last executing test programs:

39.396624232s ago: executing program 1 (id=507):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r2 = fsopen(&(0x7f0000000180)='hfsplus\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='c:::\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000040)='source', &(0x7f0000000080)='source', 0x0)
close(r1)
socket(0x1d, 0x2, 0x6)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x8000, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}})
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1f984a1d, 0x202812, r0, 0x7dfff000)
mprotect(&(0x7f0000787000/0x1000)=nil, 0x1000, 0x2)

38.446940249s ago: executing program 1 (id=514):
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
preadv2(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0xffe00}], 0x5, 0x0, 0x0, 0x1f)
write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x0, 0x5})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
close(0x3)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f0000000480)={0x2020}, 0x2020)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r3, &(0x7f0000000000)={{0x6, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0xa}, [@null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]}, 0x48)
r4 = dup(r0)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x40}}, 0x18)
mkdir(0x0, 0x100)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000280)="d8000000140081054e81f782db44b9040a1d08020a000000040000a118000200fe80000000000e1208000f0100a10401a80016eaa4000640fefffffffffeffffb94dcf5c0461c1d67f6f94007134cf6ee08002a0e408e8d8ef075c817bd6c496ddffaa2795edb1e61e0100000000000000cb090000001fb791643a5ee4001b14547df36745d6d930dfe1d9d322fe7c9fd68775730d96a4683f5aeb4edbb57a5025ccca9e00158c89ed6cb4d1ac95e7765e04c2360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b4", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$sock_int(r6, 0x1, 0x200000010, &(0x7f0000000000)=0x9, 0x4)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000140)=ANY=[])
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x40001, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r7, 0x3ba0, &(0x7f00000024c0)={0x48, 0x2, r8})
ioctl$IOMMU_IOAS_MAP$PAGES(r7, 0x3b85, &(0x7f0000000040)={0x28, 0x2, r8, 0x0, &(0x7f0000ffe000/0x1000)=nil, 0x1000, 0xab1a})

38.06361438s ago: executing program 1 (id=517):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SOUND_MIXER_WRITE_RECSRC(r0, 0x541b, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x3a, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0x13)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000880), 0x2, 0x0)
ioctl$TCSETS2(r2, 0x402c542b, &(0x7f0000000000)={0x6, 0xfffffff8, 0x1da0, 0x0, 0x0, "42f46749a2ed195a14cc4951dc7e8e5aec7776", 0x100000, 0xfdfdffff})
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="0a000000bbbbbbbbbbbbaaaaaaaaaabb86dd6d002000001084ff00000000000000000000000000000008ff020000000000000000000000000001"], 0x4a)

37.922555238s ago: executing program 1 (id=519):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x12b)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='configfs\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
move_mount(r1, &(0x7f0000000580)='./file0/../file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file0/file0\x00', 0x100)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r2, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

37.29656653s ago: executing program 1 (id=521):
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x1d}, "b3f587fabc82875c8f6b8223810377ab3d445489fad5d4a8103a49173d"}, 0x21)
syz_emit_vhci(&(0x7f00000002c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_ecred_reconf_rsp={{0x1a, 0x6, 0x2}, {0x2}}}}, 0xf)
syz_clone(0x0, &(0x7f00000006c0)="b395519bc77339ca883056b6f5b9840fdbcc2c7bb003565d36a3b083f512bf60d43655a2c11754ef1c4537d5dbbb159fa8b88efd8efc93c8074207e4f33919b15cde6687f4f9bd3e2d41ee6512bbfcfb03666a24e77c0065c50cf5b7c4b0620c2b55a41691e334988997441222cfec899cc29168", 0x74, &(0x7f0000000740), &(0x7f0000000780), &(0x7f00000007c0)="d15dcf0da6e6e2b94df84916")

36.69769141s ago: executing program 1 (id=526):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x382, 0x0)
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
preadv(r1, &(0x7f0000001b00)=[{&(0x7f00000009c0)=""/239, 0xef}], 0x1, 0x2, 0x0)
fsetxattr$security_ima(r0, &(0x7f0000000000), &(0x7f0000000080)=ANY=[@ANYBLOB="04"], 0x2, 0x2)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000080)={0x0, 0x3})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)='\x00', 0x1}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000300), 0x0)
sendmmsg$unix(r2, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)='+', 0x1}], 0x1, &(0x7f0000000880)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}}], 0x1, 0x11)
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r3, 0x8916, &(0x7f0000001180)={'erspan0\x00', {0x2, 0x4e22, @rand_addr=0x64010102}})

36.430057517s ago: executing program 32 (id=526):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x382, 0x0)
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
preadv(r1, &(0x7f0000001b00)=[{&(0x7f00000009c0)=""/239, 0xef}], 0x1, 0x2, 0x0)
fsetxattr$security_ima(r0, &(0x7f0000000000), &(0x7f0000000080)=ANY=[@ANYBLOB="04"], 0x2, 0x2)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000080)={0x0, 0x3})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)='\x00', 0x1}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000300), 0x0)
sendmmsg$unix(r2, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)='+', 0x1}], 0x1, &(0x7f0000000880)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}}], 0x1, 0x11)
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r3, 0x8916, &(0x7f0000001180)={'erspan0\x00', {0x2, 0x4e22, @rand_addr=0x64010102}})

7.933322006s ago: executing program 3 (id=760):
r0 = socket$netlink(0x10, 0x3, 0xc)
writev(r0, &(0x7f0000019440)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80ffe0090f000060000000a2bc5603ca00000f7f89000000200000004a2471083ec6991778581acb6c0101ff0000000309", 0x48}], 0x1)

7.2832755s ago: executing program 3 (id=763):
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
preadv2(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0xffe00}], 0x5, 0x0, 0x0, 0x1f)
write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x0, 0x5})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
close(0x3)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f0000000480)={0x2020}, 0x2020)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r3, &(0x7f0000000000)={{0x6, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0xa}, [@null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]}, 0x48)
r4 = dup(r0)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x40}}, 0x18)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x100)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000280)="d8000000140081054e81f782db44b9040a1d08020a000000040000a118000200fe80000000000e1208000f0100a10401a80016eaa4000640fefffffffffeffffb94dcf5c0461c1d67f6f94007134cf6ee08002a0e408e8d8ef075c817bd6c496ddffaa2795edb1e61e0100000000000000cb090000001fb791643a5ee4001b14547df36745d6d930dfe1d9d322fe7c9fd68775730d96a4683f5aeb4edbb57a5025ccca9e00158c89ed6cb4d1ac95e7765e04c2360db70100000040fad9", 0xbd}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$sock_int(r6, 0x1, 0x200000010, &(0x7f0000000000)=0x9, 0x4)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000140)=ANY=[])
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x40001, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r7, 0x3ba0, &(0x7f00000024c0)={0x48, 0x2, r8})
ioctl$IOMMU_IOAS_MAP$PAGES(r7, 0x3b85, &(0x7f0000000040)={0x28, 0x2, r8, 0x0, &(0x7f0000ffe000/0x1000)=nil, 0x1000, 0xab1a})

6.710452056s ago: executing program 3 (id=765):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x20}}, 0x0)
r0 = syz_usb_connect$hid(0x1, 0x36, &(0x7f0000000580)=ANY=[@ANYBLOB="1201000200000008d90467a000000000000109022400010000a02009040006010300020009210000000122080009058103"], 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x3, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, 0x0)
ioctl$TUNGETIFF(r1, 0x800454d2, &(0x7f0000000100)={'rose0\x00'})
syz_usb_connect(0x4, 0x3fe, &(0x7f00000005c0)={{0x12, 0x1, 0x310, 0x10, 0x7, 0x19, 0xff, 0xccd, 0x10ad, 0x3217, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3ec, 0x1, 0x9, 0x4, 0x80, 0x1, [{{0x9, 0x4, 0x9, 0xf, 0xa, 0xe8, 0x1, 0xf8, 0x40, [], [{{0x9, 0x5, 0x3, 0x10, 0x20, 0xb3, 0x55, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x3, 0x8db3}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0xff, 0x6}]}}, {{0x9, 0x5, 0x5, 0x10, 0x8, 0x7, 0x3, 0xb, [@generic={0xd4, 0x23, "3d8837172d72bbd5d83c768f13fcfb2e7585aff4b9118533514c8ca4aa418aada7f76116c043a8f2be6a265cb00c29ef6518ae8a9837f8b621922d69cc33b61bf5600fc15228694b5a68f193de1f8b784ac37363a12dcea5d4342d44c19bf5d7705f503bb3900ea0e77f1eeb4b4c4dda3f799134ed101f8845d1e13de24e39e85bc2a58e78e6b7164ca915067db26bc739d50052e0bc460450d8006b6ed622a1e9967bc5905dffad80ec8a3a13ba98f13242aafc28e91107f49dd9a0f70ba778d94e04ed2813d45b28300e81ac2cdcb70bb9"}]}}, {{0x9, 0x5, 0xb, 0x0, 0x40, 0x6, 0x9c, 0xb, [@generic={0xd3, 0x5, "3745751e57f6e0a14dc6f28bab12ac15a2fb95cca8e5cebf246c3ec26545a766522009a64d3eed43fbd4a712308c95d945e801b4cf8429df4d71f8ecb952ae1f65ca0779650394c15d74ca4e908fe6aa792549fa866e97317ac520c54b7001ea6b7b6b603b8830eef0b23a8e80d109cfc3435a11adc977f67071874e051cec490b575f8313d1eda05c8280768395d6d0f93468052d486c45630097f0cdd15f0d4b6e4f5e8469aee397925efbbc8917fc6f1b59e7ddabb464a61e4624ae3396f105c782c78c6ac59d67bde976fac36ab540"}]}}, {{0x9, 0x5, 0x4, 0x0, 0x40, 0x9, 0x4, 0x5, [@generic={0xb3, 0x11, "049222fb6250a5c415b1ba2c1a2a80a5adb178f34b4ae60a13aa2394290382d81f54eac179db7119ea74f83659a5e626e82dd2a388c0ffeb79de9b105b5f0636efaf15652b00710d09e440c375696e8965868ee56a07d6c8a6131c34fb2137fdfeab2d75f4954afb65bbfbf0afbdacc72cdb307a60e285e2e8c9136c36197cd42528029960ed66b4a68481030d8115413bbad3139e76d6925728f96280c36e1edb4a65ee78e2b44134003a1a132493b2ad"}]}}, {{0x9, 0x5, 0x4, 0x3, 0x10, 0xf, 0x7f, 0x42}}, {{0x9, 0x5, 0x80, 0x10, 0x200, 0x6, 0x7, 0xfa, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0xfc, 0xeda}, @generic={0x78, 0x8, "fc9eca743c9fa9b23ec58e87425a8f275add55ab5604b6110fb234f4df79f8c80f1151b166707c863f38dc883c63ca9a1762a85ede9de544119b70a6a3f02a8663ac2da47cd5e003412ab6e1cc5f4e2ab34d8171151a83dd490fb201a30605bc22186b3759dbf261b7db0596fcfb9a0b28afd88d916e"}]}}, {{0x9, 0x5, 0x80, 0x10, 0x400, 0x5, 0x81, 0x6}}, {{0x9, 0x5, 0xd, 0x0, 0x0, 0x8, 0x7, 0x7}}, {{0x9, 0x5, 0x8, 0x10, 0x200, 0x4, 0x9, 0xa, [@generic={0x92, 0x22, "bfdb3c2c7c99d2f976a310a2a866f8b0d33d2ed6b285424b7470ff57a9d2ba88416eff095ff2c4b9865beae72c8be0f92d145ccdb898e07d8a10421efc6b8cdbd0b5cc96be14581cdd41c22b7ab0b52aa47561efc5e0ed3b65d86df4bda95e0f7e4941eb91bd6d45e062720dffa3a698cc581f2d2d01dd38b5837c2659a7e49147a973c66659ed35aa7c23e3c7decb37"}]}}, {{0x9, 0x5, 0x0, 0x1, 0x200, 0xaf, 0xff, 0x60, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x6b, 0x6cf0}]}}]}}]}}]}}, &(0x7f0000000380)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x201, 0x5, 0x0, 0x7, 0x8, 0x6}, 0xf1, &(0x7f0000000b40)={0x5, 0xf, 0xf1, 0x4, [@generic={0xcb, 0x10, 0xa, "7c761f4e98a1ca0ca62fef07afc660d3f3e6e90a3bb186f69b79a652eb4ba8da9cdc8f4a1c06b1f7a5bdf63f36dd65d6b4d51782ef164cdab6e66fc5895a5c10bd7a3b647eeb2ca42344e9dcb2df181fb2b871288f05dd6b52e887b89698916127175f7775d21d0127786aa2777d607542ee434c3eeacb243dde4893553bc0c54da4f82060c44abd29cd80fd4b0898d6c91d4dde78e3bf85335711ad4da4d6b1f3e7241bdfdfa6a306f84bb261369aa30b247922a89559b9ce39174cb87c903207b611ff9ebc9ae8"}, @ptm_cap={0x3}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0xe, 0x5, 0x8c, 0x1}, @ss_container_id={0x14, 0x10, 0x4, 0x7f, "35d2172e7c45356bf995f89c26f9068f"}]}, 0x4, [{0xc4, &(0x7f0000000400)=@string={0xc4, 0x3, "fa29862a153672c1f995c8e4b06451c3f001f67c41d1d82b8925cbb1915138279d7d12efaec0bcd5f5df0b07ed6b9ac153c9e8035ef6f11f6f4c2d26295ec021004ea9a6140abc89b6de04164b9eb0f2a39ff026ec64bd86553d872b05bb7b64ec1e14adb89a252284de5a529839eb0825b3ef947b5109d00fa0a32a22b6876d35b304d49caf8bb6ba5e90b722d3aec931a9b47f4cf2b03574c0874fe5b843a1220c0f8320f80e9a80d4cdc4f2e37945dac1e74a9cc65314e98f07ab7e2d92a2d1f5"}}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x843}}, {0x92, &(0x7f00000001c0)=@string={0x92, 0x3, "f7e8abf80386ab0b9ffa7138bb6819b4451c2b87fb8a57377adf83adcf6e370dfba87cc48a07f1a5f744ba92ae13929befd9fc060b361650f6ac93ebac2a018b89a8897e9c04ffe72b843673abfb631d4675e8f4568f8692101c932a77d80fee86cb11b1901f5719c1916e2ee9fe96338254bae866adda0241cf4f8ca9abe4b5414b2752e5ef10d34f72231e2548d625"}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x3001}}]})
syz_usb_control_io$hid(r0, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0x7b9, &(0x7f0000001480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000200)="b9810800000f3266ba2100ecb96b080000b808000000ba000000000f300f78a6e18f0000b889185afd0f23d00f21f8352000000d0f23f80f01df8fc978d7f4b9ce090000b82a000000ba000000000f30360fc735e5690000640f017a3a", 0x5d}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r6 = socket(0xa, 0x3, 0x3a)
ioctl$SIOCSIFMTU(r6, 0x89e0, &(0x7f0000000000)={'veth0_vlan\x00', 0x200})
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000140)={'syzkaller1\x00'})
syz_init_net_socket$ax25(0x3, 0x3, 0xcf)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x83f0477036cacef2, 0x0)

4.873480055s ago: executing program 0 (id=770):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0x20000014})

4.333409954s ago: executing program 4 (id=772):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, r1, 0x0)
r2 = userfaultfd(0x1)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000080))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1})
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[], 0x118)
ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa07, &(0x7f0000000280)={{&(0x7f0000ffc000/0x2000)=nil, 0x2000}})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4000})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x0, 0x0)
ioctl$TCXONC(r5, 0x540a, 0x0)
r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000c40), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="40a5e1ad6e804cce584e5ffc46000000", @ANYRES16=r6, @ANYBLOB="0100000000000000000006000001050000000000000005000500e00000020f0007"], 0x34}, 0x2, 0x34005}, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x10, &(0x7f00000001c0)=0x7, 0x4)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f00000002c0)=ANY=[@ANYRES32=r3])
socket$xdp(0x2c, 0x3, 0x0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r8, 0x84, 0x9, &(0x7f0000000000)={0x0, @in={{0x2, 0x4e23, @rand_addr=0x64010102}}, 0xfffffe85, 0xf0, 0x8, 0x20a, 0x9, 0xc}, 0x9c)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r9 = creat(&(0x7f00000000c0)='./file0\x00', 0x80)
r10 = dup2(r9, r9)
ioctl$BLKTRACESETUP(r10, 0xc0481273, &(0x7f0000000240)={'\x00', 0x40, 0xa, 0x1, 0x40000000, 0x10})
ioctl$BLKTRACESTART(r9, 0x1274, 0x0)
ioctl$BLKTRACETEARDOWN(r10, 0x1276, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_CPUID(r7, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="01"])
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)

4.032193183s ago: executing program 0 (id=774):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0x20000014})

3.807196619s ago: executing program 2 (id=775):
syz_open_dev$loop(0x0, 0x763, 0x301000)
memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\x01\x04\x00\x00\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_int(r1, 0x1, 0x200000010, &(0x7f0000000000)=0x7, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_service_time\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
sendto$unix(r0, &(0x7f00000004c0)="a0", 0x1, 0x200080d1, 0x0, 0x0)

3.644338576s ago: executing program 2 (id=776):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
write$sndseq(r0, &(0x7f0000000080)=[{0x8, 0x0, 0x0, 0xfd, @tick, {}, {0xe}, @result}], 0x1c)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x198, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendto$packet(r1, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
recvfrom$packet(r1, 0x0, 0x0, 0x12000, 0x0, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x2d)
connect(0xffffffffffffffff, &(0x7f0000000080)=@x25, 0x80)
mount(&(0x7f0000000180)=@rnullb, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='jfs\x00', 0x8010, 0x0)

3.374435703s ago: executing program 2 (id=777):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = socket$kcm(0x2, 0xa, 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000002c0)={@val={0x0, 0x86dd}, @val={0x3, 0x0, 0xa, 0x0, 0x8d}, @mpls={[], @ipv6=@tipc_packet={0x8, 0x6, "09c2b4", 0x68, 0x6, 0xff, @empty, @mcast2, {[@dstopts={0x3b, 0x6, '\x00', [@generic={0x0, 0x31, "ecfa7d6266d62810628e9bec0764d366921e7982b0f38470a736c2bcf722b3b7bfff48a599afc05f7e1f7eb3f809302c37"}]}], @payload_named={{{{{0x28, 0x0, 0x0, 0x0, 0x1, 0xa, 0x2, 0x2, 0x4886, 0x0, 0x3, 0x9, 0x0, 0x2, 0x8, 0x0, 0x0, 0x4e23, 0x4e20}, 0x1}, 0x4, 0x4}}}}}}}, 0x9e)

3.024372468s ago: executing program 2 (id=778):
syz_open_dev$loop(0x0, 0x763, 0x301000)
memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\x01\x04\x00\x00\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_int(r1, 0x1, 0x200000010, &(0x7f0000000000)=0x7, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_service_time\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
sendto$unix(r0, &(0x7f00000004c0)="a0", 0x1, 0x200080d1, 0x0, 0x0) (fail_nth: 2)

2.47305108s ago: executing program 0 (id=779):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f0000000100)=0x1)
syz_open_dev$loop(0x0, 0x763, 0x402241)
memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\x01\x04\x00\x00\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/pm_debug_messages', 0x800c0, 0x12)
openat$cgroup_ro(r4, &(0x7f00000001c0)='cgroup.events\x00', 0x0, 0x0)
setsockopt$sock_int(r3, 0x1, 0x200000010, &(0x7f0000000000)=0x7, 0x4)
ioperm(0x3, 0x5, 0x6)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
semget(0x3, 0x3d8320cfaffe1bf9, 0x75b16f8fb84d9a21)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_service_time\x00', 0x275a, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = syz_init_net_socket$ax25(0x3, 0x3, 0xcf)
ioctl$SIOCAX25GETINFOOLD(r7, 0x89e9, &(0x7f0000000680))
getsockopt(r1, 0x4, 0x8, &(0x7f0000000040)=""/24, &(0x7f00000000c0)=0x18)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r9 = dup(r8)
write$UHID_INPUT(r9, &(0x7f0000004000)={0xf, {"a2e3ad21ed0d09f90750090987f70906d038e7ff7fc6e5539b0d3d0e8b089b33336d63060890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffe59}}, 0xfa)
writev(r6, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff0100000040000000560000002500000019000400041f000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
sendto$unix(r2, &(0x7f00000004c0)="a0", 0x1, 0x200080d1, 0x0, 0x0)

