last executing test programs:

3m28.091077316s ago: executing program 2 (id=3):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')

3m27.503944707s ago: executing program 2 (id=17):
r0 = syz_open_dev$vcsn(&(0x7f0000000180), 0x0, 0x26642)
fsetxattr$security_capability(r0, &(0x7f0000000280), &(0x7f0000000380)=@v3={0x3000000, [{0x5, 0x82}, {0x80000000, 0xffffaf0a}]}, 0x18, 0x0)
write$binfmt_misc(r0, &(0x7f00000003c0)="e3", 0x1)

3m27.331493435s ago: executing program 2 (id=19):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x99)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000001b40)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001b80)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)

3m26.252708457s ago: executing program 2 (id=22):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)
umount2(&(0x7f00000001c0)='./file0/file0/file0\x00', 0x2)

3m25.283291987s ago: executing program 2 (id=24):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@getpolicy={0x50, 0x15, 0x1, 0x70bd2d, 0x25dfdbff, {{@in=@local, @in6=@private1, 0x4e23, 0x1ff, 0x4e22, 0x4, 0x2, 0x0, 0x180, 0x11}, 0x6e6bbe}}, 0x50}, 0x1, 0x0, 0x0, 0x41}, 0x0)

3m24.38435594s ago: executing program 2 (id=28):
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0)
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)

3m23.288511959s ago: executing program 32 (id=28):
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0)
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)

3m15.328100691s ago: executing program 0 (id=57):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r4 = eventfd2(0x0, 0x0)
close(r4)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
write$eventfd(r4, 0x0, 0xfffffdf3)

3m15.051989304s ago: executing program 0 (id=60):
r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x911, r2, 0x0)

3m14.80320625s ago: executing program 0 (id=64):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x101043, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
open(&(0x7f00000003c0)='.\x00', 0x100, 0x97)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f0000000140)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c0d23266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000040)={0x1})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {0x20000, 0x4}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x20000000, 0x0, 0x2, 0x0, 0x0, 0x2004cb, 0x3, 0x0, 0x0, 0x0, 0xfffffffffffff2a4, 0x2000000000003ff, 0x2], 0x0, 0x200306})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="1fe8ffff0000000000003b00000008000300", @ANYRES32=r6, @ANYBLOB="21003300d0800000080211000000080211000001505050505050"], 0x40}}, 0x0)

3m14.334123486s ago: executing program 0 (id=66):
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x24, 0x0, 0x801, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_KEY={0x8, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4}]}]}, 0x24}}, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[@ANYBLOB="12011003020000182505a1a44000010203010902bf0002010650000900000000020d00000524060001082400a9b30d240f010a0000000300ff000606241a05001407240a050905580c240c00000000a90c0900030424020204240200042402024424"], 0x0)
syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
utimensat(r1, 0x0, &(0x7f0000000040)={{0x0, 0x3ffffffe}, {0x0, 0x3fffffff}}, 0x0)

3m12.963975559s ago: executing program 3 (id=71):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000140)={0x18, 0x0, 0x0, {0x4}}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x1c, r5, 0x1, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}}, 0x0)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f0000000480)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000600)={0x50, 0x0, 0x0, {0x7, 0x29, 0x3, 0x0, 0x4, 0x53b, 0x7, 0x0, 0x0, 0x0, 0xa0, 0x200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x80, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB="2c6ed3d93aff238bee35002a261ed128eadac8bd86b71dd0c318a08e81d3412d603900e1073d9d58248a763ebbd6c6abcf8fe6825098560e971ad70d38ec461533fbb217f0fb239c87d40815230372689a1439b3242467138ca0e7df94"])
r6 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
write$FUSE_INIT(r6, &(0x7f0000000200)={0x50, 0x0, 0x0, {0x7, 0x29, 0x1282, 0x400c6001, 0x5, 0x8, 0x10, 0xc40b, 0x0, 0x0, 0x40, 0x6}}, 0x50)

3m12.635965835s ago: executing program 3 (id=74):
socket$l2tp6(0xa, 0x2, 0x73)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x101043, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
open(&(0x7f00000003c0)='.\x00', 0x100, 0x97)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f0000000140)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c0d23266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x20000000, 0x0, 0x2, 0x0, 0x0, 0x2004cb, 0x3, 0x0, 0x0, 0x0, 0xfffffffffffff2a4, 0x2000000000003ff, 0x2], 0x0, 0x200306})
pipe2(&(0x7f0000000200), 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m12.609076077s ago: executing program 0 (id=75):
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(0x0)
r0 = syz_clone(0x904000, 0x0, 0x5f, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
r1 = getpgid(r0)
setpgid(0x0, r1)
mount$9p_virtio(&(0x7f0000000100), &(0x7f0000000180)='./file1/file0\x00', &(0x7f00000001c0), 0x280810, &(0x7f0000000540)={'trans=virtio,', {[{@dfltuid}, {@afid={'afid', 0x3d, 0x4}}, {@access_client}], [{@seclabel}, {@smackfsdef}, {@appraise_type}, {@hash}, {@fowner_lt}, {@fowner_lt}, {@dont_appraise}, {@smackfshat={'smackfshat', 0x3d, 'nl802154\x00'}}]}})

3m12.316419621s ago: executing program 0 (id=76):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$inet(r0, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x3284b164842c97f7, 0x8014)

3m11.695723137s ago: executing program 3 (id=79):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000002280)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x2, 0x1000, 0x14}, @ipv4=@generic={{0x5, 0x4, 0x2, 0x2, 0x16, 0x66, 0x0, 0x8b, 0x6c, 0x0, @private=0xa010100, @broadcast}, "3297"}}, 0x24) (fail_nth: 2)

3m9.826343213s ago: executing program 3 (id=81):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4)
sendmmsg$inet(r0, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x3284b164842c97f7, 0x8014)

3m8.95746643s ago: executing program 3 (id=84):
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r0 = syz_clone(0x904000, 0x0, 0x5f, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
r1 = getpgid(r0)
setpgid(0x0, r1)
mount$9p_virtio(0x0, &(0x7f0000000180)='./file1/file0\x00', &(0x7f00000001c0), 0x280810, &(0x7f0000000540)={'trans=virtio,', {[{@dfltuid}, {@afid={'afid', 0x3d, 0x4}}, {@access_client}], [{@seclabel}, {@smackfsdef}, {@appraise_type}, {@hash}, {@fowner_lt}, {@fowner_lt}, {@dont_appraise}, {@smackfshat={'smackfshat', 0x3d, 'nl802154\x00'}}]}})

3m8.699916886s ago: executing program 3 (id=85):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x101043, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
open(&(0x7f00000003c0)='.\x00', 0x100, 0x97)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f0000000140)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c0d23266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000040)={0x1})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {0x20000, 0x4}]})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="1fe8ffff0000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="21003300d0800000080211000000080211000001505050505050"], 0x40}}, 0x0)

2m56.754166111s ago: executing program 33 (id=76):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$inet(r0, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x3284b164842c97f7, 0x8014)

2m53.275512006s ago: executing program 34 (id=85):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x101043, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
open(&(0x7f00000003c0)='.\x00', 0x100, 0x97)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f0000000140)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c0d23266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000040)={0x1})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {0x20000, 0x4}]})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="1fe8ffff0000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="21003300d0800000080211000000080211000001505050505050"], 0x40}}, 0x0)

37.900429491s ago: executing program 5 (id=798):
ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000d, 0x4008031, 0xffffffffffffffff, 0x2000) (async)
r0 = socket(0x1d, 0x2, 0x6)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x6a, 0x2, 0x0, &(0x7f00000000c0)=0xfffffffffffffd27) (async)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x141202, 0x0)
write$vga_arbiter(r1, &(0x7f0000000240)=@other={'trylock', ' ', 'mem'}, 0xc)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.self_freezing\x00', 0x26e1, 0x0)
close(r2) (async)
socket$kcm(0x10, 0x400000002, 0x0) (async)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r3, 0x29, 0x4e, 0x0, 0x47) (async, rerun: 32)
syz_usb_connect(0x3, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000363e1d808b810b21bc7000102030109021200010006e0070904f5000092d01507f65e80394d16de83c49d3b4eb6d135f534357b0748e1a0f8fd369e344f7a9a2f"], 0x0) (async, rerun: 32)
r4 = fsopen(&(0x7f0000000180)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) (async)
r5 = fsmount(r4, 0x1, 0x0)
fchdir(r5) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x88) (async, rerun: 32)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0) (async, rerun: 32)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]}) (async, rerun: 64)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) (rerun: 64)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r7=>0xffffffffffffffff}, 0x13f}}, 0x20) (async)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
r10 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000040)={'gretap0\x00', <r11=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r8, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9, @ANYBLOB="010026bd7000feefdf2501000100", @ANYRES32=r11, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4008800}, 0xc00c6)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000000)=0x1, r7, 0x0, 0x2, 0x4}}, 0x20) (async)
ioctl$SIOCSIFHWADDR(r2, 0x8b32, &(0x7f0000000000)={'virt_wifi0\x00'})
mount(&(0x7f0000000000)=@rnullb, &(0x7f00000001c0)='./cgroup\x00', &(0x7f0000000080)='msdos\x00', 0x200000, 0x0)

37.01602681s ago: executing program 5 (id=804):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000240)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000080)={0x44, &(0x7f0000000040)=ANY=[@ANYBLOB="00000100000005"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, &(0x7f0000000000)={0x14, &(0x7f0000000140)={0x20, 0x10, 0x8b, {0x8b, 0x23, "82eff57dc85e64273541f8c0730a8d78aec06c79dae143d0b1c468a291d7ec773a24c010d7261c8d1022e47d08f13e52cde7020d80cd1254e5774f9eadb34ab1d54ed6390bef36e237731c7cecbbcfeff2cd57242cd78d007b62ecf374d6ca2e9f3e962b18881928d91af629d7c00d5e043629fe2b1310e9e8444b055d45caa6dca093e8e4bf4d0953"}}, &(0x7f0000000280)={0x0, 0x3, 0xe6, @string={0xe6, 0x3, "305eb81639a13ab4aadf9c108cfe5a2f6754a94b072615ad075393b853224cfe1c3c88a4b267663075bb5ebe8fea9b4368969888a6f753333e8a7c56817c18b75f27dd464f145e1ff68d438e07624c3075278770344d0f9bdb4fa6b4a94eef161da00f64944d7713da7732eeaec0a95cec620fa440ec74c58da7f6b753eb491c4c8b0ed31f156c477e9b24dcf37a0b32c91fe7fdd2941561e70b3772f44146e4f1e6bcebdee79754f26136b78b99f3622de151c5f4d0c6aa68437c1040f19211e5a2820eb244a7930faeae09ea4f312cc07fa3c6733ae866c9f3c9cedc10b6b063f23f57"}}}, &(0x7f00000005c0)={0x44, &(0x7f0000000380)={0x20, 0x12, 0xae, "4e8bcf4725ee1abfad2a3940fdd094c0ec97b5796e1ee3d519255d07b203440792e9b7a65e0b4695e76bfa515dba534857c926caf03c884596c83bab383811f2876e5b9afa358b456ebb7268d361137356299f025cb49ec10187f3efab345de8d7b8db006e18483d94014ec74051f5b5c83db81f509d68276c4fd77ffe44bdb8438b99cab9d03c88c2a18abcf6178b457ea9c38d83f09e3b1338b3eec0a710aa2f1dbfddc4ae526afedf803667c0"}, &(0x7f0000000200)={0x0, 0xa, 0x1, 0x40}, &(0x7f0000000440)={0x0, 0x8, 0x1, 0x83}, &(0x7f0000000480)={0x20, 0x81, 0x2, "2c14"}, &(0x7f00000004c0)={0x20, 0x82, 0x2, '\aj'}, &(0x7f0000000500)={0x20, 0x83, 0x2, "a50e"}, &(0x7f0000000540)={0x20, 0x84, 0x2, "84d3"}, &(0x7f0000000580)={0x20, 0x85, 0x3, "f9f06b"}})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
read(r4, &(0x7f0000000040)=""/190, 0xbe)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0xdc39c000)
read(r1, &(0x7f0000000080)=""/154, 0x9a)

35.212085505s ago: executing program 5 (id=814):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000a40)=[{{&(0x7f0000000300)={0xa, 0x4e01, 0x0, @private0, 0x6}, 0x1c, &(0x7f0000000240)=[{&(0x7f00000001c0)="02", 0x1}], 0x1}}], 0x1, 0x0)
shutdown(r0, 0x1)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x3d, [0x6, 0xc95a, 0xfffffff3, 0x8, 0x80, 0x2, 0x1, 0x7f, 0x6, 0x4d, 0xfffffff2, 0x5f, 0xa, 0x4, 0xffff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x7, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xffffffff, 0xfffffffe, 0x1f461e2c, 0x3, 0xe661, 0x4, 0x1000007, 0x3, 0x9, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x0, 0x71, 0x7, 0x7, 0x103, 0x10000, 0x5, 0x3d, 0x8f, 0x6, 0x1, 0x4, 0xfffffffa, 0x4, 0x5, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x3], [0x10000007, 0x10002, 0x12b, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0x3, 0xf9, 0xd, 0x2bf, 0x6c9, 0x1ff, 0xfffffffe, 0x3, 0x0, 0x7, 0x10000005, 0x2f, 0xe, 0x313, 0x78, 0xea4, 0xa, 0x4, 0x4, 0x80, 0x5, 0x400, 0x1, 0x6, 0x400001, 0xff, 0x1005, 0x7ff, 0x5f31, 0x4, 0xffffffff, 0x6, 0x1000004, 0x9, 0x4, 0x9, 0x8, 0x9, 0x7, 0x5, 0x0, 0x3, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x8, 0x3, 0x4, 0x1, 0x7, 0x6, 0x9, 0x48c93690, 0x2, 0xff], [0x7, 0x1, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x8, 0x3e7, 0xb, 0x5, 0x2, 0x40002, 0xf, 0x8, 0x84, 0x6d01, 0x5, 0x3b, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2, 0x0, 0xa2, 0x7, 0x53cf697b, 0x5, 0x4, 0x54fe12da, 0xbf, 0x5, 0x3, 0x400000, 0xfffffff9, 0x0, 0x1, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x3], [0x9, 0xbb31, 0x3, 0xfffffffc, 0x5, 0x938, 0x6, 0x6, 0x51bf, 0x5, 0xce7, 0x1ff, 0x6, 0x7, 0x5, 0x3, 0x104, 0x80000000, 0x6, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x8000014c, 0x60a7, 0x6, 0x2, 0xffffffff, 0x80000003, 0x5, 0x8, 0xff, 0x3, 0x3, 0xffff, 0x3, 0x8, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x8, 0x9, 0x1, 0x6c0b, 0x0, 0x2, 0x5, 0xb1c, 0x1, 0x200, 0xfff, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

34.952268083s ago: executing program 5 (id=816):
r0 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = getpid()
prlimit64(r1, 0x5, &(0x7f00000000c0)={0x0, 0x2}, 0x0)
landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x18, 0x1)
ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f0000000080)=0x1)
r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60303, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000000)=@arm64={0x9, 0xfc, 0x2, '\x00', 0x8001})
ioctl$vim2m_VIDIOC_DQBUF(r2, 0xc0585611, &(0x7f0000000240)=@multiplanar_userptr={0x5, 0x2, 0x4, 0x8, 0x3, {0x0, 0x2710}, {0x5, 0x1, 0x6a, 0x99, 0x4, 0x3, "bb2a4ca9"}, 0x6, 0x2, {&(0x7f00000001c0)=[{0x8001, 0x9, {&(0x7f00000002c0)}, 0x800}, {0x0, 0xd97, {&(0x7f0000000180)}, 0x1}]}, 0xffff, 0x0, r6})
r7 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x22052, r7, 0x2000)

34.48383407s ago: executing program 1 (id=817):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
sendmmsg$inet6(r0, &(0x7f0000000a40)=[{{&(0x7f0000000300)={0xa, 0x4e01, 0x0, @private0, 0x6}, 0x1c, &(0x7f0000000240)=[{&(0x7f00000001c0)="02", 0x1}], 0x1}}], 0x1, 0x0)
shutdown(r0, 0x1)
statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000880)=""/215)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0x1}, 0x3d, [0x6, 0xc95a, 0xfffffff3, 0x8, 0x80, 0x2, 0x1, 0x7f, 0x6, 0x4d, 0xfffffff2, 0x5f, 0xa, 0x4, 0xffff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x7, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xffffffff, 0xfffffffe, 0x1f461e2c, 0x3, 0xe661, 0x4, 0x1000007, 0x3, 0x9, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x0, 0x71, 0x7, 0x7, 0x103, 0x10000, 0x5, 0x3d, 0x8f, 0x6, 0x1, 0x4, 0xfffffffa, 0x4, 0x5, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x3], [0x10000007, 0x10002, 0x12b, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0x3, 0xf9, 0xd, 0x2bf, 0x6c9, 0x1ff, 0xfffffffe, 0x3, 0x0, 0x7, 0x10000005, 0x2f, 0xe, 0x313, 0x78, 0xea4, 0xa, 0x4, 0x4, 0x80, 0x5, 0x400, 0x1, 0x6, 0x400001, 0xff, 0x1005, 0x7ff, 0x5f31, 0x4, 0xffffffff, 0x6, 0x1000004, 0x9, 0x4, 0x9, 0x8, 0x9, 0x7, 0x5, 0x0, 0x3, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x8, 0x3, 0x4, 0x1, 0x7, 0x6, 0x9, 0x48c93690, 0x2, 0xff], [0x7, 0x1, 0x0, 0xfffffffd, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x8, 0x3e7, 0xb, 0x5, 0x2, 0x40002, 0xf, 0x8, 0x84, 0x6d01, 0x5, 0x3b, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2, 0x0, 0xa2, 0x7, 0x53cf697b, 0x5, 0x4, 0x54fe12da, 0xbf, 0x5, 0x3, 0x400000, 0xfffffff9, 0x0, 0x1, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x3], [0x9, 0xbb31, 0x3, 0xfffffffc, 0x5, 0x938, 0x6, 0x6, 0x51bf, 0x5, 0xce7, 0x1ff, 0x6, 0x7, 0x5, 0x3, 0x104, 0x80000000, 0x6, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x8000014c, 0x60a7, 0x6, 0x2, 0xffffffff, 0x80000003, 0x5, 0x8, 0xff, 0x3, 0x3, 0xffff, 0x3, 0x8, 0x100, 0x9602, 0x6, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x8, 0x9, 0x1, 0x6c0b, 0x0, 0x2, 0x5, 0xb1c, 0x1, 0x200, 0xfff, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

33.948072933s ago: executing program 1 (id=820):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18)
connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1}, 0x18)
sendmmsg$inet(r0, &(0x7f0000004980)=[{{0x0, 0x0, &(0x7f0000002940)=[{&(0x7f0000002640)="ef0ba6e0d60508dbbb", 0x9}], 0x1}}], 0x1, 0x20000010)
recvmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

33.753190384s ago: executing program 4 (id=823):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r1=>0x0})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000940), r2)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r2, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000980)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="190026bd700000800000250000000c002d000201aaaaaaaaaaaa05002e00bd00000005002b0006000000060006000200000008000200", @ANYRES32=r1, @ANYBLOB="060004000000000005002a"], 0x50}, 0x1, 0x0, 0x0, 0x4004000}, 0x44004094)

33.744000423s ago: executing program 1 (id=824):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r1=>0x0})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000940), r2)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r2, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000980)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="190026bd700000800000250000000c002d000201aaaaaaaaaaaa05002e00bd00000005002b0006000000060006000200000008000200", @ANYRES32=r1, @ANYBLOB="060004000000000005002a"], 0x50}, 0x1, 0x0, 0x0, 0x4004000}, 0x44004094) (fail_nth: 2)

33.504135664s ago: executing program 4 (id=826):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r0)
sendmsg$NFC_CMD_DEACTIVATE_TARGET(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r2, 0x300, 0x70bd2b, 0x25dfdbfb, {}, [@NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8054}, 0x813)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
fsopen(&(0x7f0000000080)='sockfs\x00', 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0xb)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2, @tid=0xffffffffffffffff})
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000940), r3)
r6 = socket(0x400000000010, 0x3, 0x0)
write(r6, &(0x7f0000000040)="3a03000019002551075c0165ff0ffc02802000030011000500e1000c040007031a000300", 0x33a)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r3, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000980)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="190026bd700000800000250000000c002d000201aaaaaaaaaaaa05002e00bd00000005002b0006000000060006000200000008000200", @ANYRES32=r1, @ANYBLOB="060004000000000005002a"], 0x50}, 0x1, 0x0, 0x0, 0x4004000}, 0x44004094)

33.127874243s ago: executing program 1 (id=828):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
r4 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_STD(r4, 0x40085618, &(0x7f0000000140)=0xb000)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r5, 0x40085112, &(0x7f00000003c0)=@v={0x93, 0x4, 0x80})
write$tun(r2, &(0x7f0000003500)={@val={0x0, 0x86dd}, @val={0x0, 0x0, 0x11}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "ec9700", 0x38, 0x2c, 0x0, @local, @mcast2, {[@hopopts={0x3c}], @dest_unreach={0x1, 0x0, 0x0, 0x9, '\x00', {0x9, 0x6, "9951a5", 0x3ff, 0x3c, 0x0, @remote, @loopback}}}}}}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000000c0), 0x0, 0x840)
r6 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000002c0)={'veth0_vlan\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0xff, 0x0, 0x0, 0x0, 0x3}})
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r7, 0x45809000)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="74000000000101040000000000000000020000002400018014000180080001000000000008000200ac1414000c0002800500010000000000240002800c00028005000100000000001400018008000100e000000208000200e000000208000740000000001000068008000200ac14140019"], 0x74}}, 0x0)
sendmsg$nl_generic(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000003e0007010000000100000000017c00000400fc800c000180060006006558000008000280040011"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
ioctl$VIDIOC_STREAMON(0xffffffffffffffff, 0x40045612, &(0x7f0000000080)=0x5)
r9 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r9, 0x0, 0x60, &(0x7f00000001c0)={'filter\x00', 0x7, 0x4, 0x410, 0x0, 0x240, 0x240, 0x328, 0x328, 0x328, 0x4, &(0x7f0000000040), {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @multicast2, @empty}}}, {{@arp={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xffffffff, 0xff0000ff, 0xe, 0x1, {@mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, {[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}}, {@empty, {[0x0, 0xff, 0x0, 0xff, 0x0, 0xff]}}, 0x8, 0x9, 0x1000, 0xb000, 0x5, 0x2, 'erspan0\x00', 'ip6erspan0\x00', {0xff}, {0xff}, 0x0, 0x80}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x5, 0xa, 0x2, 0x1, 0x0, "83e9e1c1d79dc182805ef99b787b6c4e280625438f1aff8ff32838baf56f549fe2e9de5bcbdcfc0b980152e6e1e849f93da5fd9f15a6d8754c9f2ce3d2d16386"}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@AUDIT={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x460)
recvmmsg(r0, &(0x7f0000007b00)=[{{0x0, 0x0, 0x0}, 0x73c}], 0x1, 0x20882ecd3203f66c, 0x0)

