held+0x3e/0x80 [ 206.095329] schedule+0xda/0x1b0 [ 206.095340] exit_to_user_mode_prepare+0x114/0x1a0 [ 206.095361] syscall_exit_to_user_mode+0x19/0x40 [ 206.095379] do_syscall_64+0x48/0x90 [ 206.095393] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 206.095410] RIP: 0033:0x7f16fcd95b19 [ 206.095419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 206.095429] RSP: 002b:00007f16fa30b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 206.095440] RAX: 0000000000000001 RBX: 00007f16fcea8f68 RCX: 00007f16fcd95b19 [ 206.095448] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f16fcea8f6c [ 206.095455] RBP: 00007f16fcea8f60 R08: 000000000000000e R09: 0000000000000000 [ 206.095462] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f16fcea8f6c [ 206.095470] R13: 00007ffd626a118f R14: 00007f16fa30b300 R15: 0000000000022000 [ 206.095483] [ 206.155199] WARNING: CPU: 0 PID: 6405 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 206.155879] Modules linked in: [ 206.156115] CPU: 0 PID: 6405 Comm: syz-executor.1 Not tainted 6.0.0-rc5-next-20220912 #1 [ 206.156710] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 206.157527] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 206.157926] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 206.159245] RSP: 0018:ffff888036287c48 EFLAGS: 00010006 [ 206.159637] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 206.160158] RDX: ffff888036441ac0 RSI: ffffffff81566027 RDI: 0000000000000005 [ 206.160679] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 206.161221] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88800ec19c00 [ 206.161759] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 206.162294] FS: 00007f16fa30b700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 206.162894] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.163332] CR2: 00007f16fcea9018 CR3: 000000002fd06000 CR4: 0000000000350ef0 [ 206.163864] Call Trace: [ 206.164065] [ 206.164242] ctx_sched_out+0x8f1/0xc10 [ 206.164541] __perf_event_task_sched_out+0x6d0/0x18d0 [ 206.164947] ? lock_is_held_type+0xd7/0x130 [ 206.165283] ? __perf_cgroup_move+0x160/0x160 [ 206.165635] ? set_next_entity+0x304/0x550 [ 206.165966] ? update_curr+0x267/0x740 [ 206.166275] ? lock_is_held_type+0xd7/0x130 [ 206.166610] __schedule+0xedd/0x2470 [ 206.166896] ? io_schedule_timeout+0x150/0x150 [ 206.167246] ? rcu_read_lock_sched_held+0x3e/0x80 [ 206.167622] schedule+0xda/0x1b0 [ 206.167883] exit_to_user_mode_prepare+0x114/0x1a0 [ 206.168267] syscall_exit_to_user_mode+0x19/0x40 [ 206.168641] do_syscall_64+0x48/0x90 [ 206.168946] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 206.169351] RIP: 0033:0x7f16fcd95b19 [ 206.169634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 206.170989] RSP: 002b:00007f16fa30b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 206.171563] RAX: 0000000000000001 RBX: 00007f16fcea8f68 RCX: 00007f16fcd95b19 [ 206.172099] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f16fcea8f6c [ 206.172637] RBP: 00007f16fcea8f60 R08: 000000000000000e R09: 0000000000000000 [ 206.173183] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f16fcea8f6c [ 206.173718] R13: 00007ffd626a118f R14: 00007f16fa30b300 R15: 0000000000022000 [ 206.174263] [ 206.174450] irq event stamp: 366 [ 206.174706] hardirqs last enabled at (365): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 206.175422] hardirqs last disabled at (366): [] __schedule+0x1225/0x2470 [ 206.176041] softirqs last enabled at (354): [] __irq_exit_rcu+0x11b/0x180 [ 206.176679] softirqs last disabled at (295): [] __irq_exit_rcu+0x11b/0x180 [ 206.177332] ---[ end trace 0000000000000000 ]--- [ 206.585808] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 206.586599] misc raw-gadget: fail, usb_gadget_register_driver returned -16 16:47:18 executing program 2: nanosleep(&(0x7f0000008880), 0x0) 16:47:18 executing program 4: openat$procfs(0xffffffffffffff9c, &(0x7f0000008cc0)='/proc/vmstat\x00', 0x300, 0x0) 16:47:18 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000000)=0x40007, 0x4) 16:47:18 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) 16:47:18 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)={0x28, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}]}, 0x28}}, 0x0) 16:47:18 executing program 5: add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffd) r0 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f0000000200)={'fscrypt:', @desc2}, &(0x7f00000002c0)={0x0, "250f1a93b893897973644e9ef8ed62a1b1a31fba02d2d3aa3531196d619f144efeb878d4e77f8cf1d912bfe5ed77c06aebdb0f9882738e1889cb964ed88176a0", 0x1b}, 0x48, r0) request_key(&(0x7f00000000c0)='id_legacy\x00', &(0x7f0000000140)={'syz', 0x0}, &(0x7f0000000180)=':B@}-\\(\x00', r1) 16:47:18 executing program 3: r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x3f0, 0x6c17, 0x40, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x7, 0x1, 0x3, 0x0, "", {{}, [{}]}}}]}}]}}, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000400)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0x0, 0x1}}) 16:47:18 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)={0x28, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}]}, 0x28}}, 0x0) [ 209.651952] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 209.656538] misc raw-gadget: fail, usb_gadget_register_driver returned -16 16:47:19 executing program 5: add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffd) r0 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f0000000200)={'fscrypt:', @desc2}, &(0x7f00000002c0)={0x0, "250f1a93b893897973644e9ef8ed62a1b1a31fba02d2d3aa3531196d619f144efeb878d4e77f8cf1d912bfe5ed77c06aebdb0f9882738e1889cb964ed88176a0", 0x1b}, 0x48, r0) request_key(&(0x7f00000000c0)='id_legacy\x00', &(0x7f0000000140)={'syz', 0x0}, &(0x7f0000000180)=':B@}-\\(\x00', r1) 16:47:19 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)={0x28, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}]}, 0x28}}, 0x0) 16:47:19 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000000)=0x40007, 0x4) 16:47:19 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) 16:47:19 executing program 2: nanosleep(&(0x7f0000008880), 0x0) 16:47:19 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)={0x28, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}]}, 0x28}}, 0x0) 16:47:19 executing program 4: openat$procfs(0xffffffffffffff9c, &(0x7f0000008cc0)='/proc/vmstat\x00', 