last executing test programs:

8m24.640702887s ago: executing program 2 (id=2823):
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {<r0=>0xffffffffffffffff}}, './file0\x00'})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f00000018c0)=ANY=[@ANYBLOB="2c000000010101027e10000000000000020000080c0019800800020004000000080008400000000804000280"], 0x2c}, 0x1, 0x0, 0x0, 0x24000080}, 0x20000800)
sendfile(r0, 0xffffffffffffffff, &(0x7f00000002c0)=0x7, 0x9)
socket$netlink(0x10, 0x3, 0xf)
read$FUSE(0xffffffffffffffff, &(0x7f00000002c0)={0x2020}, 0x2020)
add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f00000001c0)="a6", 0x1, 0x0)
syz_emit_vhci(&(0x7f0000000500)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x0, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_ecred_reconf_rsp={{0x1a, 0xc, 0x2}, {0x81}}}}, 0xf)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)

8m24.393089214s ago: executing program 2 (id=2825):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000400), 0x20000, 0x0)
ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000040))

8m24.321119277s ago: executing program 2 (id=2826):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000400), 0x20000, 0x0)
ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000040)) (fail_nth: 1)

8m23.843523527s ago: executing program 2 (id=2829):
r0 = syz_open_dev$I2C(&(0x7f0000000540), 0x7, 0x82)
writev(r0, &(0x7f0000000c40)=[{&(0x7f0000000680)="8fb127d58043247e7399860e2289630b38405c8ef427ffb6b090c6a42f6a30edaf5b133e5a73f16a7d16963cd881bef48d2f0ff394ca3425a0356f2e9b4fd1daf1cd526a1a7550539af5d6362d663814cd10b8f06999ce9a9aebaca72b59", 0x5e}, {&(0x7f0000000580)}, {&(0x7f0000000700)="b1f1859fe8dc6fe9d7fd46c922cd78412efcb473e0c8a5e58d1e35ac3e16bc7c0652e1d0edc31bd0dd43e1a668ebb2388ff7f8952efd611ca9579946346c423f0104111e76b93bcf304e11", 0x4b}, {&(0x7f0000000780)="16145c7c6a71d78df28fa3f40317ca0e9dfc7f8f35458953d964ed8828bc8ae82af03675bb081880a4225e60e38848db08ae7b39f574ee26f110ad74f7a876053ba14b5212352ed1a85e0f4680e3b86d4a8f12ba110b7d4917c3802d300d24523ef13f291d8e50df38587e87e65562c795a9bfcb11d01265e95c6b200193f7800cbde6b6073b76cf021a4cc4b18dfb4dafb28e4bada7f6faf0b1eaf27309033c3c1d03c44fb1f3540286963b9e92044c9526b26b5a623b265d3cf7cac2a3e2a7f5b4", 0xc2}, {&(0x7f0000000880)="71be30e882c2def334192f3b3fbee2f6189988c58c383fcb3f8df557557bd7397f00b5544c9a15eb9708a013757fd1ffb18fbd07d3557ee0e62ffd1dff21d5b6c50e532bb52042535a6f8beb06887b9398f6bbb53001e93ab0b75d3d6ffddc279e1d293e6142e0ec8050c932d80c0d27757749c5810bf4a0094a0d300b6c51be9f8d182b86ab07eb8d4c6f8a7cc1cb4ec6c8b54b0709d0038b5a12a541a52ee7e0ec018d08f35cd2c3387840c043788605241954040d96929aacc588d36c1df6ef5247f782e0f5", 0xc7}, {&(0x7f0000000600)="833111a47ec82ebbe06675376e7d4e7870efd10762eca1f92ab5bacee85103ba2b11bc612743c24a7a632410f946d6d360db894eb2", 0x35}, {&(0x7f0000000980)="01cb8da628b872fff5e64f28bf654488556dc10381d381642822d009f308974d09b760db091abc0ce06072cbcc2ad474d7eb82b3d329b9a8c0917c0f4d6c999d3c64332d09cbfc02c948cef1a7749fa17e3c03b2670c7527e8cc19023dee73619ba1424f379578c673da44c2dfac156139f91ca42387546c0202c1d004a35573d8656fd9a53ad5758d4d320f7d703559c9e75bd5bdff02506384e7f82c3c2553ba45eefc0ce8cd99f70f24d1da737133c5657b911b185cab63697735fe809e86c93bb364f01fda76b474030c6191e4154357a5f6d89d932671247d63b6b4f600643e75bcb85236bcc200018b186e69ea11ee36", 0xf3}, {&(0x7f0000000a80)="7555f91c51e57eb593a283d2e1abf64fa99e68099b545f823370dc5d37ada7bcaff20cb3cc052ffbdb138b6fb985b50ecece14dbb11bb79aff913ebba1534f131df948fe63371a7d1e28765d82be51662e053de744e869b0a7c0fa785cfdefadada3f77e16c8b81933cf8a01ffe1a59b25a563278afcf95688fc2628d9821a76236e1ec8561bfc5eadcbb68594318fbb8ff57f788193cfb632127aabbbedb98b6ad2938d6e08c6427f88857e089e28176f8d3b6a0c638bc533e109ea46d736bc9f2bd7670c01f978919a7226a75c7e9c6826de3b75845d74f8e74b4b47a804fa6ae8a7bfe155cb001ffc41ca03ace266ea02b1eee6", 0xf5}, {&(0x7f0000000b80)="7cab4b6b4846bf43ac486104a52f73f95a6b781ae192bac12eee96b960ca6b84daacf787df783e91fb6f273b75b84b4ed57b685e3e2ccac8f133241d574bcd5eb7bc7a01a7270303873fbde5e2130759942a47f8898aa453ce490b055f8a7addc7998c9b6e7b0528398ee1c735f60a74a3a98c881e85b661aca38947", 0x7c}, {&(0x7f0000000c00)="fca1883c4b0581b526ff4ec834317d0590a491b38704e39cd78203ce90932246d0d384b63939675b49635087fc87", 0x2e}], 0xa)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x101, 0x300}})
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x400000, 0x0}}, 0x20)
ioctl$SNDRV_PCM_IOCTL_FORWARD(r2, 0x40084149, &(0x7f0000000040)=0x8000000400000000)
r3 = socket$inet6(0xa, 0x2, 0x3a)
sendmmsg$inet6(r3, &(0x7f0000002dc0)=[{{&(0x7f00000006c0)={0xa, 0x4e24, 0x0, @remote, 0xa}, 0x1c, &(0x7f0000000080)=[{&(0x7f0000000280)="8000102ebf77d401", 0x8}], 0x1, &(0x7f00000000c0)=ANY=[], 0x18}}], 0x1, 0x240080c4)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r4, 0xc4c85512, &(0x7f0000000040)={{0xb, 0x0, 0x0, 0x0, 'syz0\x00'}})
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
pipe2$watch_queue(0x0, 0x80)
r6 = syz_open_dev$vim2m(&(0x7f0000000240), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r6, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_QBUF(r6, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0x1, {0x0}})
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
epoll_pwait2(0xffffffffffffffff, &(0x7f0000000000)=[{}, {}], 0x2, &(0x7f0000000040)={0x0, 0x3938700}, &(0x7f0000000080)={[0x9]}, 0xfffffffffffffec4)

8m23.188154974s ago: executing program 2 (id=2842):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x7) (async)
ioctl$TCSETA(r0, 0x5401, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "568beed00e80a9f8"}) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
unshare(0x4020400)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$usbmon(0x0, 0x0, 0x0) (async)
r3 = socket(0x25, 0xa, 0x2) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'tunl0\x00', <r5=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl0\x00', r5, 0x4, 0x9, 0x0, 0x8, 0x3a, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast2={0xff, 0x3}, 0x0, 0x0, 0xfffffffe, 0xffffffff}})
r6 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r6, 0xc004500a, &(0x7f0000000080)) (async)
ioctl$SNDCTL_DSP_SPEED(r6, 0xc0045002, &(0x7f0000000040)=0xdfe5) (async)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000500)={0xa00, 0x18, 0xfa00, {0x100000000000000, 0x0}}, 0xfc36) (async)
r7 = openat$vmci(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r7, 0x7a7, &(0x7f0000000200)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000280)={@local})
unshare(0x40100) (async)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r7, 0x7aa, &(0x7f0000000180)={{@local}, 0x0, 0x0, 0x5})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0xffffe000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
r8 = socket$alg(0x26, 0x5, 0x0)
recvfrom(r8, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a83, 0x0) (async)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r10, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r10, 0x0)
write$cgroup_int(r9, &(0x7f0000000040)=0x900, 0x12)

8m22.533913428s ago: executing program 2 (id=2852):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x800, 0x8, 0x0, 0x9, 0x4}})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a)
fsetxattr$security_ima(r1, &(0x7f0000000000), &(0x7f0000000080)=@ng={0x4, 0x17, "b8b0173330c4657a7b47945127a7e32edd"}, 0x13, 0x2)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x1010, r2, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000001540), 0x1, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)

8m22.235614851s ago: executing program 32 (id=2852):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x800, 0x8, 0x0, 0x9, 0x4}})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a)
fsetxattr$security_ima(r1, &(0x7f0000000000), &(0x7f0000000080)=@ng={0x4, 0x17, "b8b0173330c4657a7b47945127a7e32edd"}, 0x13, 0x2)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x1010, r2, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000001540), 0x1, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)

7.388125321s ago: executing program 1 (id=6821):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}, 0x8}], 0x1, 0x0, &(0x7f0000000e00)={0x77359400})

7.095977076s ago: executing program 0 (id=6825):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10)

6.934195865s ago: executing program 3 (id=6828):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r2, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

6.732004384s ago: executing program 3 (id=6829):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a31000000800500050002000000110003"], 0x4c}}, 0x2)

6.668455667s ago: executing program 3 (id=6830):
socket$l2tp6(0xa, 0x2, 0x73)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, 0x0, 0x0)

6.575947931s ago: executing program 3 (id=6831):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
ioctl$BLKBSZSET(r1, 0x40081271, &(0x7f0000000000)=0x800)
r2 = openat$mice(0xffffffffffffff9c, 0x0, 0x80082)
fstat(r2, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x7, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, r3, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r5 = dup(r4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r5, 0x0)
ioctl$BLKRRPART(r5, 0x125f, 0x0)

6.495649728s ago: executing program 1 (id=6832):
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
r2 = dup3(r0, r1, 0x80000)
read$usbmon(r2, &(0x7f0000000600)=""/4096, 0x1000)

6.453594036s ago: executing program 3 (id=6833):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff}, 0x2}}, 0x20)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r4, 0x405c5503, 0x0)
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r3, &(0x7f0000000280)={@val={0x1c, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x0, 0x0, 0x1c, {[@window={0xe, 0x3}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e)
r6 = dup(r2)
write$UHID_INPUT(r6, &(0x7f0000001040)={0x8, {"a2e3ad214fc752f91b5d30f70b06d038e7ff7fc6e5539b385d098b089b3b08381a090890e0878f0e1ac6e7049b3344959b609a240c872adb988f7e0319520100ffe8d178708c523c921b1b3731360d095d0636cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08c4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e800ba9abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40d4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889632b3570243f989cce3803f465e41e610c2021d653a5520094ec79553299388b0000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a72eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c2d88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d606495c118045651cf41c2fc48b778efa5ea500feffffffffffff987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07840900000000000000f5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9be84b19bb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0545359bafffa452370000000010403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae2d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab1b0000005e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e709000000000000004fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83000000000000010058b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c500003716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174054a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff7544130700000000000000f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc6c71737b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8cf3d8c7dac4624574e185a9246af4d6adcc9f68a75b93903000000000000001c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7dbdf6eb6d279f2ae455925d0f6f1ba571eba263f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f9354b9094f22b625d64931cd4ffe6738d97b9b5ef828ee9fb059fc011d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9e9f0afa53282bf86dbb58c558069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae0000000000000007eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c73144f8e4a737afae5136651b1b9bd522d6039947329710309d83fdd9d8b4ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c10613d17ca51075f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb401000000608d6f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a10398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655bff4801784c416b22f73d32d678e2724f43f1fe687c7e8a605fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54a008000009e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d700000000000000002ea6283994a7dde4dcb61fea6b611fb1d6245939241a12830052fcc460db043afe525629b0800000000000000930ed624806c43a006e39336d07c2b80c1c128ad2706f4820000000000000900a6613bc18f5a38d4380f0000000000003d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c509704c98ad90295c7b2c7439a2d78cd7d79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2e0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77900b5f07722e47afed367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15f2dbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af500ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6f07000000ec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000eeffffffffffffff00000000000000000000000000000000000000000000000600", 0xffffffffffffff4a}}, 0x1006)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000340)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0, r1, 0x0, 0x4}}, 0x20)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000000140)=[{&(0x7f0000000340)="5800000014001923fc834b80040d8c560a067f020000000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd001a0010000100080c10000000000000000000", 0x58}], 0x1)

6.295641675s ago: executing program 3 (id=6834):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f00000002c0)={'team_slave_1\x00', 0x400})
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x101, 0x300}})
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f00000001c0)='cgroup.stat\x00', 0x300, 0x0)
read$FUSE(r4, &(0x7f000001aa80)={0x2020}, 0x2020)
read(r2, &(0x7f0000000100)=""/159, 0xfffffe5a)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)={{0x14}, [@NFT_MSG_NEWTABLE={0xc8, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_USERDATA={0xb3, 0x6, "407c045dc361d365b9e2215728f3033ed695f9ef7a531786a4fbb8e094d7c13052a0360100136a27d9c067e22c7d4052dd3406d128bd60d22cbb5a6b8106c143514ee9418c5e4b3b9dd88fd52fea5254138bee0e5e68dc4df9a729c571672ce24b408a93e8c7281fb4f9915d829041a2b42f51e8105173de5ebd4b7a584cb8216d4abe962e1d1ea1f697e4cba2a81718b8e281d9ff4ca2004a3968e0df6fc307d8f5b456432d95d46bb0d838252077"}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x9}]}, @NFT_MSG_NEWSETELEM={0x84, 0x1e, 0xa, 0x801, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x58, 0x3, 0x0, 0x1, [{0x54, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_USERDATA={0x50, 0x6, 0x1, 0x0, "a833b2a8a1dc7a60a033e103bfa24955346abf36d753ce75ba17b8f4c4b2b3af839149292e85e6d698bc4bb4faa30e1412a51aba7003baf8539de896f3ea52623c7c715f7f02d34bef46ba0b"}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x1b0}}, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x1010, r6, 0x0)
r7 = syz_open_dev$sndpcmp(&(0x7f0000001540), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r7, 0x80084121, 0x0)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0001000016000100000000000000000000000000000000000000000000000001ffffffff00000000000000000000000000040000000000000000000032000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc000000000000000000000000000001000000006c000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0000000000000000800000000000000000000000000000000000000000000000000000ff7f000005001b002b000000"], 0x100}}, 0x0)
r9 = socket(0x2b, 0x1, 0x1)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r9, 0x29, 0x20, &(0x7f0000000000)={@private2, 0x8000000, 0x2, 0x0, 0x1, 0x1, 0x4}, 0x20)
sendmsg$NFNL_MSG_CTHELPER_NEW(r9, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={&(0x7f0000000300)={0x84, 0x0, 0x9, 0x5, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x80000001}, @NFCTH_TUPLE={0x60, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}]}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x1a}]}, 0x84}, 0x1, 0x0, 0x0, 0x40}, 0x80)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)

6.18610584s ago: executing program 0 (id=6835):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
r1 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r1, 0x40305652, &(0x7f00000000c0)={0x0, 0x1, 0xffffff45, 0x0, 0x7, 0x8fc0, 0x1})
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000) (async)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

6.092135176s ago: executing program 0 (id=6836):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}], 0x10)
sendto$inet6(r0, &(0x7f0000000000)='\x00', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000580)={0x41, 0x80}, 0xe)

5.545433057s ago: executing program 1 (id=6840):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}, 0x8}], 0x1, 0x0, 0x0)

5.150518763s ago: executing program 0 (id=6842):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={<r2=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000240)={r2, 0x7, 0x0, 0x7, 0xf, 0x100}, &(0x7f0000000280)=0x14)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000400)={0xf0f002, 0x5})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r3, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

4.586944468s ago: executing program 1 (id=6845):
r0 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$setsig(r1, 0xa, 0x12)
ppoll(&(0x7f0000000100)=[{r2}], 0x1, 0x0, 0x0, 0x0)
r3 = dup2(r1, r2)
fcntl$setown(r2, 0x8, r0)
tkill(r0, 0x13)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000001c0), 0x13f, 0x6}}, 0x20)

4.096093755s ago: executing program 0 (id=6848):
socket$l2tp6(0xa, 0x2, 0x73)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x6c}, 0x0)

4.006983873s ago: executing program 0 (id=6849):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x101, 0x300}})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
r3 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x77, 0x29, 0x4, 0x20, 0x424, 0x9901, 0xc257, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x43, 0x0, 0x2, 0x31, 0x7d, 0x55, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r6, 0x4048aecb, &(0x7f0000000240)={0x7, 0x0, [{0x7, 0xffffffff, 0x2dc43c0faeff3249, 0x0, 0x6, 0x6, 0x2}, {0x80000007, 0x4, 0x0, 0x8001, 0x27, 0x7, 0x7f}, {0x40000001, 0x8, 0x0, 0x3, 0x7fffffff, 0x5, 0xffff}, {0xb, 0xe5f, 0x1, 0x7, 0xdf4, 0x6, 0x7fffffff}, {0x80000000, 0x0, 0x5, 0x6, 0x80000000, 0x0, 0xffffffff}, {0xd, 0x2bb, 0x1, 0xd, 0x3, 0x7ff, 0xffffffff}, {0x80000008, 0x3bf, 0x0, 0xf9, 0xffffa15c, 0xa524, 0x7}]})
syz_usb_control_io$uac1(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$uac1(r3, 0x0, &(0x7f0000000400)={0x44, &(0x7f0000000200)=ANY=[@ANYBLOB="401504"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = syz_open_dev$tty1(0xc, 0x4, 0x2)
fsetxattr$security_ima(r7, &(0x7f0000000000), &(0x7f0000000080), 0x1, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000300)={0x20, 0x1, 0x4, "94c161ee"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, 0x0, &(0x7f0000000b00)={0x2c, &(0x7f0000000900)={0x0, 0xe, 0x4, "52b16000"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r3, 0x0, &(0x7f00000002c0)={0x1c, &(0x7f0000000140)={0x0, 0xf, 0x4, "c7a13997"}, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, 0x0, &(0x7f00000001c0)={0x2c, &(0x7f0000000340)={0x20, 0x3, 0x4, "a13b1f21"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r3, 0x0, &(0x7f0000000380)={0x44, &(0x7f0000000180)={0x20, 0x15, 0x4, "b03f99ea"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r3, 0x0, 0x0)
syz_usb_control_io$printer(r3, 0x0, &(0x7f0000000740)={0x34, &(0x7f0000000240)={0x40, 0x15, 0x4, "6ce4d1f4"}, 0x0, 0x0, 0x0, 0x0, 0x0})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x1010, r2, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000001540), 0x1, 0x0)

2.485787388s ago: executing program 4 (id=6856):
socket$l2tp6(0xa, 0x2, 0x73)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x6c}, 0x0)

2.367467742s ago: executing program 4 (id=6857):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0}, 0xfd}, {{0x0, 0x0, 0x0}, 0x4}, {{0x0, 0x0, 0x0}, 0x4001}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/192, 0xc0}, {&(0x7f0000000d80)=""/255, 0xff}, {&(0x7f0000000e80)=""/4067, 0xfe3}, {&(0x7f0000000440)=""/126, 0x7e}, {&(0x7f00000024c0)=""/250, 0xfa}], 0x5}, 0x80000003}], 0x4, 0x10100, 0x0)

1.292003583s ago: executing program 1 (id=6858):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x80, &(0x7f0000000000)={0xa, 0x4e20, 0x1, @dev={0xfe, 0x80, '\x00', 0x15}, 0x9}, 0x1c)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)={0x24, r4, 0x1, 0x1070bd2c, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_SESSION_ID={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008000}, 0x30)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000002}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x38, r4, 0x0, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_UDP_CSUM={0x5}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'macvtap0\x00'}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x2000c815}, 0x8000)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
r6 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r6, 0x8982, &(0x7f0000000080))
bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)

667.807678ms ago: executing program 4 (id=6859):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)

553.602536ms ago: executing program 4 (id=6860):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0001000016000100000000000000000000000000000000000000000000000001ffffffff00000000000000000000000000040000000000000000000032000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc000000000000000000000000000001000000006c000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0000000000000000800000000000000000000000000000000000000000000000000000ff7f000005001b002b000000"], 0x100}}, 0x0)

409.377282ms ago: executing program 1 (id=6861):
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0xe22, 0xfffffeff, @private0={0xfc, 0x0, '\x00', 0x1}, 0x4000000}, 0x1c)
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r2=>0x0]}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000000)={r2, 0x9}, 0x8) (fail_nth: 2)