2.165902175s ago: executing program 4 (id=780):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4a0200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x40305839, &(0x7f0000000540)={'veth0_virt_wifi\x00', @link_local={0x1, 0x80, 0xc2, 0x5}}) (async)
setsockopt$SO_J1939_PROMISC(r2, 0x6b, 0x2, &(0x7f0000000040), 0x4) (async)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000000000/0xc00000)=nil, 0xc00000}, 0x3})
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000000)={&(0x7f00001c4000/0x3000)=nil, &(0x7f0000000000/0xc00000)=nil, 0x3000, 0x0, 0x2})

2.089951969s ago: executing program 0 (id=781):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="0a000000bbbbbbbbbbbbaaaaaaaaaabb86dd6d002000001084ff00000000000000000000000000000008ff020000000000000000000000000001"], 0x4a)

1.952168918s ago: executing program 4 (id=782):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, 0x0, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, 0x0, 0x0)
close(r1)

1.84562516s ago: executing program 2 (id=783):
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
preadv2(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0xffe00}], 0x5, 0x0, 0x0, 0x1f)
write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x0, 0x5})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
close(0x3)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f0000000480)={0x2020}, 0x2020)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r3, &(0x7f0000000000)={{0x6, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0xa}, [@null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]}, 0x48)
r4 = dup(r0)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x40}}, 0x18)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x100)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000280)="d8000000140081054e81f782db44b9040a1d08020a000000040000a118000200fe80000000000e1208000f0100a10401a80016eaa4000640fefffffffffeffffb94dcf5c0461c1d67f6f94007134cf6ee08002a0e408e8d8ef075c817bd6c496ddffaa2795edb1e61e0100000000000000cb090000001fb791643a5ee4001b14547df36745d6d930dfe1d9d322fe7c9fd68775730d96a4683f5aeb4edbb57a5025ccca9e00158c89ed6cb4d1ac95e7765e04c2360db70100000040fad9", 0xbd}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$sock_int(r6, 0x1, 0x200000010, &(0x7f0000000000)=0x9, 0x4)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000140)=ANY=[])
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x40001, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r7, 0x3ba0, &(0x7f00000024c0)={0x48, 0x2, r8})
ioctl$IOMMU_IOAS_MAP$PAGES(r7, 0x3b85, &(0x7f0000000040)={0x28, 0x2, r8, 0x0, &(0x7f0000ffe000/0x1000)=nil, 0x1000, 0xab1a})

1.584805272s ago: executing program 4 (id=784):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, 0x0, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, 0x0, 0x0)
close(r1) (fail_nth: 2)

1.185224172s ago: executing program 0 (id=785):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002100)='/proc/bus/input/devices\x00', 0x0, 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x3)
write$uinput_user_dev(r1, &(0x7f0000000840)={'syz1\x00', {}, 0x0, [0x1000, 0x0, 0xfffffffe, 0x6, 0x4, 0x0, 0x2, 0x401, 0x0, 0x0, 0x0, 0xfffffffd, 0x9, 0x0, 0xfffffffc, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0xffff0000, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x9a], [0x400, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88b2, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffd], [0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x80001, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, 0x0, 0x0, 0x6c01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x9, 0x0, 0x0, 0x0, 0x7fff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1000000, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x7f, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x8]}, 0x45c)
ioctl$UI_DEV_CREATE(r1, 0x5501)
ioctl$EXT4_IOC_SETFSUUID(r1, 0x4008662c, &(0x7f0000000000)={0x0, 0x0, "d0f71ff0e80f51bb2a47ecfdb7e737dc"})
read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x2020)
mount(&(0x7f0000000100)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000240)='udf\x00', 0x200000, 0x0)

1.095040111s ago: executing program 4 (id=786):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = socket$kcm(0x2, 0xa, 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000002c0)={@val={0x0, 0x86dd}, @val={0x3, 0x0, 0xa, 0x0, 0x8d}, @mpls={[], @ipv6=@tipc_packet={0x8, 0x6, "09c2b4", 0x68, 0x6, 0xff, @empty, @mcast2, {[@dstopts={0x3b, 0x6, '\x00', [@generic={0x0, 0x31, "ecfa7d6266d62810628e9bec0764d366921e7982b0f38470a736c2bcf722b3b7bfff48a599afc05f7e1f7eb3f809302c37"}]}], @payload_named={{{{{0x28, 0x0, 0x0, 0x0, 0x1, 0xa, 0x2, 0x2, 0x4886, 0x0, 0x3, 0x9, 0x0, 0x2, 0x8, 0x0, 0x0, 0x4e23, 0x4e20}, 0x1}, 0x4, 0x4}}}}}}}, 0x9e)

1.011641494s ago: executing program 2 (id=787):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, 0x0, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x1ff)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01090000000000000f478e"])
r2 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt(r4, 0xff, 0x1, 0x0, &(0x7f0000000040))
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
mkdir(&(0x7f0000000e40)='./file0\x00', 0x1)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000640)='./file0\x00')
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f00000002c0)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r6, 0x0, 0x0)
mkdir(&(0x7f0000000180)='./file1\x00', 0x84)
lseek(r6, 0x3, 0x1)
ioctl$EXT4_IOC_MOVE_EXT(r5, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0x6, 0x100000001, 0x4, 0x6})

781.156827ms ago: executing program 3 (id=788):
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)

540.704ms ago: executing program 0 (id=789):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28012, r1, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000100)={'wlan0\x00', 0x100})
r2 = syz_open_dev$dri(&(0x7f00000008c0), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r2, 0xc04064aa, &(0x7f0000000300)={0x0, 0x0})
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
sendfile(r3, r0, 0x0, 0x0)
r4 = creat(&(0x7f0000000140)='./file0\x00', 0x71)
mount(&(0x7f0000000180)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000000)='hfsplus\x00', 0x208083, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r7=>0x0})
r8 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r8, 0x401c5820, &(0x7f0000000000)={0xfffffffe, 0x3, 0x0, 0x10000, 0x9})
r9 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000001c0)={'macvlan0\x00', <r10=>0x0})
r11 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r11, 0x0, 0x0, 0x0, &(0x7f0000000340)={0xc9, 0x0, r10, 0x1, 0x0, 0x6, @multicast}, 0x14)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x801}, 0x0)
sendmsg$NFT_BATCH(r12, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000100001e0ffffff00000000000000000a74000000060a09040000000000000000020000000900010073797a30000000000900020073797a320000000048000480440001800c0001007061796c6f616400340002800800044000000000080008400000000008000240000000000800054000000000080003"], 0x9c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000700)={'vxcan1\x00'})
sendmmsg$inet6(r8, &(0x7f00000001c0), 0x0, 0xc010)
sendmsg$NL80211_CMD_NEW_KEY(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)=ANY=[@ANYBLOB="06000000", @ANYRES16=r5, @ANYBLOB="010827bd7000000000000b00000008000300", @ANYRES32=r7, @ANYBLOB="20005080090001006f8584e78b00000005000200020000000800030004ac0f00"], 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x200000c4)
r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.kill\x00', 0x275a, 0x0)
fcntl$lock(r13, 0x25, &(0x7f0000000000)={0x1, 0x0, 0xc08, 0x2})
fcntl$lock(r13, 0x6, &(0x7f0000001340)={0x0, 0x1, 0x2, 0x7})
write$P9_RUNLINKAT(r4, &(0x7f0000000040)={0x7, 0x4d, 0x2}, 0x7)
write$FUSE_STATFS(r4, &(0x7f0000000080)={0x60, 0xfffffffffffffffe, 0x0, {{0x80000000, 0x7, 0x800, 0x81, 0x7fff, 0x0, 0x4000800, 0x7}}}, 0x60)

496.1741ms ago: executing program 3 (id=790):
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103) (fail_nth: 2)

298.487656ms ago: executing program 4 (id=791):
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x8000, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x10b200, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000900)=[{{0x1, 0x1}, {0x4, 0x0, 0x0, 0x1}}, {{0x4, 0x1}, {0x2, 0x0, 0x1, 0x1}}], 0x10)
close_range(r1, 0xffffffffffffffff, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000000)="f3440fc7b729000000f20f5f0d00000080460f5ba4b07a000000470f38c9403736460fc7b10f240000660f3881078fa9189021da820001c0fef3440f0966b881000f00d8", 0x44}], 0x5204279, 0x74, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r6, 0x4068aea3, &(0x7f000009df00)={0x79, 0x0, 0x1})
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x81c0, 0x8)

0s ago: executing program 3 (id=792):
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='exfat\x00', 0x200000, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000001c0)={0xe886c5ffc5249171, 0x4, 0x0, 0x1000, &(0x7f0000001000/0x1000)=nil})
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
r1 = syz_open_dev$loop(&(0x7f0000000100), 0x8000000000000, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, 0x0)
r2 = openat$snapshot(0xffffff9c, &(0x7f0000000180), 0x3, 0x0)
ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f00000001c0)={0x101, 0x7})
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r3, &(0x7f0000000080)={0x24, @long={0x3, 0x3, {0xaaaaaaaaaaaa0002}}}, 0x14)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000001400)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r5=>0x0]}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f0000000180)={r5}, &(0x7f0000000240)=0x8)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e24, @local}]}, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r7, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000180)=0x8)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={r8, 0x8}, 0x8)
r9 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r9, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r10=>0x0]}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r9, 0x84, 0x1, &(0x7f0000000300)={r10, 0x1, 0xed, 0xffffff72, 0x7, 0x5}, 0x14)
sendmsg$inet_sctp(r0, &(0x7f00000013c0)={&(0x7f0000000140)=@in6={0xa, 0x4e24, 0xf90f, @empty, 0x7fffffff}, 0x1c, &(0x7f0000001280)=[{&(0x7f0000001240)="1684c40b1c53907659bd8cd577a5b60ac090c73ff321f8bec065b94b23dfaeca585c3b1086a7af81176c6f10ac711986f1434816b9b565770f56", 0x3a}], 0x1, &(0x7f00000012c0)=[@sndrcv={0x30, 0x84, 0x1, {0x7, 0x8, 0x8, 0x1, 0x7ff, 0x9, 0x40, 0x8, r5}}, @dstaddrv6={0x20, 0x84, 0x8, @dev={0xfe, 0x80, '\x00', 0xe}}, @sndrcv={0x30, 0x84, 0x1, {0x3, 0xfffd, 0x12, 0x9, 0x2, 0x7f, 0x0, 0x4}}, @sndinfo={0x20, 0x84, 0x2, {0x2, 0xc, 0x2, 0x0, r8}}, @init={0x18, 0x84, 0x0, {0x2, 0x1, 0x9, 0x84e6}}, @init={0x18, 0x84, 0x0, {0xa, 0x8001, 0x8, 0x1ff}}, @sndinfo={0x20, 0x84, 0x2, {0xfcb, 0x8214, 0x6, 0x81, r10}}], 0xf0, 0x24040810}, 0x4000084)
connect$802154_dgram(r3, &(0x7f0000000040)={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0202}}}, 0x14)
ioctl$BTRFS_IOC_SCRUB(r2, 0xc400941b, &(0x7f0000000200)={<r11=>0x0, 0x3, 0x3})
ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f0000000600)={<r12=>0x0})
ioctl$BTRFS_IOC_GET_DEV_STATS(r1, 0xc4089434, &(0x7f0000000a00)={<r13=>0x0, 0x8, 0x1, [0xd8, 0xff, 0xb, 0x3, 0x4], [0x8000, 0x80000000, 0x6, 0x2, 0x6, 0x8000000000000001, 0x3, 0xc79, 0x69e0, 0xffff, 0x8, 0x6, 0x5c08, 0x3, 0x3, 0x6, 0x96a5, 0x0, 0x348d448, 0x8000, 0x6, 0x8, 0x81, 0x5, 0x4, 0x1, 0xd, 0x8, 0x0, 0x6, 0x10001000, 0x2, 0x5, 0x81, 0x1000, 0xb, 0x6, 0x9, 0x400, 0xffffffffffffffff, 0x6622, 0x40, 0x7d, 0x7, 0x9, 0x5, 0xa7dc, 0x4, 0x9, 0x7fffffffffffffff, 0x27, 0x0, 0x10000, 0x7fffffffffffffff, 0x0, 0x100, 0x400, 0xfffffffffffffc00, 0x9, 0x8, 0x70, 0x9, 0x100000001, 0xa98, 0x5, 0x7, 0xc8, 0x364, 0x7, 0x9, 0xf5fe, 0x7ff, 0xd6b8, 0x9, 0x3, 0xf, 0x7, 0x5, 0x5a6, 0x0, 0xa3, 0x8, 0x400, 0x7, 0x6, 0x200, 0x3, 0x7ff, 0xffffffffffffffff, 0x2, 0x7fffffff, 0x7, 0x8, 0x100000000, 0x0, 0x7, 0x0, 0x2, 0x7, 0x2, 0x9, 0x0, 0x3, 0x6, 0xffff, 0x1, 0x6, 0x5, 0x0, 0x9, 0x7f, 0x8, 0x0, 0x10001, 0x5, 0xb, 0x2, 0x5, 0x6, 0x29f, 0xdb7]})
ioctl$BTRFS_IOC_BALANCE_V2(r3, 0xc4009420, &(0x7f0000000e40)={0x8, 0x5, {0x6, @usage=0x3, r11, 0x4, 0x2, 0x7fff, 0x6, 0x4, 0x4, @struct={0x4, 0xb}, 0x7, 0x0, [0xe53, 0x6, 0x0, 0x200, 0x7, 0x2]}, {0xffffffffffffffff, @struct={0xb06f, 0x5}, r12, 0xffffffff, 0x501, 0xc42, 0x3, 0x58d7, 0x4, @struct={0x10001, 0x3}, 0x7, 0x5, [0x8, 0x8, 0x5, 0x8, 0x8, 0x4]}, {0x8, @usage=0x60000000000000, r13, 0x3bde68aa, 0xe96, 0xfffffffffffffff7, 0x6, 0x2, 0x41e, @struct={0x0, 0x9}, 0x2, 0x1ff, [0x3, 0xf5, 0x9d8, 0x5, 0x3, 0x100000000]}, {0x3, 0xafa8, 0x80}})
syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x80000)

kernel console output (not intermixed with test programs):