0x300, 0x0) 16:47:19 executing program 5: add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffd) r0 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f0000000200)={'fscrypt:', @desc2}, &(0x7f00000002c0)={0x0, "250f1a93b893897973644e9ef8ed62a1b1a31fba02d2d3aa3531196d619f144efeb878d4e77f8cf1d912bfe5ed77c06aebdb0f9882738e1889cb964ed88176a0", 0x1b}, 0x48, r0) request_key(&(0x7f00000000c0)='id_legacy\x00', &(0x7f0000000140)={'syz', 0x0}, &(0x7f0000000180)=':B@}-\\(\x00', r1) 16:47:19 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)={0x28, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}]}, 0x28}}, 0x0) 16:47:19 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000000)=0x40007, 0x4) 16:47:19 executing program 3: r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x3f0, 0x6c17, 0x40, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x7, 0x1, 0x3, 0x0, "", {{}, [{}]}}}]}}]}}, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000400)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0x0, 0x1}}) 16:47:19 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) 16:47:19 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x4b, &(0x7f0000000280)={@private0}, 0x14) bind$inet6(r0, &(0x7f00000005c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) 16:47:19 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)={0x28, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}]}, 0x28}}, 0x0) [ 210.293884] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy 16:47:19 executing program 2: nanosleep(&(0x7f0000008880), 0x0) [ 210.301104] misc raw-gadget: fail, usb_gadget_register_driver returned -16 16:47:19 executing program 4: openat$procfs(0xffffffffffffff9c, &(0x7f0000008cc0)='/proc/vmstat\x00', 0x300, 0x0) 16:47:19 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) sendmsg$unix(r1, &(0x7f0000001a00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001480)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)) sendmsg$unix(r0, &(0x7f0000002800)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="0000000014"], 0x30}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 16:47:20 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) sendmsg$unix(r1, &(0x7f0000001a00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001480)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)) sendmsg$unix(r0, &(0x7f0000002800)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="0000000014"], 0x30}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 16:47:20 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x4b, &(0x7f0000000280)={@private0}, 0x14) bind$inet6(r0, &(0x7f00000005c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) 16:47:20 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) sendmsg$unix(r1, &(0x7f0000001a00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001480)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)) sendmsg$unix(r0, &(0x7f0000002800)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="0000000014"], 0x30}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 16:47:20 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000000)=0x20003, 0x4) 16:47:20 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x4b, &(0x7f0000000280)={@private0}, 0x14) bind$inet6(r0, &(0x7f00000005c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) 16:47:20 executing program 3: r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x3f0, 0x6c17, 0x40, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x7, 0x1, 0x3, 0x0, "", {{}, [{}]}}}]}}]}}, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000400)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0x0, 0x1}}) 16:47:20 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xf, 0x11, r2, 0x0) ioctl$FIBMAP(r1, 0x1, &(0x7f0000000040)) [ 210.890917] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 210.892423] misc raw-gadget: fail, usb_gadget_register_driver returned -16 16:47:20 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x4b, &(0x7f0000000280)={@private0}, 0x14) bind$inet6(r0, &(0x7f00000005c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) 16:47:20 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000000)=0x20003, 0x4) 16:47:20 executing program 7: finit_module(0xffffffffffffffff, &(0x7f0000000100)='/,*\x00', 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) mlock(&(0x7f0000ff5000/0x4000)=nil, 0x4000) 16:47:20 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) sendmsg$unix(r1, &(0x7f0000001a00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001480)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)) sendmsg$unix(r0, &(0x7f0000002800)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="0000000014"], 0x30}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 16:47:20 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x4b, &(0x7f0000000280)={@private0}, 0x14) bind$inet6(r0, &(0x7f00000005c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) 16:47:20 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) sendmsg$unix(r1, &(0x7f0000001a00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001480)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)) sendmsg$unix(r0, &(0x7f0000002800)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="0000000014"], 0x30}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 16:47:20 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xf, 0x11, r2, 0x0) ioctl$FIBMAP(r1, 0x1, &(0x7f0000000040)) 16:47:20 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000000)=0x20003, 0x4) 16:47:20 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x4b, &(0x7f0000000280)={@private0}, 0x14) bind$inet6(r0, &(0x7f00000005c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) 16:47:20 executing program 7: syz_genetlink_get_family_id$nbd(0x0, 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 16:47:20 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) sendmsg$unix(r1, &(0x7f0000001a00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001480)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)) sendmsg$unix(r0, &(0x7f0000002800)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="0000000014"], 0x30}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 16:47:20 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000000)=0x20003, 0x4) 16:47:20 