408.592957ms ago: executing program 4 (id=6862):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x81, 0x4, 0x0, 0x5, 0x1, 0xc, 0x2c, 0x95, 0x1, 0x0, 0x81, 0x0, 0x4, 0x504dcab8, 0x3, 0x0, 0x2, 0xbe, '\x00', 0x9, 0x4})
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000040)={0xc, 0x4, 0x81})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x1014e001, 0x59a35420, 0x20003, 0x10020f5b, 0x0, [{0x1, 0x1}, {}, {0x0, 0x0, 0x4b}, {0x0, 0x35}, {0x18, 0x6}, {0x3, 0x0, 0x6}, {0x2}, {0x2, 0x6}, {0x3}, {0x73, 0x1, 0x2, '\x00', 0x3}, {0x0, 0x0, 0x7c}, {0x0, 0x2}, {0x9, 0x8}, {0x7f, 0x4}, {0x7, 0xff, 0x0, '\x00', 0x39}, {0x0, 0x20, 0x80, '\x00', 0x6}, {0x0, 0x0, 0x0, '\x00', 0xff}, {0x0, 0x0, 0xd1}, {0x0, 0x0, 0x0, '\x00', 0xfe}, {0x0, 0x0, 0x80}, {0x6, 0xff, 0x40, '\x00', 0x1}, {0x0, 0x8, 0x0, '\x00', 0xfc}, {0x0, 0x5}, {0x2, 0xfd}]}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r3, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r3, 0x40101286, 0x0)
r4 = openat$mice(0xffffffffffffff9c, 0x0, 0x80082)
write$FUSE_CREATE_OPEN(r4, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r6 = dup(r5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r6, 0x0)
ioctl$BLKRRPART(r6, 0x125f, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40400, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x81, 0x4, 0x0, 0x5, 0x1, 0xc, 0x2c, 0x95, 0x1, 0x0, 0x81, 0x0, 0x4, 0x504dcab8, 0x3, 0x0, 0x2, 0xbe, '\x00', 0x9, 0x4}) (async)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000040)={0xc, 0x4, 0x81}) (async)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x1014e001, 0x59a35420, 0x20003, 0x10020f5b, 0x0, [{0x1, 0x1}, {}, {0x0, 0x0, 0x4b}, {0x0, 0x35}, {0x18, 0x6}, {0x3, 0x0, 0x6}, {0x2}, {0x2, 0x6}, {0x3}, {0x73, 0x1, 0x2, '\x00', 0x3}, {0x0, 0x0, 0x7c}, {0x0, 0x2}, {0x9, 0x8}, {0x7f, 0x4}, {0x7, 0xff, 0x0, '\x00', 0x39}, {0x0, 0x20, 0x80, '\x00', 0x6}, {0x0, 0x0, 0x0, '\x00', 0xff}, {0x0, 0x0, 0xd1}, {0x0, 0x0, 0x0, '\x00', 0xfe}, {0x0, 0x0, 0x80}, {0x6, 0xff, 0x40, '\x00', 0x1}, {0x0, 0x8, 0x0, '\x00', 0xfc}, {0x0, 0x5}, {0x2, 0xfd}]}}) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
read(r3, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
ioctl$BLKOPENZONE(r3, 0x40101286, 0x0) (async)
openat$mice(0xffffffffffffff9c, 0x0, 0x80082) (async)
write$FUSE_CREATE_OPEN(r4, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0) (async)
openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0) (async)
dup(r5) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r6, 0x0) (async)
ioctl$BLKRRPART(r6, 0x125f, 0x0) (async)

0s ago: executing program 4 (id=6863):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x54)

kernel console output (not intermixed with test programs):