32.972554182s ago: executing program 4 (id=830):
recvmmsg(0xffffffffffffffff, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f0000003e80)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000003d40)=""/139, 0x8b}], 0x6}, 0x7}], 0x1, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0x0)
futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x4, 0x10b, 0x4, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x5, 0x100000, 0x0, &(0x7f0000000000), 0x3000000)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000400)=0xffffff63)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000040)={0x0, <r2=>0x0})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000000c0)={&(0x7f0000001480)={0x12b0, 0x2f, 0x2, 0x70bd2b, 0x25dfdbfc, {0x1d}, [@nested={0x10f0, 0xf4, 0x0, 0x1, [@typed={0x8, 0x139, 0x0, 0x0, @u32=0x10000}, @nested={0x4, 0x36}, @generic="b84faebd00c802d6b9dd43f3e2fd3446cc51c427e1b5128496e1e79822f51dd07cdd554dbe6de54eae3dedb3ddafdddf10209f41f47bd6ebad601ed8425e6333e9e01f109321fd458f678216aafdcd25b5d6f25ceca73f76a232fc8362405b5dbccbab4384c0feed89493b3eab081d96acde03d769bce891332adc22ad705b90074fbda8874e06b56d11e9dffaaa7da4eb99c2ee684a9496b08ac939f0a726f895b08e9bdca6a1a0dca8db8f86431a44924798af8dac5430dfe6d0270a582412e070ccadb123dc68e7250bd008036c1c74001743cce855b57bee8e1d46f66868603e05b3727c8e4664e5d32692c36d729007c932a11f3aeee0ba217f4f42e99eb0efeda68dbf02580ebc8f1a24ce2cbbb3d6d701323d92177e7950a93d949d43bac1880859be0ba666634eff2a60c9602cc6063e203f3334b931b79ec2288452ea206b0d0eb8e8a392e63951f0857c731fa203b92a8028e964781c106f0b65df8a0db5483d6283e41a1567864065cb9c082c06117e4a320701865eae0e2825aa386bf8ffeea5bb810629fd143bfc57c7b595ff4b143bea21f944040ac62e1ae351b184010526a98b33441080e3e8916028a9355b45482817d094b0b356c24cb015d3dde96a0cb0829ceb9bf2839b0ccae21d90f0114980f6aa9fcd767802d90f23e3524c712d4e4731d4967a3fd3dd64924df30581a21aafbbcdabdfcbd74b8ee287630ded43b3d626bd589b993e54dc7672955ef376af5a06b1bf1980d8919d8fed2c67ae7de734ed72ec1888e2b704e62af42d2ee1e023da40249f8de93edc4d8288c3c128f93ff1ecaff0b1505142478b6251da0271fbeac50ccd47cdfa35c3ce5f04822d56e2c7a86bfe0ea45132304f3496fd50e71ac601ad897b5d3548795d79c47f6498e145ef393c5eeb0736cad8aced7bc49068e1240240729e3041a8d4a5936c118079897b5bae079353cfba430e71a8459c4cbe2fc872c03f454e2cd3ecb91c4435b2610bd35bbb7359f88f19aa47a5539ee3ad790e4862df2b131aa0c6173f17feee08947ec721f5a6c4a9e5d1bb9606c4ffd1fa0e862266cc731421e9d0ac2243f758975c3123e51bded57a37f1ba427392bcf6e462f4bd50344c421f4682cfde96801282c71dedf4069ea631f94f033363237c8f320ff14b1743ebde66aabc284508ad67b662fa5bcee316b429e3fc16d9fa126cff339aee02313532f010dd5a7fb87ae0319c7488ae0b9acf92421444d55b1752a892abe70cf4b8578d5509f64d7d1401d8ea45be620e7f9c9904b2995112fc8dfc64e23ef25635e5baa66368234f1b76f3c6ee124fe3ac8ed01394fbe5f1a68ccab96d73dedc6f8c4cd32c2ab76125b508d88cdb4e7a32e56b034e4b3738c0bae184e11e9163881898ec60d4a50daa8d4945b9a6e0a81aebda522939f7330c9e45f53bd8f8762ee6d7e14092f743e17af16eb4c6f41c497d2e18d53a138b084ab2f46f9630b1b363a2fe6ac4107e57e868fe00873352dd33309003c689354d89fac9f7fd18e9f0f2a2269d4b6538b9f7cf06ec55de6536f15f08c46ce412b48d328dae893e564724a26c97d23c9752ad053e87776474c6942566c0386131779360092e12179c38017d10294932474830da8b49afcd36e8e6866f362cd08ea1b38fc129220be496435ec2fdf28a3ec2ec3f4db625857db987c0bc175f52e95ce9bec0c023d51d43b110fd6a77c28d5da49a6f0b9fa32d1006899cba46f0b80fae31660ed555acf4f764d09c2f902672fc18cd8b17e86a1075945d7dc9b6ca0feaffe875fb4fb54ead57ecd3a3c2738ebba5d8490a923c859f8f1d7e8c50270b543b31b402f2c8090299734d879b1f5e6405264d6826495bfa09f59c4e71898da04a472a14a2d419f472488ff1ce1db415aaef70bba6fdbbab89a9ea9d1c5f46401935d25f69ff4f069d824cbcc47b6fe5b018a98c5fb88d38dee4df2a8e337cb5a1c28fbbc3a7940d16f54456b873b33fb14efe34b0bdcd315180438d6cafd77a3fccd661f2b8144f9042977b357ef55816891df7062299c0265ad8d7ec9caac11fd93cb957bbb0a9989e179717cdc98e8632486e2f70edd6f324423fd2dae00537465617935c859e5c929208c404bae798772470e3d4488efc1769ee428db46f60fb0b7e6e1e50ca1bf7c5a119d24002b0eefac5dffb431ec0ece8b99569005974134c28e702c8d173bc4735ee75dd142cc80d027d25ad7406e8bf85c05bda40e8e644dfccae62f4e66aca415b1b17d7e604ed0bbdbcbff4479c818624dabbf90be6c86832d4e4928dc93be2e0feda38afcdfbc77cb37c7e1f72bc5f48ccc522da20afda3e121c2f3648a9efa8e61ce4b3a24ac30ea1dbc59e19bbce8c06fdad09a84b161ea0b07058eecca8c525a6a6812c21b4c729a9745855ae7b8ee90c28e5c4125b4e4d463b2cbd2d156f3f4ab000a650a12d1e4fd60f58d678c88f602a98b545600a67726ae61d6d75861b0bba9081f5244e7b430b0d92bf639665b849a8c1992f547a18a650f909f42d047af3bc172091fc27a611863356188a76bcffc27111d0e323ac531b2a63aa47f20e9ac880b2f055f709526e2e0337eefd230f7a3a9d62ae721c1245a3184fab3257f20d74fe2d4adc24f6516433800b6a0616bf5bff3dc00b6916e01b4044fab29661d255f15ba4b87374af0c568b09ec53166964d0ee8f85b515f16df9577fa730cb482789d524990c2525d2971a793686662bddb6ed9727964d0d2d0b89eb401ca89c7964f114d94c3919438ce8080b66bfdc538c8bb3163047f6a41272f7fdcfbc418f507114dc8524200ce7bc49ecf4eb738f621448c22c66cb54af8fec7cce127996e9f51ed899c3eb2aaad9245e954a8666e3e8dd62cbd44da40df5e28cbdced3c6b99f51ee3b3e0129d1f690d7c69acdf8d0784dacd03eaf9eca6ee5540543320bdf4140d0f9a0785e69368527f845e01f97454cda9565e50136c73ca9e5bb869fab8137f7001829af925bdd5fa2b8ee18f26c4b9aa73fee16054d524c6db704ba21df3803292902c9d4d6adfa0b0a741e7dd85e6d89e730f6424401e60180de76664d133dfabcfeb0f2bab259e719b28c075684868ef38fef14f236900d6d6b19e873a9561bdeea8eb42f64a73a278e65e297c6f96bda0355256ce7e343168dd71a083e2f944fb9b2045a3ebd1fa9ddf1698e84300cbb6dc9fc90a265d0a78ebe5371b62388ca7f87223b96e929d8bbc4ad0896cf48f1b2b7d36fffcb041677a81aaa1287d62329fb209cdfeeb4a393e62207ed972a67fc2e3f4135da87c7401e99fe969c82e097851693fd467f9df8776ceaa8b23be0bde5d3f05190e288c7d643e5c190e6a3f8a464cc2df4f28e7d20cffffb4f9e511233a3bf5f58535ecf0fa9ee94f2ab2d73452f90c30f4c3028168a0502e556455366741bc9bb95d48b270ed2d067bff815342e304224f57cba7bd915c02f4f3f5f16009ded0a4cf48db0ba5133a87ddf57c36f1f5d3ca7cdc96a56a87e136dfcf92ad3aee2fa080c7d80c0874f396d1be659e02f593af9ad7a5dc6aa8ef44585bdb30983016f8868d166c78d289056318e04e476c629ccfc8544abea984c7195f78a110d7cb291c65220b5c2e1e30962353ea0dc7b668be06a0333cec042ceccc73c6e189aaeabf632e35836e472bc4a74e4eb882d29c6fb56a333e2c0c2034d3446150310cc59f834e16d8ac34275270a68bff84ee7db69efabbf21488d643447069a4758ebc3c65436c021ed368e9f7ae429339726f22057a087f69b65305acb3db414e4c8527e3b0857cbd6fb85cea3bd9cf942c10176f3236d5bad66cda4f94bfb6ada28e07b1b66fc100cc04878eef271defd8fc33b0d801d05ebdae86cf65c11c26ccbf4ac87ea498faca83c6fc5ce0180a9ee057d2bfa591ef4d9219e12289ee1155abad723e1abd9e788b04335af6ebcdde9883af5d8bd4b14b784e521a2f71b06d49637166eb85441b42a5c24acba76b4b6da202b34b77bbb4dbd0cb75bab88bfbf7d18b8850c71fe5492887fcc96add5b95888e79c72dc66f02e291471758deefed154b9a914e906488c82d55781abed39a414bce2ea035a0b3427dfded8bfc353fe52110a55d2a81fb08e3068a279350d8f56ac763eadb9189e8aceba255f0e1fed333ff09e1d931d46c7e0e2d1b25b64664af5a8f2007d12dc43b477adee8a2549c94d37092eeb9409c6495e18285fcdb65e9cea65f860aa125bab91b1d13650ed934ab66fb2f897075bb126edd5d2b8fb1cc212f04c7502ee90d63aeaca3b3fc291a43acd2986b4d136d24159e1060ad67553fcf66b0936c8105a364d5bc72add16ebaf2af0f49196dba991c25558ada15fa26d173767aeb12387f75a9c71bdc357a0ecbc06b52869a465978a04c2b86cf7757e309b6544da4f3c8950981c5e222aefae299b6dbc22bc2df9e73cb7bafb57996494ad3577de840de665fe5e7f00f63472a4cce7636d696680ba53264e34695644d8161476eb78ca9e803c28e004c23a04ad231f7562136fb9435389d51a44d672d25ee0966b7b0ef6e5e17eb45c9a2c6333b643f33ae6ab736ffcd5658e38740d5851bc4fc851cce3a5711422930b945c0b532eee4a8d3fd5c548f828714433d2ad0a1728f2d399653ad19e243637241addc648fad1924d72332d8b3cb5b6b411957b905458ca82cdab3409e786f2db4f0d032c51afb702cc144aea8a66ea9708b515cadcfd8d38ba542e204c59284aecfdc3e0a41e77f18878048b763aef52f90ab1dfd7c77bcd04799f5f7d908fd920581723168810ffaa452e81a4981703acfa3d52f1a2435e2514ed104df211c652b9d6625fd30330c75c1ab4389f2c2bebee5f19a46f24c411087a12a366ecee63b6d66aa7ff6a44614b56f68069ec5eace013144d9e7784e44731515a2ad3eeeb5bd9a76c1940d28fa1d31b23c8197c16668dc1771a19c58333324fd4b89f43c9df00706cdef8ba6f5dda7fa3783f82d309c46bcd7819476534d468e65bb135d1f041285ef0d3b66b179636046e2cdf171b5bd8243e8509fb61be52d50603eebd40810f991aa2289bf60b01bf4523dc41476dae3ead5a49b49e4a9bd71db1a106baadadd237afb3258f26e71b681c3b3a3872c6ce34f4b1db52b3434e08df2920239165b00d99bd27e580aa35f3e38cd08b624dec27e2464c050d585fbb84c62d9deecfe9cc4cd5207a6c9bb1ad947fdd89218414835afa8b64cdd778904019e8f2a4888349d5bc4e15cb337f9adb6b1efe1c1a45f73bf495f967b418ab599b88484dd03609cc716b20feec4cb2c4378399915086f12626378dff521c1afd8c20e24df02fe180997fd75980833d0fe31bdff4775ce5a8973bab85bb8465b2432ff62939cee0e8d38ab8bea9822a31230830d0d893d9fec99c4d964a929f9a9012cd5e4e120aeaf979f73723e00e7a10460efcd1d8ebe686ce0c0b2d94cbd97fe895765bf8cbec300ffd96720d1c51834f11d2d59fa6d114eef72d4a1e538c361900806d98608267e508def0f905bcf1bf9bb3e5be7b9067685bef673127ce329ad3b7b4fca329af5a97ef98bf4a528c7b4367cacc760506294f9ab8f5daf7817ca169c5a38b75e37290f0441267e33a2399d17b4fff17d936ee7548c30f74fcc4362232a255f6e539c37b0c4d2fae0695c59b3e737a68f18558304bdf5e7816f059fbf0248922ee83514238f14946e97a80fcf25f54a692a2faeafce7702c729af24a9b76c72a09e291a2062570c45f24420a77", @nested={0x4, 0x133}, @nested={0x4, 0x10}, @typed={0x8, 0xda, 0x0, 0x0, @ipv4=@empty}, @generic="6e2dab460bdc7f5143ef477f69afd1a556e3a98caea6d34dad89ac0144d412125165e3657dcdbe512273913930c6725c3c2c842d32b94b32a35274d9a4ab1e6a7dc8a35bb3f6fcf3793141ab4dff61a42b5e745cafac5404107a0782f66157ecdd4da533c7b670ec594728f039027c2a2a964f36b621111632b9ef6737fa983d513526d43e4cf290035eb5fe8289e8bc3ebfb698aa3ba69b448826840e5a859b43eb471bdac8d1f6dca38494840bbf4f896bf2f4e2f973dd569f12dd0f747f84ae535129bac832622edb1f087f3c3511"]}, @typed={0x8, 0x90, 0x0, 0x0, @pid=r2}, @nested={0x9c, 0x8c, 0x0, 0x1, [@generic="8d9cb610315e2e18fae31c6ac185d410383c944490bfb7e9c64f45862cc948eb636d23e3bfdb4e5768e0026864101459177ca3b2e6d024bce59d09238de8a8ffe259534469cd0ac53bf889c3cec0d154db4571b0c2ecaf9518e374ffc73bc1700c3a882e128439e6e7723869a1f17a86d4eca5f1637bc14d87fcdbe41741e307f43b6a19fe8fe0d3901922c3995509ad482f323a5c00987c"]}, @typed={0x8, 0x26, 0x0, 0x0, @pid}, @typed={0xfa, 0x6f, 0x0, 0x0, @binary="dadadfdb251a5e711f0a4f61fb10c578d806abe9bdf0f55af709d7819be962f73e44953c22ac6d86c7ac9a577f530e47e31db6f0780bbfa08193e9b0e48997f5827e5794eb6085a11143b186bce9953d281d6488b444ae7ef5b20156e751077e355ea3b3ce1af9b3bd9137f0135d7b68492f83143a755efd5f6d7f36a379614a72a46e8a80d9b83bbfae29bf168989ff5a133c613ec11d613a2b815ba1b653a668f27de16ced05d2e400862b197f04458fba0ba4ba13b4fc820897c255de3cca1bc41847c5c7335d99a735388dd49feddf4061e5ff352a67cca44ac5023c0fbd9d4ff552a03c519aa30cdf081e03f9c8c6b5c70dc937"}, @nested={0x4, 0x8d}]}, 0x12b0}, 0x1, 0x0, 0x0, 0x4008000}, 0x20000004)
recvmmsg(r0, &(0x7f00000002c0), 0x220, 0x100, 0x0)

32.559123125s ago: executing program 5 (id=832):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0xc0049364, &(0x7f0000000180))
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000d40)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000017c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, 0x0)

32.477297772s ago: executing program 5 (id=834):
r0 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r2=>0xffffffffffffffff})
close(r2)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet6(r3, &(0x7f0000000000)={&(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000290000003b0000000000000000000000280000000000000029000000050000000002020100000000fe8000000000000000000000000000bb1800000000000000290000000400000002ab"], 0x58}, 0x0)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x54, r4, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}, {0xc, 0x90}, {0xc, 0x90, 0x2000000}}]}, 0x54}, 0x1, 0x0, 0x0, 0x95}, 0x0)
mq_getsetattr(r0, 0x0, &(0x7f0000000200))
socket$igmp6(0xa, 0x3, 0x2)
r6 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r6, 0x45809000)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r7, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4)

32.049571706s ago: executing program 1 (id=835):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0xc0049364, &(0x7f0000000180))
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000d40)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000017c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, 0x0) (fail_nth: 2)

31.761840465s ago: executing program 1 (id=836):
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000a80)={'syz1\x00', {0xfffd}, 0x42, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0xffff, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x8, 0x3, 0x0, 0x1, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x400], [0x0, 0x0, 0x2000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x80, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x185], [0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x4, 0x0, 0x3cc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe654, 0x0, 0xae, 0x0, 0x0, 0x88, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x4, 0x4, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x8, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x0, 0x4a9c, 0x4, 0x1, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2ec2, 0x0, 0x80, 0x4]}, 0x45c)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_CREATE(r0, 0x5501) (fail_nth: 2)

31.707721734s ago: executing program 4 (id=837):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0)
fadvise64(r0, 0x65f, 0x1a2, 0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45819000)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000190000/0x2000)=nil, 0x2000, 0x0, 0x31, r2, 0x170e000)
ioctl$sock_netrom_SIOCADDRT(r1, 0x890b, &(0x7f0000000000)={0x0, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bpq0, 0x8, 'syz0\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x9, 0x8, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})

31.587741575s ago: executing program 4 (id=838):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x488c0}, 0x8800)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x22900, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee01)
syz_usb_connect(0x5, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x92, 0xec, 0xc6, 0x20, 0x5ac, 0x77c2, 0xeb3a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x20, 0x0, [{{0x9, 0x4, 0xc4, 0x1, 0x0, 0xff, 0xfd, 0x1, 0x80}}]}}]}}, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000140)}], 0x1, 0x8, 0x4, 0x8)
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c7100, 0x0)
sendmsg$TIPC_CMD_RESET_LINK_STATS(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002abd7000f4dbdf2501000000000000000c1462726f6164636173742d6c696e6b0000000000000000be16034ca1b97c468721b5560fa043cb9542c1cdfd4ca364ca7c6c6bad04bf6bb42bec6fd4e4e3ad39726853d070864185ae1fa974b75b15e95988b42c90e8c128df4513bf63530f669fb8f49a0863c47c4b"], 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x100240, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x24}}, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000440)={0x4376ea830d4d549b, 0x0, [0x0, 0x8, 0x400000000, 0x4, 0x9, 0x3, 0xfffffffffffffffc, 0x1000800000]})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="470f23fc6541fc48b8e7320000000000000f23d80f21f80f23e1f8f30f1edd0f2221c744240200800000ff2c24f30f516797c483fd005b02ea6426470f01cf65666466430f3833af00580000", 0x4c}], 0x1, 0x24, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r3, 0xc0049364, &(0x7f0000000180))
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000d40)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
add_key(&(0x7f00000000c0)='pkcs7_test\x00', 0x0, &(0x7f0000000000)="100c0681000000ba8b0ad775b31b", 0xe, 0xfffffffffffffffc)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000017c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x40049366, 0x0)

30.26289114s ago: executing program 4 (id=839):
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000a80)={'syz1\x00', {0xfffd}, 0x42, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0xffff, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x8, 0x3, 0x0, 0x1, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x400], [0x0, 0x0, 0x2000, 0x3, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x80, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffeff, 0x0, 0xffffffff, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x185], [0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x4, 0x0, 0x3cc, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xe654, 0x0, 0xae, 0x0, 0x0, 0x88, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x4, 0x4, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x8, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x0, 0x4a9c, 0x4, 0x1, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2ec2, 0x0, 0x80, 0x4]}, 0x45c)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000080)={0x1d, r2, 0x2, {0x2}}, 0x18)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_CREATE(r0, 0x5501)

17.134900697s ago: executing program 35 (id=834):
r0 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r2=>0xffffffffffffffff})
close(r2)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet6(r3, &(0x7f0000000000)={&(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000290000003b0000000000000000000000280000000000000029000000050000000002020100000000fe8000000000000000000000000000bb1800000000000000290000000400000002ab"], 0x58}, 0x0)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x54, r4, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}, {0xc, 0x90}, {0xc, 0x90, 0x2000000}}]}, 0x54}, 0x1, 0x0, 0x0, 0x95}, 0x0)
mq_getsetattr(r0, 0x0, &(0x7f0000000200))
socket$igmp6(0xa, 0x3, 0x2)
r6 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r6, 0x45809000)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r7, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4)

16.640390702s ago: executing program 36 (id=836):
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000a80)={'syz1\x00', {0xfffd}, 0x42, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0xffff, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x8, 0x3, 0x0, 0x1, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x400], [0x0, 0x0, 0x2000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x80, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x185], [0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x4, 0x0, 0x3cc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe654, 0x0, 0xae, 0x0, 0x0, 0x88, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x4, 0x4, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x8, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x0, 0x4a9c, 0x4, 0x1, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2ec2, 0x0, 0x80, 0x4]}, 0x45c)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_CREATE(r0, 0x5501) (fail_nth: 2)

15.097728887s ago: executing program 37 (id=839):
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000a80)={'syz1\x00', {0xfffd}, 0x42, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0xffff, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x8, 0x3, 0x0, 0x1, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x400], [0x0, 0x0, 0x2000, 0x3, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x80, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffeff, 0x0, 0xffffffff, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x185], [0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x4, 0x0, 0x3cc, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xe654, 0x0, 0xae, 0x0, 0x0, 0x88, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x4, 0x4, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x8, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x0, 0x4a9c, 0x4, 0x1, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2ec2, 0x0, 0x80, 0x4]}, 0x45c)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000080)={0x1d, r2, 0x2, {0x2}}, 0x18)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_CREATE(r0, 0x5501)

2.650708882s ago: executing program 7 (id=866):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x7, 0x3, 0x0, 0x5, 0x24, 0x1, 0x7, 0x3c5b, 0x1, 0x24, 0x6, 0x5, 0x5, 0xffffffff, 0xe661, 0x8004, 0x7, 0x5, 0x8, 0x4c74, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x3, 0x17, 0x1, 0x407, 0x5, 0x9, 0x8f, 0x4006, 0x6, 0x0, 0x0, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x7, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0xd, 0xea4, 0xffffffff, 0x4, 0x7, 0x7fff, 0x4005a7c, 0x420, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x80000004, 0xb, 0x4, 0x9, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x3, 0x9, 0x1, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x3], [0x2, 0x408, 0x8004, 0x5, 0x9, 0x100, 0x8d2, 0x9, 0x0, 0x7fff, 0x0, 0x5, 0x8, 0x4, 0x9, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x1ff, 0x80, 0x3, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x7, 0xa9, 0x5, 0xa, 0xac8, 0xbf, 0x2, 0x4, 0x7ff, 0x12b, 0x4, 0x1, 0xfffffffa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb30, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0xb, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x1, 0x16, 0xffffffff, 0x80000003, 0x5, 0x4, 0xc8, 0x9, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x8, 0x9, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0x20000d7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000100)=0x18, 0x4)
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a78000000060a010400000000000000000200000038000480340001800a0001006d617463680000002400028008000100756470000e0003007acc6338a90000b03bd9000008000240000000000900010073797a30000000000900020073797a32"], 0xa0}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