[  153.389587][ T7470]  ? cap_mmap_addr+0xb0/0x100
[  153.389605][ T7470]  ? bpf_lsm_mmap_addr+0x9/0x20
[  153.389613][ T7470]  ? security_mmap_addr+0x71/0x270
[  153.389627][ T7470]  ? shmem_mapping+0xd/0x50
[  153.389641][ T7470]  ? memfd_check_seals_mmap+0xc5/0x200
[  153.389652][ T7470]  do_mmap+0xc45/0x10d0
[  153.389681][ T7470]  ? __pfx_do_mmap+0x10/0x10
[  153.389696][ T7470]  ? down_write_killable+0x178/0x230
[  153.389719][ T7470]  ? end_current_label_crit_section+0x152/0x180
[  153.389739][ T7470]  ? __pfx_down_write_killable+0x10/0x10
[  153.389758][ T7470]  vm_mmap_pgoff+0x31b/0x4c0
[  153.389777][ T7470]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  153.389791][ T7470]  ? __fget_files+0x2a/0x420
[  153.389811][ T7470]  ? __fget_files+0x3a0/0x420
[  153.389832][ T7470]  ? __fget_files+0x2a/0x420
[  153.389858][ T7470]  ksys_mmap_pgoff+0x51f/0x760
[  153.389883][ T7470]  do_syscall_64+0xfa/0x3b0
[  153.389898][ T7470]  ? lockdep_hardirqs_on+0x9c/0x150
[  153.389909][ T7470]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.389919][ T7470]  ? clear_bhb_loop+0x60/0xb0
[  153.389931][ T7470]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.389940][ T7470] RIP: 0033:0x7f512378e929
[  153.389950][ T7470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.389964][ T7470] RSP: 002b:00007f51245ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  153.389982][ T7470] RAX: ffffffffffffffda RBX: 00007f51239b5fa0 RCX: 00007f512378e929
[  153.389994][ T7470] RDX: 0000000000000002 RSI: 0000000000001000 RDI: 000020000038a000
[  153.390005][ T7470] RBP: 00007f51245ad090 R08: 0000000000000003 R09: 00000000ffffd000
[  153.390015][ T7470] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001
[  153.390025][ T7470] R13: 0000000000000000 R14: 00007f51239b5fa0 R15: 00007ffc462ccd18
[  153.390052][ T7470]  </TASK>
[  153.956509][ T7476] block nbd0: shutting down sockets
[  154.138942][ T5155] Bluetooth: Wrong link type (-71)
[  154.385881][  T982] usbhid 4-1:0.0: can't add hid device: -71
[  154.391923][  T982] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  154.397681][ T7493] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  154.409736][ T7495] FAULT_INJECTION: forcing a failure.
[  154.409736][ T7495] name failslab, interval 1, probability 0, space 0, times 0
[  154.419229][  T982] usb 4-1: USB disconnect, device number 13
[  154.430663][ T7495] CPU: 1 UID: 0 PID: 7495 Comm: syz.0.515 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  154.430688][ T7495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  154.430698][ T7495] Call Trace:
[  154.430706][ T7495]  <TASK>
[  154.430714][ T7495]  dump_stack_lvl+0x189/0x250
[  154.430738][ T7495]  ? __pfx____ratelimit+0x10/0x10
[  154.430759][ T7495]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.430778][ T7495]  ? __pfx__printk+0x10/0x10
[  154.430800][ T7495]  ? __pfx___might_resched+0x10/0x10
[  154.430817][ T7495]  ? fs_reclaim_acquire+0x7d/0x100
[  154.430843][ T7495]  should_fail_ex+0x414/0x560
[  154.430873][ T7495]  should_failslab+0xa8/0x100
[  154.430895][ T7495]  __kmalloc_noprof+0xcb/0x4f0
[  154.430913][ T7495]  ? tomoyo_encode+0x28b/0x550
[  154.430937][ T7495]  tomoyo_encode+0x28b/0x550
[  154.430961][ T7495]  tomoyo_realpath_from_path+0x58d/0x5d0
[  154.430992][ T7495]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  154.431016][ T7495]  tomoyo_path_number_perm+0x1e8/0x5a0
[  154.431043][ T7495]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  154.431083][ T7495]  ? __lock_acquire+0xab9/0xd20
[  154.431127][ T7495]  ? __fget_files+0x2a/0x420
[  154.431152][ T7495]  ? __fget_files+0x2a/0x420
[  154.431172][ T7495]  ? __fget_files+0x3a0/0x420
[  154.431192][ T7495]  ? __fget_files+0x2a/0x420
[  154.431217][ T7495]  security_file_ioctl+0xcb/0x2d0
[  154.431243][ T7495]  __se_sys_ioctl+0x47/0x170
[  154.431265][ T7495]  do_syscall_64+0xfa/0x3b0
[  154.431284][ T7495]  ? lockdep_hardirqs_on+0x9c/0x150
[  154.431310][ T7495]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.431327][ T7495]  ? clear_bhb_loop+0x60/0xb0
[  154.431346][ T7495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.431360][ T7495] RIP: 0033:0x7f512378e929
[  154.431376][ T7495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.431390][ T7495] RSP: 002b:00007f51245ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  154.431407][ T7495] RAX: ffffffffffffffda RBX: 00007f51239b5fa0 RCX: 00007f512378e929
[  154.431420][ T7495] RDX: 0000000000000004 RSI: 000000000000ab00 RDI: 0000000000000003
[  154.431430][ T7495] RBP: 00007f51245ad090 R08: 0000000000000000 R09: 0000000000000000
[  154.431439][ T7495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.431447][ T7495] R13: 0000000000000000 R14: 00007f51239b5fa0 R15: 00007ffc462ccd18
[  154.431469][ T7495]  </TASK>
[  154.431491][ T7495] ERROR: Out of memory at tomoyo_realpath_from_path.
[  154.727285][ T7494] block nbd0: shutting down sockets
[  154.794755][   T92] usb 3-1: new low-speed USB device number 37 using dummy_hcd
[  154.975274][   T92] usb 3-1: config index 0 descriptor too short (expected 1307, got 27)
[  154.983582][   T92] usb 3-1: config 0 has an invalid interface number: 0 but max is -1
[  155.007002][   T92] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0
[  155.034655][   T92] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  155.056227][   T92] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  155.076445][   T92] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  155.087811][   T92] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  155.102691][   T92] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  155.132064][   T92] usb 3-1: string descriptor 0 read error: -22
[  155.138554][   T92] usb 3-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  155.164622][   T92] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.214281][   T92] usb 3-1: config 0 descriptor??
[  155.238347][   T92] hub 3-1:0.0: bad descriptor, ignoring hub
[  155.247354][   T92] hub 3-1:0.0: probe with driver hub failed with error -5
[  155.260621][   T92] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input7
[  155.448713][ T5965] usb 3-1: USB disconnect, device number 37
[  155.502966][ T7512] FAULT_INJECTION: forcing a failure.
[  155.502966][ T7512] name failslab, interval 1, probability 0, space 0, times 0
[  155.536586][ T7512] CPU: 0 UID: 0 PID: 7512 Comm: syz.3.522 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  155.536612][ T7512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  155.536622][ T7512] Call Trace:
[  155.536629][ T7512]  <TASK>
[  155.536637][ T7512]  dump_stack_lvl+0x189/0x250
[  155.536661][ T7512]  ? __pfx____ratelimit+0x10/0x10
[  155.536682][ T7512]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.536701][ T7512]  ? __pfx__printk+0x10/0x10
[  155.536721][ T7512]  ? __pfx___might_resched+0x10/0x10
[  155.536736][ T7512]  ? fs_reclaim_acquire+0x7d/0x100
[  155.536759][ T7512]  should_fail_ex+0x414/0x560
[  155.536786][ T7512]  should_failslab+0xa8/0x100
[  155.536807][ T7512]  __kmalloc_noprof+0xcb/0x4f0
[  155.536822][ T7512]  ? tomoyo_encode+0x28b/0x550
[  155.536842][ T7512]  tomoyo_encode+0x28b/0x550
[  155.536865][ T7512]  tomoyo_realpath_from_path+0x58d/0x5d0
[  155.536890][ T7512]  ? tomoyo_domain+0xd9/0x130
[  155.536909][ T7512]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  155.536929][ T7512]  tomoyo_path_number_perm+0x1e8/0x5a0
[  155.536949][ T7512]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  155.536977][ T7512]  ? __lock_acquire+0xab9/0xd20
[  155.537017][ T7512]  ? __fget_files+0x2a/0x420
[  155.537041][ T7512]  ? __fget_files+0x2a/0x420
[  155.537061][ T7512]  ? __fget_files+0x3a0/0x420
[  155.537080][ T7512]  ? __fget_files+0x2a/0x420
[  155.537106][ T7512]  security_file_ioctl+0xcb/0x2d0
[  155.537132][ T7512]  __se_sys_ioctl+0x47/0x170
[  155.537154][ T7512]  do_syscall_64+0xfa/0x3b0
[  155.537172][ T7512]  ? lockdep_hardirqs_on+0x9c/0x150
[  155.537190][ T7512]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.537205][ T7512]  ? clear_bhb_loop+0x60/0xb0
[  155.537224][ T7512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.537239][ T7512] RIP: 0033:0x7f8deed8e929
[  155.537261][ T7512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.537273][ T7512] RSP: 002b:00007f8defb74038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  155.537290][ T7512] RAX: ffffffffffffffda RBX: 00007f8deefb5fa0 RCX: 00007f8deed8e929
[  155.537301][ T7512] RDX: 0000200000001180 RSI: 0000000000008916 RDI: 0000000000000005
[  155.537311][ T7512] RBP: 00007f8defb74090 R08: 0000000000000000 R09: 0000000000000000
[  155.537320][ T7512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.537330][ T7512] R13: 0000000000000000 R14: 00007f8deefb5fa0 R15: 00007ffc77f80438
[  155.537359][ T7512]  </TASK>
[  155.537445][ T7512] ERROR: Out of memory at tomoyo_realpath_from_path.
[  155.861123][ T7514] PKCS7: Unknown OID: [4] 0.0
[  155.868579][ T7514] PKCS7: Only support pkcs7_signedData type
[  155.881906][ T7514] overlayfs: failed to resolve './file0': -2
[  155.962145][ T7518] binder: BINDER_SET_CONTEXT_MGR already set
[  155.981080][ T7518] binder: 7517:7518 ioctl 4018620d 2000000000c0 returned -16
[  156.005948][ T7518] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  156.593992][ T7533] FAULT_INJECTION: forcing a failure.
[  156.593992][ T7533] name failslab, interval 1, probability 0, space 0, times 0
[  156.606883][  T982] usb 1-1: new low-speed USB device number 28 using dummy_hcd
[  156.618896][ T7533] CPU: 0 UID: 0 PID: 7533 Comm: syz.3.533 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  156.618920][ T7533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  156.618930][ T7533] Call Trace:
[  156.618938][ T7533]  <TASK>
[  156.618946][ T7533]  dump_stack_lvl+0x189/0x250
[  156.618971][ T7533]  ? __pfx____ratelimit+0x10/0x10
[  156.618993][ T7533]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.619012][ T7533]  ? __pfx__printk+0x10/0x10
[  156.619038][ T7533]  ? __pfx___might_resched+0x10/0x10
[  156.619060][ T7533]  should_fail_ex+0x414/0x560
[  156.619089][ T7533]  should_failslab+0xa8/0x100
[  156.619111][ T7533]  kmem_cache_alloc_noprof+0x73/0x3c0
[  156.619131][ T7533]  ? mas_alloc_nodes+0x2e9/0x8e0
[  156.619155][ T7533]  mas_alloc_nodes+0x2e9/0x8e0
[  156.619191][ T7533]  mas_preallocate+0x3ad/0x6f0
[  156.619216][ T7533]  ? __pfx_mas_preallocate+0x10/0x10
[  156.619246][ T7533]  ? __mas_set_range+0x12f/0x3c0
[  156.619268][ T7533]  __split_vma+0x2fa/0xa00
[  156.619293][ T7533]  ? __pfx___split_vma+0x10/0x10
[  156.619307][ T7533]  ? process_measurement+0x1640/0x1a40
[  156.619350][ T7533]  vms_gather_munmap_vmas+0x2de/0x12b0
[  156.619387][ T7533]  ? __lock_acquire+0xab9/0xd20
[  156.619415][ T7533]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  156.619437][ T7533]  ? __lock_acquire+0xab9/0xd20
[  156.619479][ T7533]  do_vmi_align_munmap+0x25d/0x420
[  156.619523][ T7533]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  156.619577][ T7533]  do_vmi_munmap+0x253/0x2e0
[  156.619607][ T7533]  do_munmap+0xe1/0x140
[  156.619625][ T7533]  ? __lock_acquire+0xab9/0xd20
[  156.619649][ T7533]  ? __pfx_do_munmap+0x10/0x10
[  156.619688][ T7533]  mremap_to+0x56a/0x8b0
[  156.619721][ T7533]  ? __pfx_mremap_to+0x10/0x10
[  156.619750][ T7533]  ? __pfx_down_write_killable+0x10/0x10
[  156.619785][ T7533]  __se_sys_mremap+0x8ac/0xc00
[  156.619828][ T7533]  ? __pfx___se_sys_mremap+0x10/0x10
[  156.619848][ T7533]  ? ksys_write+0x22a/0x250
[  156.619871][ T7533]  ? __pfx_ksys_write+0x10/0x10
[  156.619888][ T7533]  ? rcu_is_watching+0x15/0xb0
[  156.619911][ T7533]  ? do_syscall_64+0xbe/0x3b0
[  156.619930][ T7533]  ? __x64_sys_mremap+0x20/0xc0
[  156.619955][ T7533]  do_syscall_64+0xfa/0x3b0
[  156.619973][ T7533]  ? lockdep_hardirqs_on+0x9c/0x150
[  156.619991][ T7533]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.620008][ T7533]  ? clear_bhb_loop+0x60/0xb0
[  156.620029][ T7533]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.620046][ T7533] RIP: 0033:0x7f8deed8e929
[  156.620062][ T7533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.620076][ T7533] RSP: 002b:00007f8defb74038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  156.620096][ T7533] RAX: ffffffffffffffda RBX: 00007f8deefb5fa0 RCX: 00007f8deed8e929
[  156.620109][ T7533] RDX: 0000000005000000 RSI: 0000000000002000 RDI: 0000200000ff5000
[  156.620121][ T7533] RBP: 00007f8defb74090 R08: 0000200000ffd000 R09: 0000000000000000
[  156.620132][ T7533] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  156.620143][ T7533] R13: 0000000000000000 R14: 00007f8deefb5fa0 R15: 00007ffc77f80438
[  156.620179][ T7533]  </TASK>
[  156.930674][    C0] vkms_vblank_simulate: vblank timer overrun
[  156.954519][ T5843] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  156.964486][ T5843] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  156.973760][ T5843] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  156.984014][ T5843] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  156.993108][ T5843] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  157.030666][ T5843] Bluetooth: Wrong link type (-71)
[  157.051539][  T982] usb 1-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  157.062911][  T982] usb 1-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0
[  157.072713][  T982] usb 1-1: config 0 interface 0 has no altsetting 0
[  157.079376][  T982] usb 1-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00
[  157.089214][  T982] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.102456][  T982] usb 1-1: config 0 descriptor??
[  157.214043][ T7541] binder: BINDER_SET_CONTEXT_MGR already set
[  157.220468][ T7541] binder: 7540:7541 ioctl 4018620d 2000000000c0 returned -16
[  157.317958][ T7541] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  157.400502][ T7534] chnl_net:caif_netlink_parms(): no params data found
[  157.746433][ T7534] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.753756][ T7534] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.761468][ T7534] bridge_slave_0: entered allmulticast mode
[  157.770998][ T7534] bridge_slave_0: entered promiscuous mode
[  157.780469][ T7534] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.788258][ T7534] bridge0: port 2(bridge_slave_1) entered disabled state
[  157.795793][ T7534] bridge_slave_1: entered allmulticast mode
[  157.805370][ T7534] bridge_slave_1: entered promiscuous mode
[  157.906270][ T7534] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  157.921813][ T7534] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  157.941476][  T982] usbhid 1-1:0.0: can't add hid device: -71
[  157.954512][  T982] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  157.984085][  T982] usb 1-1: USB disconnect, device number 28
[  158.075004][ T5843] Bluetooth: Wrong link type (-71)
[  158.082482][ T7534] team0: Port device team_slave_0 added
[  158.103879][ T7534] team0: Port device team_slave_1 added
[  158.216904][ T7534] batman_adv: batadv0: Adding interface: batadv_slave_0
[  158.239555][ T7534] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.269174][ T7534] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  158.288718][ T7534] batman_adv: batadv0: Adding interface: batadv_slave_1
[  158.296048][ T7534] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.322125][    C0] vkms_vblank_simulate: vblank timer overrun
[  158.330150][ T7534] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  158.508771][ T7534] hsr_slave_0: entered promiscuous mode
[  158.523098][ T7534] hsr_slave_1: entered promiscuous mode
[  158.541548][ T7534] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  158.558029][ T7534] Cannot create hsr debugfs directory
[  158.749362][ T7574] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  159.026338][ T5843] Bluetooth: hci0: command tx timeout
[  159.238043][ T7534] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  159.259196][ T7534] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  159.296896][ T7534] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  159.326201][ T7534] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  159.599634][ T7534] 8021q: adding VLAN 0 to HW filter on device bond0
[  159.666277][ T7534] 8021q: adding VLAN 0 to HW filter on device team0
[  159.705635][ T3514] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.713755][ T3514] bridge0: port 1(bridge_slave_0) entered forwarding state
[  159.760912][ T3514] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.768148][ T3514] bridge0: port 2(bridge_slave_1) entered forwarding state
[  159.795056][ T5843] Bluetooth: Wrong link type (-71)
[  160.162979][ T7602] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  160.353166][ T7534] 8021q: adding VLAN 0 to HW filter on device batadv0
[  160.416204][ T5844] usb 1-1: new low-speed USB device number 29 using dummy_hcd
[  160.586655][ T5844] usb 1-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  160.616926][ T5844] usb 1-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0
[  160.638037][ T5844] usb 1-1: config 0 interface 0 has no altsetting 0
[  160.651607][ T5844] usb 1-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00
[  160.677984][ T5844] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.725838][ T5844] usb 1-1: config 0 descriptor??
[  160.941289][ T7628] FAULT_INJECTION: forcing a failure.
[  160.941289][ T7628] name failslab, interval 1, probability 0, space 0, times 0
[  160.965893][ T7628] CPU: 0 UID: 0 PID: 7628 Comm: syz.3.560 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  160.965937][ T7628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  160.965948][ T7628] Call Trace:
[  160.965955][ T7628]  <TASK>
[  160.965963][ T7628]  dump_stack_lvl+0x189/0x250
[  160.965988][ T7628]  ? __pfx____ratelimit+0x10/0x10
[  160.966009][ T7628]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.966028][ T7628]  ? __pfx__printk+0x10/0x10
[  160.966049][ T7628]  ? __pfx___might_resched+0x10/0x10
[  160.966067][ T7628]  ? fs_reclaim_acquire+0x7d/0x100
[  160.966092][ T7628]  should_fail_ex+0x414/0x560
[  160.966121][ T7628]  should_failslab+0xa8/0x100
[  160.966143][ T7628]  kmem_cache_alloc_noprof+0x73/0x3c0
[  160.966161][ T7628]  ? security_inode_alloc+0x39/0x330
[  160.966185][ T7628]  security_inode_alloc+0x39/0x330
[  160.966206][ T7628]  inode_init_always_gfp+0x9ed/0xdc0
[  160.966237][ T7628]  alloc_inode+0x82/0x1b0
[  160.966259][ T7628]  path_from_stashed+0x200/0x5c0
[  160.966292][ T7628]  pidfs_alloc_file+0xf7/0x270
[  160.966315][ T7628]  ? __pfx_pidfs_alloc_file+0x10/0x10
[  160.966346][ T7628]  pidfd_prepare+0x104/0x180
[  160.966365][ T7628]  __se_sys_pidfd_open+0xcf/0x250
[  160.966387][ T7628]  ? __pfx___se_sys_pidfd_open+0x10/0x10
[  160.966405][ T7628]  ? rcu_is_watching+0x15/0xb0
[  160.966428][ T7628]  ? do_syscall_64+0xbe/0x3b0
[  160.966452][ T7628]  do_syscall_64+0xfa/0x3b0
[  160.966472][ T7628]  ? lockdep_hardirqs_on+0x9c/0x150
[  160.966491][ T7628]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.966508][ T7628]  ? clear_bhb_loop+0x60/0xb0
[  160.966530][ T7628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.966546][ T7628] RIP: 0033:0x7f8deed8e929
[  160.966562][ T7628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.966576][ T7628] RSP: 002b:00007f8defb74028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2
[  160.966595][ T7628] RAX: ffffffffffffffda RBX: 00007f8deefb5fa0 RCX: 00007f8deed8e929
