last executing test programs: 34.226748212s ago: executing program 0 (id=343): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = dup(r1) write$UHID_INPUT(r2, &(0x7f0000002080)={0xc, {"a2e3ad214fc752f91b3e090987f70e06d038e7ff7fc6e5539b3264078b089b0e083f63090890e0878f0e1ac6e7049b334c959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b313b0d3b6d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d6c38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d780231c9c99a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa3647f17b289be5ab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f068bb87af8b90fd8f08876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b281769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833fea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e51074b41bc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r2, 0x89f7, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000000)={@multicast1}}) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='cdg\x00', 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee7, 0x10, r0, 0xfffff000) 34.092417886s ago: executing program 1 (id=344): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), r0) syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r0) recvmmsg(r0, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x100}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000001b40)=""/153, 0x99}, {&(0x7f0000005c40)=""/4100, 0x1004}], 0x2}, 0x7}, {{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000004c40)=""/4096, 0x1000}, {&(0x7f0000000540)=""/174, 0xae}, {0x0}, {&(0x7f0000000700)=""/130, 0x82}, {&(0x7f0000000480)=""/117, 0x75}, {&(0x7f0000002080)=""/4075, 0xfeb}, {&(0x7f00000000c0)=""/154, 0x9a}], 0x7}, 0x9}, {{0x0, 0x0, 0x0}, 0x5}], 0x5, 0x40008062, 0x0) 33.885903306s ago: executing program 0 (id=346): r0 = socket(0x200000100000011, 0x3, 0x0) r1 = socket(0xa, 0x1, 0x0) syz_usb_connect(0x0, 0x3b, &(0x7f0000001140)={{0x12, 0x1, 0x0, 0x93, 0x0, 0x82, 0x10, 0xd57, 0xe999, 0xa763, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x8, 0x6, 0x62, 0x0, [], [{{0x9, 0x5, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, [@generic={0x2}, @generic={0x3, 0x0, "ca"}]}}, {{0x9, 0x5, 0x9}}]}}]}}]}}, 0x0) setsockopt$inet6_group_source_req(r1, 0x29, 0x2f, &(0x7f0000000680)={0xe, {{0xa, 0x4e20, 0x8, @mcast1, 0xbfd}}, {{0xa, 0x4e20, 0xfffffe01, @private2={0xfc, 0x2, '\x00', 0x1}, 0xfffffe01}}}, 0x108) r2 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'hsr0\x00', 0x0}) bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r3, 0x1, 0x7, 0x6, @local}, 0x14) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x41071, 0xffffffffffffffff, 0x0) write$nbd(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="674466980000525b1042708497f50000"], 0x10) 33.883945391s ago: executing program 1 (id=347): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000001280)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f00000012c0)={0x1c, r1, 0x1, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x48055}, 0x4000000) (fail_nth: 2) 33.797055797s ago: executing program 2 (id=349): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000001280)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f00000012c0)={0x1c, r1, 0x1, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x48055}, 0x4000000) 33.564776559s ago: executing program 1 (id=350): r0 = open(&(0x7f0000000280)='.\x00', 0x141080, 0x0) fcntl$notify(r0, 0x402, 0x0) (async) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000240)={'gretap0\x00', &(0x7f0000000680)={'gre0\x00', 0x0, 0x1, 0x0, 0x7fffffff, 0x4, {{0xd, 0x4, 0x0, 0x9, 0x34, 0x67, 0x0, 0x7, 0x2f, 0x0, @multicast2, @local, {[@ssrr={0x89, 0xf, 0xaf, [@local, @private=0xa010100, @private=0xa010102]}, @end, @generic={0x44, 0xe, "fe244e299b469cb6959f14e8"}]}}}}}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b70000001c0000006f000000000000009500000000000000a9171809f8dcf159569d5475991f7de1a0d0c119cfcf6b98741c23fb7f8d3002ec85db75af955427e91496087a51a0a78f26019e216a0d0177c4fe3552396a180330807a5b6e8c79aa92038c78d1f16c1323f0e0c8d45c641a21757847cb22e9bc162bcc3581e40c62c4defee8cffe359cfeef7f58fffdb48647d28ae810f6d22d20271e9e88e94aa6982bf48356652b08aae0478fbe542b648421d1b4486a542a7d478fbe6b5e000000293853f9c68e235184b7ad5b6c4fe70ec8320500db0db7fda3da6171a05509ffecef2cb9802d4f36c9a1ce46d3b355fec188ccfc2f0fc89e164561fb06ee9a0153981a47b5de9edd3536d5534f9a699f73b2c9341d2d05043748ce1f4577ed76cdf5b3c697089daa4abda69a8c0c992404610a6be9e103c972459065dec0488e85a6a0418fc87dd80102fc9ef7bb4ef4fa6ee08d81797570578f2e8198e687012f25a69a90e7515e35f8abbddfa96c3f0485f01f0e9e144a2bd31c1b594c50de7c9efd826f1e19b7bd89ca4052b1985287bd13957a48467e0eeddf564d175bf4340885b639767c609806c3b2a3667539dfd66a7400000000003be6026e60205f761ce85cdf75cdb95ca5d32b5bf87eed4184d49f8f48181ef2419efe82ebb18ee55772d562b3b49551714e805a5211a3f4e8e703c03e23b2074bc573dbb66d59e269b722637c4a2efb5241cae2f14774609ad91d66724c438455dc4fcf0b4c8fc235f6c190b4c82bb2556d1fbcd4468369e98e989986dcbc900c743162ce2c7e60610acf0c8e4ba94a7e7127c7de0e6c35acecee1b8434fdca4579f9ebc6a515f7d910b466eb083fb0a7e607452d8d335fbecb2b8ee0e9da33afb88aa5da8da3a5e0e58fcb48de6f165826b046a8951a47e040bd419d0efa0f54e8e3694085a7bde6f64949680000000000000000"], &(0x7f0000000700)='GPL\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', r1, @fallback=0x2d, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, r0}, 0x94) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={@fallback=r2, 0x1e, 0x0, 0x5, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7, 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40) 33.395940879s ago: executing program 1 (id=351): timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) get_mempolicy(0x0, 0x0, 0x2, &(0x7f0000ffc000/0x4000)=nil, 0x3) r1 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) r2 = socket(0x10, 0x803, 0x0) r3 = socket(0x22, 0x2, 0x4) r4 = socket$inet(0xa, 0x801, 0x84) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x161642, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000300)={&(0x7f0000000000/0x3000)=nil, &(0x7f0000001000/0x2000)=nil, &(0x7f0000001000/0x3000)=nil, &(0x7f0000003000/0x2000)=nil, &(0x7f0000003000/0x3000)=nil, &(0x7f0000003000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000000/0x1000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000200), 0x0, r6}, 0x68) sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a300000000054000000060a010400000000000000000100000008000b40000000000900010073797a30000000002c0004802800018008000100666962001c0002800800014000000011080003400000000e08000240"], 0xdc}}, 0x0) connect$inet(r4, 0x0, 0x0) getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@getchain={0x24, 0x66, 0x109, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xffff}, {}, {0x0, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x8800}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2) 33.354818924s ago: executing program 2 (id=352): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0xc}, 0x50) setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000080)=0x404, 0x4) syz_emit_ethernet(0x2a, &(0x7f00000000c0)={@local, @random="fad1e048716e", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x20, 0x10, 0x503, 0x0, 0x25dfdbff}, 0x20}, 0x1, 0x0, 0x0, 0x8041}, 0x4) r2 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r2, 0x0, 0x484, &(0x7f0000000000)=""/108, &(0x7f0000000080)=0x18) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x60, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_BC_QUEUE_LEN={0x8, 0x9, 0xffffffff}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_MODE={0x8}]}}}, @IFLA_ALT_IFNAME={0x14, 0x35, 'macvlan0\x00'}]}, 0x60}}, 0x8000) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000bc0)=@newqdisc={0x14c, 0x24, 0x3fe3aa0262d8c783, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x11c, 0x2, [@TCA_CHOKE_STAB={0x104, 0x2, "8c5e66e34f918b31636c4c6e0120ab7ff803af0238e64dc7a45751a45aa895f292896ba296ae5b6401783055dc51655946ce921d603366dfcdba9da2e42ba32ff6394e62df75fdabb8120c9aa8044690ab372144ef793036667a19289dcfec00003cf4ba029f9f393fe20c979faefe0e1ef06b2b36c22cd12b18db00ef935703f0d4d62ee732c54d604d366a56902071f2c244cbf7d7bb92e50a35940e436d16c1c907dd27016da9cc19f1700079fe63c136cebac977e77d9614899df3f1c096c072f8e549f5cda7e29b1a28f749fbb05dc3cd13a6f5a4c89d8690af69fdb83f8147e850af49ff9d1b16195a96288b61815f803f263a64b847d3a5accb159fef"}, @TCA_CHOKE_PARMS={0x14, 0x1, {0xd215, 0x100, 0x3, 0xb, 0x7, 0x14, 0x3}}]}}]}, 0x14c}}, 0x0) setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000000)=0x3f7, 0x4) recvmmsg(r0, &(0x7f00000036c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0) r6 = openat$vicodec0(0xffffff9c, &(0x7f00000005c0), 0x2, 0x0) ioctl$VIDIOC_G_PARM(r6, 0xc0cc5615, &(0x7f0000000700)={0xc, @capture={0x1000, 0x0, {0xa53, 0xff}, 0xe0b, 0x7}}) r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000e40), 0x40080, 0x0) mmap$snddsp_control(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x5000002, 0x1010, 0xffffffffffffffff, 0x83000000) r9 = socket$inet6(0xa, 0x1, 0x84) getsockopt$bt_hci(r9, 0x84, 0x6d, &(0x7f0000002280)=""/4086, &(0x7f0000000040)=0xff6) ioctl$TIOCPKT(r8, 0x5420, &(0x7f00000000c0)=0x1) splice(r8, 0x0, r7, 0x0, 0x7, 0x9) ioctl$TCSETAW(r8, 0x5407, &(0x7f0000000140)={0x2, 0x4, 0x8, 0x401, 0xe, "8eb7e7ffe577dbce"}) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000100)={'wg1\x00'}) sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000180)="1be27a0265ba6692f95260eb6752005d8a6b938eda88ee910550164c20daef7293a36221c071bdea9504d5b213f20e9deb750e1a596e59ccdbfe3e74e9b359c9294f57c87b2c5076e04a3758482c4d30d3058a25da88efde094e400f08c139cc1663f884457a36", 0x67}, {&(0x7f0000000200)="dc34c9a3a897b2e751e06edc07c4e3400fa3fd4ca8004e7fde2c74da08d1e32bca0b3bed0156083c3c0911f0448e4b86aac7edfb0c08b21712b9a80e428aacb21f84982c59534293099fc2cd2f9dedad256d2950c868c04215abc0892135a5bb52e9818621be48e171f3dd6851c146159c27dd41554ab7b2", 0x78}, {&(0x7f0000000280)="87d9090743b09595c600eac5923ee5b408dad294de1c298da3cd83d35c8104287c7ac03cd3aeac0dee09a7206c37fd8be63039a6f5b7d868aee79e4af1896312785bd4f427c8444862a9ecb1e3b29b5db01dfa2790fae929b46cc93f72a1da59a0deac2addc40dc4c43c34122ae9bef84b2baf9dcab159141a1d2b01e81bd4c6d14842b6a46d892ab4c313237df3a4bcfbcabe0c4858d78df9f65930f49b38c1355e50a952f5c5afccc6b9251bbbb88429f759e98ebbecdccdb7f0ed118520e943cbfd6d21d2b9279e0bf72d57ca7e273619c91417532be7a3b59b6216b7673c80163c65841cebcfd0a9ca720ff634995bfaaa47a00994b930020477770707", 0xff}, {&(0x7f0000000380)="4eac29291d4dfa1defd1f86fa96dae975d795fd3ad38fbffe19e7f1521bf2477d3b8a855a190068086d7c2207ef199121c84b9eb3ef50c422761eabcf5f0eff07f4308daa151f0bb19e11482402055b58d068491e4c1cc96cbf6272bee4e6a9789b0a157d8b43699efc664a48d3bb166268da2b2a66b462b", 0x78}, {&(0x7f0000000400)="2c4f785fdd2402feb519ac1477a8979477f65cb5634d93cdf08d64192656b7869eb4167ae65fc2e2fa6bca9c97e1cf3e0ff4a71a01394fe7c6de790996f0097de436e4d4a0d8a321e6041929fd8bf677375fa9d921d44cae31da7a616b225b26db10f95d41a041f04c1dce8f3b6783b3f725444445fa7c7428193777d0f849513b6a0fa12dddd611ab4482bb", 0x8c}, {&(0x7f00000004c0)="b38018f74c73c3d457f117185a02d006e3b118b8b038440f98e36bda924f4174a81fd7eeeec26480dd167ff2586e41c9ec6ee00713ceb7d7d6a26dc417cb8b09d3", 0x41}], 0x6, 0x0, 0x0, 0x80}, 0x20000000) 32.990902637s ago: executing program 2 (id=356): socket$kcm(0x2, 0x5, 0x84) r0 = io_uring_setup(0x40de, &(0x7f0000000240)={0x0, 0x73a, 0x4, 0x3, 0x54}) r1 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_FLUSH(r1, 0x3a, 0xd4, 0x0, 0x0) io_uring_setup(0x1000177d, &(0x7f00000002c0)={0x0, 0xc6d1, 0x400, 0x0, 0xdffffffd, 0x0, r0}) r2 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r2, &(0x7f00000000c0), 0x10) syz_io_uring_setup(0x5f4, &(0x7f0000000140)={0x0, 0xaee2, 0x10000, 0x6, 0x2c6}, 0x0, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYRES16=r2], 0x448}}, 0x0) sendmsg$can_bcm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="050000000808"], 0x80}}, 0x0) sendmmsg$inet(r2, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)="050000007402b8f4191db62b", 0xc}, {&(0x7f0000000440)="9f336d70bf41f19e47e98b4015e3b0384d86a1ceb4e530554ebc8154bf392bcf9ce0b09f879bd7aaf9d086e3", 0x2c}], 0x2}}, {{0x0, 0x0, &(0x7f0000000100), 0x2}}], 0x40000000000003a, 0x0) syz_usb_connect(0x5, 0x4f, &(0x7f0000001840)={{0x12, 0x1, 0x0, 0x13, 0xc8, 0x2f, 0x20, 0x6cd, 0x104, 0xc86a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3d, 0x2, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x91, 0xec, 0x1, 0x68, 0x83, 0xb6, 0x9, [], [{{0x9, 0x5, 0x2, 0x10, 0x40, 0x3, 0x5, 0x5}}]}}, {{0x9, 0x4, 0x2b, 0xfa, 0x2, 0x93, 0x5c, 0x95, 0x1, [], [{{0x9, 0x5, 0xf, 0x2, 0x3ff, 0x8, 0x40, 0x9}}, {{0x9, 0x5, 0x2, 0x0, 0x8, 0x9, 0x1a, 0x6, [@generic={0x7, 0x5, "ce37064ab4"}]}}]}}]}}]}}, 0x0) 32.769885304s ago: executing program 3 (id=359): socket$inet_sctp(0x2, 0x1, 0x84) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0) socket(0xa, 0x3, 0x3a) r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) fcntl$lock(r1, 0x25, &(0x7f0000000080)) close(0x3) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000040)={0x0, 0xfff, 0x2, {0x9, @pix_mp={0xf, 0x5be7, 0x30385056, 0x1, 0xb, [{0x80000004, 0x7}, {0x7ff, 0xb325}, {0x10000001, 0x9}, {0x63d, 0x7fd}, {0x8, 0xb}, {0x4, 0x489aa92e}, {0x5}, {0xff, 0x7}], 0x1, 0xc, 0x2, 0x0, 0x3}}, 0xfffffffd}) bind$alg(0xffffffffffffffff, 0x0, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000001280), 0x0) r4 = dup(0xffffffffffffffff) ioctl$USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f0000000440)={0x80, 0x6, 0xf00, 0x1, 0x0, 0x5, 0x0}) 31.68257341s ago: executing program 3 (id=361): syz_open_dev$sndctrl(&(0x7f0000001e00), 0x2, 0x40000) (async) r0 = socket$inet_smc(0x2b, 0x1, 0x0) (async, rerun: 32) openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x200a83, 0x0) (rerun: 32) socket$nl_route(0x10, 0x3, 0x0) (async) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async) r1 = syz_open_dev$sndmidi(&(0x7f0000000180), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) (async, rerun: 32) r3 = syz_io_uring_setup(0x239, &(0x7f00000002c0)={0x0, 0xf2cf, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) (rerun: 32) syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r2, 0x0, 0x0, 0x0, {0x90c0}, 0x1}) (async) io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0) (async) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) (async) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0) r7 = openat$cgroup_type(r6, &(0x7f0000000300), 0x2, 0x0) write$cgroup_type(r7, &(0x7f0000000280), 0x9) (async) r8 = openat$cgroup_procs(r6, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000340)={0xfffffffffffffff8, 0x1, 0x4, 0x8, 0x5, 0x0, [{0x3, 0xa, 0x323, '\x00', 0x208}, {0x4, 0x2, 0x7fffffff, '\x00', 0x60a}, {0x2, 0x4, 0xff, '\x00', 0x1}, {0x7, 0x4133, 0x80000001, '\x00', 0x789}, {0x13c000000, 0xc, 0xe, '\x00', 0x1006}]}) (async) write$cgroup_pid(r8, &(0x7f0000000c40), 0x12) (async, rerun: 64) r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (rerun: 64) r10 = openat$cgroup_ro(r9, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r10, &(0x7f0000000200)=0x1, 0x12) syz_emit_ethernet(0x4e, &(0x7f00000004c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "1600", 0x18, 0x2b, 0x0, @private1, @local, {[@srh={0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0xf}], {0x0, 0x0, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x0, 0x100}}}}}}}}, 0x0) unshare(0x22020600) (async) r11 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r11, 0x0, 0x486, &(0x7f0000000000), &(0x7f0000000040)=0xc) 31.681125034s ago: executing program 4 (id=362): syz_open_dev$vim2m(&(0x7f0000000000), 0xfffffff7, 0x2) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r1 = openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) r2 = socket$igmp(0x2, 0x3, 0x2) ioctl$SIOCGETVIFCNT(r2, 0x89e0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$VIDIOC_G_EXT_CTRLS(r1, 0xc0185649, &(0x7f0000000080)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0xa00905, 0x0, '\x00', @ptr=0x8}}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan0\x00', 0x0}) r4 = socket(0x2b, 0x80801, 0x1) getsockopt$sock_buf(r4, 0x1, 0x1c, 0x0, &(0x7f0000000180)) sendmsg$NL80211_CMD_PROBE_CLIENT(r4, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="00022cbd7000fcdbdf255400000008000300", @ANYRES32=r3, @ANYBLOB="0a000600ffffffffffff00000a00060008021100000100000a000600ff17987c722e9e0e6b2df7001e0a000600080211000002000e0a00060008021100020100"/73], 0x58}, 0x1, 0x0, 0x0, 0x40801}, 0x40000) sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=r0, @ANYBLOB="010028bd7000fcdbdf252e00000008000300", @ANYRES32=r3, @ANYBLOB="0a003400020202020202000008004a0000ac0f00"], 0x30}, 0x1, 0x0, 0x0, 0x400a841}, 0x4004010) 31.642722937s ago: executing program 0 (id=363): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="5400000000010000001c00108008000240000001ff08000340000000020800014000000004240001801400018008000100e000000108000200e00000010c000280050001000000000028459085c9049d89a1710e06d95ecea12ef93ff509262a05d36c7920661712b94376b8b2886cf292e4b1404a6e36b2fb16935dac98411177dee8aae708e219b37a16435842a7c26228bab02a8ebf1f6eea2e8d52aa1aa953f4cba63349af1726000fe11753b3982c5839368a51f8f23edb4972e1af467288b144d87386240d93a197f2670c40737d6500"/221], 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x0) r1 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_GET_FEATURE(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x10, 0x3fb, 0x10, 0x70bd2b, 0x25dfdbfe, "", ["", "", "", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x200680d4}, 0x4008081) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) r4 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f00000000c0)={0x7, 0xeeee0000, 0x0, r4}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0xa) bpf$PROG_LOAD(0x24, &(0x7f00000000c0)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000180)={0x2000, 0x8000, 0x1}) ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000380)={0x2, 0x34000, 0x1}) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000040)={0x0, 0x12000, 0x1}) ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000000)={0x6000, 0x2000, 0x1}) ioctl$KVM_RUN(r7, 0xae80, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r3, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}, 0x1, 0x0, 0x0, 0x40}, 0x0) 31.51537455s ago: executing program 4 (id=364): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f00000000c0)={0x18, 0x0, {0x4, @local, 'veth0_virt_wifi\x00'}}, 0x1e) ioctl$PPPOEIOCSFWD(r1, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x4, @local, 'bridge_slave_1\x00'}}) 31.454913444s ago: executing program 3 (id=365): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f00000000c0)={0x18, 0x0, {0x4, @local, 'veth0_virt_wifi\x00'}}, 0x1e) ioctl$PPPOEIOCSFWD(r1, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x4, @local, 'bridge_slave_1\x00'}}) (fail_nth: 2) 31.3651006s ago: executing program 0 (id=366): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002140), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000002180)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002200)={&(0x7f00000021c0)={0x24, r1, 0x1, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x7effe0fee0b28fb4}, 0x4000050) (fail_nth: 2) 31.006007148s ago: executing program 0 (id=367): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0xc}, 0x50) setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000080)=0x404, 0x4) syz_emit_ethernet(0x2a, &(0x7f00000000c0)={@local, @random="fad1e048716e", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x20, 0x10, 0x503, 0x0, 0x25dfdbff}, 0x20}, 0x1, 0x0, 0x0, 0x8041}, 0x4) r2 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r2, 0x0, 0x484, &(0x7f0000000000)=""/108, &(0x7f0000000080)=0x18) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x60, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_BC_QUEUE_LEN={0x8, 0x9, 0xffffffff}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_MODE={0x8}]}}}, @IFLA_ALT_IFNAME={0x14, 0x35, 'macvlan0\x00'}]}, 0x60}}, 0x8000) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000bc0)=@newqdisc={0x14c, 0x24, 0x3fe3aa0262d8c783, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x11c, 0x2, [@TCA_CHOKE_STAB={0x104, 0x2, "8c5e66e34f918b31636c4c6e0120ab7ff803af0238e64dc7a45751a45aa895f292896ba296ae5b6401783055dc51655946ce921d603366dfcdba9da2e42ba32ff6394e62df75fdabb8120c9aa8044690ab372144ef793036667a19289dcfec00003cf4ba029f9f393fe20c979faefe0e1ef06b2b36c22cd12b18db00ef935703f0d4d62ee732c54d604d366a56902071f2c244cbf7d7bb92e50a35940e436d16c1c907dd27016da9cc19f1700079fe63c136cebac977e77d9614899df3f1c096c072f8e549f5cda7e29b1a28f749fbb05dc3cd13a6f5a4c89d8690af69fdb83f8147e850af49ff9d1b16195a96288b61815f803f263a64b847d3a5accb159fef"}, @TCA_CHOKE_PARMS={0x14, 0x1, {0xd215, 0x100, 0x3, 0xb, 0x7, 0x14, 0x3}}]}}]}, 0x14c}}, 0x0) setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000000)=0x3f7, 0x4) recvmmsg(r0, &(0x7f00000036c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0) r6 = openat$vicodec0(0xffffff9c, &(0x7f00000005c0), 0x2, 0x0) ioctl$VIDIOC_G_PARM(r6, 0xc0cc5615, &(0x7f0000000700)={0xc, @capture={0x1000, 0x0, {0xa53, 0xff}, 0xe0b, 0x7}}) r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000e40), 0x40080, 0x0) mmap$snddsp_control(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x5000002, 0x1010, 0xffffffffffffffff, 0x83000000) r9 = socket$inet6(0xa, 0x1, 0x84) getsockopt$bt_hci(r9, 0x84, 0x6d, &(0x7f0000002280)=""/4086, &(0x7f0000000040)=0xff6) ioctl$TIOCPKT(r8, 0x5420, &(0x7f00000000c0)=0x1) splice(r8, 0x0, r7, 0x0, 0x7, 0x9) ioctl$TCSETAW(r8, 0x5407, &(0x7f0000000140)={0x2, 0x4, 0x8, 0x401, 0xe, "8eb7e7ffe577dbce"}) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000100)={'wg1\x00', 0x0}) sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000140)={0x2c, 0x6, r10, 0x6}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x20000000) 30.946844817s ago: executing program 3 (id=368): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)={0x3c, r1, 0x431, 0x70bd28, 0xffffffff, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x1}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x1}]}, 0x3c}}, 0x0) (fail_nth: 2) 30.715243507s ago: executing program 4 (id=369): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000340)={0x1, 0x4}, 0x8) (async) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000003c0)=0x491b, 0x4) (async) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0) r1 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) r2 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) (async) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x44010, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback, 0xfffffffc}, 0x1c) (async) r3 = socket(0x2, 0x80805, 0x0) getsockopt$bt_hci(r3, 0x84, 0x80, &(0x7f0000000000)=""/4102, &(0x7f00000010c0)=0x1006) (async) keyctl$read(0xb, r1, &(0x7f00000002c0)=""/127, 0x7f) ptrace(0x4207, 0xffffffffffffffff) (async) sendmmsg$inet6(r0, &(0x7f00000002c0)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x4004000) 30.321003719s ago: executing program 3 (id=370): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e40), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000001000)={'wlan0\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2) r3 = syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0) ioctl$EVIOCGLED(r3, 0x40284504, &(0x7f0000000000)=""/56) r4 = socket(0x10, 0x2, 0x0) sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000009c0)=ANY=[@ANYBLOB="4c0000001800dd8800000000000000000200000000000106000000000600150005000000280016802400010001000000000000002b00040000000000ff020000000000000000000000000001"], 0x4c}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000005b80)=@delchain={0x24, 0x26, 0x1, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r6, {0x0, 0x1f}, {}, {0x2}}}, 0x24}}, 0x0) sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7000fcdbdf255200000008000300", @ANYRES32=r2, @ANYBLOB="0800cb000900000004002a00050089000700000006004800210000000a000600ffffffffffff00000500880000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x10}, 0x4) socket$key(0xf, 0x3, 0x2) 30.318291226s ago: executing program 1 (id=371): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), r0) syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r0) recvmmsg(r0, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x100}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000001b40)=""/153, 0x99}, {&(0x7f0000005c40)=""/4100, 0x1004}], 0x2}, 0x7}, {{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000004c40)=""/4096, 0x1000}, {&(0x7f00000008c0)=""/229, 0xe5}, {&(0x7f0000000700)=""/130, 0x82}, {&(0x7f0000000480)=""/117, 0x75}, {&(0x7f0000002080)=""/4075, 0xfeb}, {&(0x7f00000000c0)=""/154, 0x9a}], 0x6}, 0x9}, {{0x0, 0x0, 0x0}, 0x5}], 0x5, 0x40008062, 0x0) 30.271349225s ago: executing program 0 (id=372): socket$inet_sctp(0x2, 0x1, 0x84) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0) socket(0xa, 0x3, 0x3a) r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) fcntl$lock(r1, 0x25, &(0x7f0000000080)) close(0x3) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000040)={0x0, 0xfff, 0x2, {0x9, @pix_mp={0xf, 0x5be7, 0x30385056, 0x1, 0xb, [{0x80000004, 0x7}, {0x7ff, 0xb325}, {0x10000001, 0x9}, {0x63d, 0x7fd}, {0x8, 0xb}, {0x4, 0x489aa92e}, {0x5}, {0xff, 0x7}], 0x1, 0xc, 0x2, 0x0, 0x3}}, 0xfffffffd}) bind$alg(0xffffffffffffffff, 0x0, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2) r5 = dup(r4) ioctl$USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f0000000440)={0x80, 0x6, 0xf00, 0x1, 0x0, 0x5, 0x0}) 30.270890222s ago: executing program 2 (id=373): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e40), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000001000)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000000)={0x4c, r1, 0x1, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TDLS_PEER_CAPABILITY={0x8, 0xcb, 0x9}, @NL80211_ATTR_IE={0x4}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x7}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x21}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TDLS_ACTION={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x10}, 0x4) (fail_nth: 2) 30.194776644s ago: executing program 4 (id=374): futex_waitv(&(0x7f0000001b00)=[{0xfff, &(0x7f0000000940)=0x6, 0x6}], 0x1, 0x0, 0x0, 0x1) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x725e65a6, 0x0) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f00000005c0)="23000000220021bb00b9409b849ac00a00e3b8a98623ff2a09a6c5b01109e3ecabbe82", 0x23, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/203, 0xcb, 0x0, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="900000a453001f", 0x7, 0x20000080, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='q', 0x1, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041) write$sndseq(r4, &(0x7f0000000040)=[{0xf, 0x0, 0x0, 0xfd, @time, {}, {0xe}, @queue}], 0x1c) 29.822723934s ago: executing program 1 (id=375): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='cdg\x00', 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) 29.822275971s ago: executing program 2 (id=376): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000280)={0x0, 0x6, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf8}, 0xe) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000200)=0x10) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000140)={0x3, 0x9, 0x10, 0x2a, r1}, &(0x7f0000000180)=0x10) 29.425622982s ago: executing program 2 (id=377): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89101) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05"], 0x0) getsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f0000000000), &(0x7f0000000180)=0x4) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x100004, 0xffff, 0xb, 0x1, 0x1}, 0x50) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, r2, 0x0, 0x41}, 0x38) r3 = socket$pppoe(0x18, 0x1, 0x0) r4 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x647, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xe1000, 0x280000b, 0x28011, r4, 0x4000) connect$pppoe(r3, &(0x7f00000000c0)={0x18, 0x0, {0x4, @local, 'veth0_virt_wifi\x00'}}, 0x1e) ioctl$PPPOEIOCSFWD(r3, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x4, @local, 'bridge_slave_1\x00'}}) 29.424941943s ago: executing program 3 (id=378): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4) socketpair$nbd(0x1, 0x1, 0x0, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000400)={0xffffffffffffffff, 0x0, 0x0}, 0x10) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f00000018c0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)="12", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000000240)=' ', 0x1}], 0x1}}], 0x2, 0x48800) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) shutdown(0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000004c0)='bic\x00', 0x4) shutdown(r0, 0x2) (fail_nth: 2) 29.279214002s ago: executing program 4 (id=379): r0 = openat$rtc(0xffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_RD_TIME(r0, 0x80247009, &(0x7f0000000040)) r1 = syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x8001) ioctl$BLKRRPART(r1, 0x125f, 0x0) r2 = openat$autofs(0xffffff9c, &(0x7f00000000c0), 0xc0800, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r2, 0xc0189378, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0, {r1}}, './file0\x00'}) r5 = socket$kcm(0x29, 0x2, 0x0) r6 = openat$vsock(0xffffff9c, &(0x7f0000000140), 0x381181, 0x0) ioctl$FIDEDUPERANGE(r5, 0xc0189436, &(0x7f0000000180)={0x1, 0x4, 0x3, 0x0, 0x0, [{{r3}, 0x7}, {{r0}, 0x5}, {{r6}, 0x9}]}) ioctl$RTC_ALM_READ(r4, 0x80247008, &(0x7f0000000200)) setsockopt$inet_sctp6_SCTP_NODELAY(r6, 0x84, 0x3, &(0x7f0000000240)=0x1, 0x4) getsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000280)={0x0, 0x7fff}, &(0x7f00000002c0)=0x8) setsockopt$inet_sctp_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f0000000300)=r7, 0x4) ioctl$AUTOFS_IOC_PROTOVER(r0, 0x80049363, &(0x7f0000000340)) ioctl$VHOST_VDPA_GET_VRING_NUM(r6, 0x8002af76, &(0x7f0000000380)) setsockopt$SO_J1939_SEND_PRIO(r3, 0x6b, 0x3, &(0x7f00000003c0), 0x4) r8 = openat$pfkey(0xffffff9c, &(0x7f0000000400), 0x800, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS32(r8, 0xc0245720, &(0x7f0000000440)={0x1}) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000002600)=0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r4, 0xc018937b, &(0x7f00000027c0)={{0x1, 0x1, 0x18, r0, {0xee01, 0xee00}}, './file0\x00'}) getsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f0000002880)={{{@in=@local, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@mcast2}}, &(0x7f0000002980)=0xe4) stat(&(0x7f00000029c0)='./file0\x00', &(0x7f0000002a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000002bc0)='./file0\x00', &(0x7f0000002c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000002c80)='./file0\x00', &(0x7f0000002cc0)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000002d40)={0x0, 0x0}, &(0x7f0000002d80)=0xc) r16 = getegid() ioctl$NS_GET_OWNER_UID(r8, 0xb704, &(0x7f0000002dc0)=0x0) fstat(r1, &(0x7f0000002e00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r19 = getuid() syz_fuse_handle_req(r4, &(0x7f0000000480)="d3424a6b1a7c3e1cffa405e7fea73c852fd5a3b9c83ae32bfd4ac2d88f9115a824b5b14e4ed4c0a709d0fdb203105b25c66901bf2937cc5e6b374b45b549a069fa933b24bdd25fb732886454a5692f00cb6b57df9f9a6e7aa63b292fa07a498ab46548e4cc7381d9f27738f48f152f92047e27a32c071ace72f66e4f3bb01e26d0f1eb8445ffcc62f733cca789a5cdba15273af4f25ebdf56430449c76c43c6bc1013db31b8a91ec880c2b291b5e7d82581c9ed15c4b5a56b8593ee30438e5a74f8a70f390cc50ed73e841afff3b1c6b8c3b50984918d366736924b859c0bb55087e44e043571c8a71268badb2621d57c9d259cd17f3c99bf86f2496f9cab1be8eb2d3c114bea34afa7f52454d93d86df660c559b80b4e183518a25f062bf6bd3c7be077fbadd35de4fd5dda217eb4218c84eab53b06290a19f49fa628946180df24169c9932b71765121ea4288b962771a42dbb37ad94a802d60f21099a55d812fb59ce2373540b32c04825d439431e76deaa244c5ddfcac0360f7965364e1e892cfb1d71c5819f741f655eb3b63f8bdd360dd350b5774b86f65f2badbd325e1ce0caa25964b85e46109d1126952383279ae4ddd1c166e9a92733a79ecff526357d57b8aa3545acf5a4a92d716d01378b3035ff7bf457764c38f6c458da6da76cefd0850822f8ea0c53a21123c0f69601bb0e15e056fefc2efbbd1b5f18472709975c6a5f3e00a8ac87c7f741809d46d58ce3137a1b971f1a32b575fa87fb4a54ec8b11a6110d94641a891c97745ca7ea31dd480e7423bda1017328fad678734ddfbf719edae562fb7c852e36c62fc5d17e7b839987e866c0364b22a89d6e6a6abc10483776ca934c07be0ec9461f84adb6b52208069e5256f598d8b6eae267d3272df9f80d05e89abde91389c15c14878beb24543e23ecd6c0641aa754203a1e185acaa5b06caad3ea4a0495ddbefec974bf6a3dc8df5e9a6f3f3d8c701fd7e86f7fb151539b5861e21cc2bdcd62faa45c2184c0c403b7a363f4e4dd8f94d12976b47bfe48564ea918e07f6a269583cea7e3c3e3c6175c1a51f018d5602bb8973f6e2a9f714387095924d879dc9a9f43a869b8b5b995b801ea6bcb2f2727ecd1468074e0ca080b075be1b4b117f28885a584d52a797881fe88d2e2dc53c964252f1220a02bfe95e32caf268b182d4146a7acd6646876ddd21f127ff9e785be78a4408f413dd2e2e5127b99b5810b64cb2f16c853868effacef66c439bf035cff8e2db0cfdc648350b4cfba566a0b6fecbedd69ff22181fdd396411a8eb423c399d2785570c5589fef4648da53e7c92df4cd3917739586e80e30c549feab5d0f92342e3dd92d3111ee3941477cf8e95b69293cc0f301e5b8f715b81f90beceb27a07a9249416378d608c1a79b1d1b7207364905307693dd4408438d3c9c84b163994a3c279b255e6db86317aef8e352537c1d40ec055becaf3c01c3a86f03d01d9a6113eefb668a5dab18dc39305eb21c0645fb6837415444fe203a8f1fbe5e77552a8df7226385d5a09af6a2d3e9cb203344f2779e272c90a1470e3ed33f37d8a3110c1564112365991754ff962d5a4a5bb7baabd95cec159b887620b1cb5f515640bcd9611bf31a350cfe399566ed8edcd63b24f3990585c4dcca90cede594eab2f7c44e585149b62689bd8d7b113bbb421c10d407216bf4a160d2a13a9e64eef940b0841cda5753ff1d59abf6e6387af464bea7ce52a06b7bb4aff5a3762bde48c8cd91418b8197884e542551f747612c4cfd06d2e39393b2269fcbb58398a6200efb59c2067c88f0dd86afb9a4e262303870406fabfcdacf5ef87cdd0cbc2d22d6e94875dbcceccfebe910a69a82d3e1e21d7f2b209ed5190f66cce028829d1814343bf86ea6c247e8a6124a28d055a190e540f7f7ed6c5b96f56ce8c800b8e5ee363ba263086b47ac1ebd97283e0415cc7c5aa1d130ed065477b2782ffa0cbcf9785b3e56447f64f3a8d123a5005d62c6a3551e21a7bed18e95103fa8c1ca0fd766723887c3235ea67e2be0f2500fa8293e5bac25734aee262825d9629b7fb4463fedf2257293be3cc8e3578741664b7e89297417a95dc042a959d1c6ef1b45f15274e0036ded67111b50ac923209b4d8baff133f6f27d892cd1849158129e981cdb26f62c2d9dc8c8a7784d37865ef478290e0ba14ad4e3adc220cb94726806e11ad81818a361c16dbe1663865e569e3c9fb2e3ec2d2a4ef7c97df69048a7d168633a6b8911aff92b1387400abe73d7b2b9d79ccbf3b0b2bb27e5d606264f9740aa7a6dec3639dc68683921dffc28cf4ae8bea7d56d87782330eea9901d41544ac22c347bbe26ad9e78dad99e05e6c638cfc60829626731df594c71b2a62f64238d99d6b7ba15e3bbbc3bce1abf609274158e50181e7a43293a22f6e8c8120797f8f6de28f14b02e1f8b0b8e1856eb6ef3d5bcb37f3b2b2047e5a95c9cb56219149ad8a5cb0a1db3dc0fc8aaa4bc8f08409c05385fabba102e0946318cf4f1891703405cf585b19620483984c0d335fa55c4e3cb67744aaf2dc505f9c261b6afcbaf7b481e03baa7d6c31845243b8b4f05e00031fcf5eacc0c7f678206aeae37851b86bfc64b210904de9f16da30d77a2d59173a4c53418f5e76bc1cb6cbf628c4fda3e655a00891cb6c134fd2929d79c47a43a3b992c2863353905e3b22a9764d2467b75a26b46092e9a96d6cf3c632c3d753522cc4f1c196d7a63037087290af756b1754ee1f29204fcd9760dbf3eb8330c17ad7c74853a8949bcdaa91e44f62f3bbfd7cd993b2f02ada5d62a24d9cc411609ecf856937e087bb058ac54063ba322bf122e43ec4016b9aa9aa0f7c156e32bc70549c88a2d40ba88a74a483e57a7913d86bae52384c1efb9641351e3fd4c338c3a7d3abd9cbf9bac4f4851965e857fa665f25b11392854c47501dd03fc93fc71495ee466401b889f7607a3cedc3f5e36e2f6417062cb911999bcb876926a85ae5e7aeedfe115df41040c3c2953c8cbbea1418dfcc06e34a2482a60388c9b5a7b893a3eae4b3d8156a665300bf27560bcdd9d5a99e77998bf633951663616b532a9a0f0631087242bdf7ea0a4c666a8ff47d1c57a30a1ad842276473ae3e29421a425009c1a78db02ffc6a400e833a0f94ee659dcee74aa28b90379682cb5d6112c5f45bc6c1eac3ec3187f6f9cf97691c813a5f50b59e21ab53f738dd502ab4c227a6022458c876b50ca041b4eefb9e3821b2d8447680fd54807ddbd53e6f8a95c00fe0f5ea6b7d881761ae9dcf32b5b7d85801cb64c777c32bdfe40d3b950b79917a45f8f93bd1e90cc226e4da91d5821ea3922263da533eb3ef827d79c92e4319d984450f62fa9e9e9d44ae6c7705406ba9350e464ad2b4f376be286a1048235e5ec80d811cdd1c963945df3834fdc5cc4e5bb1a7dc2d49a5e1a2169f278808c3b491b61ddf1b92a4d1dc9b8ee82b2975bb081b1f97992cfecf6437957da4cc47ceabb619c6379f1e1d9d489bd21f97ca5ae1d52dcacd82b299d41478c6ddc927a0ebc1227798edae39add3a73304cb398a54fea06b5820dff7babac122e985d1730bf6286bce68a3d697e842cb3209a036df3264266fe781008bd4e5b076760f7a1670d9025e97e664bd3ec8fa6cf77f53b2e110b4b8e02a650e72bf2fd1854d319fe2431fcd02887c43ae3f67863e6dc03e575483d58be878e7851797123a1ea756662e1c64d7d337d50cf68da189f17c01c0540af93bd3bccd1971a53aad2417730107f11fd74a0cec9670548697490f625a82dd643d2a66791f1eff5993a402b25d6a31d39dc3d2cf660c7295a76ceabace6f3f78b76e3c3af343d9de12d863b9296903b7d9e0b16490b45157c8e5278ab29963eaba3521a666fe439aa33ba53fa5bd432523d5c3490b7a8494b79ed14f536abe7dcc82b4ad1f4efa5d9eda4fcb5d60f319401aea442125412756a23926060100ade5cd1774c60184d58469b9f876b024466c41d10f1f0ef54554db9d38fdbb8b9dfecf7cf7889c3a1d32ebdb1a84dbe4a0ea68115ede0a283c62bf9c82457074bb20f9b149a3d8f429bde46fe4972fdb48e22c3a2dd680b5cf43fce6ebdcf72b60f545bf0d136c71236199e261ec2bd18300ad724a8c5c376d030525d2e7c87fb43ba72e1a282b7bde18119ef86b9664b6610f415b43a0f481783736351637cd60878d4640393f3ac5bf80e12fca2169de0744a2eaa77a492a49bc1d71ff644bb8ab50aed9ceb0fc84b627ad351bcf767080f38b00de9bfc0956f18766e781da8ccb1587d9d822f28d687c30875d32865122ae5f503c076a23d359d25adaf50a10181f7f11d99eca0d7f155dff4fcc389fcc036a5010a8112c9fdf5b9f26317da7090625e587d5dcbe7d05b76e6b7554694c287d509ebb910556cd30c9bae0241580e222cc1ff0e3ae1dd5bb82aaa14edd5f0781998c6f1b0dd9e4c39258bd8fb2c9e2b80f0387072bdebe1367c4df45c3575a02fdd61dd978a2b54cc382a0e4b1ad75bbe509ac2dbcaa34950825f795824cb7eadc498fb1ba3bd84fe65cff7be0aed9e6d672dac33e901f9dac53329c9543cf524346c6d0b4b72b82b183c51a95a1c401bc5c5ca4e64e513f1e79f08422f2b83d354a233793cdb59a07b7f923b39ae77c9a1fddf58fbd69a3e4d1195578509dd4ede65ab8a9fa4326fef69cab3dbf5ee9529405d58cfc4712fbc3debcd400c9741fd63af682f296a00098a3b6f2d4eda9c15e6432c458451f014c6966a18ccc4f21500c7a944d4e551ac919e310ec00d58c9f99193fdf96889e3abe0974207b2643e151184a50570bc193bb5f24aa767c57ab11349f7783ed3a527d03fc049ae1c70e08dc6c076bf71113407d3492c4519b8a002b0c547ddfd19f6741df29bec489ef21e8806c36b6da88aaa2c67bfdf18ea54db96f9e9bcce70638385e0cd907bd6738aa072b870b6a938e9381eaf2cc75bfc7fa425ea98d7edd55482b43141e9e1883b9a7fb643416d6f9b4cfca20c25560c5f15fa55cbdf59e2cbf84b2ec42c04b045f6db6e39eca1c9e89ecf596ee1e2d1120682adb72f110606ab272523990cced201f3909b902601f976824afa342d0d2bfacaa9fcbcbc01f2437f65fee886d4a7d89b5efabf68326f621b704a627545289e3007dd5b24d4f7b05cf3b51018409bcfc89a1e1639334ce1183af8d0fe2bb6e876fae464b9ddc5b2b2804d69cffbc3dd47ec313037bd0240cf23a8079aceab74961beda528677a9b96d0014e0471b1571c995379ab1c37cc2b15c8ad48ad2d0066627c9618bc78801ce0d978dfdb04b8354523e25a495fb0240b4d80b446e6478c53efec049e941eaebfde0a28399309d07ab7d101fc216e590ff09184a363053ec807c6a0e7c7bf177b50d1bd522702d27f5430af50a0d5e6ea9c2b5ab0e42ff7d548ff1fcb933ddac47ea24e4fdd5e793bd9d06b63af60c76841e95ed61d37e6078183302f4329a1051e4ed6608668d5234a783c4e3c2cf2f62fa0e5652ca2af369c47d1fe89f46cf9bf28c821d0c7436376cdc4ef87d2a64a89df5175986a9339cada5324008deeb07bf633ad94e512e1faedeff54df2008d1d624f1328096298dc46f6cd271a0d9315be076177ef487c6d9937c798895ba429cb489604ae51852336248cb37ad3de7907c25932d305d61f96d2cdafc22884a5532af225fb317319c80a2a881ffad328bd61420ca6be4bc501200b72dd4bf3d897ab2be95850ad77d0c7761a140a45578f84a22c6ac9aa36af514b142e7ff6943a2598e921ec8f4ec59332d681a37665729ee45157e7688bf2370903b2ed078cda9ecdf402481212c6a6bfe56492085122729a719ced2a48eff2cb7b40ccad2b755b357581bea103a35a0747885ab62333512a5b0811e8223e11ba9d584edbdba1f9da285375fa9288d3ca9baef8c9e395ad24768cfa2fcaf1db4d9a83d7e8e4a9035fa75e8f0f9eb7eee139cc58ff75a336f6ecc3675c5744786630438a58f68a042fffa7f726d7926d2e77f47c11b5420be465cd496f9b5c69716eccb4ccae77327942a9cdea3bd873977f614375ee754feed06ce863a451850c6b5842a2dac28c0cb6a3c2abf1ed689ba709ae4d42dd085c8306f2a42623edff434629d2f39f3cb2a393cd46404e6cc9cc310f586f73162a511e670f72a80ff2e2fb8df0f71ab8842cddabd7548f90cc27b272cc12b41332d7c47cffe314c3c72e3f73829ad5c6d69faf64f5f1e9d6ba8b92bb1c7ee8c78338480012d1b2f4fbdc2d72f7e27de4355953dd5ae74209a5f7781dcd7e29f1d638a18e4ecbfdeb832b621639b3426ccb5b5d947bb2fb201e763c88f537bb0989c77d82d988da062b0d2bc387a05b0863999bf904a42943015a9d3d4980bfacd4f7420a6df39b82f5011d3f06f106b8a44ef807134aee816afe5c7d30c3e225c65f558bc8d82acec08980ef60d73d8877f73204c4a99b1fad2679eb5861e12303fbff1f2f4428b4002403aed7188a740d0ad48b15da4bafa1791724a2d9b6f96f85a96aecdc131c1b8cf4b6b4ab99663c26839281d87cd39812dcceb5ae585cc52beb2970d8759b03a973a54b63bddffd8a2772f3d0aa8adddb3885cb111f78f34069599ba54235ebe90a895057a481b0a524d84ed865e5cb7c7fa3d8698062358c41bb694c1f4b0d57e47fa9a71df7e5d881b3a11571bdd1e7bd6b685c25dcde674988dc6ba5c79b5e42e9b46b92f17f0b861e867de2e14db368e2e6baf185636baa831c42b5e3e05aa97818ea7a99d4276d3d9cf5c6651da3f9e7239c9f2b2f304927d204263c1cedd54461d9c642cd25ee65297fc70b078de28064040e34743a5f8f5c09220150f1b1d1e2e3651123aaf326f6c2b2572cf5a1146319246ed9db5444277244bc1d6d2ee3d21a0c2f3c195393a5c54faa9c7dcf69a429fa8737a80ee636d25d893ff0557fa9773a641368ed961a5d4011420c58c0e8286c1963037ccb9816bdaacd23040b786a4ed11b870eaf9ae9110b011cf862f8c46dced3cf0c334af7e758c8c60a709af321058f13371810f8ddeb73bfcab0925ebb4fcea9558096b5d938eb105a40063d23fb7c8dcc3f79c6425f522e1a5e689d321529c80c99f03871debe7a265fc4649f26dfb749046b5e4b5bdb587776f642dc51d275b6bb089ae0499080ba339b65096a868cc4c5dacd2545b25876cb7b1de3500a4aa8c8ed0485f31933516920bf0c72ce0f346433864c245ced2efb52a18f3a0966b560199144a7584a35a7066ad2c8bdd2e3678e16f3afba79eb5ea6b540d28e92a41b6cd09310341d6c3041e2b1727f6aadd290d1f20bb0b9dcaee08a9b3e6013881ddb4211413645ba30d9739c7a24378f91a6e3c55e23e448a7e52e64be56c4f1fa8bad052d97f6d2ac0e922baaf456618e0bc7cb7f6ba595bf1ff250e7317a3ca7f18694e195e66515134f3eb8d9f51b4850413fb7142495255125b5163ce5e767e4bbfc2d485db86bb60d1ee3ba4da15b71561e3d5a3e1efec945c6d5b32173b2518aaa59b3bfd8211e1439c12a532957d17957b1304eec238fc141e7d2d015a1307f95c0a3f5422a360e0e635b90692e45d0e6d3a682153724124570de789351a6e96a2c7e056647e6cd3b646276a35156dff7614b51315844a59501f907fab56cb5520f9c8fbe4d386df70df87df7ce9b33db9a9d169dd034501626acdef90adcb2d242fc618abe92469cbee853397edf8e993d37d75a1e4afde17655787cb603eb9fe3cc51c81bc2f25da1d7a95897c0db57a2aa675f77d609196252033c986169510a70c0243e375a57634f1e1156053198d6ededa74d3e8069a1bc56c1b45e0eec0cda19300e90a0f7d19d4b958151f6c7fe4a40c0b13024dcf2b3c781eb5259afe60365afb8f2eb4b56e8eb3a83ab2e761d187d706a7fd963086b7fd4c00caab243c28b8ef260b2bcbd759e0f8e6872dee8efbe54abc76924372c67295a67b7aea44dcde2d99cc4392527277dfeb0f2444585f67c5d8ac21e0ed91832acec372988e20684cdbd4d0f1c8dbeccd48391fa0468135b3a6a1bbd0158a045e4d22127f5cdee80be9040c2e435e1432d9128d72f2f2b5cdd602280a5259eb453102435f1876c7f60881cc69f4939e00accf79a5a5db7b06fd003c4ec337bc5c46753ec8cbf1797a159877b98cd00d5cd69537501c34c6f05c9d298b877d73bed991772ce1ca81e80c0dafa8dd94be86898246c0ff122c1163cf55f4d958f46212f57235ff41decce435bced14815568db31ed91a8b9824ceab42d27cd025932b0a3f0f0b037e9284b9be913dfe86c724014c61c76858b1e01816c9f9a35c06f34a64a02645a72a0ab8e64ddf85cdc29ab085f409e36bccab1f6399ec469adace895a4cf7055d179a71c38348610270042644e85ad6ce29148eff34e1eda35ffd5318529efaab3d9248787f1992c1cf8ab4b9f4cd78e326a5d0d6b1a15dc832ea17fb555635967342aa9b86e21cc8f00a3208868143b9c4c3051e1dbfa643ee4cbf1f0737ea1b04e8dcc810bd6a2a4961f843ee89a25de8ccf270ae2877c70bb27f3c9672634e0a014c6591810bb1561b7b3255a9a576c7687ea25150065502ec5438073961b93e84089a9636f7ee2706fd87f9cec65494c2d85cbe21d485adb7f7042849dbb0d65c2803a6229ae27b985da216fdf9abccd004225f4d93bf3b2633ed593ce0986642810fe8674438de58ea1262ea6606595a2e95d800a606b815f45f6cf76e9224be976ab982d8811e85fdff77657475c79774d4cbeec836c27caed987abe665c189c74bbcaa80fc31c8703200415c4e5605fb6cb0ab80bb1b3642635e429b5abdc36909fbd8c8dac7e2dd5b40da4cb1f3fd04c9a95ffb4f75dc415c906887c8878211153aab7d731772deba246f4b45556e049aca685daf0f1c831f39bc78231b780db455e309baf49cda576cc69ec02c6a23cc0bb61fc004673fb124dd1525d64f8445429a89e65fcfe3ef9265f012290e87cc87c9b2bdb28f5ae913b9e55ef5ee4a53f58b21aa52170b6c05ec954ab69f2ec0bb1dfad6cf15b0cf7132a6172c8dabfeb038997b28d44a9ffd4a5fa2aea337e05d7df78b590daf0d71570853d59cb6fd662116fd946b33cd7af8909360d00069e68aa76bad29c50d0b7be307f981550512ca758f5bc4c910a0ef039745d9a090455f0687f07c2c105846e987590fec494b35784356ccbc366c41ae6706dc2602f64273a2a9503c29534537644c65c188110b626b539b202ab66736b0dc158146f7284edd716b8a30581e1b88d79ee783b35c2a2c3ac4d578edb1a09fc8eb4ebe55b2ac3ca50b9730ada15c1102d706a9af287f0fca376fc5326897dae9dc6ea104e9dd77331feeeb277c80f5fb05d6988af1f4fb1fabd24972b616cd2ae75ef87b6c532c5cd253a1df683ba04c0205c042c7ce50f24b48057917a86d80ab30fc4eb68d9b687d0c52d95f049d26b63ecd16556b1e915695a9db37ab9c16adf8741e3aa6c3b48b705c1755a867ef89d4a68b816c23040acbdb0b0527b0d7fea3b553a58ab1b68eb2224d81886ad9c6e988f88a98e4dfda8e8ffbbe4c43e188a4c44af23c30594a2b282edad4d3259d46df84cec39228a64fb48ec8bbfffcc13a8d77da4125e80275a8d69dccf73aa3603df0782480a5e19d8b72b56d718ed30a972e341746637c2733bb880c5d6232f54a971e8d731e8267d80af953500e07a0af09ab77f4eb0c93ff2eba301e5cfaf1a94c825cf5e911da125a72c2d664ffa0a101e8a10418a2ca0c06ebd93245379cb3dc852747c93629bf677d29670b6fcf11766187d3b732fc6de28e3c7fbd04f07297d79ded6b4b6c9fb7ca712dacae83c597c8131eadec3fa862c195a08a6001ee0040e4f8dac0f87549ad9f5e071e4a8fc485573c38b4d93c0eb11d533d83fc54eeec21b285012db06cad23370d11a74606ef15f2f28fe8ffe6031221df97850be560efd09c8d18a621bf6d34a425072d692c3970bbedb35b3072cfb48052c64c57ec699ce9b1131597d93412d1db34a59df6ff15fcd2f2f6d15c3cc6817a1c56cda6786e1220b3937569ef13398834eb8c0ac136c45babbb1d425e9fb5d090b2bb6b17ca900c374a67646b0c33dd40e8d19b5fce617442323176fb99744b8353fd2b14dbc9ee1bb8bda68ba21d94f5f26589c1cc536067d661c38e2b3f11197e39f571510a26f82fd57969265b2ba6f45b754fd00d5a36931c38bf6d3383460db68cc432c98035b25f798ec088e8597d5a536c40ca2e61d7de854dec610cde8c5792d64a8780b95353b71f9dfe6d804b0b7b8889309253070f714a4aed4bdfbd9c720da6498739c33791a028ced80ca3458c23a45b0ce92ffbc9265cbe78cc92aed64f3e7b87c9bf605722a7b224071af1e19d202a9cd4609620430ed9ba642c3036dbdfef8b61edb41e9f1d4e263f67480ad7d1b93e49e16e493d15b08068b9b9509ce9dc14103a83d9425a60ef5d078cfc90ffcd05b40de7335ca5b0941b3060f51b05b0feffb4e79ee8896d7fe3b28715727858f122d641ca03edd413df8c11f2fde04ebb3872d0b4139d33dfc0222ab1ea5d5e9d2626e90598c5204dd4f377b86b38e2e76d9105de0f236cd32447f55791ddd5948c3b9e38abd4f7259c3502829b3677f4eec85407ed585b301e54eede658e7c83ed9ce29036dca2eedf1722a869f4d59c310bd1819ef6f871107786af91ba9289309b84cd322b88d0c60de32a84fe64538233dc9b282d7a08089018061287f255c4d7707daa5f2aaf78f60713942321584c400dba57511f80016a1c4528ce6fd78a48f1c73f7eb5d33225c738da745ed1e46aa0db7ee13bb8add2e5f3c158d7906f41ac538ec2ac273bb4f3f6997ab1e01b4ce61c452d81e53ab927600a17d7a2f5d111236569048ad5b159008385980b84973f31dd3c7609fe6b97d228c13cfa7656b52e54c96dc4917b8e417b7b6995e88d8a5412cca36136a58ed786ccad241a9e070078846ff02721730a335acbf04d4ae129dac969ed1701bec44eef96dfca4f8ce3332c6974af574a5f3070b574b2c3164bb6920748e33b8d7278774e0c304e4490eed17a3e7fc7034be25b3ac83c8f15138dba14e24d2160506b4f2cc52b61b82a87893a59955f23ee509a08aca8178e901ba9ccaafa8372909dc4b5755f5bb15805459cff3e9ddd29eb7155a89bc2da91ef0e57c17777b1ebdc36814801e033c7383d5a074a5ba835313cdfa050cf98cefa40e7b4422d969116c4168541b16c2a2a1ee7e5126aef0340faa33990a9efb041b49043f11ebb30d13cc3e1edf3e17c468ebddec2b8bb34bb05d54c34fa2ff789b4b8cbcb1e781e4149801da2d0c1e6fac361be92979ba9dc37cbadd9013df08ae60353a2af37e5838b4bedc68e14e417afdc487928f4bca49dabcf519b03a081670b2a96d90835bc8e0edb9a9cc8ae11d7dfdc3c5af3f8ab5b5fbb9e352c54b45ba59e86751f9528b7efc703dac7c0e785e0b0174fa3fc86e3441b8e7f68a582e3ba59ad", 0x2000, &(0x7f0000003700)={&(0x7f0000002480)={0x50, 0xfffffffffffffff5, 0x0, {0x7, 0x2b, 0x9, 0x81002, 0x8, 0xf89b, 0x5, 0x7234, 0x0, 0x0, 0x4, 0xfffff000}}, &(0x7f0000002500)={0x18, 0x0, 0x9, {0x200}}, &(0x7f0000002540)={0x18, 0x0, 0x5, {0xfd}}, &(0x7f0000002580)={0x18, 0xfffffffffffffff5, 0x40, {0x6}}, &(0x7f00000025c0)={0x18, 0x7ffffffffffffffa, 0x80000001, {0x6}}, &(0x7f0000002640)={0x28, 0x0, 0x2, {{0x374, 0x5, 0x2, r9}}}, &(0x7f0000002680)={0x60, 0xffffffffffffffda, 0x1, {{0x9, 0x5, 0x4, 0xe1, 0x0, 0x7fffffff, 0x4, 0xfffffffd}}}, &(0x7f0000002700)={0x18, 0x0, 0x5, {0x7}}, &(0x7f0000002740)={0x1b, 0x0, 0x10000, {'/dev/vsock\x00'}}, &(0x7f0000002780)={0x20, 0x0, 0x1, {0x0, 0x14}}, &(0x7f0000002800)={0x78, 0xb, 0xfff, {0x0, 0x5, 0x0, {0x3, 0x9, 0x6, 0x7, 0x0, 0x6, 0x4, 0xb730, 0x2, 0xc000, 0x8, 0xffffffffffffffff, r10, 0x7, 0x2}}}, &(0x7f0000002a80)={0x90, 0x0, 0xfffffffffffffffe, {0x4, 0x1, 0x3, 0x5f96, 0x6, 0x81, {0x6, 0xe, 0xfffffffffffff426, 0x3, 0x6, 0x6, 0x5, 0xe35, 0x1, 0xc000, 0x7, r11, r12, 0x8}}}, &(0x7f0000002b40)={0x50, 0x0, 0x5, [{0x2, 0x4, 0x2, 0x7, '!