2.059836819s ago: executing program 6 (id=909):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x0) (async)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000640)='E', 0x1}], 0x1) (async)
r2 = accept4$unix(r0, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.numa_stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0) (async)
recvfrom$unix(r2, &(0x7f00000001c0)=""/243, 0xf3, 0x0, 0x0, 0x0) (async, rerun: 32)
r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (rerun: 32)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/igmp\x00') (async)
read$FUSE(r4, &(0x7f0000009780)={0x2020}, 0x2020) (async)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000000240)=ANY=[@ANYBLOB="100000000000", @ANYRES64=0x3], 0x10) (async)
r6 = landlock_create_ruleset(&(0x7f00000002c0)={0x4060, 0x6, 0x1}, 0x18, 0x2)
ioctl$EXT4_IOC_GET_ES_CACHE(r6, 0xc020662a, &(0x7f0000000300)={0x3, 0x0, 0xe, 0x3, 0x2, 0x0, [{0x9, 0x1, 0x4f6f, '\x00', 0x8}, {0x6, 0x101, 0x3, '\x00', 0x2002}]}) (async, rerun: 32)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r5, 0x84, 0x7c, &(0x7f0000000480)={0x0, 0x40, 0x3}, 0x8) (async, rerun: 32)
r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r7, 0x227b, &(0x7f00000001c0)=0x2001) (async)
r8 = fcntl$dupfd(r7, 0x0, r7)
readv(r8, &(0x7f0000000000)=[{&(0x7f0000001140)=""/136, 0x88}], 0x1) (async)
write$uinput_user_dev(r8, &(0x7f00000017c0)={'syz0\x00', {0x401, 0x100, 0xa1c, 0x7}, 0x43, [0x4, 0xb0b0, 0xf1c1, 0xcd8, 0x6, 0x0, 0xfffffffd, 0xffffffff, 0x7fffffff, 0x7, 0x7f, 0x8, 0xe, 0x1, 0x9, 0x5, 0x1, 0x9, 0x5, 0xc214, 0x1, 0xfffffff8, 0x7, 0x40, 0x2, 0xfe5a, 0x4, 0x1, 0x9d3, 0xe, 0x3, 0x929, 0x7, 0x5, 0xfcb, 0x5, 0x8, 0xfffffffd, 0x8, 0x0, 0x2, 0x1, 0x401, 0x7b, 0x0, 0x0, 0x9, 0xfffffffb, 0x1003, 0x1ff, 0x4, 0x80, 0x40, 0x5, 0x0, 0x80000001, 0xc, 0x800, 0x9, 0x10000, 0x40, 0x5, 0x80000001, 0xe], [0x2, 0x6, 0x6, 0x4, 0xffffff22, 0x3, 0x1b6b, 0x6, 0x4, 0x0, 0x8, 0x5, 0x2, 0x7, 0x4, 0x7, 0x9c2, 0x8, 0x7, 0x5, 0x2, 0x7fffffff, 0x4, 0x80, 0x101, 0x3, 0x9, 0x4, 0xfffffffb, 0x9, 0x3, 0x4, 0x7, 0x5, 0xfffffff8, 0x4, 0xf1b, 0x3ff, 0x8, 0x5, 0x6, 0x2d68, 0x3, 0xfffffffc, 0x3974, 0x5, 0x7b11, 0xb26a, 0x0, 0xfffffff8, 0x5, 0xf9, 0x40, 0xebc2, 0xa57a, 0xfffffffd, 0x7d, 0x5, 0x24d, 0xc5a0, 0x8, 0x9, 0x8, 0x840], [0x9, 0x0, 0x101, 0x5a3e, 0x5, 0x10, 0x4, 0x1, 0x3, 0xfffffff9, 0x0, 0x7fff, 0x2, 0x7ff, 0x9fc00000, 0x2, 0x8, 0x0, 0x3, 0x4, 0x0, 0xee08, 0x78, 0x8, 0xa, 0x2, 0x80, 0x6b9a, 0x2, 0xe, 0x0, 0x0, 0x3, 0x0, 0x2, 0xfffffff7, 0x17d0, 0x1, 0x1, 0x8, 0x800, 0x8, 0x81, 0x6, 0x2, 0x2, 0x8, 0x5, 0x7fe, 0x9, 0x59d00000, 0x5, 0x1, 0x3, 0x3588, 0x2, 0x80000000, 0x3, 0x4, 0x4, 0xffffff5f, 0x360d, 0x6, 0xffff7fff], [0x5, 0x2, 0x6, 0x3, 0xfffffff8, 0x3ff, 0x400, 0xfcc, 0x8, 0x80000000, 0x7, 0x6, 0x6e, 0x1, 0x1, 0x0, 0xb, 0x0, 0x2, 0x6a, 0x85, 0x1, 0x2, 0x7ff, 0xfffffff0, 0x7bb8, 0x1, 0x401, 0x10001, 0x8, 0x5, 0xff, 0x7c01, 0x2, 0x8, 0x7, 0x2, 0x5, 0x80000000, 0x3, 0x6, 0xcaa6, 0x7ff, 0x2, 0x4, 0x10, 0x5, 0x1, 0x1c000000, 0x5, 0x8a3b, 0x4, 0x1f821ff, 0x8000, 0xfffeffff, 0xfffffff8, 0x7, 0xe, 0xb43, 0xb96, 0x9, 0x7fffffff, 0x2, 0x7fff]}, 0x45c) (async, rerun: 64)
r9 = accept4$ax25(r8, &(0x7f0000000040)={{0x3, @rose}, [@netrom, @rose, @remote, @netrom, @bcast, @rose, @remote, @null]}, &(0x7f00000001c0)=0x48, 0x800) (rerun: 64)
getsockopt$sock_int(r9, 0x1, 0x22, &(0x7f0000000100), &(0x7f0000000140)=0x4) (async)
ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000200)=0x6)
mount(&(0x7f0000000180)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000000)='hfsplus\x00', 0x208083, 0x0)

1.847131434s ago: executing program 6 (id=910):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = gettid()
r2 = syz_open_procfs(r1, &(0x7f0000000040)='timerslack_ns\x00')
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f0000000100)={0x30}, 0x30)

1.635324398s ago: executing program 6 (id=911):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = gettid()
r2 = syz_open_procfs(r1, &(0x7f0000000040)='timerslack_ns\x00')
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f0000000100)={0x30}, 0x30) (fail_nth: 2)

1.007944656s ago: executing program 6 (id=912):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x511640, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, 0xffffffffffffffff, 0x45809000)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, &(0x7f0000000080)={0xc, <r0=>0x0})
r1 = syz_open_dev$video(&(0x7f0000000300), 0x9, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x8040ae9f, &(0x7f0000000140)=@arm64)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f0000000000)={0x8, @vbi})
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f00000000c0)={0x28, 0x4, r0, 0x0, &(0x7f0000ff9000/0x5000)=nil, 0x5000, 0x2})
connect(0xffffffffffffffff, &(0x7f0000000000)=@hci={0x1f, 0x4, 0x3}, 0x80)

796.601374ms ago: executing program 7 (id=913):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = syz_usb_connect$hid(0x5, 0x59, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2179, 0x53, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x3, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x40}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000240)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x7, {[@local=@item_4={0x3, 0x2, 0xa}, @local=@item_012={0x1, 0x2, 0x4, '\x00'}]}}, 0x0}, 0x0)
r2 = gettid()
r3 = syz_open_procfs(r2, &(0x7f0000000040)='timerslack_ns\x00')
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f0000000100)={0x30}, 0x30)

794.289241ms ago: executing program 6 (id=914):
ioctl$KVM_CAP_X86_GUEST_MODE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000240))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

767.275618ms ago: executing program 8 (id=869):
r0 = socket$kcm(0x10, 0x3, 0x0)
recvmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000027c0)=""/4047, 0xfcf}, {&(0x7f00000037c0)=""/4079, 0xfef}, {&(0x7f00000002c0)=""/244, 0xf4}, {&(0x7f0000001780)=""/4, 0x4}, {&(0x7f00000003c0)=""/180, 0xb4}], 0x5}, 0x40000100) (fail_nth: 2)
sendmsg$inet(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046bf68187bae53dca2ba35bda6a876c1d0048007ea608649e7524765f0ef82e3c0000a705259a3651f60a84c9f4d4938037e70e4509c5bb00000000e513aeac9bf2bee150d5fe8600000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20000000)

504.02556ms ago: executing program 9 (id=872):
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x40, 0xdc)
r0 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x80000)
r1 = socket(0x2, 0x2, 0x0)
r2 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)
ioctl$NBD_DO_IT(r2, 0xab03)
ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0x100000000)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000080)='udf\x00', 0x2008087, 0x0)

64.395828ms ago: executing program 6 (id=915):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r1, 0x45809000)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f00000000c0)={0x4b5a9da54893e123, 0x8, 0x2, 0xffff, 0x7}, 0x8, 0x0, 0x0, 0x0, 0x1, 0x9, 0x0})
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r2, 0x5393, &(0x7f0000000000))
ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae0a, &(0x7f0000000000))
r3 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040bd28420000000000000109022400010000000009040100020300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f0000000440)={0x2c, &(0x7f0000000180)=ANY=[@ANYBLOB="2022070000000708c75e487c24f67840abcad1abc19cdb57a0a6"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000600)=ANY=[@ANYBLOB="120100001d9167204f17316a3f26010203030902120001000000000904"], 0x0)
r4 = socket(0x10, 0x3, 0x0)
write(r4, &(0x7f0000000100)="1400000052004f7fb3e4bf80a000080000000000", 0x14)
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000040)='gfs2\x00', 0x208002, 0x0)

0s ago: executing program 8 (id=916):
ioctl$KVM_CAP_X86_GUEST_MODE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000240))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 2)

kernel console output (not intermixed with test programs):