81] ftdi_sio 4-1:255.243: FTDI USB Serial Device converter detected
[  887.133514][  T981] ftdi_sio ttyUSB0: unknown device type: 0x804a
[  887.148024][  T981] usb 4-1: USB disconnect, device number 36
[  887.159709][  T981] ftdi_sio 4-1:255.243: device disconnected
[  887.715907][ T5901] aiptek 5-1:17.0: Aiptek using 400 ms programming speed
[  887.734711][ T5901] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.0/input/input99
[  887.802620][ T5901] usb 5-1: USB disconnect, device number 85
[  887.808643][    C0] aiptek 5-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  888.102979][  T924] gspca_sunplus: reg_r err -71
[  888.107969][  T924] sunplus 1-1:0.0: probe with driver sunplus failed with error -71
[  888.122979][  T924] usb 1-1: USB disconnect, device number 27
[  888.308498][T23718] overlayfs: missing 'workdir'
[  888.807105][T23740] overlayfs: missing 'workdir'
[  889.102350][  T981] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  889.275882][  T981] usb 1-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  889.287599][  T981] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  889.299192][  T981] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  889.313608][  T981] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  889.323483][  T981] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  889.352553][T23742] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  889.757035][T23767] overlayfs: missing 'workdir'
[  890.414864][  T981] aiptek 1-1:17.0: Aiptek using 400 ms programming speed
[  890.442307][  T981] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input100
[  890.503281][  T981] usb 1-1: USB disconnect, device number 28
[  890.503338][    C0] aiptek 1-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  890.807033][T23796] overlayfs: missing 'lowerdir'
[  891.329491][T23818] overlayfs: missing 'lowerdir'
[  891.772821][T23828] FAULT_INJECTION: forcing a failure.
[  891.772821][T23828] name failslab, interval 1, probability 0, space 0, times 0
[  891.787634][T23828] CPU: 0 UID: 0 PID: 23828 Comm: syz.0.6477 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  891.787660][T23828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  891.787672][T23828] Call Trace:
[  891.787680][T23828]  <TASK>
[  891.787689][T23828]  dump_stack_lvl+0x189/0x250
[  891.787715][T23828]  ? __pfx____ratelimit+0x10/0x10
[  891.787745][T23828]  ? __pfx_dump_stack_lvl+0x10/0x10
[  891.787767][T23828]  ? __pfx__printk+0x10/0x10
[  891.787790][T23828]  ? __pfx___might_resched+0x10/0x10
[  891.787813][T23828]  ? fs_reclaim_acquire+0x7d/0x100
[  891.787844][T23828]  should_fail_ex+0x414/0x560
[  891.787873][T23828]  should_failslab+0xa8/0x100
[  891.787900][T23828]  __kmalloc_noprof+0xcb/0x4f0
[  891.787921][T23828]  ? sock_kmalloc+0xd6/0x160
[  891.787953][T23828]  sock_kmalloc+0xd6/0x160
[  891.787981][T23828]  skcipher_recvmsg+0x55c/0x11c0
[  891.788021][T23828]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  891.788046][T23828]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  891.788074][T23828]  ? security_socket_recvmsg+0x7e/0x2e0
[  891.788099][T23828]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  891.788120][T23828]  sock_recvmsg+0x229/0x270
[  891.788143][T23828]  sock_read_iter+0x231/0x2f0
[  891.788174][T23828]  ? __pfx_sock_read_iter+0x10/0x10
[  891.788212][T23828]  ? __pfx_aa_file_perm+0x10/0x10
[  891.788242][T23828]  do_iter_readv_writev+0x56e/0x7f0
[  891.788272][T23828]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  891.788303][T23828]  ? bpf_lsm_file_permission+0x9/0x20
[  891.788321][T23828]  ? security_file_permission+0x75/0x290
[  891.788350][T23828]  ? rw_verify_area+0x258/0x650
[  891.788377][T23828]  vfs_readv+0x253/0x850
[  891.788401][T23828]  ? __pfx_vfs_readv+0x10/0x10
[  891.788433][T23828]  ? __fget_files+0x2a/0x420
[  891.788470][T23828]  ? __fget_files+0x3a0/0x420
[  891.788496][T23828]  ? __fget_files+0x2a/0x420
[  891.788532][T23828]  do_readv+0x14d/0x2d0
[  891.788552][T23828]  ? __pfx_do_readv+0x10/0x10
[  891.788568][T23828]  ? rcu_is_watching+0x15/0xb0
[  891.788594][T23828]  ? do_syscall_64+0xbe/0x3b0
[  891.788617][T23828]  do_syscall_64+0xfa/0x3b0
[  891.788635][T23828]  ? lockdep_hardirqs_on+0x9c/0x150
[  891.788663][T23828]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  891.788682][T23828]  ? clear_bhb_loop+0x60/0xb0
[  891.788705][T23828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  891.788723][T23828] RIP: 0033:0x7f7a1238e929
[  891.788740][T23828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  891.788756][T23828] RSP: 002b:00007f7a1321a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  891.788775][T23828] RAX: ffffffffffffffda RBX: 00007f7a125b5fa0 RCX: 00007f7a1238e929
[  891.788789][T23828] RDX: 0000000000000001 RSI: 00002000000006c0 RDI: 0000000000000004
[  891.788801][T23828] RBP: 00007f7a1321a090 R08: 0000000000000000 R09: 0000000000000000
[  891.788812][T23828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  891.788823][T23828] R13: 0000000000000000 R14: 00007f7a125b5fa0 R15: 00007ffd760370e8
[  891.788851][T23828]  </TASK>
[  892.230270][T23832] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6470'.
[  892.587482][T23842] overlayfs: missing 'lowerdir'
[  892.679784][T23845] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6475'.
[  892.765615][T23849] FAULT_INJECTION: forcing a failure.
[  892.765615][T23849] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  892.785130][T23849] CPU: 1 UID: 0 PID: 23849 Comm: syz.4.6478 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  892.785178][T23849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  892.785192][T23849] Call Trace:
[  892.785202][T23849]  <TASK>
[  892.785212][T23849]  dump_stack_lvl+0x189/0x250
[  892.785242][T23849]  ? __pfx____ratelimit+0x10/0x10
[  892.785276][T23849]  ? __pfx_dump_stack_lvl+0x10/0x10
[  892.785300][T23849]  ? __pfx__printk+0x10/0x10
[  892.785324][T23849]  ? __might_fault+0xb0/0x130
[  892.785361][T23849]  should_fail_ex+0x414/0x560
[  892.785394][T23849]  _copy_from_user+0x2d/0xb0
[  892.785418][T23849]  ipv6_flowlabel_opt+0x11a/0x23a0
[  892.785455][T23849]  ? __lock_acquire+0xab9/0xd20
[  892.785485][T23849]  ? __pfx_ipv6_flowlabel_opt+0x10/0x10
[  892.785519][T23849]  ? register_lock_class+0x51/0x320
[  892.785546][T23849]  ? __lock_acquire+0xab9/0xd20
[  892.785582][T23849]  ? __local_bh_enable_ip+0x12d/0x1c0
[  892.785606][T23849]  ? lockdep_hardirqs_on+0x9c/0x150
[  892.785641][T23849]  ? __local_bh_enable_ip+0x12d/0x1c0
[  892.785679][T23849]  do_ipv6_setsockopt+0xe8a/0x2fb0
[  892.785722][T23849]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  892.785750][T23849]  ? __might_fault+0xb0/0x130
[  892.785778][T23849]  ? _parse_integer_limit+0x1ae/0x1f0
[  892.785810][T23849]  ? aa_label_sk_perm+0x413/0x560
[  892.785838][T23849]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  892.785880][T23849]  ? __pfx___might_resched+0x10/0x10
[  892.785907][T23849]  ? rcu_read_lock_any_held+0xb3/0x120
[  892.785934][T23849]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  892.785964][T23849]  ? vfs_write+0x8d8/0xa90
[  892.786002][T23849]  ipv6_setsockopt+0x59/0x170
[  892.786037][T23849]  rawv6_setsockopt+0x23b/0x5b0
[  892.786068][T23849]  ? __lock_acquire+0xab9/0xd20
[  892.786090][T23849]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  892.786123][T23849]  ? aa_sock_opt_perm+0x74/0x110
[  892.786152][T23849]  ? sock_common_setsockopt+0x36/0xc0
[  892.786175][T23849]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  892.786199][T23849]  do_sock_setsockopt+0x25a/0x3e0
[  892.786231][T23849]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  892.786263][T23849]  ? __fget_files+0x2a/0x420
[  892.786314][T23849]  __x64_sys_setsockopt+0x18b/0x220
[  892.786346][T23849]  do_syscall_64+0xfa/0x3b0
[  892.786376][T23849]  ? lockdep_hardirqs_on+0x9c/0x150
[  892.786403][T23849]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  892.786421][T23849]  ? clear_bhb_loop+0x60/0xb0
[  892.786443][T23849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  892.786460][T23849] RIP: 0033:0x7f57c978e929
[  892.786477][T23849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  892.786493][T23849] RSP: 002b:00007f57c75f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  892.786511][T23849] RAX: ffffffffffffffda RBX: 00007f57c99b5fa0 RCX: 00007f57c978e929
[  892.786525][T23849] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000003
[  892.786536][T23849] RBP: 00007f57c75f6090 R08: 0000000000000020 R09: 0000000000000000
[  892.786546][T23849] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  892.786558][T23849] R13: 0000000000000000 R14: 00007f57c99b5fa0 R15: 00007ffd82a8b868
[  892.786585][T23849]  </TASK>
[  893.242196][  T924] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  893.257716][T23858] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6482'.
[  893.403707][  T924] usb 4-1: Using ep0 maxpacket: 32
[  893.413622][T23865] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  893.422791][T23865] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  893.424054][  T924] usb 4-1: config 255 has an invalid interface number: 243 but max is 0
[  893.452289][  T924] usb 4-1: config 255 has no interface number 0
[  893.458616][  T924] usb 4-1: config 255 interface 243 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[  893.482476][  T924] usb 4-1: config 255 interface 243 altsetting 3 endpoint 0x9 has invalid maxpacket 72, setting to 64
[  893.507823][  T924] usb 4-1: config 255 interface 243 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[  893.522551][  T924] usb 4-1: config 255 interface 243 altsetting 3 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  893.545229][  T924] usb 4-1: config 255 interface 243 has no altsetting 0
[  893.567396][  T924] usb 4-1: New USB device found, idVendor=5050, idProduct=8004, bcdDevice=80.4a
[  893.578644][  T924] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  893.586779][  T924] usb 4-1: Product: Ф
[  893.590885][  T924] usb 4-1: Manufacturer: А
[  893.602171][  T924] usb 4-1: SerialNumber: Э省ᴊ耇加놩瞡琉ᭂ圛慾憵⭏렼㥭謁浿嚜䘧贿訒鳚ඇ㤉㽕龡댭땸⫒
[  893.851874][  T924] ftdi_sio 4-1:255.243: FTDI USB Serial Device converter detected
[  893.861995][  T924] ftdi_sio ttyUSB0: unknown device type: 0x804a
[  893.881897][  T924] usb 4-1: USB disconnect, device number 37
[  893.903647][  T924] ftdi_sio 4-1:255.243: device disconnected
[  894.043298][T23874] FAULT_INJECTION: forcing a failure.
[  894.043298][T23874] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  894.059522][T23874] CPU: 0 UID: 0 PID: 23874 Comm: syz.0.6489 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  894.059547][T23874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  894.059559][T23874] Call Trace:
[  894.059567][T23874]  <TASK>
[  894.059575][T23874]  dump_stack_lvl+0x189/0x250
[  894.059601][T23874]  ? __pfx____ratelimit+0x10/0x10
[  894.059631][T23874]  ? __pfx_dump_stack_lvl+0x10/0x10
[  894.059653][T23874]  ? __pfx__printk+0x10/0x10
[  894.059674][T23874]  ? __might_fault+0xb0/0x130
[  894.059707][T23874]  should_fail_ex+0x414/0x560
[  894.059735][T23874]  _copy_from_user+0x2d/0xb0
[  894.059756][T23874]  ipv6_flowlabel_opt+0x11a/0x23a0
[  894.059787][T23874]  ? __lock_acquire+0xab9/0xd20
[  894.059813][T23874]  ? __pfx_ipv6_flowlabel_opt+0x10/0x10
[  894.059843][T23874]  ? register_lock_class+0x51/0x320
[  894.059866][T23874]  ? __lock_acquire+0xab9/0xd20
[  894.059897][T23874]  ? __local_bh_enable_ip+0x12d/0x1c0
[  894.059919][T23874]  ? lockdep_hardirqs_on+0x9c/0x150
[  894.059948][T23874]  ? __local_bh_enable_ip+0x12d/0x1c0
[  894.059982][T23874]  do_ipv6_setsockopt+0xe8a/0x2fb0
[  894.060018][T23874]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  894.060043][T23874]  ? __might_fault+0xb0/0x130
[  894.060067][T23874]  ? _parse_integer_limit+0x1ae/0x1f0
[  894.060096][T23874]  ? aa_label_sk_perm+0x413/0x560
[  894.060119][T23874]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  894.060155][T23874]  ? __pfx___might_resched+0x10/0x10
[  894.060179][T23874]  ? rcu_read_lock_any_held+0xb3/0x120
[  894.060202][T23874]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  894.060228][T23874]  ? vfs_write+0x8d8/0xa90
[  894.060261][T23874]  ipv6_setsockopt+0x59/0x170
[  894.060292][T23874]  rawv6_setsockopt+0x23b/0x5b0
[  894.060318][T23874]  ? __lock_acquire+0xab9/0xd20
[  894.060338][T23874]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  894.060366][T23874]  ? aa_sock_opt_perm+0x74/0x110
[  894.060386][T23874]  ? sock_common_setsockopt+0x36/0xc0
[  894.060412][T23874]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  894.060434][T23874]  do_sock_setsockopt+0x25a/0x3e0
[  894.060461][T23874]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  894.060489][T23874]  ? __fget_files+0x2a/0x420
[  894.060525][T23874]  __x64_sys_setsockopt+0x18b/0x220
[  894.060554][T23874]  do_syscall_64+0xfa/0x3b0
[  894.060571][T23874]  ? lockdep_hardirqs_on+0x9c/0x150
[  894.060597][T23874]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  894.060614][T23874]  ? clear_bhb_loop+0x60/0xb0
[  894.060635][T23874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  894.060652][T23874] RIP: 0033:0x7f7a1238e929
[  894.060666][T23874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  894.060681][T23874] RSP: 002b:00007f7a1321a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  894.060699][T23874] RAX: ffffffffffffffda RBX: 00007f7a125b5fa0 RCX: 00007f7a1238e929
[  894.060712][T23874] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000004
[  894.060723][T23874] RBP: 00007f7a1321a090 R08: 0000000000000020 R09: 0000000000000000
[  894.060735][T23874] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  894.060746][T23874] R13: 0000000000000000 R14: 00007f7a125b5fa0 R15: 00007ffd760370e8
[  894.060773][T23874]  </TASK>
[  894.609111][T23880] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6491'.
[  894.787705][T23887] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  894.796721][T23887] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  894.899396][T23895] FAULT_INJECTION: forcing a failure.
[  894.899396][T23895] name failslab, interval 1, probability 0, space 0, times 0
[  894.915478][T23895] CPU: 1 UID: 0 PID: 23895 Comm: syz.3.6498 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  894.915503][T23895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  894.915515][T23895] Call Trace:
[  894.915523][T23895]  <TASK>
[  894.915531][T23895]  dump_stack_lvl+0x189/0x250
[  894.915557][T23895]  ? __pfx____ratelimit+0x10/0x10
[  894.915586][T23895]  ? __pfx_dump_stack_lvl+0x10/0x10
[  894.915607][T23895]  ? __pfx__printk+0x10/0x10
[  894.915630][T23895]  ? __pfx___might_resched+0x10/0x10
[  894.915651][T23895]  ? fs_reclaim_acquire+0x7d/0x100
[  894.915680][T23895]  should_fail_ex+0x414/0x560
[  894.915708][T23895]  should_failslab+0xa8/0x100
[  894.915734][T23895]  __kmalloc_noprof+0xcb/0x4f0
[  894.915756][T23895]  ? tomoyo_encode+0x28b/0x550
[  894.915781][T23895]  tomoyo_encode+0x28b/0x550
[  894.915807][T23895]  tomoyo_realpath_from_path+0x58d/0x5d0
[  894.915831][T23895]  ? tomoyo_domain+0xd9/0x130
[  894.915858][T23895]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  894.915886][T23895]  tomoyo_path_number_perm+0x1e8/0x5a0
[  894.915917][T23895]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  894.915960][T23895]  ? __lock_acquire+0xab9/0xd20
[  894.915997][T23895]  ? __fget_files+0x2a/0x420
[  894.916036][T23895]  ? __fget_files+0x2a/0x420
[  894.916061][T23895]  ? __fget_files+0x3a0/0x420
[  894.916087][T23895]  ? __fget_files+0x2a/0x420
[  894.916116][T23895]  security_file_ioctl+0xcb/0x2d0
[  894.916145][T23895]  __se_sys_ioctl+0x47/0x170
[  894.916170][T23895]  do_syscall_64+0xfa/0x3b0
[  894.916187][T23895]  ? lockdep_hardirqs_on+0x9c/0x150
[  894.916214][T23895]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  894.916238][T23895]  ? clear_bhb_loop+0x60/0xb0
[  894.916260][T23895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  894.916277][T23895] RIP: 0033:0x7ff33ed8e929
[  894.916294][T23895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  894.916310][T23895] RSP: 002b:00007ff33cbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  894.916329][T23895] RAX: ffffffffffffffda RBX: 00007ff33efb5fa0 RCX: 00007ff33ed8e929
[  894.916360][T23895] RDX: 0000200000000040 RSI: 0000000000008901 RDI: 0000000000000003
[  894.916372][T23895] RBP: 00007ff33cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  894.916385][T23895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  894.916396][T23895] R13: 0000000000000000 R14: 00007ff33efb5fa0 R15: 00007ffcdf9d6678
[  894.916426][T23895]  </TASK>
[  894.916447][T23895] ERROR: Out of memory at tomoyo_realpath_from_path.
[  895.644576][T23910] overlayfs: missing 'lowerdir'
[  895.736072][T23913] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  895.762239][T23913] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  896.247735][T23935] overlayfs: missing 'lowerdir'
[  896.821323][T23952] FAULT_INJECTION: forcing a failure.
[  896.821323][T23952] name failslab, interval 1, probability 0, space 0, times 0
[  896.838758][T23952] CPU: 1 UID: 0 PID: 23952 Comm: syz.4.6520 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  896.838786][T23952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  896.838799][T23952] Call Trace:
[  896.838808][T23952]  <TASK>
[  896.838817][T23952]  dump_stack_lvl+0x189/0x250
[  896.838845][T23952]  ? __pfx____ratelimit+0x10/0x10
[  896.838878][T23952]  ? __pfx_dump_stack_lvl+0x10/0x10
[  896.838900][T23952]  ? __pfx__printk+0x10/0x10
[  896.838927][T23952]  ? __pfx___might_resched+0x10/0x10
[  896.838956][T23952]  should_fail_ex+0x414/0x560
[  896.838986][T23952]  should_failslab+0xa8/0x100
[  896.839013][T23952]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  896.839039][T23952]  ? __alloc_skb+0x112/0x2d0
[  896.839068][T23952]  __alloc_skb+0x112/0x2d0
[  896.839096][T23952]  netlink_sendmsg+0x5c6/0xb30
[  896.839137][T23952]  ? __pfx_netlink_sendmsg+0x10/0x10
[  896.839166][T23952]  ? aa_sock_msg_perm+0x94/0x160
[  896.839200][T23952]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  896.839228][T23952]  ? __pfx_netlink_sendmsg+0x10/0x10
[  896.839253][T23952]  __sock_sendmsg+0x219/0x270
[  896.839275][T23952]  ____sys_sendmsg+0x505/0x830
[  896.839305][T23952]  ? __pfx_____sys_sendmsg+0x10/0x10
[  896.839339][T23952]  ? import_iovec+0x74/0xa0
[  896.839362][T23952]  ___sys_sendmsg+0x21f/0x2a0
[  896.839389][T23952]  ? __pfx____sys_sendmsg+0x10/0x10
[  896.839447][T23952]  ? __fget_files+0x2a/0x420
[  896.839474][T23952]  ? __fget_files+0x3a0/0x420
[  896.839511][T23952]  __x64_sys_sendmsg+0x19b/0x260
[  896.839539][T23952]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  896.839573][T23952]  ? __pfx_ksys_write+0x10/0x10
[  896.839596][T23952]  ? rcu_is_watching+0x15/0xb0
[  896.839621][T23952]  ? do_syscall_64+0xbe/0x3b0
[  896.839644][T23952]  do_syscall_64+0xfa/0x3b0
[  896.839661][T23952]  ? lockdep_hardirqs_on+0x9c/0x150
[  896.839689][T23952]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  896.839706][T23952]  ? clear_bhb_loop+0x60/0xb0
[  896.839729][T23952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  896.839747][T23952] RIP: 0033:0x7f57c978e929
[  896.839764][T23952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  896.839780][T23952] RSP: 002b:00007f57c75f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  896.839800][T23952] RAX: ffffffffffffffda RBX: 00007f57c99b5fa0 RCX: 00007f57c978e929
[  896.839814][T23952] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  896.839826][T23952] RBP: 00007f57c75f6090 R08: 0000000000000000 R09: 0000000000000000
[  896.839837][T23952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  896.839848][T23952] R13: 0000000000000000 R14: 00007f57c99b5fa0 R15: 00007ffd82a8b868
[  896.839875][T23952]  </TASK>
[  896.902627][  T924] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  897.295173][  T924] usb 1-1: Using ep0 maxpacket: 32
[  897.302860][  T924] usb 1-1: config 0 has an invalid interface number: 202 but max is 0
[  897.312412][  T924] usb 1-1: config 0 has no interface number 0
[  897.318539][  T924] usb 1-1: config 0 interface 202 altsetting 0 endpoint 0x2 has invalid maxpacket 1023, setting to 64
[  897.335245][  T924] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  897.347221][  T924] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  897.355467][  T924] usb 1-1: Product: syz
[  897.359650][  T924] usb 1-1: Manufacturer: syz
[  897.372082][  T924] usb 1-1: SerialNumber: syz
[  897.379423][  T924] usb 1-1: config 0 descriptor??
[  897.403142][  T924] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  897.516874][T23960] overlayfs: missing 'lowerdir'
[  897.693588][ T1117] usb 1-1: Failed to submit usb control message: -71
[  897.694687][  T924] usb 1-1: USB disconnect, device number 29
[  897.710920][ T1117] usb 1-1: unable to send the bmi data to the device: -71
[  897.741748][ T1117] usb 1-1: unable to get target info from device
[  897.762932][ T1117] usb 1-1: could not get target info (-71)
[  897.768811][ T1117] usb 1-1: could not probe fw (-71)
[  898.428375][T23981] overlayfs: missing 'lowerdir'
[  898.587849][T23987] FAULT_INJECTION: forcing a failure.
[  898.587849][T23987] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  898.604059][T23987] CPU: 0 UID: 0 PID: 23987 Comm: syz.0.6534 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  898.604102][T23987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  898.604115][T23987] Call Trace:
[  898.604124][T23987]  <TASK>
[  898.604133][T23987]  dump_stack_lvl+0x189/0x250
[  898.604161][T23987]  ? __pfx____ratelimit+0x10/0x10
[  898.604190][T23987]  ? __pfx_dump_stack_lvl+0x10/0x10
[  898.604209][T23987]  ? __pfx__printk+0x10/0x10
[  898.604227][T23987]  ? __might_fault+0xb0/0x130
[  898.604255][T23987]  should_fail_ex+0x414/0x560
[  898.604280][T23987]  _copy_from_user+0x2d/0xb0
[  898.604298][T23987]  do_tcp_getsockopt+0x1cf/0x2610
[  898.604328][T23987]  ? __pfx_do_tcp_getsockopt+0x10/0x10
[  898.604349][T23987]  ? sock_recv_errqueue+0x450/0x510
[  898.604366][T23987]  ? __might_fault+0xb0/0x130
[  898.604386][T23987]  ? _parse_integer_limit+0x1ae/0x1f0
[  898.604411][T23987]  ? aa_label_sk_perm+0x413/0x560
[  898.604431][T23987]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  898.604467][T23987]  ? __lock_acquire+0xab9/0xd20
[  898.604493][T23987]  ? __might_fault+0xb0/0x130
[  898.604520][T23987]  tcp_getsockopt+0x89/0x130
[  898.604540][T23987]  ? sock_recv_errqueue+0x450/0x510
[  898.604557][T23987]  ? sock_recv_errqueue+0x450/0x510
[  898.604577][T23987]  do_sock_getsockopt+0x35d/0x650
[  898.604601][T23987]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  898.604621][T23987]  ? do_syscall_64+0x40/0x3b0
[  898.604637][T23987]  ? __fget_files+0x3a0/0x420
[  898.604661][T23987]  ? __fget_files+0x2a/0x420