('}, {0x4, 0x5ced, 0x4, 0x4, '{-$-'}]}, &(0x7f0000002f80)={0x3c8, 0x0, 0x4, [{{0x0, 0x3, 0x4, 0x6, 0x1, 0xc4b0, {0x4, 0x5, 0xfffffffffffffff7, 0xfffffffffffffffb, 0x3, 0xffffffffffffff01, 0x2, 0x1, 0x101, 0xc000, 0xcf, 0x0, r13, 0x1, 0x6}}, {0x0, 0x9, 0x2, 0x7, '&%'}}, {{0x1, 0x5, 0x7, 0x7f, 0x6, 0x9, {0x5, 0x401, 0x8000000000000001, 0x5, 0x89, 0x5, 0x9, 0x101, 0x1, 0x2000, 0x9, r14, 0xee01, 0x8, 0xf}}, {0x3, 0x0, 0x1, 0x2, '/'}}, {{0x0, 0x3, 0x7fffffff, 0xfffffffffffffffd, 0x100, 0x8, {0x1, 0x7fffffffffffffff, 0x101, 0x7a9da61b, 0x2, 0xbe, 0x100, 0x140, 0x6d4f, 0x1000, 0x80000000, r15, r16, 0x7, 0x7}}, {0x5, 0x7, 0x2, 0xc, '%}'}}, {{0x6, 0x0, 0x7, 0x100000000, 0x1, 0xffffff00, {0x0, 0x1, 0x552, 0x2000000020, 0x1, 0x401, 0xfff, 0x6844, 0x3fe, 0x2000, 0xc, r17, r18, 0x1}}, {0x5, 0x81, 0x3, 0x3a, '{,['}}, {{0x5, 0x3, 0x8c, 0xb, 0xfa3, 0x3, {0x6, 0xf, 0x7ff, 0x3, 0x4, 0x6, 0x1, 0x1, 0x3, 0x1000, 0x2, r19, 0x0, 0xffff, 0xfffffffc}}, {0x5, 0xffffffffffffffff, 0x0, 0x60b}}, {{0x3, 0x0, 0x10, 0x3, 0x9, 0xfffffff7, {0x0, 0x2af4, 0xfffffffffffff001, 0xe, 0x7, 0x7, 0x5, 0xd91, 0x826d, 0x6000, 0x6, 0x0, 0x0, 0xc5, 0xfff}}, {0x3, 0xfffffffffffffff7, 0x1, 0x84, ']'}}]}, &(0x7f00000034c0)={0xa0, 0xffffffffffffffda, 0x2, {{0x5, 0x3, 0x7, 0xf, 0x1000000, 0x7fffffff, {0x5, 0x4, 0x92, 0x5, 0x1, 0x4, 0x0, 0x80000001, 0x9, 0xa000, 0x2, 0x0, 0x0, 0x100, 0x3}}}}, &(0x7f0000003580)={0x20, 0x0, 0x939, {0x9, 0x4, 0x5, 0x1}}, &(0x7f00000035c0)={0x130, 0xfffffffffffffff5, 0x9, {0x5, 0xbd, 0x0, '\x00', {0x10, 0x0, 0x9, 0xe, 0xffffffffffffffff, 0x0, 0x2000, '\x00', 0x1, 0x1, 0x1, 0x7fffffffffffffff, {0x3, 0x3c98cce9}, {0x3}, {0xffffffffffffff85, 0x9}, {0xf, 0x6e}, 0x2, 0x76aa, 0xfffffff2, 0x1}}}}) 28.510613509s ago: executing program 4 (id=380): syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x18, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xbf, 0x2, 0x1, 0x6, 0x50, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0xb3a9}, {0xd, 0x24, 0xf, 0x1, 0x2, 0x3, 0xff, 0x6}, {0x6, 0x24, 0x1a, 0xc, 0x14}, [@network_terminal={0x7, 0x24, 0xa, 0x5, 0x9, 0x5, 0x58}, @mbim={0xc, 0x24, 0x1b, 0x4, 0x2, 0xa9, 0xc, 0x9, 0x3}, @acm={0x4, 0x24, 0x2, 0x2}, @acm={0x5c}, @acm={0x4, 0x24, 0x2, 0x2}, @mdlm_detail={0x44, 0x24, 0x13, 0x80, "ae0d62dced1e43f3661806f2f73f4b9c36d86a093869c2cd3c8b264833bfbdcb10547b267c48acfc0657fbf61a64cad281fd82d136aed1be294c5ca5efb29cda"}]}, {{0x9, 0x5, 0x81, 0x3, 0x20, 0xe, 0xc}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x20, 0x6, 0xb, 0x3}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x9, 0x3, 0x7}}}}}}}]}}, 0x0) syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0) r0 = syz_open_dev$sg(&(0x7f0000000440), 0x8, 0x40000) ioctl$SG_GET_COMMAND_Q(r0, 0x2270, &(0x7f0000000480)) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fdf, 0x1}, 0x48) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$MAP_CREATE_TAIL_CALL(0x9, &(0x7f0000000380), 0xc) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x400, 0x0, 0x32}, 0x9c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0x0, 0x0, @empty, 0x6}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c) r3 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r3, 0x8947, &(0x7f0000000000)={'bond0\x00', 0x5}) sendto$inet6(r2, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) shutdown(r2, 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0) r4 = syz_genetlink_get_family_id$gtp(&(0x7f0000000200), r1) sendmsg$GTP_CMD_ECHOREQ(r1, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x3c, r4, 0x10, 0x70bd25, 0x25dfdbfd, {}, [@GTPA_VERSION={0x8}, @GTPA_PEER_ADDRESS={0x8, 0x4, @local}, @GTPA_PEER_ADDRESS={0x8, 0x4, @empty}, @GTPA_LINK={0x8}, @GTPA_PEER_ADDRESS={0x8, 0x4, @dev={0xac, 0x14, 0x14, 0x24}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x1) socket(0xa, 0x3, 0x3a) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x10) mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r5, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r5, 0x0) r6 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r6, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendmmsg$inet(r6, &(0x7f0000000040)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000240)="d2a7b3", 0x3}, {&(0x7f0000000400)="e06bd3f745", 0xfcfd}, {&(0x7f0000000500)="86e9a0d8", 0x4}, {&(0x7f00000005c0)="25062456", 0x4}], 0x4}}], 0x1, 0x4000800) 0s ago: executing program 32 (id=372): socket$inet_sctp(0x2, 0x1, 0x84) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0) socket(0xa, 0x3, 0x3a) r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) fcntl$lock(r1, 0x25, &(0x7f0000000080)) close(0x3) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000040)={0x0, 0xfff, 0x2, {0x9, @pix_mp={0xf, 0x5be7, 0x30385056, 0x1, 0xb, [{0x80000004, 0x7}, {0x7ff, 0xb325}, {0x10000001, 0x9}, {0x63d, 0x7fd}, {0x8, 0xb}, {0x4, 0x489aa92e}, {0x5}, {0xff, 0x7}], 0x1, 0xc, 0x2, 0x0, 0x3}}, 0xfffffffd}) bind$alg(0xffffffffffffffff, 0x0, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2) r5 = dup(r4) ioctl$USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f0000000440)={0x80, 0x6, 0xf00, 0x1, 0x0, 0x5, 0x0}) kernel console output (not intermixed with test programs): 49][ T6232] dump_stack_lvl+0x189/0x250 [ 122.249683][ T6232] ? __pfx____ratelimit+0x10/0x10 [ 122.249709][ T6232] ? __pfx_dump_stack_lvl+0x10/0x10 [ 122.249743][ T6232] ? __pfx__printk+0x10/0x10 [ 122.249773][ T6232] ? __pfx___might_resched+0x10/0x10 [ 122.249806][ T6232] ? fs_reclaim_acquire+0x7d/0x100 [ 122.249841][ T6232] should_fail_ex+0x414/0x560 [ 122.249868][ T6232] should_failslab+0xa8/0x100 [ 122.249899][ T6232] __kmalloc_noprof+0xcb/0x4f0 [ 122.249925][ T6232] ? tomoyo_encode+0x28b/0x550 [ 122.249958][ T6232] tomoyo_encode+0x28b/0x550 [ 122.249992][ T6232] tomoyo_realpath_from_path+0x58d/0x5d0 [ 122.250034][ T6232] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 122.250059][ T6232] tomoyo_path_number_perm+0x1e8/0x5a0 [ 122.250087][ T6232] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 122.250129][ T6232] ? __lock_acquire+0xab9/0xd20 [ 122.250179][ T6232] ? __fget_files+0x2a/0x420 [ 122.250214][ T6232] ? __fget_files+0x3a0/0x420 [ 122.250242][ T6232] ? __fget_files+0x2a/0x420 [ 122.250275][ T6232] security_file_ioctl_compat+0xcb/0x2d0 [ 122.250302][ T6232] __ia32_compat_sys_ioctl+0x128/0x840 [ 122.250332][ T6232] ? __pfx___ia32_compat_sys_ioctl+0x10/0x10 [ 122.250358][ T6232] ? __fget_files+0x3a0/0x420 [ 122.250395][ T6232] ? fput+0xa0/0xd0 [ 122.250416][ T6232] ? ksys_write+0x22a/0x250 [ 122.250451][ T6232] ? lockdep_hardirqs_on+0x9c/0x150 [ 122.250479][ T6232] __do_fast_syscall_32+0xb6/0x2b0 [ 122.250525][ T6232] ? lockdep_hardirqs_on+0x9c/0x150 [ 122.250553][ T6232] do_fast_syscall_32+0x34/0x80 [ 122.250581][ T6232] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 122.250606][ T6232] RIP: 0023:0xf7f28539 [ 122.250630][ T6232] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 122.250647][ T6232] RSP: 002b:00000000f544655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 122.250668][ T6232] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005101 [ 122.250681][ T6232] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 122.250692][ T6232] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 122.250703][ T6232] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 122.250715][ T6232] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 122.250751][ T6232] [ 122.250811][ T6232] ERROR: Out of memory at tomoyo_realpath_from_path. [ 122.549513][ T5858] vhci_hcd: vhci_device speed not set [ 122.623339][ T5858] usb 37-1: new full-speed USB device number 2 using vhci_hcd [ 122.949917][ T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 123.425111][ T9] usb 3-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 123.439313][ T9] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 123.452245][ T9] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 123.613618][ T9] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 123.650687][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.886932][ T6235] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 125.938566][ T6271] FAULT_INJECTION: forcing a failure. [ 125.938566][ T6271] name failslab, interval 1, probability 0, space 0, times 0 [ 125.951955][ T6271] CPU: 0 UID: 0 PID: 6271 Comm: syz.4.72 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 125.951983][ T6271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 125.951996][ T6271] Call Trace: [ 125.952005][ T6271] [ 125.952013][ T6271] dump_stack_lvl+0x189/0x250 [ 125.952044][ T6271] ? __pfx____ratelimit+0x10/0x10 [ 125.952069][ T6271] ? __pfx_dump_stack_lvl+0x10/0x10 [ 125.952094][ T6271] ? __pfx__printk+0x10/0x10 [ 125.952126][ T6271] ? __pfx___might_resched+0x10/0x10 [ 125.952151][ T6271] should_fail_ex+0x414/0x560 [ 125.952180][ T6271] should_failslab+0xa8/0x100 [ 125.952213][ T6271] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 125.952242][ T6271] ? __alloc_skb+0x112/0x2d0 [ 125.952273][ T6271] __alloc_skb+0x112/0x2d0 [ 125.952304][ T6271] netlink_sendmsg+0x5c6/0xb30 [ 125.952341][ T6271] ? __pfx_netlink_sendmsg+0x10/0x10 [ 125.952371][ T6271] ? __import_iovec+0x5d4/0x7f0 [ 125.952388][ T6271] ? aa_sock_msg_perm+0xf1/0x1d0 [ 125.952419][ T6271] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 125.952442][ T6271] ? __pfx_netlink_sendmsg+0x10/0x10 [ 125.952478][ T6271] __sock_sendmsg+0x219/0x270 [ 125.952504][ T6271] ____sys_sendmsg+0x505/0x830 [ 125.952541][ T6271] ? __pfx_____sys_sendmsg+0x10/0x10 [ 125.952590][ T6271] ___sys_sendmsg+0x21f/0x2a0 [ 125.952623][ T6271] ? __pfx____sys_sendmsg+0x10/0x10 [ 125.952692][ T6271] ? __fget_files+0x2a/0x420 [ 125.952723][ T6271] ? __fget_files+0x3a0/0x420 [ 125.952764][ T6271] __sys_sendmsg+0x164/0x220 [ 125.952797][ T6271] ? __pfx___sys_sendmsg+0x10/0x10 [ 125.952845][ T6271] ? lockdep_hardirqs_on+0x9c/0x150 [ 125.952874][ T6271] __do_fast_syscall_32+0xb6/0x2b0 [ 125.952902][ T6271] ? lockdep_hardirqs_on+0x9c/0x150 [ 125.952930][ T6271] do_fast_syscall_32+0x34/0x80 [ 125.952957][ T6271] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 125.952983][ T6271] RIP: 0023:0xf7f28539 [ 125.953001][ T6271] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 125.953018][ T6271] RSP: 002b:00000000f544655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 125.953040][ T6271] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000380 [ 125.953055][ T6271] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 125.953063][ T6271] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 125.953071][ T6271] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 125.953079][ T6271] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 125.953100][ T6271] [ 126.598455][ T6273] netlink: 12 bytes leftover after parsing attributes in process `syz.1.73'. [ 127.129016][ T6283] misc userio: Invalid payload size [ 127.473355][ T5864] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 128.137069][ T5864] usb 2-1: config index 0 descriptor too short (expected 23569, got 27) [ 128.176676][ T5864] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 128.300498][ T5864] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 128.407075][ T5864] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 128.415321][ T9] aiptek 3-1:17.0: Aiptek using 400 ms programming speed [ 128.452080][ T5864] usb 2-1: Manufacturer: syz [ 128.458480][ T6227] vhci_hcd: connection reset by peer [ 128.479531][ T1161] vhci_hcd: stop threads [ 128.485686][ T1161] vhci_hcd: release socket [ 128.493876][ T9] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input6 [ 128.513933][ T5864] usb 2-1: config 0 descriptor?? [ 128.524460][ T1161] vhci_hcd: disconnect device [ 128.553078][ T5858] vhci_hcd: vhci_device speed not set [ 128.774411][ C0] aiptek 3-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 128.784636][ T9] usb 3-1: USB disconnect, device number 2 [ 128.963039][ T5864] rc_core: IR keymap rc-hauppauge not found [ 128.980875][ T5864] Registered IR keymap rc-empty [ 129.054995][ T5864] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 129.119001][ T5864] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input7 [ 129.578602][ T5864] usb 2-1: USB disconnect, device number 3 [ 130.534474][ T6310] FAULT_INJECTION: forcing a failure. [ 130.534474][ T6310] name failslab, interval 1, probability 0, space 0, times 0 [ 130.637730][ T6310] CPU: 1 UID: 0 PID: 6310 Comm: syz.4.83 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 130.637760][ T6310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 130.637772][ T6310] Call Trace: [ 130.637779][ T6310] [ 130.637787][ T6310] dump_stack_lvl+0x189/0x250 [ 130.637823][ T6310] ? __pfx____ratelimit+0x10/0x10 [ 130.637847][ T6310] ? __pfx_dump_stack_lvl+0x10/0x10 [ 130.637870][ T6310] ? __pfx__printk+0x10/0x10 [ 130.637904][ T6310] ? __pfx___might_resched+0x10/0x10 [ 130.637927][ T6310] should_fail_ex+0x414/0x560 [ 130.637955][ T6310] should_failslab+0xa8/0x100 [ 130.637986][ T6310] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 130.638013][ T6310] ? __alloc_skb+0x112/0x2d0 [ 130.638043][ T6310] __alloc_skb+0x112/0x2d0 [ 130.638073][ T6310] netlink_sendmsg+0x5c6/0xb30 [ 130.638109][ T6310] ? __pfx_netlink_sendmsg+0x10/0x10 [ 130.638135][ T6310] ? __import_iovec+0x5d4/0x7f0 [ 130.638151][ T6310] ? aa_sock_msg_perm+0xf1/0x1d0 [ 130.638179][ T6310] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 130.638199][ T6310] ? __pfx_netlink_sendmsg+0x10/0x10 [ 130.638225][ T6310] __sock_sendmsg+0x219/0x270 [ 130.638250][ T6310] ____sys_sendmsg+0x505/0x830 [ 130.638285][ T6310] ? __pfx_____sys_sendmsg+0x10/0x10 [ 130.638328][ T6310] ___sys_sendmsg+0x21f/0x2a0 [ 130.638361][ T6310] ? __pfx____sys_sendmsg+0x10/0x10 [ 130.638428][ T6310] ? __fget_files+0x2a/0x420 [ 130.638458][ T6310] ? __fget_files+0x3a0/0x420 [ 130.638497][ T6310] __sys_sendmsg+0x164/0x220 [ 130.638527][ T6310] ? __pfx___sys_sendmsg+0x10/0x10 [ 130.638572][ T6310] ? lockdep_hardirqs_on+0x9c/0x150 [ 130.638599][ T6310] __do_fast_syscall_32+0xb6/0x2b0 [ 130.638626][ T6310] ? lockdep_hardirqs_on+0x9c/0x150 [ 130.638654][ T6310] do_fast_syscall_32+0x34/0x80 [ 130.638685][ T6310] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 130.638710][ T6310] RIP: 0023:0xf7f28539 [ 130.638727][ T6310] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 130.638743][ T6310] RSP: 002b:00000000f544655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 130.638763][ T6310] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000700 [ 130.638776][ T6310] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000 [ 130.638788][ T6310] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 130.638799][ T6310] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 130.638810][ T6310] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 130.638846][ T6310] [ 130.895108][ C1] vkms_vblank_simulate: vblank timer overrun [ 131.062151][ T6307] sctp: [Deprecated]: syz.3.82 (pid 6307) Use of int in maxseg socket option. [ 131.062151][ T6307] Use struct sctp_assoc_value instead [ 131.722725][ T6324] FAULT_INJECTION: forcing a failure. [ 131.722725][ T6324] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 131.937317][ T6324] CPU: 0 UID: 0 PID: 6324 Comm: syz.2.86 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 131.937345][ T6324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 131.937357][ T6324] Call Trace: [ 131.937365][ T6324] [ 131.937374][ T6324] dump_stack_lvl+0x189/0x250 [ 131.937402][ T6324] ? __pfx____ratelimit+0x10/0x10 [ 131.937426][ T6324] ? __pfx_dump_stack_lvl+0x10/0x10 [ 131.937450][ T6324] ? __pfx__printk+0x10/0x10 [ 131.937481][ T6324] ? __might_fault+0xb0/0x130 [ 131.937516][ T6324] should_fail_ex+0x414/0x560 [ 131.937543][ T6324] _copy_from_user+0x2d/0xb0 [ 131.937564][ T6324] move_addr_to_kernel+0x7e/0x160 [ 131.937587][ T6324] get_compat_msghdr+0x3bd/0x4a0 [ 131.937620][ T6324] ? __pfx_get_compat_msghdr+0x10/0x10 [ 131.937660][ T6324] ___sys_sendmsg+0x193/0x2a0 [ 131.937692][ T6324] ? __pfx____sys_sendmsg+0x10/0x10 [ 131.937757][ T6324] ? __fget_files+0x2a/0x420 [ 131.937787][ T6324] ? __fget_files+0x3a0/0x420 [ 131.937828][ T6324] __sys_sendmsg+0x164/0x220 [ 131.937860][ T6324] ? __pfx___sys_sendmsg+0x10/0x10 [ 131.937906][ T6324] ? lockdep_hardirqs_on+0x9c/0x150 [ 131.937935][ T6324] __do_fast_syscall_32+0xb6/0x2b0 [ 131.937962][ T6324] ? lockdep_hardirqs_on+0x9c/0x150 [ 131.937990][ T6324] do_fast_syscall_32+0x34/0x80 [ 131.938025][ T6324] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 131.938050][ T6324] RIP: 0023:0xf707e539 [ 131.938087][ T6324] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 131.938104][ T6324] RSP: 002b:00000000f546e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 131.938126][ T6324] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000 [ 131.938141][ T6324] RDX: 0000000020000884 RSI: 0000000000000000 RDI: 0000000000000000 [ 131.938153][ T6324] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 131.938166][ T6324] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 131.938178][ T6324] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 131.938209][ T6324] [ 132.150285][ C0] vkms_vblank_simulate: vblank timer overrun [ 132.478145][ T6335] syz.2.92 uses obsolete (PF_INET,SOCK_PACKET) [ 132.653428][ T927] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 132.823091][ T927] usb 1-1: Using ep0 maxpacket: 32 [ 132.840331][ T927] usb 1-1: config 0 has an invalid interface number: 20 but max is 0 [ 132.859168][ T927] usb 1-1: config 0 has no interface number 0 [ 132.888215][ T927] usb 1-1: New USB device found, idVendor=845d, idProduct=10b5, bcdDevice=3d.68 [ 132.903054][ T927] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 133.115285][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.165097][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.217554][ T927] usb 1-1: Product: syz [ 133.236932][ T927] usb 1-1: Manufacturer: syz [ 133.241684][ T927] usb 1-1: SerialNumber: syz [ 133.261438][ T927] usb 1-1: config 0 descriptor?? [ 133.281610][ T927] usb-storage 1-1:0.20: USB Mass Storage device detected [ 133.544898][ T6330] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 133.561867][ T6330] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 133.600939][ T5864] usb 1-1: USB disconnect, device number 3 [ 134.103855][ T6368] netlink: 16 bytes leftover after parsing attributes in process `syz.4.102'. [ 134.209812][ T6367] delete_channel: no stack [ 134.390376][ T6381] FAULT_INJECTION: forcing a failure. [ 134.390376][ T6381] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 134.453079][ T6381] CPU: 1 UID: 0 PID: 6381 Comm: syz.0.106 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 134.453109][ T6381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 134.453121][ T6381] Call Trace: [ 134.453130][ T6381] [ 134.453139][ T6381] dump_stack_lvl+0x189/0x250 [ 134.453169][ T6381] ? __pfx____ratelimit+0x10/0x10 [ 134.453195][ T6381] ? __pfx_dump_stack_lvl+0x10/0x10 [ 134.453221][ T6381] ? __pfx__printk+0x10/0x10 [ 134.453251][ T6381] ? __might_fault+0xb0/0x130 [ 134.453291][ T6381] should_fail_ex+0x414/0x560 [ 134.453320][ T6381] _copy_from_iter+0x1db/0x16f0 [ 134.453361][ T6381] ? policy_nodemask+0x27c/0x720 [ 134.453390][ T6381] ? __pfx__copy_from_iter+0x10/0x10 [ 134.453426][ T6381] ? set_page_refcounted+0xa0/0x1e0 [ 134.453456][ T6381] ? page_copy_sane+0x4e/0x280 [ 134.453487][ T6381] copy_page_from_iter+0xdd/0x170 [ 134.453522][ T6381] tun_get_user+0x1d7b/0x3e20 [ 134.453561][ T6381] ? tun_get_user+0x6f6/0x3e20 [ 134.453600][ T6381] ? aa_file_perm+0x44d/0x1550 [ 134.453631][ T6381] ? __pfx_tun_get_user+0x10/0x10 [ 134.453660][ T6381] ? _parse_integer_limit+0x1ae/0x1f0 [ 134.453696][ T6381] ? __lock_acquire+0xab9/0xd20 [ 134.453735][ T6381] ? ref_tracker_alloc+0x318/0x460 [ 134.453767][ T6381] ? __lock_acquire+0xab9/0xd20 [ 134.453800][ T6381] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 134.453832][ T6381] ? tun_get+0x1c/0x2f0 [ 134.453867][ T6381] ? tun_get+0x1c/0x2f0 [ 134.453895][ T6381] ? tun_get+0x1c/0x2f0 [ 134.453930][ T6381] tun_chr_write_iter+0x113/0x200 [ 134.453962][ T6381] vfs_write+0x548/0xa90 [ 134.453996][ T6381] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 134.454027][ T6381] ? __pfx_vfs_write+0x10/0x10 [ 134.454066][ T6381] ? __fget_files+0x2a/0x420 [ 134.454108][ T6381] ksys_write+0x145/0x250 [ 134.454139][ T6381] ? __pfx_ksys_write+0x10/0x10 [ 134.454172][ T6381] ? lockdep_hardirqs_on+0x9c/0x150 [ 134.454200][ T6381] __do_fast_syscall_32+0xb6/0x2b0 [ 134.454228][ T6381] ? lockdep_hardirqs_on+0x9c/0x150 [ 134.454258][ T6381] do_fast_syscall_32+0x34/0x80 [ 134.454285][ T6381] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 134.454310][ T6381] RIP: 0023:0xf70ae539 [ 134.454327][ T6381] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 134.454345][ T6381] RSP: 002b:00000000f549e520 EFLAGS: 00000206 ORIG_RAX: 0000000000000004 [ 134.454366][ T6381] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 00000000800014c0 [ 134.454380][ T6381] RDX: 000000000000004a RSI: 00000000f7414ff4 RDI: 0000000000000000 [ 134.454393][ T6381] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 134.454404][ T6381] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 134.454416][ T6381] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 134.454446][ T6381] [ 136.007293][ T6400] netlink: 1 bytes leftover after parsing attributes in process `syz.3.113'. [ 136.065727][ T6404] netlink: 'syz.2.114': attribute type 13 has an invalid