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) sendmsg$unix(r1, &(0x7f0000001a00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001480)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)) sendmsg$unix(r0, &(0x7f0000002800)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="0000000014"], 0x30}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 16:47:20 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xf, 0x11, r2, 0x0) ioctl$FIBMAP(r1, 0x1, &(0x7f0000000040)) 16:47:20 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x4b, &(0x7f0000000280)={@private0}, 0x14) bind$inet6(r0, &(0x7f00000005c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) 16:47:20 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xf, 0x11, r2, 0x0) ioctl$FIBMAP(r1, 0x1, &(0x7f0000000040)) 16:47:20 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) copy_file_range(r0, &(0x7f0000000180)=0x80, r0, &(0x7f00000001c0), 0x400, 0x0) 16:47:20 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) 16:47:20 executing program 6: r0 = epoll_create1(0x0) r1 = getpid() fcntl$lock(r0, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, r1}) 16:47:20 executing program 2: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab', 0x0, 0x0) getdents64(r0, &(0x7f0000000240)=""/226, 0x20000258) getdents64(r0, 0x0, 0x0) 16:47:20 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, 0x0, 0x0) 16:47:21 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) copy_file_range(r0, &(0x7f0000000180)=0x80, r0, &(0x7f00000001c0), 0x400, 0x0) 16:47:21 executing program 6: r0 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8953, &(0x7f0000000000)={'wlan1\x00'}) 16:47:21 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000280)={0x53, 0x0, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0}) 16:47:21 executing program 5: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280), 0x121000, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r2, &(0x7f00000000c0)='9', 0x1, 0x8040000) copy_file_range(r2, &(0x7f0000000000)=0x705, r2, &(0x7f0000000040), 0x6, 0x0) r3 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300), 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000340)={{0x1, 0x1, 0x18, r3, @in_args={0x4}}, './file0\x00'}) ioctl$BTRFS_IOC_GET_FEATURES(r1, 0x80189439, &(0x7f00000002c0)) ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000040)) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') ioctl$BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f0000000380)) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000)={0x0, 0x7f}) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) r7 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) renameat2(r7, &(0x7f0000000180)='./file0\x00', r4, &(0x7f0000000240)='./file0\x00', 0x7) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) 16:47:21 executing program 1: r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x3f0, 0x6c17, 0x40, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x7, 0x1, 0x3, 0x0, "", {{}, [{}]}}}]}}]}}, 0x0) (fail_nth: 1) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000400)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0x0, 0x1}}) 16:47:21 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, 0x0, 0x0) 16:47:21 executing program 2: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab', 0x0, 0x0) getdents64(r0, &(0x7f0000000240)=""/226, 0x20000258) getdents64(r0, 0x0, 0x0) [ 211.789596] syz-executor.6 uses obsolete (PF_INET,SOCK_PACKET) [ 211.798618] audit: type=1400 audit(1663001241.109:9): avc: denied { write } for pid=6689 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 211.808689] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 211.811501] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 211.822343] hrtimer: interrupt took 18585 ns [ 211.823075] misc raw-gadget: fail, usb_gadget_register_driver returned -16 16:47:21 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, 0x0, 0x0) 16:47:21 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000280)={0x53, 0x0, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0}) 16:47:21 executing program 6: r0 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8953, &(0x7f0000000000)={'wlan1\x00'}) 16:47:21 executing program 2: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab', 0x0, 0x0) getdents64(r0, &(0x7f0000000240)=""/226, 0x20000258) getdents64(r0, 0x0, 0x0) 16:47:21 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) copy_file_range(r0, &(0x7f0000000180)=0x80, r0, &(0x7f00000001c0), 0x400, 0x0) 16:47:21 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000280)={0x53, 0x0, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0}) 16:47:21 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, 0x0, 0x0) 16:47:21 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000280)={0x53, 0x0, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0}) 16:47:21 executing program 6: r0 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8953, &(0x7f0000000000)={'wlan1\x00'}) 16:47:21 executing program 1: r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x3f0, 0x6c17, 0x40, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x7, 0x1, 0x3, 0x0, "", {{}, [{}]}}}]}}]}}, 0x0) (fail_nth: 2) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000400)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0x0, 0x1}}) 16:47:21 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) copy_file_range(r0, &(0x7f0000000180)=0x80, r0, &(0x7f00000001c0), 0x400, 0x0) 16:47:21 executing program 6: r0 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8953, &(0x7f0000000000)={'wlan1\x00'}) 16:47:21 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000280)={0x53, 0x0, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0}) 16:47:21 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab', 0x0, 0x0) getdents64(r0, &(0x7f0000000240)=""/226, 0x20000258) getdents64(r0, 0x0, 0x0) 16:47:21 executing program 5: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280), 0x121000, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r2, &(0x7f00000000c0)='9', 0x1, 0x8040000) copy_file_range(r2, &(0x7f0000000000)=0x705, r2, &(0x7f0000000040), 0x6, 0x0) r3 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300), 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000340)={{0x1, 0x1, 0x18, r3, @in_args={0x4}}, './file0\x00'}) ioctl$BTRFS_IOC_GET_FEATURES(r1, 0x80189439, &(0x7f00000002c0)) ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000040)) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') ioctl$BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f0000000380)) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000)={0x0, 0x7f}) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) r7 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) renameat2(r7, &(0x7f0000000180)='./file0\x00', r4, &(0x7f0000000240)='./file0\x00', 0x7) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) 16:47:21 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000280)={0x53, 0x0, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0}) 16:47:21 executing program 2: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab', 0x0, 0x0) getdents64(r0, &(0x7f0000000240)=""/226, 0x20000258) getdents64(r0, 0x0, 0x0) [ 212.453758] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 212.457985] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 212.464024] misc raw-gadget: fail, usb_gadget_register_driver returned -16 16:47:21 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000280)={0x53, 0x0, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0}) 16:47:21 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab', 0x0, 0x0) getdents64(r0, &(0x7f0000000240)=""/226, 0x20000258) getdents64(r0, 0x0, 0x0) 16:47:21 executing program 7: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280), 0x121000, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r2, &(0x7f00000000c0)='9', 0x1, 0x8040000) copy_file_range(r2, &(0x7f0000000000)=0x705, r2, &(0x7f0000000040), 0x6, 0x0) r3 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300), 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000340)={{0x1, 0x1, 0x18, r3, @in_args={0x4}}, './file0\x00'}) ioctl$BTRFS_IOC_GET_FEATURES(r1, 0x80189439, &(0x7f00000002c0)) ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000040)) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') ioctl$BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f0000000380)) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000)={0x0, 0x7f}) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) r7 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) renameat2(r7, &(0x7f0000000180)='./file0\x00', r4, &(0x7f0000000240)='./file0\x00', 0x7) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) 16:47:21 executing program 3: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$PTP_PIN_SETFUNC2(r0, 0x40603d10, &(0x7f0000000900)) [ 212.553562] audit: type=1400 audit(1663001241.865:10): avc: denied { block_suspend } for pid=6743 comm="syz-executor.6" capability=36 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 16:47:21 executing program 6: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f0000000040)) r3 = ioctl$TIOCGPTPEER(r2, 0x5441, 0x0) dup2(r3, r0) 16:47:21 executing program 5: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280), 0x121000, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r2, &(0x7f00000000c0)='9', 0x1, 0x8040000) copy_file_range(r2, &(0x7f0000000000)=0x705, r2, &(0x7f0000000040), 0x6, 0x0) r3 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300), 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000340)={{0x1, 0x1, 0x18, r3, @in_args={0x4}}, './file0\x00'}) ioctl$BTRFS_IOC_GET_FEATURES(r1, 0x80189439, &(0x7f00000002c0)) ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000040)) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') ioctl$BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f0000000380)) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000)={0x0, 0x7f}) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) r7 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) renameat2(r7, &(0x7f0000000180)='./file0\x00', r4, &(0x7f0000000240)='./file0\x00', 0x7) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) 16:47:21 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab', 0x0, 0x0) getdents64(r0, &(0x7f0000000240)=""/226, 0x20000258) getdents64(r0, 0x0, 0x0) 16:47:21 executing program 6: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f0000000040)) r3 = ioctl$TIOCGPTPEER(r2, 0x5441, 0x0) dup2(r3, r0) 16:47:22 executing program 3: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$PTP_PIN_SETFUNC2(r0, 0x40603d10, &(0x7f0000000900)) 16:47:22 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, 0x0, 0x0) 16:47:22 executing program 6: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f0000000040)) r3 = ioctl$TIOCGPTPEER(r2, 0x5441, 0x0) dup2(r3, r0) 16:47:22 executing program 5: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280), 0x121000, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r2, &(0x7f00000000c0)='9', 0x1, 0x8040000) copy_file_range(r2, &(0x7f0000000000)=0x705, r2, &(0x7f0000000040), 0x6, 0x0) r3 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300), 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000340)={{0x1, 0x1, 0x18, r3, @in_args={0x4}}, './file0\x00'}) ioctl$BTRFS_IOC_GET_FEATURES(r1, 0x80189439, &(0x7f00000002c0)) ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000040)) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') ioctl$BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f0000000380)) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000)={0x0, 0x7f}) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) r7 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) renameat2(r7, &(0x7f0000000180)='./file0\x00', r4, &(0x7f0000000240)='./file0\x00', 0x7) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) 16:47:22 executing program 1: r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x3f0, 0x6c17, 0x40, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x7, 0x1, 0x3, 0x0, "", {{}, [{}]}}}]}}]}}, 0x0) (fail_nth: 3) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000400)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0x0, 0x1}}) 16:47:22 executing program 7: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280), 0x121000, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r2, &(0x7f00000000c0)='9', 0x1, 0x8040000) copy_file_range(r2, &(0x7f0000000000)=0x705, r2, &(0x7f0000000040), 0x6, 0x0) r3 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300), 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000340)={{0x1, 0x1, 0x18, r3, @in_args={0x4}}, './file0\x00'}) ioctl$BTRFS_IOC_GET_FEATURES(r1, 