[  898.604691][T23987]  __x64_sys_getsockopt+0x1a5/0x250
[  898.604711][T23987]  ? do_syscall_64+0x40/0x3b0
[  898.604728][T23987]  ? do_syscall_64+0x40/0x3b0
[  898.604761][T23987]  do_syscall_64+0xfa/0x3b0
[  898.604776][T23987]  ? lockdep_hardirqs_on+0x9c/0x150
[  898.604821][T23987]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  898.604837][T23987]  ? clear_bhb_loop+0x60/0xb0
[  898.604858][T23987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  898.604874][T23987] RIP: 0033:0x7f7a1238e929
[  898.604889][T23987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  898.604904][T23987] RSP: 002b:00007f7a1321a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  898.604923][T23987] RAX: ffffffffffffffda RBX: 00007f7a125b5fa0 RCX: 00007f7a1238e929
[  898.604935][T23987] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000004
[  898.604946][T23987] RBP: 00007f7a1321a090 R08: 0000200000000040 R09: 0000000000000000
[  898.604957][T23987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  898.604967][T23987] R13: 0000000000000000 R14: 00007f7a125b5fa0 R15: 00007ffd760370e8
[  898.604997][T23987]  </TASK>
[  899.218684][T24002] overlayfs: missing 'lowerdir'
[  899.440362][T24016] FAULT_INJECTION: forcing a failure.
[  899.440362][T24016] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  899.453932][T24016] CPU: 0 UID: 0 PID: 24016 Comm: syz.1.6546 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  899.453963][T24016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  899.453974][T24016] Call Trace:
[  899.453982][T24016]  <TASK>
[  899.453989][T24016]  dump_stack_lvl+0x189/0x250
[  899.454015][T24016]  ? __pfx____ratelimit+0x10/0x10
[  899.454043][T24016]  ? __pfx_dump_stack_lvl+0x10/0x10
[  899.454080][T24016]  ? __pfx__printk+0x10/0x10
[  899.454103][T24016]  ? __might_fault+0xb0/0x130
[  899.454139][T24016]  should_fail_ex+0x414/0x560
[  899.454171][T24016]  _copy_from_user+0x2d/0xb0
[  899.454193][T24016]  do_sock_getsockopt+0x1cd/0x650
[  899.454224][T24016]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  899.454250][T24016]  ? do_syscall_64+0x40/0x3b0
[  899.454270][T24016]  ? __fget_files+0x3a0/0x420
[  899.454301][T24016]  ? __fget_files+0x2a/0x420
[  899.454339][T24016]  __x64_sys_getsockopt+0x1a5/0x250
[  899.454366][T24016]  ? do_syscall_64+0x40/0x3b0
[  899.454388][T24016]  ? do_syscall_64+0x40/0x3b0
[  899.454413][T24016]  do_syscall_64+0xfa/0x3b0
[  899.454432][T24016]  ? lockdep_hardirqs_on+0x9c/0x150
[  899.454465][T24016]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  899.454487][T24016]  ? clear_bhb_loop+0x60/0xb0
[  899.454512][T24016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  899.454533][T24016] RIP: 0033:0x7f4d15b8e929
[  899.454552][T24016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  899.454571][T24016] RSP: 002b:00007f4d16998038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  899.454594][T24016] RAX: ffffffffffffffda RBX: 00007f4d15db5fa0 RCX: 00007f4d15b8e929
[  899.454610][T24016] RDX: 0000000000000044 RSI: 0000000000000029 RDI: 0000000000000003
[  899.454623][T24016] RBP: 00007f4d16998090 R08: 0000200000000d40 R09: 0000000000000000
[  899.454637][T24016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  899.454649][T24016] R13: 0000000000000000 R14: 00007f4d15db5fa0 R15: 00007fff4e9b6d48
[  899.454680][T24016]  </TASK>
[  899.670938][  T924] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[  899.802336][  T981] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  899.810396][ T5901] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  899.822116][  T924] usb 5-1: Using ep0 maxpacket: 8
[  899.830524][  T924] usb 5-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  899.839640][  T924] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  899.848192][  T924] usb 5-1: Product: syz
[  899.852419][  T924] usb 5-1: Manufacturer: syz
[  899.857027][  T924] usb 5-1: SerialNumber: syz
[  899.863874][  T924] usb 5-1: config 0 descriptor??
[  899.982262][ T5901] usb 4-1: Using ep0 maxpacket: 32
[  899.991758][  T981] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  900.009172][ T5901] usb 4-1: config 255 has an invalid interface number: 243 but max is 0
[  900.018814][ T5901] usb 4-1: config 255 has no interface number 0
[  900.026597][ T5901] usb 4-1: config 255 interface 243 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[  900.038497][ T5901] usb 4-1: config 255 interface 243 altsetting 3 endpoint 0x9 has invalid maxpacket 72, setting to 64
[  900.052216][  T981] usb 1-1: New USB device found, idVendor=0421, idProduct=0007, bcdDevice=b8.51
[  900.061326][  T981] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  900.069532][ T5901] usb 4-1: config 255 interface 243 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[  900.080690][  T981] usb 1-1: Product: syz
[  900.084968][  T981] usb 1-1: Manufacturer: syz
[  900.089642][ T5901] usb 4-1: config 255 interface 243 altsetting 3 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  900.101002][  T981] usb 1-1: SerialNumber: syz
[  900.108359][ T5901] usb 4-1: config 255 interface 243 has no altsetting 0
[  900.116835][  T981] usb 1-1: config 0 descriptor??
[  900.128823][  T981] usb 1-1: bad CDC descriptors
[  900.143870][ T5901] usb 4-1: New USB device found, idVendor=5050, idProduct=8004, bcdDevice=80.4a
[  900.160999][ T5901] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  900.170058][ T5901] usb 4-1: Product: Ф
[  900.174720][ T5901] usb 4-1: Manufacturer: А
[  900.179265][ T5901] usb 4-1: SerialNumber: Э省ᴊ耇加놩瞡琉ᭂ圛慾憵⭏렼㥭謁浿嚜䘧贿訒鳚ඇ㤉㽕龡댭땸⫒
[  900.311047][  T924] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  900.407303][ T5901] ftdi_sio 4-1:255.243: FTDI USB Serial Device converter detected
[  900.416914][ T5901] ftdi_sio ttyUSB0: unknown device type: 0x804a
[  900.431208][ T5901] usb 4-1: USB disconnect, device number 38
[  900.446125][ T5901] ftdi_sio 4-1:255.243: device disconnected
[  900.518395][  T924] gspca_sunplus: reg_w_riv err -71
[  900.525705][  T924] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  900.536290][  T924] usb 5-1: USB disconnect, device number 86
[  900.808081][T24026] overlayfs: missing 'lowerdir'
[  901.228007][T24043] FAULT_INJECTION: forcing a failure.
[  901.228007][T24043] name failslab, interval 1, probability 0, space 0, times 0
[  901.250829][T24043] CPU: 1 UID: 0 PID: 24043 Comm: syz.3.6558 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  901.250858][T24043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  901.250871][T24043] Call Trace:
[  901.250884][T24043]  <TASK>
[  901.250892][T24043]  dump_stack_lvl+0x189/0x250
[  901.250921][T24043]  ? __pfx____ratelimit+0x10/0x10
[  901.250954][T24043]  ? __pfx_dump_stack_lvl+0x10/0x10
[  901.250978][T24043]  ? __pfx__printk+0x10/0x10
[  901.251007][T24043]  ? __pfx___might_resched+0x10/0x10
[  901.251035][T24043]  should_fail_ex+0x414/0x560
[  901.251066][T24043]  should_failslab+0xa8/0x100
[  901.251094][T24043]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  901.251120][T24043]  ? __alloc_skb+0x112/0x2d0
[  901.251149][T24043]  __alloc_skb+0x112/0x2d0
[  901.251178][T24043]  netlink_sendmsg+0x5c6/0xb30
[  901.251213][T24043]  ? __pfx_netlink_sendmsg+0x10/0x10
[  901.251243][T24043]  ? aa_sock_msg_perm+0x94/0x160
[  901.251266][T24043]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  901.251297][T24043]  ? __pfx_netlink_sendmsg+0x10/0x10
[  901.251324][T24043]  __sock_sendmsg+0x219/0x270
[  901.251347][T24043]  ____sys_sendmsg+0x505/0x830
[  901.251380][T24043]  ? __pfx_____sys_sendmsg+0x10/0x10
[  901.251416][T24043]  ? import_iovec+0x74/0xa0
[  901.251441][T24043]  ___sys_sendmsg+0x21f/0x2a0
[  901.251471][T24043]  ? __pfx____sys_sendmsg+0x10/0x10
[  901.251535][T24043]  ? __fget_files+0x2a/0x420
[  901.251564][T24043]  ? __fget_files+0x3a0/0x420
[  901.251614][T24043]  __x64_sys_sendmsg+0x19b/0x260
[  901.251645][T24043]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  901.251682][T24043]  ? __pfx_ksys_write+0x10/0x10
[  901.251706][T24043]  ? rcu_is_watching+0x15/0xb0
[  901.251735][T24043]  ? do_syscall_64+0xbe/0x3b0
[  901.251759][T24043]  do_syscall_64+0xfa/0x3b0
[  901.251778][T24043]  ? lockdep_hardirqs_on+0x9c/0x150
[  901.251809][T24043]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  901.251829][T24043]  ? clear_bhb_loop+0x60/0xb0
[  901.251854][T24043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  901.251873][T24043] RIP: 0033:0x7ff33ed8e929
[  901.251891][T24043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  901.251909][T24043] RSP: 002b:00007ff33cbf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  901.251930][T24043] RAX: ffffffffffffffda RBX: 00007ff33efb5fa0 RCX: 00007ff33ed8e929
[  901.251945][T24043] RDX: 0000000000000080 RSI: 0000200000000280 RDI: 0000000000000003
[  901.251957][T24043] RBP: 00007ff33cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  901.251970][T24043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  901.251981][T24043] R13: 0000000000000000 R14: 00007ff33efb5fa0 R15: 00007ffcdf9d6678
[  901.252010][T24043]  </TASK>
[  901.572374][T24047] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  901.581154][T24047] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  901.645249][T24049] FAULT_INJECTION: forcing a failure.
[  901.645249][T24049] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  901.658580][T24049] CPU: 0 UID: 0 PID: 24049 Comm: syz.3.6560 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  901.658603][T24049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  901.658613][T24049] Call Trace:
[  901.658619][T24049]  <TASK>
[  901.658626][T24049]  dump_stack_lvl+0x189/0x250
[  901.658647][T24049]  ? __pfx____ratelimit+0x10/0x10
[  901.658670][T24049]  ? __pfx_dump_stack_lvl+0x10/0x10
[  901.658687][T24049]  ? __pfx__printk+0x10/0x10
[  901.658703][T24049]  ? __might_fault+0xb0/0x130
[  901.658728][T24049]  should_fail_ex+0x414/0x560
[  901.658750][T24049]  _copy_from_iter+0x1db/0x16f0
[  901.658772][T24049]  ? __lock_acquire+0xab9/0xd20
[  901.658793][T24049]  ? __pfx__copy_from_iter+0x10/0x10
[  901.658826][T24049]  tun_get_user+0x4ce/0x3ce0
[  901.658859][T24049]  ? aa_file_perm+0x11f/0xed0
[  901.658876][T24049]  ? __pfx_tun_get_user+0x10/0x10
[  901.658888][T24049]  ? aa_file_perm+0x11f/0xed0
[  901.658904][T24049]  ? aa_file_perm+0x3e7/0xed0
[  901.658928][T24049]  ? ref_tracker_alloc+0x318/0x460
[  901.658947][T24049]  ? __lock_acquire+0xab9/0xd20
[  901.658962][T24049]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  901.658985][T24049]  ? tun_get+0x1c/0x2f0
[  901.659001][T24049]  ? tun_get+0x1c/0x2f0
[  901.659014][T24049]  ? tun_get+0x1c/0x2f0
[  901.659029][T24049]  tun_chr_write_iter+0x113/0x200
[  901.659054][T24049]  vfs_write+0x548/0xa90
[  901.659077][T24049]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  901.659099][T24049]  ? __pfx_vfs_write+0x10/0x10
[  901.659125][T24049]  ? __fget_files+0x2a/0x420
[  901.659158][T24049]  ksys_write+0x145/0x250
[  901.659187][T24049]  ? __pfx_ksys_write+0x10/0x10
[  901.659211][T24049]  ? rcu_is_watching+0x15/0xb0
[  901.659239][T24049]  ? do_syscall_64+0xbe/0x3b0
[  901.659256][T24049]  do_syscall_64+0xfa/0x3b0
[  901.659270][T24049]  ? lockdep_hardirqs_on+0x9c/0x150
[  901.659292][T24049]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  901.659306][T24049]  ? clear_bhb_loop+0x60/0xb0
[  901.659324][T24049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  901.659338][T24049] RIP: 0033:0x7ff33ed8e929
[  901.659356][T24049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  901.659374][T24049] RSP: 002b:00007ff33cbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  901.659396][T24049] RAX: ffffffffffffffda RBX: 00007ff33efb5fa0 RCX: 00007ff33ed8e929
[  901.659411][T24049] RDX: 000000000000fdef RSI: 0000200000000240 RDI: 0000000000000003
[  901.659424][T24049] RBP: 00007ff33cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  901.659436][T24049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  901.659448][T24049] R13: 0000000000000000 R14: 00007ff33efb5fa0 R15: 00007ffcdf9d6678
[  901.659479][T24049]  </TASK>
[  902.366080][T24062] input: syz0 as /devices/virtual/input/input101
[  902.481227][ T6665] usb 1-1: USB disconnect, device number 30
[  902.562983][T24068] FAULT_INJECTION: forcing a failure.
[  902.562983][T24068] name failslab, interval 1, probability 0, space 0, times 0
[  902.576107][T24068] CPU: 0 UID: 0 PID: 24068 Comm: syz.0.6567 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  902.576134][T24068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  902.576147][T24068] Call Trace:
[  902.576156][T24068]  <TASK>
[  902.576164][T24068]  dump_stack_lvl+0x189/0x250
[  902.576191][T24068]  ? __pfx____ratelimit+0x10/0x10
[  902.576221][T24068]  ? __pfx_dump_stack_lvl+0x10/0x10
[  902.576244][T24068]  ? __pfx__printk+0x10/0x10
[  902.576271][T24068]  ? __pfx___might_resched+0x10/0x10
[  902.576292][T24068]  ? fs_reclaim_acquire+0x7d/0x100
[  902.576325][T24068]  should_fail_ex+0x414/0x560
[  902.576354][T24068]  should_failslab+0xa8/0x100
[  902.576381][T24068]  __kmalloc_noprof+0xcb/0x4f0
[  902.576404][T24068]  ? sock_kmalloc+0xd6/0x160
[  902.576455][T24068]  sock_kmalloc+0xd6/0x160
[  902.576495][T24068]  hash_recvmsg+0x1d4/0x840
[  902.576524][T24068]  ? __pfx_hash_recvmsg+0x10/0x10
[  902.576547][T24068]  sock_recvmsg+0x229/0x270
[  902.576572][T24068]  ____sys_recvmsg+0x1c9/0x460
[  902.576610][T24068]  ? __pfx_____sys_recvmsg+0x10/0x10
[  902.576655][T24068]  ? import_iovec+0x74/0xa0
[  902.576680][T24068]  ___sys_recvmsg+0x1b5/0x510
[  902.576714][T24068]  ? __pfx____sys_recvmsg+0x10/0x10
[  902.576771][T24068]  ? __fget_files+0x3a0/0x420
[  902.576814][T24068]  __x64_sys_recvmsg+0x198/0x260
[  902.576845][T24068]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  902.576885][T24068]  ? __pfx_ksys_write+0x10/0x10
[  902.576909][T24068]  ? rcu_is_watching+0x15/0xb0
[  902.576938][T24068]  ? do_syscall_64+0xbe/0x3b0
[  902.576963][T24068]  do_syscall_64+0xfa/0x3b0
[  902.576981][T24068]  ? lockdep_hardirqs_on+0x9c/0x150
[  902.577013][T24068]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  902.577034][T24068]  ? clear_bhb_loop+0x60/0xb0
[  902.577060][T24068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  902.577079][T24068] RIP: 0033:0x7f7a1238e929
[  902.577097][T24068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  902.577116][T24068] RSP: 002b:00007f7a1321a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  902.577137][T24068] RAX: ffffffffffffffda RBX: 00007f7a125b5fa0 RCX: 00007f7a1238e929
[  902.577152][T24068] RDX: 0000000040010141 RSI: 0000200000000980 RDI: 0000000000000004
[  902.577166][T24068] RBP: 00007f7a1321a090 R08: 0000000000000000 R09: 0000000000000000
[  902.577178][T24068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  902.577191][T24068] R13: 0000000000000000 R14: 00007f7a125b5fa0 R15: 00007ffd760370e8
[  902.577221][T24068]  </TASK>
[  902.610087][T24070] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  902.849045][T24070] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  903.673281][T24099] FAULT_INJECTION: forcing a failure.
[  903.673281][T24099] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  903.689024][T24099] CPU: 0 UID: 0 PID: 24099 Comm: syz.1.6577 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  903.689051][T24099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  903.689064][T24099] Call Trace:
[  903.689073][T24099]  <TASK>
[  903.689082][T24099]  dump_stack_lvl+0x189/0x250
[  903.689112][T24099]  ? __pfx____ratelimit+0x10/0x10
[  903.689145][T24099]  ? __pfx_dump_stack_lvl+0x10/0x10
[  903.689169][T24099]  ? __pfx__printk+0x10/0x10
[  903.689194][T24099]  ? fs_reclaim_acquire+0x7d/0x100
[  903.689222][T24099]  should_fail_ex+0x414/0x560
[  903.689245][T24099]  prepare_alloc_pages+0x213/0x610
[  903.689272][T24099]  __alloc_frozen_pages_noprof+0x123/0x370
[  903.689297][T24099]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  903.689331][T24099]  alloc_pages_mpol+0x232/0x4a0
[  903.689354][T24099]  alloc_pages_noprof+0xa9/0x190
[  903.689374][T24099]  pte_alloc_one+0x21/0x170
[  903.689392][T24099]  __pte_alloc+0x25/0x1a0
[  903.689416][T24099]  __handle_mm_fault+0x4b8a/0x5620
[  903.689447][T24099]  ? __pfx___handle_mm_fault+0x10/0x10
[  903.689490][T24099]  ? follow_page_pte+0xe7e/0x14b0
[  903.689508][T24099]  ? __pfx___might_resched+0x10/0x10
[  903.689526][T24099]  handle_mm_fault+0x40a/0x8e0
[  903.689549][T24099]  __get_user_pages+0x1af4/0x30b0
[  903.689586][T24099]  ? __pfx___get_user_pages+0x10/0x10
[  903.689600][T24099]  ? __gup_longterm_locked+0xbf7/0x15b0
[  903.689625][T24099]  ? down_read_killable+0x1d1/0x350
[  903.689644][T24099]  __gup_longterm_locked+0xd66/0x15b0
[  903.689665][T24099]  ? sanity_check_pinned_pages+0x11cf/0x12c0
[  903.689680][T24099]  ? gup_fast_fallback+0x1afc/0x2260
[  903.689702][T24099]  gup_fast_fallback+0x1cd4/0x2260
[  903.689716][T24099]  ? __pfx___schedule+0x10/0x10
[  903.689751][T24099]  ? preempt_schedule+0xae/0xc0
[  903.689772][T24099]  ? __pfx_gup_fast_fallback+0x10/0x10
[  903.689786][T24099]  ? __local_bh_disable_ip+0xf1/0x190
[  903.689803][T24099]  ? __local_bh_enable_ip+0x12d/0x1c0
[  903.689819][T24099]  ? pin_user_pages_fast+0x4d/0xb0
[  903.689834][T24099]  iov_iter_extract_pages+0x35a/0x5e0
[  903.689854][T24099]  extract_iter_to_sg+0xe46/0x24e0
[  903.689877][T24099]  ? sanity_check_pinned_pages+0x11c8/0x12c0
[  903.689901][T24099]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  903.689926][T24099]  ? unpin_user_page+0xc9/0x1d0
[  903.689942][T24099]  ? __pfx_unpin_user_page+0x10/0x10
[  903.689970][T24099]  ? __asan_memset+0x22/0x50
[  903.689990][T24099]  hash_sendmsg+0x4f4/0x11d0
[  903.690018][T24099]  ? __pfx_hash_sendmsg+0x10/0x10
[  903.690032][T24099]  __sock_sendmsg+0x219/0x270
[  903.690047][T24099]  ____sys_sendmsg+0x52d/0x830
[  903.690069][T24099]  ? __pfx_____sys_sendmsg+0x10/0x10
[  903.690092][T24099]  ? import_iovec+0x74/0xa0
[  903.690107][T24099]  ___sys_sendmsg+0x21f/0x2a0
[  903.690126][T24099]  ? __pfx____sys_sendmsg+0x10/0x10
[  903.690167][T24099]  ? __fget_files+0x2a/0x420
[  903.690186][T24099]  ? __fget_files+0x3a0/0x420
[  903.690212][T24099]  __sys_sendmmsg+0x227/0x430
[  903.690233][T24099]  ? __pfx___sys_sendmmsg+0x10/0x10
[  903.690249][T24099]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  903.690278][T24099]  ? ksys_write+0x22a/0x250
[  903.690297][T24099]  ? __pfx_ksys_write+0x10/0x10
[  903.690312][T24099]  ? rcu_is_watching+0x15/0xb0
[  903.690331][T24099]  __x64_sys_sendmmsg+0xa0/0xc0
[  903.690350][T24099]  do_syscall_64+0xfa/0x3b0
[  903.690362][T24099]  ? lockdep_hardirqs_on+0x9c/0x150
[  903.690382][T24099]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  903.690395][T24099]  ? clear_bhb_loop+0x60/0xb0
[  903.690411][T24099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  903.690424][T24099] RIP: 0033:0x7f4d15b8e929
[  903.690436][T24099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  903.690449][T24099] RSP: 002b:00007f4d16998038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  903.690463][T24099] RAX: ffffffffffffffda RBX: 00007f4d15db5fa0 RCX: 00007f4d15b8e929
[  903.690473][T24099] RDX: 0000000000000001 RSI: 0000200000000640 RDI: 0000000000000004
[  903.690481][T24099] RBP: 00007f4d16998090 R08: 0000000000000000 R09: 0000000000000000
[  903.690489][T24099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  903.690497][T24099] R13: 0000000000000000 R14: 00007f4d15db5fa0 R15: 00007fff4e9b6d48
[  903.690517][T24099]  </TASK>
[  904.360395][T24108] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  904.372767][T24108] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  905.111720][T24128] FAULT_INJECTION: forcing a failure.
[  905.111720][T24128] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  905.128859][T24128] CPU: 0 UID: 0 PID: 24128 Comm: syz.3.6587 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  905.128887][T24128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  905.128900][T24128] Call Trace:
[  905.128909][T24128]  <TASK>
[  905.128917][T24128]  dump_stack_lvl+0x189/0x250
[  905.128946][T24128]  ? __pfx____ratelimit+0x10/0x10
[  905.128978][T24128]  ? __pfx_dump_stack_lvl+0x10/0x10
[  905.129001][T24128]  ? __pfx__printk+0x10/0x10
[  905.129036][T24128]  should_fail_ex+0x414/0x560
[  905.129067][T24128]  _copy_to_user+0x31/0xb0
[  905.129091][T24128]  simple_read_from_buffer+0xe1/0x170
[  905.129124][T24128]  proc_fail_nth_read+0x1df/0x250
[  905.129147][T24128]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  905.129170][T24128]  ? rw_verify_area+0x258/0x650
[  905.129195][T24128]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  905.129216][T24128]  vfs_read+0x1fd/0x980
[  905.129247][T24128]  ? __pfx___mutex_lock+0x10/0x10
[  905.129267][T24128]  ? __pfx_vfs_read+0x10/0x10
[  905.129294][T24128]  ? __fget_files+0x2a/0x420
[  905.129328][T24128]  ? __fget_files+0x3a0/0x420
[  905.129356][T24128]  ? __fget_files+0x2a/0x420
[  905.129394][T24128]  ksys_read+0x145/0x250
[  905.129436][T24128]  ? __pfx_ksys_read+0x10/0x10
[  905.129457][T24128]  ? rcu_is_watching+0x15/0xb0
[  905.129483][T24128]  ? do_syscall_64+0xbe/0x3b0
[  905.129506][T24128]  do_syscall_64+0xfa/0x3b0
[  905.129522][T24128]  ? lockdep_hardirqs_on+0x9c/0x150
[  905.129557][T24128]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  905.129576][T24128]  ? clear_bhb_loop+0x60/0xb0
[  905.129599][T24128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  905.129616][T24128] RIP: 0033:0x7ff33ed8d33c
[  905.129633][T24128] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  905.129648][T24128] RSP: 002b:00007ff33cbf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  905.129668][T24128] RAX: ffffffffffffffda RBX: 00007ff33efb5fa0 RCX: 00007ff33ed8d33c
[  905.129681][T24128] RDX: 000000000000000f RSI: 00007ff33cbf60a0 RDI: 0000000000000006
[  905.129693][T24128] RBP: 00007ff33cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  905.129704][T24128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  905.129715][T24128] R13: 0000000000000000 R14: 00007ff33efb5fa0 R15: 00007ffcdf9d6678
[  905.129743][T24128]  </TASK>
[  905.432144][  T924] usb 1-1: new full-speed USB device number 31 using dummy_hcd
[  905.594407][  T924] usb 1-1: config 0 has an invalid interface number: 168 but max is 0
[  905.602687][  T924] usb 1-1: config 0 has no interface number 0
[  905.608802][  T924] usb 1-1: config 0 interface 168 altsetting 163 has 0 endpoint descriptors, different from the interface descriptor's value: 20
[  905.622149][  T924] usb 1-1: config 0 interface 168 has no altsetting 0
[  905.631505][  T924] usb 1-1: New USB device found, idVendor=13d3, idProduct=3211, bcdDevice=cb.d7
[  905.640780][  T924] usb 1-1: New USB device strings: Mfr=1, Product=18, SerialNumber=3
[  905.649276][  T924] usb 1-1: Product: syz
[  905.653781][  T924] usb 1-1: Manufacturer: syz