2][ T9154]  ? __pfx_netlink_sendmsg+0x10/0x10
[  260.255646][ T9154]  __sock_sendmsg+0x219/0x270
[  260.255671][ T9154]  ____sys_sendmsg+0x505/0x830
[  260.255704][ T9154]  ? __pfx_____sys_sendmsg+0x10/0x10
[  260.255741][ T9154]  ? import_iovec+0x74/0xa0
[  260.255772][ T9154]  ___sys_sendmsg+0x21f/0x2a0
[  260.255802][ T9154]  ? __pfx____sys_sendmsg+0x10/0x10
[  260.255870][ T9154]  ? __fget_files+0x2a/0x420
[  260.255891][ T9154]  ? __fget_files+0x3a0/0x420
[  260.255924][ T9154]  __x64_sys_sendmsg+0x19b/0x260
[  260.255955][ T9154]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  260.255994][ T9154]  ? __pfx_ksys_write+0x10/0x10
[  260.256011][ T9154]  ? rcu_is_watching+0x15/0xb0
[  260.256042][ T9154]  ? do_syscall_64+0xbe/0x3b0
[  260.256071][ T9154]  do_syscall_64+0xfa/0x3b0
[  260.256092][ T9154]  ? lockdep_hardirqs_on+0x9c/0x150
[  260.256114][ T9154]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.256133][ T9154]  ? clear_bhb_loop+0x60/0xb0
[  260.256155][ T9154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.256173][ T9154] RIP: 0033:0x7f3965b8e929
[  260.256191][ T9154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.256207][ T9154] RSP: 002b:00007f3966963038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  260.256229][ T9154] RAX: ffffffffffffffda RBX: 00007f3965db5fa0 RCX: 00007f3965b8e929
[  260.256243][ T9154] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 0000000000000004
[  260.256255][ T9154] RBP: 00007f3966963090 R08: 0000000000000000 R09: 0000000000000000
[  260.256267][ T9154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.256278][ T9154] R13: 0000000000000000 R14: 00007f3965db5fa0 R15: 00007ffe8f53b048
[  260.256309][ T9154]  </TASK>
[  260.957156][ T9164] mmap: syz.1.759 (9164): VmData 37478400 exceed data ulimit 6. Update limits or use boot option ignore_rlimit_data.
[  261.647566][ T9172] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  261.756302][ T9175] kvm: pic: non byte read
[  261.775492][ T9175] kvm: pic: level sensitive irq not supported
[  261.777043][ T9175] kvm: pic: non byte read
[  261.848849][ T9175] kvm: pic: level sensitive irq not supported
[  261.849330][ T9175] kvm: pic: non byte read
[  261.988229][ T9175] kvm: pic: level sensitive irq not supported
[  261.988324][ T9175] kvm: pic: non byte read
[  262.455644][ T5842] usb 6-1: new full-speed USB device number 21 using dummy_hcd
[  262.610481][   T43] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  262.649037][ T5842] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[  262.660276][ T5842] usb 6-1: config 0 has no interface number 0
[  262.666475][ T5842] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  262.708552][ T5842] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  262.736975][ T5842] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  262.750280][ T5842] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  262.780296][ T5842] usb 6-1: Product: syz
[  262.784554][ T5842] usb 6-1: SerialNumber: syz
[  262.791249][   T43] usb 2-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  262.804225][   T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.822226][ T5842] usb 6-1: config 0 descriptor??
[  262.824859][   T43] usb 2-1: Product: syz
[  262.833238][   T43] usb 2-1: Manufacturer: syz
[  262.837877][   T43] usb 2-1: SerialNumber: syz
[  262.858006][   T43] usb 2-1: config 0 descriptor??
[  262.863656][ T5842] cm109 6-1:0.8: invalid payload size 0, expected 4
[  262.882699][ T5842] input: CM109 USB driver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.8/input/input25
[  262.885227][   T43] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  262.989226][ T9209] veth1_macvtap: left promiscuous mode
[  263.100411][    T9] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  263.115539][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  263.125713][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  263.133045][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  263.140784][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  263.148002][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  263.155186][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  263.165244][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  263.180437][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  263.187958][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  263.195397][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  263.210457][ T5842] usb 6-1: USB disconnect, device number 21
[  263.216477][    C0] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  263.254831][ T5842] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  263.412388][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  263.429440][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  263.453193][    T9] usb 5-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  263.470904][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.479057][    T9] usb 5-1: Product: syz
[  263.500242][    T9] usb 5-1: Manufacturer: syz
[  263.510261][    T9] usb 5-1: SerialNumber: syz
[  263.518192][    T9] usb 5-1: config 0 descriptor??
[  263.536041][    T9] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  263.553687][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  263.569127][    T9] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  263.590305][    T9] usb 5-1: media controller created
[  263.663684][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  263.730512][ T5901] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  263.749979][ T9208] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  263.761359][   T43] gspca_sunplus: reg_r err -32
[  263.789591][ T9208] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  263.853484][ T9215] gfs2: not a GFS2 filesystem
[  263.887176][    T9] DVB: Unable to find symbol tda10046_attach()
[  263.905167][    T9] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  263.918389][    T9] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  263.940299][ T5901] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  263.975657][ T5901] usb 7-1: config 0 interface 0 has no altsetting 0
[  264.003949][ T5901] usb 7-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  264.025878][ T5901] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.044259][ T5901] usb 7-1: Product: syz
[  264.048568][ T5901] usb 7-1: Manufacturer: syz
[  264.059275][ T9218] FAULT_INJECTION: forcing a failure.
[  264.059275][ T9218] name failslab, interval 1, probability 0, space 0, times 0
[  264.060303][ T5901] usb 7-1: SerialNumber: syz
[  264.080369][ T9218] CPU: 1 UID: 0 PID: 9218 Comm: syz.5.775 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  264.080399][ T9218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  264.080411][ T9218] Call Trace:
[  264.080420][ T9218]  <TASK>
[  264.080429][ T9218]  dump_stack_lvl+0x189/0x250
[  264.080469][ T9218]  ? __pfx____ratelimit+0x10/0x10
[  264.080493][ T9218]  ? __pfx_dump_stack_lvl+0x10/0x10
[  264.080520][ T9218]  ? __pfx__printk+0x10/0x10
[  264.080553][ T9218]  ? __pfx___might_resched+0x10/0x10
[  264.080581][ T9218]  should_fail_ex+0x414/0x560
[  264.080615][ T9218]  should_failslab+0xa8/0x100
[  264.080637][ T9218]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  264.080666][ T9218]  ? __alloc_skb+0x112/0x2d0
[  264.080695][ T9218]  __alloc_skb+0x112/0x2d0
[  264.080723][ T9218]  netlink_sendmsg+0x5c6/0xb30
[  264.080757][ T9218]  ? __pfx_netlink_sendmsg+0x10/0x10
[  264.080786][ T9218]  ? aa_sock_msg_perm+0xf1/0x1d0
[  264.080816][ T9218]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  264.080840][ T9218]  ? __pfx_netlink_sendmsg+0x10/0x10
[  264.080865][ T9218]  __sock_sendmsg+0x219/0x270
[  264.080890][ T9218]  ____sys_sendmsg+0x505/0x830
[  264.080924][ T9218]  ? __pfx_____sys_sendmsg+0x10/0x10
[  264.080960][ T9218]  ? import_iovec+0x74/0xa0
[  264.080992][ T9218]  ___sys_sendmsg+0x21f/0x2a0
[  264.081022][ T9218]  ? __pfx____sys_sendmsg+0x10/0x10
[  264.081089][ T9218]  ? __fget_files+0x2a/0x420
[  264.081110][ T9218]  ? __fget_files+0x3a0/0x420
[  264.081143][ T9218]  __x64_sys_sendmsg+0x19b/0x260
[  264.081175][ T9218]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  264.081213][ T9218]  ? __pfx_ksys_write+0x10/0x10
[  264.081229][ T9218]  ? rcu_is_watching+0x15/0xb0
[  264.081260][ T9218]  ? do_syscall_64+0xbe/0x3b0
[  264.081289][ T9218]  do_syscall_64+0xfa/0x3b0
[  264.081314][ T9218]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.081333][ T9218]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  264.081353][ T9218]  ? clear_bhb_loop+0x60/0xb0
[  264.081374][ T9218]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.081392][ T9218] RIP: 0033:0x7fe5e7b8e929
[  264.081410][ T9218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.081426][ T9218] RSP: 002b:00007fe5e8a46038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  264.081457][ T9218] RAX: ffffffffffffffda RBX: 00007fe5e7db5fa0 RCX: 00007fe5e7b8e929
[  264.081471][ T9218] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000004
[  264.081484][ T9218] RBP: 00007fe5e8a46090 R08: 0000000000000000 R09: 0000000000000000
[  264.081497][ T9218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.081508][ T9218] R13: 0000000000000000 R14: 00007fe5e7db5fa0 R15: 00007ffedf041148
[  264.081540][ T9218]  </TASK>
[  264.088172][ T9208] m920x_read = error: -32
[  264.112807][ T5901] usb 7-1: config 0 descriptor??
[  264.186841][    T9] dvb_usb_m920x 5-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  264.241901][ T5901] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  264.413629][    T9] usb 5-1: USB disconnect, device number 25
[  264.468059][ T9212] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  264.556435][ T9212] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  264.601452][ T5901] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  264.612064][ T5901] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  264.621206][ T5901] usb 7-1: media controller created
[  264.649228][ T5901] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  264.736311][ T5901] DVB: Unable to find symbol tda10046_attach()
[  264.757284][ T5901] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  264.777460][ T5901] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  265.088777][ T9227] binder: 9226:9227 ioctl 4018f514 0 returned -22
[  265.217970][ T5901] dvb_usb_m920x 7-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  265.267158][ T5901] usb 7-1: USB disconnect, device number 18
[  265.321179][ T9231] FAULT_INJECTION: forcing a failure.
[  265.321179][ T9231] name failslab, interval 1, probability 0, space 0, times 0
[  265.414481][ T9231] CPU: 1 UID: 0 PID: 9231 Comm: syz.5.781 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  265.414510][ T9231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  265.414522][ T9231] Call Trace:
[  265.414531][ T9231]  <TASK>
[  265.414541][ T9231]  dump_stack_lvl+0x189/0x250
[  265.414573][ T9231]  ? __pfx____ratelimit+0x10/0x10
[  265.414596][ T9231]  ? __pfx_dump_stack_lvl+0x10/0x10
[  265.414621][ T9231]  ? __pfx__printk+0x10/0x10
[  265.414647][ T9231]  ? __pfx___might_resched+0x10/0x10
[  265.414679][ T9231]  ? fs_reclaim_acquire+0x7d/0x100
[  265.414705][ T9231]  should_fail_ex+0x414/0x560
[  265.414738][ T9231]  should_failslab+0xa8/0x100
[  265.414758][ T9231]  __kmalloc_noprof+0xcb/0x4f0
[  265.414783][ T9231]  ? tomoyo_encode+0x28b/0x550
[  265.414818][ T9231]  tomoyo_encode+0x28b/0x550
[  265.414853][ T9231]  tomoyo_realpath_from_path+0x58d/0x5d0
[  265.414894][ T9231]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  265.414918][ T9231]  tomoyo_path_number_perm+0x1e8/0x5a0
[  265.414946][ T9231]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  265.414989][ T9231]  ? __lock_acquire+0xab9/0xd20
[  265.415033][ T9231]  ? __fget_files+0x2a/0x420
[  265.415057][ T9231]  ? __fget_files+0x2a/0x420
[  265.415074][ T9231]  ? __fget_files+0x3a0/0x420
[  265.415092][ T9231]  ? __fget_files+0x2a/0x420
[  265.415118][ T9231]  security_file_ioctl+0xcb/0x2d0
[  265.415144][ T9231]  __se_sys_ioctl+0x47/0x170
[  265.415175][ T9231]  do_syscall_64+0xfa/0x3b0
[  265.415197][ T9231]  ? lockdep_hardirqs_on+0x9c/0x150
[  265.415219][ T9231]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.415239][ T9231]  ? clear_bhb_loop+0x60/0xb0
[  265.415264][ T9231]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.415281][ T9231] RIP: 0033:0x7fe5e7b8e929
[  265.415298][ T9231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.415315][ T9231] RSP: 002b:00007fe5e8a46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  265.415336][ T9231] RAX: ffffffffffffffda RBX: 00007fe5e7db5fa0 RCX: 00007fe5e7b8e929
[  265.415351][ T9231] RDX: 0000000000000000 RSI: 000000004018f514 RDI: 0000000000000003
[  265.415363][ T9231] RBP: 00007fe5e8a46090 R08: 0000000000000000 R09: 0000000000000000
[  265.415376][ T9231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  265.415387][ T9231] R13: 0000000000000000 R14: 00007fe5e7db5fa0 R15: 00007ffedf041148
[  265.415418][ T9231]  </TASK>
[  265.418702][ T9231] ERROR: Out of memory at tomoyo_realpath_from_path.
[  265.668486][ T9231] binder: 9228:9231 ioctl 4018f514 0 returned -22
[  265.750936][    T9] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  265.766871][ T9237] netlink: 256 bytes leftover after parsing attributes in process `syz.5.783'.
[  265.808561][ T9237] gfs2: not a GFS2 filesystem
[  265.913673][    T9] usb 5-1: device descriptor read/64, error -71
[  265.951127][ T9240] FAULT_INJECTION: forcing a failure.
[  265.951127][ T9240] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  266.019240][ T9240] CPU: 1 UID: 0 PID: 9240 Comm: syz.1.784 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  266.019268][ T9240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  266.019280][ T9240] Call Trace:
[  266.019289][ T9240]  <TASK>
[  266.019298][ T9240]  dump_stack_lvl+0x189/0x250
[  266.019329][ T9240]  ? __pfx____ratelimit+0x10/0x10
[  266.019365][ T9240]  ? __pfx_dump_stack_lvl+0x10/0x10
[  266.019390][ T9240]  ? __pfx__printk+0x10/0x10
[  266.019417][ T9240]  ? fs_reclaim_acquire+0x7d/0x100
[  266.019447][ T9240]  should_fail_ex+0x414/0x560
[  266.019480][ T9240]  prepare_alloc_pages+0x213/0x610
[  266.019510][ T9240]  __alloc_frozen_pages_noprof+0x123/0x370
[  266.019538][ T9240]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  266.019573][ T9240]  ? policy_nodemask+0x27c/0x720
[  266.019608][ T9240]  alloc_pages_mpol+0x232/0x4a0
[  266.019636][ T9240]  alloc_pages_noprof+0xa9/0x190
[  266.019658][ T9240]  pte_alloc_one+0x21/0x170
[  266.019687][ T9240]  __handle_mm_fault+0x2795/0x5440
[  266.019735][ T9240]  ? __pfx___handle_mm_fault+0x10/0x10
[  266.019788][ T9240]  ? find_vma+0xe7/0x160
[  266.019815][ T9240]  ? __pfx_find_vma+0x10/0x10
[  266.019845][ T9240]  handle_mm_fault+0x40a/0x8e0
[  266.019885][ T9240]  do_user_addr_fault+0x764/0x1390
[  266.019928][ T9240]  exc_page_fault+0x76/0xf0
[  266.019949][ T9240]  ? __might_fault+0xb0/0x130
[  266.019979][ T9240]  asm_exc_page_fault+0x26/0x30
[  266.019997][ T9240] RIP: 0010:rep_movs_alternative+0x30/0x90
[  266.020016][ T9240] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 0d 01 04 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08
[  266.020033][ T9240] RSP: 0018:ffffc90010c37b90 EFLAGS: 00050202
[  266.020052][ T9240] RAX: 00007ffffffff001 RBX: 000000000000000c RCX: 000000000000000c
[  266.020067][ T9240] RDX: 0000000000000001 RSI: 0000200000000440 RDI: ffffc90010c37ca0
[  266.020080][ T9240] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[  266.020091][ T9240] R10: dffffc0000000000 R11: fffff52002186f95 R12: dffffc0000000000
[  266.020104][ T9240] R13: 0000000000000024 R14: ffffc90010c37ca0 R15: 0000200000000440
[  266.020139][ T9240]  _copy_from_user+0x7a/0xb0
[  266.020170][ T9240]  copy_from_sockptr+0x5e/0xa0
[  266.020198][ T9240]  do_ip_setsockopt+0x1e60/0x2d00
[  266.020225][ T9240]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  266.020251][ T9240]  ? aa_sk_perm+0x81e/0x950
[  266.020285][ T9240]  ? __pfx_aa_sk_perm+0x10/0x10
[  266.020308][ T9240]  ? __lock_acquire+0xab9/0xd20
[  266.020371][ T9240]  ? aa_sock_opt_perm+0xff/0x1b0
[  266.020404][ T9240]  ip_setsockopt+0x66/0x110
[  266.020424][ T9240]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  266.020450][ T9240]  do_sock_setsockopt+0x25a/0x3e0
[  266.020483][ T9240]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  266.020515][ T9240]  ? __fget_files+0x2a/0x420
[  266.020548][ T9240]  __x64_sys_setsockopt+0x18b/0x220
[  266.020584][ T9240]  do_syscall_64+0xfa/0x3b0
[  266.020606][ T9240]  ? lockdep_hardirqs_on+0x9c/0x150
[  266.020628][ T9240]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.020648][ T9240]  ? clear_bhb_loop+0x60/0xb0
[  266.020673][ T9240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.020691][ T9240] RIP: 0033:0x7f627598e929
[  266.020710][ T9240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.020726][ T9240] RSP: 002b:00007f62768c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  266.020746][ T9240] RAX: ffffffffffffffda RBX: 00007f6275bb5fa0 RCX: 00007f627598e929
[  266.020760][ T9240] RDX: 0000000000000024 RSI: 0000000000000000 RDI: 0000000000000004
[  266.020773][ T9240] RBP: 00007f62768c0090 R08: 000000000000000c R09: 0000000000000000
[  266.020785][ T9240] R10: 0000200000000440 R11: 0000000000000246 R12: 0000000000000001
[  266.020797][ T9240] R13: 0000000000000000 R14: 00007f6275bb5fa0 R15: 00007ffeb25ca218
[  266.020831][ T9240]  </TASK>
[  266.482029][    T9] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  266.643426][    T9] usb 5-1: device descriptor read/64, error -71
[  266.740496][ T5949] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  266.761140][    T9] usb usb5-port1: attempt power cycle
[  266.848719][ T9248] FAULT_INJECTION: forcing a failure.
[  266.848719][ T9248] name failslab, interval 1, probability 0, space 0, times 0
[  266.872594][ T9246] netlink: 20 bytes leftover after parsing attributes in process `syz.1.787'.
[  266.920570][ T9248] CPU: 0 UID: 0 PID: 9248 Comm: syz.5.788 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  266.920600][ T9248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  266.920613][ T9248] Call Trace:
[  266.920621][ T9248]  <TASK>
[  266.920630][ T9248]  dump_stack_lvl+0x189/0x250
[  266.920670][ T9248]  ? __pfx____ratelimit+0x10/0x10
[  266.920696][ T9248]  ? __pfx_dump_stack_lvl+0x10/0x10
[  266.920722][ T9248]  ? __pfx__printk+0x10/0x10
[  266.920753][ T9248]  ? __pfx___might_resched+0x10/0x10
[  266.920784][ T9248]  should_fail_ex+0x414/0x560
[  266.920819][ T9248]  should_failslab+0xa8/0x100
[  266.920840][ T9248]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  266.920869][ T9248]  ? __alloc_skb+0x112/0x2d0
[  266.920899][ T9248]  __alloc_skb+0x112/0x2d0
[  266.920930][ T9248]  netlink_sendmsg+0x5c6/0xb30
[  266.920965][ T9248]  ? __pfx_netlink_sendmsg+0x10/0x10
[  266.920995][ T9248]  ? aa_sock_msg_perm+0xf1/0x1d0
[  266.921026][ T9248]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  266.921048][ T9248]  ? __pfx_netlink_sendmsg+0x10/0x10
[  266.921073][ T9248]  __sock_sendmsg+0x219/0x270
[  266.921100][ T9248]  ____sys_sendmsg+0x505/0x830
[  266.921135][ T9248]  ? __pfx_____sys_sendmsg+0x10/0x10
[  266.921174][ T9248]  ? import_iovec+0x74/0xa0
[  266.921206][ T9248]  ___sys_sendmsg+0x21f/0x2a0
[  266.921237][ T9248]  ? __pfx____sys_sendmsg+0x10/0x10
[  266.921306][ T9248]  ? __fget_files+0x2a/0x420
[  266.921327][ T9248]  ? __fget_files+0x3a0/0x420
[  266.921362][ T9248]  __x64_sys_sendmsg+0x19b/0x260
[  266.921393][ T9248]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  266.921430][ T9248]  ? __pfx_ksys_write+0x10/0x10
[  266.921447][ T9248]  ? rcu_is_watching+0x15/0xb0
[  266.921478][ T9248]  ? do_syscall_64+0xbe/0x3b0
[  266.921508][ T9248]  do_syscall_64+0xfa/0x3b0
[  266.921531][ T9248]  ? lockdep_hardirqs_on+0x9c/0x150
[  266.921560][ T9248]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.921580][ T9248]  ? clear_bhb_loop+0x60/0xb0
[  266.921602][ T9248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.921620][ T9248] RIP: 0033:0x7fe5e7b8e929
[  266.921638][ T9248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.921816][ T9248] RSP: 002b:00007fe5e8a46038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  266.921837][ T9248] RAX: ffffffffffffffda RBX: 00007fe5e7db5fa0 RCX: 00007fe5e7b8e929
[  266.921848][ T9248] RDX: 0000000000000080 RSI: 0000200000000240 RDI: 0000000000000004
[  266.921859][ T9248] RBP: 00007fe5e8a46090 R08: 0000000000000000 R09: 0000000000000000
[  266.921872][ T9248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.921883][ T9248] R13: 0000000000000000 R14: 00007fe5e7db5fa0 R15: 00007ffedf041148
[  266.921915][ T9248]  </TASK>
[  267.292782][ T5949] usb 7-1: Using ep0 maxpacket: 16
[  267.347674][ T5949] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  267.357679][    T9] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  267.365655][ T5949] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[  267.376100][ T5949] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  267.386577][ T5949] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0
[  267.388977][ T9253] sctp: [Deprecated]: syz.1.790 (pid 9253) Use of int in maxseg socket option.
[  267.388977][ T9253] Use struct sctp_assoc_value instead
[  267.397465][    T9] usb 5-1: device descriptor read/8, error -71
[  267.436274][ T5949] usb 7-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[  267.445476][ T5949] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  267.453568][ T5949] usb 7-1: Product: syz
[  267.457760][ T5949] usb 7-1: Manufacturer: syz
[  267.462509][ T5949] usb 7-1: SerialNumber: syz
[  267.470745][ T5949] usb 7-1: config 0 descriptor??
[  267.497316][ T5949] mcba_usb 7-1:0.0 can0: couldn't setup read URBs
[  267.510978][ T5949] mcba_usb 7-1:0.0 can0: couldn't start device: -90
[  267.596480][ T9255] netlink: 'syz.5.791': attribute type 8 has an invalid length.
[  267.610255][ T9255] netlink: 4 bytes leftover after parsing attributes in process `syz.5.791'.
[  267.620148][ T5949] mcba_usb 7-1:0.0: probe with driver mcba_usb failed with error -90
[  267.650435][    T9] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  267.680142][    T9] usb 5-1: device descriptor read/8, error -71
[  267.735510][ T5901] usb 7-1: USB disconnect, device number 19
[  267.790612][    T9] usb usb5-port1: unable to enumerate USB device
[  267.830106][ T9259] comedi comedi4: comedi_config --init_data is deprecated
[  268.243934][ T9261] FAULT_INJECTION: forcing a failure.
[  268.243934][ T9261] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  268.262216][ T9261] CPU: 0 UID: 0 PID: 9261 Comm: syz.5.794 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  268.262245][ T9261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  268.262257][ T9261] Call Trace:
[  268.262266][ T9261]  <TASK>
[  268.262276][ T9261]  dump_stack_lvl+0x189/0x250
[  268.262308][ T9261]  ? __pfx____ratelimit+0x10/0x10
[  268.262332][ T9261]  ? __pfx_dump_stack_lvl+0x10/0x10
[  268.262358][ T9261]  ? __pfx__printk+0x10/0x10
[  268.262385][ T9261]  ? __might_fault+0xb0/0x130
[  268.262426][ T9261]  should_fail_ex+0x414/0x560
[  268.262460][ T9261]  _copy_to_iter+0x3f5/0x16f0
[  268.262501][ T9261]  ? __pfx__copy_to_iter+0x10/0x10
[  268.262534][ T9261]  ? seq_write+0xd8/0x140
[  268.262561][ T9261]  seq_read_iter+0xbeb/0xe10
[  268.262614][ T9261]  seq_read+0x2e2/0x3d0
[  268.262652][ T9261]  ? __pfx_seq_read+0x10/0x10
[  268.262689][ T9261]  ? __debugfs_file_get+0x5dd/0x710
[  268.262712][ T9261]  ? __pfx___debugfs_file_get+0x10/0x10
[  268.262745][ T9261]  full_proxy_read+0x156/0x220
[  268.262767][ T9261]  ? __pfx_full_proxy_read+0x10/0x10
[  268.262788][ T9261]  vfs_read+0x200/0x980
[  268.262814][ T9261]  ? __pfx___mutex_lock+0x10/0x10
[  268.262839][ T9261]  ? __pfx_vfs_read+0x10/0x10
[  268.262860][ T9261]  ? __fget_files+0x2a/0x420
[  268.262887][ T9261]  ? __fget_files+0x3a0/0x420
[  268.262907][ T9261]  ? __fget_files+0x2a/0x420
[  268.262940][ T9261]  ksys_read+0x145/0x250
[  268.262962][ T9261]  ? __pfx_ksys_read+0x10/0x10
[  268.262977][ T9261]  ? rcu_is_watching+0x15/0xb0
[  268.263009][ T9261]  ? do_syscall_64+0xbe/0x3b0
[  268.263038][ T9261]  do_syscall_64+0xfa/0x3b0
[  268.263059][ T9261]  ? lockdep_hardirqs_on+0x9c/0x150
[  268.263082][ T9261]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.263101][ T9261]  ? clear_bhb_loop+0x60/0xb0
[  268.263125][ T9261]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.263143][ T9261] RIP: 0033:0x7fe5e7b8e929
[  268.263162][ T9261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.263178][ T9261] RSP: 002b:00007fe5e8a46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  268.263200][ T9261] RAX: ffffffffffffffda RBX: 00007fe5e7db5fa0 RCX: 00007fe5e7b8e929
[  268.263214][ T9261] RDX: 0000000000002020 RSI: 0000200000007fc0 RDI: 0000000000000006
[  268.263227][ T9261] RBP: 00007fe5e8a46090 R08: 0000000000000000 R09: 0000000000000000
[  268.263239][ T9261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.263251][ T9261] R13: 0000000000000000 R14: 00007fe5e7db5fa0 R15: 00007ffedf041148
[  268.263285][ T9261]  </TASK>
[  268.524179][    C0] vkms_vblank_simulate: vblank timer overrun
[  268.695779][ T9265] net_ratelimit: 73 callbacks suppressed
[  268.695801][ T9265] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  268.944475][ T9274] vxfs: WRONG superblock magic 00000000 at 1
[  268.971967][ T9274] vxfs: WRONG superblock magic 00000000 at 8
[  268.978112][ T9274] vxfs: can't find superblock.
[  268.980101][ T9278] FAULT_INJECTION: forcing a failure.
[  268.980101][ T9278] name failslab, interval 1, probability 0, space 0, times 0
[  269.036886][ T9278] CPU: 0 UID: 0 PID: 9278 Comm: syz.6.800 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  269.036917][ T9278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  269.036929][ T9278] Call Trace:
[  269.036938][ T9278]  <TASK>
[  269.036947][ T9278]  dump_stack_lvl+0x189/0x250
[  269.036980][ T9278]  ? __pfx____ratelimit+0x10/0x10
[  269.037005][ T9278]  ? __pfx_dump_stack_lvl+0x10/0x10
[  269.037032][ T9278]  ? __pfx__printk+0x10/0x10
[  269.037062][ T9278]  ? __pfx___might_resched+0x10/0x10
[  269.037088][ T9278]  ? fs_reclaim_acquire+0x7d/0x100
[  269.037115][ T9278]  should_fail_ex+0x414/0x560
[  269.037149][ T9278]  should_failslab+0xa8/0x100
[  269.037172][ T9278]  __kmalloc_noprof+0xcb/0x4f0
[  269.037199][ T9278]  ? tomoyo_encode+0x28b/0x550
[  269.037234][ T9278]  tomoyo_encode+0x28b/0x550
[  269.037269][ T9278]  tomoyo_realpath_from_path+0x58d/0x5d0
[  269.037311][ T9278]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  269.037336][ T9278]  tomoyo_path_number_perm+0x1e8/0x5a0
[  269.037364][ T9278]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  269.037410][ T9278]  ? __lock_acquire+0xab9/0xd20
[  269.037457][ T9278]  ? __fget_files+0x2a/0x420
[  269.037484][ T9278]  ? __fget_files+0x2a/0x420
[  269.037504][ T9278]  ? __fget_files+0x3a0/0x420
[  269.037524][ T9278]  ? __fget_files+0x2a/0x420
[  269.037552][ T9278]  security_file_ioctl+0xcb/0x2d0
[  269.037588][ T9278]  __se_sys_ioctl+0x47/0x170
[  269.037619][ T9278]  do_syscall_64+0xfa/0x3b0
[  269.037642][ T9278]  ? lockdep_hardirqs_on+0x9c/0x150
[  269.037663][ T9278]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.037681][ T9278]  ? clear_bhb_loop+0x60/0xb0
[  269.037704][ T9278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.037721][ T9278] RIP: 0033:0x7f3965b8e929
[  269.037739][ T9278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.037754][ T9278] RSP: 002b:00007f3966963038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  269.037776][ T9278] RAX: ffffffffffffffda RBX: 00007f3965db5fa0 RCX: 00007f3965b8e929
[  269.037790][ T9278] RDX: 0000000000000000 RSI: 000000008010640b RDI: 0000000000000003
[  269.037802][ T9278] RBP: 00007f3966963090 R08: 0000000000000000 R09: 0000000000000000
[  269.037814][ T9278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.037825][ T9278] R13: 0000000000000000 R14: 00007f3965db5fa0 R15: 00007ffe8f53b048
[  269.037858][ T9278]  </TASK>
[  269.037882][ T9278] ERROR: Out of memory at tomoyo_realpath_from_path.
[  269.110609][   T43] sunplus 2-1:0.0: probe with driver sunplus failed with error -32
[  269.312092][   T43] usb 2-1: USB disconnect, device number 19
[  269.702612][ T9290] FAULT_INJECTION: forcing a failure.
[  269.702612][ T9290] name failslab, interval 1, probability 0, space 0, times 0
[  269.728784][ T9290] CPU: 0 UID: 0 PID: 9290 Comm: syz.6.803 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  269.728814][ T9290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  269.728824][ T9290] Call Trace:
[  269.728832][ T9290]  <TASK>
[  269.728840][ T9290]  dump_stack_lvl+0x189/0x250
[  269.728868][ T9290]  ? __pfx____ratelimit+0x10/0x10
[  269.728890][ T9290]  ? __pfx_dump_stack_lvl+0x10/0x10
[  269.728914][ T9290]  ? __pfx__printk+0x10/0x10
[  269.728942][ T9290]  ? __pfx___might_resched+0x10/0x10
[  269.728965][ T9290]  ? fs_reclaim_acquire+0x7d/0x100
[  269.728990][ T9290]  should_fail_ex+0x414/0x560
[  269.729023][ T9290]  should_failslab+0xa8/0x100
[  269.729043][ T9290]  __kmalloc_noprof+0xcb/0x4f0
[  269.729069][ T9290]  ? tomoyo_encode+0x28b/0x550
[  269.729102][ T9290]  tomoyo_encode+0x28b/0x550
[  269.729136][ T9290]  tomoyo_realpath_from_path+0x58d/0x5d0
[  269.729167][ T9290]  ? tomoyo_domain+0xd9/0x130
[  269.729193][ T9290]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  269.729219][ T9290]  tomoyo_path_number_perm+0x1e8/0x5a0
[  269.729248][ T9290]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  269.729291][ T9290]  ? __lock_acquire+0xab9/0xd20
[  269.729336][ T9290]  ? __fget_files+0x2a/0x420
[  269.729360][ T9290]  ? __fget_files+0x2a/0x420
[  269.729378][ T9290]  ? __fget_files+0x3a0/0x420
[  269.729396][ T9290]  ? __fget_files+0x2a/0x420
[  269.729421][ T9290]  security_file_ioctl+0xcb/0x2d0
[  269.729446][ T9290]  __se_sys_ioctl+0x47/0x170
[  269.729476][ T9290]  do_syscall_64+0xfa/0x3b0
[  269.729499][ T9290]  ? lockdep_hardirqs_on+0x9c/0x150
[  269.729522][ T9290]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.729540][ T9290]  ? clear_bhb_loop+0x60/0xb0
[  269.729564][ T9290]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.729581][ T9290] RIP: 0033:0x7f3965b8e929
[  269.729615][ T9290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.729631][ T9290] RSP: 002b:00007f3966963038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  269.729653][ T9290] RAX: ffffffffffffffda RBX: 00007f3965db5fa0 RCX: 00007f3965b8e929
[  269.729666][ T9290] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  269.729676][ T9290] RBP: 00007f3966963090 R08: 0000000000000000 R09: 0000000000000000
[  269.729687][ T9290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.729698][ T9290] R13: 0000000000000000 R14: 00007f3965db5fa0 R15: 00007ffe8f53b048
[  269.729731][ T9290]  </TASK>
[  269.729753][ T9290] ERROR: Out of memory at tomoyo_realpath_from_path.
[  269.952257][   T43] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  270.105472][   T43] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  270.115127][   T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.142902][   T43] usb 6-1: config 0 descriptor??
[  270.153198][   T43] cp210x 6-1:0.0: cp210x converter detected
[  270.366710][ T9309] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  270.541393][ T5949] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  270.700383][ T5949] usb 7-1: Using ep0 maxpacket: 32
[  270.707603][ T5949] usb 7-1: config 0 has an invalid interface number: 51 but max is 0
[  270.716292][ T5949] usb 7-1: config 0 has no interface number 0
[  270.724707][ T5949] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  270.734527][ T5949] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.746393][ T5949] usb 7-1: Product: syz
[  270.751004][ T5949] usb 7-1: Manufacturer: syz
[  270.755622][ T5949] usb 7-1: SerialNumber: syz
[  270.764281][ T5949] usb 7-1: config 0 descriptor??
[  270.773838][ T5949] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  270.792139][   T43] cp210x 6-1:0.0: failed to get vendor val 0x3711 size 2: -71
[  270.803255][   T43] cp210x 6-1:0.0: GPIO initialisation failed: -71
[  270.816329][   T43] usb 6-1: cp210x converter now attached to ttyUSB0
[  270.831173][   T43] usb 6-1: USB disconnect, device number 22
[  270.842469][   T43] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  270.861165][   T43] cp210x 6-1:0.0: device disconnected
[  271.003314][ T5949] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  271.029365][ T5949] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  271.431725][    C0] usb 7-1: qt2_read_bulk_callback - non-zero urb status: -71
[  271.433187][   T43] usb 7-1: USB disconnect, device number 20
[  271.503310][   T43] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  271.580495][   T43] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  271.605261][ T9328] FAULT_INJECTION: forcing a failure.
[  271.605261][ T9328] name failslab, interval 1, probability 0, space 0, times 0
[  271.634764][   T43] quatech2 7-1:0.51: device disconnected
[  271.656016][ T9328] CPU: 1 UID: 0 PID: 9328 Comm: syz.1.815 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  271.656046][ T9328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  271.656058][ T9328] Call Trace:
[  271.656066][ T9328]  <TASK>
[  271.656074][ T9328]  dump_stack_lvl+0x189/0x250
[  271.656107][ T9328]  ? __pfx____ratelimit+0x10/0x10
[  271.656131][ T9328]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.656158][ T9328]  ? __pfx__printk+0x10/0x10
[  271.656192][ T9328]  ? __pfx___might_resched+0x10/0x10
[  271.656216][ T9328]  ? fs_reclaim_acquire+0x7d/0x100
[  271.656242][ T9328]  should_fail_ex+0x414/0x560
[  271.656277][ T9328]  should_failslab+0xa8/0x100
[  271.656298][ T9328]  __kmalloc_noprof+0xcb/0x4f0
[  271.656325][ T9328]  ? do_sys_poll+0x2ac/0x1070
[  271.656352][ T9328]  do_sys_poll+0x2ac/0x1070
[  271.656391][ T9328]  ? __pfx_do_sys_poll+0x10/0x10
[  271.656673][ T9328]  ? rcu_read_lock_any_held+0xb3/0x120
[  271.656708][ T9328]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  271.656738][ T9328]  ? vfs_write+0x8d8/0xa90
[  271.656789][ T9328]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  271.656812][ T9328]  ? set_user_sigmask+0xc7/0x1b0
[  271.656836][ T9328]  ? __pfx_set_user_sigmask+0x10/0x10
[  271.656861][ T9328]  ? __fget_files+0x3a0/0x420
[  271.656892][ T9328]  __se_sys_ppoll+0x1ff/0x260
[  271.656919][ T9328]  ? __pfx___se_sys_ppoll+0x10/0x10
[  271.656940][ T9328]  ? __pfx_ksys_write+0x10/0x10
[  271.656957][ T9328]  ? rcu_is_watching+0x15/0xb0
[  271.656988][ T9328]  ? do_syscall_64+0xbe/0x3b0
[  271.657010][ T9328]  ? __x64_sys_ppoll+0x20/0xc0
[  271.657039][ T9328]  do_syscall_64+0xfa/0x3b0
[  271.657062][ T9328]  ? lockdep_hardirqs_on+0x9c/0x150
[  271.657085][ T9328]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.657104][ T9328]  ? clear_bhb_loop+0x60/0xb0
[  271.657128][ T9328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.657148][ T9328] RIP: 0033:0x7f627598e929
[  271.657168][ T9328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.657186][ T9328] RSP: 002b:00007f62768c0038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  271.657209][ T9328] RAX: ffffffffffffffda RBX: 00007f6275bb5fa0 RCX: 00007f627598e929
[  271.657224][ T9328] RDX: 0000000000000000 RSI: 20000000000000dc RDI: 00002000000000c0
[  271.657237][ T9328] RBP: 00007f62768c0090 R08: 0000000000000000 R09: 0000000000000000
[  271.657249][ T9328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.657261][ T9328] R13: 0000000000000000 R14: 00007f6275bb5fa0 R15: 00007ffeb25ca218
[  271.657291][ T9328]  </TASK>
[  272.253932][ T9341] FAULT_INJECTION: forcing a failure.
[  272.253932][ T9341] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  272.291529][ T9341] CPU: 1 UID: 0 PID: 9341 Comm: syz.6.818 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  272.291560][ T9341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  272.291580][ T9341] Call Trace:
[  272.291590][ T9341]  <TASK>
[  272.291599][ T9341]  dump_stack_lvl+0x189/0x250
[  272.291631][ T9341]  ? __pfx____ratelimit+0x10/0x10
[  272.291655][ T9341]  ? __pfx_dump_stack_lvl+0x10/0x10
[  272.291682][ T9341]  ? __pfx__printk+0x10/0x10
[  272.291724][ T9341]  should_fail_ex+0x414/0x560
[  272.291759][ T9341]  _copy_to_user+0x31/0xb0
[  272.291789][ T9341]  simple_read_from_buffer+0xe1/0x170
[  272.291816][ T9341]  proc_fail_nth_read+0x1df/0x250
[  272.291845][ T9341]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  272.291873][ T9341]  ? rw_verify_area+0x258/0x650
[  272.291902][ T9341]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  272.291929][ T9341]  vfs_read+0x200/0x980
[  272.291955][ T9341]  ? __pfx___mutex_lock+0x10/0x10
[  272.291979][ T9341]  ? __pfx_vfs_read+0x10/0x10
[  272.292001][ T9341]  ? __fget_files+0x2a/0x420
[  272.292028][ T9341]  ? __fget_files+0x3a0/0x420
[  272.292048][ T9341]  ? __fget_files+0x2a/0x420
[  272.292081][ T9341]  ksys_read+0x145/0x250
[  272.292104][ T9341]  ? __pfx_ksys_read+0x10/0x10
[  272.292119][ T9341]  ? rcu_is_watching+0x15/0xb0
[  272.292150][ T9341]  ? do_syscall_64+0xbe/0x3b0
[  272.292178][ T9341]  do_syscall_64+0xfa/0x3b0
[  272.292200][ T9341]  ? lockdep_hardirqs_on+0x9c/0x150
[  272.292223][ T9341]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.292241][ T9341]  ? clear_bhb_loop+0x60/0xb0
[  272.292265][ T9341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.292283][ T9341] RIP: 0033:0x7f3965b8d33c
[  272.292302][ T9341] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  272.292319][ T9341] RSP: 002b:00007f3966963030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  272.292341][ T9341] RAX: ffffffffffffffda RBX: 00007f3965db5fa0 RCX: 00007f3965b8d33c
[  272.292356][ T9341] RDX: 000000000000000f RSI: 00007f39669630a0 RDI: 0000000000000004
[  272.292367][ T9341] RBP: 00007f3966963090 R08: 0000000000000000 R09: 0000000000000000
[  272.292380][ T9341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.292391][ T9341] R13: 0000000000000000 R14: 00007f3965db5fa0 R15: 00007ffe8f53b048
[  272.292423][ T9341]  </TASK>
[  272.592798][ T9343] netlink: 16 bytes leftover after parsing attributes in process `syz.4.819'.
[  272.858440][ T9350] hpfs: Bad magic ... probably not HPFS
[  273.044201][ T9355] FAULT_INJECTION: forcing a failure.
[  273.044201][ T9355] name failslab, interval 1, probability 0, space 0, times 0
[  273.136601][ T9355] CPU: 0 UID: 0 PID: 9355 Comm: syz.1.824 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  273.136632][ T9355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  273.136645][ T9355] Call Trace:
[  273.136653][ T9355]  <TASK>
[  273.136661][ T9355]  dump_stack_lvl+0x189/0x250
[  273.136693][ T9355]  ? __pfx____ratelimit+0x10/0x10
[  273.136717][ T9355]  ? __pfx_dump_stack_lvl+0x10/0x10
[  273.136743][ T9355]  ? __pfx__printk+0x10/0x10
[  273.136778][ T9355]  ? __pfx___might_resched+0x10/0x10
[  273.136808][ T9355]  should_fail_ex+0x414/0x560
[  273.136842][ T9355]  should_failslab+0xa8/0x100
[  273.136864][ T9355]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  273.136891][ T9355]  ? __alloc_skb+0x112/0x2d0
[  273.136919][ T9355]  __alloc_skb+0x112/0x2d0
[  273.136949][ T9355]  netlink_sendmsg+0x5c6/0xb30
[  273.136983][ T9355]  ? __pfx_netlink_sendmsg+0x10/0x10
[  273.137010][ T9355]  ? aa_sock_msg_perm+0xf1/0x1d0
[  273.137040][ T9355]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  273.137063][ T9355]  ? __pfx_netlink_sendmsg+0x10/0x10
[  273.137088][ T9355]  __sock_sendmsg+0x219/0x270
[  273.137115][ T9355]  ____sys_sendmsg+0x505/0x830
[  273.137149][ T9355]  ? __pfx_____sys_sendmsg+0x10/0x10
[  273.137186][ T9355]  ? import_iovec+0x74/0xa0
[  273.137216][ T9355]  ___sys_sendmsg+0x21f/0x2a0
[  273.137246][ T9355]  ? __pfx____sys_sendmsg+0x10/0x10
[  273.137307][ T9355]  ? __fget_files+0x2a/0x420
[  273.137328][ T9355]  ? __fget_files+0x3a0/0x420
[  273.137359][ T9355]  __x64_sys_sendmsg+0x19b/0x260
[  273.137388][ T9355]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  273.137433][ T9355]  ? __pfx_ksys_write+0x10/0x10
[  273.137450][ T9355]  ? rcu_is_watching+0x15/0xb0
[  273.137478][ T9355]  ? do_syscall_64+0xbe/0x3b0
[  273.137507][ T9355]  do_syscall_64+0xfa/0x3b0
[  273.137528][ T9355]  ? lockdep_hardirqs_on+0x9c/0x150
[  273.137548][ T9355]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.137566][ T9355]  ? clear_bhb_loop+0x60/0xb0
[  273.137589][ T9355]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.137607][ T9355] RIP: 0033:0x7f627598e929
[  273.137624][ T9355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  273.137639][ T9355] RSP: 002b:00007f62768c0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  273.137660][ T9355] RAX: ffffffffffffffda RBX: 00007f6275bb5fa0 RCX: 00007f627598e929
[  273.137674][ T9355] RDX: 0000000044004094 RSI: 0000200000000a40 RDI: 0000000000000005
[  273.137687][ T9355] RBP: 00007f62768c0090 R08: 0000000000000000 R09: 0000000000000000
[  273.137699][ T9355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  273.137710][ T9355] R13: 0000000000000000 R14: 00007f6275bb5fa0 R15: 00007ffeb25ca218
[  273.137739][ T9355]  </TASK>
[  273.528890][ T9361] netlink: 'syz.4.826': attribute type 3 has an invalid length.
[  273.590515][ T9361] netlink: 766 bytes leftover after parsing attributes in process `syz.4.826'.
[  273.640061][ T9369] FAULT_INJECTION: forcing a failure.
[  273.640061][ T9369] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  273.707991][ T9369] CPU: 1 UID: 0 PID: 9369 Comm: syz.6.829 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  273.708021][ T9369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  273.708034][ T9369] Call Trace:
[  273.708043][ T9369]  <TASK>
[  273.708052][ T9369]  dump_stack_lvl+0x189/0x250
[  273.708085][ T9369]  ? __pfx____ratelimit+0x10/0x10
[  273.708109][ T9369]  ? __pfx_dump_stack_lvl+0x10/0x10
[  273.708135][ T9369]  ? __pfx__printk+0x10/0x10
[  273.708163][ T9369]  ? __might_fault+0xb0/0x130
[  273.708204][ T9369]  should_fail_ex+0x414/0x560
[  273.708240][ T9369]  _copy_from_user+0x2d/0xb0
[  273.708268][ T9369]  ___sys_recvmsg+0x12e/0x510
[  273.708305][ T9369]  ? __pfx____sys_recvmsg+0x10/0x10
[  273.708370][ T9369]  ? __might_fault+0xb0/0x130
[  273.708413][ T9369]  do_recvmmsg+0x307/0x770
[  273.708458][ T9369]  ? __pfx_do_recvmmsg+0x10/0x10
[  273.708501][ T9369]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  273.708554][ T9369]  __x64_sys_recvmmsg+0x190/0x240
[  273.708586][ T9369]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  273.708621][ T9369]  ? do_syscall_64+0xbe/0x3b0
[  273.708650][ T9369]  do_syscall_64+0xfa/0x3b0
[  273.708684][ T9369]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.708703][ T9369]  ? asm_common_interrupt+0x26/0x40
[  273.708721][ T9369]  ? clear_bhb_loop+0x60/0xb0
[  273.708744][ T9369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.708763][ T9369] RIP: 0033:0x7f3965b8e929
[  273.708781][ T9369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  273.708799][ T9369] RSP: 002b:00007f3966963038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  273.708822][ T9369] RAX: ffffffffffffffda RBX: 00007f3965db5fa0 RCX: 00007f3965b8e929
[  273.708836][ T9369] RDX: 0000000000000220 RSI: 00002000000002c0 RDI: 0000000000000003
[  273.708850][ T9369] RBP: 00007f3966963090 R08: 0000000000000000 R09: 0000000000000000
[  273.708862][ T9369] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001
[  273.708874][ T9369] R13: 0000000000000000 R14: 00007f3965db5fa0 R15: 00007ffe8f53b048
[  273.708907][ T9369]  </TASK>
[  274.421989][    T9] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  274.548467][ T9387] FAULT_INJECTION: forcing a failure.
[  274.548467][ T9387] name failslab, interval 1, probability 0, space 0, times 0
[  274.564359][ T9387] CPU: 0 UID: 0 PID: 9387 Comm: syz.1.835 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  274.564385][ T9387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  274.564393][ T9387] Call Trace:
[  274.564398][ T9387]  <TASK>
[  274.564404][ T9387]  dump_stack_lvl+0x189/0x250
[  274.564427][ T9387]  ? __pfx____ratelimit+0x10/0x10
[  274.564443][ T9387]  ? __pfx_dump_stack_lvl+0x10/0x10
[  274.564459][ T9387]  ? __pfx__printk+0x10/0x10
[  274.564476][ T9387]  ? __pfx___might_resched+0x10/0x10
[  274.564490][ T9387]  ? fs_reclaim_acquire+0x7d/0x100
[  274.564506][ T9387]  should_fail_ex+0x414/0x560
[  274.564526][ T9387]  should_failslab+0xa8/0x100
[  274.564545][ T9387]  __kmalloc_noprof+0xcb/0x4f0
[  274.564570][ T9387]  ? tomoyo_encode+0x28b/0x550
[  274.564601][ T9387]  tomoyo_encode+0x28b/0x550
[  274.564635][ T9387]  tomoyo_realpath_from_path+0x58d/0x5d0
[  274.564658][ T9387]  ? tomoyo_domain+0xd9/0x130
[  274.564679][ T9387]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  274.564694][ T9387]  tomoyo_path_number_perm+0x1e8/0x5a0
[  274.564711][ T9387]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  274.564736][ T9387]  ? __lock_acquire+0xab9/0xd20
[  274.564762][ T9387]  ? __fget_files+0x2a/0x420
[  274.564777][ T9387]  ? __fget_files+0x2a/0x420
[  274.564788][ T9387]  ? __fget_files+0x3a0/0x420
[  274.564799][ T9387]  ? __fget_files+0x2a/0x420
[  274.564813][ T9387]  security_file_ioctl+0xcb/0x2d0
[  274.564829][ T9387]  __se_sys_ioctl+0x47/0x170
[  274.564847][ T9387]  do_syscall_64+0xfa/0x3b0
[  274.564862][ T9387]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.564873][ T9387]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  274.564884][ T9387]  ? clear_bhb_loop+0x60/0xb0
[  274.564897][ T9387]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.564908][ T9387] RIP: 0033:0x7f627598e929
[  274.564920][ T9387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.564930][ T9387] RSP: 002b:00007f62768c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  274.564944][ T9387] RAX: ffffffffffffffda RBX: 00007f6275bb5fa0 RCX: 00007f627598e929
[  274.564953][ T9387] RDX: 0000000000000000 RSI: 0000000040049366 RDI: 0000000000000004
[  274.564961][ T9387] RBP: 00007f62768c0090 R08: 0000000000000000 R09: 0000000000000000
[  274.564968][ T9387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  274.564975][ T9387] R13: 0000000000000000 R14: 00007f6275bb5fa0 R15: 00007ffeb25ca218
[  274.564994][ T9387]  </TASK>
[  274.565134][ T9387] ERROR: Out of memory at tomoyo_realpath_from_path.
[  274.821827][    T9] usb 7-1: Using ep0 maxpacket: 8
[  274.831996][    T9] usb 7-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  274.841378][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.850620][    T9] usb 7-1: Product: syz
[  274.854920][    T9] usb 7-1: Manufacturer: syz
[  274.859684][    T9] usb 7-1: SerialNumber: syz
[  274.868328][    T9] usb 7-1: config 0 descriptor??
[  275.083750][    T9] usb 7-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  275.270418][   T24] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  275.430609][   T24] usb 5-1: Using ep0 maxpacket: 32
[  275.438445][   T24] usb 5-1: config 0 has an invalid interface number: 196 but max is 0
[  275.447453][   T24] usb 5-1: config 0 has no interface number 0
[  275.454574][   T24] usb 5-1: config 0 interface 196 has no altsetting 0
[  275.465140][   T24] usb 5-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  275.474290][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  275.482514][   T24] usb 5-1: Product: syz
[  275.486789][   T24] usb 5-1: Manufacturer: syz
[  275.491617][   T24] usb 5-1: SerialNumber: syz
[  275.499399][   T24] usb 5-1: config 0 descriptor??
[  275.744018][ T9391] PKCS7: Unknown OID: [5] (bad)
[  275.749183][ T9391] PKCS7: Only support pkcs7_signedData type
[  275.833596][   T24] ipheth 5-1:0.196: Unable to find endpoints
[  275.850015][   T24] usb 5-1: USB disconnect, device number 30
[  276.712015][    T9] dvb_usb_rtl28xxu 7-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  276.728918][    T9] usb 7-1: USB disconnect, device number 21
[  277.660347][   T24] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  277.810451][   T24] usb 7-1: Using ep0 maxpacket: 8
[  277.817308][   T24] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  277.826456][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.843339][   T24] pvrusb2: Hardware description: Terratec Grabster AV400
[  277.850677][   T24] pvrusb2: **********
[  277.854681][   T24] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  277.864840][   T24] pvrusb2: Important functionality might not be entirely working.
[  277.873323][   T24] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  277.885372][   T24] pvrusb2: **********
[  278.043214][ T2345] pvrusb2: Invalid write control endpoint
[  278.092124][ T2345] pvrusb2: Invalid write control endpoint
[  278.097951][ T2345] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  278.107701][ T2345] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  278.115373][ T2345] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  278.127057][ T2345] pvrusb2: Device being rendered inoperable
[  278.134468][ T2345] cx25840 3-0044: Unable to detect h/w, assuming cx23887
[  278.145167][ T2345] cx25840 3-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_b)
[  278.154608][ T2345] pvrusb2: Attached sub-driver cx25840
[  278.160114][ T2345] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  278.170436][ T2345] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  278.248330][ T5949] usb 7-1: USB disconnect, device number 22
[  278.809343][ T9403] comedi comedi0: Minor 48 is invalid!
[  279.050457][ T5949] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  279.210445][ T5949] usb 7-1: Using ep0 maxpacket: 8
[  279.217248][ T5949] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  279.226452][ T5949] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.242225][ T5949] pvrusb2: Hardware description: Terratec Grabster AV400
[  279.249307][ T5949] pvrusb2: **********
[  279.253951][ T5949] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  279.264333][ T5949] pvrusb2: Important functionality might not be entirely working.
[  279.272313][ T5949] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  279.284609][ T5949] pvrusb2: **********
[  279.440482][ T2345] pvrusb2: Invalid write control endpoint
[  279.489857][ T2345] pvrusb2: Invalid write control endpoint
[  279.496714][ T2345] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  279.508464][ T2345] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  279.517079][ T2345] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  279.528437][ T2345] pvrusb2: Device being rendered inoperable
[  279.534538][ T2345] cx25840 3-0044: Unable to detect h/w, assuming cx23887
[  279.541697][ T2345] cx25840 3-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_c)
[  279.549924][ T2345] pvrusb2: Attached sub-driver cx25840
[  279.555738][ T2345] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  279.566125][ T2345] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  279.646798][   T24] usb 7-1: USB disconnect, device number 23
[  280.995656][ T9413] FAULT_INJECTION: forcing a failure.
[  280.995656][ T9413] name failslab, interval 1, probability 0, space 0, times 0
[  281.008588][ T9413] CPU: 1 UID: 0 PID: 9413 Comm: syz.6.845 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  281.008615][ T9413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  281.008626][ T9413] Call Trace:
[  281.008635][ T9413]  <TASK>
[  281.008643][ T9413]  dump_stack_lvl+0x189/0x250
[  281.008676][ T9413]  ? __pfx____ratelimit+0x10/0x10
[  281.008700][ T9413]  ? __pfx_dump_stack_lvl+0x10/0x10
[  281.008727][ T9413]  ? __pfx__printk+0x10/0x10
[  281.008760][ T9413]  ? __pfx___might_resched+0x10/0x10
[  281.008789][ T9413]  should_fail_ex+0x414/0x560
[  281.008823][ T9413]  should_failslab+0xa8/0x100