[  160.966608][ T7628] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000170
[  160.966619][ T7628] RBP: 00007f8defb74090 R08: 0000000000000000 R09: 0000000000000000
[  160.966636][ T7628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.966646][ T7628] R13: 0000000000000000 R14: 00007f8deefb5fa0 R15: 00007ffc77f80438
[  160.966674][ T7628]  </TASK>
[  161.008143][ T7534] veth0_vlan: entered promiscuous mode
[  161.239233][ T5843] Bluetooth: hci0: command tx timeout
[  161.270000][ T7634] binder: BINDER_SET_CONTEXT_MGR already set
[  161.276787][ T7634] binder: 7631:7634 ioctl 4018620d 2000000000c0 returned -16
[  161.295924][ T7534] veth1_vlan: entered promiscuous mode
[  161.335920][ T7534] veth0_macvtap: entered promiscuous mode
[  161.348636][ T7534] veth1_macvtap: entered promiscuous mode
[  161.375177][ T7534] batman_adv: batadv0: Interface activated: batadv_slave_0
[  161.392298][ T7634] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  161.393447][ T7633] capability: warning: `syz.2.561' uses deprecated v2 capabilities in a way that may be insecure
[  161.403575][ T7534] batman_adv: batadv0: Interface activated: batadv_slave_1
[  161.454717][   T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  161.469797][   T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  161.483466][   T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  161.577925][   T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  161.752756][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  161.772308][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  161.784327][ T5844] usbhid 1-1:0.0: can't add hid device: -71
[  161.790734][ T5844] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  161.818250][ T5844] usb 1-1: USB disconnect, device number 29
[  161.889879][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  161.904534][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  161.957806][ T7645] UDF-fs: warning (device rnullb0): udf_load_vrs: No VRS found
[  161.968230][ T7645] UDF-fs: Scanning with blocksize 4096 failed
[  162.109927][ T7651] FAULT_INJECTION: forcing a failure.
[  162.109927][ T7651] name failslab, interval 1, probability 0, space 0, times 0
[  162.141200][ T7651] CPU: 1 UID: 0 PID: 7651 Comm: syz.4.528 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  162.141228][ T7651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  162.141239][ T7651] Call Trace:
[  162.141246][ T7651]  <TASK>
[  162.141254][ T7651]  dump_stack_lvl+0x189/0x250
[  162.141280][ T7651]  ? __pfx____ratelimit+0x10/0x10
[  162.141303][ T7651]  ? __pfx_dump_stack_lvl+0x10/0x10
[  162.141321][ T7651]  ? __pfx__printk+0x10/0x10
[  162.141347][ T7651]  ? __pfx___might_resched+0x10/0x10
[  162.141362][ T7651]  ? fs_reclaim_acquire+0x7d/0x100
[  162.141387][ T7651]  should_fail_ex+0x414/0x560
[  162.141414][ T7651]  ? __pfx_sock_alloc_inode+0x10/0x10
[  162.141432][ T7651]  should_failslab+0xa8/0x100
[  162.141453][ T7651]  ? __pfx_sock_alloc_inode+0x10/0x10
[  162.141467][ T7651]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[  162.141486][ T7651]  ? sock_alloc_inode+0x28/0xc0
[  162.141505][ T7651]  ? __pfx_sock_alloc_inode+0x10/0x10
[  162.141521][ T7651]  sock_alloc_inode+0x28/0xc0
[  162.141537][ T7651]  alloc_inode+0x67/0x1b0
[  162.141558][ T7651]  __sock_create+0x12d/0x9f0
[  162.141585][ T7651]  __sys_socket+0xd7/0x1b0
[  162.141609][ T7651]  __x64_sys_socket+0x7a/0x90
[  162.141630][ T7651]  do_syscall_64+0xfa/0x3b0
[  162.141652][ T7651]  ? lockdep_hardirqs_on+0x9c/0x150
[  162.141672][ T7651]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.141689][ T7651]  ? clear_bhb_loop+0x60/0xb0
[  162.141707][ T7651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.141723][ T7651] RIP: 0033:0x7f6ecdb90847
[  162.141785][ T7651] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.141797][ T7651] RSP: 002b:00007f6ecea15fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  162.141813][ T7651] RAX: ffffffffffffffda RBX: 00007f6ecddb5fa0 RCX: 00007f6ecdb90847
[  162.141825][ T7651] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  162.141833][ T7651] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  162.141843][ T7651] R10: 0000200000000100 R11: 0000000000000286 R12: 0000000000000001
[  162.141853][ T7651] R13: 0000000000000001 R14: 00007f6ecddb5fa0 R15: 00007ffcc1f21768
[  162.141878][ T7651]  </TASK>
[  162.141963][ T7651] socket: no more sockets
[  162.778143][ T7664] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  163.092229][ T7676] FAULT_INJECTION: forcing a failure.
[  163.092229][ T7676] name failslab, interval 1, probability 0, space 0, times 0
[  163.177087][ T7676] CPU: 1 UID: 0 PID: 7676 Comm: syz.2.575 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  163.177114][ T7676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  163.177125][ T7676] Call Trace:
[  163.177133][ T7676]  <TASK>
[  163.177141][ T7676]  dump_stack_lvl+0x189/0x250
[  163.177165][ T7676]  ? __pfx____ratelimit+0x10/0x10
[  163.177186][ T7676]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.177203][ T7676]  ? __pfx__printk+0x10/0x10
[  163.177227][ T7676]  ? __pfx___might_resched+0x10/0x10
[  163.177242][ T7676]  ? fs_reclaim_acquire+0x7d/0x100
[  163.177268][ T7676]  should_fail_ex+0x414/0x560
[  163.177293][ T7676]  should_failslab+0xa8/0x100
[  163.177314][ T7676]  __kmalloc_node_track_caller_noprof+0xcc/0x4e0
[  163.177333][ T7676]  ? ima_collect_measurement+0x4c4/0x8d0
[  163.177360][ T7676]  ? ima_collect_measurement+0x4c4/0x8d0
[  163.177380][ T7676]  krealloc_noprof+0x124/0x340
[  163.177403][ T7676]  ima_collect_measurement+0x4c4/0x8d0
[  163.177435][ T7676]  ? __pfx_ima_collect_measurement+0x10/0x10
[  163.177457][ T7676]  ? __lock_acquire+0xab9/0xd20
[  163.177487][ T7676]  ? simple_xattr_get+0x37/0x180
[  163.177535][ T7676]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  163.177565][ T7676]  process_measurement+0x1121/0x1a40
[  163.177602][ T7676]  ? __pfx_process_measurement+0x10/0x10
[  163.177663][ T7676]  ? rcu_read_lock_any_held+0xb3/0x120
[  163.177697][ T7676]  ? end_current_label_crit_section+0x152/0x180
[  163.177721][ T7676]  ima_file_mmap+0x1a2/0x1f0
[  163.177741][ T7676]  ? __pfx_ima_file_mmap+0x10/0x10
[  163.177762][ T7676]  ? end_current_label_crit_section+0x152/0x180
[  163.177782][ T7676]  ? common_file_perm+0x199/0x200
[  163.177804][ T7676]  security_mmap_file+0x7a4/0xa60
[  163.177831][ T7676]  vm_mmap_pgoff+0x12c/0x4c0
[  163.177861][ T7676]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  163.177887][ T7676]  ? __fget_files+0x2a/0x420
[  163.177918][ T7676]  ? __fget_files+0x3a0/0x420
[  163.177937][ T7676]  ? __fget_files+0x2a/0x420
[  163.177960][ T7676]  ksys_mmap_pgoff+0x51f/0x760
[  163.177985][ T7676]  do_syscall_64+0xfa/0x3b0
[  163.178005][ T7676]  ? lockdep_hardirqs_on+0x9c/0x150
[  163.178025][ T7676]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.178042][ T7676]  ? clear_bhb_loop+0x60/0xb0
[  163.178064][ T7676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.178080][ T7676] RIP: 0033:0x7fb34ff8e929
[  163.178097][ T7676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.178112][ T7676] RSP: 002b:00007fb350e14038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  163.178130][ T7676] RAX: ffffffffffffffda RBX: 00007fb3501b5fa0 RCX: 00007fb34ff8e929
[  163.178143][ T7676] RDX: 0000000000000005 RSI: 0000000000003000 RDI: 0000200000000000
[  163.178155][ T7676] RBP: 00007fb350e14090 R08: 0000000000000003 R09: 0000000000000000
[  163.178165][ T7676] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000001
[  163.178176][ T7676] R13: 0000000000000000 R14: 00007fb3501b5fa0 R15: 00007ffe56223d38
[  163.178204][ T7676]  </TASK>
[  163.234985][   T30] audit: type=1800 audit(1751311566.071:6): pid=7676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.575" name="blkio.bfq.io_service_time" dev="tmpfs" ino=681 res=0 errno=0
[  163.264703][ T5843] Bluetooth: hci0: command tx timeout
[  163.647559][ T5940] usb 3-1: new low-speed USB device number 38 using dummy_hcd
[  163.712691][ T7690] FAULT_INJECTION: forcing a failure.
[  163.712691][ T7690] name failslab, interval 1, probability 0, space 0, times 0
[  163.734975][ T7690] CPU: 1 UID: 0 PID: 7690 Comm: syz.4.581 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  163.735000][ T7690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  163.735009][ T7690] Call Trace:
[  163.735017][ T7690]  <TASK>
[  163.735024][ T7690]  dump_stack_lvl+0x189/0x250
[  163.735048][ T7690]  ? __pfx____ratelimit+0x10/0x10
[  163.735069][ T7690]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.735088][ T7690]  ? __pfx__printk+0x10/0x10
[  163.735112][ T7690]  ? __pfx___might_resched+0x10/0x10
[  163.735134][ T7690]  should_fail_ex+0x414/0x560
[  163.735163][ T7690]  should_failslab+0xa8/0x100
[  163.735183][ T7690]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  163.735202][ T7690]  ? __alloc_skb+0x112/0x2d0
[  163.735228][ T7690]  __alloc_skb+0x112/0x2d0
[  163.735254][ T7690]  netlink_sendmsg+0x5c6/0xb30
[  163.735289][ T7690]  ? __pfx_netlink_sendmsg+0x10/0x10
[  163.735313][ T7690]  ? aa_sock_msg_perm+0xf1/0x1d0
[  163.735333][ T7690]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  163.735356][ T7690]  ? __pfx_netlink_sendmsg+0x10/0x10
[  163.735378][ T7690]  __sock_sendmsg+0x21c/0x270
[  163.735401][ T7690]  ____sys_sendmsg+0x505/0x830
[  163.735432][ T7690]  ? __pfx_____sys_sendmsg+0x10/0x10
[  163.735464][ T7690]  ? import_iovec+0x74/0xa0
[  163.735492][ T7690]  ___sys_sendmsg+0x21f/0x2a0
[  163.735518][ T7690]  ? __pfx____sys_sendmsg+0x10/0x10
[  163.735570][ T7690]  ? __fget_files+0x2a/0x420
[  163.735591][ T7690]  ? __fget_files+0x3a0/0x420
[  163.735621][ T7690]  __x64_sys_sendmsg+0x19b/0x260
[  163.735648][ T7690]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  163.735681][ T7690]  ? __pfx_ksys_write+0x10/0x10
[  163.735711][ T7690]  ? rcu_is_watching+0x15/0xb0
[  163.735733][ T7690]  ? do_syscall_64+0xbe/0x3b0
[  163.735758][ T7690]  do_syscall_64+0xfa/0x3b0
[  163.735777][ T7690]  ? lockdep_hardirqs_on+0x9c/0x150
[  163.735796][ T7690]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.735813][ T7690]  ? clear_bhb_loop+0x60/0xb0
[  163.735835][ T7690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.735851][ T7690] RIP: 0033:0x7f6ecdb8e929
[  163.735868][ T7690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.735883][ T7690] RSP: 002b:00007f6ecea17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  163.735903][ T7690] RAX: ffffffffffffffda RBX: 00007f6ecddb5fa0 RCX: 00007f6ecdb8e929
[  163.735916][ T7690] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  163.735927][ T7690] RBP: 00007f6ecea17090 R08: 0000000000000000 R09: 0000000000000000
[  163.735936][ T7690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.735946][ T7690] R13: 0000000000000000 R14: 00007f6ecddb5fa0 R15: 00007ffcc1f21768
[  163.735973][ T7690]  </TASK>
[  164.094907][ T5940] usb 3-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  164.131465][ T5940] usb 3-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0
[  164.171275][ T5940] usb 3-1: config 0 interface 0 has no altsetting 0
[  164.174348][ T7692] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  164.218815][ T5940] usb 3-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00
[  164.265064][ T7695] xt_NFQUEUE: number of total queues is 0
[  164.272885][ T5940] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.304070][ T5940] usb 3-1: config 0 descriptor??
[  164.600190][ T7703] netlink: 'syz.4.587': attribute type 10 has an invalid length.
[  164.696013][ T5843] Bluetooth: Wrong link type (-71)
[  165.056934][ T7718] netlink: 'syz.3.591': attribute type 10 has an invalid length.
[  165.138396][ T7720] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  165.235806][ T5940] usbhid 3-1:0.0: can't add hid device: -71
[  165.244707][ T5940] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  165.292470][ T5940] usb 3-1: USB disconnect, device number 38
[  165.472416][ T7727] binder: BINDER_SET_CONTEXT_MGR already set
[  165.491991][ T7727] binder: 7725:7727 ioctl 4018620d 200000000080 returned -16
[  165.525585][ T7727] binder: 7725:7727 ioctl c0306201 2000000003c0 returned -14
[  165.585991][ T5843] Bluetooth: hci0: command tx timeout
[  165.627865][ T7733] FAULT_INJECTION: forcing a failure.
[  165.627865][ T7733] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.645056][ T7733] CPU: 0 UID: 0 PID: 7733 Comm: syz.4.597 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  165.645081][ T7733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  165.645092][ T7733] Call Trace:
[  165.645098][ T7733]  <TASK>
[  165.645106][ T7733]  dump_stack_lvl+0x189/0x250
[  165.645129][ T7733]  ? __pfx____ratelimit+0x10/0x10
[  165.645149][ T7733]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.645168][ T7733]  ? __pfx__printk+0x10/0x10
[  165.645199][ T7733]  should_fail_ex+0x414/0x560
[  165.645229][ T7733]  _copy_to_user+0x31/0xb0
[  165.645247][ T7733]  simple_read_from_buffer+0xe1/0x170
[  165.645274][ T7733]  proc_fail_nth_read+0x1df/0x250
[  165.645300][ T7733]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  165.645325][ T7733]  ? rw_verify_area+0x258/0x650
[  165.645342][ T7733]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  165.645365][ T7733]  vfs_read+0x1fd/0x980
[  165.645388][ T7733]  ? __pfx___mutex_lock+0x10/0x10
[  165.645409][ T7733]  ? __pfx_vfs_read+0x10/0x10
[  165.645429][ T7733]  ? __fget_files+0x2a/0x420
[  165.645455][ T7733]  ? __fget_files+0x3a0/0x420
[  165.645474][ T7733]  ? __fget_files+0x2a/0x420
[  165.645503][ T7733]  ksys_read+0x145/0x250
[  165.645524][ T7733]  ? __pfx_ksys_read+0x10/0x10
[  165.645548][ T7733]  ? do_syscall_64+0xbe/0x3b0
[  165.645572][ T7733]  do_syscall_64+0xfa/0x3b0
[  165.645590][ T7733]  ? lockdep_hardirqs_on+0x9c/0x150
[  165.645610][ T7733]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.645627][ T7733]  ? clear_bhb_loop+0x60/0xb0
[  165.645647][ T7733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.645663][ T7733] RIP: 0033:0x7f6ecdb8d33c
[  165.645679][ T7733] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  165.645693][ T7733] RSP: 002b:00007f6ecea17030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  165.645712][ T7733] RAX: ffffffffffffffda RBX: 00007f6ecddb5fa0 RCX: 00007f6ecdb8d33c
[  165.645725][ T7733] RDX: 000000000000000f RSI: 00007f6ecea170a0 RDI: 0000000000000003
[  165.645747][ T7733] RBP: 00007f6ecea17090 R08: 0000000000000000 R09: 0000000000000000
[  165.645757][ T7733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.645767][ T7733] R13: 0000000000000001 R14: 00007f6ecddb5fa0 R15: 00007ffcc1f21768
[  165.645795][ T7733]  </TASK>
[  165.894098][ T7735] netlink: 'syz.0.598': attribute type 29 has an invalid length.
[  165.903591][ T7735] netlink: 'syz.0.598': attribute type 29 has an invalid length.
[  165.947833][ T7735] netlink: 'syz.0.598': attribute type 29 has an invalid length.
[  165.968260][ T7735] netlink: 'syz.0.598': attribute type 29 has an invalid length.
[  166.102672][ T5843] Bluetooth: Wrong link type (-71)
[  166.187525][ T7744] XFS (rnullb0): Invalid superblock magic number
[  166.415985][ T7761] FAULT_INJECTION: forcing a failure.
[  166.415985][ T7761] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.442241][ T7759] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  166.463596][ T7761] CPU: 1 UID: 0 PID: 7761 Comm: syz.4.606 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  166.463622][ T7761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  166.463632][ T7761] Call Trace:
[  166.463639][ T7761]  <TASK>
[  166.463647][ T7761]  dump_stack_lvl+0x189/0x250
[  166.463676][ T7761]  ? __pfx____ratelimit+0x10/0x10
[  166.463696][ T7761]  ? __pfx_dump_stack_lvl+0x10/0x10
[  166.463714][ T7761]  ? __pfx__printk+0x10/0x10
[  166.463745][ T7761]  should_fail_ex+0x414/0x560
[  166.463775][ T7761]  _copy_to_user+0x31/0xb0
[  166.463793][ T7761]  simple_read_from_buffer+0xe1/0x170
[  166.463821][ T7761]  proc_fail_nth_read+0x1df/0x250
[  166.463848][ T7761]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  166.463874][ T7761]  ? rw_verify_area+0x258/0x650
[  166.463894][ T7761]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  166.463919][ T7761]  vfs_read+0x1fd/0x980
[  166.463944][ T7761]  ? __pfx___mutex_lock+0x10/0x10
[  166.463970][ T7761]  ? __pfx_vfs_read+0x10/0x10
[  166.463992][ T7761]  ? __fget_files+0x2a/0x420
[  166.464019][ T7761]  ? __fget_files+0x3a0/0x420
[  166.464043][ T7761]  ? __fget_files+0x2a/0x420
[  166.464071][ T7761]  ksys_read+0x145/0x250
[  166.464093][ T7761]  ? __pfx_ksys_read+0x10/0x10
[  166.464108][ T7761]  ? rcu_is_watching+0x15/0xb0
[  166.464130][ T7761]  ? do_syscall_64+0xbe/0x3b0
[  166.464149][ T7761]  do_syscall_64+0xfa/0x3b0
[  166.464166][ T7761]  ? lockdep_hardirqs_on+0x9c/0x150
[  166.464182][ T7761]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.464199][ T7761]  ? clear_bhb_loop+0x60/0xb0
[  166.464219][ T7761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.464234][ T7761] RIP: 0033:0x7f6ecdb8d33c
[  166.464248][ T7761] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  166.464261][ T7761] RSP: 002b:00007f6ecea17030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  166.464279][ T7761] RAX: ffffffffffffffda RBX: 00007f6ecddb5fa0 RCX: 00007f6ecdb8d33c
[  166.464291][ T7761] RDX: 000000000000000f RSI: 00007f6ecea170a0 RDI: 0000000000000004
[  166.464301][ T7761] RBP: 00007f6ecea17090 R08: 0000000000000000 R09: 0000000000000000
[  166.464312][ T7761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.464321][ T7761] R13: 0000000000000000 R14: 00007f6ecddb5fa0 R15: 00007ffcc1f21768
[  166.464348][ T7761]  </TASK>
[  166.479466][ T7764] netlink: 88 bytes leftover after parsing attributes in process `syz.3.607'.
[  166.560884][ T7766] netlink: 2384 bytes leftover after parsing attributes in process `syz.3.607'.
[  166.761680][ T7764] netlink: 40 bytes leftover after parsing attributes in process `syz.3.607'.
[  166.858382][ T7766] exFAT-fs (rnullb0): invalid boot record signature
[  166.866346][ T7766] exFAT-fs (rnullb0): failed to read boot sector
[  166.872798][ T7766] exFAT-fs (rnullb0): failed to recognize exfat type
[  166.875048][    T9] usb 5-1: new low-speed USB device number 2 using dummy_hcd
[  167.037882][    T9] usb 5-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  167.054700][    T9] usb 5-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.072996][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  167.082327][    T9] usb 5-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00
[  167.091771][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.105697][    T9] usb 5-1: config 0 descriptor??
[  167.331272][ T5843] Bluetooth: Wrong link type (-71)
[  167.603158][ T7793] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  167.886760][ T7808] FAULT_INJECTION: forcing a failure.
[  167.886760][ T7808] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.944827][ T7808] CPU: 0 UID: 0 PID: 7808 Comm: syz.3.622 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  167.944851][ T7808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  167.944861][ T7808] Call Trace:
[  167.944868][ T7808]  <TASK>
[  167.944876][ T7808]  dump_stack_lvl+0x189/0x250
[  167.944899][ T7808]  ? __pfx____ratelimit+0x10/0x10
[  167.944923][ T7808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.944941][ T7808]  ? __pfx__printk+0x10/0x10