[  905.658436][  T924] usb 1-1: SerialNumber: syz
[  905.666341][  T924] usb 1-1: config 0 descriptor??
[  906.336546][T24139] overlayfs: missing 'lowerdir'
[  906.776330][T24141] fuse: Invalid rootmode
[  907.471014][T24161] syz.4.6598: attempt to access beyond end of device
[  907.471014][T24161] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  907.779055][T24168] overlayfs: missing 'lowerdir'
[  907.868447][  T924] usb 1-1: USB disconnect, device number 31
[  908.246505][T24184] fuse: Invalid rootmode
[  908.940174][T24194] fuse: Unknown parameter 'group_i00000000000000000000'
[  909.030861][T24202] overlayfs: missing 'lowerdir'
[  909.332463][ T6665] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[  909.492529][ T6665] usb 5-1: Using ep0 maxpacket: 32
[  909.505118][ T6665] usb 5-1: config 255 has an invalid interface number: 243 but max is 0
[  909.516933][ T6665] usb 5-1: config 255 has no interface number 0
[  909.532122][ T6665] usb 5-1: config 255 interface 243 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[  909.555189][ T6665] usb 5-1: config 255 interface 243 altsetting 3 endpoint 0x9 has invalid maxpacket 72, setting to 64
[  909.572454][ T6665] usb 5-1: config 255 interface 243 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[  909.583982][ T6665] usb 5-1: config 255 interface 243 altsetting 3 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  909.595803][ T6665] usb 5-1: config 255 interface 243 has no altsetting 0
[  909.610372][ T6665] usb 5-1: New USB device found, idVendor=5050, idProduct=8004, bcdDevice=80.4a
[  909.620221][ T6665] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  909.629100][ T6665] usb 5-1: Product: Ф
[  909.633918][ T6665] usb 5-1: Manufacturer: А
[  909.638795][ T6665] usb 5-1: SerialNumber: Э省ᴊ耇加놩瞡琉ᭂ圛慾憵⭏렼㥭謁浿嚜䘧贿訒鳚ඇ㤉㽕龡댭땸⫒
[  909.878533][ T6665] ftdi_sio 5-1:255.243: FTDI USB Serial Device converter detected
[  909.911526][ T6665] ftdi_sio ttyUSB0: unknown device type: 0x804a
[  909.926668][ T6665] usb 5-1: USB disconnect, device number 87
[  909.948010][ T6665] ftdi_sio 5-1:255.243: device disconnected
[  910.150151][T24226] FAULT_INJECTION: forcing a failure.
[  910.150151][T24226] name failslab, interval 1, probability 0, space 0, times 0
[  910.163291][T24226] CPU: 1 UID: 0 PID: 24226 Comm: syz.0.6619 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  910.163319][T24226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  910.163333][T24226] Call Trace:
[  910.163342][T24226]  <TASK>
[  910.163351][T24226]  dump_stack_lvl+0x189/0x250
[  910.163380][T24226]  ? __pfx____ratelimit+0x10/0x10
[  910.163413][T24226]  ? __pfx_dump_stack_lvl+0x10/0x10
[  910.163436][T24226]  ? __pfx__printk+0x10/0x10
[  910.163465][T24226]  ? __pfx___might_resched+0x10/0x10
[  910.163494][T24226]  should_fail_ex+0x414/0x560
[  910.163525][T24226]  should_failslab+0xa8/0x100
[  910.163554][T24226]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  910.163580][T24226]  ? __alloc_skb+0x112/0x2d0
[  910.163609][T24226]  __alloc_skb+0x112/0x2d0
[  910.163638][T24226]  netlink_sendmsg+0x5c6/0xb30
[  910.163674][T24226]  ? __pfx_netlink_sendmsg+0x10/0x10
[  910.163704][T24226]  ? aa_sock_msg_perm+0x94/0x160
[  910.163728][T24226]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  910.163759][T24226]  ? __pfx_netlink_sendmsg+0x10/0x10
[  910.163787][T24226]  __sock_sendmsg+0x219/0x270
[  910.163811][T24226]  ____sys_sendmsg+0x505/0x830
[  910.163844][T24226]  ? __pfx_____sys_sendmsg+0x10/0x10
[  910.163881][T24226]  ? import_iovec+0x74/0xa0
[  910.163905][T24226]  ___sys_sendmsg+0x21f/0x2a0
[  910.163935][T24226]  ? __pfx____sys_sendmsg+0x10/0x10
[  910.164016][T24226]  ? __fget_files+0x2a/0x420
[  910.164049][T24226]  ? __fget_files+0x3a0/0x420
[  910.164108][T24226]  __x64_sys_sendmsg+0x19b/0x260
[  910.164139][T24226]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  910.164178][T24226]  ? __pfx_ksys_write+0x10/0x10
[  910.164204][T24226]  ? rcu_is_watching+0x15/0xb0
[  910.164240][T24226]  ? do_syscall_64+0xbe/0x3b0
[  910.164265][T24226]  do_syscall_64+0xfa/0x3b0
[  910.164285][T24226]  ? lockdep_hardirqs_on+0x9c/0x150
[  910.164316][T24226]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  910.164336][T24226]  ? clear_bhb_loop+0x60/0xb0
[  910.164362][T24226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  910.164382][T24226] RIP: 0033:0x7f7a1238e929
[  910.164401][T24226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  910.164419][T24226] RSP: 002b:00007f7a1321a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  910.164441][T24226] RAX: ffffffffffffffda RBX: 00007f7a125b5fa0 RCX: 00007f7a1238e929
[  910.164457][T24226] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  910.164471][T24226] RBP: 00007f7a1321a090 R08: 0000000000000000 R09: 0000000000000000
[  910.164484][T24226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  910.164497][T24226] R13: 0000000000000000 R14: 00007f7a125b5fa0 R15: 00007ffd760370e8
[  910.164529][T24226]  </TASK>
[  910.439651][    C1] vkms_vblank_simulate: vblank timer overrun
[  910.613180][T24230] FAULT_INJECTION: forcing a failure.
[  910.613180][T24230] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  910.629790][T24230] CPU: 0 UID: 0 PID: 24230 Comm: syz.4.6621 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  910.629820][T24230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  910.629833][T24230] Call Trace:
[  910.629841][T24230]  <TASK>
[  910.629850][T24230]  dump_stack_lvl+0x189/0x250
[  910.629878][T24230]  ? __pfx____ratelimit+0x10/0x10
[  910.629940][T24230]  ? __pfx_dump_stack_lvl+0x10/0x10
[  910.629965][T24230]  ? __pfx__printk+0x10/0x10
[  910.630002][T24230]  should_fail_ex+0x414/0x560
[  910.630035][T24230]  _copy_to_user+0x31/0xb0
[  910.630060][T24230]  simple_read_from_buffer+0xe1/0x170
[  910.630096][T24230]  proc_fail_nth_read+0x1df/0x250
[  910.630122][T24230]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  910.630146][T24230]  ? rw_verify_area+0x258/0x650
[  910.630173][T24230]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  910.630266][T24230]  vfs_read+0x1fd/0x980
[  910.630301][T24230]  ? __pfx___mutex_lock+0x10/0x10
[  910.630322][T24230]  ? __pfx_vfs_read+0x10/0x10
[  910.630349][T24230]  ? __fget_files+0x2a/0x420
[  910.630383][T24230]  ? __fget_files+0x3a0/0x420
[  910.630412][T24230]  ? __fget_files+0x2a/0x420
[  910.630450][T24230]  ksys_read+0x145/0x250
[  910.630474][T24230]  ? __fget_files+0x2a/0x420
[  910.630504][T24230]  ? __pfx_ksys_read+0x10/0x10
[  910.630535][T24230]  ? do_syscall_64+0xbe/0x3b0
[  910.630559][T24230]  do_syscall_64+0xfa/0x3b0
[  910.630577][T24230]  ? lockdep_hardirqs_on+0x9c/0x150
[  910.630607][T24230]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  910.630626][T24230]  ? clear_bhb_loop+0x60/0xb0
[  910.630650][T24230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  910.630669][T24230] RIP: 0033:0x7f57c978d33c
[  910.630687][T24230] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  910.630704][T24230] RSP: 002b:00007f57c75f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  910.630725][T24230] RAX: ffffffffffffffda RBX: 00007f57c99b5fa0 RCX: 00007f57c978d33c
[  910.630741][T24230] RDX: 000000000000000f RSI: 00007f57c75f60a0 RDI: 0000000000000004
[  910.630753][T24230] RBP: 00007f57c75f6090 R08: 0000000000000000 R09: 0000000000000000
[  910.630765][T24230] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  910.630778][T24230] R13: 0000000000000000 R14: 00007f57c99b5fa0 R15: 00007ffd82a8b868
[  910.630808][T24230]  </TASK>
[  911.001307][T24233] FAULT_INJECTION: forcing a failure.
[  911.001307][T24233] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  911.018288][T24233] CPU: 0 UID: 0 PID: 24233 Comm: syz.4.6622 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  911.018319][T24233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  911.018332][T24233] Call Trace:
[  911.018341][T24233]  <TASK>
[  911.018350][T24233]  dump_stack_lvl+0x189/0x250
[  911.018380][T24233]  ? __pfx____ratelimit+0x10/0x10
[  911.018414][T24233]  ? __pfx_dump_stack_lvl+0x10/0x10
[  911.018439][T24233]  ? __pfx__printk+0x10/0x10
[  911.018477][T24233]  should_fail_ex+0x414/0x560
[  911.018509][T24233]  _copy_from_user+0x2d/0xb0
[  911.018532][T24233]  sctp_setsockopt+0x19f/0x1200
[  911.018561][T24233]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  911.018587][T24233]  do_sock_setsockopt+0x25a/0x3e0
[  911.018618][T24233]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  911.018650][T24233]  ? __fget_files+0x2a/0x420
[  911.018691][T24233]  __x64_sys_setsockopt+0x18b/0x220
[  911.018725][T24233]  do_syscall_64+0xfa/0x3b0
[  911.018745][T24233]  ? lockdep_hardirqs_on+0x9c/0x150
[  911.018778][T24233]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  911.018799][T24233]  ? clear_bhb_loop+0x60/0xb0
[  911.018825][T24233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  911.018846][T24233] RIP: 0033:0x7f57c978e929
[  911.018864][T24233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  911.018883][T24233] RSP: 002b:00007f57c75f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  911.018906][T24233] RAX: ffffffffffffffda RBX: 00007f57c99b5fa0 RCX: 00007f57c978e929
[  911.018922][T24233] RDX: 000000000000000c RSI: 0000000000000084 RDI: 0000000000000003
[  911.018935][T24233] RBP: 00007f57c75f6090 R08: 0000000000000004 R09: 0000000000000000
[  911.018948][T24233] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  911.018968][T24233] R13: 0000000000000000 R14: 00007f57c99b5fa0 R15: 00007ffd82a8b868
[  911.018999][T24233]  </TASK>
[  912.257697][T24254] FAULT_INJECTION: forcing a failure.
[  912.257697][T24254] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  912.301796][T24254] CPU: 1 UID: 0 PID: 24254 Comm: syz.4.6629 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  912.301826][T24254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  912.301840][T24254] Call Trace:
[  912.301850][T24254]  <TASK>
[  912.301859][T24254]  dump_stack_lvl+0x189/0x250
[  912.301889][T24254]  ? __pfx____ratelimit+0x10/0x10
[  912.301924][T24254]  ? __pfx_dump_stack_lvl+0x10/0x10
[  912.301948][T24254]  ? __pfx__printk+0x10/0x10
[  912.301986][T24254]  should_fail_ex+0x414/0x560
[  912.302018][T24254]  _copy_from_user+0x2d/0xb0
[  912.302045][T24254]  __copy_msghdr+0x3c5/0x5b0
[  912.302077][T24254]  ___sys_sendmsg+0x1a5/0x2a0
[  912.302107][T24254]  ? __pfx____sys_sendmsg+0x10/0x10
[  912.302180][T24254]  ? __fget_files+0x2a/0x420
[  912.302212][T24254]  ? __fget_files+0x3a0/0x420
[  912.302254][T24254]  __sys_sendmmsg+0x227/0x430
[  912.302289][T24254]  ? __pfx___sys_sendmmsg+0x10/0x10
[  912.302315][T24254]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  912.302364][T24254]  ? ksys_write+0x22a/0x250
[  912.302395][T24254]  ? __pfx_ksys_write+0x10/0x10
[  912.302420][T24254]  ? rcu_is_watching+0x15/0xb0
[  912.302451][T24254]  __x64_sys_sendmmsg+0xa0/0xc0
[  912.302483][T24254]  do_syscall_64+0xfa/0x3b0
[  912.302503][T24254]  ? lockdep_hardirqs_on+0x9c/0x150
[  912.302534][T24254]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  912.302555][T24254]  ? clear_bhb_loop+0x60/0xb0
[  912.302581][T24254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  912.302601][T24254] RIP: 0033:0x7f57c978e929
[  912.302619][T24254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  912.302638][T24254] RSP: 002b:00007f57c75f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  912.302660][T24254] RAX: ffffffffffffffda RBX: 00007f57c99b5fa0 RCX: 00007f57c978e929
[  912.302676][T24254] RDX: 0000000000000003 RSI: 0000200000000cc0 RDI: 0000000000000003
[  912.302689][T24254] RBP: 00007f57c75f6090 R08: 0000000000000000 R09: 0000000000000000
[  912.302702][T24254] R10: 931766f6319eed40 R11: 0000000000000246 R12: 0000000000000001
[  912.302716][T24254] R13: 0000000000000000 R14: 00007f57c99b5fa0 R15: 00007ffd82a8b868
[  912.302747][T24254]  </TASK>
[  912.519614][    C1] vkms_vblank_simulate: vblank timer overrun
[  912.652554][T24256] binder: 24255:24256 ioctl c0306201 200000000540 returned -14
[  912.663686][T24256] loop6: detected capacity change from 0 to 524287999
[  912.705747][T24261] tipc: Started in network mode
[  912.710695][T24261] tipc: Node identity 4, cluster identity 4711
[  912.717293][T24261] tipc: Node number set to 4
[  912.912168][ T5901] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  912.926477][T24267] FAULT_INJECTION: forcing a failure.
[  912.926477][T24267] name failslab, interval 1, probability 0, space 0, times 0
[  912.941177][T24267] CPU: 0 UID: 0 PID: 24267 Comm: syz.4.6635 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  912.941202][T24267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  912.941213][T24267] Call Trace:
[  912.941220][T24267]  <TASK>
[  912.941228][T24267]  dump_stack_lvl+0x189/0x250
[  912.941253][T24267]  ? __pfx____ratelimit+0x10/0x10
[  912.941283][T24267]  ? __pfx_dump_stack_lvl+0x10/0x10
[  912.941303][T24267]  ? __pfx__printk+0x10/0x10
[  912.941329][T24267]  ? __pfx___might_resched+0x10/0x10
[  912.941353][T24267]  should_fail_ex+0x414/0x560
[  912.941381][T24267]  should_failslab+0xa8/0x100
[  912.941406][T24267]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  912.941427][T24267]  ? __alloc_skb+0x112/0x2d0
[  912.941450][T24267]  __alloc_skb+0x112/0x2d0
[  912.941474][T24267]  netlink_sendmsg+0x5c6/0xb30
[  912.941504][T24267]  ? __pfx_netlink_sendmsg+0x10/0x10
[  912.941530][T24267]  ? aa_sock_msg_perm+0x94/0x160
[  912.941550][T24267]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  912.941577][T24267]  ? __pfx_netlink_sendmsg+0x10/0x10
[  912.941600][T24267]  __sock_sendmsg+0x219/0x270
[  912.941621][T24267]  ____sys_sendmsg+0x505/0x830
[  912.941650][T24267]  ? __pfx_____sys_sendmsg+0x10/0x10
[  912.941681][T24267]  ? import_iovec+0x74/0xa0
[  912.941701][T24267]  ___sys_sendmsg+0x21f/0x2a0
[  912.941725][T24267]  ? __pfx____sys_sendmsg+0x10/0x10
[  912.941778][T24267]  ? __fget_files+0x2a/0x420
[  912.941803][T24267]  ? __fget_files+0x3a0/0x420
[  912.941836][T24267]  __x64_sys_sendmsg+0x19b/0x260
[  912.941862][T24267]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  912.941893][T24267]  ? __pfx_ksys_write+0x10/0x10
[  912.941913][T24267]  ? rcu_is_watching+0x15/0xb0
[  912.941954][T24267]  ? do_syscall_64+0xbe/0x3b0
[  912.941975][T24267]  do_syscall_64+0xfa/0x3b0
[  912.941992][T24267]  ? lockdep_hardirqs_on+0x9c/0x150
[  912.942026][T24267]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  912.942047][T24267]  ? clear_bhb_loop+0x60/0xb0
[  912.942070][T24267]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  912.942088][T24267] RIP: 0033:0x7f57c978e929
[  912.942105][T24267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  912.942121][T24267] RSP: 002b:00007f57c75f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  912.942141][T24267] RAX: ffffffffffffffda RBX: 00007f57c99b5fa0 RCX: 00007f57c978e929
[  912.942156][T24267] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 000000000000000b
[  912.942168][T24267] RBP: 00007f57c75f6090 R08: 0000000000000000 R09: 0000000000000000
[  912.942179][T24267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  912.942190][T24267] R13: 0000000000000000 R14: 00007f57c99b5fa0 R15: 00007ffd82a8b868
[  912.942218][T24267]  </TASK>
[  913.295923][ T5901] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  913.309394][ T5901] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  913.317568][ T5901] usb 1-1: Product: syz
[  913.321768][ T5901] usb 1-1: Manufacturer: syz
[  913.324825][T24276] random: crng reseeded on system resumption
[  913.326487][ T5901] usb 1-1: SerialNumber: syz
[  913.350459][ T5901] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  913.386944][T24276] Unrecognized hibernate image header format!
[  913.397113][  T981] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  913.405915][T24276] PM: hibernation: Image mismatch: architecture specific data
[  913.603928][T24258] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  913.619828][T24258] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  913.671746][ T6665] usb 1-1: USB disconnect, device number 32
[  914.036781][T24289] netlink: 348 bytes leftover after parsing attributes in process `syz.0.6641'.
[  914.452411][  T981] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  914.459687][  T981] ath9k_htc: Failed to initialize the device
[  914.472921][ T6665] usb 1-1: ath9k_htc: USB layer deinitialized
[  915.215530][ T6665] hid-generic 0000:0000:0000.0012: item fetching failed at offset 0/1
[  915.258929][ T6665] hid-generic 0000:0000:0000.0012: probe with driver hid-generic failed with error -22
[  915.279849][T24322] FAULT_INJECTION: forcing a failure.
[  915.279849][T24322] name failslab, interval 1, probability 0, space 0, times 0
[  915.313229][T24322] CPU: 0 UID: 0 PID: 24322 Comm: syz.4.6652 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  915.313257][T24322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  915.313270][T24322] Call Trace:
[  915.313279][T24322]  <TASK>
[  915.313287][T24322]  dump_stack_lvl+0x189/0x250
[  915.313314][T24322]  ? __pfx____ratelimit+0x10/0x10
[  915.313346][T24322]  ? __pfx_dump_stack_lvl+0x10/0x10
[  915.313369][T24322]  ? __pfx__printk+0x10/0x10
[  915.313396][T24322]  ? __pfx___might_resched+0x10/0x10
[  915.313424][T24322]  should_fail_ex+0x414/0x560
[  915.313455][T24322]  should_failslab+0xa8/0x100
[  915.313483][T24322]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  915.313508][T24322]  ? __alloc_skb+0x112/0x2d0
[  915.313536][T24322]  __alloc_skb+0x112/0x2d0
[  915.313564][T24322]  netlink_sendmsg+0x5c6/0xb30
[  915.313599][T24322]  ? __pfx_netlink_sendmsg+0x10/0x10
[  915.313628][T24322]  ? aa_sock_msg_perm+0x94/0x160
[  915.313652][T24322]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  915.313682][T24322]  ? __pfx_netlink_sendmsg+0x10/0x10
[  915.313708][T24322]  __sock_sendmsg+0x219/0x270
[  915.313739][T24322]  ____sys_sendmsg+0x505/0x830
[  915.313771][T24322]  ? __pfx_____sys_sendmsg+0x10/0x10
[  915.313807][T24322]  ? import_iovec+0x74/0xa0
[  915.313831][T24322]  ___sys_sendmsg+0x21f/0x2a0
[  915.313860][T24322]  ? __pfx____sys_sendmsg+0x10/0x10
[  915.313922][T24322]  ? __fget_files+0x2a/0x420
[  915.313951][T24322]  ? __fget_files+0x3a0/0x420
[  915.313991][T24322]  __x64_sys_sendmsg+0x19b/0x260
[  915.314020][T24322]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  915.314057][T24322]  ? __pfx_ksys_write+0x10/0x10
[  915.314100][T24322]  ? rcu_is_watching+0x15/0xb0
[  915.314131][T24322]  ? do_syscall_64+0xbe/0x3b0
[  915.314157][T24322]  do_syscall_64+0xfa/0x3b0
[  915.314177][T24322]  ? lockdep_hardirqs_on+0x9c/0x150
[  915.314209][T24322]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  915.314231][T24322]  ? clear_bhb_loop+0x60/0xb0
[  915.314257][T24322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  915.314278][T24322] RIP: 0033:0x7f57c978e929
[  915.314297][T24322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  915.314316][T24322] RSP: 002b:00007f57c75f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  915.314339][T24322] RAX: ffffffffffffffda RBX: 00007f57c99b5fa0 RCX: 00007f57c978e929
[  915.314355][T24322] RDX: 0000000000040000 RSI: 00002000000057c0 RDI: 0000000000000003
[  915.314369][T24322] RBP: 00007f57c75f6090 R08: 0000000000000000 R09: 0000000000000000
[  915.314383][T24322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  915.314395][T24322] R13: 0000000000000000 R14: 00007f57c99b5fa0 R15: 00007ffd82a8b868
[  915.314428][T24322]  </TASK>
[  916.373598][T24329] FAULT_INJECTION: forcing a failure.
[  916.373598][T24329] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  916.422124][T24329] CPU: 1 UID: 0 PID: 24329 Comm: syz.0.6655 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  916.422151][T24329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  916.422162][T24329] Call Trace:
[  916.422171][T24329]  <TASK>
[  916.422178][T24329]  dump_stack_lvl+0x189/0x250
[  916.422201][T24329]  ? __pfx____ratelimit+0x10/0x10
[  916.422229][T24329]  ? __pfx_dump_stack_lvl+0x10/0x10
[  916.422248][T24329]  ? __pfx__printk+0x10/0x10
[  916.422267][T24329]  ? __might_fault+0xb0/0x130
[  916.422298][T24329]  should_fail_ex+0x414/0x560
[  916.422325][T24329]  _copy_from_user+0x2d/0xb0
[  916.422345][T24329]  do_sock_getsockopt+0x1cd/0x650
[  916.422372][T24329]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  916.422396][T24329]  ? do_syscall_64+0x40/0x3b0
[  916.422413][T24329]  ? __fget_files+0x3a0/0x420
[  916.422440][T24329]  ? __fget_files+0x2a/0x420
[  916.422474][T24329]  __x64_sys_getsockopt+0x1a5/0x250
[  916.422498][T24329]  ? do_syscall_64+0x40/0x3b0
[  916.422518][T24329]  ? do_syscall_64+0x40/0x3b0
[  916.422540][T24329]  do_syscall_64+0xfa/0x3b0
[  916.422557][T24329]  ? lockdep_hardirqs_on+0x9c/0x150
[  916.422592][T24329]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  916.422610][T24329]  ? clear_bhb_loop+0x60/0xb0
[  916.422633][T24329]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  916.422652][T24329] RIP: 0033:0x7f7a1238e929
[  916.422669][T24329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  916.422685][T24329] RSP: 002b:00007f7a1321a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  916.422706][T24329] RAX: ffffffffffffffda RBX: 00007f7a125b5fa0 RCX: 00007f7a1238e929
[  916.422719][T24329] RDX: 0000000000000071 RSI: 0000000000000084 RDI: 0000000000000003
[  916.422730][T24329] RBP: 00007f7a1321a090 R08: 0000200000000040 R09: 0000000000000000
[  916.422742][T24329] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  916.422754][T24329] R13: 0000000000000000 R14: 00007f7a125b5fa0 R15: 00007ffd760370e8
[  916.422782][T24329]  </TASK>
[  917.225523][T24340] tmpfs: Bad value for 'grpquota_block_hardlimit'
[  917.462134][T24338] fuse: Unknown parameter 'group_id00000000000000000000'
[  917.601473][T24348] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  923.021734][T24378] fuse: Unknown parameter 'group_id00000000000000000000'
[  923.697396][T24419] fuse: Bad value for 'fd'
[  923.846778][T24421] can0: slcan on ttyS3.
[  923.914212][T24421] can0 (unregistered): slcan off ttyS3.
[  924.100922][T24427] FAULT_INJECTION: forcing a failure.
[  924.100922][T24427] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  924.115492][T24427] CPU: 0 UID: 0 PID: 24427 Comm: syz.0.6691 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  924.115523][T24427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  924.115537][T24427] Call Trace:
[  924.115546][T24427]  <TASK>
[  924.115555][T24427]  dump_stack_lvl+0x189/0x250
[  924.115585][T24427]  ? __pfx____ratelimit+0x10/0x10
[  924.115620][T24427]  ? __pfx_dump_stack_lvl+0x10/0x10
[  924.115645][T24427]  ? __pfx__printk+0x10/0x10
[  924.115683][T24427]  should_fail_ex+0x414/0x560
[  924.115716][T24427]  _copy_to_user+0x31/0xb0
[  924.115741][T24427]  simple_read_from_buffer+0xe1/0x170
[  924.115777][T24427]  proc_fail_nth_read+0x1df/0x250