[  281.008844][ T9413]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  281.008872][ T9413]  ? __alloc_skb+0x112/0x2d0
[  281.008902][ T9413]  __alloc_skb+0x112/0x2d0
[  281.008931][ T9413]  netlink_sendmsg+0x5c6/0xb30
[  281.008967][ T9413]  ? __pfx_netlink_sendmsg+0x10/0x10
[  281.008995][ T9413]  ? aa_sock_msg_perm+0xf1/0x1d0
[  281.009025][ T9413]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  281.009048][ T9413]  ? __pfx_netlink_sendmsg+0x10/0x10
[  281.009074][ T9413]  __sock_sendmsg+0x219/0x270
[  281.009099][ T9413]  ____sys_sendmsg+0x505/0x830
[  281.009132][ T9413]  ? __pfx_____sys_sendmsg+0x10/0x10
[  281.009171][ T9413]  ? import_iovec+0x74/0xa0
[  281.009202][ T9413]  ___sys_sendmsg+0x21f/0x2a0
[  281.009232][ T9413]  ? __pfx____sys_sendmsg+0x10/0x10
[  281.009301][ T9413]  ? __fget_files+0x2a/0x420
[  281.009321][ T9413]  ? __fget_files+0x3a0/0x420
[  281.009355][ T9413]  __x64_sys_sendmsg+0x19b/0x260
[  281.009385][ T9413]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  281.009433][ T9413]  ? __pfx_ksys_write+0x10/0x10
[  281.009459][ T9413]  ? do_syscall_64+0xbe/0x3b0
[  281.009487][ T9413]  do_syscall_64+0xfa/0x3b0
[  281.009509][ T9413]  ? lockdep_hardirqs_on+0x9c/0x150
[  281.009531][ T9413]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.009550][ T9413]  ? clear_bhb_loop+0x60/0xb0
[  281.009573][ T9413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.009591][ T9413] RIP: 0033:0x7f3965b8e929
[  281.009609][ T9413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  281.009626][ T9413] RSP: 002b:00007f3966942038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  281.009647][ T9413] RAX: ffffffffffffffda RBX: 00007f3965db6080 RCX: 00007f3965b8e929
[  281.009660][ T9413] RDX: 0000000004000000 RSI: 0000200000000400 RDI: 0000000000000007
[  281.009673][ T9413] RBP: 00007f3966942090 R08: 0000000000000000 R09: 0000000000000000
[  281.009685][ T9413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  281.009697][ T9413] R13: 0000000000000000 R14: 00007f3965db6080 R15: 00007ffe8f53b048
[  281.009727][ T9413]  </TASK>
[  281.650450][ T5862] Bluetooth: hci4: command 0x0406 tx timeout
[  281.815816][ T9415] hpfs: Bad magic ... probably not HPFS
[  281.828176][ T9415] netlink: 'syz.6.846': attribute type 3 has an invalid length.
[  281.836173][ T9415] netlink: 'syz.6.846': attribute type 1 has an invalid length.
[  281.844351][ T9415] netlink: 220 bytes leftover after parsing attributes in process `syz.6.846'.
[  282.854724][ T9421] FAULT_INJECTION: forcing a failure.
[  282.854724][ T9421] name failslab, interval 1, probability 0, space 0, times 0
[  282.868564][ T9421] CPU: 0 UID: 0 PID: 9421 Comm: syz.6.848 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  282.868586][ T9421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  282.868593][ T9421] Call Trace:
[  282.868599][ T9421]  <TASK>
[  282.868604][ T9421]  dump_stack_lvl+0x189/0x250
[  282.868625][ T9421]  ? __pfx____ratelimit+0x10/0x10
[  282.868640][ T9421]  ? __pfx_dump_stack_lvl+0x10/0x10
[  282.868654][ T9421]  ? __pfx__printk+0x10/0x10
[  282.868672][ T9421]  ? __pfx___might_resched+0x10/0x10
[  282.868686][ T9421]  ? fs_reclaim_acquire+0x7d/0x100
[  282.868702][ T9421]  should_fail_ex+0x414/0x560
[  282.868722][ T9421]  should_failslab+0xa8/0x100
[  282.868734][ T9421]  __kmalloc_noprof+0xcb/0x4f0
[  282.868749][ T9421]  ? tomoyo_encode+0x28b/0x550
[  282.868768][ T9421]  tomoyo_encode+0x28b/0x550
[  282.868787][ T9421]  tomoyo_realpath_from_path+0x58d/0x5d0
[  282.868810][ T9421]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  282.868825][ T9421]  tomoyo_path_number_perm+0x1e8/0x5a0
[  282.868841][ T9421]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  282.868866][ T9421]  ? __lock_acquire+0xab9/0xd20
[  282.868892][ T9421]  ? __fget_files+0x2a/0x420
[  282.868906][ T9421]  ? __fget_files+0x2a/0x420
[  282.868917][ T9421]  ? __fget_files+0x3a0/0x420
[  282.868928][ T9421]  ? __fget_files+0x2a/0x420
[  282.868942][ T9421]  security_file_ioctl+0xcb/0x2d0
[  282.868957][ T9421]  __se_sys_ioctl+0x47/0x170
[  282.868974][ T9421]  do_syscall_64+0xfa/0x3b0
[  282.868987][ T9421]  ? lockdep_hardirqs_on+0x9c/0x150
[  282.869000][ T9421]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.869011][ T9421]  ? clear_bhb_loop+0x60/0xb0
[  282.869026][ T9421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.869043][ T9421] RIP: 0033:0x7f3965b8e929
[  282.869061][ T9421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.869077][ T9421] RSP: 002b:00007f3966963038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  282.869098][ T9421] RAX: ffffffffffffffda RBX: 00007f3965db5fa0 RCX: 00007f3965b8e929
[  282.869111][ T9421] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000003
[  282.869120][ T9421] RBP: 00007f3966963090 R08: 0000000000000000 R09: 0000000000000000
[  282.869132][ T9421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  282.869144][ T9421] R13: 0000000000000000 R14: 00007f3965db5fa0 R15: 00007ffe8f53b048
[  282.869172][ T9421]  </TASK>
[  282.869190][ T9421] ERROR: Out of memory at tomoyo_realpath_from_path.
[  283.199795][ T9423] ntfs3(rnullb0): Primary boot signature is not NTFS.
[  283.207617][ T9423] ntfs3(rnullb0): Alternative boot signature is not NTFS.
[  283.590446][ T5949] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  283.750495][ T5949] usb 7-1: Using ep0 maxpacket: 8
[  283.757081][ T5949] usb 7-1: config 0 has an invalid interface number: 120 but max is 0
[  283.765484][ T5949] usb 7-1: config 0 has no interface number 0
[  283.771647][ T5949] usb 7-1: config 0 interface 120 has no altsetting 0
[  283.782608][ T5949] usb 7-1: New USB device found, idVendor=9022, idProduct=d632, bcdDevice=e9.8b
[  283.791756][ T5949] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.799762][ T5949] usb 7-1: Product: syz
[  283.804157][ T5949] usb 7-1: Manufacturer: syz
[  283.808880][ T5949] usb 7-1: SerialNumber: syz
[  283.820503][ T5949] usb 7-1: config 0 descriptor??
[  283.828459][ T5949] dvb-usb: found a 'TeVii S632 USB' in warm state.
[  283.835219][ T5949] dw2102: su3000_power_ctrl: 1, initialized 0
[  283.841961][ T5949] dvb-usb: bulk message failed: -22 (2/0)
[  283.850710][ T5949] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  283.860712][ T5949] dvbdev: DVB: registering new adapter (TeVii S632 USB)
[  283.867776][ T5949] usb 7-1: media controller created
[  283.873240][ T5949] dvb-usb: bulk message failed: -22 (6/0)
[  283.879260][ T5949] dw2102: i2c transfer failed.
[  283.884260][ T5949] dvb-usb: bulk message failed: -22 (6/0)
[  283.890011][ T5949] dw2102: i2c transfer failed.
[  283.894916][ T5949] dvb-usb: bulk message failed: -22 (6/0)
[  283.900819][ T5949] dw2102: i2c transfer failed.
[  283.905613][ T5949] dvb-usb: bulk message failed: -22 (6/0)
[  283.911386][ T5949] dw2102: i2c transfer failed.
[  283.916253][ T5949] dvb-usb: bulk message failed: -22 (6/0)
[  283.922701][ T5949] dw2102: i2c transfer failed.
[  283.927492][ T5949] dvb-usb: bulk message failed: -22 (6/0)
[  283.933297][ T5949] dw2102: i2c transfer failed.
[  283.938090][ T5949] dvb-usb: MAC address: 02:02:02:02:02:02
[  283.960608][ T5949] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  283.980780][ T5949] dvb-usb: bulk message failed: -22 (1/0)
[  283.986568][ T5949] dw2102: command 0x51 transfer failed.
[  284.017092][ T5949] DVB: Unable to find symbol m88rs2000_attach()
[  284.023459][ T5949] dvb-usb: no frontend was attached by 'TeVii S632 USB'
[  284.043909][ T9427] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  284.058140][ T9427] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  284.100358][ T5949] rc_core: IR keymap rc-su3000 not found
[  284.106054][ T5949] Registered IR keymap rc-empty
[  284.112803][ T5949] rc rc0: TeVii S632 USB as /devices/platform/dummy_hcd.6/usb7/7-1/rc/rc0
[  284.128062][ T5949] input: TeVii S632 USB as /devices/platform/dummy_hcd.6/usb7/7-1/rc/rc0/input26
[  284.140999][ T5949] dvb-usb: schedule remote query interval to 150 msecs.
[  284.148020][ T5949] dw2102: su3000_power_ctrl: 0, initialized 1
[  284.154676][ T5949] dvb-usb: TeVii S632 USB successfully initialized and connected.
[  284.165691][ T5949] usb 7-1: USB disconnect, device number 24
[  284.242023][ T5949] dvb-usb: TeVii S632 USB successfully deinitialized and disconnected.
[  285.272168][ T9450] syzkaller1: entered promiscuous mode
[  285.277713][ T9450] syzkaller1: entered allmulticast mode
[  285.418144][ T9452] syzkaller1: entered promiscuous mode
[  285.425892][ T9452] syzkaller1: entered allmulticast mode
[  285.434048][ T9452] FAULT_INJECTION: forcing a failure.
[  285.434048][ T9452] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.447290][ T9452] CPU: 1 UID: 0 PID: 9452 Comm: syz.6.854 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  285.447317][ T9452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  285.447328][ T9452] Call Trace:
[  285.447338][ T9452]  <TASK>
[  285.447347][ T9452]  dump_stack_lvl+0x189/0x250
[  285.447377][ T9452]  ? __pfx____ratelimit+0x10/0x10
[  285.447399][ T9452]  ? __pfx_dump_stack_lvl+0x10/0x10
[  285.447420][ T9452]  ? __pfx__printk+0x10/0x10
[  285.447442][ T9452]  ? __might_fault+0xb0/0x130
[  285.447497][ T9452]  should_fail_ex+0x414/0x560
[  285.447529][ T9452]  _copy_from_iter+0x1db/0x16f0
[  285.447553][ T9452]  ? __lock_acquire+0xab9/0xd20
[  285.447581][ T9452]  ? __pfx__copy_from_iter+0x10/0x10
[  285.447608][ T9452]  ? __lock_acquire+0xab9/0xd20
[  285.447647][ T9452]  tun_get_user+0x4ce/0x3ce0
[  285.447679][ T9452]  ? aa_file_perm+0x13e/0x11b0
[  285.447700][ T9452]  ? aa_file_perm+0x13e/0x11b0
[  285.447718][ T9452]  ? aa_file_perm+0x3ed/0x11b0
[  285.447739][ T9452]  ? __pfx_tun_get_user+0x10/0x10
[  285.447767][ T9452]  ? __lock_acquire+0xab9/0xd20
[  285.447795][ T9452]  ? ref_tracker_alloc+0x318/0x460
[  285.447812][ T9452]  ? __lock_acquire+0xab9/0xd20
[  285.447836][ T9452]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  285.447859][ T9452]  ? tun_get+0x1c/0x2f0
[  285.447885][ T9452]  ? tun_get+0x1c/0x2f0
[  285.447903][ T9452]  ? tun_get+0x1c/0x2f0
[  285.447927][ T9452]  tun_chr_write_iter+0x113/0x200
[  285.447950][ T9452]  vfs_write+0x548/0xa90
[  285.447975][ T9452]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  285.447995][ T9452]  ? __pfx_vfs_write+0x10/0x10
[  285.448025][ T9452]  ? __fget_files+0x2a/0x420
[  285.448058][ T9452]  ksys_write+0x145/0x250
[  285.448080][ T9452]  ? __pfx_ksys_write+0x10/0x10
[  285.448094][ T9452]  ? rcu_is_watching+0x15/0xb0
[  285.448123][ T9452]  ? do_syscall_64+0xbe/0x3b0
[  285.448152][ T9452]  do_syscall_64+0xfa/0x3b0
[  285.448174][ T9452]  ? lockdep_hardirqs_on+0x9c/0x150
[  285.448196][ T9452]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.448213][ T9452]  ? clear_bhb_loop+0x60/0xb0
[  285.448236][ T9452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.448253][ T9452] RIP: 0033:0x7f3965b8e929
[  285.448271][ T9452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.448288][ T9452] RSP: 002b:00007f3966963038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  285.448311][ T9452] RAX: ffffffffffffffda RBX: 00007f3965db5fa0 RCX: 00007f3965b8e929
[  285.448325][ T9452] RDX: 0000000000000fca RSI: 0000200000001700 RDI: 0000000000000004
[  285.448338][ T9452] RBP: 00007f3966963090 R08: 0000000000000000 R09: 0000000000000000
[  285.448351][ T9452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.448363][ T9452] R13: 0000000000000000 R14: 00007f3965db5fa0 R15: 00007ffe8f53b048
[  285.448395][ T9452]  </TASK>
[  286.360404][   T24] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  286.512806][   T24] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  286.521752][   T24] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  286.532855][   T24] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  286.542110][   T24] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  286.553301][   T24] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  286.565854][   T24] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  286.575136][   T24] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  286.583344][   T24] usb 7-1: Product: syz
[  286.587732][   T24] usb 7-1: Manufacturer: syz
[  286.598828][   T24] cdc_wdm 7-1:1.0: skipping garbage
[  286.604340][   T24] cdc_wdm 7-1:1.0: skipping garbage
[  286.613201][   T24] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  286.619177][   T24] cdc_wdm 7-1:1.0: Unknown control protocol
[  286.803118][   T24] usb 7-1: USB disconnect, device number 25
[  287.590373][ T5949] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  287.752051][ T5949] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  287.761031][ T5949] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  287.771338][ T5949] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  287.780430][ T5949] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  287.791468][ T5949] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  287.804504][ T5949] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  287.814657][ T5949] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  287.826805][ T5949] usb 7-1: Product: syz
[  287.831074][ T5949] usb 7-1: Manufacturer: syz
[  287.840991][ T5949] cdc_wdm 7-1:1.0: skipping garbage
[  287.846675][ T5949] cdc_wdm 7-1:1.0: skipping garbage
[  287.854384][ T5949] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  287.860442][ T5949] cdc_wdm 7-1:1.0: Unknown control protocol
[  288.040857][ T9466] FAULT_INJECTION: forcing a failure.
[  288.040857][ T9466] name failslab, interval 1, probability 0, space 0, times 0
[  288.054034][ T9466] CPU: 1 UID: 0 PID: 9466 Comm: syz.6.860 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  288.054060][ T9466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  288.054072][ T9466] Call Trace:
[  288.054080][ T9466]  <TASK>
[  288.054089][ T9466]  dump_stack_lvl+0x189/0x250
[  288.054122][ T9466]  ? __pfx____ratelimit+0x10/0x10
[  288.054152][ T9466]  ? __pfx_dump_stack_lvl+0x10/0x10
[  288.054178][ T9466]  ? __pfx__printk+0x10/0x10
[  288.054211][ T9466]  ? __pfx___might_resched+0x10/0x10
[  288.054234][ T9466]  ? fs_reclaim_acquire+0x7d/0x100
[  288.054260][ T9466]  should_fail_ex+0x414/0x560
[  288.054293][ T9466]  should_failslab+0xa8/0x100
[  288.054313][ T9466]  __kmalloc_noprof+0xcb/0x4f0
[  288.054340][ T9466]  ? do_sys_poll+0x2ac/0x1070
[  288.054366][ T9466]  do_sys_poll+0x2ac/0x1070
[  288.054416][ T9466]  ? __pfx_do_sys_poll+0x10/0x10
[  288.054517][ T9466]  ? rcu_read_lock_any_held+0xb3/0x120
[  288.054543][ T9466]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  288.054572][ T9466]  ? vfs_write+0x8d8/0xa90
[  288.054620][ T9466]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  288.054641][ T9466]  ? set_user_sigmask+0xc7/0x1b0
[  288.054663][ T9466]  ? __pfx_set_user_sigmask+0x10/0x10
[  288.054687][ T9466]  ? __fget_files+0x3a0/0x420
[  288.054718][ T9466]  __se_sys_ppoll+0x1ff/0x260
[  288.054742][ T9466]  ? __pfx___se_sys_ppoll+0x10/0x10
[  288.054762][ T9466]  ? __pfx_ksys_write+0x10/0x10
[  288.054788][ T9466]  ? do_syscall_64+0xbe/0x3b0
[  288.054809][ T9466]  ? __x64_sys_ppoll+0x20/0xc0
[  288.054832][ T9466]  do_syscall_64+0xfa/0x3b0
[  288.054854][ T9466]  ? lockdep_hardirqs_on+0x9c/0x150
[  288.054877][ T9466]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.054896][ T9466]  ? clear_bhb_loop+0x60/0xb0
[  288.054920][ T9466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.054939][ T9466] RIP: 0033:0x7f3965b8e929
[  288.054957][ T9466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.054973][ T9466] RSP: 002b:00007f3966963038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  288.054995][ T9466] RAX: ffffffffffffffda RBX: 00007f3965db5fa0 RCX: 00007f3965b8e929
[  288.055009][ T9466] RDX: 0000000000000000 RSI: 20000000000000dc RDI: 00002000000000c0
[  288.055023][ T9466] RBP: 00007f3966963090 R08: 0000000000000000 R09: 0000000000000000
[  288.055034][ T9466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  288.055045][ T9466] R13: 0000000000000000 R14: 00007f3965db5fa0 R15: 00007ffe8f53b048
[  288.055077][ T9466]  </TASK>
[  288.060110][   T24] usb 7-1: USB disconnect, device number 26
[  288.795230][ T5862] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  288.806555][ T5862] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  288.815122][ T5862] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  289.007385][ T9482] FAULT_INJECTION: forcing a failure.
[  289.007385][ T9482] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  289.031725][ T9482] CPU: 1 UID: 0 PID: 9482 Comm: syz.6.865 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  289.031754][ T9482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  289.031766][ T9482] Call Trace:
[  289.031775][ T9482]  <TASK>
[  289.031784][ T9482]  dump_stack_lvl+0x189/0x250
[  289.031817][ T9482]  ? __pfx____ratelimit+0x10/0x10
[  289.031842][ T9482]  ? __pfx_dump_stack_lvl+0x10/0x10
[  289.031869][ T9482]  ? __pfx__printk+0x10/0x10
[  289.031899][ T9482]  ? fs_reclaim_acquire+0x7d/0x100
[  289.031930][ T9482]  should_fail_ex+0x414/0x560
[  289.031963][ T9482]  prepare_alloc_pages+0x213/0x610
[  289.031995][ T9482]  __alloc_frozen_pages_noprof+0x123/0x370
[  289.032022][ T9482]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  289.032057][ T9482]  ? policy_nodemask+0x27c/0x720
[  289.032093][ T9482]  alloc_pages_mpol+0x232/0x4a0
[  289.032119][ T9482]  vma_alloc_folio_noprof+0xe4/0x200
[  289.032138][ T9482]  ? kernel_text_address+0xa5/0xe0
[  289.032159][ T9482]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  289.032194][ T9482]  folio_prealloc+0x30/0x180
[  289.032217][ T9482]  do_wp_page+0x1231/0x5800
[  289.032269][ T9482]  ? __pfx_do_wp_page+0x10/0x10
[  289.032300][ T9482]  ? do_raw_spin_lock+0x121/0x290
[  289.032332][ T9482]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  289.032373][ T9482]  __handle_mm_fault+0x1033/0x5440
[  289.032419][ T9482]  ? __pfx___handle_mm_fault+0x10/0x10
[  289.032478][ T9482]  ? find_vma+0xe7/0x160
[  289.032503][ T9482]  ? __pfx_find_vma+0x10/0x10
[  289.032533][ T9482]  handle_mm_fault+0x40a/0x8e0
[  289.032581][ T9482]  do_user_addr_fault+0x764/0x1390
[  289.032622][ T9482]  exc_page_fault+0x76/0xf0
[  289.032649][ T9482]  asm_exc_page_fault+0x26/0x30
[  289.032667][ T9482] RIP: 0010:__put_user_nocheck_4+0x3/0x10
[  289.032692][ T9482] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 01 cb <89> 01 31 c9 0f 01 ca e9 81 3b 03 00 90 90 90 90 90 90 90 90 90 90
[  289.032709][ T9482] RSP: 0018:ffffc90013e6f8b8 EFLAGS: 00050206
[  289.032728][ T9482] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00002000000002f0
[  289.032742][ T9482] RDX: ffff88802de9bc00 RSI: 0000000000000100 RDI: 00000000ffffffff
[  289.032756][ T9482] RBP: ffffc90013e6fa30 R08: ffffffff8fe47d37 R09: 1ffffffff1fc8fa6
[  289.032770][ T9482] R10: dffffc0000000000 R11: fffffbfff1fc8fa7 R12: 0000000000000100
[  289.032783][ T9482] R13: dffffc0000000000 R14: 0000000000000000 R15: 00002000000002c0
[  289.032818][ T9482]  ____sys_recvmsg+0x2ab/0x460
[  289.032859][ T9482]  ? __pfx_____sys_recvmsg+0x10/0x10
[  289.032906][ T9482]  ? import_iovec+0x74/0xa0
[  289.032938][ T9482]  ___sys_recvmsg+0x1b5/0x510
[  289.032974][ T9482]  ? __pfx____sys_recvmsg+0x10/0x10
[  289.033033][ T9482]  ? __fget_files+0x3a0/0x420
[  289.033068][ T9482]  do_recvmmsg+0x307/0x770
[  289.033108][ T9482]  ? __pfx_do_recvmmsg+0x10/0x10
[  289.033152][ T9482]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  289.033196][ T9482]  __x64_sys_recvmmsg+0x190/0x240
[  289.033226][ T9482]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  289.033257][ T9482]  ? do_syscall_64+0xbe/0x3b0
[  289.033293][ T9482]  do_syscall_64+0xfa/0x3b0
[  289.033313][ T9482]  ? lockdep_hardirqs_on+0x9c/0x150
[  289.033336][ T9482]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.033355][ T9482]  ? clear_bhb_loop+0x60/0xb0
[  289.033380][ T9482]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.033399][ T9482] RIP: 0033:0x7f3965b8e929
[  289.033416][ T9482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.033432][ T9482] RSP: 002b:00007f3966963038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  289.033451][ T9482] RAX: ffffffffffffffda RBX: 00007f3965db5fa0 RCX: 00007f3965b8e929
[  289.033465][ T9482] RDX: 0000000000000220 RSI: 00002000000002c0 RDI: 0000000000000003
[  289.033477][ T9482] RBP: 00007f3966963090 R08: 0000000000000000 R09: 0000000000000000
[  289.033490][ T9482] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001
[  289.033502][ T9482] R13: 0000000000000000 R14: 00007f3965db5fa0 R15: 00007ffe8f53b048
[  289.033536][ T9482]  </TASK>
[  289.819717][ T5170] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  289.829370][ T5170] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  289.841547][ T5170] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  289.851844][ T9490] netlink: 28 bytes leftover after parsing attributes in process `syz.6.868'.
[  289.861829][ T9488] netlink: 28 bytes leftover after parsing attributes in process `syz.6.868'.
[  289.865361][ T5170] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  289.891041][ T5170] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  290.729725][ T5862] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  290.742225][ T9487] chnl_net:caif_netlink_parms(): no params data found
[  290.742824][ T5862] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  290.764074][ T5862] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  290.784124][ T5862] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  290.799136][ T5862] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  290.850772][ T5862] Bluetooth: hci4: command 0x0406 tx timeout
[  290.868789][ T9505] FAULT_INJECTION: forcing a failure.
[  290.868789][ T9505] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  290.887693][ T9502] nbd6: detected capacity change from 0 to 8589934592
[  290.903820][ T9505] CPU: 1 UID: 0 PID: 9505 Comm: syz.6.871 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  290.903849][ T9505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  290.903861][ T9505] Call Trace:
[  290.903869][ T9505]  <TASK>
[  290.903878][ T9505]  dump_stack_lvl+0x189/0x250
[  290.903912][ T9505]  ? __pfx____ratelimit+0x10/0x10
[  290.903937][ T9505]  ? __pfx_dump_stack_lvl+0x10/0x10
[  290.903963][ T9505]  ? __pfx__printk+0x10/0x10
[  290.903990][ T9505]  ? __might_fault+0xb0/0x130
[  290.904031][ T9505]  should_fail_ex+0x414/0x560
[  290.904066][ T9505]  _copy_from_user+0x2d/0xb0
[  290.904094][ T9505]  memdup_user+0x5e/0xd0
[  290.904116][ T9505]  strndup_user+0x68/0xd0
[  290.904138][ T9505]  __se_sys_mount+0x9c/0x410
[  290.904160][ T9505]  ? ksys_write+0x22a/0x250
[  290.904183][ T9505]  ? __pfx___se_sys_mount+0x10/0x10
[  290.904227][ T9505]  ? do_syscall_64+0xbe/0x3b0
[  290.904250][ T9505]  ? __x64_sys_mount+0x20/0xc0
[  290.904273][ T9505]  do_syscall_64+0xfa/0x3b0
[  290.904296][ T9505]  ? lockdep_hardirqs_on+0x9c/0x150
[  290.904316][ T9505]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.904334][ T9505]  ? clear_bhb_loop+0x60/0xb0
[  290.904358][ T9505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.904376][ T9505] RIP: 0033:0x7f3965b8e929
[  290.904395][ T9505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.904412][ T9505] RSP: 002b:00007f3966921038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  290.904434][ T9505] RAX: ffffffffffffffda RBX: 00007f3965db6160 RCX: 00007f3965b8e929
[  290.904448][ T9505] RDX: 0000200000000080 RSI: 0000200000004a00 RDI: 0000200000000000
[  290.904462][ T9505] RBP: 00007f3966921090 R08: 0000000000000000 R09: 0000000000000000
[  290.904475][ T9505] R10: 0000000002008087 R11: 0000000000000246 R12: 0000000000000001
[  290.904488][ T9505] R13: 0000000000000001 R14: 00007f3965db6160 R15: 00007ffe8f53b048
[  290.904520][ T9505]  </TASK>
[  290.917472][ T6402] block nbd6: Send control failed (result -89)
[  291.123737][ T6402] block nbd6: Request send failed, requeueing
[  291.125447][ T9487] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.132895][ T5861] block nbd6: Receive control failed (result -32)
[  291.147875][   T94] block nbd6: Dead connection, failed to find a fallback
[  291.152293][ T9487] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.155570][   T94] block nbd6: shutting down sockets
[  291.166045][ T9487] bridge_slave_0: entered allmulticast mode
[  291.168013][   T94] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  291.178865][ T9487] bridge_slave_0: entered promiscuous mode
[  291.185315][   T94] Buffer I/O error on dev nbd6, logical block 0, async page read
[  291.198401][ T6402] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  291.208849][ T6402] Buffer I/O error on dev nbd6, logical block 0, async page read
[  291.217163][ T6402] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  291.226299][ T6402] Buffer I/O error on dev nbd6, logical block 0, async page read
[  291.234843][ T6402] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  291.244018][ T6402] Buffer I/O error on dev nbd6, logical block 0, async page read
[  291.252092][ T6402] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  291.261292][ T6402] Buffer I/O error on dev nbd6, logical block 0, async page read
[  291.267926][   T36] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.269249][ T6402] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  291.288644][ T6402] Buffer I/O error on dev nbd6, logical block 0, async page read
[  291.297196][ T6402] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  291.306325][ T6402] Buffer I/O error on dev nbd6, logical block 0, async page read
[  291.314294][ T9487] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.314467][ T6402] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  291.330451][ T6402] Buffer I/O error on dev nbd6, logical block 0, async page read
[  291.330542][ T9487] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.338318][ T6402] ldm_validate_partition_table(): Disk read failed.