[  167.944959][ T7808]  ? __might_fault+0xb0/0x130
[  167.944986][ T7808]  should_fail_ex+0x414/0x560
[  167.945015][ T7808]  _copy_from_user+0x2d/0xb0
[  167.945040][ T7808]  memdup_user+0x5e/0xd0
[  167.945064][ T7808]  strndup_user+0x68/0xd0
[  167.945087][ T7808]  __se_sys_mount+0x9c/0x410
[  167.945110][ T7808]  ? ksys_write+0x22a/0x250
[  167.945131][ T7808]  ? __pfx___se_sys_mount+0x10/0x10
[  167.945158][ T7808]  ? do_syscall_64+0xbe/0x3b0
[  167.945177][ T7808]  ? __x64_sys_mount+0x20/0xc0
[  167.945201][ T7808]  do_syscall_64+0xfa/0x3b0
[  167.945220][ T7808]  ? lockdep_hardirqs_on+0x9c/0x150
[  167.945240][ T7808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.945256][ T7808]  ? clear_bhb_loop+0x60/0xb0
[  167.945275][ T7808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.945292][ T7808] RIP: 0033:0x7f8deed8e929
[  167.945306][ T7808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.945321][ T7808] RSP: 002b:00007f8defb74038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  167.945340][ T7808] RAX: ffffffffffffffda RBX: 00007f8deefb5fa0 RCX: 00007f8deed8e929
[  167.945352][ T7808] RDX: 00002000000000c0 RSI: 0000200000000080 RDI: 0000200000000040
[  167.945365][ T7808] RBP: 00007f8defb74090 R08: 0000000000000000 R09: 0000000000000000
[  167.945377][ T7808] R10: 0000000000004418 R11: 0000000000000246 R12: 0000000000000001
[  167.945387][ T7808] R13: 0000000000000001 R14: 00007f8deefb5fa0 R15: 00007ffc77f80438
[  167.945410][ T7808]  </TASK>
[  167.966621][ T7810] hpfs: Bad magic ... probably not HPFS
[  168.311322][    T9] usbhid 5-1:0.0: can't add hid device: -71
[  168.325066][    T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  168.332172][ T5843] Bluetooth: Wrong link type (-71)
[  168.390681][    T9] usb 5-1: USB disconnect, device number 2
[  168.559340][ T7829] binder: BINDER_SET_CONTEXT_MGR already set
[  168.567003][ T7829] binder: 7828:7829 ioctl 4018620d 2000000000c0 returned -16
[  168.586414][ T7829] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  169.219324][ T7855] FAULT_INJECTION: forcing a failure.
[  169.219324][ T7855] name failslab, interval 1, probability 0, space 0, times 0
[  169.245147][ T7857] binder: BINDER_SET_CONTEXT_MGR already set
[  169.251239][ T7857] binder: 7856:7857 ioctl 4018620d 2000000000c0 returned -16
[  169.265142][ T7855] CPU: 1 UID: 0 PID: 7855 Comm: syz.4.638 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  169.265164][ T7855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  169.265174][ T7855] Call Trace:
[  169.265181][ T7855]  <TASK>
[  169.265188][ T7855]  dump_stack_lvl+0x189/0x250
[  169.265211][ T7855]  ? __pfx____ratelimit+0x10/0x10
[  169.265240][ T7855]  ? __pfx_dump_stack_lvl+0x10/0x10
[  169.265257][ T7855]  ? __pfx__printk+0x10/0x10
[  169.265280][ T7855]  ? __pfx___might_resched+0x10/0x10
[  169.265301][ T7855]  should_fail_ex+0x414/0x560
[  169.265330][ T7855]  should_failslab+0xa8/0x100
[  169.265351][ T7855]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  169.265371][ T7855]  ? __alloc_skb+0x112/0x2d0
[  169.265391][ T7855]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  169.265410][ T7855]  __alloc_skb+0x112/0x2d0
[  169.265435][ T7855]  pfkey_sendmsg+0x1dd/0x1090
[  169.265462][ T7855]  ? __pfx___might_resched+0x10/0x10
[  169.265477][ T7855]  ? __lock_acquire+0xab9/0xd20
[  169.265504][ T7855]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  169.265529][ T7855]  ? aa_sk_perm+0x81e/0x950
[  169.265546][ T7855]  ? __pfx_aa_sk_perm+0x10/0x10
[  169.265560][ T7855]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  169.265585][ T7855]  ? aa_sock_msg_perm+0xf1/0x1d0
[  169.265605][ T7855]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  169.265626][ T7855]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  169.265646][ T7855]  __sock_sendmsg+0x21c/0x270
[  169.265668][ T7855]  ____sys_sendmsg+0x505/0x830
[  169.265696][ T7855]  ? __pfx_____sys_sendmsg+0x10/0x10
[  169.265726][ T7855]  ? import_iovec+0x74/0xa0
[  169.265752][ T7855]  ___sys_sendmsg+0x21f/0x2a0
[  169.265778][ T7855]  ? __pfx____sys_sendmsg+0x10/0x10
[  169.265832][ T7855]  ? __fget_files+0x2a/0x420
[  169.265851][ T7855]  ? __fget_files+0x3a0/0x420
[  169.265881][ T7855]  __x64_sys_sendmsg+0x19b/0x260
[  169.265905][ T7855]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  169.265936][ T7855]  ? __pfx_ksys_write+0x10/0x10
[  169.265953][ T7855]  ? rcu_is_watching+0x15/0xb0
[  169.265976][ T7855]  ? do_syscall_64+0xbe/0x3b0
[  169.266000][ T7855]  do_syscall_64+0xfa/0x3b0
[  169.266019][ T7855]  ? lockdep_hardirqs_on+0x9c/0x150
[  169.266037][ T7855]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.266052][ T7855]  ? clear_bhb_loop+0x60/0xb0
[  169.266073][ T7855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.266087][ T7855] RIP: 0033:0x7f6ecdb8e929
[  169.266102][ T7855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.266116][ T7855] RSP: 002b:00007f6ecea17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  169.266134][ T7855] RAX: ffffffffffffffda RBX: 00007f6ecddb5fa0 RCX: 00007f6ecdb8e929
[  169.266147][ T7855] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000003
[  169.266158][ T7855] RBP: 00007f6ecea17090 R08: 0000000000000000 R09: 0000000000000000
[  169.266168][ T7855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.266178][ T7855] R13: 0000000000000000 R14: 00007f6ecddb5fa0 R15: 00007ffcc1f21768
[  169.266204][ T7855]  </TASK>
[  169.272574][ T7857] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  170.078815][ T7881] FAULT_INJECTION: forcing a failure.
[  170.078815][ T7881] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.104740][ T7881] CPU: 1 UID: 0 PID: 7881 Comm: syz.4.645 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  170.104767][ T7881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  170.104778][ T7881] Call Trace:
[  170.104786][ T7881]  <TASK>
[  170.104794][ T7881]  dump_stack_lvl+0x189/0x250
[  170.104820][ T7881]  ? __pfx____ratelimit+0x10/0x10
[  170.104842][ T7881]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.104860][ T7881]  ? __pfx__printk+0x10/0x10
[  170.104892][ T7881]  should_fail_ex+0x414/0x560
[  170.104922][ T7881]  strncpy_from_user+0x36/0x290
[  170.104950][ T7881]  getname_flags+0xf3/0x540
[  170.104978][ T7881]  do_sys_openat2+0xbc/0x1c0
[  170.104997][ T7881]  ? __pfx_do_sys_openat2+0x10/0x10
[  170.105015][ T7881]  ? ksys_write+0x22a/0x250
[  170.105036][ T7881]  ? __pfx_ksys_write+0x10/0x10
[  170.105057][ T7881]  __x64_sys_openat+0x138/0x170
[  170.105077][ T7881]  do_syscall_64+0xfa/0x3b0
[  170.105094][ T7881]  ? lockdep_hardirqs_on+0x9c/0x150
[  170.105111][ T7881]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.105127][ T7881]  ? clear_bhb_loop+0x60/0xb0
[  170.105146][ T7881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.105162][ T7881] RIP: 0033:0x7f6ecdb8d290
[  170.105178][ T7881] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  170.105192][ T7881] RSP: 002b:00007f6ecea16f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  170.105210][ T7881] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f6ecdb8d290
[  170.105220][ T7881] RDX: 0000000000000002 RSI: 00007f6ecea16fa0 RDI: 00000000ffffff9c
[  170.105230][ T7881] RBP: 00007f6ecea16fa0 R08: 0000000000000000 R09: 0000000000000000
[  170.105241][ T7881] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  170.105251][ T7881] R13: 0000000000000001 R14: 00007f6ecddb5fa0 R15: 00007ffcc1f21768
[  170.105277][ T7881]  </TASK>
[  170.301000][    C1] vkms_vblank_simulate: vblank timer overrun
[  170.434667][ T3082] usb 4-1: new low-speed USB device number 14 using dummy_hcd
[  170.563727][ T7895] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  170.586440][ T3082] usb 4-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  170.605737][ T3082] usb 4-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0
[  170.641784][ T3082] usb 4-1: config 0 interface 0 has no altsetting 0
[  170.667250][ T3082] usb 4-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00
[  170.689712][ T3082] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.710994][ T3082] usb 4-1: config 0 descriptor??
[  170.902872][ T7906] FAULT_INJECTION: forcing a failure.
[  170.902872][ T7906] name failslab, interval 1, probability 0, space 0, times 0
[  170.919471][ T7906] CPU: 1 UID: 0 PID: 7906 Comm: syz.2.653 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  170.919498][ T7906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  170.919509][ T7906] Call Trace:
[  170.919516][ T7906]  <TASK>
[  170.919525][ T7906]  dump_stack_lvl+0x189/0x250
[  170.919550][ T7906]  ? __pfx____ratelimit+0x10/0x10
[  170.919572][ T7906]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.919591][ T7906]  ? __pfx__printk+0x10/0x10
[  170.919617][ T7906]  ? __pfx___might_resched+0x10/0x10
[  170.919641][ T7906]  should_fail_ex+0x414/0x560
[  170.919670][ T7906]  should_failslab+0xa8/0x100
[  170.919692][ T7906]  kmem_cache_alloc_noprof+0x73/0x3c0
[  170.919711][ T7906]  ? mas_alloc_nodes+0x2e9/0x8e0
[  170.919735][ T7906]  mas_alloc_nodes+0x2e9/0x8e0
[  170.919764][ T7906]  mas_preallocate+0x3ad/0x6f0
[  170.919789][ T7906]  ? __pfx_mas_preallocate+0x10/0x10
[  170.919820][ T7906]  ? __mas_set_range+0x12f/0x3c0
[  170.919843][ T7906]  __split_vma+0x2fa/0xa00
[  170.919864][ T7906]  ? ima_match_policy+0x10b/0x2150
[  170.919889][ T7906]  ? __pfx___split_vma+0x10/0x10
[  170.919920][ T7906]  ? up_write+0x1c4/0x420
[  170.919943][ T7906]  vms_gather_munmap_vmas+0x2de/0x12b0
[  170.919983][ T7906]  ? mtree_range_walk+0x6a7/0x840
[  170.920005][ T7906]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  170.920040][ T7906]  ? mas_find+0xa7d/0xd30
[  170.920063][ T7906]  mmap_region+0x724/0x20c0
[  170.920078][ T7906]  ? __lock_acquire+0xab9/0xd20
[  170.920114][ T7906]  ? __lock_acquire+0xab9/0xd20
[  170.920140][ T7906]  ? __pfx_mmap_region+0x10/0x10
[  170.920223][ T7906]  ? __pfx_aa_get_newest_label+0x10/0x10
[  170.920250][ T7906]  ? rcu_is_watching+0x15/0xb0
[  170.920270][ T7906]  ? apparmor_capable+0x137/0x1b0
[  170.920294][ T7906]  ? bpf_lsm_capable+0x9/0x20
[  170.920318][ T7906]  ? security_capable+0x7e/0x2e0
[  170.920335][ T7906]  ? shmem_mapping+0xd/0x50
[  170.920356][ T7906]  ? memfd_check_seals_mmap+0xc5/0x200
[  170.920377][ T7906]  do_mmap+0xc45/0x10d0
[  170.920408][ T7906]  ? __pfx_do_mmap+0x10/0x10
[  170.920422][ T7906]  ? down_write_killable+0x178/0x230
[  170.920446][ T7906]  ? end_current_label_crit_section+0x152/0x180
[  170.920466][ T7906]  ? __pfx_down_write_killable+0x10/0x10
[  170.920498][ T7906]  vm_mmap_pgoff+0x31b/0x4c0
[  170.920531][ T7906]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  170.920558][ T7906]  ? __fget_files+0x2a/0x420
[  170.920585][ T7906]  ? __fget_files+0x3a0/0x420
[  170.920606][ T7906]  ? __fget_files+0x2a/0x420
[  170.920630][ T7906]  ksys_mmap_pgoff+0x51f/0x760
[  170.920653][ T7906]  do_syscall_64+0xfa/0x3b0
[  170.920671][ T7906]  ? lockdep_hardirqs_on+0x9c/0x150
[  170.920688][ T7906]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.920705][ T7906]  ? clear_bhb_loop+0x60/0xb0
[  170.920722][ T7906]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.920738][ T7906] RIP: 0033:0x7fb34ff8e929
[  170.920752][ T7906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.920761][ T7906] RSP: 002b:00007fb350e14038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  170.920772][ T7906] RAX: ffffffffffffffda RBX: 00007fb3501b5fa0 RCX: 00007fb34ff8e929
[  170.920779][ T7906] RDX: 5a051feb1f984a1d RSI: 0000000000011000 RDI: 000020000078a000
[  170.920786][ T7906] RBP: 00007fb350e14090 R08: 0000000000000003 R09: 000000007dfff000
[  170.920792][ T7906] R10: 0000000000202812 R11: 0000000000000246 R12: 0000000000000001
[  170.920798][ T7906] R13: 0000000000000000 R14: 00007fb3501b5fa0 R15: 00007ffe56223d38
[  170.920813][ T7906]  </TASK>
[  171.264429][    C1] vkms_vblank_simulate: vblank timer overrun
[  171.403198][ T7910] hfs: can't find a HFS filesystem on dev rnullb0
[  171.415084][ T5965] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  171.580242][ T7917] FAULT_INJECTION: forcing a failure.
[  171.580242][ T7917] name failslab, interval 1, probability 0, space 0, times 0
[  171.593283][ T7917] CPU: 1 UID: 0 PID: 7917 Comm: syz.2.657 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  171.593318][ T7917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  171.593328][ T7917] Call Trace:
[  171.593335][ T7917]  <TASK>
[  171.593342][ T7917]  dump_stack_lvl+0x189/0x250
[  171.593367][ T7917]  ? __pfx____ratelimit+0x10/0x10
[  171.593388][ T7917]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.593406][ T7917]  ? __pfx__printk+0x10/0x10
[  171.593430][ T7917]  ? __pfx___might_resched+0x10/0x10
[  171.593445][ T7917]  ? fs_reclaim_acquire+0x7d/0x100
[  171.593470][ T7917]  should_fail_ex+0x414/0x560
[  171.593498][ T7917]  should_failslab+0xa8/0x100
[  171.593520][ T7917]  kmem_cache_alloc_noprof+0x73/0x3c0
[  171.593539][ T7917]  ? security_inode_alloc+0x39/0x330
[  171.593563][ T7917]  security_inode_alloc+0x39/0x330
[  171.593584][ T7917]  inode_init_always_gfp+0x9ed/0xdc0
[  171.593612][ T7917]  ? __pfx_sock_alloc_inode+0x10/0x10
[  171.593631][ T7917]  alloc_inode+0x82/0x1b0
[  171.593654][ T7917]  __sock_create+0x12d/0x9f0
[  171.593683][ T7917]  __sys_socket+0xd7/0x1b0
[  171.593707][ T7917]  __x64_sys_socket+0x7a/0x90
[  171.593728][ T7917]  do_syscall_64+0xfa/0x3b0
[  171.593748][ T7917]  ? lockdep_hardirqs_on+0x9c/0x150
[  171.593767][ T7917]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.593784][ T7917]  ? clear_bhb_loop+0x60/0xb0
[  171.593804][ T7917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.593821][ T7917] RIP: 0033:0x7fb34ff8e929
[  171.593837][ T7917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.593851][ T7917] RSP: 002b:00007fb350e14038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  171.593871][ T7917] RAX: ffffffffffffffda RBX: 00007fb3501b5fa0 RCX: 00007fb34ff8e929
[  171.593884][ T7917] RDX: 0000000000000007 RSI: 0000000000000002 RDI: 000000000000001d
[  171.593895][ T7917] RBP: 00007fb350e14090 R08: 0000000000000000 R09: 0000000000000000
[  171.593906][ T7917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.593917][ T7917] R13: 0000000000000001 R14: 00007fb3501b5fa0 R15: 00007ffe56223d38
[  171.593944][ T7917]  </TASK>
[  171.594277][ T7917] socket: no more sockets
[  171.821569][ T5965] usb 5-1: too many configurations: 13, using maximum allowed: 8
[  171.831008][ T5965] usb 5-1: config 0 has no interfaces?
[  171.839831][ T5965] usb 5-1: config 0 has no interfaces?
[  171.847592][ T5965] usb 5-1: config 0 has no interfaces?
[  171.854449][ T5965] usb 5-1: config 0 has no interfaces?
[  171.861746][ T5965] usb 5-1: config 0 has no interfaces?
[  171.869589][ T5965] usb 5-1: config 0 has no interfaces?
[  171.877144][ T5965] usb 5-1: config 0 has no interfaces?
[  171.885197][ T5965] usb 5-1: config 0 has no interfaces?
[  171.894330][ T5965] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  171.904005][ T5965] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.912649][ T5965] usb 5-1: Product: syz
[  171.917373][ T5965] usb 5-1: Manufacturer: syz
[  171.922020][ T5965] usb 5-1: SerialNumber: syz
[  171.930768][ T5965] usb 5-1: config 0 descriptor??
[  171.973064][ T3082] usbhid 4-1:0.0: can't add hid device: -71
[  171.980818][ T7921] vxfs: WRONG superblock magic 00000000 at 1
[  171.989214][ T3082] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  171.996522][ T7921] vxfs: WRONG superblock magic 00000000 at 8
[  172.014723][ T7921] vxfs: can't find superblock.
[  172.023653][ T3082] usb 4-1: USB disconnect, device number 14
[  172.062992][ T7924] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  172.153476][ T5965] usb 5-1: USB disconnect, device number 3
[  172.534055][ T7941] FAULT_INJECTION: forcing a failure.
[  172.534055][ T7941] name failslab, interval 1, probability 0, space 0, times 0
[  172.570111][ T7941] CPU: 0 UID: 0 PID: 7941 Comm: syz.2.666 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  172.570137][ T7941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  172.570148][ T7941] Call Trace:
[  172.570155][ T7941]  <TASK>
[  172.570164][ T7941]  dump_stack_lvl+0x189/0x250
[  172.570188][ T7941]  ? __pfx____ratelimit+0x10/0x10
[  172.570208][ T7941]  ? __pfx_dump_stack_lvl+0x10/0x10
[  172.570227][ T7941]  ? __pfx__printk+0x10/0x10
[  172.570251][ T7941]  ? __pfx___might_resched+0x10/0x10
[  172.570272][ T7941]  should_fail_ex+0x414/0x560
[  172.570300][ T7941]  should_failslab+0xa8/0x100
[  172.570323][ T7941]  kmem_cache_alloc_noprof+0x73/0x3c0
[  172.570341][ T7941]  ? mas_alloc_nodes+0x2e9/0x8e0
[  172.570365][ T7941]  mas_alloc_nodes+0x2e9/0x8e0
[  172.570391][ T7941]  mas_preallocate+0x3ad/0x6f0
[  172.570413][ T7941]  ? __pfx_mas_preallocate+0x10/0x10
[  172.570441][ T7941]  ? __mas_set_range+0x12f/0x3c0
[  172.570462][ T7941]  __split_vma+0x2fa/0xa00
[  172.570489][ T7941]  ? __pfx___split_vma+0x10/0x10
[  172.570503][ T7941]  ? process_measurement+0x1640/0x1a40
[  172.570544][ T7941]  vms_gather_munmap_vmas+0x2de/0x12b0
[  172.570579][ T7941]  ? __lock_acquire+0xab9/0xd20
[  172.570603][ T7941]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  172.570622][ T7941]  ? __lock_acquire+0xab9/0xd20
[  172.570661][ T7941]  do_vmi_align_munmap+0x25d/0x420
[  172.570697][ T7941]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  172.570750][ T7941]  do_vmi_munmap+0x253/0x2e0
[  172.570780][ T7941]  do_munmap+0xe1/0x140
[  172.570797][ T7941]  ? __lock_acquire+0xab9/0xd20
[  172.570821][ T7941]  ? __pfx_do_munmap+0x10/0x10
[  172.570860][ T7941]  mremap_to+0x56a/0x8b0
[  172.570891][ T7941]  ? __pfx_mremap_to+0x10/0x10
[  172.570919][ T7941]  ? __pfx_down_write_killable+0x10/0x10
[  172.570954][ T7941]  __se_sys_mremap+0x8ac/0xc00
[  172.571005][ T7941]  ? __pfx___se_sys_mremap+0x10/0x10
[  172.571024][ T7941]  ? ksys_write+0x22a/0x250
[  172.571046][ T7941]  ? __pfx_ksys_write+0x10/0x10
[  172.571062][ T7941]  ? rcu_is_watching+0x15/0xb0
[  172.571083][ T7941]  ? do_syscall_64+0xbe/0x3b0
[  172.571111][ T7941]  ? __x64_sys_mremap+0x20/0xc0
[  172.571136][ T7941]  do_syscall_64+0xfa/0x3b0
[  172.571154][ T7941]  ? lockdep_hardirqs_on+0x9c/0x150
[  172.571174][ T7941]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.571189][ T7941]  ? clear_bhb_loop+0x60/0xb0
[  172.571210][ T7941]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.571226][ T7941] RIP: 0033:0x7fb34ff8e929
[  172.571240][ T7941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  172.571254][ T7941] RSP: 002b:00007fb350e14038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  172.571272][ T7941] RAX: ffffffffffffffda RBX: 00007fb3501b5fa0 RCX: 00007fb34ff8e929
[  172.571284][ T7941] RDX: 0000000000002000 RSI: 0000000000004000 RDI: 00002000006a2000
[  172.571295][ T7941] RBP: 00007fb350e14090 R08: 00002000004a6000 R09: 0000000000000000
[  172.571307][ T7941] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  172.571317][ T7941] R13: 0000000000000000 R14: 00007fb3501b5fa0 R15: 00007ffe56223d38
[  172.571344][ T7941]  </TASK>
[  172.885411][ T3082] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  172.940678][ T7945] XFS (rnullb0): Invalid superblock magic number
[  173.016401][ T7956] FAULT_INJECTION: forcing a failure.
[  173.016401][ T7956] name failslab, interval 1, probability 0, space 0, times 0