0x80189439, &(0x7f00000002c0)) ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000040)) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') ioctl$BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f0000000380)) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000)={0x0, 0x7f}) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) r7 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) renameat2(r7, &(0x7f0000000180)='./file0\x00', r4, &(0x7f0000000240)='./file0\x00', 0x7) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) 16:47:22 executing program 2: r0 = gettid() r1 = gettid() kcmp(r1, r0, 0xca60f8548e3b1cf7, 0xffffffffffffffff, 0xffffffffffffffff) 16:47:22 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @dev}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001d0001"], 0x1c}}, 0x0) pipe2(0x0, 0x4000) [ 213.014187] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 213.044010] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. 16:47:22 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, 0x0, 0x0) 16:47:22 executing program 3: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$PTP_PIN_SETFUNC2(r0, 0x40603d10, &(0x7f0000000900)) 16:47:22 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @dev}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001d0001"], 0x1c}}, 0x0) pipe2(0x0, 0x4000) [ 213.174231] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. 16:47:22 executing program 2: r0 = gettid() r1 = gettid() kcmp(r1, r0, 0xca60f8548e3b1cf7, 0xffffffffffffffff, 0xffffffffffffffff) 16:47:22 executing program 3: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$PTP_PIN_SETFUNC2(r0, 0x40603d10, &(0x7f0000000900)) 16:47:22 executing program 6: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f0000000040)) r3 = ioctl$TIOCGPTPEER(r2, 0x5441, 0x0) dup2(r3, r0) 16:47:22 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @dev}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001d0001"], 0x1c}}, 0x0) pipe2(0x0, 0x4000) [ 213.316173] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. 16:47:22 executing program 2: r0 = gettid() r1 = gettid() kcmp(r1, r0, 0xca60f8548e3b1cf7, 0xffffffffffffffff, 0xffffffffffffffff) 16:47:22 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, 0x0, 0x0) 16:47:22 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @dev}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001d0001"], 0x1c}}, 0x0) pipe2(0x0, 0x4000) 16:47:22 executing program 6: perf_event_open$cgroup(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 16:47:22 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000380), 0x8}, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x200, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x2, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) getsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000240), &(0x7f0000000280)=0x4) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) fchdir(r0) ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000100)={'bond_slave_0\x00'}) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6, @remote}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x2, &(0x7f00000001c0)={0x0, 0x1, 0x6, @random="767b24f4e073"}, 0x10) fcntl$setstatus(r2, 0x4, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 16:47:22 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_mount_image$tmpfs(&(0x7f0000000200), &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB]) mknodat$loop(r0, &(0x7f0000000540)='./file0\x00', 0x0, 0x1) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) fchownat(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0xee01, 0x0) 16:47:22 executing program 1: r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x3f0, 0x6c17, 0x40, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x7, 0x1, 0x3, 0x0, "", {{}, [{}]}}}]}}]}}, 0x0) (fail_nth: 4) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000400)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0x0, 0x1}}) 16:47:22 executing program 7: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280), 0x121000, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r2, &(0x7f00000000c0)='9', 0x1, 0x8040000) copy_file_range(r2, &(0x7f0000000000)=0x705, r2, &(0x7f0000000040), 0x6, 0x0) r3 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300), 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000340)={{0x1, 0x1, 0x18, r3, @in_args={0x4}}, './file0\x00'}) ioctl$BTRFS_IOC_GET_FEATURES(r1, 0x80189439, &(0x7f00000002c0)) ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000040)) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') ioctl$BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f0000000380)) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000)={0x0, 0x7f}) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) r7 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) renameat2(r7, &(0x7f0000000180)='./file0\x00', r4, &(0x7f0000000240)='./file0\x00', 0x7) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) [ 213.718794] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 213.758875] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 213.763733] misc raw-gadget: fail, usb_gadget_register_driver returned -16 16:47:23 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, 0x0, 0x0) 16:47:23 executing program 4: syz_emit_ethernet(0x7e, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @remote}, @source_quench={0xc, 0x5, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @loopback, @broadcast, {[@ssrr={0x89, 0xf, 0x0, [@broadcast, @broadcast, @private]}, @rr={0x7, 0x3}, @lsrr={0x83, 0xb, 0x0, [@multicast1, @rand_addr]}, @lsrr={0x83, 0x7, 0x0, [@initdev={0xac, 0x1e, 0x0, 0x0}]}, @ssrr={0x89, 0xf, 0x0, [@broadcast, @dev, @loopback]}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@private}]}]}}}}}}}, 0x0) 16:47:23 executing program 6: getgroups(0x2, &(0x7f0000000140)=[0x0, 0xee00]) setresgid(r0, 0x0, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) setgid(0x0) 16:47:23 executing program 2: r0 = gettid() r1 = gettid() kcmp(r1, r0, 0xca60f8548e3b1cf7, 0xffffffffffffffff, 0xffffffffffffffff) 16:47:23 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_mount_image$tmpfs(&(0x7f0000000200), &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB]) mknodat$loop(r0, &(0x7f0000000540)='./file0\x00', 0x0, 0x1) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) fchownat(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0xee01, 