[  924.115802][T24427]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  924.115826][T24427]  ? rw_verify_area+0x258/0x650
[  924.115853][T24427]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  924.115875][T24427]  vfs_read+0x1fd/0x980
[  924.115907][T24427]  ? __pfx___mutex_lock+0x10/0x10
[  924.115930][T24427]  ? __pfx_vfs_read+0x10/0x10
[  924.115959][T24427]  ? __fget_files+0x2a/0x420
[  924.115995][T24427]  ? __fget_files+0x3a0/0x420
[  924.116026][T24427]  ? __fget_files+0x2a/0x420
[  924.116067][T24427]  ksys_read+0x145/0x250
[  924.116096][T24427]  ? __pfx_ksys_read+0x10/0x10
[  924.116121][T24427]  ? rcu_is_watching+0x15/0xb0
[  924.116151][T24427]  ? do_syscall_64+0xbe/0x3b0
[  924.116177][T24427]  do_syscall_64+0xfa/0x3b0
[  924.116196][T24427]  ? lockdep_hardirqs_on+0x9c/0x150
[  924.116228][T24427]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  924.116249][T24427]  ? clear_bhb_loop+0x60/0xb0
[  924.116275][T24427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  924.116295][T24427] RIP: 0033:0x7f7a1238d33c
[  924.116314][T24427] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  924.116334][T24427] RSP: 002b:00007f7a1321a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  924.116362][T24427] RAX: ffffffffffffffda RBX: 00007f7a125b5fa0 RCX: 00007f7a1238d33c
[  924.116378][T24427] RDX: 000000000000000f RSI: 00007f7a1321a0a0 RDI: 0000000000000003
[  924.116391][T24427] RBP: 00007f7a1321a090 R08: 0000000000000000 R09: 0000000000000000
[  924.116404][T24427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  924.116417][T24427] R13: 0000000000000000 R14: 00007f7a125b5fa0 R15: 00007ffd760370e8
[  924.116449][T24427]  </TASK>
[  924.699211][T24439] netlink: 60 bytes leftover after parsing attributes in process `syz.0.6695'.
[  924.713583][T24435] netlink: 60 bytes leftover after parsing attributes in process `syz.0.6695'.
[  924.726135][T24439] netlink: 60 bytes leftover after parsing attributes in process `syz.0.6695'.
[  926.063500][T24438] fuse: Bad value for 'user_id'
[  926.068865][T24438] fuse: Bad value for 'user_id'
[  927.306678][T24467] FAULT_INJECTION: forcing a failure.
[  927.306678][T24467] name failslab, interval 1, probability 0, space 0, times 0
[  927.380052][T24467] CPU: 1 UID: 0 PID: 24467 Comm: syz.3.6706 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  927.380081][T24467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  927.380106][T24467] Call Trace:
[  927.380114][T24467]  <TASK>
[  927.380122][T24467]  dump_stack_lvl+0x189/0x250
[  927.380148][T24467]  ? __pfx____ratelimit+0x10/0x10
[  927.380176][T24467]  ? __pfx_dump_stack_lvl+0x10/0x10
[  927.380197][T24467]  ? __pfx__printk+0x10/0x10
[  927.380222][T24467]  ? __pfx___might_resched+0x10/0x10
[  927.380242][T24467]  ? fs_reclaim_acquire+0x7d/0x100
[  927.380274][T24467]  should_fail_ex+0x414/0x560
[  927.380301][T24467]  ? xt_alloc_table_info+0x3b/0xa0
[  927.380325][T24467]  should_failslab+0xa8/0x100
[  927.380350][T24467]  __kvmalloc_node_noprof+0x161/0x5f0
[  927.380373][T24467]  ? xt_alloc_table_info+0x3b/0xa0
[  927.380403][T24467]  xt_alloc_table_info+0x3b/0xa0
[  927.380429][T24467]  do_arpt_set_ctl+0x8ae/0xf10
[  927.380459][T24467]  ? __mutex_trylock_common+0x153/0x260
[  927.380485][T24467]  ? __pfx_do_arpt_set_ctl+0x10/0x10
[  927.380514][T24467]  ? rcu_is_watching+0x15/0xb0
[  927.380550][T24467]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  927.380571][T24467]  ? __pfx___mutex_lock+0x10/0x10
[  927.380590][T24467]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  927.380607][T24467]  ? smc_setsockopt+0x181/0xab0
[  927.380636][T24467]  ? __pfx___mutex_lock+0x10/0x10
[  927.380652][T24467]  ? rcu_read_lock_any_held+0xb3/0x120
[  927.380674][T24467]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  927.380699][T24467]  ? vfs_write+0x8d8/0xa90
[  927.380725][T24467]  nf_setsockopt+0x26f/0x290
[  927.380752][T24467]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  927.380776][T24467]  smc_setsockopt+0x22f/0xab0
[  927.380816][T24467]  ? __pfx_smc_setsockopt+0x10/0x10
[  927.380849][T24467]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  927.380866][T24467]  ? __pfx_smc_setsockopt+0x10/0x10
[  927.380896][T24467]  do_sock_setsockopt+0x25a/0x3e0
[  927.380923][T24467]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  927.380952][T24467]  ? __fget_files+0x2a/0x420
[  927.380992][T24467]  __x64_sys_setsockopt+0x18b/0x220
[  927.381022][T24467]  do_syscall_64+0xfa/0x3b0
[  927.381045][T24467]  ? lockdep_hardirqs_on+0x9c/0x150
[  927.381072][T24467]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  927.381090][T24467]  ? clear_bhb_loop+0x60/0xb0
[  927.381113][T24467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  927.381131][T24467] RIP: 0033:0x7ff33ed8e929
[  927.381147][T24467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  927.381181][T24467] RSP: 002b:00007ff33cbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  927.381202][T24467] RAX: ffffffffffffffda RBX: 00007ff33efb5fa0 RCX: 00007ff33ed8e929
[  927.381216][T24467] RDX: 0000000000000060 RSI: 0000000000000000 RDI: 0000000000000003
[  927.381228][T24467] RBP: 00007ff33cbf6090 R08: 00000000000003f8 R09: 0000000000000000
[  927.381239][T24467] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[  927.381262][T24467] R13: 0000000000000000 R14: 00007ff33efb5fa0 R15: 00007ffcdf9d6678
[  927.381290][T24467]  </TASK>
[  927.972234][  T981] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  928.132330][  T981] usb 4-1: Using ep0 maxpacket: 8
[  928.148895][  T981] usb 4-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  928.180936][  T981] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  928.202133][  T981] usb 4-1: Product: syz
[  928.206380][  T981] usb 4-1: Manufacturer: syz
[  928.221632][  T981] usb 4-1: SerialNumber: syz
[  928.243504][  T981] usb 4-1: config 0 descriptor??
[  928.474459][  T981] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  928.617896][T24485] FAULT_INJECTION: forcing a failure.
[  928.617896][T24485] name failslab, interval 1, probability 0, space 0, times 0
[  928.635366][T24485] CPU: 1 UID: 0 PID: 24485 Comm: syz.0.6714 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  928.635395][T24485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  928.635408][T24485] Call Trace:
[  928.635417][T24485]  <TASK>
[  928.635425][T24485]  dump_stack_lvl+0x189/0x250
[  928.635453][T24485]  ? __pfx____ratelimit+0x10/0x10
[  928.635484][T24485]  ? __pfx_dump_stack_lvl+0x10/0x10
[  928.635507][T24485]  ? __pfx__printk+0x10/0x10
[  928.635530][T24485]  ? __pfx___might_resched+0x10/0x10
[  928.635552][T24485]  ? fs_reclaim_acquire+0x7d/0x100
[  928.635584][T24485]  should_fail_ex+0x414/0x560
[  928.635614][T24485]  should_failslab+0xa8/0x100
[  928.635642][T24485]  __kmalloc_noprof+0xcb/0x4f0
[  928.635664][T24485]  ? tomoyo_encode+0x28b/0x550
[  928.635709][T24485]  tomoyo_encode+0x28b/0x550
[  928.635751][T24485]  tomoyo_realpath_from_path+0x58d/0x5d0
[  928.635778][T24485]  ? tomoyo_domain+0xd9/0x130
[  928.635819][T24485]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  928.635863][T24485]  tomoyo_path_number_perm+0x1e8/0x5a0
[  928.635895][T24485]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  928.635937][T24485]  ? __lock_acquire+0xab9/0xd20
[  928.635974][T24485]  ? __fget_files+0x2a/0x420
[  928.636003][T24485]  ? __fget_files+0x2a/0x420
[  928.636029][T24485]  ? __fget_files+0x3a0/0x420
[  928.636055][T24485]  ? __fget_files+0x2a/0x420
[  928.636085][T24485]  security_file_ioctl+0xcb/0x2d0
[  928.636113][T24485]  __se_sys_ioctl+0x47/0x170
[  928.636138][T24485]  do_syscall_64+0xfa/0x3b0
[  928.636155][T24485]  ? lockdep_hardirqs_on+0x9c/0x150
[  928.636183][T24485]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  928.636201][T24485]  ? clear_bhb_loop+0x60/0xb0
[  928.636223][T24485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  928.636241][T24485] RIP: 0033:0x7f7a1238e929
[  928.636257][T24485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  928.636272][T24485] RSP: 002b:00007f7a1321a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  928.636292][T24485] RAX: ffffffffffffffda RBX: 00007f7a125b5fa0 RCX: 00007f7a1238e929
[  928.636306][T24485] RDX: 0000200000000180 RSI: 00000000000089f1 RDI: 0000000000000003
[  928.636318][T24485] RBP: 00007f7a1321a090 R08: 0000000000000000 R09: 0000000000000000
[  928.636329][T24485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  928.636340][T24485] R13: 0000000000000000 R14: 00007f7a125b5fa0 R15: 00007ffd760370e8
[  928.636368][T24485]  </TASK>
[  928.636387][T24485] ERROR: Out of memory at tomoyo_realpath_from_path.
[  929.411542][T24496] x_tables: duplicate underflow at hook 1
[  929.882235][T24490] fuse: Unknown parameter 'use00000000000000000000'
[  930.001260][  T981] gspca_sunplus: reg_r err -71
[  930.006447][  T981] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[  930.022283][  T981] usb 4-1: USB disconnect, device number 39
[  930.365540][T24483] fuse: Bad value for 'user_id'
[  930.370725][T24483] fuse: Bad value for 'user_id'
[  930.790364][T24520] fuse: Unknown parameter 'use00000000000000000000'
[  931.180004][T24530] fuse: Bad value for 'user_id'
[  931.197908][T24530] fuse: Bad value for 'user_id'
[  931.262141][ T5901] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  931.419121][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[  931.426997][ T5901] usb 1-1: Using ep0 maxpacket: 16
[  931.428530][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[  931.444072][ T5901] usb 1-1: config 0 has an invalid interface number: 13 but max is 0
[  931.453136][ T5901] usb 1-1: config 0 has no interface number 0
[  931.459343][ T5901] usb 1-1: config 0 interface 13 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  931.470039][ T5901] usb 1-1: config 0 interface 13 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 64
[  931.497342][ T5901] usb 1-1: New USB device found, idVendor=0e8d, idProduct=00a7, bcdDevice=b5.31
[  931.517995][ T5901] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  931.529408][ T5901] usb 1-1: Product: syz
[  931.533696][ T5901] usb 1-1: Manufacturer: syz
[  931.538493][ T5901] usb 1-1: SerialNumber: syz
[  931.582169][ T5901] usb 1-1: config 0 descriptor??
[  931.588369][T24532] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  931.596336][T24532] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  931.614405][ T5901] option 1-1:0.13: GSM modem (1-port) converter detected
[  931.737210][T24551] FAULT_INJECTION: forcing a failure.
[  931.737210][T24551] name failslab, interval 1, probability 0, space 0, times 0
[  931.752946][T24551] CPU: 0 UID: 0 PID: 24551 Comm: syz.3.6743 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  931.752975][T24551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  931.752987][T24551] Call Trace:
[  931.752996][T24551]  <TASK>
[  931.753005][T24551]  dump_stack_lvl+0x189/0x250
[  931.753033][T24551]  ? __pfx____ratelimit+0x10/0x10
[  931.753065][T24551]  ? __pfx_dump_stack_lvl+0x10/0x10
[  931.753088][T24551]  ? __pfx__printk+0x10/0x10
[  931.753117][T24551]  ? __pfx___might_resched+0x10/0x10
[  931.753145][T24551]  should_fail_ex+0x414/0x560
[  931.753176][T24551]  should_failslab+0xa8/0x100
[  931.753205][T24551]  __kmalloc_noprof+0xcb/0x4f0
[  931.753228][T24551]  ? sock_kmalloc+0xd6/0x160
[  931.753261][T24551]  sock_kmalloc+0xd6/0x160
[  931.753292][T24551]  af_alg_alloc_areq+0x8d/0x260
[  931.753315][T24551]  skcipher_recvmsg+0x356/0x11c0
[  931.753342][T24551]  ? aa_sk_perm+0x81e/0x950
[  931.753374][T24551]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  931.753400][T24551]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  931.753430][T24551]  ? security_socket_recvmsg+0x7e/0x2e0
[  931.753457][T24551]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  931.753480][T24551]  sock_recvmsg+0x229/0x270
[  931.753512][T24551]  ____sys_recvmsg+0x1c9/0x460
[  931.753550][T24551]  ? __pfx_____sys_recvmsg+0x10/0x10
[  931.753594][T24551]  ? import_iovec+0x74/0xa0
[  931.753619][T24551]  ___sys_recvmsg+0x1b5/0x510
[  931.753653][T24551]  ? __pfx____sys_recvmsg+0x10/0x10
[  931.753707][T24551]  ? __fget_files+0x3a0/0x420
[  931.753749][T24551]  __x64_sys_recvmsg+0x198/0x260
[  931.753780][T24551]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  931.753819][T24551]  ? __pfx_ksys_write+0x10/0x10
[  931.753852][T24551]  ? do_syscall_64+0xbe/0x3b0
[  931.753877][T24551]  do_syscall_64+0xfa/0x3b0
[  931.753895][T24551]  ? lockdep_hardirqs_on+0x9c/0x150
[  931.753926][T24551]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  931.753947][T24551]  ? clear_bhb_loop+0x60/0xb0
[  931.753972][T24551]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  931.753992][T24551] RIP: 0033:0x7ff33ed8e929
[  931.754011][T24551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  931.754030][T24551] RSP: 002b:00007ff33cbf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  931.754053][T24551] RAX: ffffffffffffffda RBX: 00007ff33efb5fa0 RCX: 00007ff33ed8e929
[  931.754069][T24551] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000004
[  931.754099][T24551] RBP: 00007ff33cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  931.754113][T24551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  931.754125][T24551] R13: 0000000000000000 R14: 00007ff33efb5fa0 R15: 00007ffcdf9d6678
[  931.754158][T24551]  </TASK>
[  931.819039][   T48] usb 1-1: USB disconnect, device number 33
[  931.819934][    C0] vkms_vblank_simulate: vblank timer overrun
[  931.838938][   T48] option 1-1:0.13: device disconnected
[  932.063312][T24553] sp0: Synchronizing with TNC
[  932.297348][T24566] fuse: Bad value for 'fd'
[  932.354979][   T48] usb 1-1: new full-speed USB device number 34 using dummy_hcd
[  932.525617][   T48] usb 1-1: config 0 has an invalid interface number: 13 but max is 0
[  932.537615][   T48] usb 1-1: config 0 has no interface number 0
[  932.549367][   T48] usb 1-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=b5.38
[  932.558850][   T48] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  932.570162][   T48] usb 1-1: Product: syz
[  932.574541][   T48] usb 1-1: Manufacturer: syz
[  932.579296][   T48] usb 1-1: SerialNumber: syz
[  932.590290][   T48] usb 1-1: config 0 descriptor??
[  932.603907][T24579] FAULT_INJECTION: forcing a failure.
[  932.603907][T24579] name failslab, interval 1, probability 0, space 0, times 0
[  932.620886][T24579] CPU: 0 UID: 0 PID: 24579 Comm: syz.1.6754 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  932.620910][T24579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  932.620922][T24579] Call Trace:
[  932.620929][T24579]  <TASK>
[  932.620936][T24579]  dump_stack_lvl+0x189/0x250
[  932.620961][T24579]  ? __pfx____ratelimit+0x10/0x10
[  932.620991][T24579]  ? __pfx_dump_stack_lvl+0x10/0x10
[  932.621011][T24579]  ? __pfx__printk+0x10/0x10
[  932.621037][T24579]  ? __pfx___might_resched+0x10/0x10
[  932.621062][T24579]  should_fail_ex+0x414/0x560
[  932.621090][T24579]  should_failslab+0xa8/0x100
[  932.621115][T24579]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  932.621139][T24579]  ? __alloc_skb+0x112/0x2d0
[  932.621164][T24579]  __alloc_skb+0x112/0x2d0
[  932.621186][T24579]  netlink_sendmsg+0x5c6/0xb30
[  932.621208][T24579]  ? __pfx_netlink_sendmsg+0x10/0x10
[  932.621226][T24579]  ? aa_sock_msg_perm+0x94/0x160
[  932.621241][T24579]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  932.621260][T24579]  ? __pfx_netlink_sendmsg+0x10/0x10
[  932.621277][T24579]  __sock_sendmsg+0x219/0x270
[  932.621291][T24579]  ____sys_sendmsg+0x505/0x830
[  932.621311][T24579]  ? __pfx_____sys_sendmsg+0x10/0x10
[  932.621334][T24579]  ? import_iovec+0x74/0xa0
[  932.621349][T24579]  ___sys_sendmsg+0x21f/0x2a0
[  932.621367][T24579]  ? __pfx____sys_sendmsg+0x10/0x10
[  932.621405][T24579]  ? __fget_files+0x2a/0x420
[  932.621423][T24579]  ? __fget_files+0x3a0/0x420
[  932.621448][T24579]  __x64_sys_sendmsg+0x19b/0x260
[  932.621478][T24579]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  932.621501][T24579]  ? __pfx_ksys_write+0x10/0x10
[  932.621517][T24579]  ? rcu_is_watching+0x15/0xb0
[  932.621535][T24579]  ? do_syscall_64+0xbe/0x3b0
[  932.621550][T24579]  do_syscall_64+0xfa/0x3b0
[  932.621562][T24579]  ? lockdep_hardirqs_on+0x9c/0x150
[  932.621581][T24579]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  932.621610][T24579]  ? clear_bhb_loop+0x60/0xb0
[  932.621627][T24579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  932.621640][T24579] RIP: 0033:0x7f4d15b8e929
[  932.621652][T24579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  932.621664][T24579] RSP: 002b:00007f4d16998038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  932.621678][T24579] RAX: ffffffffffffffda RBX: 00007f4d15db5fa0 RCX: 00007f4d15b8e929
[  932.621688][T24579] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  932.621697][T24579] RBP: 00007f4d16998090 R08: 0000000000000000 R09: 0000000000000000
[  932.621706][T24579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  932.621714][T24579] R13: 0000000000000000 R14: 00007f4d15db5fa0 R15: 00007fff4e9b6d48
[  932.621735][T24579]  </TASK>
[  932.889311][    C0] vkms_vblank_simulate: vblank timer overrun
[  932.935581][   T48] usb 1-1: USB disconnect, device number 34
[  933.260607][T24585] fuse: Bad value for 'fd'
[  933.553955][T24602] FAULT_INJECTION: forcing a failure.
[  933.553955][T24602] name failslab, interval 1, probability 0, space 0, times 0
[  933.569254][T24602] CPU: 1 UID: 0 PID: 24602 Comm: syz.0.6762 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  933.569278][T24602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  933.569290][T24602] Call Trace:
[  933.569298][T24602]  <TASK>
[  933.569306][T24602]  dump_stack_lvl+0x189/0x250
[  933.569330][T24602]  ? __pfx____ratelimit+0x10/0x10
[  933.569359][T24602]  ? __pfx_dump_stack_lvl+0x10/0x10
[  933.569380][T24602]  ? __pfx__printk+0x10/0x10
[  933.569403][T24602]  ? __pfx___might_resched+0x10/0x10
[  933.569432][T24602]  ? fs_reclaim_acquire+0x7d/0x100
[  933.569461][T24602]  should_fail_ex+0x414/0x560
[  933.569488][T24602]  should_failslab+0xa8/0x100
[  933.569514][T24602]  __kmalloc_noprof+0xcb/0x4f0
[  933.569535][T24602]  ? tomoyo_encode+0x28b/0x550
[  933.569561][T24602]  tomoyo_encode+0x28b/0x550
[  933.569587][T24602]  tomoyo_realpath_from_path+0x58d/0x5d0
[  933.569611][T24602]  ? tomoyo_domain+0xd9/0x130
[  933.569637][T24602]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  933.569666][T24602]  tomoyo_path_number_perm+0x1e8/0x5a0
[  933.569697][T24602]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  933.569739][T24602]  ? __lock_acquire+0xab9/0xd20
[  933.569776][T24602]  ? __fget_files+0x2a/0x420
[  933.569803][T24602]  ? __fget_files+0x2a/0x420
[  933.569827][T24602]  ? __fget_files+0x3a0/0x420
[  933.569852][T24602]  ? __fget_files+0x2a/0x420
[  933.569882][T24602]  security_file_ioctl+0xcb/0x2d0
[  933.569911][T24602]  __se_sys_ioctl+0x47/0x170
[  933.569935][T24602]  do_syscall_64+0xfa/0x3b0
[  933.569952][T24602]  ? lockdep_hardirqs_on+0x9c/0x150
[  933.569978][T24602]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  933.569996][T24602]  ? clear_bhb_loop+0x60/0xb0
[  933.570017][T24602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  933.570035][T24602] RIP: 0033:0x7f7a1238e929
[  933.570051][T24602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  933.570066][T24602] RSP: 002b:00007f7a1321a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  933.570085][T24602] RAX: ffffffffffffffda RBX: 00007f7a125b5fa0 RCX: 00007f7a1238e929
[  933.570098][T24602] RDX: 00002000000002c0 RSI: 00000000000089f1 RDI: 0000000000000003
[  933.570110][T24602] RBP: 00007f7a1321a090 R08: 0000000000000000 R09: 0000000000000000
[  933.570121][T24602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  933.570132][T24602] R13: 0000000000000000 R14: 00007f7a125b5fa0 R15: 00007ffd760370e8
[  933.570160][T24602]  </TASK>
[  933.570178][T24602] ERROR: Out of memory at tomoyo_realpath_from_path.
[  934.120521][T24615] fuse: Bad value for 'fd'
[  934.172212][  T981] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[  934.291988][T24625] FAULT_INJECTION: forcing a failure.
[  934.291988][T24625] name failslab, interval 1, probability 0, space 0, times 0
[  934.305125][T24625] CPU: 0 UID: 0 PID: 24625 Comm: syz.1.6770 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  934.305160][T24625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  934.305172][T24625] Call Trace:
[  934.305179][T24625]  <TASK>
[  934.305187][T24625]  dump_stack_lvl+0x189/0x250
[  934.305211][T24625]  ? __pfx____ratelimit+0x10/0x10
[  934.305239][T24625]  ? __pfx_dump_stack_lvl+0x10/0x10
[  934.305259][T24625]  ? __pfx__printk+0x10/0x10
[  934.305282][T24625]  ? __pfx___might_resched+0x10/0x10
[  934.305301][T24625]  ? fs_reclaim_acquire+0x7d/0x100
[  934.305330][T24625]  should_fail_ex+0x414/0x560
[  934.305367][T24625]  ? __pfx_pidfs_alloc_inode+0x10/0x10
[  934.305389][T24625]  should_failslab+0xa8/0x100
[  934.305411][T24625]  ? __pfx_pidfs_alloc_inode+0x10/0x10
[  934.305432][T24625]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[  934.305451][T24625]  ? pidfs_alloc_inode+0x28/0x90
[  934.305476][T24625]  ? __pfx_pidfs_alloc_inode+0x10/0x10
[  934.305497][T24625]  pidfs_alloc_inode+0x28/0x90
[  934.305518][T24625]  alloc_inode+0x67/0x1b0
[  934.305543][T24625]  path_from_stashed+0x299/0x8f0
[  934.305573][T24625]  ? __pfx___might_resched+0x10/0x10
[  934.305607][T24625]  ? __pfx_path_from_stashed+0x10/0x10
[  934.305640][T24625]  pidfs_register_pid+0x108/0x1b0
[  934.305661][T24625]  ? __pfx_pidfs_register_pid+0x10/0x10
[  934.305682][T24625]  ? __pfx_aa_sk_perm+0x10/0x10
[  934.305708][T24625]  ? __fget_files+0x2a/0x420
[  934.305746][T24625]  unix_listen+0x10a/0x530
[  934.305770][T24625]  __x64_sys_listen+0x1c7/0x240
[  934.305790][T24625]  do_syscall_64+0xfa/0x3b0
[  934.305804][T24625]  ? lockdep_hardirqs_on+0x9c/0x150
[  934.305828][T24625]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  934.305843][T24625]  ? clear_bhb_loop+0x60/0xb0
[  934.305861][T24625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  934.305876][T24625] RIP: 0033:0x7f4d15b8e929
[  934.305889][T24625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  934.305902][T24625] RSP: 002b:00007f4d16998038 EFLAGS: 00000246 ORIG_RAX: 0000000000000032
[  934.305918][T24625] RAX: ffffffffffffffda RBX: 00007f4d15db5fa0 RCX: 00007f4d15b8e929
[  934.305930][T24625] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  934.305939][T24625] RBP: 00007f4d16998090 R08: 0000000000000000 R09: 0000000000000000
[  934.305949][T24625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  934.305958][T24625] R13: 0000000000000000 R14: 00007f4d15db5fa0 R15: 00007fff4e9b6d48
[  934.305981][T24625]  </TASK>
[  934.562285][    C0] vkms_vblank_simulate: vblank timer overrun