length. [ 136.087585][ T6404] netlink: 152 bytes leftover after parsing attributes in process `syz.2.114'. [ 136.198340][ T6404] ·: renamed from syz_tun (while UP) [ 136.214936][ T6404] ·: refused to change device tx_queue_len [ 136.220878][ T6404] A link change request failed with some changes committed already. Interface · may have been left with an inconsistent configuration, please check. [ 136.244010][ T5864] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 136.281297][ T6401] syz.0.110 (6401): drop_caches: 2 [ 136.404130][ T5864] usb 2-1: Using ep0 maxpacket: 16 [ 136.433562][ T5864] usb 2-1: config 0 has an invalid descriptor of length 55, skipping remainder of the config [ 136.486235][ T5864] usb 2-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25 [ 136.515551][ T5864] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 136.541686][ T5864] usb 2-1: Product: syz [ 136.579781][ T5864] usb 2-1: Manufacturer: syz [ 136.585837][ T5864] usb 2-1: SerialNumber: syz [ 136.604803][ T5864] usb 2-1: config 0 descriptor?? [ 136.628342][ T6412] misc userio: Invalid payload size [ 136.634711][ T6412] misc userio: Invalid payload size [ 136.836938][ T5864] usb 2-1: USB disconnect, device number 4 [ 137.546119][ T5864] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 137.683885][ T5864] usb 1-1: device descriptor read/64, error -71 [ 137.789286][ T6430] binder: 6429:6430 unknown command 0 [ 137.800460][ T6430] binder: 6429:6430 ioctl c0306201 80000080 returned -22 [ 137.819700][ T6430] binder: 6429:6430 ioctl c0306201 80000280 returned -14 [ 137.900576][ T6432] misc userio: Invalid payload size [ 137.955312][ T5864] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 138.103184][ T5864] usb 1-1: device descriptor read/64, error -71 [ 138.213435][ T5864] usb usb1-port1: attempt power cycle [ 138.385589][ T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 138.548907][ T6449] vlan2: entered allmulticast mode [ 138.560811][ T6449] veth1: entered allmulticast mode [ 138.563250][ T5864] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 138.775841][ T5864] usb 1-1: device descriptor read/8, error -71 [ 138.813108][ T9] usb 4-1: device descriptor read/64, error -71 [ 139.033758][ T5864] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 139.056675][ T9] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 139.069860][ T6452] FAULT_INJECTION: forcing a failure. [ 139.069860][ T6452] name failslab, interval 1, probability 0, space 0, times 0 [ 139.087913][ T6452] CPU: 1 UID: 0 PID: 6452 Comm: syz.1.131 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 139.087942][ T6452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 139.087955][ T6452] Call Trace: [ 139.087964][ T6452] [ 139.087972][ T6452] dump_stack_lvl+0x189/0x250 [ 139.088003][ T6452] ? __pfx____ratelimit+0x10/0x10 [ 139.088029][ T6452] ? __pfx_dump_stack_lvl+0x10/0x10 [ 139.088055][ T6452] ? __pfx__printk+0x10/0x10 [ 139.088090][ T6452] ? __pfx___might_resched+0x10/0x10 [ 139.088115][ T6452] should_fail_ex+0x414/0x560 [ 139.088144][ T6452] should_failslab+0xa8/0x100 [ 139.088186][ T6452] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 139.088216][ T6452] ? __alloc_skb+0x112/0x2d0 [ 139.088247][ T6452] __alloc_skb+0x112/0x2d0 [ 139.088278][ T6452] netlink_sendmsg+0x5c6/0xb30 [ 139.088315][ T6452] ? __pfx_netlink_sendmsg+0x10/0x10 [ 139.088345][ T6452] ? __import_iovec+0x5d4/0x7f0 [ 139.088363][ T6452] ? aa_sock_msg_perm+0xf1/0x1d0 [ 139.088394][ T6452] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 139.088417][ T6452] ? __pfx_netlink_sendmsg+0x10/0x10 [ 139.088446][ T6452] __sock_sendmsg+0x219/0x270 [ 139.088472][ T6452] ____sys_sendmsg+0x505/0x830 [ 139.088509][ T6452] ? __pfx_____sys_sendmsg+0x10/0x10 [ 139.088557][ T6452] ___sys_sendmsg+0x21f/0x2a0 [ 139.088589][ T6452] ? __pfx____sys_sendmsg+0x10/0x10 [ 139.088658][ T6452] ? __fget_files+0x2a/0x420 [ 139.088690][ T6452] ? __fget_files+0x3a0/0x420 [ 139.088732][ T6452] __sys_sendmsg+0x164/0x220 [ 139.088765][ T6452] ? __pfx___sys_sendmsg+0x10/0x10 [ 139.088788][ T5864] usb 1-1: device descriptor read/8, error -71 [ 139.088812][ T6452] ? lockdep_hardirqs_on+0x9c/0x150 [ 139.088840][ T6452] __do_fast_syscall_32+0xb6/0x2b0 [ 139.088866][ T6452] ? lockdep_hardirqs_on+0x9c/0x150 [ 139.088898][ T6452] do_fast_syscall_32+0x34/0x80 [ 139.088930][ T6452] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 139.088961][ T6452] RIP: 0023:0xf704e539 [ 139.088982][ T6452] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 139.089002][ T6452] RSP: 002b:00000000f543e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 139.089028][ T6452] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0 [ 139.089045][ T6452] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 139.089058][ T6452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 139.089072][ T6452] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 139.089085][ T6452] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 139.089119][ T6452] [ 139.443017][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 139.450467][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 139.462494][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 139.479307][ T5864] usb usb1-port1: unable to enumerate USB device [ 139.496066][ T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 139.516359][ T9] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 139.527256][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.558790][ T9] usb 4-1: config 0 descriptor?? [ 139.990033][ T6468] FAULT_INJECTION: forcing a failure. [ 139.990033][ T6468] name failslab, interval 1, probability 0, space 0, times 0 [ 140.012318][ T9] microsoft 0003:045E:07DA.0002: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 140.028530][ T6468] CPU: 1 UID: 0 PID: 6468 Comm: syz.4.136 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 140.028559][ T6468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 140.028571][ T6468] Call Trace: [ 140.028579][ T6468] [ 140.028587][ T6468] dump_stack_lvl+0x189/0x250 [ 140.028617][ T6468] ? __pfx____ratelimit+0x10/0x10 [ 140.028642][ T6468] ? __pfx_dump_stack_lvl+0x10/0x10 [ 140.028666][ T6468] ? __pfx__printk+0x10/0x10 [ 140.028700][ T6468] ? __pfx___might_resched+0x10/0x10 [ 140.028723][ T6468] should_fail_ex+0x414/0x560 [ 140.028749][ T6468] should_failslab+0xa8/0x100 [ 140.028780][ T6468] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 140.028810][ T6468] ? __alloc_skb+0x112/0x2d0 [ 140.028840][ T6468] __alloc_skb+0x112/0x2d0 [ 140.028871][ T6468] netlink_sendmsg+0x5c6/0xb30 [ 140.028907][ T6468] ? __pfx_netlink_sendmsg+0x10/0x10 [ 140.028936][ T6468] ? __import_iovec+0x5d4/0x7f0 [ 140.028952][ T6468] ? aa_sock_msg_perm+0xf1/0x1d0 [ 140.028982][ T6468] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 140.029004][ T6468] ? __pfx_netlink_sendmsg+0x10/0x10 [ 140.029031][ T6468] __sock_sendmsg+0x219/0x270 [ 140.029056][ T6468] ____sys_sendmsg+0x505/0x830 [ 140.029101][ T6468] ? __pfx_____sys_sendmsg+0x10/0x10 [ 140.029152][ T6468] ___sys_sendmsg+0x21f/0x2a0 [ 140.029184][ T6468] ? __pfx____sys_sendmsg+0x10/0x10 [ 140.029252][ T6468] ? __fget_files+0x2a/0x420 [ 140.029283][ T6468] ? __fget_files+0x3a0/0x420 [ 140.029324][ T6468] __sys_sendmsg+0x164/0x220 [ 140.029356][ T6468] ? __pfx___sys_sendmsg+0x10/0x10 [ 140.029403][ T6468] ? lockdep_hardirqs_on+0x9c/0x150 [ 140.029432][ T6468] __do_fast_syscall_32+0xb6/0x2b0 [ 140.029459][ T6468] ? lockdep_hardirqs_on+0x9c/0x150 [ 140.029487][ T6468] do_fast_syscall_32+0x34/0x80 [ 140.029512][ T6468] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 140.029537][ T6468] RIP: 0023:0xf7f28539 [ 140.029554][ T6468] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 140.029571][ T6468] RSP: 002b:00000000f544655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 140.029592][ T6468] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080 [ 140.029605][ T6468] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 140.029617][ T6468] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 140.029628][ T6468] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 140.029640][ T6468] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 140.029669][ T6468] [ 140.037238][ T9] microsoft 0003:045E:07DA.0002: no inputs found [ 140.242236][ C0] vkms_vblank_simulate: vblank timer overrun [ 140.329315][ T9] microsoft 0003:045E:07DA.0002: could not initialize ff, continuing anyway [ 140.410543][ T6463] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 140.417101][ T6463] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 140.437505][ T6463] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 140.458909][ T6463] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 140.476020][ T6463] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 140.534912][ T6463] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 140.562496][ T6463] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 140.571454][ T6463] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 140.583435][ T6463] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 140.595822][ T6463] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 140.606508][ T6463] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 140.615199][ T6463] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 140.629844][ T6463] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 140.638876][ T6463] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 140.646520][ T6463] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 140.714117][ T6476] misc userio: Invalid payload size [ 140.719907][ T6476] misc userio: Invalid payload size [ 141.546233][ T43] usb 4-1: USB disconnect, device number 4 [ 141.962551][ T6485] vlan2: entered allmulticast mode [ 141.971613][ T6485] bond0: entered allmulticast mode [ 142.003125][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 142.015552][ T6485] bond_slave_0: entered allmulticast mode [ 142.031911][ T6485] bond_slave_1: entered allmulticast mode [ 142.463242][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 142.623038][ T51] Bluetooth: hci2: command 0x0405 tx timeout [ 142.629660][ T5870] Bluetooth: hci3: command 0x0c1a tx timeout [ 142.703037][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 142.773045][ T43] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 142.862364][ T6503] FAULT_INJECTION: forcing a failure. [ 142.862364][ T6503] name failslab, interval 1, probability 0, space 0, times 0 [ 142.875987][ T6503] CPU: 0 UID: 0 PID: 6503 Comm: syz.2.147 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 142.876016][ T6503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 142.876029][ T6503] Call Trace: [ 142.876037][ T6503] [ 142.876046][ T6503] dump_stack_lvl+0x189/0x250 [ 142.876078][ T6503] ? __pfx____ratelimit+0x10/0x10 [ 142.876103][ T6503] ? __pfx_dump_stack_lvl+0x10/0x10 [ 142.876129][ T6503] ? __pfx__printk+0x10/0x10 [ 142.876171][ T6503] ? __pfx___might_resched+0x10/0x10 [ 142.876191][ T6503] ? fs_reclaim_acquire+0x7d/0x100 [ 142.876241][ T6503] should_fail_ex+0x414/0x560 [ 142.876268][ T6503] should_failslab+0xa8/0x100 [ 142.876300][ T6503] __kmalloc_noprof+0xcb/0x4f0 [ 142.876327][ T6503] ? tomoyo_encode+0x28b/0x550 [ 142.876361][ T6503] tomoyo_encode+0x28b/0x550 [ 142.876396][ T6503] tomoyo_realpath_from_path+0x58d/0x5d0 [ 142.876436][ T6503] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 142.876461][ T6503] tomoyo_path_number_perm+0x1e8/0x5a0 [ 142.876489][ T6503] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 142.876532][ T6503] ? __lock_acquire+0xab9/0xd20 [ 142.876584][ T6503] ? __fget_files+0x2a/0x420 [ 142.876620][ T6503] ? __fget_files+0x3a0/0x420 [ 142.876649][ T6503] ? __fget_files+0x2a/0x420 [ 142.876685][ T6503] security_file_ioctl_compat+0xcb/0x2d0 [ 142.876712][ T6503] __ia32_compat_sys_ioctl+0x128/0x840 [ 142.876742][ T6503] ? __pfx___ia32_compat_sys_ioctl+0x10/0x10 [ 142.876769][ T6503] ? __fget_files+0x3a0/0x420 [ 142.876807][ T6503] ? fput+0xa0/0xd0 [ 142.876828][ T6503] ? ksys_write+0x22a/0x250 [ 142.876866][ T6503] ? lockdep_hardirqs_on+0x9c/0x150 [ 142.876894][ T6503] __do_fast_syscall_32+0xb6/0x2b0 [ 142.876922][ T6503] ? lockdep_hardirqs_on+0x9c/0x150 [ 142.876951][ T6503] do_fast_syscall_32+0x34/0x80 [ 142.876978][ T6503] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 142.877003][ T6503] RIP: 0023:0xf707e539 [ 142.877020][ T6503] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 142.877037][ T6503] RSP: 002b:00000000f546e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 142.877057][ T6503] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000400454d8 [ 142.877071][ T6503] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 142.877083][ T6503] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 142.877094][ T6503] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 142.877106][ T6503] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 142.877136][ T6503] [ 142.877163][ T6503] ERROR: Out of memory at tomoyo_realpath_from_path. [ 142.943219][ T43] usb 4-1: Using ep0 maxpacket: 8 [ 143.280919][ T43] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 143.290538][ T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 143.328155][ T6510] FAULT_INJECTION: forcing a failure. [ 143.328155][ T6510] name failslab, interval 1, probability 0, space 0, times 0 [ 143.350439][ T43] usb 4-1: Product: syz [ 143.355242][ T43] usb 4-1: Manufacturer: syz [ 143.360006][ T43] usb 4-1: SerialNumber: syz [ 143.365208][ T6510] CPU: 1 UID: 0 PID: 6510 Comm: syz.1.149 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 143.365253][ T6510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 143.365266][ T6510] Call Trace: [ 143.365274][ T6510] [ 143.365283][ T6510] dump_stack_lvl+0x189/0x250 [ 143.365313][ T6510] ? __pfx____ratelimit+0x10/0x10 [ 143.365338][ T6510] ? __pfx_dump_stack_lvl+0x10/0x10 [ 143.365363][ T6510] ? __pfx__printk+0x10/0x10 [ 143.365396][ T6510] ? __pfx___might_resched+0x10/0x10 [ 143.365415][ T6510] ? fs_reclaim_acquire+0x7d/0x100 [ 143.365453][ T6510] should_fail_ex+0x414/0x560 [ 143.365482][ T6510] should_failslab+0xa8/0x100 [ 143.365515][ T6510] __kmalloc_noprof+0xcb/0x4f0 [ 143.365542][ T6510] ? tomoyo_encode+0x28b/0x550 [ 143.365577][ T6510] tomoyo_encode+0x28b/0x550 [ 143.365613][ T6510] tomoyo_realpath_from_path+0x58d/0x5d0 [ 143.365656][ T6510] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 143.365681][ T6510] tomoyo_path_number_perm+0x1e8/0x5a0 [ 143.365709][ T6510] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 143.365754][ T6510] ? __lock_acquire+0xab9/0xd20 [ 143.365808][ T6510] ? __fget_files+0x2a/0x420 [ 143.365846][ T6510] ? __fget_files+0x3a0/0x420 [ 143.365875][ T6510] ? __fget_files+0x2a/0x420 [ 143.365912][ T6510] security_file_ioctl_compat+0xcb/0x2d0 [ 143.365939][ T6510] __ia32_compat_sys_ioctl+0x128/0x840 [ 143.365969][ T6510] ? __pfx___ia32_compat_sys_ioctl+0x10/0x10 [ 143.365996][ T6510] ? __fget_files+0x3a0/0x420 [ 143.366035][ T6510] ? fput+0xa0/0xd0 [ 143.366063][ T6510] ? ksys_write+0x22a/0x250 [ 143.366101][ T6510] ? lockdep_hardirqs_on+0x9c/0x150 [ 143.366130][ T6510] __do_fast_syscall_32+0xb6/0x2b0 [ 143.366158][ T6510] ? lockdep_hardirqs_on+0x9c/0x150 [ 143.366187][ T6510] do_fast_syscall_32+0x34/0x80 [ 143.366213][ T6510] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 143.366238][ T6510] RIP: 0023:0xf704e539 [ 143.366256][ T6510] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 143.366273][ T6510] RSP: 002b:00000000f543e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 143.366294][ T6510] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000040047459 [ 143.366308][ T6510] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000 [ 143.366320][ T6510] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 143.366332][ T6510] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 143.366344][ T6510] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 143.366375][ T6510] [ 143.366396][ T6510] ERROR: Out of memory at tomoyo_realpath_from_path. [ 143.673938][ T43] usb 4-1: config 0 descriptor?? [ 143.903216][ T9] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 144.013717][ T43] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 144.064065][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 144.113046][ T9] usb 5-1: device descriptor read/64, error -71 [ 144.135695][ T6528] FAULT_INJECTION: forcing a failure. [ 144.135695][ T6528] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 144.193292][ T6528] CPU: 0 UID: 0 PID: 6528 Comm: syz.1.154 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 144.193322][ T6528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 144.193335][ T6528] Call Trace: [ 144.193343][ T6528] [ 144.193351][ T6528] dump_stack_lvl+0x189/0x250 [ 144.193382][ T6528] ? __pfx____ratelimit+0x10/0x10 [ 144.193407][ T6528] ? __pfx_dump_stack_lvl+0x10/0x10 [ 144.193434][ T6528] ? __pfx__printk+0x10/0x10 [ 144.193474][ T6528] should_fail_ex+0x414/0x560 [ 144.193502][ T6528] _copy_to_user+0x31/0xb0 [ 144.193535][ T6528] simple_read_from_buffer+0xe1/0x170 [ 144.193569][ T6528] proc_fail_nth_read+0x1b3/0x220 [ 144.193596][ T6528] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 144.193621][ T6528] ? rw_verify_area+0x2a6/0x4d0 [ 144.193644][ T6528] ? __lock_acquire+0xab9/0xd20 [ 144.193670][ T6528] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 144.193693][ T6528] vfs_read+0x200/0x980 [ 144.193738][ T6528] ? fdget_pos+0x247/0x320 [ 144.193760][ T6528] ? __pfx___mutex_lock+0x10/0x10 [ 144.193786][ T6528] ? __pfx_vfs_read+0x10/0x10 [ 144.193813][ T6528] ? __fget_files+0x2a/0x420 [ 144.193848][ T6528] ? __fget_files+0x3a0/0x420 [ 144.193878][ T6528] ? __fget_files+0x2a/0x420 [ 144.193918][ T6528] ksys_read+0x145/0x250 [ 144.193947][ T6528] ? __pfx_ksys_read+0x10/0x10 [ 144.193977][ T6528] ? lockdep_hardirqs_on+0x9c/0x150 [ 144.194005][ T6528] __do_fast_syscall_32+0xb6/0x2b0 [ 144.194033][ T6528] ? lockdep_hardirqs_on+0x9c/0x150 [ 144.194061][ T6528] do_fast_syscall_32+0x34/0x80 [ 144.194093][ T6528] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 144.194117][ T6528] RIP: 0023:0xf704e539 [ 144.194135][ T6528] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 144.194152][ T6528] RSP: 002b:00000000f541d590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003 [ 144.194173][ T6528] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f541d620 [ 144.194187][ T6528] RDX: 000000000000000f RSI: 00000000f73b4ff4 RDI: 0000000000000000 [ 144.194199][ T6528] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 144.194210][ T6528] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 144.194221][ T6528] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 144.194250][ T6528] [ 144.433031][ C0] vkms_vblank_simulate: vblank timer overrun [ 144.555526][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 144.627786][ T9] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 144.709607][ T51] Bluetooth: hci2: command 0x0405 tx timeout [ 144.716134][ T5870] Bluetooth: hci3: command 0x0c1a tx timeout [ 144.773121][ T9] usb 5-1: device descriptor read/64, error -71 [ 144.783032][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 144.884081][ T9] usb usb5-port1: attempt power cycle [ 145.032577][ T6537] netlink: 16 bytes leftover after parsing attributes in process `syz.0.158'. [ 145.054290][ T6536] delete_channel: no stack [ 145.104406][ T43] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 145.243117][ T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 145.273900][ T9] usb 5-1: device descriptor read/8, error -71 [ 145.523110][ T9] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 145.553864][ T9] usb 5-1: device descriptor read/8, error -71 [ 145.561307][ T6556] netlink: 4 bytes leftover after parsing attributes in process `syz.1.166'. [ 145.663790][ T9] usb usb5-port1: unable to enumerate USB device [ 145.842642][ T6569] FAULT_INJECTION: forcing a failure. [ 145.842642][ T6569] name failslab, interval 1, probability 0, space 0, times 0 [ 145.870621][ T6569] CPU: 1 UID: 0 PID: 6569 Comm: syz.2.170 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 145.870650][ T6569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 145.870663][ T6569] Call Trace: [ 145.870671][ T6569] [ 145.870680][ T6569] dump_stack_lvl+0x189/0x250 [ 145.870710][ T6569] ? __pfx____ratelimit+0x10/0x10 [ 145.870735][ T6569] ? __pfx_dump_stack_lvl+0x10/0x10 [ 145.870758][ T6569] ? __pfx__printk+0x10/0x10 [ 145.870793][ T6569] ? __pfx___might_resched+0x10/0x10 [ 145.870818][ T6569] should_fail_ex+0x414/0x560 [ 145.870853][ T6569] should_failslab+0xa8/0x100 [ 145.870885][ T6569] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 145.870914][ T6569] ? __alloc_skb+0x112/0x2d0 [ 145.870944][ T6569] __alloc_skb+0x112/0x2d0 [ 145.870975][ T6569] netlink_sendmsg+0x5c6/0xb30 [ 145.871012][ T6569] ? __pfx_netlink_sendmsg+0x10/0x10 [ 145.871040][ T6569] ? __import_iovec+0x5d4/0x7f0 [ 145.871057][ T6569] ? aa_sock_msg_perm+0xf1/0x1d0 [ 145.871087][ T6569] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 145.871109][ T6569] ? __pfx_netlink_sendmsg+0x10/0x10 [ 145.871136][ T6569] __sock_sendmsg+0x219/0x270 [ 145.871161][ T6569] ____sys_sendmsg+0x505/0x830 [ 145.871196][ T6569] ? __pfx_____sys_sendmsg+0x10/0x10 [ 145.871243][ T6569] ___sys_sendmsg+0x21f/0x2a0 [ 145.871275][ T6569] ? __pfx____sys_sendmsg+0x10/0x10 [ 145.871340][ T6569] ? __fget_files+0x2a/0x420 [ 145.871369][ T6569] ? __fget_files+0x3a0/0x420 [ 145.871411][ T6569] __sys_sendmsg+0x164/0x220 [ 145.871443][ T6569] ? __pfx___sys_sendmsg+0x10/0x10 [ 145.871489][ T6569] ? lockdep_hardirqs_on+0x9c/0x150 [ 145.871517][ T6569] __do_fast_syscall_32+0xb6/0x2b0 [ 145.871544][ T6569] ? lockdep_hardirqs_on+0x9c/0x150 [ 145.871571][ T6569] do_fast_syscall_32+0x34/0x80 [ 145.871597][ T6569] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 145.871621][ T6569] RIP: 0023:0xf707e539 [ 145.871638][ T6569] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 145.871655][ T6569] RSP: 002b:00000000f546e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 145.871676][ T6569] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100 [ 145.871688][ T6569] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 145.871700][ T6569] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 145.871710][ T6569] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 145.871721][ T6569] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 145.871752][ T6569] [ 146.181978][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 146.382519][ T43] IPVS: starting estimator thread 0... [ 146.438429][ T6583] FAULT_INJECTION: forcing a failure. [ 146.438429][ T6583] name failslab, interval 1, probability 0, space 0, times 0 [ 146.451404][ T6583] CPU: 1 UID: 0 PID: 6583 Comm: syz.2.174 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 146.451433][ T6583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 146.451446][ T6583] Call Trace: [ 146.451455][ T6583] [ 146.451464][ T6583] dump_stack_lvl+0x189/0x250 [ 146.451495][ T6583] ? __pfx____ratelimit+0x10/0x10 [ 146.451521][ T6583] ? __pfx_dump_stack_lvl+0x10/0x10 [ 146.451547][ T6583] ? __pfx__printk+0x10/0x10 [ 146.451585][ T6583] ? __pfx___might_resched+0x10/0x10 [ 146.451621][ T6583] should_fail_ex+0x414/0x560 [ 146.451651][ T6583] should_failslab+0xa8/0x100 [ 146.451685][ T6583] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 146.451716][ T6583] ? __alloc_skb+0x112/0x2d0 [ 146.451749][ T6583] __alloc_skb+0x112/0x2d0 [ 146.451781][ T6583] netlink_sendmsg+0x5c6/0xb30 [ 146.451820][ T6583] ? __pfx_netlink_sendmsg+0x10/0x10 [ 146.451851][ T6583] ? __import_iovec+0x5d4/0x7f0 [ 146.451868][ T6583] ? aa_sock_msg_perm+0xf1/0x1d0 [ 146.451900][ T6583] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 146.451923][ T6583] ? __pfx_netlink_sendmsg+0x10/0x10 [ 146.451952][ T6583] __sock_sendmsg+0x219/0x270 [ 146.451978][ T6583] ____sys_sendmsg+0x505/0x830 [ 146.452016][ T6583] ? __pfx_____sys_sendmsg+0x10/0x10 [ 146.452069][ T6583] ___sys_sendmsg+0x21f/0x2a0 [ 146.452103][ T6583] ? __pfx____sys_sendmsg+0x10/0x10 [ 146.452173][ T6583] ? __fget_files+0x2a/0x420 [ 146.452203][ T6583] ? __fget_files+0x3a0/0x420 [ 146.452243][ T6583] __sys_sendmsg+0x164/0x220 [ 146.452278][ T6583] ? __pfx___sys_sendmsg+0x10/0x10 [ 146.452325][ T6583] ? lockdep_hardirqs_on+0x9c/0x150 [ 146.452355][ T6583] __do_fast_syscall_32+0xb6/0x2b0 [ 146.452383][ T6583] ? lockdep_hardirqs_on+0x9c/0x150 [ 146.452413][ T6583] do_fast_syscall_32+0x34/0x80 [ 146.452442][ T6583] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 146.452468][ T6583] RIP: 0023:0xf707e539 [ 146.452486][ T6583] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 146.452503][ T6583] RSP: 002b:00000000f546e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 146.452525][ T6583] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000400 [ 146.452540][ T6583] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 146.452552][ T6583] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 146.452564][ T6583] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 146.452576][ T6583] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 146.452613][ T6583] [ 146.705209][ T6581] IPVS: using max 26 ests per chain, 62400 per kthread [ 146.707620][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 146.784905][ T6587] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 147.073187][ T5870] Bluetooth: hci2: command 0x0405 tx timeout [ 147.079404][ T5870] Bluetooth: hci3: command 0x0c1a tx timeout [ 147.080334][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 147.222786][ T1219] usb 4-1: USB disconnect, device number 5 [ 148.103022][ T927] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 148.283040][ T927] usb 5-1: Using ep0 maxpacket: 32 [ 148.353143][ T927] usb 5-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 148.362259][ T927] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.444034][ T927] usb 5-1: config 0 descriptor?? [ 148.461279][ T927] gspca_main: sunplus-2.14.0 probing 041e:400b [ 149.163393][ T5864] usb 4-1: new full-speed USB device number 6 using dummy_hcd [ 149.455079][ T927] gspca_sunplus: reg_r err -110 [ 149.483980][ T5864] usb 4-1: config 0 has an invalid interface number: 12 but max is 0 [ 149.492555][ T5864] usb 4-1: config 0 has no interface number 0 [ 149.499208][ T927] sunplus 5-1:0.0: probe with driver sunplus failed with error -110 [ 149.512865][ T5864] usb 4-1: config 0 interface 12 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 149.677867][ T5864] usb 4-1: config 0 interface 12 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 149.702098][ T5864] usb 4-1: config 0 interface 12 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 149.737940][ T5864] usb 4-1: New USB device found, idVendor=0463, idProduct=0027, bcdDevice= 0.00 [ 149.778648][ T5864] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.845651][ T5864] usb 4-1: config 0 descriptor?? [ 150.261793][ T6612] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 150.274395][ T6612] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 150.298724][ T6634] netlink: 16 bytes leftover after parsing attributes in process `syz.2.191'. [ 150.598879][ T5864] hid-generic 0003:0463:0027.0003: unknown main item tag 0x0 [ 150.606475][ T5864] hid-generic 0003:0463:0027.0003: unknown main item tag 0x0 [ 150.620002][ T5864] hid-generic 0003:0463:0027.0003: unknown main item tag 0x0 [ 150.631206][ T5864] hid-generic 0003:0463:0027.0003: unknown main item tag 0x0 [ 150.643154][ T5864] hid-generic 0003:0463:0027.0003: unknown main item tag 0x0 [ 150.655982][ T5864] hid-generic 0003:0463:0027.0003: unknown main item tag 0x0 [ 150.668336][ T5864] hid-generic 0003:0463:0027.0003: unknown main item tag 0x0 [ 150.708275][ T5864] hid-generic 0003:0463:0027.0003: hidraw0: USB HID vff.fa Device [HID 0463:0027] on usb-dummy_hcd.3-1/input12 [ 150.811799][ T5864] usb 4-1: USB disconnect, device number 6 [ 151.006031][ T6633] delete_channel: no stack [ 151.029825][ T6637] fido_id[6637]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 151.507768][ T6649] netlink: 24 bytes leftover after parsing attributes in process `syz.3.196'. [ 152.051917][ T6656] FAULT_INJECTION: forcing a failure. [ 152.051917][ T6656] name failslab, interval 1, probability 0, space 0, times 0 [ 152.183249][ T6656] CPU: 0 UID: 0 PID: 6656 Comm: syz.2.198 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 152.183279][ T6656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 152.183291][ T6656] Call Trace: [ 152.183299][ T6656] [ 152.183309][ T6656] dump_stack_lvl+0x189/0x250 [ 152.183340][ T6656] ? __pfx____ratelimit+0x10/0x10 [ 152.183373][ T6656] ? __pfx_dump_stack_lvl+0x10/0x10 [ 152.183399][ T6656] ? __pfx__printk+0x10/0x10 [ 152.183435][ T6656] ? __pfx___might_resched+0x10/0x10 [ 152.183460][ T6656] should_fail_ex+0x414/0x560 [ 152.183489][ T6656] should_failslab+0xa8/0x100 [ 152.183522][ T6656] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 152.183565][ T6656] ? __alloc_skb+0x112/0x2d0 [ 152.183596][ T6656] __alloc_skb+0x112/0x2d0 [ 152.183626][ T6656] netlink_sendmsg+0x5c6/0xb30 [ 152.183663][ T6656] ? __pfx_netlink_sendmsg+0x10/0x10 [ 152.183692][ T6656] ? __import_iovec+0x5d4/0x7f0 [ 152.183708][ T6656] ? aa_sock_msg_perm+0xf1/0x1d0 [ 152.183739][ T6656] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 152.183761][ T6656] ? __pfx_netlink_sendmsg+0x10/0x10 [ 152.183788][ T6656] __sock_sendmsg+0x219/0x270 [ 152.183813][ T6656] ____sys_sendmsg+0x505/0x830 [ 152.183849][ T6656] ? __pfx_____sys_sendmsg+0x10/0x10 [ 152.183896][ T6656] ___sys_sendmsg+0x21f/0x2a0 [ 152.183928][ T6656] ? __pfx____sys_sendmsg+0x10/0x10 [ 152.183996][ T6656] ? __fget_files+0x2a/0x420 [ 152.184026][ T6656] ? __fget_files+0x3a0/0x420 [ 152.184068][ T6656] __sys_sendmsg+0x164/0x220 [ 152.184100][ T6656] ? __pfx___sys_sendmsg+0x10/0x10 [ 152.184147][ T6656] ? lockdep_hardirqs_on+0x9c/0x150 [ 152.184176][ T6656] __do_fast_syscall_32+0xb6/0x2b0 [ 152.184203][ T6656] ? lockdep_hardirqs_on+0x9c/0x150 [ 152.184231][ T6656] do_fast_syscall_32+0x34/0x80 [ 152.184258][ T6656] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 152.184288][ T6656] RIP: 0023:0xf707e539 [ 152.184305][ T6656] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 152.184322][ T6656] RSP: 002b:00000000f546e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 152.184343][ T6656] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000300 [ 152.184363][ T6656] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 152.184374][ T6656] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 152.184386][ T6656] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 152.184397][ T6656] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 152.184426][ T6656] [ 152.598555][ T927] usb 5-1: USB disconnect, device number 7 [ 152.682134][ T6667] netlink: 4 bytes leftover after parsing attributes in process `syz.3.202'. [ 152.940499][ T6677] netlink: 16 bytes leftover after parsing attributes in process `syz.2.204'. [ 153.040170][ T6674] delete_channel: no stack [ 153.180831][ T6681] netlink: 'syz.0.206': attribute type 29 has an invalid length. [ 153.196379][ T6681] netlink: 'syz.0.206': attribute type 29 has an invalid length. [ 153.309549][ T6684] FAULT_INJECTION: forcing a failure. [ 153.309549][ T6684] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 153.337088][ T6684] CPU: 0 UID: 0 PID: 6684 Comm: syz.3.205 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 153.337117][ T6684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 153.337130][ T6684] Call Trace: [ 153.337139][ T6684] [ 153.337146][ T6684] dump_stack_lvl+0x189/0x250 [ 153.337168][ T6684] ? __pfx____ratelimit+0x10/0x10 [ 153.337185][ T6684] ? __pfx_dump_stack_lvl+0x10/0x10 [ 153.337202][ T6684] ? __pfx__printk+0x10/0x10 [ 153.337222][ T6684] ? __might_fault+0xb0/0x130 [ 153.337250][ T6684] should_fail_ex+0x414/0x560 [ 153.337269][ T6684] _copy_from_iter+0x1db/0x16f0 [ 153.337300][ T6684] ? __pfx__copy_from_iter+0x10/0x10 [ 153.337331][ T6684] tun_get_user+0x488/0x3e20 [ 153.337366][ T6684] ? aa_file_perm+0x44d/0x1550 [ 153.337387][ T6684] ? __pfx_tun_get_user+0x10/0x10 [ 153.337407][ T6684] ? _parse_integer_limit+0x1ae/0x1f0 [ 153.337431][ T6684] ? __lock_acquire+0xab9/0xd20 [ 153.337457][ T6684] ? ref_tracker_alloc+0x318/0x460 [ 153.337472][ T6684] ? __lock_acquire+0xab9/0xd20 [ 153.337494][ T6684] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 153.337515][ T6684] ? tun_get+0x1c/0x2f0 [ 153.337539][ T6684] ? tun_get+0x1c/0x2f0 [ 153.337558][ T6684] ? tun_get+0x1c/0x2f0 [ 153.337581][ T6684] tun_chr_write_iter+0x113/0x200 [ 153.337602][ T6684] vfs_write+0x548/0xa90 [ 153.337625][ T6684] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 153.337646][ T6684] ? __pfx_vfs_write+0x10/0x10 [ 153.337672][ T6684] ? __fget_files+0x2a/0x420 [ 153.337700][ T6684] ksys_write+0x145/0x250 [ 153.337721][ T6684] ? __pfx_ksys_write+0x10/0x10 [ 153.337742][ T6684] ? lockdep_hardirqs_on+0x9c/0x150 [ 153.337762][ T6684] __do_fast_syscall_32+0xb6/0x2b0 [ 153.337781][ T6684] ? lockdep_hardirqs_on+0x9c/0x150 [ 153.337800][ T6684] do_fast_syscall_32+0x34/0x80 [ 153.337819][ T6684] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 153.337836][ T6684] RIP: 0023:0xf702e539 [ 153.337849][ T6684] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 153.337861][ T6684] RSP: 002b:00000000f53fd55c EFLAGS: 00000206 ORIG_RAX: 0000000000000004 [ 153.337875][ T6684] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000540 [ 153.337885][ T6684] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000000 [ 153.337893][ T6684] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 153.337901][ T6684] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 153.337909][ T6684] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 153.337928][ T6684] [ 154.461809][ T6702] FAULT_INJECTION: forcing a failure. [ 154.461809][ T6702] name failslab, interval 1, probability 0, space 0, times 0 [ 154.476128][ T6702] CPU: 0 UID: 0 PID: 6702 Comm: syz.4.214 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 154.476156][ T6702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 154.476177][ T6702] Call Trace: [ 154.476186][ T6702] [ 154.476194][ T6702] dump_stack_lvl+0x189/0x250 [ 154.476225][ T6702] ? __pfx____ratelimit+0x10/0x10 [ 154.476268][ T6702] ? __pfx_dump_stack_lvl+0x10/0x10 [ 154.476294][ T6702] ? __pfx__printk+0x10/0x10 [ 154.476330][ T6702] ? __pfx___might_resched+0x10/0x10 [ 154.476356][ T6702] should_fail_ex+0x414/0x560 [ 154.476386][ T6702] should_failslab+0xa8/0x100 [ 154.476419][ T6702] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 154.476449][ T6702] ? __alloc_skb+0x112/0x2d0 [ 154.476482][ T6702] __alloc_skb+0x112/0x2d0 [ 154.476514][ T6702] tcp_stream_alloc_skb+0x3d/0x340 [ 154.476541][ T6702] tcp_sendmsg_locked+0xf38/0x5620 [ 154.476620][ T6702] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 154.476641][ T6702] ? __local_bh_enable_ip+0x12d/0x1c0 [ 154.476666][ T6702] ? __local_bh_enable_ip+0x12d/0x1c0 [ 154.476701][ T6702] tcp_sendmsg+0x2f/0x50 [ 154.476723][ T6702] __sock_sendmsg+0x19c/0x270 [ 154.476749][ T6702] ____sys_sendmsg+0x505/0x830 [ 154.476786][ T6702] ? __pfx_____sys_sendmsg+0x10/0x10 [ 154.476834][ T6702] ___sys_sendmsg+0x21f/0x2a0 [ 154.476868][ T6702] ? __pfx____sys_sendmsg+0x10/0x10 [ 154.476937][ T6702] ? __fget_files+0x2a/0x420 [ 154.476968][ T6702] ? __fget_files+0x3a0/0x420 [ 154.477012][ T6702] __sys_sendmsg+0x164/0x220 [ 154.477045][ T6702] ? __pfx___sys_sendmsg+0x10/0x10 [ 154.477094][ T6702] ? lockdep_hardirqs_on+0x9c/0x150 [ 154.477123][ T6702] __do_fast_syscall_32+0xb6/0x2b0 [ 154.477151][ T6702] ? lockdep_hardirqs_on+0x9c/0x150 [ 154.477188][ T6702] do_fast_syscall_32+0x34/0x80 [ 154.477217][ T6702] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 154.477243][ T6702] RIP: 0023:0xf7f28539 [ 154.477260][ T6702] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 154.477277][ T6702] RSP: 002b:00000000f544655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 154.477299][ T6702] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000040 [ 154.477314][ T6702] RDX: 00000000000052cc RSI: 0000000000000000 RDI: 0000000000000000 [ 154.477326][ T6702] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 154.477338][ T6702] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 154.477350][ T6702] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 154.477381][ T6702] [ 154.830280][ T6709] tipc: Started in network mode [ 154.858512][ T6709] tipc: Node identity fa5690af5ada, cluster identity 4711 [ 154.883951][ T6709] tipc: Enabled bearer , priority 0 [ 154.913535][ T6709] syzkaller0: entered promiscuous mode [ 154.919104][ T6709] syzkaller0: entered allmulticast mode [ 154.974645][ T6709] tipc: Resetting bearer [ 155.055351][ T927] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 155.304514][ T927] usb 4-1: Using ep0 maxpacket: 16 [ 155.333310][ T927] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 155.356608][ T6698] tipc: Resetting bearer [ 155.379232][ T6721] misc userio: Invalid payload size [ 155.395428][ T927] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 155.424373][ T927] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 155.527538][ T6698] tipc: Disabling bearer [ 155.536125][ T927] usb 4-1: config 0 descriptor?? [ 155.775187][ T6729] netlink: 4 bytes leftover after parsing attributes in process `syz.4.220'. [ 156.601333][ T6737] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 156.613067][ T6737] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 156.684603][ T6736] netlink: 8 bytes leftover after parsing attributes in process `syz.3.215'. [ 158.294973][ T5864] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 158.485302][ T5864] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 158.513109][ T5864] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 158.529122][ T6762] trusted_key: syz.4.228 sent an empty control message without MSG_MORE. [ 158.587181][ T5864] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 158.623864][ T5864] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 158.753253][ T5864] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.767644][ T5864] usb 1-1: config 0 descriptor?? [ 159.212247][ T5864] plantronics 0003:047F:FFFF.0004: reserved main item tag 0xd [ 159.263229][ T6770] netlink: 8 bytes leftover after parsing attributes in process `syz.2.229'. [ 159.317245][ T5864] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 159.502930][ T927] usbhid 4-1:0.0: can't add hid device: -71 [ 159.509672][ T927] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 159.662640][ T927] usb 4-1: USB disconnect, device number 7 [ 160.104561][ T6787] process 'syz.1.232' launched './file0' with NULL argv: empty string added [ 160.405651][ T6794] fuse: Unknown parameter 'òootmodPz00000000000000000040000' [ 160.652596][ T1219] usb 1-1: reset high-speed USB device number 8 using dummy_hcd [ 160.667965][ T5864] usb 4-1: new full-speed USB device number 8 using dummy_hcd [ 160.959195][ T5864] usb 4-1: New USB device found, idVendor=14f7, idProduct=0500, bcdDevice=44.85 [ 160.983865][ T5864] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 161.047141][ T5864] usb 4-1: Product: syz [ 161.052110][ T5864] usb 4-1: Manufacturer: syz [ 161.057504][ T5864] usb 4-1: SerialNumber: syz [ 161.116193][ T5864] usb 4-1: config 0 descriptor?? [ 161.184498][ T5864] usb 4-1: selecting invalid altsetting 1 [ 161.191510][ T5864] technisat-usb2: could not set alternate setting to 0 [ 161.396447][ T5864] technisat-usb2: firmware version: 0.0 [ 161.405027][ T5864] dvb-usb: found a 'Technisat SkyStar USB HD (DVB-S/S2)' in warm state. [ 161.674710][ T5864] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 161.782227][ T5864] dvb-usb: Technisat SkyStar USB HD (DVB-S/S2) error while loading driver (-19) [ 162.009792][ T5864] usb 4-1: USB disconnect, device number 8 [ 162.023073][ T927] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 162.090709][ T9] usb 1-1: USB disconnect, device number 8 [ 162.247961][ T927] usb 5-1: config 0 has no interfaces? [ 162.258405][ T927] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 162.279238][ T927] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 162.342475][ T927] usb 5-1: Product: syz [ 162.361786][ T927] usb 5-1: Manufacturer: syz [ 162.389347][ T927] usb 5-1: SerialNumber: syz [ 162.413157][ T927] usb 5-1: config 0 descriptor?? [ 162.433614][ T43] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 162.623128][ T43] usb 2-1: Using ep0 maxpacket: 32 [ 162.647898][ T43] usb 2-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 162.707596][ T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.918296][ T43] usb 2-1: config 0 descriptor?? [ 163.048699][ T43] gspca_main: sunplus-2.14.0 probing 041e:400b [ 163.329149][ T6831] netlink: 60 bytes leftover after parsing attributes in process `syz.3.247'. [ 163.340632][ T6830] netlink: 60 bytes leftover after parsing attributes in process `syz.3.247'. [ 163.355231][ T6831] netlink: 60 bytes leftover after parsing attributes in process `syz.3.247'. [ 163.885266][ T6837] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 163.923952][ T43] gspca_sunplus: reg_r err -110 [ 163.929025][ T43] sunplus 2-1:0.0: probe with driver sunplus failed with error -110 [ 164.614949][ T927] usb 5-1: USB disconnect, device number 8 [ 164.728765][ T6847] FAULT_INJECTION: forcing a failure. [ 164.728765][ T6847] name failslab, interval 1, probability 0, space 0, times 0 [ 164.784846][ T6847] CPU: 1 UID: 0 PID: 6847 Comm: syz.4.253 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 164.784868][ T6847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 164.784877][ T6847] Call Trace: [ 164.784882][ T6847] [ 164.784889][ T6847] dump_stack_lvl+0x189/0x250 [ 164.784911][ T6847] ? __pfx____ratelimit+0x10/0x10 [ 164.784930][ T6847] ? __pfx_dump_stack_lvl+0x10/0x10 [ 164.784948][ T6847] ? __pfx__printk+0x10/0x10 [ 164.784970][ T6847] ? __pfx___might_resched+0x10/0x10 [ 164.784984][ T6847] ? fs_reclaim_acquire+0x7d/0x100 [ 164.785011][ T6847] should_fail_ex+0x414/0x560 [ 164.785032][ T6847] should_failslab+0xa8/0x100 [ 164.785055][ T6847] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 164.785076][ T6847] ? __alloc_skb+0x112/0x2d0 [ 164.785099][ T6847] __alloc_skb+0x112/0x2d0 [ 164.785123][ T6847] alloc_skb_with_frags+0xca/0x890 [ 164.785154][ T6847] sock_alloc_send_pskb+0x857/0x990 [ 164.785176][ T6847] ? __page_table_check_zero+0xba/0x530 [ 164.785210][ T6847] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 164.785241][ T6847] ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20 [ 164.785262][ T6847] unix_dgram_sendmsg+0x461/0x1850 [ 164.785291][ T6847] ? __lock_acquire+0xab9/0xd20 [ 164.785318][ T6847] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 164.785333][ T6847] ? tomoyo_socket_sendmsg_permission+0x1e1/0x300 [ 164.785368][ T6847] ? __import_iovec+0x5d4/0x7f0 [ 164.785384][ T6847] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 164.785399][ T6847] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 164.785416][ T6847] __sock_sendmsg+0x219/0x270 [ 164.785434][ T6847] ____sys_sendmsg+0x505/0x830 [ 164.785460][ T6847] ? __pfx_____sys_sendmsg+0x10/0x10 [ 164.785493][ T6847] ___sys_sendmsg+0x21f/0x2a0 [ 164.785516][ T6847] ? __pfx____sys_sendmsg+0x10/0x10 [ 164.785563][ T6847] ? __fget_files+0x2a/0x420 [ 164.785585][ T6847] ? __fget_files+0x3a0/0x420 [ 164.785615][ T6847] __sys_sendmsg+0x164/0x220 [ 164.785638][ T6847] ? __pfx___sys_sendmsg+0x10/0x10 [ 164.785671][ T6847] ? lockdep_hardirqs_on+0x9c/0x150 [ 164.785691][ T6847] __do_fast_syscall_32+0xb6/0x2b0 [ 164.785711][ T6847] ? lockdep_hardirqs_on+0x9c/0x150 [ 164.785731][ T6847] do_fast_syscall_32+0x34/0x80 [ 164.785750][ T6847] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 164.785768][ T6847] RIP: 0023:0xf7f28539 [ 164.785781][ T6847] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 164.785793][ T6847] RSP: 002b:00000000f544655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 164.785809][ T6847] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000100 [ 164.785821][ T6847] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 164.785835][ T6847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 164.785847][ T6847] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 164.785871][ T6847] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 164.785904][ T6847] [ 165.084859][ C1] vkms_vblank_simulate: vblank timer overrun [ 165.443869][ T927] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 165.483270][ T5864] usb 2-1: USB disconnect, device number 5 [ 165.676444][ T927] usb 5-1: Using ep0 maxpacket: 8 [ 165.694975][ T927] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 165.708407][ T927] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 165.773118][ T927] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 165.794404][ T927] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 165.833016][ T927] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 165.843765][ T927] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.353508][ T927] usb 5-1: GET_CAPABILITIES returned 0 [ 166.369285][ T927] usbtmc 5-1:16.0: can't read capabilities [ 166.726226][ T6851] FAULT_INJECTION: forcing a failure. [ 166.726226][ T6851] name failslab, interval 1, probability 0, space 0, times 0 [ 166.750617][ T6851] CPU: 1 UID: 0 PID: 6851 Comm: syz.4.255 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 166.750644][ T6851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 166.750654][ T6851] Call Trace: [ 166.750660][ T6851] [ 166.750667][ T6851] dump_stack_lvl+0x189/0x250 [ 166.750690][ T6851] ? __pfx____ratelimit+0x10/0x10 [ 166.750709][ T6851] ? __pfx_dump_stack_lvl+0x10/0x10 [ 166.750727][ T6851] ? __pfx__printk+0x10/0x10 [ 166.750750][ T6851] ? __pfx___might_resched+0x10/0x10 [ 166.750764][ T6851] ? fs_reclaim_acquire+0x7d/0x100 [ 166.750791][ T6851] should_fail_ex+0x414/0x560 [ 166.750811][ T6851] should_failslab+0xa8/0x100 [ 166.750835][ T6851] __kmalloc_noprof+0xcb/0x4f0 [ 166.750854][ T6851] ? tomoyo_encode+0x28b/0x550 [ 166.750879][ T6851] tomoyo_encode+0x28b/0x550 [ 166.750905][ T6851] tomoyo_realpath_from_path+0x58d/0x5d0 [ 166.750935][ T6851] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 166.750953][ T6851] tomoyo_path_number_perm+0x1e8/0x5a0 [ 166.750973][ T6851] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 166.751004][ T6851] ? __lock_acquire+0xab9/0xd20 [ 166.751043][ T6851] ? __fget_files+0x2a/0x420 [ 166.751069][ T6851] ? __fget_files+0x3a0/0x420 [ 166.751090][ T6851] ? __fget_files+0x2a/0x420 [ 