[  173.030076][ T7956] CPU: 0 UID: 0 PID: 7956 Comm: syz.2.670 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  173.030101][ T7956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  173.030111][ T7956] Call Trace:
[  173.030119][ T7956]  <TASK>
[  173.030126][ T7956]  dump_stack_lvl+0x189/0x250
[  173.030149][ T7956]  ? __pfx____ratelimit+0x10/0x10
[  173.030169][ T7956]  ? __pfx_dump_stack_lvl+0x10/0x10
[  173.030186][ T7956]  ? __pfx__printk+0x10/0x10
[  173.030210][ T7956]  ? __pfx___might_resched+0x10/0x10
[  173.030229][ T7956]  should_fail_ex+0x414/0x560
[  173.030257][ T7956]  should_failslab+0xa8/0x100
[  173.030276][ T7956]  kmem_cache_alloc_noprof+0x73/0x3c0
[  173.030293][ T7956]  ? mas_alloc_nodes+0x2e9/0x8e0
[  173.030318][ T7956]  mas_alloc_nodes+0x2e9/0x8e0
[  173.030346][ T7956]  mas_preallocate+0x3ad/0x6f0
[  173.030371][ T7956]  ? __pfx_mas_preallocate+0x10/0x10
[  173.030400][ T7956]  ? __mas_set_range+0x12f/0x3c0
[  173.030422][ T7956]  __split_vma+0x2fa/0xa00
[  173.030447][ T7956]  ? __pfx___split_vma+0x10/0x10
[  173.030472][ T7956]  ? mas_find+0xb0e/0xd30
[  173.030494][ T7956]  vms_gather_munmap_vmas+0x4ab/0x12b0
[  173.030536][ T7956]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  173.030582][ T7956]  ? mas_find+0xa7d/0xd30
[  173.030607][ T7956]  mmap_region+0x724/0x20c0
[  173.030622][ T7956]  ? __lock_acquire+0xab9/0xd20
[  173.030655][ T7956]  ? __lock_acquire+0xab9/0xd20
[  173.030680][ T7956]  ? __pfx_mmap_region+0x10/0x10
[  173.030756][ T7956]  ? aa_file_perm+0x13e/0x11b0
[  173.030776][ T7956]  ? __pfx_aa_get_newest_label+0x10/0x10
[  173.030792][ T7956]  ? aa_file_perm+0x13e/0x11b0
[  173.030816][ T7956]  ? rcu_is_watching+0x15/0xb0
[  173.030836][ T7956]  ? apparmor_capable+0x137/0x1b0
[  173.030859][ T7956]  ? bpf_lsm_capable+0x9/0x20
[  173.030876][ T7956]  ? security_capable+0x7e/0x2e0
[  173.030893][ T7956]  ? shmem_mapping+0xd/0x50
[  173.030914][ T7956]  ? memfd_check_seals_mmap+0xc5/0x200
[  173.030932][ T7956]  do_mmap+0xc45/0x10d0
[  173.030964][ T7956]  ? __pfx_do_mmap+0x10/0x10
[  173.030977][ T7956]  ? down_write_killable+0x178/0x230
[  173.030997][ T7956]  ? end_current_label_crit_section+0x152/0x180
[  173.031014][ T7956]  ? __pfx_down_write_killable+0x10/0x10
[  173.031039][ T7956]  vm_mmap_pgoff+0x31b/0x4c0
[  173.031070][ T7956]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  173.031096][ T7956]  ? __fget_files+0x2a/0x420
[  173.031120][ T7956]  ? __fget_files+0x3a0/0x420
[  173.031138][ T7956]  ? __fget_files+0x2a/0x420
[  173.031163][ T7956]  ksys_mmap_pgoff+0x51f/0x760
[  173.031183][ T7956]  do_syscall_64+0xfa/0x3b0
[  173.031201][ T7956]  ? lockdep_hardirqs_on+0x9c/0x150
[  173.031220][ T7956]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.031238][ T7956]  ? clear_bhb_loop+0x60/0xb0
[  173.031259][ T7956]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.031275][ T7956] RIP: 0033:0x7fb34ff8e929
[  173.031291][ T7956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.031304][ T7956] RSP: 002b:00007fb350e14038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  173.031322][ T7956] RAX: ffffffffffffffda RBX: 00007fb3501b5fa0 RCX: 00007fb34ff8e929
[  173.031334][ T7956] RDX: 0000000002000003 RSI: 0000000000b36000 RDI: 0000200000000000
[  173.031344][ T7956] RBP: 00007fb350e14090 R08: 0000000000000003 R09: 0000000000002000
[  173.031353][ T7956] R10: 0000000000022052 R11: 0000000000000246 R12: 0000000000000001
[  173.031362][ T7956] R13: 0000000000000000 R14: 00007fb3501b5fa0 R15: 00007ffe56223d38
[  173.031385][ T7956]  </TASK>
[  173.084935][ T7958] binder: BINDER_SET_CONTEXT_MGR already set
[  173.318224][ T7962] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  173.329640][    C1] vkms_vblank_simulate: vblank timer overrun
[  173.334111][ T3082] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  173.352666][ T7958] binder: 7957:7958 ioctl 4018620d 2000000000c0 returned -16
[  173.374692][ T3082] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  173.492528][ T3082] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 48, changing to 9
[  173.522168][ T3082] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 8240, setting to 1024
[  173.558494][ T3082] usb 5-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  173.570370][ T3082] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.600389][ T3082] usb 5-1: Product: syz
[  173.610534][ T3082] usb 5-1: Manufacturer: syz
[  173.618929][ T3082] usb 5-1: SerialNumber: syz
[  173.641222][ T3082] usb 5-1: config 0 descriptor??
[  173.651783][ T7970] EXT4-fs (rnullb0): VFS: Can't find ext4 filesystem
[  173.679735][   T30] audit: type=1804 audit(1751311576.561:7): pid=7968 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.674" name="/newroot/168/bus/file1" dev="overlay" ino=923 res=1 errno=0
[  173.953560][ T3082] adutux 5-1:0.0: ADU208  now attached to /dev/usb/adutux0
[  173.973301][ T3082] usb 5-1: USB disconnect, device number 4
[  174.059818][ T7980] FAULT_INJECTION: forcing a failure.
[  174.059818][ T7980] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  174.121903][ T7980] CPU: 0 UID: 0 PID: 7980 Comm: syz.0.678 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  174.121930][ T7980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  174.121941][ T7980] Call Trace:
[  174.121948][ T7980]  <TASK>
[  174.121955][ T7980]  dump_stack_lvl+0x189/0x250
[  174.121980][ T7980]  ? __pfx____ratelimit+0x10/0x10
[  174.122001][ T7980]  ? __pfx_dump_stack_lvl+0x10/0x10
[  174.122020][ T7980]  ? __pfx__printk+0x10/0x10
[  174.122052][ T7980]  should_fail_ex+0x414/0x560
[  174.122081][ T7980]  _copy_from_user+0x2d/0xb0
[  174.122106][ T7980]  __copy_msghdr+0x3c5/0x5b0
[  174.122134][ T7980]  ___sys_sendmsg+0x1a5/0x2a0
[  174.122160][ T7980]  ? __pfx____sys_sendmsg+0x10/0x10
[  174.122217][ T7980]  ? __fget_files+0x2a/0x420
[  174.122238][ T7980]  ? __fget_files+0x3a0/0x420
[  174.122269][ T7980]  __x64_sys_sendmsg+0x19b/0x260
[  174.122296][ T7980]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  174.122328][ T7980]  ? __pfx_ksys_write+0x10/0x10
[  174.122353][ T7980]  ? do_syscall_64+0xbe/0x3b0
[  174.122377][ T7980]  do_syscall_64+0xfa/0x3b0
[  174.122396][ T7980]  ? lockdep_hardirqs_on+0x9c/0x150
[  174.122415][ T7980]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.122432][ T7980]  ? clear_bhb_loop+0x60/0xb0
[  174.122452][ T7980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.122468][ T7980] RIP: 0033:0x7f512378e929
[  174.122484][ T7980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.122498][ T7980] RSP: 002b:00007f51245ad038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  174.122517][ T7980] RAX: ffffffffffffffda RBX: 00007f51239b5fa0 RCX: 00007f512378e929
[  174.122529][ T7980] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000004
[  174.122540][ T7980] RBP: 00007f51245ad090 R08: 0000000000000000 R09: 0000000000000000
[  174.122551][ T7980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.122562][ T7980] R13: 0000000000000000 R14: 00007f51239b5fa0 R15: 00007ffc462ccd18
[  174.122589][ T7980]  </TASK>
[  174.456716][ T7988] binder: BINDER_SET_CONTEXT_MGR already set
[  174.462859][ T7988] binder: 7987:7988 ioctl 4018620d 2000000000c0 returned -16
[  174.475588][ T7988] binder: BINDER_SET_CONTEXT_MGR already set
[  174.481674][ T7988] binder: 7987:7988 ioctl 4018620d 200000000040 returned -16
[  174.543448][ T7990] binder: BINDER_SET_CONTEXT_MGR already set
[  174.552905][ T7990] binder: 7989:7990 ioctl 4018620d 2000000000c0 returned -16
[  174.568452][ T7990] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  174.594895][ T3082] usb 5-1: new low-speed USB device number 5 using dummy_hcd
[  174.632210][ T7993] process 'syz.3.684' launched './file2' with NULL argv: empty string added
[  174.700924][ T7996] FAULT_INJECTION: forcing a failure.
[  174.700924][ T7996] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  174.718012][ T7996] CPU: 0 UID: 0 PID: 7996 Comm: syz.3.685 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  174.718038][ T7996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  174.718047][ T7996] Call Trace:
[  174.718056][ T7996]  <TASK>
[  174.718064][ T7996]  dump_stack_lvl+0x189/0x250
[  174.718096][ T7996]  ? __pfx____ratelimit+0x10/0x10
[  174.718115][ T7996]  ? __pfx_dump_stack_lvl+0x10/0x10
[  174.718131][ T7996]  ? __pfx__printk+0x10/0x10
[  174.718159][ T7996]  should_fail_ex+0x414/0x560
[  174.718184][ T7996]  strncpy_from_user+0x36/0x290
[  174.718209][ T7996]  getname_flags+0xf3/0x540
[  174.718233][ T7996]  __x64_sys_execveat+0xad/0xe0
[  174.718253][ T7996]  do_syscall_64+0xfa/0x3b0
[  174.718270][ T7996]  ? lockdep_hardirqs_on+0x9c/0x150
[  174.718287][ T7996]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.718302][ T7996]  ? clear_bhb_loop+0x60/0xb0
[  174.718320][ T7996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.718335][ T7996] RIP: 0033:0x7f8deed8e929
[  174.718350][ T7996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.718362][ T7996] RSP: 002b:00007f8defb74038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  174.718380][ T7996] RAX: ffffffffffffffda RBX: 00007f8deefb5fa0 RCX: 00007f8deed8e929
[  174.718391][ T7996] RDX: 0000000000000000 RSI: 0000200000000280 RDI: ffffffffffffff9c
[  174.718401][ T7996] RBP: 00007f8defb74090 R08: 0000000000000000 R09: 0000000000000000
[  174.718411][ T7996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.718419][ T7996] R13: 0000000000000000 R14: 00007f8deefb5fa0 R15: 00007ffc77f80438
[  174.718445][ T7996]  </TASK>
[  174.837365][ T3082] usb 5-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  174.933018][ T3082] usb 5-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0
[  174.942923][ T3082] usb 5-1: config 0 interface 0 has no altsetting 0
[  174.950364][ T3082] usb 5-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00
[  174.959682][ T3082] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.982089][ T3082] usb 5-1: config 0 descriptor??
[  175.345318][ T8013] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  175.348236][ T8015] FAULT_INJECTION: forcing a failure.
[  175.348236][ T8015] name failslab, interval 1, probability 0, space 0, times 0
[  175.365099][ T8015] CPU: 1 UID: 0 PID: 8015 Comm: syz.2.693 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  175.365123][ T8015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  175.365135][ T8015] Call Trace:
[  175.365142][ T8015]  <TASK>
[  175.365149][ T8015]  dump_stack_lvl+0x189/0x250
[  175.365173][ T8015]  ? __pfx____ratelimit+0x10/0x10
[  175.365196][ T8015]  ? __pfx_dump_stack_lvl+0x10/0x10
[  175.365215][ T8015]  ? __pfx__printk+0x10/0x10
[  175.365236][ T8015]  ? __lock_acquire+0xab9/0xd20
[  175.365268][ T8015]  should_fail_ex+0x414/0x560
[  175.365296][ T8015]  should_failslab+0xa8/0x100
[  175.365327][ T8015]  kmem_cache_alloc_noprof+0x73/0x3c0
[  175.365345][ T8015]  ? sctp_get_port_local+0x6d3/0x1680
[  175.365373][ T8015]  sctp_get_port_local+0x6d3/0x1680
[  175.365409][ T8015]  ? __pfx_sctp_get_port_local+0x10/0x10
[  175.365435][ T8015]  ? sctp_bind_addr_match+0x28b/0x2b0
[  175.365459][ T8015]  sctp_do_bind+0x4ea/0x940
[  175.365501][ T8015]  sctp_connect_new_asoc+0x25c/0x690
[  175.365528][ T8015]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  175.365556][ T8015]  ? sctp_get_af_specific+0x29/0x80
[  175.365575][ T8015]  ? sctp_inet6_send_verify+0x80/0x300
[  175.365594][ T8015]  ? sctp_endpoint_lookup_assoc+0xd1/0x260
[  175.365620][ T8015]  __sctp_connect+0x5ba/0xd50
[  175.365654][ T8015]  ? __pfx___sctp_connect+0x10/0x10
[  175.365687][ T8015]  sctp_inet_connect+0x12e/0x1e0
[  175.365711][ T8015]  __sys_connect+0x316/0x440
[  175.365732][ T8015]  ? __fget_files+0x3a0/0x420
[  175.365754][ T8015]  ? __pfx___sys_connect+0x10/0x10
[  175.365797][ T8015]  ? __pfx_ksys_write+0x10/0x10
[  175.365815][ T8015]  ? rcu_is_watching+0x15/0xb0
[  175.365839][ T8015]  __x64_sys_connect+0x7a/0x90
[  175.365861][ T8015]  do_syscall_64+0xfa/0x3b0
[  175.365881][ T8015]  ? lockdep_hardirqs_on+0x9c/0x150
[  175.365900][ T8015]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.365917][ T8015]  ? clear_bhb_loop+0x60/0xb0
[  175.365937][ T8015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.365953][ T8015] RIP: 0033:0x7fb34ff8e929
[  175.365969][ T8015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.365984][ T8015] RSP: 002b:00007fb350e14038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  175.366003][ T8015] RAX: ffffffffffffffda RBX: 00007fb3501b5fa0 RCX: 00007fb34ff8e929
[  175.366014][ T8015] RDX: 0000000000000010 RSI: 0000200000000340 RDI: 0000000000000003
[  175.366026][ T8015] RBP: 00007fb350e14090 R08: 0000000000000000 R09: 0000000000000000
[  175.366037][ T8015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  175.366047][ T8015] R13: 0000000000000000 R14: 00007fb3501b5fa0 R15: 00007ffe56223d38
[  175.366077][ T8015]  </TASK>
[  175.639717][    C1] vkms_vblank_simulate: vblank timer overrun
[  175.964829][ T5940] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  176.072528][ T8036] FAULT_INJECTION: forcing a failure.
[  176.072528][ T8036] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  176.091326][ T8036] CPU: 1 UID: 0 PID: 8036 Comm: syz.2.699 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  176.091352][ T8036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  176.091363][ T8036] Call Trace:
[  176.091370][ T8036]  <TASK>
[  176.091381][ T8036]  dump_stack_lvl+0x189/0x250
[  176.091407][ T8036]  ? __pfx____ratelimit+0x10/0x10
[  176.091428][ T8036]  ? __pfx_dump_stack_lvl+0x10/0x10
[  176.091447][ T8036]  ? __pfx__printk+0x10/0x10
[  176.091479][ T8036]  should_fail_ex+0x414/0x560
[  176.091509][ T8036]  _copy_to_user+0x31/0xb0
[  176.091526][ T8036]  simple_read_from_buffer+0xe1/0x170
[  176.091553][ T8036]  proc_fail_nth_read+0x1df/0x250
[  176.091580][ T8036]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  176.091606][ T8036]  ? rw_verify_area+0x258/0x650
[  176.091625][ T8036]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  176.091650][ T8036]  vfs_read+0x1fd/0x980
[  176.091674][ T8036]  ? __pfx___mutex_lock+0x10/0x10
[  176.091696][ T8036]  ? __pfx_vfs_read+0x10/0x10
[  176.091717][ T8036]  ? __fget_files+0x2a/0x420
[  176.091743][ T8036]  ? __fget_files+0x3a0/0x420
[  176.091764][ T8036]  ? __fget_files+0x2a/0x420
[  176.091795][ T8036]  ksys_read+0x145/0x250
[  176.091817][ T8036]  ? __pfx_ksys_read+0x10/0x10
[  176.091842][ T8036]  ? do_syscall_64+0xbe/0x3b0
[  176.091867][ T8036]  do_syscall_64+0xfa/0x3b0
[  176.091886][ T8036]  ? lockdep_hardirqs_on+0x9c/0x150
[  176.091906][ T8036]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.091923][ T8036]  ? clear_bhb_loop+0x60/0xb0
[  176.091944][ T8036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.091969][ T8036] RIP: 0033:0x7fb34ff8d33c
[  176.091985][ T8036] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  176.092000][ T8036] RSP: 002b:00007fb350e14030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  176.092018][ T8036] RAX: ffffffffffffffda RBX: 00007fb3501b5fa0 RCX: 00007fb34ff8d33c
[  176.092031][ T8036] RDX: 000000000000000f RSI: 00007fb350e140a0 RDI: 0000000000000005
[  176.092042][ T8036] RBP: 00007fb350e14090 R08: 0000000000000000 R09: 0000000000000000
[  176.092053][ T8036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.092064][ T8036] R13: 0000000000000000 R14: 00007fb3501b5fa0 R15: 00007ffe56223d38
[  176.092093][ T8036]  </TASK>
[  176.319192][    C1] vkms_vblank_simulate: vblank timer overrun
[  176.349612][ T5940] usb 1-1: Using ep0 maxpacket: 16
[  176.366448][ T5940] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.408396][ T5940] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.420096][ T3082] usbhid 5-1:0.0: can't add hid device: -71
[  176.436895][ T3082] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  176.460139][ T3082] usb 5-1: USB disconnect, device number 5
[  176.482376][ T5940] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  176.551444][ T5940] usb 1-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[  176.576033][ T8044] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  176.595165][ T5940] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.622035][ T5940] usb 1-1: config 0 descriptor??
[  176.666210][ T8046] FAULT_INJECTION: forcing a failure.
[  176.666210][ T8046] name failslab, interval 1, probability 0, space 0, times 0
[  176.683575][ T8046] CPU: 1 UID: 0 PID: 8046 Comm: syz.3.702 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  176.683601][ T8046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  176.683612][ T8046] Call Trace:
[  176.683620][ T8046]  <TASK>
[  176.683629][ T8046]  dump_stack_lvl+0x189/0x250
[  176.683654][ T8046]  ? __pfx____ratelimit+0x10/0x10
[  176.683675][ T8046]  ? __pfx_dump_stack_lvl+0x10/0x10
[  176.683694][ T8046]  ? __pfx__printk+0x10/0x10
[  176.683719][ T8046]  ? __pfx___might_resched+0x10/0x10
[  176.683740][ T8046]  should_fail_ex+0x414/0x560
[  176.683770][ T8046]  should_failslab+0xa8/0x100
[  176.683792][ T8046]  kmem_cache_alloc_noprof+0x73/0x3c0
[  176.683811][ T8046]  ? mas_alloc_nodes+0x2e9/0x8e0
[  176.683836][ T8046]  mas_alloc_nodes+0x2e9/0x8e0
[  176.683865][ T8046]  mas_preallocate+0x3ad/0x6f0
[  176.683889][ T8046]  ? __pfx_mas_preallocate+0x10/0x10
[  176.683921][ T8046]  ? __mas_set_range+0x12f/0x3c0
[  176.683944][ T8046]  __split_vma+0x2fa/0xa00
[  176.683970][ T8046]  ? __pfx___split_vma+0x10/0x10
[  176.684003][ T8046]  ? can_vma_merge_left+0x195/0x6b0
[  176.684034][ T8046]  vma_modify+0x13b3/0x1970
[  176.684077][ T8046]  vma_modify_flags+0x1e8/0x230
[  176.684104][ T8046]  ? __pfx_vma_modify_flags+0x10/0x10
[  176.684145][ T8046]  ? mas_next_slot+0xc20/0xcf0
[  176.684166][ T8046]  mprotect_fixup+0x400/0x9b0
[  176.684207][ T8046]  ? __pfx_mprotect_fixup+0x10/0x10
[  176.684239][ T8046]  do_mprotect_pkey+0x8cd/0xce0
[  176.684261][ T8046]  ? ksys_write+0x1cb/0x250
[  176.684287][ T8046]  ? __pfx_do_mprotect_pkey+0x10/0x10
[  176.684333][ T8046]  ? __pfx_ksys_write+0x10/0x10
[  176.684350][ T8046]  ? rcu_is_watching+0x15/0xb0
[  176.684374][ T8046]  __x64_sys_mprotect+0x80/0x90
[  176.684396][ T8046]  do_syscall_64+0xfa/0x3b0
[  176.684416][ T8046]  ? lockdep_hardirqs_on+0x9c/0x150
[  176.684434][ T8046]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.684450][ T8046]  ? clear_bhb_loop+0x60/0xb0
[  176.684470][ T8046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.684487][ T8046] RIP: 0033:0x7f8deed8e929
[  176.684503][ T8046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.684518][ T8046] RSP: 002b:00007f8defb74038 EFLAGS: 00000246 ORIG_RAX: 000000000000000a
[  176.684537][ T8046] RAX: ffffffffffffffda RBX: 00007f8deefb5fa0 RCX: 00007f8deed8e929
[  176.684549][ T8046] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000000000
[  176.684560][ T8046] RBP: 00007f8defb74090 R08: 0000000000000000 R09: 0000000000000000
[  176.684573][ T8046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.684581][ T8046] R13: 0000000000000000 R14: 00007f8deefb5fa0 R15: 00007ffc77f80438
[  176.684622][ T8046]  </TASK>
[  177.188074][ T5940] usbhid 1-1:0.0: can't add hid device: -71
[  177.194516][ T5940] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  177.265240][ T5940] usb 1-1: USB disconnect, device number 30
[  177.474757][ T8059] mkiss: ax0: crc mode is auto.
[  177.500287][ T8063] FAULT_INJECTION: forcing a failure.
[  177.500287][ T8063] name failslab, interval 1, probability 0, space 0, times 0