0x0) 16:47:23 executing program 4: syz_emit_ethernet(0x7e, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @remote}, @source_quench={0xc, 0x5, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @loopback, @broadcast, {[@ssrr={0x89, 0xf, 0x0, [@broadcast, @broadcast, @private]}, @rr={0x7, 0x3}, @lsrr={0x83, 0xb, 0x0, [@multicast1, @rand_addr]}, @lsrr={0x83, 0x7, 0x0, [@initdev={0xac, 0x1e, 0x0, 0x0}]}, @ssrr={0x89, 0xf, 0x0, [@broadcast, @dev, @loopback]}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@private}]}]}}}}}}}, 0x0) 16:47:23 executing program 2: linkat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x600) 16:47:23 executing program 6: getgroups(0x2, &(0x7f0000000140)=[0x0, 0xee00]) setresgid(r0, 0x0, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) setgid(0x0) 16:47:23 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f0000000980), &(0x7f00000009c0)=0x4) 16:47:23 executing program 4: syz_emit_ethernet(0x7e, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @remote}, @source_quench={0xc, 0x5, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @loopback, @broadcast, {[@ssrr={0x89, 0xf, 0x0, [@broadcast, @broadcast, @private]}, @rr={0x7, 0x3}, @lsrr={0x83, 0xb, 0x0, [@multicast1, @rand_addr]}, @lsrr={0x83, 0x7, 0x0, [@initdev={0xac, 0x1e, 0x0, 0x0}]}, @ssrr={0x89, 0xf, 0x0, [@broadcast, @dev, @loopback]}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@private}]}]}}}}}}}, 0x0) 16:47:23 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_mount_image$tmpfs(&(0x7f0000000200), &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB]) mknodat$loop(r0, &(0x7f0000000540)='./file0\x00', 0x0, 0x1) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) fchownat(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0xee01, 0x0) 16:47:23 executing program 2: linkat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x600) 16:47:23 executing program 6: getgroups(0x2, &(0x7f0000000140)=[0x0, 0xee00]) setresgid(r0, 0x0, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) setgid(0x0) 16:47:23 executing program 4: syz_emit_ethernet(0x7e, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @remote}, @source_quench={0xc, 0x5, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @loopback, @broadcast, {[@ssrr={0x89, 0xf, 0x0, [@broadcast, @broadcast, @private]}, @rr={0x7, 0x3}, @lsrr={0x83, 0xb, 0x0, [@multicast1, @rand_addr]}, @lsrr={0x83, 0x7, 0x0, [@initdev={0xac, 0x1e, 0x0, 0x0}]}, @ssrr={0x89, 0xf, 0x0, [@broadcast, @dev, @loopback]}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@private}]}]}}}}}}}, 0x0) 16:47:23 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000380), 0x8}, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x200, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x2, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) getsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000240), &(0x7f0000000280)=0x4) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) fchdir(r0) ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000100)={'bond_slave_0\x00'}) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6, @remote}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x2, &(0x7f00000001c0)={0x0, 0x1, 0x6, @random="767b24f4e073"}, 0x10) fcntl$setstatus(r2, 0x4, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 16:47:23 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f0000000980), &(0x7f00000009c0)=0x4) 16:47:23 executing program 1: r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x3f0, 0x6c17, 0x40, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x7, 0x1, 0x3, 0x0, "", {{}, [{}]}}}]}}]}}, 0x0) (fail_nth: 5) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000400)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0x0, 0x1}}) 16:47:23 executing program 7: fallocate(0xffffffffffffffff, 0x4, 0x2, 0x3ff) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) setxattr$trusted_overlay_nlink(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040), &(0x7f0000000240)={'U+', 0x10001}, 0x16, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_EEE_GET(r2, 0x0, 0x0) fcntl$F_GET_RW_HINT(r2, 0x40b, &(0x7f0000000340)) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000400)=ANY=[@ANYRESDEC, @ANYRES16=r1, @ANYRESOCT, @ANYRESDEC, @ANYRES32, @ANYRESDEC, @ANYRESHEX], 0x8) getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x3b, 0x0, &(0x7f0000000300)) getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x4, &(0x7f00000001c0), &(0x7f0000000200)=0x4) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa0014, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) [ 214.381731] FAULT_INJECTION: forcing a failure. [ 214.381731] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 214.383559] CPU: 0 PID: 6841 Comm: syz-executor.1 Tainted: G W 6.0.0-rc5-next-20220912 #1 [ 214.384963] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 214.386614] Call Trace: [ 214.387012] [ 214.387367] dump_stack_lvl+0x8b/0xb3 [ 214.388109] should_fail.cold+0x5/0xa [ 214.388884] strncpy_from_user+0x34/0x3e0 [ 214.389744] getname_flags.part.0+0x95/0x4f0 [ 214.390638] getname+0x8e/0xd0 [ 214.391282] do_sys_openat2+0xf9/0x4c0 [ 214.392081] ? rcu_read_lock_sched_held+0xd/0x80 [ 214.393064] ? build_open_flags+0x6f0/0x6f0 [ 214.393943] ? up_write+0x480/0x480 [ 214.394682] __x64_sys_openat+0x13f/0x1f0 [ 214.395526] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 214.396504] ? fpregs_assert_state_consistent+0xbc/0xe0 [ 214.397595] do_syscall_64+0x3b/0x90 [ 214.398357] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 214.399398] RIP: 0033:0x7f16fcd48a04 [ 214.400140] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 214.403749] RSP: 002b:00007f16fa309040 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 214.405267] RAX: ffffffffffffffda RBX: 00007f16fcea8f60 RCX: 00007f16fcd48a04 [ 214.406669] RDX: 0000000000000002 RSI: 00007f16fcdeee22 RDI: 00000000ffffff9c [ 214.408075] RBP: 00007f16fcdeee22 R08: 0000000000000000 R09: 0000000000000000 [ 214.409491] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 214.410874] R13: 0000000000000000 R14: 0000000020000000 R15: 0000000000022000 [ 214.412288] 16:47:23 executing program 6: getgroups(0x2, &(0x7f0000000140)=[0x0, 0xee00]) setresgid(r0, 0x0, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) setgid(0x0) 