[  291.352064][ T6402] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  291.355502][ T9487] bridge_slave_1: entered allmulticast mode
[  291.361498][ T6402] Buffer I/O error on dev nbd6, logical block 0, async page read
[  291.361707][ T6402] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  291.376002][ T9487] bridge_slave_1: entered promiscuous mode
[  291.384679][ T6402] Buffer I/O error on dev nbd6, logical block 0, async page read
[  291.386194][ T6402] Dev nbd6: unable to read RDB block 0
[  291.405813][ T6402]  nbd6: unable to read partition table
[  291.427347][ T6402] ldm_validate_partition_table(): Disk read failed.
[  291.441340][ T6402] Dev nbd6: unable to read RDB block 0
[  291.447844][ T6402]  nbd6: unable to read partition table
[  291.532696][   T36] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.684425][ T9487] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  291.812317][   T36] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.857976][ T9487] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  291.970754][ T5861] Bluetooth: hci1: command tx timeout
[  292.115658][ T9512] FAULT_INJECTION: forcing a failure.
[  292.115658][ T9512] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  292.129517][ T9512] CPU: 1 UID: 0 PID: 9512 Comm: syz.6.875 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  292.129546][ T9512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  292.129568][ T9512] Call Trace:
[  292.129577][ T9512]  <TASK>
[  292.129586][ T9512]  dump_stack_lvl+0x189/0x250
[  292.129619][ T9512]  ? __pfx____ratelimit+0x10/0x10
[  292.129643][ T9512]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.129670][ T9512]  ? __pfx__printk+0x10/0x10
[  292.129697][ T9512]  ? shmem_alloc_and_add_folio+0xcb3/0xf60
[  292.129734][ T9512]  ? filemap_get_entry+0xad/0x2f0
[  292.129753][ T9512]  ? filemap_get_entry+0xad/0x2f0
[  292.129777][ T9512]  should_fail_ex+0x414/0x560
[  292.129813][ T9512]  copy_folio_from_iter_atomic+0x311/0x18f0
[  292.129841][ T9512]  ? shmem_allowable_huge_orders+0x1f8/0x420
[  292.129892][ T9512]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[  292.129931][ T9512]  ? shmem_write_begin+0x15f/0x2b0
[  292.129966][ T9512]  generic_perform_write+0x5f1/0x910
[  292.130008][ T9512]  ? __pfx_generic_perform_write+0x10/0x10
[  292.130033][ T9512]  ? do_raw_spin_unlock+0x122/0x240
[  292.130061][ T9512]  ? mnt_put_write_access_file+0xc0/0x100
[  292.130089][ T9512]  ? file_update_time+0x416/0x490
[  292.130121][ T9512]  shmem_file_write_iter+0xf8/0x120
[  292.130152][ T9512]  do_iter_readv_writev+0x56b/0x7f0
[  292.130182][ T9512]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  292.130200][ T9512]  ? rcu_read_lock_any_held+0xb3/0x120
[  292.130247][ T9512]  vfs_iter_write+0x238/0x600
[  292.130276][ T9512]  backing_file_write_iter+0x38e/0x870
[  292.130310][ T9512]  ovl_write_iter+0x29c/0x350
[  292.130348][ T9512]  ? __pfx_ovl_write_iter+0x10/0x10
[  292.130376][ T9512]  ? __pfx_ovl_file_end_write+0x10/0x10
[  292.130410][ T9512]  vfs_write+0x548/0xa90
[  292.130435][ T9512]  ? __pfx_ovl_write_iter+0x10/0x10
[  292.130464][ T9512]  ? __pfx_vfs_write+0x10/0x10
[  292.130497][ T9512]  ? __fget_files+0x2a/0x420
[  292.130531][ T9512]  ksys_write+0x145/0x250
[  292.130561][ T9512]  ? __pfx_ksys_write+0x10/0x10
[  292.130577][ T9512]  ? rcu_is_watching+0x15/0xb0
[  292.130608][ T9512]  ? do_syscall_64+0xbe/0x3b0
[  292.130638][ T9512]  do_syscall_64+0xfa/0x3b0
[  292.130660][ T9512]  ? lockdep_hardirqs_on+0x9c/0x150
[  292.130682][ T9512]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.130701][ T9512]  ? clear_bhb_loop+0x60/0xb0
[  292.130725][ T9512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.130743][ T9512] RIP: 0033:0x7f3965b8e929
[  292.130762][ T9512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.130778][ T9512] RSP: 002b:00007f3966963038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  292.130800][ T9512] RAX: ffffffffffffffda RBX: 00007f3965db5fa0 RCX: 00007f3965b8e929
[  292.130814][ T9512] RDX: 00000000000000a0 RSI: 0000200000000180 RDI: 0000000000000003
[  292.130826][ T9512] RBP: 00007f3966963090 R08: 0000000000000000 R09: 0000000000000000
[  292.130839][ T9512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  292.130851][ T9512] R13: 0000000000000000 R14: 00007f3965db5fa0 R15: 00007ffe8f53b048
[  292.130886][ T9512]  </TASK>
[  292.454094][   T36] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.495994][ T5856] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  292.522479][ T5856] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  292.531751][ T5856] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  292.546916][ T5856] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  292.556351][ T5856] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  292.579920][ T9487] team0: Port device team_slave_0 added
[  292.590494][ T9487] team0: Port device team_slave_1 added
[  292.711271][ T9487] batman_adv: batadv0: Adding interface: batadv_slave_0
[  292.718261][ T9487] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  292.747132][ T9487] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  292.785312][ T9487] batman_adv: batadv0: Adding interface: batadv_slave_1
[  292.792624][ T9519] nbd6: detected capacity change from 0 to 8589934592
[  292.804156][ T6402] block nbd6: Send control failed (result -89)
[  292.814022][ T9487] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  292.814599][ T6402] block nbd6: Request send failed, requeueing
[  292.849467][ T5856] block nbd6: Receive control failed (result -32)
[  292.851107][ T9487] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  292.856330][   T55] block nbd6: Dead connection, failed to find a fallback
[  292.873082][ T5861] Bluetooth: hci0: command tx timeout
[  292.875528][   T55] block nbd6: shutting down sockets
[  292.886757][ T6402] ldm_validate_partition_table(): Disk read failed.
[  292.894906][ T6402] Dev nbd6: unable to read RDB block 0
[  292.901197][ T6402]  nbd6: unable to read partition table
[  292.976876][ T6402] ldm_validate_partition_table(): Disk read failed.
[  293.004426][ T6402] Dev nbd6: unable to read RDB block 0
[  293.018096][ T6402]  nbd6: unable to read partition table
[  293.263282][ T9527] FAULT_INJECTION: forcing a failure.
[  293.263282][ T9527] name failslab, interval 1, probability 0, space 0, times 0
[  293.276157][ T9527] CPU: 0 UID: 0 PID: 9527 Comm: syz.6.880 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  293.276184][ T9527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  293.276196][ T9527] Call Trace:
[  293.276205][ T9527]  <TASK>
[  293.276213][ T9527]  dump_stack_lvl+0x189/0x250
[  293.276246][ T9527]  ? __pfx____ratelimit+0x10/0x10
[  293.276271][ T9527]  ? __pfx_dump_stack_lvl+0x10/0x10
[  293.276297][ T9527]  ? __pfx__printk+0x10/0x10
[  293.276328][ T9527]  ? __pfx___might_resched+0x10/0x10
[  293.276354][ T9527]  ? fs_reclaim_acquire+0x7d/0x100
[  293.276389][ T9527]  should_fail_ex+0x414/0x560
[  293.276424][ T9527]  should_failslab+0xa8/0x100
[  293.276446][ T9527]  __kmalloc_noprof+0xcb/0x4f0
[  293.276472][ T9527]  ? tomoyo_encode+0x28b/0x550
[  293.276506][ T9527]  tomoyo_encode+0x28b/0x550
[  293.276541][ T9527]  tomoyo_realpath_from_path+0x58d/0x5d0
[  293.276572][ T9527]  ? tomoyo_domain+0xd9/0x130
[  293.276598][ T9527]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  293.276622][ T9527]  tomoyo_path_number_perm+0x1e8/0x5a0
[  293.276651][ T9527]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  293.276697][ T9527]  ? __lock_acquire+0xab9/0xd20
[  293.276743][ T9527]  ? __fget_files+0x2a/0x420
[  293.276769][ T9527]  ? __fget_files+0x2a/0x420
[  293.276789][ T9527]  ? __fget_files+0x3a0/0x420
[  293.276809][ T9527]  ? __fget_files+0x2a/0x420
[  293.276835][ T9527]  security_file_ioctl+0xcb/0x2d0
[  293.276861][ T9527]  __se_sys_ioctl+0x47/0x170
[  293.276892][ T9527]  do_syscall_64+0xfa/0x3b0
[  293.276915][ T9527]  ? lockdep_hardirqs_on+0x9c/0x150
[  293.276938][ T9527]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.276956][ T9527]  ? clear_bhb_loop+0x60/0xb0
[  293.276981][ T9527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.276999][ T9527] RIP: 0033:0x7f3965b8e929
[  293.277017][ T9527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.277034][ T9527] RSP: 002b:00007f3966963038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  293.277055][ T9527] RAX: ffffffffffffffda RBX: 00007f3965db5fa0 RCX: 00007f3965b8e929
[  293.277070][ T9527] RDX: 0000200000000080 RSI: 000000004008ae89 RDI: 0000000000000005
[  293.277082][ T9527] RBP: 00007f3966963090 R08: 0000000000000000 R09: 0000000000000000
[  293.277094][ T9527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  293.277105][ T9527] R13: 0000000000000000 R14: 00007f3965db5fa0 R15: 00007ffe8f53b048
[  293.277138][ T9527]  </TASK>
[  293.277161][ T9527] ERROR: Out of memory at tomoyo_realpath_from_path.
[  293.324866][ T9487] hsr_slave_0: entered promiscuous mode
[  293.540805][ T9487] hsr_slave_1: entered promiscuous mode
[  293.547762][ T9487] debugfs: 'hsr0' already exists in 'hsr'
[  293.553695][ T9487] Cannot create hsr debugfs directory
[  293.765676][ T9530] netlink: 28 bytes leftover after parsing attributes in process `syz.6.881'.
[  293.802864][   T36] bridge_slave_1: left allmulticast mode
[  293.808564][   T36] bridge_slave_1: left promiscuous mode
[  293.815029][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.826908][   T36] bridge_slave_0: left allmulticast mode
[  293.832959][   T36] bridge_slave_0: left promiscuous mode
[  293.838750][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.056097][ T5861] Bluetooth: hci1: command tx timeout
[  294.231461][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  294.246330][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  294.256944][   T36] bond0 (unregistering): Released all slaves
[  294.276273][ T9529] netlink: 28 bytes leftover after parsing attributes in process `syz.6.881'.
[  294.459219][   T36] tipc: Left network mode
[  294.477031][   T36] IPVS: stopping master sync thread 8956 ...
[  294.617882][ T5861] Bluetooth: hci2: command tx timeout
[  294.679306][ T9499] chnl_net:caif_netlink_parms(): no params data found
[  294.930751][ T5861] Bluetooth: hci0: command tx timeout
[  295.184792][ T9513] chnl_net:caif_netlink_parms(): no params data found
[  295.291940][   T36] hsr_slave_0: left promiscuous mode
[  295.311228][   T36] hsr_slave_1: left promiscuous mode
[  295.319371][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  295.357222][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  295.366022][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  295.389077][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  295.440053][   T36] veth1_macvtap: left promiscuous mode
[  295.446389][   T36] veth0_macvtap: left promiscuous mode
[  295.454185][   T36] veth1_vlan: left promiscuous mode
[  295.459578][   T36] veth0_vlan: left promiscuous mode
[  295.628875][ T9565] FAULT_INJECTION: forcing a failure.
[  295.628875][ T9565] name failslab, interval 1, probability 0, space 0, times 0
[  295.641721][ T9565] CPU: 0 UID: 0 PID: 9565 Comm: syz.6.887 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  295.641746][ T9565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  295.641757][ T9565] Call Trace:
[  295.641766][ T9565]  <TASK>
[  295.641774][ T9565]  dump_stack_lvl+0x189/0x250
[  295.641807][ T9565]  ? __pfx____ratelimit+0x10/0x10
[  295.641832][ T9565]  ? __pfx_dump_stack_lvl+0x10/0x10
[  295.641859][ T9565]  ? __pfx__printk+0x10/0x10
[  295.641889][ T9565]  ? __pfx___might_resched+0x10/0x10
[  295.641913][ T9565]  ? fs_reclaim_acquire+0x7d/0x100
[  295.641940][ T9565]  should_fail_ex+0x414/0x560
[  295.641975][ T9565]  should_failslab+0xa8/0x100
[  295.641996][ T9565]  __kmalloc_cache_noprof+0x70/0x3d0
[  295.642023][ T9565]  ? alloc_pipe_info+0xe9/0x4d0
[  295.642046][ T9565]  alloc_pipe_info+0xe9/0x4d0
[  295.642068][ T9565]  splice_direct_to_actor+0xa5d/0xcc0
[  295.642106][ T9565]  ? __pfx_aa_file_perm+0x10/0x10
[  295.642124][ T9565]  ? __lock_acquire+0xab9/0xd20
[  295.642145][ T9565]  ? __pfx_direct_splice_actor+0x10/0x10
[  295.642165][ T9565]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  295.642197][ T9565]  do_splice_direct+0x181/0x270
[  295.642222][ T9565]  ? __pfx_do_splice_direct+0x10/0x10
[  295.642242][ T9565]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  295.642270][ T9565]  ? rw_verify_area+0x258/0x650
[  295.642302][ T9565]  do_sendfile+0x4da/0x7e0
[  295.642337][ T9565]  ? __pfx_do_sendfile+0x10/0x10
[  295.642375][ T9565]  __se_sys_sendfile64+0xd9/0x190
[  295.642401][ T9565]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  295.642421][ T9565]  ? rcu_is_watching+0x15/0xb0
[  295.642451][ T9565]  ? do_syscall_64+0xbe/0x3b0
[  295.642480][ T9565]  do_syscall_64+0xfa/0x3b0
[  295.642502][ T9565]  ? lockdep_hardirqs_on+0x9c/0x150
[  295.642534][ T9565]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.642552][ T9565]  ? clear_bhb_loop+0x60/0xb0
[  295.642577][ T9565]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.642595][ T9565] RIP: 0033:0x7f3965b8e929
[  295.642613][ T9565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  295.642625][ T9565] RSP: 002b:00007f3966963038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  295.642645][ T9565] RAX: ffffffffffffffda RBX: 00007f3965db5fa0 RCX: 00007f3965b8e929
[  295.642659][ T9565] RDX: 0000200000000080 RSI: 0000000000000003 RDI: 0000000000000003
[  295.642670][ T9565] RBP: 00007f3966963090 R08: 0000000000000000 R09: 0000000000000000
[  295.642682][ T9565] R10: 0000000000007f03 R11: 0000000000000246 R12: 0000000000000001
[  295.642695][ T9565] R13: 0000000000000000 R14: 00007f3965db5fa0 R15: 00007ffe8f53b048
[  295.642725][ T9565]  </TASK>
[  296.140665][ T5861] Bluetooth: hci1: command tx timeout
[  296.439621][   T36] team0 (unregistering): Port device team_slave_1 removed
[  296.486412][   T36] team0 (unregistering): Port device team_slave_0 removed
[  296.701129][ T5861] Bluetooth: hci2: command tx timeout
[  297.013233][ T5861] Bluetooth: hci0: command tx timeout
[  297.162598][ T9499] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.169758][ T9499] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.177875][ T9499] bridge_slave_0: entered allmulticast mode
[  297.186228][ T9499] bridge_slave_0: entered promiscuous mode
[  297.201637][ T9499] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.209001][ T9499] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.216454][ T9499] bridge_slave_1: entered allmulticast mode
[  297.224646][ T9499] bridge_slave_1: entered promiscuous mode
[  297.406780][ T9499] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  297.416369][ T9487] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  297.428798][ T9487] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  297.439938][ T9487] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  297.467166][ T9513] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.475801][ T9513] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.483449][ T9513] bridge_slave_0: entered allmulticast mode
[  297.503392][ T9513] bridge_slave_0: entered promiscuous mode
[  297.514386][ T9513] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.521962][ T9513] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.529199][ T9513] bridge_slave_1: entered allmulticast mode
[  297.536906][ T9513] bridge_slave_1: entered promiscuous mode
[  297.547433][ T9499] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  297.593271][ T9487] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  297.665907][ T9582] FAULT_INJECTION: forcing a failure.
[  297.665907][ T9582] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  297.680378][ T9582] CPU: 0 UID: 0 PID: 9582 Comm: syz.6.892 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  297.680406][ T9582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  297.680418][ T9582] Call Trace:
[  297.680426][ T9582]  <TASK>
[  297.680434][ T9582]  dump_stack_lvl+0x189/0x250
[  297.680467][ T9582]  ? __pfx____ratelimit+0x10/0x10
[  297.680492][ T9582]  ? __pfx_dump_stack_lvl+0x10/0x10
[  297.680519][ T9582]  ? __pfx__printk+0x10/0x10
[  297.680561][ T9582]  should_fail_ex+0x414/0x560
[  297.680594][ T9582]  strncpy_from_user+0x36/0x290
[  297.680626][ T9582]  getname_flags+0xf3/0x540
[  297.680655][ T9582]  do_sys_openat2+0xbc/0x1c0
[  297.680683][ T9582]  ? __pfx_do_sys_openat2+0x10/0x10
[  297.680708][ T9582]  ? ksys_write+0x22a/0x250
[  297.680730][ T9582]  ? __pfx_ksys_write+0x10/0x10
[  297.680744][ T9582]  ? rcu_is_watching+0x15/0xb0
[  297.680774][ T9582]  __x64_sys_creat+0x8f/0xc0
[  297.680804][ T9582]  do_syscall_64+0xfa/0x3b0
[  297.680826][ T9582]  ? lockdep_hardirqs_on+0x9c/0x150
[  297.680848][ T9582]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.680868][ T9582]  ? clear_bhb_loop+0x60/0xb0
[  297.680891][ T9582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.680910][ T9582] RIP: 0033:0x7f3965b8e929
[  297.680927][ T9582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.680944][ T9582] RSP: 002b:00007f3966963038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  297.680967][ T9582] RAX: ffffffffffffffda RBX: 00007f3965db5fa0 RCX: 00007f3965b8e929
[  297.680981][ T9582] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000880
[  297.680992][ T9582] RBP: 00007f3966963090 R08: 0000000000000000 R09: 0000000000000000
[  297.681004][ T9582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.681016][ T9582] R13: 0000000000000000 R14: 00007f3965db5fa0 R15: 00007ffe8f53b048
[  297.681047][ T9582]  </TASK>
[  297.687928][ T9499] team0: Port device team_slave_0 added
[  297.897362][ T9513] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  297.945275][ T9513] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  297.966424][ T9499] team0: Port device team_slave_1 added
[  298.027641][ T9592] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  298.037209][ T9592] UDF-fs: Scanning with blocksize 512 failed
[  298.049945][ T9592] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  298.063219][ T9592] UDF-fs: Scanning with blocksize 1024 failed
[  298.069938][ T9592] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  298.078237][ T9592] UDF-fs: Scanning with blocksize 2048 failed
[  298.101413][ T9592] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  298.108936][ T9592] UDF-fs: Scanning with blocksize 4096 failed
[  298.142419][ T9513] team0: Port device team_slave_0 added
[  298.213522][ T5861] Bluetooth: hci1: command tx timeout
[  298.219462][ T9499] batman_adv: batadv0: Adding interface: batadv_slave_0
[  298.241290][ T9499] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  298.268899][ T9499] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  298.298874][ T9513] team0: Port device team_slave_1 added
[  298.315692][ T9499] batman_adv: batadv0: Adding interface: batadv_slave_1
[  298.329380][ T9499] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  298.363561][ T9499] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  298.492951][ T9513] batman_adv: batadv0: Adding interface: batadv_slave_0
[  298.499958][ T9513] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  298.559145][ T9604] FAULT_INJECTION: forcing a failure.
[  298.559145][ T9604] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  298.568585][ T9513] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  298.588251][ T9604] CPU: 0 UID: 0 PID: 9604 Comm: syz.6.896 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  298.588279][ T9604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  298.588290][ T9604] Call Trace:
[  298.588298][ T9604]  <TASK>
[  298.588306][ T9604]  dump_stack_lvl+0x189/0x250
[  298.588337][ T9604]  ? __pfx____ratelimit+0x10/0x10
[  298.588360][ T9604]  ? __pfx_dump_stack_lvl+0x10/0x10
[  298.588387][ T9604]  ? __pfx__printk+0x10/0x10
[  298.588429][ T9604]  should_fail_ex+0x414/0x560
[  298.588464][ T9604]  strncpy_from_user+0x36/0x290
[  298.588496][ T9604]  getname_flags+0xf3/0x540
[  298.588525][ T9604]  __x64_sys_mkdirat+0x7a/0xa0
[  298.588555][ T9604]  do_syscall_64+0xfa/0x3b0
[  298.588578][ T9604]  ? lockdep_hardirqs_on+0x9c/0x150
[  298.588600][ T9604]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.588619][ T9604]  ? clear_bhb_loop+0x60/0xb0
[  298.588643][ T9604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.588662][ T9604] RIP: 0033:0x7f3965b8e929
[  298.588681][ T9604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  298.588698][ T9604] RSP: 002b:00007f3966963038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  298.588720][ T9604] RAX: ffffffffffffffda RBX: 00007f3965db5fa0 RCX: 00007f3965b8e929
[  298.588735][ T9604] RDX: 00000000000001c0 RSI: 0000200000000280 RDI: ffffffffffffff9c
[  298.588747][ T9604] RBP: 00007f3966963090 R08: 0000000000000000 R09: 0000000000000000
[  298.588760][ T9604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  298.588771][ T9604] R13: 0000000000000000 R14: 00007f3965db5fa0 R15: 00007ffe8f53b048
[  298.588804][ T9604]  </TASK>
[  298.770383][ T5861] Bluetooth: hci2: command tx timeout
[  298.842035][ T9513] batman_adv: batadv0: Adding interface: batadv_slave_1
[  298.849115][ T9513] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  298.876482][ T9513] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  298.988837][ T9499] hsr_slave_0: entered promiscuous mode
[  299.009724][ T9499] hsr_slave_1: entered promiscuous mode
[  299.090447][ T5861] Bluetooth: hci0: command tx timeout
[  299.143883][ T9513] hsr_slave_0: entered promiscuous mode
[  299.151127][ T9513] hsr_slave_1: entered promiscuous mode
[  299.157825][ T9513] debugfs: 'hsr0' already exists in 'hsr'
[  299.164303][ T9513] Cannot create hsr debugfs directory
[  299.181654][ T9616] netlink: 20 bytes leftover after parsing attributes in process `syz.6.898'.
[  299.192962][ T9616] netlink: 4 bytes leftover after parsing attributes in process `syz.6.898'.
[  299.818661][ T9487] 8021q: adding VLAN 0 to HW filter on device bond0
[  299.892718][ T9487] 8021q: adding VLAN 0 to HW filter on device team0
[  299.931576][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.938757][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  299.983310][ T9499] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  300.019681][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.026896][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  300.127717][ T9499] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  300.177714][ T9499] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  300.211837][ T9499] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  300.387755][ T9513] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  300.407026][ T9513] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  300.450756][ T9513] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  300.490755][ T9513] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  300.794268][ T9499] 8021q: adding VLAN 0 to HW filter on device bond0
[  300.852275][ T5861] Bluetooth: hci2: command tx timeout
[  300.864636][ T9653] FAULT_INJECTION: forcing a failure.
[  300.864636][ T9653] name failslab, interval 1, probability 0, space 0, times 0
[  300.888134][ T9499] 8021q: adding VLAN 0 to HW filter on device team0
[  300.892106][ T9653] CPU: 0 UID: 0 PID: 9653 Comm: syz.6.901 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  300.892131][ T9653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  300.892141][ T9653] Call Trace:
[  300.892148][ T9653]  <TASK>
[  300.892156][ T9653]  dump_stack_lvl+0x189/0x250
[  300.892185][ T9653]  ? __pfx____ratelimit+0x10/0x10
[  300.892207][ T9653]  ? __pfx_dump_stack_lvl+0x10/0x10
[  300.892230][ T9653]  ? __pfx__printk+0x10/0x10
[  300.892255][ T9653]  ? __pfx___might_resched+0x10/0x10
[  300.892276][ T9653]  ? fs_reclaim_acquire+0x7d/0x100
[  300.892300][ T9653]  should_fail_ex+0x414/0x560
[  300.892329][ T9653]  should_failslab+0xa8/0x100
[  300.892348][ T9653]  __kmalloc_noprof+0xcb/0x4f0
[  300.892371][ T9653]  ? tomoyo_encode+0x28b/0x550
[  300.892400][ T9653]  tomoyo_encode+0x28b/0x550
[  300.892429][ T9653]  tomoyo_realpath_from_path+0x58d/0x5d0
[  300.892455][ T9653]  ? tomoyo_domain+0xd9/0x130
[  300.892477][ T9653]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  300.892507][ T9653]  tomoyo_path_number_perm+0x1e8/0x5a0
[  300.892531][ T9653]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  300.892570][ T9653]  ? __lock_acquire+0xab9/0xd20
[  300.892610][ T9653]  ? __fget_files+0x2a/0x420
[  300.892633][ T9653]  ? __fget_files+0x2a/0x420
[  300.892650][ T9653]  ? __fget_files+0x3a0/0x420
[  300.892668][ T9653]  ? __fget_files+0x2a/0x420
[  300.892690][ T9653]  security_file_ioctl+0xcb/0x2d0
[  300.892712][ T9653]  __se_sys_ioctl+0x47/0x170
[  300.892739][ T9653]  do_syscall_64+0xfa/0x3b0
[  300.892758][ T9653]  ? lockdep_hardirqs_on+0x9c/0x150
[  300.892778][ T9653]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.892794][ T9653]  ? clear_bhb_loop+0x60/0xb0
[  300.892815][ T9653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.892831][ T9653] RIP: 0033:0x7f3965b8e929
[  300.892848][ T9653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.892862][ T9653] RSP: 002b:00007f3966963038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  300.892882][ T9653] RAX: ffffffffffffffda RBX: 00007f3965db5fa0 RCX: 00007f3965b8e929
[  300.892895][ T9653] RDX: 0000000000000000 RSI: 000000004090ae82 RDI: 0000000000000005
[  300.892906][ T9653] RBP: 00007f3966963090 R08: 0000000000000000 R09: 0000000000000000
[  300.892916][ T9653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.892927][ T9653] R13: 0000000000000000 R14: 00007f3965db5fa0 R15: 00007ffe8f53b048
[  300.892955][ T9653]  </TASK>
[  300.893914][ T9653] ERROR: Out of memory at tomoyo_realpath_from_path.