166.751116][ T6851] security_file_ioctl_compat+0xcb/0x2d0 [ 166.751135][ T6851] __ia32_compat_sys_ioctl+0x128/0x840 [ 166.751157][ T6851] ? __pfx___ia32_compat_sys_ioctl+0x10/0x10 [ 166.751176][ T6851] ? __fget_files+0x3a0/0x420 [ 166.751204][ T6851] ? fput+0xa0/0xd0 [ 166.751219][ T6851] ? ksys_write+0x22a/0x250 [ 166.751246][ T6851] ? lockdep_hardirqs_on+0x9c/0x150 [ 166.751266][ T6851] __do_fast_syscall_32+0xb6/0x2b0 [ 166.751292][ T6851] ? lockdep_hardirqs_on+0x9c/0x150 [ 166.751312][ T6851] do_fast_syscall_32+0x34/0x80 [ 166.751332][ T6851] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 166.751351][ T6851] RIP: 0023:0xf7f28539 [ 166.751363][ T6851] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 166.751376][ T6851] RSP: 002b:00000000f544655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 166.751391][ T6851] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000040045b0a [ 166.751401][ T6851] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 166.751410][ T6851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 166.751418][ T6851] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 166.751426][ T6851] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 166.751447][ T6851] [ 166.751463][ T6851] ERROR: Out of memory at tomoyo_realpath_from_path. [ 167.190936][ T43] usb 5-1: USB disconnect, device number 9 [ 167.268580][ T6872] FAULT_INJECTION: forcing a failure. [ 167.268580][ T6872] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 167.403031][ T6872] CPU: 1 UID: 0 PID: 6872 Comm: syz.0.260 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 167.403060][ T6872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 167.403073][ T6872] Call Trace: [ 167.403081][ T6872] [ 167.403090][ T6872] dump_stack_lvl+0x189/0x250 [ 167.403128][ T6872] ? __pfx____ratelimit+0x10/0x10 [ 167.403152][ T6872] ? __pfx_dump_stack_lvl+0x10/0x10 [ 167.403178][ T6872] ? __pfx__printk+0x10/0x10 [ 167.403208][ T6872] ? __might_fault+0xb0/0x130 [ 167.403249][ T6872] should_fail_ex+0x414/0x560 [ 167.403277][ T6872] _copy_to_iter+0x3f5/0x16f0 [ 167.403320][ T6872] ? __pfx__copy_to_iter+0x10/0x10 [ 167.403347][ T6872] ? __skb_try_recv_from_queue+0x58f/0x730 [ 167.403387][ T6872] ? __skb_try_recv_datagram+0x3da/0x4e0 [ 167.403427][ T6872] __skb_datagram_iter+0xf8/0x990 [ 167.403462][ T6872] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 167.403517][ T6872] skb_copy_datagram_iter+0xc5/0x230 [ 167.403554][ T6872] netlink_recvmsg+0x2ab/0xa30 [ 167.403590][ T6872] ? __pfx_netlink_recvmsg+0x10/0x10 [ 167.403621][ T6872] ? aa_sock_msg_perm+0xf1/0x1d0 [ 167.403652][ T6872] ? bpf_lsm_socket_recvmsg+0x9/0x20 [ 167.403673][ T6872] ? security_socket_recvmsg+0x7e/0x2e0 [ 167.403693][ T6872] ? __pfx_netlink_recvmsg+0x10/0x10 [ 167.403719][ T6872] sock_recvmsg+0x229/0x270 [ 167.403746][ T6872] ____sys_recvmsg+0x1c9/0x460 [ 167.403785][ T6872] ? __pfx_____sys_recvmsg+0x10/0x10 [ 167.403813][ T6872] ? get_compat_msghdr+0x37e/0x4a0 [ 167.403864][ T6872] ___sys_recvmsg+0x1b5/0x510 [ 167.403901][ T6872] ? __pfx____sys_recvmsg+0x10/0x10 [ 167.403957][ T6872] ? __fget_files+0x3a0/0x420 [ 167.403999][ T6872] do_recvmmsg+0x36a/0x770 [ 167.404039][ T6872] ? __pfx_do_recvmmsg+0x10/0x10 [ 167.404083][ T6872] ? __pfx_vfs_write+0x10/0x10 [ 167.404133][ T6872] __sys_recvmmsg+0x19d/0x280 [ 167.404167][ T6872] ? __pfx___sys_recvmmsg+0x10/0x10 [ 167.404195][ T6872] ? ksys_write+0x22a/0x250 [ 167.404233][ T6872] __ia32_compat_sys_recvmmsg_time32+0xbf/0xe0 [ 167.404267][ T6872] __do_fast_syscall_32+0xb6/0x2b0 [ 167.404295][ T6872] ? lockdep_hardirqs_on+0x9c/0x150 [ 167.404322][ T6872] do_fast_syscall_32+0x34/0x80 [ 167.404348][ T6872] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 167.404372][ T6872] RIP: 0023:0xf70ae539 [ 167.404389][ T6872] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 167.404406][ T6872] RSP: 002b:00000000f549e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000151 [ 167.404427][ T6872] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000340 [ 167.404441][ T6872] RDX: 0000000000000003 RSI: 0000000000000002 RDI: 0000000000000000 [ 167.404453][ T6872] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 167.404464][ T6872] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 167.404476][ T6872] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 167.404505][ T6872] [ 169.773079][ T5864] usb 3-1: new full-speed USB device number 3 using dummy_hcd [ 169.873360][ T6901] netlink: 'syz.0.271': attribute type 1 has an invalid length. [ 169.913286][ T5864] usb 3-1: device descriptor read/64, error -71 [ 169.925107][ T6901] 8021q: adding VLAN 0 to HW filter on device bond1 [ 169.981851][ T6905] bond1: (slave gretap1): making interface the new active one [ 169.999727][ T6905] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 170.120145][ T6901] vlan2: entered allmulticast mode [ 170.125572][ T6901] bond1: entered allmulticast mode [ 170.130733][ T6901] gretap1: entered allmulticast mode [ 170.138106][ T6901] bond1: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 170.163443][ T5864] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 170.266555][ T6905] syz.0.271 (6905) used greatest stack depth: 19944 bytes left [ 170.341396][ T5864] usb 3-1: device descriptor read/64, error -71 [ 170.478557][ T5864] usb usb3-port1: attempt power cycle [ 170.538461][ T6920] syz_tun: entered allmulticast mode [ 171.003071][ T5864] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 171.133954][ T5864] usb 3-1: device descriptor read/8, error -71 [ 171.271877][ T6928] netlink: 'syz.1.279': attribute type 1 has an invalid length. [ 171.311824][ T6928] 8021q: adding VLAN 0 to HW filter on device bond1 [ 171.416000][ T5864] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 171.446988][ T5864] usb 3-1: device descriptor read/8, error -71 [ 171.461638][ T6919] syz_tun: left allmulticast mode [ 171.500730][ T30] audit: type=1326 audit(1754505948.369:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.1.279" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf704e539 code=0x0 [ 171.678205][ T5864] usb usb3-port1: unable to enumerate USB device [ 171.872836][ T6934] netlink: 'syz.4.280': attribute type 11 has an invalid length. [ 172.123362][ T43] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 172.298581][ T43] usb 5-1: unable to get BOS descriptor or descriptor too short [ 172.318482][ T43] usb 5-1: config 0 has an invalid interface number: 53 but max is 0 [ 172.332272][ T43] usb 5-1: config 0 has no interface number 0 [ 172.402049][ T43] usb 5-1: config 0 interface 53 has no altsetting 0 [ 172.436973][ T43] usb 5-1: New USB device found, idVendor=0421, idProduct=04f0, bcdDevice=ae.24 [ 172.448436][ T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 172.484198][ T43] usb 5-1: Product: syz [ 172.489456][ T43] usb 5-1: Manufacturer: syz [ 172.501677][ T43] usb 5-1: SerialNumber: syz [ 172.517524][ T43] usb 5-1: config 0 descriptor?? [ 172.752114][ T43] usb 5-1: bad CDC descriptors [ 173.006401][ T43] usb 5-1: USB disconnect, device number 10 [ 173.036968][ T6951] FAULT_INJECTION: forcing a failure. [ 173.036968][ T6951] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 173.058941][ T6951] CPU: 0 UID: 0 PID: 6951 Comm: syz.1.286 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 173.058970][ T6951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 173.058983][ T6951] Call Trace: [ 173.058991][ T6951] [ 173.059000][ T6951] dump_stack_lvl+0x189/0x250 [ 173.059030][ T6951] ? __pfx____ratelimit+0x10/0x10 [ 173.059056][ T6951] ? __pfx_dump_stack_lvl+0x10/0x10 [ 173.059081][ T6951] ? __pfx__printk+0x10/0x10 [ 173.059123][ T6951] should_fail_ex+0x414/0x560 [ 173.059152][ T6951] _copy_to_user+0x31/0xb0 [ 173.059174][ T6951] simple_read_from_buffer+0xe1/0x170 [ 173.059210][ T6951] proc_fail_nth_read+0x1b3/0x220 [ 173.059237][ T6951] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 173.059264][ T6951] ? rw_verify_area+0x2a6/0x4d0 [ 173.059289][ T6951] ? __lock_acquire+0xab9/0xd20 [ 173.059318][ T6951] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 173.059343][ T6951] vfs_read+0x200/0x980 [ 173.059369][ T6951] ? fdget_pos+0x247/0x320 [ 173.059391][ T6951] ? __pfx___mutex_lock+0x10/0x10 [ 173.059418][ T6951] ? __pfx_vfs_read+0x10/0x10 [ 173.059447][ T6951] ? __fget_files+0x2a/0x420 [ 173.059484][ T6951] ? __fget_files+0x3a0/0x420 [ 173.059514][ T6951] ? __fget_files+0x2a/0x420 [ 173.059553][ T6951] ksys_read+0x145/0x250 [ 173.059583][ T6951] ? __pfx_ksys_read+0x10/0x10 [ 173.059615][ T6951] ? lockdep_hardirqs_on+0x9c/0x150 [ 173.059643][ T6951] __do_fast_syscall_32+0xb6/0x2b0 [ 173.059671][ T6951] ? lockdep_hardirqs_on+0x9c/0x150 [ 173.059704][ T6951] do_fast_syscall_32+0x34/0x80 [ 173.059737][ T6951] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 173.059762][ T6951] RIP: 0023:0xf704e539 [ 173.059779][ T6951] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 173.059796][ T6951] RSP: 002b:00000000f543e590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003 [ 173.059818][ T6951] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f543e620 [ 173.059832][ T6951] RDX: 000000000000000f RSI: 00000000f73b4ff4 RDI: 0000000000000000 [ 173.059844][ T6951] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 173.059856][ T6951] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 173.059868][ T6951] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 173.059898][ T6951] [ 173.662417][ T6958] FAULT_INJECTION: forcing a failure. [ 173.662417][ T6958] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 173.740618][ T6958] CPU: 0 UID: 0 PID: 6958 Comm: syz.1.289 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 173.740647][ T6958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 173.740659][ T6958] Call Trace: [ 173.740667][ T6958] [ 173.740676][ T6958] dump_stack_lvl+0x189/0x250 [ 173.740705][ T6958] ? __pfx____ratelimit+0x10/0x10 [ 173.740729][ T6958] ? __pfx_dump_stack_lvl+0x10/0x10 [ 173.740753][ T6958] ? __pfx__printk+0x10/0x10 [ 173.740780][ T6958] ? __might_fault+0xb0/0x130 [ 173.740818][ T6958] should_fail_ex+0x414/0x560 [ 173.740846][ T6958] _copy_from_user+0x2d/0xb0 [ 173.740867][ T6958] __se_sys_splice+0x27f/0x460 [ 173.740903][ T6958] ? __pfx___se_sys_splice+0x10/0x10 [ 173.740938][ T6958] ? __ia32_sys_splice+0x21/0xf0 [ 173.740971][ T6958] __do_fast_syscall_32+0xb6/0x2b0 [ 173.740999][ T6958] ? lockdep_hardirqs_on+0x9c/0x150 [ 173.741025][ T6958] do_fast_syscall_32+0x34/0x80 [ 173.741052][ T6958] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 173.741076][ T6958] RIP: 0023:0xf704e539 [ 173.741093][ T6958] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 173.741110][ T6958] RSP: 002b:00000000f543e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000139 [ 173.741130][ T6958] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040 [ 173.741144][ T6958] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000808 [ 173.741155][ T6958] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 173.741166][ T6958] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 173.741177][ T6958] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 173.741206][ T6958] [ 173.773326][ T6955] tap0: tun_chr_ioctl cmd 1074025681 [ 175.156470][ T7001] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 175.196481][ T7001] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 175.247480][ T7006] FAULT_INJECTION: forcing a failure. [ 175.247480][ T7006] name failslab, interval 1, probability 0, space 0, times 0 [ 175.264328][ T7006] CPU: 1 UID: 0 PID: 7006 Comm: syz.1.305 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 175.264359][ T7006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 175.264376][ T7006] Call Trace: [ 175.264384][ T7006] [ 175.264393][ T7006] dump_stack_lvl+0x189/0x250 [ 175.264423][ T7006] ? __pfx____ratelimit+0x10/0x10 [ 175.264448][ T7006] ? __pfx_dump_stack_lvl+0x10/0x10 [ 175.264473][ T7006] ? __pfx__printk+0x10/0x10 [ 175.264508][ T7006] ? __pfx___might_resched+0x10/0x10 [ 175.264533][ T7006] should_fail_ex+0x414/0x560 [ 175.264569][ T7006] should_failslab+0xa8/0x100 [ 175.264602][ T7006] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 175.264631][ T7006] ? __alloc_skb+0x112/0x2d0 [ 175.264662][ T7006] __alloc_skb+0x112/0x2d0 [ 175.264705][ T7006] netlink_sendmsg+0x5c6/0xb30 [ 175.264741][ T7006] ? __pfx_netlink_sendmsg+0x10/0x10 [ 175.264769][ T7006] ? __import_iovec+0x5d4/0x7f0 [ 175.264785][ T7006] ? aa_sock_msg_perm+0xf1/0x1d0 [ 175.264815][ T7006] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 175.264837][ T7006] ? __pfx_netlink_sendmsg+0x10/0x10 [ 175.264863][ T7006] __sock_sendmsg+0x219/0x270 [ 175.264888][ T7006] ____sys_sendmsg+0x505/0x830 [ 175.264923][ T7006] ? __pfx_____sys_sendmsg+0x10/0x10 [ 175.264969][ T7006] ___sys_sendmsg+0x21f/0x2a0 [ 175.265000][ T7006] ? __pfx____sys_sendmsg+0x10/0x10 [ 175.265066][ T7006] ? __fget_files+0x2a/0x420 [ 175.265095][ T7006] ? __fget_files+0x3a0/0x420 [ 175.265137][ T7006] __sys_sendmsg+0x164/0x220 [ 175.265168][ T7006] ? __pfx___sys_sendmsg+0x10/0x10 [ 175.265214][ T7006] ? lockdep_hardirqs_on+0x9c/0x150 [ 175.265241][ T7006] __do_fast_syscall_32+0xb6/0x2b0 [ 175.265268][ T7006] ? lockdep_hardirqs_on+0x9c/0x150 [ 175.265295][ T7006] do_fast_syscall_32+0x34/0x80 [ 175.265322][ T7006] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 175.265346][ T7006] RIP: 0023:0xf704e539 [ 175.265363][ T7006] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 175.265379][ T7006] RSP: 002b:00000000f543e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 175.265399][ T7006] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001400 [ 175.265413][ T7006] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 175.265424][ T7006] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 175.265435][ T7006] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 175.265446][ T7006] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 175.265475][ T7006] [ 175.653358][ T43] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 175.752656][ T7011] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.760019][ T7011] bridge0: port 1(bridge_slave_0) entered forwarding state [ 176.254282][ T927] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 176.306558][ T7025] FAULT_INJECTION: forcing a failure. [ 176.306558][ T7025] name failslab, interval 1, probability 0, space 0, times 0 [ 176.383100][ T5931] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 176.417867][ T7025] CPU: 0 UID: 0 PID: 7025 Comm: syz.3.311 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 176.417896][ T7025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 176.417908][ T7025] Call Trace: [ 176.417915][ T7025] [ 176.417923][ T7025] dump_stack_lvl+0x189/0x250 [ 176.417953][ T7025] ? __pfx____ratelimit+0x10/0x10 [ 176.417971][ T7025] ? __pfx_dump_stack_lvl+0x10/0x10 [ 176.417988][ T7025] ? __pfx__printk+0x10/0x10 [ 176.418012][ T7025] ? __pfx___might_resched+0x10/0x10 [ 176.418029][ T7025] should_fail_ex+0x414/0x560 [ 176.418048][ T7025] should_failslab+0xa8/0x100 [ 176.418071][ T7025] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 176.418091][ T7025] ? __alloc_skb+0x112/0x2d0 [ 176.418113][ T7025] __alloc_skb+0x112/0x2d0 [ 176.418134][ T7025] netlink_sendmsg+0x5c6/0xb30 [ 176.418159][ T7025] ? __pfx_netlink_sendmsg+0x10/0x10 [ 176.418179][ T7025] ? __import_iovec+0x5d4/0x7f0 [ 176.418191][ T7025] ? aa_sock_msg_perm+0xf1/0x1d0 [ 176.418219][ T7025] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 176.418234][ T7025] ? __pfx_netlink_sendmsg+0x10/0x10 [ 176.418253][ T7025] __sock_sendmsg+0x219/0x270 [ 176.418271][ T7025] ____sys_sendmsg+0x505/0x830 [ 176.418295][ T7025] ? __pfx_____sys_sendmsg+0x10/0x10 [ 176.418327][ T7025] ___sys_sendmsg+0x21f/0x2a0 [ 176.418350][ T7025] ? __pfx____sys_sendmsg+0x10/0x10 [ 176.418395][ T7025] ? __fget_files+0x2a/0x420 [ 176.418416][ T7025] ? __fget_files+0x3a0/0x420 [ 176.418445][ T7025] __sys_sendmsg+0x164/0x220 [ 176.418470][ T7025] ? __pfx___sys_sendmsg+0x10/0x10 [ 176.418502][ T7025] ? lockdep_hardirqs_on+0x9c/0x150 [ 176.418522][ T7025] __do_fast_syscall_32+0xb6/0x2b0 [ 176.418541][ T7025] ? lockdep_hardirqs_on+0x9c/0x150 [ 176.418560][ T7025] do_fast_syscall_32+0x34/0x80 [ 176.418579][ T7025] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 176.418597][ T7025] RIP: 0023:0xf702e539 [ 176.418609][ T7025] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 176.418621][ T7025] RSP: 002b:00000000f541e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 176.418636][ T7025] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000ac0 [ 176.418646][ T7025] RDX: 0000000020000804 RSI: 0000000000000000 RDI: 0000000000000000 [ 176.418654][ T7025] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 176.418662][ T7025] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 176.418670][ T7025] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 176.418689][ T7025] [ 176.680377][ T927] usb 2-1: Using ep0 maxpacket: 32 [ 176.847035][ T5931] usb 5-1: Using ep0 maxpacket: 32 [ 176.864771][ T5931] usb 5-1: config 0 has an invalid interface number: 126 but max is 0 [ 176.892960][ T5931] usb 5-1: config 0 has no interface number 0 [ 176.918393][ T5931] usb 5-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023 [ 176.934299][ T927] usb 2-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=8a.0a [ 177.052942][ T927] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 177.061256][ T5931] usb 5-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8 [ 177.077399][ T927] usb 2-1: Product: syz [ 177.090147][ T5931] usb 5-1: config 0 interface 126 has no altsetting 0 [ 177.097410][ T927] usb 2-1: Manufacturer: syz [ 177.102042][ T927] usb 2-1: SerialNumber: syz [ 177.157903][ T927] usb 2-1: config 0 descriptor?? [ 177.163137][ T43] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 177.178568][ T5931] usb 5-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c [ 177.190964][ T927] xr_serial 2-1:0.0: skipping garbage [ 177.210481][ T5931] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 177.232321][ T5931] usb 5-1: Product: syz [ 177.239645][ T5931] usb 5-1: Manufacturer: syz [ 177.261022][ T5931] usb 5-1: SerialNumber: syz [ 177.312585][ T5931] usb 5-1: config 0 descriptor?? [ 177.318683][ T43] usb 3-1: Using ep0 maxpacket: 8 [ 177.325282][ T7022] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 177.333207][ T7022] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 177.342846][ T43] usb 3-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config [ 177.358495][ T43] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 177.404259][ T927] usb 2-1: USB disconnect, device number 6 [ 177.423735][ T43] usb 3-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config [ 177.452373][ T43] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 177.664259][ T43] usb 3-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config [ 177.675072][ T43] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 177.691451][ T43] usb 3-1: New USB device found, idVendor=0007, idProduct=0064, bcdDevice=40.6e [ 177.700696][ T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 177.708858][ T43] usb 3-1: Product: syz [ 177.714028][ T43] usb 3-1: Manufacturer: syz [ 177.732017][ T43] usb 3-1: SerialNumber: syz [ 177.870054][ T7042] FAULT_INJECTION: forcing a failure. [ 177.870054][ T7042] name failslab, interval 1, probability 0, space 0, times 0 [ 177.918245][ T7042] CPU: 0 UID: 0 PID: 7042 Comm: syz.0.318 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 177.918274][ T7042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 177.918286][ T7042] Call Trace: [ 177.918294][ T7042] [ 177.918302][ T7042] dump_stack_lvl+0x189/0x250 [ 177.918330][ T7042] ? __pfx____ratelimit+0x10/0x10 [ 177.918347][ T7042] ? __pfx_dump_stack_lvl+0x10/0x10 [ 177.918371][ T7042] ? __pfx__printk+0x10/0x10 [ 177.918407][ T7042] ? __pfx___might_resched+0x10/0x10 [ 177.918431][ T7042] should_fail_ex+0x414/0x560 [ 177.918458][ T7042] should_failslab+0xa8/0x100 [ 177.918486][ T7042] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 177.918507][ T7042] ? __alloc_skb+0x112/0x2d0 [ 177.918535][ T7042] __alloc_skb+0x112/0x2d0 [ 177.918567][ T7042] netlink_sendmsg+0x5c6/0xb30 [ 177.918602][ T7042] ? __pfx_netlink_sendmsg+0x10/0x10 [ 177.918632][ T7042] ? __import_iovec+0x5d4/0x7f0 [ 177.918644][ T7042] ? aa_sock_msg_perm+0xf1/0x1d0 [ 177.918665][ T7042] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 177.918687][ T7042] ? __pfx_netlink_sendmsg+0x10/0x10 [ 177.918716][ T7042] __sock_sendmsg+0x219/0x270 [ 177.918740][ T7042] ____sys_sendmsg+0x505/0x830 [ 177.918776][ T7042] ? __pfx_____sys_sendmsg+0x10/0x10 [ 177.918809][ T7042] ___sys_sendmsg+0x21f/0x2a0 [ 177.918837][ T7042] ? __pfx____sys_sendmsg+0x10/0x10 [ 177.918903][ T7042] ? __fget_files+0x2a/0x420 [ 177.918932][ T7042] ? __fget_files+0x3a0/0x420 [ 177.918961][ T7042] __sys_sendmsg+0x164/0x220 [ 177.918989][ T7042] ? __pfx___sys_sendmsg+0x10/0x10 [ 177.919035][ T7042] ? lockdep_hardirqs_on+0x9c/0x150 [ 177.919062][ T7042] __do_fast_syscall_32+0xb6/0x2b0 [ 177.919086][ T7042] ? lockdep_hardirqs_on+0x9c/0x150 [ 177.919105][ T7042] do_fast_syscall_32+0x34/0x80 [ 177.919124][ T7042] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 177.919156][ T7042] RIP: 0023:0xf70ae539 [ 177.919174][ T7042] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 177.919192][ T7042] RSP: 002b:00000000f549e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 177.919213][ T7042] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0 [ 177.919226][ T7042] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000 [ 177.919238][ T7042] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 177.919250][ T7042] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 177.919273][ T7042] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 177.919301][ T7042] [ 178.179100][ T7044] netlink: 53 bytes leftover after parsing attributes in process `syz.3.319'. [ 178.212570][ T5931] ir_usb 5-1:0.126: IR Dongle converter detected [ 178.234704][ T5931] usb 5-1: IRDA class descriptor not found, device not bound [ 178.500781][ T43] usb 3-1: USB disconnect, device number 8 [ 178.548976][ T5931] usb 5-1: USB disconnect, device number 11 [ 178.598065][ T7047] FAULT_INJECTION: forcing a failure. [ 178.598065][ T7047] name failslab, interval 1, probability 0, space 0, times 0 [ 178.661921][ T7047] CPU: 0 UID: 0 PID: 7047 Comm: syz.1.320 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 178.661952][ T7047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 178.661965][ T7047] Call Trace: [ 178.661973][ T7047] [ 178.661982][ T7047] dump_stack_lvl+0x189/0x250 [ 178.662022][ T7047] ? __pfx____ratelimit+0x10/0x10 [ 178.662047][ T7047] ? __pfx_dump_stack_lvl+0x10/0x10 [ 178.662073][ T7047] ? __pfx__printk+0x10/0x10 [ 178.662109][ T7047] ? __pfx___might_resched+0x10/0x10 [ 178.662135][ T7047] should_fail_ex+0x414/0x560 [ 178.662163][ T7047] should_failslab+0xa8/0x100 [ 178.662196][ T7047] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 178.662226][ T7047] ? __alloc_skb+0x112/0x2d0 [ 178.662258][ T7047] __alloc_skb+0x112/0x2d0 [ 178.662289][ T7047] netlink_sendmsg+0x5c6/0xb30 [ 178.662327][ T7047] ? __pfx_netlink_sendmsg+0x10/0x10 [ 178.662358][ T7047] ? __import_iovec+0x5d4/0x7f0 [ 178.662375][ T7047] ? aa_sock_msg_perm+0xf1/0x1d0 [ 178.662407][ T7047] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 178.662431][ T7047] ? __pfx_netlink_sendmsg+0x10/0x10 [ 178.662457][ T7047] __sock_sendmsg+0x219/0x270 [ 178.662477][ T7047] ____sys_sendmsg+0x505/0x830 [ 178.662505][ T7047] ? __pfx_____sys_sendmsg+0x10/0x10 [ 178.662543][ T7047] ___sys_sendmsg+0x21f/0x2a0 [ 178.662569][ T7047] ? __pfx____sys_sendmsg+0x10/0x10 [ 178.662623][ T7047] ? __fget_files+0x2a/0x420 [ 178.662648][ T7047] ? __fget_files+0x3a0/0x420 [ 178.662683][ T7047] __sys_sendmsg+0x164/0x220 [ 178.662709][ T7047] ? __pfx___sys_sendmsg+0x10/0x10 [ 178.662746][ T7047] ? lockdep_hardirqs_on+0x9c/0x150 [ 178.662770][ T7047] __do_fast_syscall_32+0xb6/0x2b0 [ 178.662793][ T7047] ? lockdep_hardirqs_on+0x9c/0x150 [ 178.662817][ T7047] do_fast_syscall_32+0x34/0x80 [ 178.662841][ T7047] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 178.662865][ T7047] RIP: 0023:0xf704e539 [ 178.662886][ T7047] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 178.662901][ T7047] RSP: 002b:00000000f543e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 178.662921][ T7047] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200 [ 178.662933][ T7047] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 178.662943][ T7047] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 178.662952][ T7047] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 178.662962][ T7047] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 178.663000][ T7047] [ 179.181174][ T7056] FAULT_INJECTION: forcing a failure. [ 179.181174][ T7056] name failslab, interval 1, probability 0, space 0, times 0 [ 179.198275][ T7056] CPU: 1 UID: 0 PID: 7056 Comm: syz.1.324 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 179.198304][ T7056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 179.198314][ T7056] Call Trace: [ 179.198320][ T7056] [ 179.198327][ T7056] dump_stack_lvl+0x189/0x250 [ 179.198350][ T7056] ? __pfx____ratelimit+0x10/0x10 [ 179.198368][ T7056] ? __pfx_dump_stack_lvl+0x10/0x10 [ 179.198386][ T7056] ? __pfx__printk+0x10/0x10 [ 179.198411][ T7056] ? __pfx___might_resched+0x10/0x10 [ 179.198429][ T7056] should_fail_ex+0x414/0x560 [ 179.198450][ T7056] should_failslab+0xa8/0x100 [ 179.198474][ T7056] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 179.198496][ T7056] ? __alloc_skb+0x112/0x2d0 [ 179.198518][ T7056] __alloc_skb+0x112/0x2d0 [ 179.198540][ T7056] netlink_sendmsg+0x5c6/0xb30 [ 179.198567][ T7056] ? __pfx_netlink_sendmsg+0x10/0x10 [ 179.198588][ T7056] ? __import_iovec+0x5d4/0x7f0 [ 179.198600][ T7056] ? aa_sock_msg_perm+0xf1/0x1d0 [ 179.198622][ T7056] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 179.198639][ T7056] ? __pfx_netlink_sendmsg+0x10/0x10 [ 179.198659][ T7056] __sock_sendmsg+0x219/0x270 [ 179.198677][ T7056] ____sys_sendmsg+0x505/0x830 [ 179.198702][ T7056] ? __pfx_____sys_sendmsg+0x10/0x10 [ 179.198736][ T7056] ___sys_sendmsg+0x21f/0x2a0 [ 179.198759][ T7056] ? __pfx____sys_sendmsg+0x10/0x10 [ 179.198807][ T7056] ? __fget_files+0x2a/0x420 [ 179.198830][ T7056] ? __fget_files+0x3a0/0x420 [ 179.198860][ T7056] __sys_sendmsg+0x164/0x220 [ 179.198883][ T7056] ? __pfx___sys_sendmsg+0x10/0x10 [ 179.198916][ T7056] ? lockdep_hardirqs_on+0x9c/0x150 [ 179.198936][ T7056] __do_fast_syscall_32+0xb6/0x2b0 [ 179.198956][ T7056] ? lockdep_hardirqs_on+0x9c/0x150 [ 179.198983][ T7056] do_fast_syscall_32+0x34/0x80 [ 179.199003][ T7056] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 179.199022][ T7056] RIP: 0023:0xf704e539 [ 179.199034][ T7056] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 179.199048][ T7056] RSP: 002b:00000000f543e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 179.199064][ T7056] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000ac0 [ 179.199074][ T7056] RDX: 0000000020000804 RSI: 0000000000000000 RDI: 0000000000000000 [ 179.199083][ T7056] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 179.199092][ T7056] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 179.199100][ T7056] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 179.199121][ T7056] [ 179.730540][ T7062] FAULT_INJECTION: forcing a failure. [ 179.730540][ T7062] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 179.765109][ T7062] CPU: 0 UID: 0 PID: 7062 Comm: syz.1.326 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 179.765140][ T7062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 179.765160][ T7062] Call Trace: [ 179.765169][ T7062] [ 179.765178][ T7062] dump_stack_lvl+0x189/0x250 [ 179.765209][ T7062] ? __pfx____ratelimit+0x10/0x10 [ 179.765234][ T7062] ? __pfx_dump_stack_lvl+0x10/0x10 [ 179.765259][ T7062] ? __pfx__printk+0x10/0x10 [ 179.765288][ T7062] ? __might_fault+0xb0/0x130 [ 179.765330][ T7062] should_fail_ex+0x414/0x560 [ 179.765359][ T7062] _copy_from_user+0x2d/0xb0 [ 179.765380][ T7062] kstrtouint_from_user+0xc4/0x170 [ 179.765412][ T7062] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 179.765458][ T7062] proc_fail_nth_write+0x88/0x200 [ 179.765483][ T7062] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 179.765513][ T7062] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 179.765537][ T7062] vfs_write+0x27e/0xa90 [ 179.765576][ T7062] ? __pfx_vfs_write+0x10/0x10 [ 179.765604][ T7062] ? __fget_files+0x2a/0x420 [ 179.765641][ T7062] ? __fget_files+0x3a0/0x420 [ 179.765670][ T7062] ? __fget_files+0x2a/0x420 [ 179.765711][ T7062] ksys_write+0x145/0x250 [ 179.765745][ T7062] ? __pfx_ksys_write+0x10/0x10 [ 179.765776][ T7062] ? lockdep_hardirqs_on+0x9c/0x150 [ 179.765805][ T7062] __do_fast_syscall_32+0xb6/0x2b0 [ 179.765833][ T7062] ? lockdep_hardirqs_on+0x9c/0x150 [ 179.765863][ T7062] do_fast_syscall_32+0x34/0x80 [ 179.765889][ T7062] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 179.765915][ T7062] RIP: 0023:0xf704e539 [ 179.765932][ T7062] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 179.765950][ T7062] RSP: 002b:00000000f543e590 EFLAGS: 00000206 ORIG_RAX: 0000000000000004 [ 179.765972][ T7062] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f543e620 [ 179.765986][ T7062] RDX: 0000000000000001 RSI: 00000000f73b4ff4 RDI: 0000000000000000 [ 179.765999][ T7062] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 179.766011][ T7062] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 179.766041][ T7062] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 179.766073][ T7062] [ 180.524115][ T5982] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 180.650311][ T7079] netlink: 52 bytes leftover after parsing attributes in process `syz.4.329'. [ 180.846378][ T7086] FAULT_INJECTION: forcing a failure. [ 180.846378][ T7086] name failslab, interval 1, probability 0, space 0, times 0 [ 180.865912][ T7086] CPU: 0 UID: 0 PID: 7086 Comm: syz.4.331 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 180.865935][ T7086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 180.865944][ T7086] Call Trace: [ 180.865950][ T7086] [ 180.865957][ T7086] dump_stack_lvl+0x189/0x250 [ 180.865980][ T7086] ? __pfx____ratelimit+0x10/0x10 [ 180.865998][ T7086] ? __pfx_dump_stack_lvl+0x10/0x10 [ 180.866017][ T7086] ? __pfx__printk+0x10/0x10 [ 180.866042][ T7086] ? __pfx___might_resched+0x10/0x10 [ 180.866060][ T7086] should_fail_ex+0x414/0x560 [ 180.866080][ T7086] should_failslab+0xa8/0x100 [ 180.866104][ T7086] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 180.866126][ T7086] ? __alloc_skb+0x112/0x2d0 [ 180.866148][ T7086] __alloc_skb+0x112/0x2d0 [ 180.866170][ T7086] netlink_sendmsg+0x5c6/0xb30 [ 180.866197][ T7086] ? __pfx_netlink_sendmsg+0x10/0x10 [ 180.866218][ T7086] ? __import_iovec+0x5d4/0x7f0 [ 180.866230][ T7086] ? aa_sock_msg_perm+0xf1/0x1d0 [ 180.866252][ T7086] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 180.866269][ T7086] ? __pfx_netlink_sendmsg+0x10/0x10 [ 180.866288][ T7086] __sock_sendmsg+0x219/0x270 [ 180.866307][ T7086] ____sys_sendmsg+0x505/0x830 [ 180.866333][ T7086] ? __pfx_____sys_sendmsg+0x10/0x10 [ 180.866379][ T7086] ___sys_sendmsg+0x21f/0x2a0 [ 180.866402][ T7086] ? __pfx____sys_sendmsg+0x10/0x10 [ 180.866448][ T7086] ? __fget_files+0x2a/0x420 [ 180.866469][ T7086] ? __fget_files+0x3a0/0x420 [ 180.866499][ T7086] __sys_sendmsg+0x164/0x220 [ 180.866521][ T7086] ? __pfx___sys_sendmsg+0x10/0x10 [ 180.866553][ T7086] ? lockdep_hardirqs_on+0x9c/0x150 [ 180.866573][ T7086] __do_fast_syscall_32+0xb6/0x2b0 [ 180.866592][ T7086] ? lockdep_hardirqs_on+0x9c/0x150 [ 180.866612][ T7086] do_fast_syscall_32+0x34/0x80 [ 180.866630][ T7086] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 180.866648][ T7086] RIP: 0023:0xf7f28539 [ 180.866661][ T7086] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 180.866673][ T7086] RSP: 002b:00000000f544655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 180.866688][ T7086] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0 [ 180.866698][ T7086] RDX: 0000000004004010 RSI: 0000000000000000 RDI: 0000000000000000 [ 180.866707][ T7086] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 180.866715][ T7086] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 180.866724][ T7086] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 180.866762][ T7086] [ 180.983135][ T5982] usb 1-1: Using ep0 maxpacket: 32 [ 181.148422][ T5982] usb 1-1: too many configurations: 209, using maximum allowed: 8 [ 181.165975][ T5982] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 181.191174][ T7087] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 181.207369][ T5982] usb 1-1: can't read configurations, error -61 [ 181.259523][ T7091] netlink: 8 bytes leftover after parsing attributes in process `syz.3.330'. [ 181.523032][ T5982] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 181.701436][ T7097] netlink: 1 bytes leftover after parsing attributes in process `syz.1.334'. [ 181.743061][ T5982] usb 1-1: Using ep0 maxpacket: 32 [ 181.751766][ T5982] usb 1-1: too many configurations: 209, using maximum allowed: 8 [ 181.763572][ T5982] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 181.771354][ T5982] usb 1-1: can't read configurations, error -61 [ 181.782321][ T5982] usb usb1-port1: attempt power cycle [ 182.123225][ T5982] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 182.287335][ T7105] netlink: 16 bytes leftover after parsing attributes in process `syz.4.338'. [ 182.714283][ T7112] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 182.720959][ T7112] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 183.530976][ T5982] usb 1-1: device descriptor read/8, error -71 [ 184.024650][ T7130] FAULT_INJECTION: forcing a failure. [ 184.024650][ T7130] name failslab, interval 1, probability 0, space 0, times 0 [ 184.077448][ T7130] CPU: 0 UID: 0 PID: 7130 Comm: syz.1.347 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 184.077479][ T7130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 184.077493][ T7130] Call Trace: [ 184.077501][ T7130] [ 184.077510][ T7130] dump_stack_lvl+0x189/0x250 [ 184.077542][ T7130] ? __pfx____ratelimit+0x10/0x10 [ 184.077569][ T7130] ? __pfx_dump_stack_lvl+0x10/0x10 [ 184.077607][ T7130] ? __pfx__printk+0x10/0x10 [ 184.077644][ T7130] ? __pfx___might_resched+0x10/0x10 [ 184.077670][ T7130] should_fail_ex+0x414/0x560 [ 184.077700][ T7130] should_failslab+0xa8/0x100 [ 184.077733][ T7130] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 184.077764][ T7130] ? __alloc_skb+0x112/0x2d0 [ 184.077797][ T7130] __alloc_skb+0x112/0x2d0 [ 184.077828][ T7130] netlink_sendmsg+0x5c6/0xb30 [ 184.077868][ T7130] ? __pfx_netlink_sendmsg+0x10/0x10 [ 184.077898][ T7130] ? __import_iovec+0x5d4/0x7f0 [ 184.077916][ T7130] ? aa_sock_msg_perm+0xf1/0x1d0 [ 184.077947][ T7130] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 184.077971][ T7130] ? __pfx_netlink_sendmsg+0x10/0x10 [ 184.077999][ T7130] __sock_sendmsg+0x219/0x270 [ 184.078026][ T7130] ____sys_sendmsg+0x505/0x830 [ 184.078063][ T7130] ? __pfx_____sys_sendmsg+0x10/0x10 [ 184.078113][ T7130] ___sys_sendmsg+0x21f/0x2a0 [ 184.078147][ T7130] ? __pfx____sys_sendmsg+0x10/0x10 [ 184.078217][ T7130] ? __fget_files+0x2a/0x420 [ 184.078248][ T7130] ? __fget_files+0x3a0/0x420 [ 184.078292][ T7130] __sys_sendmsg+0x164/0x220 [ 184.078325][ T7130] ? __pfx___sys_sendmsg+0x10/0x10 [ 184.078373][ T7130] ? lockdep_hardirqs_on+0x9c/0x150 [ 184.078402][ T7130] __do_fast_syscall_32+0xb6/0x2b0 [ 184.078430][ T7130] ? lockdep_hardirqs_on+0x9c/0x150 [ 184.078460][ T7130] do_fast_syscall_32+0x34/0x80 [ 184.078488][ T7130] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 184.078513][ T7130] RIP: 0023:0xf704e539 [ 184.078532][ T7130] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 184.078551][ T7130] RSP: 002b:00000000f543e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 184.078573][ T7130] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001340 [ 184.078595][ T7130] RDX: 0000000004000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 184.078608][ T7130] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 184.078620][ T7130] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 184.078633][ T7130] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 184.078665][ T7130] [ 184.135068][ T7135] fuse: Bad value for 'group_id' [ 184.367625][ T7136] syzkaller1: entered promiscuous mode [ 184.374599][ T7135] fuse: Bad value for 'group_id' [ 184.380989][ T7136] syzkaller1: entered allmulticast mode [ 184.633671][ T5982] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 184.694032][ T5982] usb 1-1: Using ep0 maxpacket: 16 [ 184.743101][ T5982] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 184.752828][ T5982] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 184.797100][ T5982] usb 1-1: New USB device found, idVendor=0d57, idProduct=e999, bcdDevice=a7.63 [ 184.835247][ T5982] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 184.862958][ T5982] usb 1-1: Product: syz [ 184.867178][ T5982] usb 1-1: Manufacturer: syz [ 184.871803][ T5982] usb 1-1: SerialNumber: syz [ 184.924751][ T5982] usb 1-1: config 0 descriptor?? [ 185.156520][ T7131] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 185.163066][ T7131] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 185.187766][ T43] usb 1-1: USB disconnect, device number 12 [ 185.194104][ T5931] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 185.539053][ T7174] FAULT_INJECTION: forcing a failure. [ 185.539053][ T7174] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 185.568521][ T7174] CPU: 1 UID: 0 PID: 7174 Comm: syz.4.360 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 185.568552][ T7174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 185.568565][ T7174] Call Trace: [ 185.568574][ T7174] [ 185.568583][ T7174] dump_stack_lvl+0x189/0x250 [ 185.568613][ T7174] ? __pfx____ratelimit+0x10/0x10 [ 185.568639][ T7174] ? __pfx_dump_stack_lvl+0x10/0x10 [ 185.568664][ T7174] ? __pfx__printk+0x10/0x10 [ 185.568706][ T7174] should_fail_ex+0x414/0x560 [ 185.568741][ T7174] _copy_to_user+0x31/0xb0 [ 185.568763][ T7174] simple_read_from_buffer+0xe1/0x170 [ 185.568798][ T7174] proc_fail_nth_read+0x1b3/0x220 [ 185.568825][ T7174] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 185.568850][ T7174] ? rw_verify_area+0x2a6/0x4d0 [ 185.568874][ T7174] ? __lock_acquire+0xab9/0xd20 [ 185.568902][ T7174] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 185.568927][ T7174] vfs_read+0x200/0x980 [ 185.568952][ T7174] ? fdget_pos+0x247/0x320 [ 185.568974][ T7174] ? __pfx___mutex_lock+0x10/0x10 [ 185.569000][ T7174] ? __pfx_vfs_read+0x10/0x10 [ 185.569028][ T7174] ? __fget_files+0x2a/0x420 [ 185.569063][ T7174] ? __fget_files+0x3a0/0x420 [ 185.569091][ T7174] ? __fget_files+0x2a/0x420 [ 185.569132][ T7174] ksys_read+0x145/0x250 [ 185.569161][ T7174] ? __pfx_ksys_read+0x10/0x10 [ 185.569191][ T7174] ? lockdep_hardirqs_on+0x9c/0x150 [ 185.569219][ T7174] __do_fast_syscall_32+0xb6/0x2b0 [ 185.569247][ T7174] ? lockdep_hardirqs_on+0x9c/0x150 [ 185.569275][ T7174] do_fast_syscall_32+0x34/0x80 [ 185.569302][ T7174] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 185.569327][ T7174] RIP: 0023:0xf7f28539 [ 185.569345][ T7174] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 185.569363][ T7174] RSP: 002b:00000000f5446590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003 [ 185.569389][ T7174] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5446620 [ 185.569403][ T7174] RDX: 000000000000000f RSI: 00000000f73b4ff4 RDI: 0000000000000000 [ 185.569416][ T7174] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 185.569427][ T7174] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 185.569439][ T7174] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 185.569469][ T7174] [ 185.835247][ T5931] usb 3-1: Using ep0 maxpacket: 32 [ 185.846121][ T5931] usb 3-1: config 0 has an invalid interface number: 145 but max is 1 [ 185.855262][ T5931] usb 3-1: config 0 has an invalid interface number: 43 but max is 1 [ 185.863536][ T5931] usb 3-1: config 0 has no interface number 0 [ 185.869940][ T5931] usb 3-1: config 0 has no interface number 1 [ 185.876136][ T5931] usb 3-1: config 0 interface 43 altsetting 250 bulk endpoint 0xF has invalid maxpacket 1023 [ 185.886401][ T5931] usb 3-1: config 0 interface 43 altsetting 250 has a duplicate endpoint with address 0x2, skipping [ 185.897229][ T5931] usb 3-1: config 0 interface 43 altsetting 250 has an endpoint descriptor with address 0xCE, changing to 0x8E [ 185.909013][ T5931] usb 3-1: config 0 interface 43 altsetting 250 endpoint 0x8E has an invalid bInterval 180, changing to 11 [ 185.921569][ T5931] usb 3-1: config 0 interface 43 altsetting 250 endpoint 0x8E has invalid maxpacket 16902, setting to 1024 [ 185.933007][ T5931] usb 3-1: config 0 interface 43 altsetting 250 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 185.946199][ T5931] usb 3-1: config 0 interface 145 has no altsetting 0 [ 185.953171][ T5931] usb 3-1: config 0 interface 43 has no altsetting 0 [ 186.085701][ T5931] usb 3-1: New USB device found, idVendor=06cd, idProduct=0104, bcdDevice=c8.6a [ 186.094979][ T5931] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.103068][ T5931] usb 3-1: Product: syz [ 186.107259][ T5931] usb 3-1: Manufacturer: syz [ 186.111879][ T5931] usb 3-1: SerialNumber: syz [ 186.119515][ T5931] usb 3-1: config 0 descriptor?? [ 186.333994][ T5931] keyspan_pda 3-1:0.145: required endpoints missing [ 186.388742][ T5931] keyspan_pda 3-1:0.43: Keyspan PDA converter detected [ 186.412134][ T5931] usb 3-1: Keyspan PDA converter now attached to ttyUSB0 [ 186.462640][ T7187] FAULT_INJECTION: forcing a failure. [ 186.462640][ T7187] name failslab, interval 1, probability 0, space 0, times 0 [ 186.493352][ T5931] usb 3-1: USB disconnect, device number 9 [ 186.525137][ T7187] CPU: 1 UID: 0 PID: 7187 Comm: syz.3.365 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 186.525168][ T7187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 186.525182][ T7187] Call Trace: [ 186.525191][ T7187] [ 186.525200][ T7187] dump_stack_lvl+0x189/0x250 [ 186.525232][ T7187] ? __pfx____ratelimit+0x10/0x10 [ 186.525258][ T7187] ? __pfx_dump_stack_lvl+0x10/0x10 [ 186.525284][ T7187] ? __pfx__printk+0x10/0x10 [ 186.525317][ T7187] ? __pfx___might_resched+0x10/0x10 [ 186.525338][ T7187] ? fs_reclaim_acquire+0x7d/0x100 [ 186.525376][ T7187] should_fail_ex+0x414/0x560 [ 186.525414][ T7187] should_failslab+0xa8/0x100 [ 186.525448][ T7187] __kmalloc_noprof+0xcb/0x4f0 [ 186.525476][ T7187] ? tomoyo_encode+0x28b/0x550 [ 186.525510][ T7187] tomoyo_encode+0x28b/0x550 [ 186.525546][ T7187] tomoyo_realpath_from_path+0x58d/0x5d0 [ 186.525580][ T7187] ? tomoyo_domain+0xd9/0x130 [ 186.525617][ T7187] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 186.525642][ T7187] tomoyo_path_number_perm+0x1e8/0x5a0 [ 186.525672][ T7187] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 186.525718][ T7187] ? __lock_acquire+0xab9/0xd20 [ 186.525774][ T7187] ? __fget_files+0x2a/0x420 [ 186.525813][ T7187] ? __fget_files+0x3a0/0x420 [ 186.525845][ T7187] ? __fget_files+0x2a/0x420 [ 186.525884][ T7187] security_file_ioctl_compat+0xcb/0x2d0 [ 186.525913][ T7187] __ia32_compat_sys_ioctl+0x128/0x840 [ 186.525946][ T7187] ? __pfx___ia32_compat_sys_ioctl+0x10/0x10 [ 186.525975][ T7187] ? __fget_files+0x3a0/0x420 [ 186.526016][ T7187] ? fput+0xa0/0xd0 [ 186.526039][ T7187] ? ksys_write+0x22a/0x250 [ 186.526080][ T7187] ? lockdep_hardirqs_on+0x9c/0x150 [ 186.526111][ T7187] __do_fast_syscall_32+0xb6/0x2b0 [ 186.526145][ T7187] ? lockdep_hardirqs_on+0x9c/0x150 [ 186.526177][ T7187] do_fast_syscall_32+0x34/0x80 [ 186.526206][ T7187] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 186.526234][ T7187] RIP: 0023:0xf702e539 [ 186.526252][ T7187] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 186.526272][ T7187] RSP: 002b:00000000f541e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 186.526294][ T7187] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004008b100 [ 186.526310][ T7187] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 186.526323][ T7187] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 186.526336][ T7187] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 186.526349][ T7187] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 186.526381][ T7187] [ 186.528089][ T7187] ERROR: Out of memory at tomoyo_realpath_from_path. [ 186.591188][ T7189] FAULT_INJECTION: forcing a failure. [ 186.591188][ T7189] name failslab, interval 1, probability 0, space 0, times 0 [ 186.607280][ T5931] keyspan_pda ttyUSB0: Keyspan PDA converter now disconnected from ttyUSB0 [ 186.658577][ T7189] CPU: 0 UID: 0 PID: 7189 Comm: syz.0.366 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 186.658608][ T7189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 186.658624][ T7189] Call Trace: [ 186.658634][ T7189] [ 186.658646][ T7189] dump_stack_lvl+0x189/0x250 [ 186.658681][ T7189] ? __pfx____ratelimit+0x10/0x10 [ 186.658711][ T7189] ? __pfx_dump_stack_lvl+0x10/0x10 [ 186.658739][ T7189] ? __pfx__printk+0x10/0x10 [ 186.658780][ T7189] ? __pfx___might_resched+0x10/0x10 [ 186.658808][ T7189] should_fail_ex+0x414/0x560 [ 186.658841][ T7189] should_failslab+0xa8/0x100 [ 186.658878][ T7189] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 186.658911][ T7189] ? __alloc_skb+0x112/0x2d0 [ 186.658947][ T7189] __alloc_skb+0x112/0x2d0 [ 186.658980][ T7189] netlink_sendmsg+0x5c6/0xb30 [ 186.659021][ T7189] ? __pfx_netlink_sendmsg+0x10/0x10 [ 186.659055][ T7189] ? __import_iovec+0x5d4/0x7f0 [ 186.659074][ T7189] ? aa_sock_msg_perm+0xf1/0x1d0 [ 186.659109][ T7189] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 186.659135][ T7189] ? __pfx_netlink_sendmsg+0x10/0x10 [ 186.659165][ T7189] __sock_sendmsg+0x219/0x270 [ 186.659195][ T7189] ____sys_sendmsg+0x505/0x830 [ 186.659235][ T7189] ? __pfx_____sys_sendmsg+0x10/0x10 [ 186.659287][ T7189] ___sys_sendmsg+0x21f/0x2a0 [ 186.659323][ T7189] ? __pfx____sys_sendmsg+0x10/0x10 [ 186.659407][ T7189] ? __fget_files+0x2a/0x420 [ 186.659442][ T7189] ? __fget_files+0x3a0/0x420 [ 186.659488][ T7189] __sys_sendmsg+0x164/0x220 [ 186.659524][ T7189] ? __pfx___sys_sendmsg+0x10/0x10 [ 186.659579][ T7189] ? lockdep_hardirqs_on+0x9c/0x150 [ 186.659611][ T7189] __do_fast_syscall_32+0xb6/0x2b0 [ 186.659643][ T7189] ? lockdep_hardirqs_on+0x9c/0x150 [ 186.659674][ T7189] do_fast_syscall_32+0x34/0x80 [ 186.659705][ T7189] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 