16:47:23 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f0000000980), &(0x7f00000009c0)=0x4) 16:47:23 executing program 2: linkat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x600) 16:47:23 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_mount_image$tmpfs(&(0x7f0000000200), &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB]) mknodat$loop(r0, &(0x7f0000000540)='./file0\x00', 0x0, 0x1) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) fchownat(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0xee01, 0x0) 16:47:23 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fallocate(r0, 0x20, 0x200, 0x8000) 16:47:23 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f0000000980), &(0x7f00000009c0)=0x4) 16:47:23 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000380), 0x8}, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x200, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x2, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) getsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000240), &(0x7f0000000280)=0x4) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) fchdir(r0) ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000100)={'bond_slave_0\x00'}) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6, @remote}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x2, &(0x7f00000001c0)={0x0, 0x1, 0x6, @random="767b24f4e073"}, 0x10) fcntl$setstatus(r2, 0x4, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 16:47:24 executing program 2: linkat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x600) 16:47:24 executing program 6: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000380), 0x8, 0x0) fgetxattr(r0, &(0x7f000000ecc0)=@known='security.apparmor\x00', 0x0, 0x0) 16:47:24 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2c, 0x2, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x18, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @empty}}}]}]}, 0x2c}}, 0x0) 16:47:24 executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv2(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 16:47:24 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fallocate(r0, 0x20, 0x200, 0x8000) 16:47:24 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000380), 0x8}, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x200, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x2, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) getsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000240), &(0x7f0000000280)=0x4) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) fchdir(r0) ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000100)={'bond_slave_0\x00'}) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6, @remote}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x2, &(0x7f00000001c0)={0x0, 0x1, 0x6, @random="767b24f4e073"}, 0x10) fcntl$setstatus(r2, 0x4, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 16:47:24 executing program 7: fallocate(0xffffffffffffffff, 0x4, 0x2, 0x3ff) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) setxattr$trusted_overlay_nlink(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040), &(0x7f0000000240)={'U+', 0x10001}, 0x16, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_EEE_GET(r2, 0x0, 0x0) fcntl$F_GET_RW_HINT(r2, 0x40b, &(0x7f0000000340)) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000400)=ANY=[@ANYRESDEC, @ANYRES16=r1, @ANYRESOCT, @ANYRESDEC, @ANYRES32, @ANYRESDEC, @ANYRESHEX], 0x8) getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x3b, 0x0, &(0x7f0000000300)) getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x4, &(0x7f00000001c0), &(0x7f0000000200)=0x4) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa0014, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) 16:47:24 executing program 1: r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x3f0, 0x6c17, 0x40, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x7, 0x1, 0x3, 0x0, "", {{}, [{}]}}}]}}]}}, 0x0) (fail_nth: 6) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000400)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0x0, 0x1}}) 16:47:24 executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv2(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 16:47:24 executing program 6: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000380), 0x8, 0x0) fgetxattr(r0, &(0x7f000000ecc0)=@known='security.apparmor\x00', 0x0, 0x0) 16:47:24 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fallocate(r0, 0x20, 0x200, 0x8000) 16:47:24 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000002580)={@ipv4={'\x00', '\xff\xff', @local}}, 0x14) 16:47:24 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2c, 0x2, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x18, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @empty}}}]}]}, 0x2c}}, 0x0) 16:47:24 executing program 6: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000380), 0x8, 0x0) fgetxattr(r0, &(0x7f000000ecc0)=@known='security.apparmor\x00', 0x0, 0x0) 16:47:24 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000002580)={@ipv4={'\x00', '\xff\xff', @local}}, 0x14) 16:47:24 executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv2(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 16:47:24 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r0, &(0x7f00000009c0)={{0x0, 0x0, 0x0, 0xf5ffffff}, "c372a768"}, 0x24) 16:47:24 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fallocate(r0, 0x20, 0x200, 0x8000) 16:47:24 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2c, 0x2, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x18, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @empty}}}]}]}, 0x2c}}, 0x0) 16:47:24 executing program 6: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000380), 0x8, 0x0) fgetxattr(r0, &(0x7f000000ecc0)=@known='security.apparmor\x00', 0x0, 0x0) 16:47:24 executing program 1: r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x3f0, 0x6c17, 0x40, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x7, 0x1, 0x3, 0x0, "", {{}, [{}]}}}]}}]}}, 0x0) (fail_nth: 7) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000400)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0x0, 0x1}}) 16:47:24 executing program 7: fallocate(0xffffffffffffffff, 0x4, 0x2, 0x3ff) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) setxattr$trusted_overlay_nlink(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040), &(0x7f0000000240)={'U+', 