[  301.094805][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.156727][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  301.192982][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.200298][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  301.368410][ T9487] 8021q: adding VLAN 0 to HW filter on device batadv0
[  301.439828][ T9499] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  301.460117][ T9499] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  301.569060][ T9513] 8021q: adding VLAN 0 to HW filter on device bond0
[  301.668774][ T9513] 8021q: adding VLAN 0 to HW filter on device team0
[  301.719244][ T6067] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.726589][ T6067] bridge0: port 1(bridge_slave_0) entered forwarding state
[  301.782158][ T6067] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.789362][ T6067] bridge0: port 2(bridge_slave_1) entered forwarding state
[  301.988409][ T9673] overlayfs: failed to resolve './file0': -2
[  302.256322][ T9499] 8021q: adding VLAN 0 to HW filter on device batadv0
[  302.425630][ T9487] veth0_vlan: entered promiscuous mode
[  302.492089][ T9487] veth1_vlan: entered promiscuous mode
[  302.582474][ T9513] 8021q: adding VLAN 0 to HW filter on device batadv0
[  302.617472][ T9487] veth0_macvtap: entered promiscuous mode
[  302.647411][ T9487] veth1_macvtap: entered promiscuous mode
[  302.714811][ T9487] batman_adv: batadv0: Interface activated: batadv_slave_0
[  302.767213][ T9487] batman_adv: batadv0: Interface activated: batadv_slave_1
[  302.908791][   T49] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  302.943878][   T49] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  302.983236][   T49] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  303.020599][ T9702] netlink: 8 bytes leftover after parsing attributes in process `syz.6.905'.
[  303.026712][   T49] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  303.054109][ T9702] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  303.456765][ T9499] veth0_vlan: entered promiscuous mode
[  303.465576][ T9708] vxfs: WRONG superblock magic 00000000 at 1
[  303.481558][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  303.489510][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  303.495560][ T9708] vxfs: WRONG superblock magic 00000000 at 8
[  303.518953][ T9708] vxfs: can't find superblock.
[  303.634144][ T9499] veth1_vlan: entered promiscuous mode
[  303.713851][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  303.749730][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  303.809347][ T9499] veth0_macvtap: entered promiscuous mode
[  303.843003][ T9513] veth0_vlan: entered promiscuous mode
[  303.862848][ T9499] veth1_macvtap: entered promiscuous mode
[  303.947371][ T9513] veth1_vlan: entered promiscuous mode
[  303.988077][ T9499] batman_adv: batadv0: Interface activated: batadv_slave_0
[  304.031599][ T9715] FAULT_INJECTION: forcing a failure.
[  304.031599][ T9715] name failslab, interval 1, probability 0, space 0, times 0
[  304.084439][ T9715] CPU: 0 UID: 0 PID: 9715 Comm: syz.6.908 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  304.084467][ T9715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  304.084488][ T9715] Call Trace:
[  304.084497][ T9715]  <TASK>
[  304.084506][ T9715]  dump_stack_lvl+0x189/0x250
[  304.084538][ T9715]  ? __pfx____ratelimit+0x10/0x10
[  304.084563][ T9715]  ? __pfx_dump_stack_lvl+0x10/0x10
[  304.084590][ T9715]  ? __pfx__printk+0x10/0x10
[  304.084621][ T9715]  ? __pfx___might_resched+0x10/0x10
[  304.084646][ T9715]  ? fs_reclaim_acquire+0x7d/0x100
[  304.084672][ T9715]  should_fail_ex+0x414/0x560
[  304.084708][ T9715]  should_failslab+0xa8/0x100
[  304.084729][ T9715]  __kmalloc_noprof+0xcb/0x4f0
[  304.084756][ T9715]  ? tomoyo_encode+0x28b/0x550
[  304.084791][ T9715]  tomoyo_encode+0x28b/0x550
[  304.084826][ T9715]  tomoyo_realpath_from_path+0x58d/0x5d0
[  304.084858][ T9715]  ? tomoyo_domain+0xd9/0x130
[  304.084883][ T9715]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  304.084908][ T9715]  tomoyo_path_number_perm+0x1e8/0x5a0
[  304.084937][ T9715]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  304.084983][ T9715]  ? __lock_acquire+0xab9/0xd20
[  304.085029][ T9715]  ? __fget_files+0x2a/0x420
[  304.085055][ T9715]  ? __fget_files+0x2a/0x420
[  304.085074][ T9715]  ? __fget_files+0x3a0/0x420
[  304.085094][ T9715]  ? __fget_files+0x2a/0x420
[  304.085121][ T9715]  security_file_ioctl+0xcb/0x2d0
[  304.085148][ T9715]  __se_sys_ioctl+0x47/0x170
[  304.085179][ T9715]  do_syscall_64+0xfa/0x3b0
[  304.085203][ T9715]  ? lockdep_hardirqs_on+0x9c/0x150
[  304.085225][ T9715]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.085243][ T9715]  ? clear_bhb_loop+0x60/0xb0
[  304.085267][ T9715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.085286][ T9715] RIP: 0033:0x7f3965b8e929
[  304.085304][ T9715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  304.085320][ T9715] RSP: 002b:00007f3966963038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  304.085342][ T9715] RAX: ffffffffffffffda RBX: 00007f3965db5fa0 RCX: 00007f3965b8e929
[  304.085356][ T9715] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  304.085368][ T9715] RBP: 00007f3966963090 R08: 0000000000000000 R09: 0000000000000000
[  304.085381][ T9715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  304.085392][ T9715] R13: 0000000000000000 R14: 00007f3965db5fa0 R15: 00007ffe8f53b048
[  304.085425][ T9715]  </TASK>
[  304.085448][ T9715] ERROR: Out of memory at tomoyo_realpath_from_path.
[  304.242508][ T9499] batman_adv: batadv0: Interface activated: batadv_slave_1
[  304.370676][    T9] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  304.395383][ T9513] veth0_macvtap: entered promiscuous mode
[  304.415811][ T6069] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  304.425047][ T6069] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  304.446617][ T9513] veth1_macvtap: entered promiscuous mode
[  304.482442][ T6069] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  304.496712][ T6069] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  304.563275][    T9] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  304.573722][    T9] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  304.605945][ T9513] batman_adv: batadv0: Interface activated: batadv_slave_0
[  304.623007][    T9] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  304.632336][    T9] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  304.644309][    T9] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  304.663034][    T9] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  304.680731][    T9] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  304.688865][    T9] usb 8-1: Product: syz
[  304.703493][    T9] usb 8-1: Manufacturer: syz
[  304.714901][ T9513] batman_adv: batadv0: Interface activated: batadv_slave_1
[  304.724647][    T9] cdc_wdm 8-1:1.0: skipping garbage
[  304.747619][    T9] cdc_wdm 8-1:1.0: skipping garbage
[  304.799710][    T9] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  304.836160][    T9] cdc_wdm 8-1:1.0: Unknown control protocol
[  304.884077][   T13] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  304.912896][   T13] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  304.940151][ T9717] netlink: 20 bytes leftover after parsing attributes in process `syz.7.866'.
[  304.951849][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.963336][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  305.005940][   T13] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  305.039729][ T5949] usb 8-1: USB disconnect, device number 2
[  305.044315][   T13] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  305.137648][ T9738] FAULT_INJECTION: forcing a failure.
[  305.137648][ T9738] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  305.172127][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  305.182059][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  305.198252][ T9738] CPU: 0 UID: 0 PID: 9738 Comm: syz.6.911 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  305.198291][ T9738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  305.198304][ T9738] Call Trace:
[  305.198312][ T9738]  <TASK>
[  305.198322][ T9738]  dump_stack_lvl+0x189/0x250
[  305.198354][ T9738]  ? __pfx____ratelimit+0x10/0x10
[  305.198379][ T9738]  ? __pfx_dump_stack_lvl+0x10/0x10
[  305.198405][ T9738]  ? __pfx__printk+0x10/0x10
[  305.198447][ T9738]  should_fail_ex+0x414/0x560
[  305.198481][ T9738]  _copy_to_user+0x31/0xb0
[  305.198511][ T9738]  simple_read_from_buffer+0xe1/0x170
[  305.198543][ T9738]  proc_fail_nth_read+0x1df/0x250
[  305.198572][ T9738]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  305.198600][ T9738]  ? rw_verify_area+0x258/0x650
[  305.198620][ T9738]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  305.198641][ T9738]  vfs_read+0x200/0x980
[  305.198658][ T9738]  ? __pfx___mutex_lock+0x10/0x10
[  305.198679][ T9738]  ? __pfx_vfs_read+0x10/0x10
[  305.198701][ T9738]  ? __fget_files+0x2a/0x420
[  305.198726][ T9738]  ? __fget_files+0x3a0/0x420
[  305.198745][ T9738]  ? __fget_files+0x2a/0x420
[  305.198774][ T9738]  ksys_read+0x145/0x250
[  305.198796][ T9738]  ? __pfx_ksys_read+0x10/0x10
[  305.198811][ T9738]  ? rcu_is_watching+0x15/0xb0
[  305.198842][ T9738]  ? do_syscall_64+0xbe/0x3b0
[  305.198869][ T9738]  do_syscall_64+0xfa/0x3b0
[  305.198894][ T9738]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.198911][ T9738]  ? asm_sysvec_call_function_single+0x1a/0x20
[  305.198930][ T9738]  ? clear_bhb_loop+0x60/0xb0
[  305.198953][ T9738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.198971][ T9738] RIP: 0033:0x7f3965b8d33c
[  305.198989][ T9738] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  305.199004][ T9738] RSP: 002b:00007f3966963030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  305.199026][ T9738] RAX: ffffffffffffffda RBX: 00007f3965db5fa0 RCX: 00007f3965b8d33c
[  305.199039][ T9738] RDX: 000000000000000f RSI: 00007f39669630a0 RDI: 0000000000000005
[  305.199051][ T9738] RBP: 00007f3966963090 R08: 0000000000000000 R09: 0000000000000000
[  305.199062][ T9738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  305.199073][ T9738] R13: 0000000000000000 R14: 00007f3965db5fa0 R15: 00007ffe8f53b048
[  305.199101][ T9738]  </TASK>
[  305.571819][ T6069] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  305.636845][ T6069] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  305.806460][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  305.856592][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  306.064498][ T9754] netlink: 28 bytes leftover after parsing attributes in process `syz.8.869'.
[  306.083685][ T9752] FAULT_INJECTION: forcing a failure.
[  306.083685][ T9752] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  306.137902][ T9752] CPU: 1 UID: 0 PID: 9752 Comm: syz.8.869 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  306.137930][ T9752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  306.137941][ T9752] Call Trace:
[  306.137949][ T9752]  <TASK>
[  306.137958][ T9752]  dump_stack_lvl+0x189/0x250
[  306.137989][ T9752]  ? __pfx____ratelimit+0x10/0x10
[  306.138013][ T9752]  ? __pfx_dump_stack_lvl+0x10/0x10
[  306.138037][ T9752]  ? __pfx__printk+0x10/0x10
[  306.138062][ T9752]  ? __might_fault+0xb0/0x130
[  306.138099][ T9752]  should_fail_ex+0x414/0x560
[  306.138131][ T9752]  _copy_to_iter+0x3f5/0x16f0
[  306.138167][ T9752]  ? __pfx__copy_to_iter+0x10/0x10
[  306.138187][ T9752]  ? __skb_try_recv_from_queue+0x2b2/0x730
[  306.138219][ T9752]  ? __skb_try_recv_datagram+0x3da/0x4e0
[  306.138254][ T9752]  __skb_datagram_iter+0xf8/0x990
[  306.138274][ T9752]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  306.138302][ T9752]  skb_copy_datagram_iter+0xc5/0x230
[  306.138324][ T9752]  netlink_recvmsg+0x2ab/0xa30
[  306.138367][ T9752]  ? __pfx_netlink_recvmsg+0x10/0x10
[  306.138396][ T9752]  ? aa_sock_msg_perm+0xf1/0x1d0
[  306.138425][ T9752]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  306.138445][ T9752]  ? security_socket_recvmsg+0x7e/0x2e0
[  306.138464][ T9752]  ? __pfx_netlink_recvmsg+0x10/0x10
[  306.138485][ T9752]  sock_recvmsg+0x229/0x270
[  306.138517][ T9752]  ____sys_recvmsg+0x1c9/0x460
[  306.138552][ T9752]  ? __pfx_____sys_recvmsg+0x10/0x10
[  306.138595][ T9752]  ? import_iovec+0x74/0xa0
[  306.138625][ T9752]  ___sys_recvmsg+0x1b5/0x510
[  306.138659][ T9752]  ? __pfx____sys_recvmsg+0x10/0x10
[  306.138714][ T9752]  ? __fget_files+0x3a0/0x420
[  306.138749][ T9752]  __x64_sys_recvmsg+0x198/0x260
[  306.138779][ T9752]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  306.138815][ T9752]  ? __pfx_ksys_write+0x10/0x10
[  306.138830][ T9752]  ? rcu_is_watching+0x15/0xb0
[  306.138859][ T9752]  ? do_syscall_64+0xbe/0x3b0
[  306.138888][ T9752]  do_syscall_64+0xfa/0x3b0
[  306.138909][ T9752]  ? lockdep_hardirqs_on+0x9c/0x150
[  306.138931][ T9752]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.138949][ T9752]  ? clear_bhb_loop+0x60/0xb0
[  306.138973][ T9752]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.138990][ T9752] RIP: 0033:0x7f63d818e929
[  306.139007][ T9752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  306.139021][ T9752] RSP: 002b:00007f63d8f1d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  306.139042][ T9752] RAX: ffffffffffffffda RBX: 00007f63d83b5fa0 RCX: 00007f63d818e929
[  306.139056][ T9752] RDX: 0000000040000100 RSI: 0000200000000040 RDI: 0000000000000003
[  306.139069][ T9752] RBP: 00007f63d8f1d090 R08: 0000000000000000 R09: 0000000000000000
[  306.139080][ T9752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  306.139092][ T9752] R13: 0000000000000000 R14: 00007f63d83b5fa0 R15: 00007ffe14433cb8
[  306.139123][ T9752]  </TASK>
[  306.139215][ T9752] netlink: 28 bytes leftover after parsing attributes in process `syz.8.869'.
[  306.500488][ T5894] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  306.644163][ T9771] syz.9.872: attempt to access beyond end of device
[  306.644163][ T9771] nbd9: rw=0, sector=64, nr_sectors = 1 limit=0
[  306.661047][ T5894] usb 8-1: Using ep0 maxpacket: 8
[  306.686154][ T9770] FAULT_INJECTION: forcing a failure.
[  306.686154][ T9770] name failslab, interval 1, probability 0, space 0, times 0
[  306.702600][ T5894] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  306.711218][ T9771] ------------[ cut here ]------------
[  306.719256][ T9771] WARNING: fs/buffer.c:1125 at bdev_getblk+0x580/0x660, CPU#0: syz.9.872/9771
[  306.728895][ T9771] Modules linked in:
[  306.733901][ T9771] CPU: 0 UID: 0 PID: 9771 Comm: syz.9.872 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  306.747273][ T9771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  306.759199][ T9771] RIP: 0010:bdev_getblk+0x580/0x660
[  306.759540][ T5894] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  306.765879][ T9771] Code: 26 fb ff ff e8 c1 0b 78 ff 48 c7 c7 a0 32 ba 8b 48 c7 c6 9f 80 cd 8d 4c 89 fa 4c 89 e9 e8 b8 a6 df fe eb bd e8 a1 0b 78 ff 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 41 80 3c 07 00 74 08 48 89
[  306.775358][ T5894] usb 8-1: New USB device found, idVendor=2179, idProduct=0053, bcdDevice= 0.00
[  306.795985][ T9771] RSP: 0018:ffffc90004fef6b0 EFLAGS: 00010202
[  306.811696][ T9771] RAX: ffffffff8247f9bf RBX: ffff888148c19718 RCX: ffff888030593c00
[  306.820320][ T9771] RDX: 0000000000000003 RSI: 0000000000000200 RDI: 0000000000000000
[  306.821572][ T9770] CPU: 1 UID: 0 PID: 9770 Comm: syz.8.916 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  306.821607][ T9770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  306.821618][ T9770] Call Trace:
[  306.821626][ T9770]  <TASK>
[  306.821633][ T9770]  dump_stack_lvl+0x189/0x250
[  306.821662][ T9770]  ? __pfx____ratelimit+0x10/0x10
[  306.821683][ T9770]  ? __pfx_dump_stack_lvl+0x10/0x10
[  306.821706][ T9770]  ? __pfx__printk+0x10/0x10
[  306.821731][ T9770]  ? __pfx___might_resched+0x10/0x10
[  306.821752][ T9770]  ? fs_reclaim_acquire+0x7d/0x100
[  306.821776][ T9770]  should_fail_ex+0x414/0x560
[  306.821806][ T9770]  should_failslab+0xa8/0x100
[  306.821824][ T9770]  __kmalloc_noprof+0xcb/0x4f0
[  306.821846][ T9770]  ? tomoyo_encode+0x28b/0x550
[  306.821875][ T9770]  tomoyo_encode+0x28b/0x550
[  306.821905][ T9770]  tomoyo_realpath_from_path+0x58d/0x5d0
[  306.821930][ T9770]  ? tomoyo_domain+0xd9/0x130
[  306.821953][ T9770]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  306.821974][ T9770]  tomoyo_path_number_perm+0x1e8/0x5a0
[  306.821998][ T9770]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  306.822037][ T9770]  ? __lock_acquire+0xab9/0xd20
[  306.822077][ T9770]  ? __fget_files+0x2a/0x420
[  306.822100][ T9770]  ? __fget_files+0x2a/0x420
[  306.822117][ T9770]  ? __fget_files+0x3a0/0x420
[  306.822134][ T9770]  ? __fget_files+0x2a/0x420
[  306.822156][ T9770]  security_file_ioctl+0xcb/0x2d0
[  306.822179][ T9770]  __se_sys_ioctl+0x47/0x170
[  306.822207][ T9770]  do_syscall_64+0xfa/0x3b0
[  306.822227][ T9770]  ? lockdep_hardirqs_on+0x9c/0x150
[  306.822246][ T9770]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.822262][ T9770]  ? clear_bhb_loop+0x60/0xb0
[  306.822284][ T9770]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.822300][ T9770] RIP: 0033:0x7f63d818e929
[  306.822316][ T9770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  306.822335][ T9770] RSP: 002b:00007f63d8f1d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  306.822356][ T9770] RAX: ffffffffffffffda RBX: 00007f63d83b5fa0 RCX: 00007f63d818e929
[  306.822368][ T9770] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  306.822379][ T9770] RBP: 00007f63d8f1d090 R08: 0000000000000000 R09: 0000000000000000
[  306.822390][ T9770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  306.822400][ T9770] R13: 0000000000000000 R14: 00007f63d83b5fa0 R15: 00007ffe14433cb8
[  306.822429][ T9770]  </TASK>
[  306.822477][ T9770] ERROR: Out of memory at tomoyo_realpath_from_path.
[  306.828337][ T9771] RBP: 0000000000000200 R08: 0000000000002f9d R09: 0000000000400000
[  306.828358][ T9771] R10: 000000000005f3a8 R11: ffffc9000c6a2000 R12: ffff888148c1a068
[  306.828376][ T9771] R13: ffff888148c19700 R14: 0000000000000200 R15: 1ffff110291832e3
[  306.863671][ T5894] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.907887][ T5894] usb 8-1: config 0 descriptor??
[  306.911259][ T9771] FS:  00007efc439b16c0(0000) GS:ffff88812579c000(0000) knlGS:0000000000000000
[  306.911290][ T9771] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  306.911308][ T9771] CR2: 00007f1e05ecb000 CR3: 0000000072ec6000 CR4: 00000000003526f0
[  306.911330][ T9771] DR0: 0000000000000000 DR1: 0000000000000b5f DR2: 0000000000003706
[  306.911345][ T9771] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  306.911361][ T9771] Call Trace:
[  306.911372][ T9771]  <TASK>
[  306.911396][ T9771]  __bread_gfp+0x89/0x3c0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  306.911432][ T9771]  udf_read_tagged+0xad/0xe00
[  307.040338][ T5919] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  307.041207][ T9771]  udf_check_anchor_block+0x99/0x550
[  307.204705][ T9771]  ? udf_get_last_block+0x286/0x360
[  307.209968][ T9771]  ? __pfx_udf_check_anchor_block+0x10/0x10
[  307.215975][ T9771]  ? __bread_gfp+0x340/0x3c0
[  307.220809][ T9771]  udf_load_vrs+0x6e3/0xf20
[  307.225385][ T9771]  ? __pfx_udf_load_vrs+0x10/0x10
[  307.230610][ T9771]  ? udf_get_last_session+0x100/0x200
[  307.236034][ T9771]  ? __pfx_udf_get_last_session+0x10/0x10
[  307.242076][ T9771]  udf_fill_super+0x5ad/0x17a0
[  307.246896][ T9771]  ? __pfx_udf_fill_super+0x10/0x10
[  307.252723][ T9771]  ? set_blocksize+0x21e/0x500
[  307.257646][ T9771]  ? sb_set_blocksize+0x104/0x180
[  307.262804][ T9771]  ? setup_bdev_super+0x4c1/0x5b0
[  307.267873][ T9771]  get_tree_bdev_flags+0x40e/0x4d0
[  307.274062][ T9771]  ? __pfx_udf_fill_super+0x10/0x10
[  307.279311][ T9771]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  307.285824][ T9771]  vfs_get_tree+0x8f/0x2b0
[  307.290321][ T9771]  do_new_mount+0x2a2/0x9e0
[  307.294868][ T9771]  ? ns_capable+0x8a/0xf0
[  307.299330][ T9771]  ? __pfx_do_new_mount+0x10/0x10
[  307.304453][ T9771]  ? path_mount+0x61c/0xfe0
[  307.308994][ T9771]  ? user_path_at+0x44/0x60
[  307.313612][ T9771]  __se_sys_mount+0x317/0x410
[  307.318337][ T9771]  ? __pfx___se_sys_mount+0x10/0x10
[  307.323646][ T9771]  ? do_syscall_64+0xbe/0x3b0
[  307.328478][ T9771]  ? __x64_sys_mount+0x20/0xc0
[  307.333364][ T9771]  do_syscall_64+0xfa/0x3b0
[  307.337912][ T9771]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.343247][ T9771]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.349354][ T9771]  ? clear_bhb_loop+0x60/0xb0
[  307.354130][ T9771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.360106][ T9771] RIP: 0033:0x7efc42b8e929
[  307.364717][ T9771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.385551][ T9771] RSP: 002b:00007efc439b1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  307.395036][ T9771] RAX: ffffffffffffffda RBX: 00007efc42db6160 RCX: 00007efc42b8e929
[  307.403110][ T9771] RDX: 0000200000000080 RSI: 0000200000004a00 RDI: 0000200000000000
[  307.412578][ T9771] RBP: 00007efc42c10b39 R08: 0000000000000000 R09: 0000000000000000
[  307.420990][ T9771] R10: 0000000002008087 R11: 0000000000000246 R12: 0000000000000000
[  307.429009][ T9771] R13: 0000000000000001 R14: 00007efc42db6160 R15: 00007ffe37890fc8
[  307.437114][ T9771]  </TASK>
[  307.440400][ T9771] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  307.447801][ T9771] CPU: 0 UID: 0 PID: 9771 Comm: syz.9.872 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) 
[  307.459297][ T9771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  307.469484][ T9771] Call Trace:
[  307.472796][ T9771]  <TASK>
[  307.475761][ T9771]  dump_stack_lvl+0x99/0x250
[  307.480404][ T9771]  ? __asan_memcpy+0x40/0x70
[  307.485025][ T9771]  ? __pfx_dump_stack_lvl+0x10/0x10
[  307.490266][ T9771]  ? __pfx__printk+0x10/0x10
[  307.494921][ T9771]  panic+0x2e2/0x7b0
[  307.498864][ T9771]  ? __pfx_panic+0x10/0x10
[  307.503498][ T9771]  __warn+0x334/0x4c0
[  307.507510][ T9771]  ? bdev_getblk+0x580/0x660
[  307.512151][ T9771]  ? bdev_getblk+0x580/0x660
[  307.516772][ T9771]  report_bug+0x2be/0x4f0
[  307.521133][ T9771]  ? bdev_getblk+0x580/0x660
[  307.525756][ T9771]  ? bdev_getblk+0x580/0x660
[  307.530374][ T9771]  ? bdev_getblk+0x582/0x660
[  307.534994][ T9771]  handle_bug+0x84/0x160
[  307.539365][ T9771]  exc_invalid_op+0x1a/0x50
[  307.543908][ T9771]  asm_exc_invalid_op+0x1a/0x20
[  307.548801][ T9771] RIP: 0010:bdev_getblk+0x580/0x660
[  307.554029][ T9771] Code: 26 fb ff ff e8 c1 0b 78 ff 48 c7 c7 a0 32 ba 8b 48 c7 c6 9f 80 cd 8d 4c 89 fa 4c 89 e9 e8 b8 a6 df fe eb bd e8 a1 0b 78 ff 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 41 80 3c 07 00 74 08 48 89
[  307.573925][ T9771] RSP: 0018:ffffc90004fef6b0 EFLAGS: 00010202
[  307.580035][ T9771] RAX: ffffffff8247f9bf RBX: ffff888148c19718 RCX: ffff888030593c00
[  307.588127][ T9771] RDX: 0000000000000003 RSI: 0000000000000200 RDI: 0000000000000000
[  307.596231][ T9771] RBP: 0000000000000200 R08: 0000000000002f9d R09: 0000000000400000
[  307.604250][ T9771] R10: 000000000005f3a8 R11: ffffc9000c6a2000 R12: ffff888148c1a068
[  307.612446][ T9771] R13: ffff888148c19700 R14: 0000000000000200 R15: 1ffff110291832e3
[  307.620510][ T9771]  ? bdev_getblk+0x57f/0x660
[  307.625252][ T9771]  __bread_gfp+0x89/0x3c0
[  307.629684][ T9771]  udf_read_tagged+0xad/0xe00
[  307.634427][ T9771]  udf_check_anchor_block+0x99/0x550
[  307.639775][ T9771]  ? udf_get_last_block+0x286/0x360
[  307.645017][ T9771]  ? __pfx_udf_check_anchor_block+0x10/0x10
[  307.650969][ T9771]  ? __bread_gfp+0x340/0x3c0
[  307.655602][ T9771]  udf_load_vrs+0x6e3/0xf20
[  307.660272][ T9771]  ? __pfx_udf_load_vrs+0x10/0x10
[  307.665430][ T9771]  ? udf_get_last_session+0x100/0x200
[  307.670836][ T9771]  ? __pfx_udf_get_last_session+0x10/0x10
[  307.676600][ T9771]  udf_fill_super+0x5ad/0x17a0
[  307.681415][ T9771]  ? __pfx_udf_fill_super+0x10/0x10
[  307.687050][ T9771]  ? set_blocksize+0x21e/0x500
[  307.691864][ T9771]  ? sb_set_blocksize+0x104/0x180
[  307.697286][ T9771]  ? setup_bdev_super+0x4c1/0x5b0
[  307.702352][ T9771]  get_tree_bdev_flags+0x40e/0x4d0
[  307.707520][ T9771]  ? __pfx_udf_fill_super+0x10/0x10
[  307.712893][ T9771]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  307.718672][ T9771]  vfs_get_tree+0x8f/0x2b0
[  307.723128][ T9771]  do_new_mount+0x2a2/0x9e0
[  307.728018][ T9771]  ? ns_capable+0x8a/0xf0
[  307.732386][ T9771]  ? __pfx_do_new_mount+0x10/0x10
[  307.737447][ T9771]  ? path_mount+0x61c/0xfe0
[  307.741985][ T9771]  ? user_path_at+0x44/0x60
[  307.746540][ T9771]  __se_sys_mount+0x317/0x410
[  307.751279][ T9771]  ? __pfx___se_sys_mount+0x10/0x10
[  307.756529][ T9771]  ? do_syscall_64+0xbe/0x3b0
[  307.761248][ T9771]  ? __x64_sys_mount+0x20/0xc0
[  307.766146][ T9771]  do_syscall_64+0xfa/0x3b0
[  307.770693][ T9771]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.775916][ T9771]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.782000][ T9771]  ? clear_bhb_loop+0x60/0xb0
[  307.786684][ T9771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.792583][ T9771] RIP: 0033:0x7efc42b8e929
[  307.797001][ T9771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.816702][ T9771] RSP: 002b:00007efc439b1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  307.825220][ T9771] RAX: ffffffffffffffda RBX: 00007efc42db6160 RCX: 00007efc42b8e929
[  307.833197][ T9771] RDX: 0000200000000080 RSI: 0000200000004a00 RDI: 0000200000000000
[  307.841364][ T9771] RBP: 00007efc42c10b39 R08: 0000000000000000 R09: 0000000000000000
[  307.849339][ T9771] R10: 0000000002008087 R11: 0000000000000246 R12: 0000000000000000
[  307.857348][ T9771] R13: 0000000000000001 R14: 00007efc42db6160 R15: 00007ffe37890fc8
[  307.865363][ T9771]  </TASK>
[  307.868696][ T9771] Kernel Offset: disabled
[  307.873015][ T9771] Rebooting in 86400 seconds..