[  934.573948][  T981] usb 5-1: Using ep0 maxpacket: 32
[  934.581137][  T981] usb 5-1: unable to get BOS descriptor or descriptor too short
[  934.591373][  T981] usb 5-1: config 1 interface 0 altsetting 5 bulk endpoint 0x82 has invalid maxpacket 24
[  934.601743][  T981] usb 5-1: config 1 interface 0 altsetting 5 bulk endpoint 0x3 has invalid maxpacket 1023
[  934.611749][  T981] usb 5-1: config 1 interface 0 has no altsetting 0
[  934.621531][  T981] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  934.630705][  T981] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  934.638766][  T981] usb 5-1: Product: syz
[  934.642982][  T981] usb 5-1: Manufacturer: syz
[  934.647607][  T981] usb 5-1: SerialNumber: syz
[  934.657138][T24612] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  934.665104][T24612] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  934.936519][T24636] tmpfs: Unknown parameter 'usrquota#���O�uO5g������>`���w>����[���s*x�z�jg{4�?�"E�f�V./file1'
[  935.191430][T24643] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6777'.
[  935.372158][ T5894] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  935.522130][ T5894] usb 4-1: Using ep0 maxpacket: 16
[  935.528988][ T5894] usb 4-1: config 0 has no interfaces?
[  935.536765][ T5894] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  935.545930][ T5894] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  935.554055][ T5894] usb 4-1: Product: syz
[  935.558310][ T5894] usb 4-1: Manufacturer: syz
[  935.563213][ T5894] usb 4-1: SerialNumber: syz
[  935.570803][ T5894] usb 4-1: config 0 descriptor??
[  935.571501][  T981] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71
[  935.609380][  T981] usb 5-1: USB disconnect, device number 88
[  935.793639][ T5894] usb 4-1: USB disconnect, device number 40
[  936.073552][ T6665] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[  936.232140][ T6665] usb 5-1: Using ep0 maxpacket: 8
[  936.240839][ T6665] usb 5-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  936.250057][ T6665] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  936.258200][ T6665] usb 5-1: Product: syz
[  936.262522][ T6665] usb 5-1: Manufacturer: syz
[  936.267144][ T6665] usb 5-1: SerialNumber: syz
[  936.274487][ T6665] usb 5-1: config 0 descriptor??
[  936.491745][ T6665] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  936.617830][T24672] FAULT_INJECTION: forcing a failure.
[  936.617830][T24672] name failslab, interval 1, probability 0, space 0, times 0
[  936.633776][T24672] CPU: 0 UID: 0 PID: 24672 Comm: syz.3.6790 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  936.633804][T24672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  936.633816][T24672] Call Trace:
[  936.633825][T24672]  <TASK>
[  936.633833][T24672]  dump_stack_lvl+0x189/0x250
[  936.633859][T24672]  ? __pfx____ratelimit+0x10/0x10
[  936.633889][T24672]  ? __pfx_dump_stack_lvl+0x10/0x10
[  936.633911][T24672]  ? __pfx__printk+0x10/0x10
[  936.633937][T24672]  ? __pfx___might_resched+0x10/0x10
[  936.633965][T24672]  should_fail_ex+0x414/0x560
[  936.633993][T24672]  should_failslab+0xa8/0x100
[  936.634042][T24672]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  936.634068][T24672]  ? __alloc_skb+0x112/0x2d0
[  936.634097][T24672]  __alloc_skb+0x112/0x2d0
[  936.634126][T24672]  netlink_sendmsg+0x5c6/0xb30
[  936.634179][T24672]  ? __pfx_netlink_sendmsg+0x10/0x10
[  936.634210][T24672]  ? aa_sock_msg_perm+0x94/0x160
[  936.634240][T24672]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  936.634273][T24672]  ? __pfx_netlink_sendmsg+0x10/0x10
[  936.634300][T24672]  __sock_sendmsg+0x219/0x270
[  936.634325][T24672]  ____sys_sendmsg+0x505/0x830
[  936.634358][T24672]  ? __pfx_____sys_sendmsg+0x10/0x10
[  936.634397][T24672]  ? import_iovec+0x74/0xa0
[  936.634422][T24672]  ___sys_sendmsg+0x21f/0x2a0
[  936.634453][T24672]  ? __pfx____sys_sendmsg+0x10/0x10
[  936.634520][T24672]  ? __fget_files+0x2a/0x420
[  936.634552][T24672]  ? __fget_files+0x3a0/0x420
[  936.634594][T24672]  __x64_sys_sendmsg+0x19b/0x260
[  936.634626][T24672]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  936.634666][T24672]  ? __pfx_ksys_write+0x10/0x10
[  936.634691][T24672]  ? rcu_is_watching+0x15/0xb0
[  936.634720][T24672]  ? do_syscall_64+0xbe/0x3b0
[  936.634745][T24672]  do_syscall_64+0xfa/0x3b0
[  936.634764][T24672]  ? lockdep_hardirqs_on+0x9c/0x150
[  936.634796][T24672]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  936.634817][T24672]  ? clear_bhb_loop+0x60/0xb0
[  936.634843][T24672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  936.634863][T24672] RIP: 0033:0x7ff33ed8e929
[  936.634882][T24672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  936.634900][T24672] RSP: 002b:00007ff33cbf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  936.634922][T24672] RAX: ffffffffffffffda RBX: 00007ff33efb5fa0 RCX: 00007ff33ed8e929
[  936.634938][T24672] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000003
[  936.634954][T24672] RBP: 00007ff33cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  936.634968][T24672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  936.634980][T24672] R13: 0000000000000000 R14: 00007ff33efb5fa0 R15: 00007ffcdf9d6678
[  936.635013][T24672]  </TASK>
[  938.036953][T24690] FAULT_INJECTION: forcing a failure.
[  938.036953][T24690] name failslab, interval 1, probability 0, space 0, times 0
[  938.052519][T24690] CPU: 0 UID: 0 PID: 24690 Comm: syz.0.6798 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  938.052544][T24690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  938.052556][T24690] Call Trace:
[  938.052563][T24690]  <TASK>
[  938.052571][T24690]  dump_stack_lvl+0x189/0x250
[  938.052597][T24690]  ? __pfx____ratelimit+0x10/0x10
[  938.052626][T24690]  ? __pfx_dump_stack_lvl+0x10/0x10
[  938.052647][T24690]  ? __pfx__printk+0x10/0x10
[  938.052672][T24690]  ? __pfx___might_resched+0x10/0x10
[  938.052692][T24690]  ? fs_reclaim_acquire+0x7d/0x100
[  938.052722][T24690]  should_fail_ex+0x414/0x560
[  938.052749][T24690]  should_failslab+0xa8/0x100
[  938.052774][T24690]  kmem_cache_alloc_noprof+0x73/0x3c0
[  938.052794][T24690]  ? security_inode_alloc+0x39/0x330
[  938.052819][T24690]  security_inode_alloc+0x39/0x330
[  938.052842][T24690]  inode_init_always_gfp+0x9ed/0xdc0
[  938.052874][T24690]  ? __pfx_sock_alloc_inode+0x10/0x10
[  938.052891][T24690]  alloc_inode+0x82/0x1b0
[  938.052917][T24690]  __sock_create+0x12d/0x9f0
[  938.052944][T24690]  __sys_socket+0xd7/0x1b0
[  938.052966][T24690]  __x64_sys_socket+0x7a/0x90
[  938.052986][T24690]  do_syscall_64+0xfa/0x3b0
[  938.053004][T24690]  ? lockdep_hardirqs_on+0x9c/0x150
[  938.053030][T24690]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  938.053048][T24690]  ? clear_bhb_loop+0x60/0xb0
[  938.053084][T24690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  938.053101][T24690] RIP: 0033:0x7f7a1238e929
[  938.053117][T24690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  938.053133][T24690] RSP: 002b:00007f7a1321a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  938.053152][T24690] RAX: ffffffffffffffda RBX: 00007f7a125b5fa0 RCX: 00007f7a1238e929
[  938.053165][T24690] RDX: 0000000000000004 RSI: 0000000000000002 RDI: 0000000000000022
[  938.053176][T24690] RBP: 00007f7a1321a090 R08: 0000000000000000 R09: 0000000000000000
[  938.053187][T24690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  938.053198][T24690] R13: 0000000000000001 R14: 00007f7a125b5fa0 R15: 00007ffd760370e8
[  938.053224][T24690]  </TASK>
[  938.053251][T24690] socket: no more sockets
[  938.131164][ T6665] gspca_sunplus: reg_r err -71
[  938.287857][ T6665] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  938.299191][ T6665] usb 5-1: USB disconnect, device number 89
[  938.379005][T24699] FAULT_INJECTION: forcing a failure.
[  938.379005][T24699] name failslab, interval 1, probability 0, space 0, times 0
[  938.391904][T24699] CPU: 0 UID: 0 PID: 24699 Comm: syz.3.6802 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  938.391927][T24699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  938.391939][T24699] Call Trace:
[  938.391947][T24699]  <TASK>
[  938.391954][T24699]  dump_stack_lvl+0x189/0x250
[  938.391979][T24699]  ? __pfx____ratelimit+0x10/0x10
[  938.392007][T24699]  ? __pfx_dump_stack_lvl+0x10/0x10
[  938.392031][T24699]  ? __pfx__printk+0x10/0x10
[  938.392056][T24699]  ? __pfx___might_resched+0x10/0x10
[  938.392081][T24699]  should_fail_ex+0x414/0x560
[  938.392108][T24699]  should_failslab+0xa8/0x100
[  938.392134][T24699]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  938.392157][T24699]  ? __alloc_skb+0x112/0x2d0
[  938.392183][T24699]  __alloc_skb+0x112/0x2d0
[  938.392206][T24699]  netlink_sendmsg+0x5c6/0xb30
[  938.392238][T24699]  ? __pfx_netlink_sendmsg+0x10/0x10
[  938.392264][T24699]  ? aa_sock_msg_perm+0x94/0x160
[  938.392285][T24699]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  938.392317][T24699]  ? __pfx_netlink_sendmsg+0x10/0x10
[  938.392340][T24699]  __sock_sendmsg+0x219/0x270
[  938.392361][T24699]  ____sys_sendmsg+0x505/0x830
[  938.392390][T24699]  ? __pfx_____sys_sendmsg+0x10/0x10
[  938.392421][T24699]  ? import_iovec+0x74/0xa0
[  938.392443][T24699]  ___sys_sendmsg+0x21f/0x2a0
[  938.392468][T24699]  ? __pfx____sys_sendmsg+0x10/0x10
[  938.392525][T24699]  ? __fget_files+0x2a/0x420
[  938.392550][T24699]  ? __fget_files+0x3a0/0x420
[  938.392585][T24699]  __x64_sys_sendmsg+0x19b/0x260
[  938.392611][T24699]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  938.392644][T24699]  ? __pfx_ksys_write+0x10/0x10
[  938.392665][T24699]  ? rcu_is_watching+0x15/0xb0
[  938.392690][T24699]  ? do_syscall_64+0xbe/0x3b0
[  938.392712][T24699]  do_syscall_64+0xfa/0x3b0
[  938.392728][T24699]  ? lockdep_hardirqs_on+0x9c/0x150
[  938.392755][T24699]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  938.392773][T24699]  ? clear_bhb_loop+0x60/0xb0
[  938.392795][T24699]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  938.392812][T24699] RIP: 0033:0x7ff33ed8e929
[  938.392828][T24699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  938.392843][T24699] RSP: 002b:00007ff33cbf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  938.392862][T24699] RAX: ffffffffffffffda RBX: 00007ff33efb5fa0 RCX: 00007ff33ed8e929
[  938.392875][T24699] RDX: 0000000000000080 RSI: 0000200000000100 RDI: 0000000000000003
[  938.392887][T24699] RBP: 00007ff33cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  938.392899][T24699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  938.392910][T24699] R13: 0000000000000000 R14: 00007ff33efb5fa0 R15: 00007ffcdf9d6678
[  938.392937][T24699]  </TASK>
[  939.319986][T24712] FAULT_INJECTION: forcing a failure.
[  939.319986][T24712] name failslab, interval 1, probability 0, space 0, times 0
[  939.336175][T24712] CPU: 1 UID: 0 PID: 24712 Comm: syz.0.6808 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  939.336194][T24712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  939.336202][T24712] Call Trace:
[  939.336208][T24712]  <TASK>
[  939.336214][T24712]  dump_stack_lvl+0x189/0x250
[  939.336235][T24712]  ? __pfx____ratelimit+0x10/0x10
[  939.336256][T24712]  ? __pfx_dump_stack_lvl+0x10/0x10
[  939.336271][T24712]  ? __pfx__printk+0x10/0x10
[  939.336289][T24712]  ? __pfx___might_resched+0x10/0x10
[  939.336307][T24712]  should_fail_ex+0x414/0x560
[  939.336327][T24712]  should_failslab+0xa8/0x100
[  939.336345][T24712]  __kmalloc_cache_noprof+0x70/0x3d0
[  939.336361][T24712]  ? sctp_association_new+0x89/0x25f0
[  939.336382][T24712]  sctp_association_new+0x89/0x25f0
[  939.336401][T24712]  ? sctp_has_association+0x1cd/0x1f0
[  939.336420][T24712]  ? sctp_has_association+0x2f/0x1f0
[  939.336440][T24712]  ? __ipv6_addr_type+0x247/0x2f0
[  939.336454][T24712]  sctp_connect_new_asoc+0x2c5/0x690
[  939.336474][T24712]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  939.336492][T24712]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  939.336509][T24712]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  939.336524][T24712]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  939.336541][T24712]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  939.336554][T24712]  ? security_sctp_bind_connect+0x7e/0x2e0
[  939.336575][T24712]  sctp_sendmsg+0x155c/0x2810
[  939.336603][T24712]  ? __pfx_sctp_sendmsg+0x10/0x10
[  939.336622][T24712]  ? aa_sk_perm+0x81e/0x950
[  939.336638][T24712]  ? __pfx_aa_sk_perm+0x10/0x10
[  939.336660][T24712]  ? sock_rps_record_flow+0x19/0x410
[  939.336675][T24712]  ? inet_sendmsg+0x2f4/0x370
[  939.336687][T24712]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  939.336708][T24712]  __sock_sendmsg+0x19c/0x270
[  939.336724][T24712]  __sys_sendto+0x3bd/0x520
[  939.336741][T24712]  ? __pfx___sys_sendto+0x10/0x10
[  939.336754][T24712]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  939.336775][T24712]  ? __fget_files+0x3a0/0x420
[  939.336801][T24712]  ? ksys_write+0x22a/0x250
[  939.336819][T24712]  ? __pfx_ksys_write+0x10/0x10
[  939.336834][T24712]  ? rcu_is_watching+0x15/0xb0
[  939.336852][T24712]  __x64_sys_sendto+0xde/0x100
[  939.336869][T24712]  do_syscall_64+0xfa/0x3b0
[  939.336881][T24712]  ? lockdep_hardirqs_on+0x9c/0x150
[  939.336901][T24712]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  939.336913][T24712]  ? clear_bhb_loop+0x60/0xb0
[  939.336929][T24712]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  939.336941][T24712] RIP: 0033:0x7f7a1238e929
[  939.336952][T24712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  939.336963][T24712] RSP: 002b:00007f7a1321a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  939.336983][T24712] RAX: ffffffffffffffda RBX: 00007f7a125b5fa0 RCX: 00007f7a1238e929
[  939.336992][T24712] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000003
[  939.337000][T24712] RBP: 00007f7a1321a090 R08: 000020000005ffe4 R09: 000000000000001c
[  939.337009][T24712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  939.337016][T24712] R13: 0000000000000000 R14: 00007f7a125b5fa0 R15: 00007ffd760370e8
[  939.337043][T24712]  </TASK>
[  939.940996][T24734] FAULT_INJECTION: forcing a failure.
[  939.940996][T24734] name failslab, interval 1, probability 0, space 0, times 0
[  939.953654][T24734] CPU: 0 UID: 0 PID: 24734 Comm: syz.0.6817 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  939.953677][T24734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  939.953688][T24734] Call Trace:
[  939.953696][T24734]  <TASK>
[  939.953704][T24734]  dump_stack_lvl+0x189/0x250
[  939.953729][T24734]  ? __pfx____ratelimit+0x10/0x10
[  939.953758][T24734]  ? __pfx_dump_stack_lvl+0x10/0x10
[  939.953779][T24734]  ? __pfx__printk+0x10/0x10
[  939.953799][T24734]  ? _raw_write_lock_irq+0xae/0xf0
[  939.953826][T24734]  ? __pfx__raw_write_lock_irq+0x10/0x10
[  939.953869][T24734]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  939.953893][T24734]  should_fail_ex+0x414/0x560
[  939.953922][T24734]  should_failslab+0xa8/0x100
[  939.953955][T24734]  __kmalloc_node_track_caller_noprof+0xcc/0x4e0
[  939.953980][T24734]  ? netlink_realloc_groups+0x11b/0x340
[  939.954010][T24734]  ? netlink_realloc_groups+0x11b/0x340
[  939.954034][T24734]  krealloc_noprof+0x124/0x340
[  939.954057][T24734]  ? netlink_realloc_groups+0xd4/0x340
[  939.954085][T24734]  netlink_realloc_groups+0x11b/0x340
[  939.954136][T24734]  netlink_bind+0x2af/0xd60
[  939.954168][T24734]  ? __pfx_netlink_bind+0x10/0x10
[  939.954203][T24734]  ? bpf_lsm_socket_bind+0x9/0x20
[  939.954238][T24734]  __sys_bind+0x2c6/0x3e0
[  939.954265][T24734]  ? __pfx___sys_bind+0x10/0x10
[  939.954300][T24734]  ? __pfx_ksys_write+0x10/0x10
[  939.954325][T24734]  ? rcu_is_watching+0x15/0xb0
[  939.954358][T24734]  __x64_sys_bind+0x7a/0x90
[  939.954382][T24734]  do_syscall_64+0xfa/0x3b0
[  939.954402][T24734]  ? lockdep_hardirqs_on+0x9c/0x150
[  939.954433][T24734]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  939.954455][T24734]  ? clear_bhb_loop+0x60/0xb0
[  939.954481][T24734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  939.954501][T24734] RIP: 0033:0x7f7a1238e929
[  939.954520][T24734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  939.954539][T24734] RSP: 002b:00007f7a1321a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  939.954561][T24734] RAX: ffffffffffffffda RBX: 00007f7a125b5fa0 RCX: 00007f7a1238e929
[  939.954577][T24734] RDX: 000000000000000c RSI: 0000200000514ff4 RDI: 0000000000000003
[  939.954591][T24734] RBP: 00007f7a1321a090 R08: 0000000000000000 R09: 0000000000000000
[  939.954603][T24734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  939.954615][T24734] R13: 0000000000000000 R14: 00007f7a125b5fa0 R15: 00007ffd760370e8
[  939.954647][T24734]  </TASK>
[  940.267333][T24738] FAULT_INJECTION: forcing a failure.
[  940.267333][T24738] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  940.281127][T24738] CPU: 1 UID: 0 PID: 24738 Comm: syz.0.6818 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  940.281154][T24738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  940.281177][T24738] Call Trace:
[  940.281185][T24738]  <TASK>
[  940.281193][T24738]  dump_stack_lvl+0x189/0x250
[  940.281220][T24738]  ? __pfx____ratelimit+0x10/0x10
[  940.281251][T24738]  ? __pfx_dump_stack_lvl+0x10/0x10
[  940.281273][T24738]  ? __pfx__printk+0x10/0x10
[  940.281306][T24738]  should_fail_ex+0x414/0x560
[  940.281335][T24738]  _copy_from_user+0x2d/0xb0
[  940.281374][T24738]  __copy_msghdr+0x3c5/0x5b0
[  940.281405][T24738]  ___sys_sendmsg+0x1a5/0x2a0
[  940.281435][T24738]  ? __pfx____sys_sendmsg+0x10/0x10
[  940.281498][T24738]  ? __fget_files+0x2a/0x420
[  940.281528][T24738]  ? __fget_files+0x3a0/0x420
[  940.281567][T24738]  __x64_sys_sendmsg+0x19b/0x260
[  940.281597][T24738]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  940.281634][T24738]  ? __pfx_ksys_write+0x10/0x10
[  940.281657][T24738]  ? rcu_is_watching+0x15/0xb0
[  940.281686][T24738]  ? do_syscall_64+0xbe/0x3b0
[  940.281710][T24738]  do_syscall_64+0xfa/0x3b0
[  940.281729][T24738]  ? lockdep_hardirqs_on+0x9c/0x150
[  940.281764][T24738]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  940.281784][T24738]  ? clear_bhb_loop+0x60/0xb0
[  940.281809][T24738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  940.281828][T24738] RIP: 0033:0x7f7a1238e929
[  940.281863][T24738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  940.281882][T24738] RSP: 002b:00007f7a1321a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  940.281917][T24738] RAX: ffffffffffffffda RBX: 00007f7a125b5fa0 RCX: 00007f7a1238e929
[  940.281934][T24738] RDX: 0000000000047c94 RSI: 00002000000001c0 RDI: 0000000000000003
[  940.281948][T24738] RBP: 00007f7a1321a090 R08: 0000000000000000 R09: 0000000000000000
[  940.281962][T24738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  940.281975][T24738] R13: 0000000000000000 R14: 00007f7a125b5fa0 R15: 00007ffd760370e8
[  940.282007][T24738]  </TASK>
[  940.664475][T24748] netlink: 'syz.0.6823': attribute type 5 has an invalid length.
[  941.678732][T24777] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6834'.
[  942.364339][ T5847] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  942.393215][ T5847] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  942.401558][ T5847] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  942.412477][ T5847] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  942.421331][ T5847] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  942.451478][T24796] FAULT_INJECTION: forcing a failure.
[  942.451478][T24796] name failslab, interval 1, probability 0, space 0, times 0
[  942.465526][T24796] CPU: 0 UID: 0 PID: 24796 Comm: syz.4.6841 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  942.465552][T24796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  942.465565][T24796] Call Trace:
[  942.465572][T24796]  <TASK>
[  942.465580][T24796]  dump_stack_lvl+0x189/0x250
[  942.465608][T24796]  ? __pfx____ratelimit+0x10/0x10
[  942.465637][T24796]  ? __pfx_dump_stack_lvl+0x10/0x10
[  942.465660][T24796]  ? __pfx__printk+0x10/0x10
[  942.465687][T24796]  ? __pfx___might_resched+0x10/0x10
[  942.465731][T24796]  should_fail_ex+0x414/0x560
[  942.465762][T24796]  should_failslab+0xa8/0x100
[  942.465802][T24796]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  942.465827][T24796]  ? __alloc_skb+0x112/0x2d0
[  942.465854][T24796]  __alloc_skb+0x112/0x2d0
[  942.465879][T24796]  netlink_sendmsg+0x5c6/0xb30
[  942.465916][T24796]  ? __pfx_netlink_sendmsg+0x10/0x10
[  942.465942][T24796]  ? aa_sock_msg_perm+0x94/0x160
[  942.465969][T24796]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  942.465999][T24796]  ? __pfx_netlink_sendmsg+0x10/0x10
[  942.466025][T24796]  __sock_sendmsg+0x219/0x270
[  942.466048][T24796]  ____sys_sendmsg+0x505/0x830
[  942.466080][T24796]  ? __pfx_____sys_sendmsg+0x10/0x10
[  942.466116][T24796]  ? import_iovec+0x74/0xa0
[  942.466140][T24796]  ___sys_sendmsg+0x21f/0x2a0
[  942.466168][T24796]  ? __pfx____sys_sendmsg+0x10/0x10
[  942.466231][T24796]  ? __fget_files+0x2a/0x420
[  942.466260][T24796]  ? __fget_files+0x3a0/0x420
[  942.466301][T24796]  __x64_sys_sendmsg+0x19b/0x260
[  942.466330][T24796]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  942.466368][T24796]  ? __pfx_ksys_write+0x10/0x10
[  942.466392][T24796]  ? rcu_is_watching+0x15/0xb0
[  942.466420][T24796]  ? do_syscall_64+0xbe/0x3b0
[  942.466444][T24796]  do_syscall_64+0xfa/0x3b0
[  942.466463][T24796]  ? lockdep_hardirqs_on+0x9c/0x150
[  942.466493][T24796]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  942.466513][T24796]  ? clear_bhb_loop+0x60/0xb0
[  942.466537][T24796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  942.466556][T24796] RIP: 0033:0x7f57c978e929
[  942.466573][T24796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  942.466589][T24796] RSP: 002b:00007f57c75f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  942.466617][T24796] RAX: ffffffffffffffda RBX: 00007f57c99b5fa0 RCX: 00007f57c978e929
[  942.466635][T24796] RDX: 0000000000000002 RSI: 0000200000000240 RDI: 0000000000000003
[  942.466646][T24796] RBP: 00007f57c75f6090 R08: 0000000000000000 R09: 0000000000000000
[  942.466657][T24796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  942.466667][T24796] R13: 0000000000000000 R14: 00007f57c99b5fa0 R15: 00007ffd82a8b868
[  942.466694][T24796]  </TASK>
[  942.820479][T24798] FAULT_INJECTION: forcing a failure.
[  942.820479][T24798] name failslab, interval 1, probability 0, space 0, times 0
[  942.834284][T24798] CPU: 0 UID: 0 PID: 24798 Comm: syz.4.6843 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  942.834313][T24798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  942.834327][T24798] Call Trace:
[  942.834336][T24798]  <TASK>
[  942.834346][T24798]  dump_stack_lvl+0x189/0x250
[  942.834374][T24798]  ? __pfx____ratelimit+0x10/0x10
[  942.834408][T24798]  ? __pfx_dump_stack_lvl+0x10/0x10