0x10001}, 0x16, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_EEE_GET(r2, 0x0, 0x0) fcntl$F_GET_RW_HINT(r2, 0x40b, &(0x7f0000000340)) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000400)=ANY=[@ANYRESDEC, @ANYRES16=r1, @ANYRESOCT, @ANYRESDEC, @ANYRES32, @ANYRESDEC, @ANYRESHEX], 0x8) getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x3b, 0x0, &(0x7f0000000300)) getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x4, &(0x7f00000001c0), &(0x7f0000000200)=0x4) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa0014, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) [ 215.670803] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy 16:47:24 executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv2(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 16:47:24 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r0, &(0x7f00000009c0)={{0x0, 0x0, 0x0, 0xf5ffffff}, "c372a768"}, 0x24) 16:47:24 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2c, 0x2, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x18, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @empty}}}]}]}, 0x2c}}, 0x0) [ 215.692539] misc raw-gadget: fail, usb_gadget_register_driver returned -16 16:47:25 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000000140)=[{&(0x7f0000000000)='%', 0x1}], 0x1, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000002, 0x12, r1, 0x0) syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000000c0)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) fallocate(r0, 0x3, 0x0, 0x3) 16:47:25 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000002580)={@ipv4={'\x00', '\xff\xff', @local}}, 0x14) 16:47:25 executing program 6: perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000140)="02b2dccad213e1e6cf54b7a797f8f22a47f25b7658fb110b2e76f95b0f318b8fa745e6ffba4414d29a42bfab524bc5bffb17decc4540a6f00b9772f5f9789a9525790df8d989b23530d0a1398f2ad734c7ff47961be476ffeec81efa3d3aa64b8ea329261dfc2e1047a68670f0e5950d6a5414956bddd09e101b5b66e5742fe843413e065e3b86a242b37bc58c68153a45015f6f1ea67762c302e461e0c84bbb7f8d464f5a72d9fad56dac0c5028a4012a93dbc7da640786e3c9898cdd8fe091b166bfcd66e6257abc923ceaf90e994deded3fe8a59c2105f5caf366d32170ef51299dbf441bc3cddda352a2e07375fb44e75fed8082f3e960015d9bcddb0c834feda68d113a9a9fc0d1c30153685caf43b176219b666d74e67b6192cfd8a561c6c4aadcc80ed8c469bc41b028f1db515d699e45ad3379f9b1edb8de4bb2f8615d6716297baac7e45073fcecf31e51ec78c40edd78f245bced04414f849fb961fbbe79ff2ed7c48ec1b5331f9755d7094986fc8da198ce4a12f9ddfb43e565bc4fed618da9a693d03c3e7ec4b3014dfc022103e277c1b12efb03ef8b197f3a931f6cbe238cf8a4e7639b409b4586f66da41b94eed69d52ba9fde5aa1ee774d4e626932dc3511b10ae3bc3e8688a7a83b0467dfbf92951747396735c9f47ad4552e7bdf4f8e7998a1266a360beb2ec1527390452139f9ab91ee250efcf3413e72a6b2688d8b6a4748ccc165bbf886573ccdd03bd93f32a866cd878ec246e06f31d4d7f7ec9836b7305ee0c1b9fa75cd6e4ca5cc2f107b654f15a2442cd9c8eaf581d093639fe35e0da49394c5ed66ad29bc2b863649e16c1951d0d3dd6f1048539e558ee1f059d91510a5acd84777ca01545635d2fb40e2f205bb11435023e47e4e2f85b6d1b56b688dd1a4304708a561d32dbaa6cd4f969e67af33773d4e9772751019dc6c2af7e2fe9d3c7eb6f1b401926603d90802f792b081957dd5ebd18410cd42b2ea05ae9a61254e4b878384b8a376fe9eba06afc1253f2224fab88feb7c426e3dfb19385afbb42cc13209b419568eeafdf505dc5ca30acc17d337e941e0badf9f9413f381fe9a315e2597426805827943f193f02a12554d434bd91708a28d9da1bf64ad", 0x327}], 0x1) [ 215.771040] perf: interrupt took too long (5258 > 5248), lowering kernel.perf_event_max_sample_rate to 38000 [ 215.774149] perf: interrupt took too long (8336 > 8276), lowering kernel.perf_event_max_sample_rate to 23000 [ 215.776041] perf: interrupt took too long (10433 > 10420), lowering kernel.perf_event_max_sample_rate to 19000 [ 215.779112] perf: interrupt took too long (13050 > 13041), lowering kernel.perf_event_max_sample_rate to 15000 16:47:25 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000002580)={@ipv4={'\x00', '\xff\xff', @local}}, 0x14) 16:47:25 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r0, &(0x7f00000009c0)={{0x0, 0x0, 0x0, 0xf5ffffff}, "c372a768"}, 0x24) [ 215.858196] perf: interrupt took too long (16319 > 16312), lowering kernel.perf_event_max_sample_rate to 12000 16:47:25 executing program 0: mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x44031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x0, 0x0) 16:47:25 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) VM DIAGNOSIS: 16:47:16 Registers: info registers vcpu 0 RAX=0000000000000066 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b1e41 RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff888036287698 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000066 R11=0000000000000001 R12=0000000000000066 R13=ffffffff8763faa0 R14=0000000000000010 R15=ffffffff822b1e30 RIP=ffffffff822b1e99 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f16fa30b700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f16fcea9018 CR3=000000002fd06000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f16fce7c7c0 00007f16fce7c7c8 YMM02=0000000000000000 0000000000000000 00007f16fce7c7e0 00007f16fce7c7c0 YMM03=0000000000000000 0000000000000000 00007f16fce7c7c8 00007f16fce7c7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=dffffc0000000000 RBX=ffff888008938000 RCX=0000000000000000 RDX=1ffff11001118b48 RSI=ffffffff8342b1c5 RDI=ffff8880088c5a40 RBP=0000000000000001 RSP=ffff88801778fb08 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=0000000000000000 R13=ffff8880088c58d8 R14=ffff88800893838c R15=0000000000000000 RIP=ffffffff8342b22a RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f053ff108c0 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fdea733f260 CR3=0000000009ab4000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffff000000000000 ff00000000000000 YMM02=0000000000000000 0000000000000000 0000000000000181 0000000000000000 YMM03=0000000000000000 0000000000000000 7269762f73656369 7665642f7379732f YMM04=0000000000000000 0000000000000000 ffffffff00000001 0000563137be27f0 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000563137c09610 0000000400000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 2f63697361622f63 72732f2e2e000d0a YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000200000 0000000000200000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000