[  177.514072][ T8063] CPU: 0 UID: 0 PID: 8063 Comm: syz.2.711 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  177.514095][ T8063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  177.514107][ T8063] Call Trace:
[  177.514114][ T8063]  <TASK>
[  177.514122][ T8063]  dump_stack_lvl+0x189/0x250
[  177.514144][ T8063]  ? __pfx____ratelimit+0x10/0x10
[  177.514163][ T8063]  ? __pfx_dump_stack_lvl+0x10/0x10
[  177.514178][ T8063]  ? __pfx__printk+0x10/0x10
[  177.514200][ T8063]  ? __pfx___might_resched+0x10/0x10
[  177.514215][ T8063]  ? fs_reclaim_acquire+0x7d/0x100
[  177.514238][ T8063]  should_fail_ex+0x414/0x560
[  177.514265][ T8063]  should_failslab+0xa8/0x100
[  177.514284][ T8063]  __kmalloc_noprof+0xcb/0x4f0
[  177.514299][ T8063]  ? tomoyo_encode+0x28b/0x550
[  177.514321][ T8063]  tomoyo_encode+0x28b/0x550
[  177.514339][ T8063]  tomoyo_realpath_from_path+0x58d/0x5d0
[  177.514354][ T8063]  ? tomoyo_domain+0xd9/0x130
[  177.514377][ T8063]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  177.514402][ T8063]  tomoyo_path_number_perm+0x1e8/0x5a0
[  177.514428][ T8063]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  177.514468][ T8063]  ? __lock_acquire+0xab9/0xd20
[  177.514510][ T8063]  ? __fget_files+0x2a/0x420
[  177.514534][ T8063]  ? __fget_files+0x2a/0x420
[  177.514551][ T8063]  ? __fget_files+0x3a0/0x420
[  177.514574][ T8063]  ? __fget_files+0x2a/0x420
[  177.514595][ T8063]  security_file_ioctl+0xcb/0x2d0
[  177.514619][ T8063]  __se_sys_ioctl+0x47/0x170
[  177.514641][ T8063]  do_syscall_64+0xfa/0x3b0
[  177.514659][ T8063]  ? lockdep_hardirqs_on+0x9c/0x150
[  177.514678][ T8063]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.514694][ T8063]  ? clear_bhb_loop+0x60/0xb0
[  177.514715][ T8063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.514731][ T8063] RIP: 0033:0x7fb34ff8e929
[  177.514747][ T8063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.514761][ T8063] RSP: 002b:00007fb350e14038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  177.514780][ T8063] RAX: ffffffffffffffda RBX: 00007fb3501b5fa0 RCX: 00007fb34ff8e929
[  177.514793][ T8063] RDX: 0000200000000100 RSI: 000000004138ae84 RDI: 0000000000000005
[  177.514805][ T8063] RBP: 00007fb350e14090 R08: 0000000000000000 R09: 0000000000000000
[  177.514816][ T8063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  177.514826][ T8063] R13: 0000000000000000 R14: 00007fb3501b5fa0 R15: 00007ffe56223d38
[  177.514854][ T8063]  </TASK>
[  177.769980][ T8063] ERROR: Out of memory at tomoyo_realpath_from_path.
[  177.887099][ T5940] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  177.890707][ T8066] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  178.072702][ T5940] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  178.086551][ T5940] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  178.097757][ T5940] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  178.114642][ T5940] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  178.129280][ T5940] usb 4-1: SerialNumber: syz
[  178.177085][ T8074] netlink: 'syz.0.716': attribute type 10 has an invalid length.
[  178.312577][ T8078] FAULT_INJECTION: forcing a failure.
[  178.312577][ T8078] name failslab, interval 1, probability 0, space 0, times 0
[  178.329803][ T8078] CPU: 1 UID: 0 PID: 8078 Comm: syz.0.718 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  178.329829][ T8078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  178.329839][ T8078] Call Trace:
[  178.329846][ T8078]  <TASK>
[  178.329854][ T8078]  dump_stack_lvl+0x189/0x250
[  178.329879][ T8078]  ? lockdep_hardirqs_on+0x9c/0x150
[  178.329901][ T8078]  ? __pfx_dump_stack_lvl+0x10/0x10
[  178.329932][ T8078]  should_fail_ex+0x414/0x560
[  178.329949][ T8078]  should_failslab+0xa8/0x100
[  178.329962][ T8078]  __kmalloc_noprof+0xcb/0x4f0
[  178.329973][ T8078]  ? tomoyo_encode+0x28b/0x550
[  178.329989][ T8078]  tomoyo_encode+0x28b/0x550
[  178.330012][ T8078]  tomoyo_realpath_from_path+0x58d/0x5d0
[  178.330034][ T8078]  ? tomoyo_domain+0xd9/0x130
[  178.330060][ T8078]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  178.330082][ T8078]  tomoyo_path_number_perm+0x1e8/0x5a0
[  178.330097][ T8078]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  178.330119][ T8078]  ? __lock_acquire+0xab9/0xd20
[  178.330152][ T8078]  ? __fget_files+0x2a/0x420
[  178.330177][ T8078]  ? __fget_files+0x2a/0x420
[  178.330197][ T8078]  ? __fget_files+0x3a0/0x420
[  178.330217][ T8078]  ? __fget_files+0x2a/0x420
[  178.330235][ T8078]  security_file_ioctl+0xcb/0x2d0
[  178.330250][ T8078]  __se_sys_ioctl+0x47/0x170
[  178.330263][ T8078]  do_syscall_64+0xfa/0x3b0
[  178.330274][ T8078]  ? lockdep_hardirqs_on+0x9c/0x150
[  178.330286][ T8078]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.330302][ T8078]  ? clear_bhb_loop+0x60/0xb0
[  178.330324][ T8078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.330341][ T8078] RIP: 0033:0x7f512378e929
[  178.330357][ T8078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.330371][ T8078] RSP: 002b:00007f51245ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  178.330384][ T8078] RAX: ffffffffffffffda RBX: 00007f51239b5fa0 RCX: 00007f512378e929
[  178.330391][ T8078] RDX: 0000200000000080 RSI: 00000000c020aa00 RDI: 0000000000000003
[  178.330397][ T8078] RBP: 00007f51245ad090 R08: 0000000000000000 R09: 0000000000000000
[  178.330403][ T8078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  178.330408][ T8078] R13: 0000000000000000 R14: 00007f51239b5fa0 R15: 00007ffc462ccd18
[  178.330424][ T8078]  </TASK>
[  178.330440][ T8078] ERROR: Out of memory at tomoyo_realpath_from_path.
[  178.399562][ T5940] usb 4-1: 0:2 : does not exist
[  178.526844][ T3082] hid (null): unknown global tag 0xc
[  178.592903][ T3082] hid (null): global environment stack underflow
[  178.599940][ T3082] hid (null): bogus close delimiter
[  178.604671][    T9] usb 5-1: new low-speed USB device number 6 using dummy_hcd
[  178.633954][ T5940] usb 4-1: USB disconnect, device number 15
[  178.655373][ T3082] hid (null): invalid report_size -482909931
[  178.673646][ T3082] hid (null): report_id 32010 is invalid
[  178.680299][ T3082] hid (null): report_id 853302223 is invalid
[  178.707935][ T3082] hid (null): global environment stack underflow
[  178.716080][ T3082] hid (null): report_id 1999680183 is invalid
[  178.722322][ T3082] hid (null): unknown global tag 0xcf
[  178.730555][ T3082] hid (null): global environment stack underflow
[  178.738500][ T3082] hid (null): unknown global tag 0xd
[  178.747150][ T5832] udevd[5832]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  178.763280][ T3082] hid (null): report_id 26963 is invalid
[  178.769047][ T3082] hid (null): unknown global tag 0x7a
[  178.781052][    T9] usb 5-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  178.781173][ T3082] hid (null): bogus close delimiter
[  178.793819][    T9] usb 5-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0
[  178.806896][ T3082] hid (null): invalid report_size 1923123267
[  178.809989][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  178.825591][    T9] usb 5-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00
[  178.836954][ T3082] hid (null): unknown global tag 0xc
[  178.843765][ T3082] hid (null): unknown global tag 0xd
[  178.845589][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.862349][ T3082] hid (null): report_id 3290692041 is invalid
[  178.865720][    T9] usb 5-1: config 0 descriptor??
[  178.880730][ T3082] hid (null): unknown global tag 0xc
[  178.886688][ T3082] hid (null): unknown global tag 0xc
[  178.892118][ T3082] hid (null): invalid report_count 38385
[  178.912325][ T3082] hid (null): invalid report_count -1425306454
[  178.922258][ T3082] hid (null): unknown global tag 0x19
[  178.944201][ T8087] AppArmor: change_hat: Invalid input, NULL hat and NULL magic
[  178.945583][ T3082] hid (null): invalid report_count 1187817117
[  178.963263][ T3082] hid (null): unknown global tag 0xdf
[  178.980023][ T3082] hid (null): unknown global tag 0xd
[  179.002529][ T8090] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  179.006953][ T3082] hid (null): unknown global tag 0xb8
[  179.009589][ T5940] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  179.019004][ T3082] hid (null): unknown global tag 0xe
[  179.064005][ T3082] hid (null): invalid report_size 17380
[  179.074106][ T3082] hid (null): invalid report_size 7280
[  179.089724][ T3082] hid (null): unknown global tag 0xc
[  179.115923][ T3082] hid (null): unknown global tag 0xe
[  179.121258][ T3082] hid (null): report_id 0 is invalid
[  179.140231][ T3082] hid (null): nested delimiters
[  179.149398][ T3082] hid (null): unknown global tag 0xd
[  179.155226][ T3082] hid (null): unknown global tag 0xe
[  179.160775][ T3082] hid (null): unknown global tag 0xc
[  179.170140][ T3082] hid (null): unknown global tag 0xc
[  179.176814][ T3082] hid (null): global environment stack underflow
[  179.191936][ T3082] hid (null): unknown global tag 0x66
[  179.194906][ T5940] usb 4-1: Using ep0 maxpacket: 16
[  179.211523][ T5940] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 65, using maximum allowed: 30
[  179.225773][ T3082] hid (null): unknown global tag 0xd
[  179.241053][ T3082] hid (null): report_id 0 is invalid
[  179.247544][ T5940] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.263569][ T5940] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 65
[  179.266750][ T3082] hid-generic 17D0:CFDC:534C236F.0004: unknown main item tag 0x7
[  179.287508][ T5940] usb 4-1: New USB device found, idVendor=1e71, idProduct=2006, bcdDevice= 0.00
[  179.297046][ T3082] hid-generic 17D0:CFDC:534C236F.0004: unexpected long global item
[  179.304647][ T5940] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.309782][ T3082] hid-generic 17D0:CFDC:534C236F.0004: probe with driver hid-generic failed with error -22
[  179.339046][ T5940] usb 4-1: config 0 descriptor??
[  179.356047][ T8095] omfs: Invalid superblock (0)
[  179.485805][ T5844] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  179.606889][    T9] usbhid 5-1:0.0: can't add hid device: -71
[  179.612955][    T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  179.624763][ T5844] usb 1-1: device descriptor read/64, error -71
[  179.636197][    T9] usb 5-1: USB disconnect, device number 6
[  179.764201][ T5940] nzxt-smart2 0003:1E71:2006.0005: item fetching failed at offset 10/11
[  179.801053][ T5940] nzxt-smart2 0003:1E71:2006.0005: probe with driver nzxt-smart2 failed with error -22
[  179.864836][ T5844] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  179.972230][ T3082] usb 4-1: USB disconnect, device number 16
[  179.996975][ T8104] FAULT_INJECTION: forcing a failure.
[  179.996975][ T8104] name failslab, interval 1, probability 0, space 0, times 0
[  180.011414][ T8104] CPU: 1 UID: 0 PID: 8104 Comm: syz.2.727 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  180.011439][ T8104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  180.011450][ T8104] Call Trace:
[  180.011457][ T8104]  <TASK>
[  180.011465][ T8104]  dump_stack_lvl+0x189/0x250
[  180.011489][ T8104]  ? __pfx____ratelimit+0x10/0x10
[  180.011516][ T8104]  ? __pfx_dump_stack_lvl+0x10/0x10
[  180.011535][ T8104]  ? __pfx__printk+0x10/0x10
[  180.011559][ T8104]  ? __pfx___might_resched+0x10/0x10
[  180.011581][ T8104]  should_fail_ex+0x414/0x560
[  180.011609][ T8104]  should_failslab+0xa8/0x100
[  180.011632][ T8104]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  180.011651][ T8104]  ? __alloc_skb+0x112/0x2d0
[  180.011677][ T8104]  __alloc_skb+0x112/0x2d0
[  180.011703][ T8104]  netlink_sendmsg+0x5c6/0xb30
[  180.011734][ T8104]  ? __pfx_netlink_sendmsg+0x10/0x10
[  180.011765][ T8104]  ? aa_sock_msg_perm+0xf1/0x1d0
[  180.011786][ T8104]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  180.011809][ T8104]  ? __pfx_netlink_sendmsg+0x10/0x10
[  180.011831][ T8104]  __sock_sendmsg+0x21c/0x270
[  180.011855][ T8104]  ____sys_sendmsg+0x505/0x830
[  180.011885][ T8104]  ? __pfx_____sys_sendmsg+0x10/0x10
[  180.011918][ T8104]  ? import_iovec+0x74/0xa0
[  180.011946][ T8104]  ___sys_sendmsg+0x21f/0x2a0
[  180.011972][ T8104]  ? __pfx____sys_sendmsg+0x10/0x10
[  180.012031][ T8104]  ? __fget_files+0x2a/0x420
[  180.012053][ T8104]  ? __fget_files+0x3a0/0x420
[  180.012084][ T8104]  __x64_sys_sendmsg+0x19b/0x260
[  180.012112][ T8104]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  180.012146][ T8104]  ? __pfx_ksys_write+0x10/0x10
[  180.012164][ T8104]  ? rcu_is_watching+0x15/0xb0
[  180.012186][ T8104]  ? do_syscall_64+0xbe/0x3b0
[  180.012210][ T8104]  do_syscall_64+0xfa/0x3b0
[  180.012229][ T8104]  ? lockdep_hardirqs_on+0x9c/0x150
[  180.012249][ T8104]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.012266][ T8104]  ? clear_bhb_loop+0x60/0xb0
[  180.012287][ T8104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.012304][ T8104] RIP: 0033:0x7fb34ff8e929
[  180.012319][ T8104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  180.012334][ T8104] RSP: 002b:00007fb350e14038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  180.012353][ T8104] RAX: ffffffffffffffda RBX: 00007fb3501b5fa0 RCX: 00007fb34ff8e929
[  180.012366][ T8104] RDX: 0000000000004000 RSI: 00002000000002c0 RDI: 0000000000000003
[  180.012377][ T8104] RBP: 00007fb350e14090 R08: 0000000000000000 R09: 0000000000000000
[  180.012389][ T8104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  180.012399][ T8104] R13: 0000000000000000 R14: 00007fb3501b5fa0 R15: 00007ffe56223d38
[  180.012427][ T8104]  </TASK>
[  180.300367][ T5844] usb 1-1: device descriptor read/64, error -71
[  180.418544][ T5844] usb usb1-port1: attempt power cycle
[  180.419179][ T8106] tmpfs: Invalid gid '0x00000000ffffffff'
[  180.449389][ T8109] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  180.462027][ T8110] tmpfs: Invalid gid '0x00000000ffffffff'
[  180.480672][ T8110] netlink: 44 bytes leftover after parsing attributes in process `syz.2.728'.
[  180.765490][ T5844] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  180.813254][ T5844] usb 1-1: device descriptor read/8, error -71
[  180.851429][ T8119] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  181.056435][ T5844] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  181.100940][ T5844] usb 1-1: device descriptor read/8, error -71
[  181.201934][ T8127] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  181.243987][ T5844] usb usb1-port1: unable to enumerate USB device
[  181.253030][ T8127] FAULT_INJECTION: forcing a failure.
[  181.253030][ T8127] name failslab, interval 1, probability 0, space 0, times 0
[  181.289867][ T8130] overlayfs: conflicting lowerdir path
[  181.301782][ T8127] CPU: 0 UID: 0 PID: 8127 Comm: syz.2.735 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  181.301807][ T8127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  181.301818][ T8127] Call Trace:
[  181.301825][ T8127]  <TASK>
[  181.301832][ T8127]  dump_stack_lvl+0x189/0x250
[  181.301856][ T8127]  ? __pfx____ratelimit+0x10/0x10
[  181.301879][ T8127]  ? __pfx_dump_stack_lvl+0x10/0x10
[  181.301898][ T8127]  ? __pfx__printk+0x10/0x10
[  181.301919][ T8127]  ? __pfx___might_resched+0x10/0x10
[  181.301937][ T8127]  ? fs_reclaim_acquire+0x7d/0x100
[  181.301963][ T8127]  should_fail_ex+0x414/0x560
[  181.301993][ T8127]  should_failslab+0xa8/0x100
[  181.302015][ T8127]  __kmalloc_noprof+0xcb/0x4f0
[  181.302033][ T8127]  ? tomoyo_encode+0x28b/0x550
[  181.302056][ T8127]  tomoyo_encode+0x28b/0x550
[  181.302081][ T8127]  tomoyo_realpath_from_path+0x58d/0x5d0
[  181.302103][ T8127]  ? tomoyo_domain+0xd9/0x130
[  181.302128][ T8127]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  181.302153][ T8127]  tomoyo_path_number_perm+0x1e8/0x5a0
[  181.302180][ T8127]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  181.302221][ T8127]  ? __lock_acquire+0xab9/0xd20
[  181.302264][ T8127]  ? __fget_files+0x2a/0x420
[  181.302290][ T8127]  ? __fget_files+0x2a/0x420
[  181.302310][ T8127]  ? __fget_files+0x3a0/0x420
[  181.302338][ T8127]  ? __fget_files+0x2a/0x420
[  181.302365][ T8127]  security_file_ioctl+0xcb/0x2d0
[  181.302390][ T8127]  __se_sys_ioctl+0x47/0x170
[  181.302412][ T8127]  do_syscall_64+0xfa/0x3b0
[  181.302432][ T8127]  ? lockdep_hardirqs_on+0x9c/0x150
[  181.302453][ T8127]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.302470][ T8127]  ? clear_bhb_loop+0x60/0xb0
[  181.302491][ T8127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.302507][ T8127] RIP: 0033:0x7fb34ff8e929
[  181.302522][ T8127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.302536][ T8127] RSP: 002b:00007fb350e14038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  181.302555][ T8127] RAX: ffffffffffffffda RBX: 00007fb3501b5fa0 RCX: 00007fb34ff8e929
[  181.302568][ T8127] RDX: 00002000000000c0 RSI: 00000000c018ae85 RDI: 0000000000000005
[  181.302578][ T8127] RBP: 00007fb350e14090 R08: 0000000000000000 R09: 0000000000000000
[  181.302589][ T8127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.302599][ T8127] R13: 0000000000000000 R14: 00007fb3501b5fa0 R15: 00007ffe56223d38
[  181.302628][ T8127]  </TASK>
[  181.302648][ T8127] ERROR: Out of memory at tomoyo_realpath_from_path.
[  181.396394][ T8131] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  181.765225][ T3082] usb 4-1: new low-speed USB device number 17 using dummy_hcd
[  181.806003][ T8140] FAULT_INJECTION: forcing a failure.
[  181.806003][ T8140] name failslab, interval 1, probability 0, space 0, times 0
[  181.828413][ T8140] CPU: 1 UID: 0 PID: 8140 Comm: syz.2.740 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  181.828438][ T8140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  181.828448][ T8140] Call Trace:
[  181.828454][ T8140]  <TASK>
[  181.828461][ T8140]  dump_stack_lvl+0x189/0x250
[  181.828485][ T8140]  ? __pfx____ratelimit+0x10/0x10
[  181.828506][ T8140]  ? __pfx_dump_stack_lvl+0x10/0x10
[  181.828523][ T8140]  ? __pfx__printk+0x10/0x10
[  181.828547][ T8140]  ? __pfx___might_resched+0x10/0x10
[  181.828563][ T8140]  ? fs_reclaim_acquire+0x7d/0x100
[  181.828589][ T8140]  should_fail_ex+0x414/0x560
[  181.828616][ T8140]  should_failslab+0xa8/0x100
[  181.828635][ T8140]  kmem_cache_alloc_noprof+0x73/0x3c0
[  181.828654][ T8140]  ? security_inode_alloc+0x39/0x330
[  181.828677][ T8140]  security_inode_alloc+0x39/0x330
[  181.828698][ T8140]  inode_init_always_gfp+0x9ed/0xdc0
[  181.828725][ T8140]  ? __pfx_sock_alloc_inode+0x10/0x10
[  181.828742][ T8140]  alloc_inode+0x82/0x1b0
[  181.828763][ T8140]  do_accept+0x111/0x680
[  181.828787][ T8140]  ? __pfx_do_accept+0x10/0x10
[  181.828829][ T8140]  __sys_accept4+0x11c/0x1c0
[  181.828851][ T8140]  ? __pfx___sys_accept4+0x10/0x10
[  181.828872][ T8140]  ? __pfx_ksys_write+0x10/0x10
[  181.828889][ T8140]  ? rcu_is_watching+0x15/0xb0
[  181.828913][ T8140]  __x64_sys_accept4+0x9a/0xb0
[  181.828936][ T8140]  do_syscall_64+0xfa/0x3b0
[  181.828956][ T8140]  ? lockdep_hardirqs_on+0x9c/0x150
[  181.828976][ T8140]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.828991][ T8140]  ? clear_bhb_loop+0x60/0xb0
[  181.829010][ T8140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.829025][ T8140] RIP: 0033:0x7fb34ff8e929
[  181.829040][ T8140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.829055][ T8140] RSP: 002b:00007fb350e14038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  181.829075][ T8140] RAX: ffffffffffffffda RBX: 00007fb3501b5fa0 RCX: 00007fb34ff8e929