[  942.834433][T24798]  ? __pfx__printk+0x10/0x10
[  942.834462][T24798]  ? __pfx___might_resched+0x10/0x10
[  942.834491][T24798]  should_fail_ex+0x414/0x560
[  942.834523][T24798]  should_failslab+0xa8/0x100
[  942.834552][T24798]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  942.834579][T24798]  ? __alloc_skb+0x112/0x2d0
[  942.834609][T24798]  __alloc_skb+0x112/0x2d0
[  942.834638][T24798]  netlink_sendmsg+0x5c6/0xb30
[  942.834676][T24798]  ? __pfx_netlink_sendmsg+0x10/0x10
[  942.834706][T24798]  ? aa_sock_msg_perm+0x94/0x160
[  942.834731][T24798]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  942.834773][T24798]  ? __pfx_netlink_sendmsg+0x10/0x10
[  942.834801][T24798]  __sock_sendmsg+0x219/0x270
[  942.834826][T24798]  ____sys_sendmsg+0x505/0x830
[  942.834860][T24798]  ? __pfx_____sys_sendmsg+0x10/0x10
[  942.834898][T24798]  ? import_iovec+0x74/0xa0
[  942.834924][T24798]  ___sys_sendmsg+0x21f/0x2a0
[  942.834955][T24798]  ? __pfx____sys_sendmsg+0x10/0x10
[  942.835021][T24798]  ? __fget_files+0x2a/0x420
[  942.835052][T24798]  ? __fget_files+0x3a0/0x420
[  942.835094][T24798]  __x64_sys_sendmsg+0x19b/0x260
[  942.835125][T24798]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  942.835165][T24798]  ? __pfx_ksys_write+0x10/0x10
[  942.835190][T24798]  ? rcu_is_watching+0x15/0xb0
[  942.835229][T24798]  ? do_syscall_64+0xbe/0x3b0
[  942.835248][T24798]  do_syscall_64+0xfa/0x3b0
[  942.835273][T24798]  ? lockdep_hardirqs_on+0x9c/0x150
[  942.835312][T24798]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  942.835330][T24798]  ? clear_bhb_loop+0x60/0xb0
[  942.835352][T24798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  942.835369][T24798] RIP: 0033:0x7f57c978e929
[  942.835385][T24798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  942.835401][T24798] RSP: 002b:00007f57c75f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  942.835419][T24798] RAX: ffffffffffffffda RBX: 00007f57c99b5fa0 RCX: 00007f57c978e929
[  942.835432][T24798] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  942.835443][T24798] RBP: 00007f57c75f6090 R08: 0000000000000000 R09: 0000000000000000
[  942.835454][T24798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  942.835464][T24798] R13: 0000000000000000 R14: 00007f57c99b5fa0 R15: 00007ffd82a8b868
[  942.835490][T24798]  </TASK>
[  943.294982][   T59] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  943.448263][   T59] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  943.628287][   T59] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  943.656969][T24791] chnl_net:caif_netlink_parms(): no params data found
[  943.755499][   T59] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  943.843721][T24791] bridge0: port 1(bridge_slave_0) entered blocking state
[  943.851062][T24791] bridge0: port 1(bridge_slave_0) entered disabled state
[  943.859591][T24791] bridge_slave_0: entered allmulticast mode
[  943.869788][T24791] bridge_slave_0: entered promiscuous mode
[  943.880538][T24791] bridge0: port 2(bridge_slave_1) entered blocking state
[  943.890358][T24791] bridge0: port 2(bridge_slave_1) entered disabled state
[  943.898418][T24791] bridge_slave_1: entered allmulticast mode
[  943.912009][T24791] bridge_slave_1: entered promiscuous mode
[  943.986101][T24791] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  944.008795][T24791] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  944.146350][T24791] team0: Port device team_slave_0 added
[  944.166213][T24791] team0: Port device team_slave_1 added
[  944.207290][   T59] bridge_slave_1: left allmulticast mode
[  944.217443][   T59] bridge_slave_1: left promiscuous mode
[  944.223895][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  944.237472][   T59] bridge_slave_0: left allmulticast mode
[  944.244981][   T59] bridge_slave_0: left promiscuous mode
[  944.250932][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  944.262300][ T5894] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  944.433974][ T5894] usb 1-1: Using ep0 maxpacket: 32
[  944.450209][ T5894] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  944.473068][ T5894] usb 1-1: config 0 has no interface number 0
[  944.494264][ T5894] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  944.517428][ T5894] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  944.535209][ T5847] Bluetooth: hci2: command tx timeout
[  944.541846][ T5894] usb 1-1: Product: syz
[  944.548961][ T5894] usb 1-1: Manufacturer: syz
[  944.553900][ T5894] usb 1-1: SerialNumber: syz
[  944.561073][ T5894] usb 1-1: config 0 descriptor??
[  944.584372][ T5894] smsc95xx v2.0.0
[  945.026565][ T5894] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  945.069451][ T5894] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  945.081068][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  945.098050][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  945.116078][   T59] bond0 (unregistering): Released all slaves
[  945.178474][T24791] batman_adv: batadv0: Adding interface: batadv_slave_0
[  945.197641][T24791] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  945.235332][T24791] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  945.270687][T24791] batman_adv: batadv0: Adding interface: batadv_slave_1
[  945.293100][T24791] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  945.355804][T24791] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  945.567058][T24791] hsr_slave_0: entered promiscuous mode
[  945.583255][T24791] hsr_slave_1: entered promiscuous mode
[  945.594755][T24791] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  945.607197][T24791] Cannot create hsr debugfs directory
[  945.755812][   T59] hsr_slave_0: left promiscuous mode
[  945.763687][   T59] hsr_slave_1: left promiscuous mode
[  945.770616][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  945.778843][   T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[  945.787972][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  945.798572][   T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[  945.827850][   T59] veth1_macvtap: left promiscuous mode
[  945.833649][   T59] veth0_macvtap: left promiscuous mode
[  945.842385][   T59] veth1_vlan: left promiscuous mode
[  945.852666][   T59] veth0_vlan: left promiscuous mode
[  946.527938][   T59] team0 (unregistering): Port device team_slave_1 removed
[  946.585252][   T59] team0 (unregistering): Port device team_slave_0 removed
[  946.613814][ T5847] Bluetooth: hci2: command tx timeout
[  947.424882][T24866] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6860'.
[  947.940694][    C1] 
[  947.943072][    C1] =============================
[  947.947932][    C1] [ BUG: Invalid wait context ]
[  947.952796][    C1] 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 Not tainted
[  947.959925][    C1] -----------------------------
[  947.964787][    C1] syz.4.6863/24884 is trying to lock:
[  947.970178][    C1] ffffc90012e52410 (&gpc->lock){....}-{3:3}, at: kvm_xen_set_evtchn_fast+0x1fb/0x9b0
[  947.979689][    C1] other info that might help us debug this:
[  947.982726][T24885] FAULT_INJECTION: forcing a failure.
[  947.982726][T24885] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  947.985583][    C1] context-{2:2}
[  948.002069][    C1] 4 locks held by syz.4.6863/24884:
[  948.007286][    C1]  #0: ffff88807ad0ace0 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap+0x12e/0xb50
[  948.016384][    C1]  #1: ffffffff8e33eda0 (rcu_read_lock){....}-{1:3}, at: ___pte_offset_map+0x29/0x2c0
[  948.018273][T24885] CPU: 0 UID: 0 PID: 24885 Comm: syz.1.6861 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  948.018303][T24885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  948.018319][T24885] Call Trace:
[  948.018328][T24885]  <TASK>
[  948.018337][T24885]  dump_stack_lvl+0x189/0x250
[  948.018367][T24885]  ? __pfx____ratelimit+0x10/0x10
[  948.018414][T24885]  ? __pfx_dump_stack_lvl+0x10/0x10
[  948.018440][T24885]  ? __pfx__printk+0x10/0x10
[  948.018461][T24885]  ? rcu_is_watching+0x15/0xb0
[  948.018487][T24885]  ? lock_acquire+0x5f/0x360
[  948.018512][T24885]  ? rcu_is_watching+0x15/0xb0
[  948.018537][T24885]  should_fail_ex+0x414/0x560
[  948.018577][T24885]  _copy_from_user+0x2d/0xb0
[  948.018599][T24885]  sctp_setsockopt+0x19f/0x1200
[  948.018626][T24885]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  948.018651][T24885]  do_sock_setsockopt+0x25a/0x3e0
[  948.018679][T24885]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  948.018708][T24885]  ? __fget_files+0x2a/0x420
[  948.018743][T24885]  __x64_sys_setsockopt+0x18b/0x220
[  948.018772][T24885]  do_syscall_64+0xfa/0x3b0
[  948.018793][T24885]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  948.018814][T24885]  ? clear_bhb_loop+0x60/0xb0
[  948.018837][T24885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  948.018857][T24885] RIP: 0033:0x7f4d15b8e929
[  948.018875][T24885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  948.018895][T24885] RSP: 002b:00007f4d16998038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  948.018916][T24885] RAX: ffffffffffffffda RBX: 00007f4d15db5fa0 RCX: 00007f4d15b8e929
[  948.018933][T24885] RDX: 0000000000000019 RSI: 0000000000000084 RDI: 0000000000000003
[  948.018947][T24885] RBP: 00007f4d16998090 R08: 0000000000000008 R09: 0000000000000000
[  948.018961][T24885] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  948.018974][T24885] R13: 0000000000000000 R14: 00007f4d15db5fa0 R15: 00007fff4e9b6d48
[  948.018997][T24885]  </TASK>
[  948.224447][    C1]  #2: ffff88803207d078 (ptlock_ptr(ptdesc)#2){+.+.}-{3:3}, at: __pte_offset_map_lock+0x13e/0x210
[  948.235103][    C1]  #3: ffffc90012e52960 (&kvm->srcu){.?.?}-{0:0}, at: kvm_xen_set_evtchn_fast+0x1c3/0x9b0
[  948.245035][    C1] stack backtrace:
[  948.248755][    C1] CPU: 1 UID: 0 PID: 24884 Comm: syz.4.6863 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  948.248773][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  948.248796][    C1] Call Trace:
[  948.248804][    C1]  <IRQ>
[  948.248811][    C1]  dump_stack_lvl+0x189/0x250
[  948.248829][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  948.248844][    C1]  ? __pfx__printk+0x10/0x10
[  948.248860][    C1]  ? print_lock_name+0xde/0x100
[  948.248875][    C1]  __lock_acquire+0xbcb/0xd20
[  948.248891][    C1]  ? kvm_xen_set_evtchn_fast+0x1fb/0x9b0
[  948.248903][    C1]  lock_acquire+0x120/0x360
[  948.248915][    C1]  ? kvm_xen_set_evtchn_fast+0x1fb/0x9b0
[  948.248932][    C1]  _raw_read_lock_irqsave+0xaf/0x100
[  948.248952][    C1]  ? kvm_xen_set_evtchn_fast+0x1fb/0x9b0
[  948.248964][    C1]  ? __pfx__raw_read_lock_irqsave+0x10/0x10
[  948.248984][    C1]  ? xa_load+0x1ea/0x210
[  948.249000][    C1]  kvm_xen_set_evtchn_fast+0x1fb/0x9b0
[  948.249012][    C1]  ? do_raw_spin_unlock+0x122/0x240
[  948.249031][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  948.249050][    C1]  ? kvm_xen_set_evtchn_fast+0x1c3/0x9b0
[  948.249063][    C1]  xen_timer_callback+0x109/0x220
[  948.249077][    C1]  ? __pfx_xen_timer_callback+0x10/0x10
[  948.249090][    C1]  __hrtimer_run_queues+0x4e0/0xc60
[  948.249106][    C1]  ? ktime_get_update_offsets_now+0x60/0x3d0
[  948.249131][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  948.249146][    C1]  ? ktime_get_update_offsets_now+0x3ab/0x3d0
[  948.249169][    C1]  hrtimer_interrupt+0x45b/0xaa0
[  948.249192][    C1]  __sysvec_apic_timer_interrupt+0x10b/0x410
[  948.249209][    C1]  sysvec_apic_timer_interrupt+0x52/0xc0
[  948.249230][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  948.249245][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xa8/0x110
[  948.249265][    C1] Code: 74 05 e8 6b 80 58 f6 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4f f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 13 6c 21 f6 65 8b 05 fc 97 50 07 85 c0 74 40 48 c7 04 24 0e 36
[  948.249277][    C1] RSP: 0018:ffffc90000a08c00 EFLAGS: 00000206
[  948.249289][    C1] RAX: 0b1f104cd40d1500 RBX: 0000000000000a06 RCX: 0b1f104cd40d1500
[  948.249316][    C1] RDX: 0000000000000002 RSI: ffffffff8da4c097 RDI: 0000000000000001
[  948.249326][    C1] RBP: ffffc90000a08c90 R08: ffffffff8fc231f7 R09: 1ffffffff1f8463e
[  948.249337][    C1] R10: dffffc0000000000 R11: fffffbfff1f8463f R12: dffffc0000000000
[  948.249348][    C1] R13: dffffc0000000000 R14: ffff8880b8727ac0 R15: 1ffff92000141180
[  948.249365][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  948.249393][    C1]  ? timerqueue_del+0xae/0x100
[  948.249410][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  948.249426][    C1]  __hrtimer_run_queues+0x408/0xc60
[  948.249448][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  948.249463][    C1]  ? read_tsc+0x9/0x20
[  948.249484][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  948.249503][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  948.249522][    C1]  handle_softirqs+0x286/0x870
[  948.249538][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  948.249555][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  948.249572][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  948.249594][    C1]  __irq_exit_rcu+0xca/0x1f0
[  948.249609][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  948.249628][    C1]  irq_exit_rcu+0x9/0x30
[  948.249642][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  948.249664][    C1]  </IRQ>
[  948.249669][    C1]  <TASK>
[  948.249675][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  948.249690][    C1] RIP: 0010:kasan_check_range+0x6f/0x2c0
[  948.249709][    C1] Code: 1e fa 4c 39 cf 0f 82 58 02 00 00 49 89 ff 49 c1 ef 03 49 ba 00 00 00 00 00 fc ff df 4f 8d 1c 17 49 ff c8 4d 89 c1 49 c1 e9 03 <48> bb 01 00 00 00 00 fc ff df 4d 8d 34 19 4d 89 f4 4d 29 dc 49 83
[  948.249721][    C1] RSP: 0018:ffffc900133575a8 EFLAGS: 00000a07
[  948.249733][    C1] RAX: ffffffff820a6c01 RBX: 0000000000000000 RCX: ffffffff820a6c6d
[  948.249743][    C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffea0001a62740
[  948.249752][    C1] RBP: ffffc90013357890 R08: ffffea0001a62747 R09: 1ffffd400034c4e8
[  948.249762][    C1] R10: dffffc0000000000 R11: fffff9400034c4e8 R12: 00007f57c8e9b000
[  948.249773][    C1] R13: dffffc0000000000 R14: ffff88804da53400 R15: 1ffffd400034c4e8
[  948.249786][    C1]  ? unmap_page_range+0x1e41/0x41c0
[  948.249806][    C1]  ? unmap_page_range+0x1ead/0x41c0
[  948.249831][    C1]  unmap_page_range+0x1ead/0x41c0
[  948.249868][    C1]  ? __pfx_unmap_page_range+0x10/0x10
[  948.249891][    C1]  ? __sanitizer_cov_trace_switch+0x8f/0x130
[  948.249915][    C1]  unmap_vmas+0x399/0x580
[  948.249937][    C1]  ? __pfx_unmap_vmas+0x10/0x10
[  948.249965][    C1]  exit_mmap+0x248/0xb50
[  948.249983][    C1]  ? uprobe_clear_state+0x20f/0x290
[  948.249997][    C1]  ? __pfx_exit_mmap+0x10/0x10
[  948.250013][    C1]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  948.250032][    C1]  ? __pfx_exit_aio+0x10/0x10
[  948.250053][    C1]  ? uprobe_clear_state+0x274/0x290
[  948.250067][    C1]  __mmput+0x118/0x420
[  948.250083][    C1]  exit_mm+0x1da/0x2c0
[  948.250103][    C1]  ? __pfx_exit_mm+0x10/0x10
[  948.250123][    C1]  ? rcu_is_watching+0x15/0xb0
[  948.250140][    C1]  do_exit+0x640/0x22e0
[  948.250161][    C1]  ? preempt_schedule_common+0x83/0xd0
[  948.250182][    C1]  ? preempt_schedule+0xae/0xc0
[  948.250203][    C1]  ? __pfx_do_exit+0x10/0x10
[  948.250224][    C1]  ? preempt_schedule_thunk+0x16/0x30
[  948.250248][    C1]  do_group_exit+0x21c/0x2d0
[  948.250269][    C1]  __x64_sys_exit_group+0x3f/0x40
[  948.250289][    C1]  x64_sys_call+0x21ba/0x21c0
[  948.250308][    C1]  do_syscall_64+0xfa/0x3b0
[  948.250321][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  948.250343][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  948.250356][    C1]  ? clear_bhb_loop+0x60/0xb0
[  948.250380][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  948.250393][    C1] RIP: 0033:0x7f57c978e929
[  948.250405][    C1] Code: Unable to access opcode bytes at 0x7f57c978e8ff.
[  948.250412][    C1] RSP: 002b:00007ffd82a8bbc8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  948.250426][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f57c978e929
[  948.250436][    C1] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[  948.250444][    C1] RBP: 00007ffd82a8bc2c R08: 0000000382a8bcbf R09: 00000000000927c0
[  948.250454][    C1] R10: 0000000000000001 R11: 0000000000000246 R12: 00000000000001f5
[  948.250463][    C1] R13: 00000000000927c0 R14: 00000000000e75da R15: 00007ffd82a8bc80
[  948.250489][    C1]  </TASK>
[  948.880034][ T5847] Bluetooth: hci2: command tx timeout
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  949.574866][   T59] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  949.690170][   T59] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  949.948130][   T59] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  949.963935][ T5894] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000008: -71
[  949.975340][ T5894] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71
[  950.052219][ T5894] usb 1-1: USB disconnect, device number 35
[  950.083267][   T59] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  950.186608][   T59] bridge_slave_1: left allmulticast mode
[  950.194103][   T59] bridge_slave_1: left promiscuous mode
[  950.199817][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  950.209320][   T59] bridge_slave_0: left allmulticast mode
[  950.216756][   T59] bridge_slave_0: left promiscuous mode
[  950.222530][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  950.388503][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  950.398838][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  950.410731][   T59] bond0 (unregistering): Released all slaves
[  950.480548][   T59] tipc: Left network mode
[  950.646763][   T59] hsr_slave_0: left promiscuous mode
[  950.653805][   T59] hsr_slave_1: left promiscuous mode
[  950.659576][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  950.667075][   T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[  950.675999][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  950.685443][   T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[  950.699210][   T59] veth1_macvtap: left promiscuous mode
[  950.704899][   T59] veth0_macvtap: left promiscuous mode
[  950.710529][   T59] veth1_vlan: left promiscuous mode
[  950.717012][   T59] veth0_vlan: left promiscuous mode
[  950.867041][   T59] team0 (unregistering): Port device team_slave_1 removed
[  950.897509][   T59] team0 (unregistering): Port device team_slave_0 removed
[  951.295512][   T59] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  951.361976][   T59] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  951.398418][   T59] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  951.459689][   T59] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  951.565830][   T59] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  951.609827][   T59] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  951.649591][   T59] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  951.717932][   T59] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  951.828144][   T59] bridge_slave_1: left allmulticast mode
[  951.834976][   T59] bridge_slave_1: left promiscuous mode
[  951.840715][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  951.850785][   T59] bridge_slave_0: left allmulticast mode
[  951.857679][   T59] bridge_slave_0: left promiscuous mode
[  951.863869][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  951.874743][   T59] bridge_slave_1: left allmulticast mode
[  951.880428][   T59] bridge_slave_1: left promiscuous mode
[  951.887050][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  951.897665][   T59] bridge_slave_0: left allmulticast mode
[  951.904191][   T59] bridge_slave_0: left promiscuous mode
[  951.909908][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  951.921593][   T59] bridge_slave_1: left allmulticast mode
[  951.928138][   T59] bridge_slave_1: left promiscuous mode
[  951.935041][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  951.943546][   T59] bridge_slave_0: left allmulticast mode
[  951.949230][   T59] bridge_slave_0: left promiscuous mode
[  951.957674][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  952.128084][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  952.139214][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  952.148977][   T59] bond0 (unregistering): Released all slaves
[  952.218353][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  952.228220][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  952.237920][   T59] bond0 (unregistering): Released all slaves
[  952.317172][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  952.327603][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  952.336999][   T59] bond0 (unregistering): Released all slaves
[  952.670805][   T59] hsr_slave_0: left promiscuous mode
[  952.678251][   T59] hsr_slave_1: left promiscuous mode
[  952.684032][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  952.691526][   T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[  952.700217][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  952.707699][   T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[  952.717595][   T59] hsr_slave_0: left promiscuous mode
[  952.723287][   T59] hsr_slave_1: left promiscuous mode
[  952.728896][   T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[  952.736641][   T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[  952.746691][   T59] hsr_slave_0: left promiscuous mode
[  952.752591][   T59] hsr_slave_1: left promiscuous mode
[  952.758479][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  952.765949][   T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[  952.773598][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  952.780999][   T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[  952.793687][   T59] veth1_macvtap: left promiscuous mode
[  952.799264][   T59] veth0_macvtap: left promiscuous mode
[  952.804942][   T59] veth1_vlan: left promiscuous mode
[  952.810218][   T59] veth0_vlan: left promiscuous mode
[  952.816641][   T59] veth1_macvtap: left promiscuous mode
[  952.822216][   T59] veth0_macvtap: left promiscuous mode
[  952.827756][   T59] veth1_vlan: left promiscuous mode
[  952.833123][   T59] veth0_vlan: left promiscuous mode
[  953.010134][   T59] team0 (unregistering): Port device team_slave_1 removed
[  953.036004][   T59] team0 (unregistering): Port device team_slave_0 removed
[  953.217643][   T59] team0 (unregistering): Port device team_slave_1 removed
[  953.241597][   T59] team0 (unregistering): Port device team_slave_0 removed
[  953.389367][   T59] team0 (unregistering): Port device team_slave_1 removed
[  953.416887][   T59] team0 (unregistering): Port device team_slave_0 removed
[  954.167498][   T59] IPVS: stop unused estimator thread 0...