186.659733][ T7189] RIP: 0023:0xf70ae539 [ 186.659753][ T7189] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 186.659773][ T7189] RSP: 002b:00000000f549e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 186.659798][ T7189] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000 [ 186.659815][ T7189] RDX: 0000000004000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 186.659830][ T7189] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 186.659842][ T7189] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 186.659857][ T7189] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 186.659888][ T7189] [ 187.171419][ T7194] FAULT_INJECTION: forcing a failure. [ 187.171419][ T7194] name failslab, interval 1, probability 0, space 0, times 0 [ 187.203054][ T7194] CPU: 1 UID: 0 PID: 7194 Comm: syz.3.368 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 187.203085][ T7194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 187.203099][ T7194] Call Trace: [ 187.203107][ T7194] [ 187.203117][ T7194] dump_stack_lvl+0x189/0x250 [ 187.203148][ T7194] ? __pfx____ratelimit+0x10/0x10 [ 187.203173][ T7194] ? __pfx_dump_stack_lvl+0x10/0x10 [ 187.203197][ T7194] ? __pfx__printk+0x10/0x10 [ 187.203234][ T7194] ? __pfx___might_resched+0x10/0x10 [ 187.203258][ T7194] should_fail_ex+0x414/0x560 [ 187.203287][ T7194] should_failslab+0xa8/0x100 [ 187.203321][ T7194] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 187.203351][ T7194] ? __alloc_skb+0x112/0x2d0 [ 187.203382][ T7194] __alloc_skb+0x112/0x2d0 [ 187.203413][ T7194] netlink_sendmsg+0x5c6/0xb30 [ 187.203451][ T7194] ? __pfx_netlink_sendmsg+0x10/0x10 [ 187.203481][ T7194] ? __import_iovec+0x5d4/0x7f0 [ 187.203498][ T7194] ? aa_sock_msg_perm+0xf1/0x1d0 [ 187.203530][ T7194] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 187.203560][ T7194] ? __pfx_netlink_sendmsg+0x10/0x10 [ 187.203589][ T7194] __sock_sendmsg+0x219/0x270 [ 187.203616][ T7194] ____sys_sendmsg+0x505/0x830 [ 187.203653][ T7194] ? __pfx_____sys_sendmsg+0x10/0x10 [ 187.203702][ T7194] ___sys_sendmsg+0x21f/0x2a0 [ 187.203735][ T7194] ? __pfx____sys_sendmsg+0x10/0x10 [ 187.203805][ T7194] ? __fget_files+0x2a/0x420 [ 187.203836][ T7194] ? __fget_files+0x3a0/0x420 [ 187.203879][ T7194] __sys_sendmsg+0x164/0x220 [ 187.203912][ T7194] ? __pfx___sys_sendmsg+0x10/0x10 [ 187.203961][ T7194] ? lockdep_hardirqs_on+0x9c/0x150 [ 187.203990][ T7194] __do_fast_syscall_32+0xb6/0x2b0 [ 187.204019][ T7194] ? lockdep_hardirqs_on+0x9c/0x150 [ 187.204048][ T7194] do_fast_syscall_32+0x34/0x80 [ 187.204075][ T7194] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 187.204101][ T7194] RIP: 0023:0xf702e539 [ 187.204120][ T7194] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 187.204139][ T7194] RSP: 002b:00000000f541e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 187.204162][ T7194] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0 [ 187.204176][ T7194] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 187.204189][ T7194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 187.204201][ T7194] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 187.204214][ T7194] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 187.204245][ T7194] [ 187.488661][ T5931] keyspan_pda 3-1:0.43: device disconnected [ 187.635093][ T7201] FAULT_INJECTION: forcing a failure. [ 187.635093][ T7201] name failslab, interval 1, probability 0, space 0, times 0 [ 187.650360][ T7201] CPU: 1 UID: 0 PID: 7201 Comm: syz.2.373 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 187.650390][ T7201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 187.650403][ T7201] Call Trace: [ 187.650411][ T7201] [ 187.650419][ T7201] dump_stack_lvl+0x189/0x250 [ 187.650450][ T7201] ? __pfx____ratelimit+0x10/0x10 [ 187.650475][ T7201] ? __pfx_dump_stack_lvl+0x10/0x10 [ 187.650510][ T7201] ? __pfx__printk+0x10/0x10 [ 187.650546][ T7201] ? __pfx___might_resched+0x10/0x10 [ 187.650572][ T7201] should_fail_ex+0x414/0x560 [ 187.650601][ T7201] should_failslab+0xa8/0x100 [ 187.650635][ T7201] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 187.650666][ T7201] ? __alloc_skb+0x112/0x2d0 [ 187.650698][ T7201] __alloc_skb+0x112/0x2d0 [ 187.650730][ T7201] netlink_sendmsg+0x5c6/0xb30 [ 187.650768][ T7201] ? __pfx_netlink_sendmsg+0x10/0x10 [ 187.650798][ T7201] ? __import_iovec+0x5d4/0x7f0 [ 187.650816][ T7201] ? aa_sock_msg_perm+0xf1/0x1d0 [ 187.650848][ T7201] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 187.650871][ T7201] ? __pfx_netlink_sendmsg+0x10/0x10 [ 187.650900][ T7201] __sock_sendmsg+0x219/0x270 [ 187.650927][ T7201] ____sys_sendmsg+0x505/0x830 [ 187.650963][ T7201] ? __pfx_____sys_sendmsg+0x10/0x10 [ 187.651013][ T7201] ___sys_sendmsg+0x21f/0x2a0 [ 187.651047][ T7201] ? __pfx____sys_sendmsg+0x10/0x10 [ 187.651117][ T7201] ? __fget_files+0x2a/0x420 [ 187.651148][ T7201] ? __fget_files+0x3a0/0x420 [ 187.651192][ T7201] __sys_sendmsg+0x164/0x220 [ 187.651225][ T7201] ? __pfx___sys_sendmsg+0x10/0x10 [ 187.651274][ T7201] ? lockdep_hardirqs_on+0x9c/0x150 [ 187.651303][ T7201] __do_fast_syscall_32+0xb6/0x2b0 [ 187.651332][ T7201] ? lockdep_hardirqs_on+0x9c/0x150 [ 187.651361][ T7201] do_fast_syscall_32+0x34/0x80 [ 187.651389][ T7201] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 187.651415][ T7201] RIP: 0023:0xf707e539 [ 187.651434][ T7201] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 187.651452][ T7201] RSP: 002b:00000000f546e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 187.651475][ T7201] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001100 [ 187.651490][ T7201] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000 [ 187.651510][ T7201] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 187.651522][ T7201] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 187.651534][ T7201] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 187.651564][ T7201] [ 188.051825][ T7206] netlink: 1 bytes leftover after parsing attributes in process `syz.4.374'. [ 188.851926][ T5931] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 189.380374][ T5931] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 189.567708][ T5931] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 190.269727][ T5864] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 190.469774][ T5931] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 190.487192][ T5931] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 190.504177][ T5931] usb 3-1: SerialNumber: syz [ 194.092925][ C1] sched: DL replenish lagged too much [ 194.968666][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.989558][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 196.445491][ T5931] usb 3-1: can't set config #1, error -110 [ 230.886950][ T5864] usb 5-1: device descriptor read/64, error -110 [ 338.112883][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 338.119904][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P5880/1:b..l P5952/1:b..l P7232/1:b..l [ 338.130456][ C1] rcu: (detected by 1, t=10502 jiffies, g=19889, q=398 ncpus=2) [ 338.138207][ C1] task:syz.3.378 state:R running task stack:24200 pid:7232 tgid:7225 ppid:5881 task_flags:0x40044c flags:0x20004006 [ 338.152588][ C1] Call Trace: [ 338.155895][ C1] [ 338.158854][ C1] __schedule+0x1798/0x4cc0 [ 338.163420][ C1] ? __pfx___schedule+0x10/0x10 [ 338.168293][ C1] ? __do_fast_syscall_32+0x1f4/0x2b0 [ 338.173702][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 338.179891][ C1] ? arch_stack_walk+0x110/0x150 [ 338.184866][ C1] ? preempt_schedule_irq+0xaa/0x150 [ 338.190180][ C1] preempt_schedule_irq+0xb5/0x150 [ 338.195323][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 338.201100][ C1] ? rcu_irq_exit_check_preempt+0xdf/0x210 [ 338.206944][ C1] irqentry_exit+0x6f/0x90 [ 338.211388][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 338.217406][ C1] RIP: 0010:__update_page_owner_free_handle+0x114/0x470 [ 338.224399][ C1] Code: 8d e8 30 a0 f6 ff 4c 2b 25 51 be 90 0b 49 c1 fc 06 4c 89 e7 e8 6d ba 01 00 48 85 c0 0f 84 a5 02 00 00 49 89 c7 4c 89 74 24 08 <49> ff c4 44 0f b7 74 24 04 bf 20 00 00 00 44 89 f6 e8 f6 38 93 ff [ 338.244028][ C1] RSP: 0018:ffffc9000a85f050 EFLAGS: 00000286 [ 338.250127][ C1] RAX: ffff88801dd00860 RBX: dffffc0000000000 RCX: ffff88802abdda00 [ 338.258121][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 338.266112][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff822c755e [ 338.274100][ C1] R10: 0000000000000010 R11: ffffffff81ac3890 R12: 000000000006b34e [ 338.282091][ C1] R13: ffffea0001acd300 R14: ffffffff822c755e R15: ffff88801dd00860 [ 338.290089][ C1] ? __update_page_owner_free_handle+0x2e/0x470 [ 338.296367][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 338.302556][ C1] ? __update_page_owner_free_handle+0x2e/0x470 [ 338.308842][ C1] ? __update_page_owner_free_handle+0x2e/0x470 [ 338.315119][ C1] ? page_ext_put+0x97/0xc0 [ 338.319663][ C1] __reset_page_owner+0x85/0x1f0 [ 338.324644][ C1] free_unref_folios+0xdbd/0x1520 [ 338.329716][ C1] ? folios_put_refs+0x299/0x640 [ 338.334680][ C1] folios_put_refs+0x559/0x640 [ 338.339476][ C1] ? __pfx_folios_put_refs+0x10/0x10 [ 338.344795][ C1] ? folio_batch_remove_exceptionals+0x18c/0x1f0 [ 338.351154][ C1] shmem_undo_range+0x49e/0x14b0 [ 338.356134][ C1] ? __pfx_shmem_undo_range+0x10/0x10 [ 338.361564][ C1] ? kernel_text_address+0xa5/0xe0 [ 338.366807][ C1] ? __kernel_text_address+0xd/0x40 [ 338.372059][ C1] ? stack_depot_save_flags+0x40/0x860 [ 338.377557][ C1] ? percpu_counter_add_batch+0xea/0x1e0 [ 338.383217][ C1] shmem_evict_inode+0x272/0xa70 [ 338.388196][ C1] ? inode_wait_for_writeback+0xf9/0x290 [ 338.393850][ C1] ? __pfx_shmem_evict_inode+0x10/0x10 [ 338.399341][ C1] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 338.405442][ C1] ? do_raw_spin_unlock+0x122/0x240 [ 338.410675][ C1] ? __pfx_shmem_evict_inode+0x10/0x10 [ 338.416163][ C1] evict+0x504/0x9c0 [ 338.420095][ C1] ? __pfx_evict+0x10/0x10 [ 338.424888][ C1] ? do_raw_spin_unlock+0x122/0x240 [ 338.430114][ C1] ? _raw_spin_unlock+0x28/0x50 [ 338.434983][ C1] ? iput+0x6d8/0x9d0 [ 338.439006][ C1] __dentry_kill+0x209/0x660 [ 338.443617][ C1] ? dput+0x37/0x2b0 [ 338.447551][ C1] dput+0x19f/0x2b0 [ 338.451390][ C1] __fput+0x68e/0xa70 [ 338.455407][ C1] task_work_run+0x1d4/0x260 [ 338.460051][ C1] ? __pfx_task_work_run+0x10/0x10 [ 338.465211][ C1] do_exit+0x6b5/0x2300 [ 338.469400][ C1] ? do_raw_spin_lock+0x121/0x290 [ 338.474463][ C1] ? __pfx_do_exit+0x10/0x10 [ 338.479103][ C1] do_group_exit+0x21c/0x2d0 [ 338.483733][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 338.488954][ C1] get_signal+0x1286/0x1340 [ 338.493500][ C1] arch_do_signal_or_restart+0x9a/0x750 [ 338.499096][ C1] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 338.505288][ C1] ? ret_from_fork_asm+0x1a/0x30 [ 338.510250][ C1] ? exit_to_user_mode_loop+0x40/0x110 [ 338.515747][ C1] exit_to_user_mode_loop+0x75/0x110 [ 338.521062][ C1] __do_fast_syscall_32+0x1f4/0x2b0 [ 338.526342][ C1] do_fast_syscall_32+0x34/0x80 [ 338.531220][ C1] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 338.537564][ C1] RIP: 0023:0xf702e539 [ 338.541646][ C1] RSP: 002b:00000000f53dc55c EFLAGS: 00000206 ORIG_RAX: 00000000000000c0 [ 338.550079][ C1] RAX: 0000000080000000 RBX: 0000000080000000 RCX: 0000000000b36000 [ 338.558067][ C1] RDX: 0000000000000002 RSI: 0000000000008031 RDI: 00000000ffffffff [ 338.566051][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 338.574042][ C1] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 338.582034][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 338.590037][ C1] [ 338.593067][ C1] task:kworker/1:4 state:R running task stack:24440 pid:5952 tgid:5952 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 338.606691][ C1] Workqueue: events_power_efficient gc_worker [ 338.612793][ C1] Call Trace: [ 338.616087][ C1] [ 338.619048][ C1] __schedule+0x1798/0x4cc0 [ 338.623620][ C1] ? __pfx___schedule+0x10/0x10 [ 338.628600][ C1] ? preempt_schedule_irq+0xaa/0x150 [ 338.633912][ C1] preempt_schedule_irq+0xb5/0x150 [ 338.639495][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 338.645259][ C1] ? rcu_irq_exit_check_preempt+0xdf/0x210 [ 338.651095][ C1] irqentry_exit+0x6f/0x90 [ 338.655536][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 338.661544][ C1] RIP: 0010:lock_release+0x2b5/0x3e0 [ 338.666871][ C1] Code: 51 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f7 44 24 20 00 02 00 00 75 56 f7 c3 00 02 00 00 74 01 fb 65 48 8b 05 7b 51 02 11 <48> 3b 44 24 28 0f 85 8b 00 00 00 48 83 c4 30 5b 41 5c 41 5d 41 5e [ 338.686507][ C1] RSP: 0018:ffffc900044a78b8 EFLAGS: 00000206 [ 338.692609][ C1] RAX: 7db5a5aaf7acb600 RBX: 0000000000000202 RCX: 7db5a5aaf7acb600 [ 338.700600][ C1] RDX: 0000000000000002 RSI: ffffffff8dba3326 RDI: ffffffff8be32600 [ 338.708595][ C1] RBP: ffff88802674e540 R08: ffffffff8fa34137 R09: 1ffffffff1f46826 [ 338.716594][ C1] R10: dffffc0000000000 R11: fffffbfff1f46827 R12: 0000000000000002 [ 338.724591][ C1] R13: 0000000000000002 R14: ffffffff8e139ee0 R15: ffff88802674da00 [ 338.732607][ C1] ? gc_worker+0x264/0x1380 [ 338.737146][ C1] gc_worker+0xba6/0x1380 [ 338.741519][ C1] ? gc_worker+0x264/0x1380 [ 338.746054][ C1] ? __pfx_gc_worker+0x10/0x10 [ 338.750843][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 338.756068][ C1] ? process_scheduled_works+0x9ef/0x17b0 [ 338.761810][ C1] ? process_scheduled_works+0x9ef/0x17b0 [ 338.767562][ C1] process_scheduled_works+0xade/0x17b0 [ 338.773161][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 338.779196][ C1] worker_thread+0x8a0/0xda0 [ 338.783812][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 338.790170][ C1] ? __kthread_parkme+0x7b/0x200 [ 338.795138][ C1] kthread+0x70e/0x8a0 [ 338.799238][ C1] ? __pfx_worker_thread+0x10/0x10 [ 338.804373][ C1] ? __pfx_kthread+0x10/0x10 [ 338.808992][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 338.814216][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 338.819479][ C1] ? __pfx_kthread+0x10/0x10 [ 338.824108][ C1] ret_from_fork+0x3fc/0x770 [ 338.828729][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 338.833876][ C1] ? __switch_to_asm+0x39/0x70 [ 338.838669][ C1] ? __switch_to_asm+0x33/0x70 [ 338.843463][ C1] ? __pfx_kthread+0x10/0x10 [ 338.848088][ C1] ret_from_fork_asm+0x1a/0x30 [ 338.852900][ C1] [ 338.855936][ C1] task:udevd state:R running task stack:25512 pid:5880 tgid:5880 ppid:5231 task_flags:0x400140 flags:0x00004002 [ 338.869468][ C1] Call Trace: [ 338.872768][ C1] [ 338.875726][ C1] __schedule+0x1798/0x4cc0 [ 338.880285][ C1] ? __pfx___schedule+0x10/0x10 [ 338.885168][ C1] ? finish_task_switch+0x18b/0x950 [ 338.890406][ C1] ? preempt_schedule_irq+0xaa/0x150 [ 338.895723][ C1] preempt_schedule_irq+0xb5/0x150 [ 338.900871][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 338.906641][ C1] ? rcu_irq_exit_check_preempt+0xdf/0x210 [ 338.912489][ C1] irqentry_exit+0x6f/0x90 [ 338.916957][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 338.922969][ C1] RIP: 0010:lock_release+0x2b5/0x3e0 [ 338.928294][ C1] Code: 51 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f7 44 24 20 00 02 00 00 75 56 f7 c3 00 02 00 00 74 01 fb 65 48 8b 05 7b 51 02 11 <48> 3b 44 24 28 0f 85 8b 00 00 00 48 83 c4 30 5b 41 5c 41 5d 41 5e [ 338.947929][ C1] RSP: 0018:ffffc900040ceed0 EFLAGS: 00000206 [ 338.954029][ C1] RAX: c519eeca7dd34500 RBX: 0000000000000202 RCX: c519eeca7dd34500 [ 338.962108][ C1] RDX: 0000000000000002 RSI: ffffffff8dba3326 RDI: ffffffff8be32600 [ 338.970102][ C1] RBP: ffff8880331d0b40 R08: ffffc900040cf860 R09: 0000000000000000 [ 338.978131][ C1] R10: ffffc900040cf058 R11: fffff52000819e0d R12: 0000000000000002 [ 338.986126][ C1] R13: 0000000000000002 R14: ffffffff8e139ee0 R15: ffff8880331d0000 [ 338.994146][ C1] ? unwind_next_frame+0xa5/0x2390 [ 338.999298][ C1] ? unwind_next_frame+0xa5/0x2390 [ 339.004442][ C1] unwind_next_frame+0x19a9/0x2390 [ 339.009589][ C1] ? unwind_next_frame+0xa5/0x2390 [ 339.014735][ C1] ? tomoyo_check_open_permission+0x1c1/0x3b0 [ 339.020847][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 339.027030][ C1] arch_stack_walk+0x11c/0x150 [ 339.031826][ C1] ? security_file_open+0xb1/0x270 [ 339.036968][ C1] stack_trace_save+0x9c/0xe0 [ 339.041673][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 339.047081][ C1] save_stack+0xf5/0x1f0 [ 339.051352][ C1] ? __pfx_save_stack+0x10/0x10 [ 339.056237][ C1] ? __free_frozen_pages+0xbc4/0xd30 [ 339.061551][ C1] ? __put_partials+0x156/0x1a0 [ 339.066438][ C1] ? put_cpu_partial+0x17c/0x250 [ 339.071394][ C1] ? __slab_free+0x2d5/0x3c0 [ 339.076002][ C1] ? qlist_free_all+0x97/0x140 [ 339.080796][ C1] ? kasan_quarantine_reduce+0x148/0x160 [ 339.086454][ C1] ? __kasan_slab_alloc+0x22/0x80 [ 339.091512][ C1] ? __kmalloc_noprof+0x224/0x4f0 [ 339.096571][ C1] ? tomoyo_encode+0x28b/0x550 [ 339.101377][ C1] ? tomoyo_realpath_from_path+0x58d/0x5d0 [ 339.107209][ C1] ? tomoyo_check_open_permission+0x1c1/0x3b0 [ 339.113331][ C1] __reset_page_owner+0x71/0x1f0 [ 339.118313][ C1] __free_frozen_pages+0xbc4/0xd30 [ 339.123475][ C1] __put_partials+0x156/0x1a0 [ 339.128196][ C1] put_cpu_partial+0x17c/0x250 [ 339.132992][ C1] ? put_cpu_partial+0x6d/0x250 [ 339.137874][ C1] __slab_free+0x2d5/0x3c0 [ 339.142323][ C1] ? __phys_addr+0xd3/0x180 [ 339.146914][ C1] qlist_free_all+0x97/0x140 [ 339.151536][ C1] kasan_quarantine_reduce+0x148/0x160 [ 339.157031][ C1] __kasan_slab_alloc+0x22/0x80 [ 339.161913][ C1] __kmalloc_noprof+0x224/0x4f0 [ 339.166794][ C1] ? tomoyo_encode+0x28b/0x550 [ 339.171591][ C1] tomoyo_encode+0x28b/0x550 [ 339.176220][ C1] tomoyo_realpath_from_path+0x58d/0x5d0 [ 339.181909][ C1] tomoyo_check_open_permission+0x1c1/0x3b0 [ 339.187826][ C1] ? tomoyo_check_open_permission+0x16a/0x3b0 [ 339.193916][ C1] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 339.200384][ C1] ? lockref_get+0x15/0x60 [ 339.204841][ C1] ? tomoyo_file_open+0x165/0x220 [ 339.209903][ C1] security_file_open+0xb1/0x270 [ 339.214896][ C1] do_dentry_open+0x384/0x13f0 [ 339.219700][ C1] ? vfs_open+0x31/0x340 [ 339.223980][ C1] vfs_open+0x3b/0x340 [ 339.228075][ C1] ? path_openat+0x2ecd/0x3830 [ 339.232875][ C1] path_openat+0x2ee5/0x3830 [ 339.237497][ C1] ? arch_stack_walk+0xfc/0x150 [ 339.242844][ C1] ? __pfx_path_openat+0x10/0x10 [ 339.247811][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.253926][ C1] do_filp_open+0x1fa/0x410 [ 339.258462][ C1] ? __lock_acquire+0xab9/0xd20 [ 339.263351][ C1] ? __pfx_do_filp_open+0x10/0x10 [ 339.268431][ C1] ? _raw_spin_unlock+0x28/0x50 [ 339.273313][ C1] ? alloc_fd+0x64c/0x6c0 [ 339.277689][ C1] do_sys_openat2+0x121/0x1c0 [ 339.282393][ C1] ? __pfx___x64_sys_recvmsg+0x10/0x10 [ 339.287895][ C1] ? __pfx_do_sys_openat2+0x10/0x10 [ 339.293126][ C1] ? rcu_is_watching+0x15/0xb0 [ 339.297915][ C1] __x64_sys_openat+0x138/0x170 [ 339.302796][ C1] do_syscall_64+0xfa/0x3b0 [ 339.307327][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.313419][ C1] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 339.319085][ C1] ? clear_bhb_loop+0x60/0xb0 [ 339.323800][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.329710][ C1] RIP: 0033:0x7fd68d8a7407 [ 339.334144][ C1] RSP: 002b:00007ffe7dcee830 EFLAGS: 00000202 ORIG_RAX: 0000000000000101 [ 339.342595][ C1] RAX: ffffffffffffffda RBX: 00007fd68dfe6880 RCX: 00007fd68d8a7407 [ 339.350594][ C1] RDX: 0000000000080000 RSI: 00007ffe7dcee9b0 RDI: ffffffffffffff9c [ 339.358597][ C1] RBP: 0000000000000008 R08: 0000000000000000 R09: 0000000000000000 [ 339.366586][ C1] R10: 0000000000000000 R11: 0000000000000202 R12: 000055696da627f5 [ 339.374589][ C1] R13: 000055696da627f5 R14: 0000000000000001 R15: 000055696da7d140 [ 339.382601][ C1] [ 339.385638][ C1] rcu: rcu_preempt kthread starved for 6855 jiffies! g19889 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 339.396762][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 339.406745][ C1] rcu: RCU grace-period kthread stack dump: [ 339.412676][ C1] task:rcu_preempt state:R running task stack:27224 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000 [ 339.426207][ C1] Call Trace: [ 339.429504][ C1] [ 339.432467][ C1] __schedule+0x1798/0x4cc0 [ 339.437021][ C1] ? __pfx___schedule+0x10/0x10 [ 339.441913][ C1] ? schedule+0x91/0x360 [ 339.446188][ C1] schedule+0x165/0x360 [ 339.450373][ C1] schedule_timeout+0x12b/0x270 [ 339.455270][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 339.460657][ C1] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 339.466582][ C1] ? __pfx_process_timeout+0x10/0x10 [ 339.471904][ C1] ? prepare_to_swait_event+0x341/0x380 [ 339.477484][ C1] rcu_gp_fqs_loop+0x301/0x1540 [ 339.482380][ C1] ? __pfx_rcu_watching_snap_recheck+0x10/0x10 [ 339.488594][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 339.493907][ C1] ? _raw_spin_unlock_irq+0x2e/0x50 [ 339.499156][ C1] ? finish_swait+0xcd/0x1f0 [ 339.503867][ C1] rcu_gp_kthread+0x99/0x390 [ 339.508492][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 339.513725][ C1] ? __kthread_parkme+0x7b/0x200 [ 339.518689][ C1] ? __kthread_parkme+0x1a1/0x200 [ 339.523743][ C1] kthread+0x70e/0x8a0 [ 339.527843][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 339.533074][ C1] ? __pfx_kthread+0x10/0x10 [ 339.537699][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 339.542924][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 339.548146][ C1] ? __pfx_kthread+0x10/0x10 [ 339.552767][ C1] ret_from_fork+0x3fc/0x770 [ 339.557388][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 339.562572][ C1] ? __switch_to_asm+0x39/0x70 [ 339.567365][ C1] ? __switch_to_asm+0x33/0x70 [ 339.572153][ C1] ? __pfx_kthread+0x10/0x10 [ 339.576772][ C1] ret_from_fork_asm+0x1a/0x30 [ 339.581577][ C1] [ 339.584614][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 339.590950][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 339.602248][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 339.612326][ C1] RIP: 0010:pv_native_safe_halt+0x13/0x20 [ 339.618078][ C1] Code: 13 e8 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 53 97 0f 00 f3 0f 1e fa fb f4 cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 [ 339.637801][ C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c2 [ 339.643905][ C1] RAX: 1fe99d3b96389600 RBX: ffffffff81968308 RCX: 1fe99d3b96389600 [ 339.651906][ C1] RDX: 0000000000000001 RSI: ffffffff8d9b4405 RDI: ffffffff8be32600 [ 339.659938][ C1] RBP: ffffc90000197f20 R08: ffff8880b8732f9b R09: 1ffff110170e65f3 [ 339.667944][ C1] R10: dffffc0000000000 R11: ffffed10170e65f4 R12: ffffffff8fa34130 [ 339.675939][ C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff110039d6b40 [ 339.683934][ C1] FS: 0000000000000000(0000) GS:ffff888125d24000(0000) knlGS:0000000000000000 [ 339.692884][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 339.699485][ C1] CR2: 000000005758399c CR3: 000000007a02a000 CR4: 00000000003526f0 [ 339.707481][ C1] DR0: 0000000000000007 DR1: 000000000000000b DR2: 0000000000000002 [ 339.715471][ C1] DR3: 0000000000000009 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 339.723463][ C1] Call Trace: [ 339.726764][ C1] [ 339.729708][ C1] default_idle+0x13/0x20 [ 339.734070][ C1] default_idle_call+0x74/0xb0 [ 339.738867][ C1] do_idle+0x1e8/0x510 [ 339.742970][ C1] ? __pfx_do_idle+0x10/0x10 [ 339.747605][ C1] cpu_startup_entry+0x44/0x60 [ 339.752390][ C1] start_secondary+0x101/0x110 [ 339.757215][ C1] common_startup_64+0x13e/0x147 [ 339.762202][ C1]