[  181.829088][ T8140] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  181.829099][ T8140] RBP: 00007fb350e14090 R08: 0000000000000000 R09: 0000000000000000
[  181.829110][ T8140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.829121][ T8140] R13: 0000000000000000 R14: 00007fb3501b5fa0 R15: 00007ffe56223d38
[  181.829149][ T8140]  </TASK>
[  182.073086][ T8143] EXT4-fs (rnullb0): VFS: Can't find ext4 filesystem
[  182.263615][ T8148] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  182.280056][ T3082] usb 4-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  182.291165][ T3082] usb 4-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0
[  182.301761][ T3082] usb 4-1: config 0 interface 0 has no altsetting 0
[  182.308479][ T3082] usb 4-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00
[  182.317634][ T3082] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.330535][ T3082] usb 4-1: config 0 descriptor??
[  182.700414][ T8162] FAULT_INJECTION: forcing a failure.
[  182.700414][ T8162] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  182.717899][ T8162] CPU: 1 UID: 0 PID: 8162 Comm: syz.0.748 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  182.717926][ T8162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  182.717940][ T8162] Call Trace:
[  182.717948][ T8162]  <TASK>
[  182.717956][ T8162]  dump_stack_lvl+0x189/0x250
[  182.717981][ T8162]  ? __pfx____ratelimit+0x10/0x10
[  182.718003][ T8162]  ? __pfx_dump_stack_lvl+0x10/0x10
[  182.718021][ T8162]  ? __pfx__printk+0x10/0x10
[  182.718049][ T8162]  should_fail_ex+0x414/0x560
[  182.718078][ T8162]  _copy_to_user+0x31/0xb0
[  182.718096][ T8162]  simple_read_from_buffer+0xe1/0x170
[  182.718123][ T8162]  proc_fail_nth_read+0x1df/0x250
[  182.718150][ T8162]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  182.718175][ T8162]  ? rw_verify_area+0x258/0x650
[  182.718193][ T8162]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  182.718217][ T8162]  vfs_read+0x1fd/0x980
[  182.718242][ T8162]  ? __pfx___mutex_lock+0x10/0x10
[  182.718264][ T8162]  ? __pfx_vfs_read+0x10/0x10
[  182.718291][ T8162]  ? __fget_files+0x2a/0x420
[  182.718317][ T8162]  ? __fget_files+0x3a0/0x420
[  182.718337][ T8162]  ? __fget_files+0x2a/0x420
[  182.718368][ T8162]  ksys_read+0x145/0x250
[  182.718390][ T8162]  ? __pfx_ksys_read+0x10/0x10
[  182.718414][ T8162]  ? do_syscall_64+0xbe/0x3b0
[  182.718439][ T8162]  do_syscall_64+0xfa/0x3b0
[  182.718460][ T8162]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.718477][ T8162]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  182.718492][ T8162]  ? clear_bhb_loop+0x60/0xb0
[  182.718512][ T8162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.718527][ T8162] RIP: 0033:0x7f512378d33c
[  182.718542][ T8162] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  182.718557][ T8162] RSP: 002b:00007f51245ad030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  182.718575][ T8162] RAX: ffffffffffffffda RBX: 00007f51239b5fa0 RCX: 00007f512378d33c
[  182.718586][ T8162] RDX: 000000000000000f RSI: 00007f51245ad0a0 RDI: 0000000000000005
[  182.718596][ T8162] RBP: 00007f51245ad090 R08: 0000000000000000 R09: 0000000000000000
[  182.718607][ T8162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.718617][ T8162] R13: 0000000000000000 R14: 00007f51239b5fa0 R15: 00007ffc462ccd18
[  182.718643][ T8162]  </TASK>
[  182.886549][  T982] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  183.044751][  T982] usb 3-1: Using ep0 maxpacket: 16
[  183.051688][  T982] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  183.063430][  T982] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  183.077772][  T982] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  183.091007][  T982] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  183.106144][  T982] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  183.126932][  T982] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  183.139081][  T982] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  183.148889][  T982] usb 3-1: Manufacturer: syz
[  183.172447][  T982] usb 3-1: config 0 descriptor??
[  183.237664][ T3082] usbhid 4-1:0.0: can't add hid device: -71
[  183.249756][ T3082] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  183.265462][ T3082] usb 4-1: USB disconnect, device number 17
[  183.552639][ T8179] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  183.754762][ T3082] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  183.831015][  T982] rc_core: IR keymap rc-hauppauge not found
[  183.849126][  T982] Registered IR keymap rc-empty
[  183.854421][  T982] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  183.936880][ T3082] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  183.972947][ T3082] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  184.038261][ T3082] usb 5-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  184.071462][ T3082] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.128675][  T982] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  184.138997][ T3082] usb 5-1: config 0 descriptor??
[  184.197021][  T982] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  184.345577][  T982] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input8
[  184.451944][  T982] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  184.551548][ T3082] hid-steam 0003:28DE:1142.0006: unknown main item tag 0x0
[  184.571929][  T982] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  184.591548][ T3082] hid-steam 0003:28DE:1142.0006: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.4-1/input0
[  184.628878][ T5843] Bluetooth: hci0: command tx timeout
[  184.646740][ T8197] exFAT-fs (rnullb0): invalid boot record signature
[  184.653451][ T8197] exFAT-fs (rnullb0): failed to read boot sector
[  184.672113][  T982] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  184.684401][ T8197] exFAT-fs (rnullb0): failed to recognize exfat type
[  184.714851][ T3082] hid-steam 0003:28DE:1142.0006: Steam wireless receiver connected
[  184.730824][ T3082] hid-steam 0003:28DE:1142.0006: No HID_FEATURE_REPORT submitted -  nothing to read
[  184.859025][ T3082] hid-steam 0003:28DE:1142.0007: unknown main item tag 0x0
[  184.869821][ T8199] exFAT-fs (rnullb0): invalid boot record signature
[  184.900531][ T8199] exFAT-fs (rnullb0): failed to read boot sector
[  184.935364][ T3082] hid-steam 0003:28DE:1142.0007: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.4-1/input0
[  184.962564][ T8199] exFAT-fs (rnullb0): failed to recognize exfat type
[  185.076204][ T3082] usb 5-1: USB disconnect, device number 7
[  185.156397][  T982] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  185.175728][ T3082] hid-steam 0003:28DE:1142.0006: Steam wireless receiver disconnected
[  185.358654][ T8204] fido_id[8204]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  185.509031][  T982] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  185.568088][  T982] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  185.647421][ T8213] binder: BINDER_SET_CONTEXT_MGR already set
[  185.683757][  T982] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  185.683757][ T8213] binder: 8212:8213 ioctl 4018620d 2000000000c0 returned -16
[  185.733945][  T982] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  185.803674][ T8213] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  185.863830][  T982] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  185.953297][  T982] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  186.030701][  T982] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  186.065359][  T982] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  186.174203][ T8206] sctp: failed to load transform for md5: -2
[  186.203951][  T982] usb 3-1: USB disconnect, device number 39
[  186.239796][ T8224] FAULT_INJECTION: forcing a failure.
[  186.239796][ T8224] name failslab, interval 1, probability 0, space 0, times 0
[  186.384729][ T8224] CPU: 1 UID: 0 PID: 8224 Comm: syz.2.764 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  186.384755][ T8224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  186.384766][ T8224] Call Trace:
[  186.384774][ T8224]  <TASK>
[  186.384781][ T8224]  dump_stack_lvl+0x189/0x250
[  186.384806][ T8224]  ? __pfx____ratelimit+0x10/0x10
[  186.384828][ T8224]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.384847][ T8224]  ? __pfx__printk+0x10/0x10
[  186.384871][ T8224]  ? __pfx___might_resched+0x10/0x10
[  186.384887][ T8224]  ? fs_reclaim_acquire+0x7d/0x100
[  186.384913][ T8224]  should_fail_ex+0x414/0x560
[  186.384949][ T8224]  should_failslab+0xa8/0x100
[  186.384971][ T8224]  kmem_cache_alloc_noprof+0x73/0x3c0
[  186.384989][ T8224]  ? security_inode_alloc+0x39/0x330
[  186.385012][ T8224]  security_inode_alloc+0x39/0x330
[  186.385033][ T8224]  inode_init_always_gfp+0x9ed/0xdc0
[  186.385061][ T8224]  ? __pfx_sock_alloc_inode+0x10/0x10
[  186.385080][ T8224]  alloc_inode+0x82/0x1b0
[  186.385103][ T8224]  do_accept+0x111/0x680
[  186.385130][ T8224]  ? __pfx_do_accept+0x10/0x10
[  186.385172][ T8224]  __sys_accept4+0x11c/0x1c0
[  186.385196][ T8224]  ? __pfx___sys_accept4+0x10/0x10
[  186.385217][ T8224]  ? __pfx_ksys_write+0x10/0x10
[  186.385244][ T8224]  __x64_sys_accept4+0x9a/0xb0
[  186.385268][ T8224]  do_syscall_64+0xfa/0x3b0
[  186.385287][ T8224]  ? lockdep_hardirqs_on+0x9c/0x150
[  186.385307][ T8224]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.385324][ T8224]  ? clear_bhb_loop+0x60/0xb0
[  186.385345][ T8224]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.385362][ T8224] RIP: 0033:0x7fb34ff8e929
[  186.385378][ T8224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.385393][ T8224] RSP: 002b:00007fb350df3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  186.385412][ T8224] RAX: ffffffffffffffda RBX: 00007fb3501b6080 RCX: 00007fb34ff8e929
[  186.385425][ T8224] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  186.385435][ T8224] RBP: 00007fb350df3090 R08: 0000000000000000 R09: 0000000000000000
[  186.385445][ T8224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.385455][ T8224] R13: 0000000000000001 R14: 00007fb3501b6080 R15: 00007ffe56223d38
[  186.385483][ T8224]  </TASK>
[  186.814725][ T5844] usb 4-1: new low-speed USB device number 18 using dummy_hcd
[  186.910473][ T8218] sctp: failed to load transform for md5: -2
[  186.976223][ T5844] usb 4-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  187.010173][ T5844] usb 4-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0
[  187.066234][ T5844] usb 4-1: config 0 interface 0 has no altsetting 0
[  187.110757][ T5844] usb 4-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00
[  187.177927][ T5844] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.259947][ T5844] usb 4-1: config 0 descriptor??
[  188.043711][ T8252] FAULT_INJECTION: forcing a failure.
[  188.043711][ T8252] name failslab, interval 1, probability 0, space 0, times 0
[  188.063616][ T8252] CPU: 1 UID: 0 PID: 8252 Comm: syz.4.771 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  188.063641][ T8252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  188.063655][ T8252] Call Trace:
[  188.063663][ T8252]  <TASK>
[  188.063671][ T8252]  dump_stack_lvl+0x189/0x250
[  188.063696][ T8252]  ? __pfx____ratelimit+0x10/0x10
[  188.063723][ T8252]  ? __pfx_dump_stack_lvl+0x10/0x10
[  188.063743][ T8252]  ? __pfx__printk+0x10/0x10
[  188.063768][ T8252]  ? __pfx___might_resched+0x10/0x10
[  188.063784][ T8252]  ? fs_reclaim_acquire+0x7d/0x100
[  188.063815][ T8252]  should_fail_ex+0x414/0x560
[  188.063844][ T8252]  should_failslab+0xa8/0x100
[  188.063867][ T8252]  kmem_cache_alloc_noprof+0x73/0x3c0
[  188.063885][ T8252]  ? ep_insert+0x272/0x1a00
[  188.063909][ T8252]  ep_insert+0x272/0x1a00
[  188.063935][ T8252]  ? aa_get_newest_label+0xf7/0x5d0
[  188.063959][ T8252]  ? do_epoll_ctl+0x3c9/0xe90
[  188.063978][ T8252]  ? __pfx_ep_insert+0x10/0x10
[  188.063997][ T8252]  ? __pfx___mutex_lock+0x10/0x10
[  188.064019][ T8252]  ? rcu_is_watching+0x15/0xb0
[  188.064039][ T8252]  ? apparmor_capable+0x137/0x1b0
[  188.064063][ T8252]  ? bpf_lsm_capable+0x9/0x20
[  188.064090][ T8252]  do_epoll_ctl+0x7f4/0xe90
[  188.064127][ T8252]  __x64_sys_epoll_ctl+0x163/0x1a0
[  188.064152][ T8252]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  188.064170][ T8252]  ? rcu_is_watching+0x15/0xb0
[  188.064193][ T8252]  ? do_syscall_64+0xbe/0x3b0
[  188.064218][ T8252]  do_syscall_64+0xfa/0x3b0
[  188.064239][ T8252]  ? lockdep_hardirqs_on+0x9c/0x150
[  188.064259][ T8252]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.064277][ T8252]  ? clear_bhb_loop+0x60/0xb0
[  188.064299][ T8252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.064315][ T8252] RIP: 0033:0x7f6ecdb8e929
[  188.064332][ T8252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.064347][ T8252] RSP: 002b:00007f6ecea17038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  188.064367][ T8252] RAX: ffffffffffffffda RBX: 00007f6ecddb5fa0 RCX: 00007f6ecdb8e929
[  188.064380][ T8252] RDX: 0000000000000005 RSI: 0000000000000001 RDI: 0000000000000003
[  188.064391][ T8252] RBP: 00007f6ecea17090 R08: 0000000000000000 R09: 0000000000000000
[  188.064403][ T8252] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  188.064415][ T8252] R13: 0000000000000000 R14: 00007f6ecddb5fa0 R15: 00007ffcc1f21768
[  188.064444][ T8252]  </TASK>
[  188.721749][ T8259] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  189.211467][ T8266] Mount JFS Failure: -22
[  189.773011][ T8273] FAULT_INJECTION: forcing a failure.
[  189.773011][ T8273] name failslab, interval 1, probability 0, space 0, times 0
[  189.797826][ T8273] CPU: 1 UID: 0 PID: 8273 Comm: syz.2.778 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  189.797852][ T8273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  189.797864][ T8273] Call Trace:
[  189.797872][ T8273]  <TASK>
[  189.797885][ T8273]  dump_stack_lvl+0x189/0x250
[  189.797910][ T8273]  ? __pfx____ratelimit+0x10/0x10
[  189.797932][ T8273]  ? __pfx_dump_stack_lvl+0x10/0x10
[  189.797951][ T8273]  ? __pfx__printk+0x10/0x10
[  189.797976][ T8273]  ? __pfx___might_resched+0x10/0x10
[  189.797999][ T8273]  should_fail_ex+0x414/0x560
[  189.798028][ T8273]  should_failslab+0xa8/0x100
[  189.798051][ T8273]  __kmalloc_node_noprof+0xd1/0x4e0
[  189.798071][ T8273]  ? alloc_slab_obj_exts+0x39/0xa0
[  189.798095][ T8273]  alloc_slab_obj_exts+0x39/0xa0
[  189.798113][ T8273]  __memcg_slab_post_alloc_hook+0x31e/0x7f0
[  189.798150][ T8273]  kmem_cache_alloc_node_noprof+0x2bd/0x3c0
[  189.798169][ T8273]  ? __alloc_skb+0x112/0x2d0
[  189.798196][ T8273]  __alloc_skb+0x112/0x2d0
[  189.798222][ T8273]  alloc_skb_with_frags+0xca/0x890
[  189.798248][ T8273]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  189.798269][ T8273]  ? lockdep_hardirqs_on+0x9c/0x150
[  189.798290][ T8273]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  189.798313][ T8273]  sock_alloc_send_pskb+0x857/0x990
[  189.798338][ T8273]  ? __lock_acquire+0xab9/0xd20
[  189.798371][ T8273]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  189.798390][ T8273]  ? __lock_acquire+0xab9/0xd20
[  189.798426][ T8273]  queue_oob+0xc3/0x5a0
[  189.798450][ T8273]  ? _parse_integer_limit+0x1ae/0x1f0
[  189.798475][ T8273]  ? __pfx_queue_oob+0x10/0x10
[  189.798503][ T8273]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[  189.798531][ T8273]  unix_stream_sendmsg+0xaf9/0xc90
[  189.798552][ T8273]  ? __lock_acquire+0xab9/0xd20
[  189.798589][ T8273]  ? __pfx_unix_stream_sendmsg+0x10/0x10
[  189.798614][ T8273]  ? __fget_files+0x2a/0x420
[  189.798638][ T8273]  ? aa_sock_msg_perm+0xda/0x1d0
[  189.798659][ T8273]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  189.798681][ T8273]  ? __pfx_unix_stream_sendmsg+0x10/0x10
[  189.798711][ T8273]  __sock_sendmsg+0x21c/0x270
[  189.798735][ T8273]  __sys_sendto+0x3bd/0x520
[  189.798760][ T8273]  ? __pfx___sys_sendto+0x10/0x10
[  189.798780][ T8273]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  189.798814][ T8273]  ? __fget_files+0x3a0/0x420
[  189.798846][ T8273]  ? ksys_write+0x22a/0x250
[  189.798869][ T8273]  ? __pfx_ksys_write+0x10/0x10
[  189.798895][ T8273]  __x64_sys_sendto+0xde/0x100
[  189.798921][ T8273]  do_syscall_64+0xfa/0x3b0
[  189.798943][ T8273]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.798961][ T8273]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  189.798978][ T8273]  ? clear_bhb_loop+0x60/0xb0
[  189.798999][ T8273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.799016][ T8273] RIP: 0033:0x7fb34ff8e929
[  189.799034][ T8273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.799049][ T8273] RSP: 002b:00007fb350e14038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  189.799069][ T8273] RAX: ffffffffffffffda RBX: 00007fb3501b5fa0 RCX: 00007fb34ff8e929
[  189.799083][ T8273] RDX: 0000000000000001 RSI: 00002000000004c0 RDI: 0000000000000005
[  189.799094][ T8273] RBP: 00007fb350e14090 R08: 0000000000000000 R09: 0000000000000000
[  189.799106][ T8273] R10: 00000000200080d1 R11: 0000000000000246 R12: 0000000000000001
[  189.799117][ T8273] R13: 0000000000000000 R14: 00007fb3501b5fa0 R15: 00007ffe56223d38
[  189.799146][ T8273]  </TASK>
[  190.275218][ T8275] syz.0.779 uses old SIOCAX25GETINFO
[  190.526105][ T8275] netlink: 'syz.0.779': attribute type 4 has an invalid length.
[  190.958199][   T15] sched: DL replenish lagged too much
[  191.141330][ T8283] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  191.182834][ T8285] FAULT_INJECTION: forcing a failure.
[  191.182834][ T8285] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  191.229666][ T8285] CPU: 1 UID: 0 PID: 8285 Comm: syz.4.784 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  191.229694][ T8285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  191.229706][ T8285] Call Trace:
[  191.229714][ T8285]  <TASK>
[  191.229723][ T8285]  dump_stack_lvl+0x189/0x250
[  191.229751][ T8285]  ? __pfx____ratelimit+0x10/0x10
[  191.229773][ T8285]  ? __pfx_dump_stack_lvl+0x10/0x10
[  191.229793][ T8285]  ? __pfx__printk+0x10/0x10
[  191.229825][ T8285]  should_fail_ex+0x414/0x560
[  191.229855][ T8285]  _copy_to_user+0x31/0xb0
[  191.229883][ T8285]  simple_read_from_buffer+0xe1/0x170
[  191.229910][ T8285]  proc_fail_nth_read+0x1df/0x250
[  191.229938][ T8285]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  191.229965][ T8285]  ? rw_verify_area+0x258/0x650
[  191.229984][ T8285]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  191.230010][ T8285]  vfs_read+0x1fd/0x980
[  191.230035][ T8285]  ? __pfx___mutex_lock+0x10/0x10
[  191.230058][ T8285]  ? __pfx_vfs_read+0x10/0x10
[  191.230079][ T8285]  ? __fget_files+0x2a/0x420
[  191.230106][ T8285]  ? __fget_files+0x3a0/0x420
[  191.230127][ T8285]  ? __fget_files+0x2a/0x420
[  191.230159][ T8285]  ksys_read+0x145/0x250
[  191.230182][ T8285]  ? __pfx_ksys_read+0x10/0x10
[  191.230207][ T8285]  ? do_syscall_64+0xbe/0x3b0
[  191.230233][ T8285]  do_syscall_64+0xfa/0x3b0
[  191.230255][ T8285]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.230272][ T8285]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  191.230290][ T8285]  ? clear_bhb_loop+0x60/0xb0
[  191.230312][ T8285]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.230329][ T8285] RIP: 0033:0x7f6ecdb8d33c
[  191.230346][ T8285] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  191.230361][ T8285] RSP: 002b:00007f6ecea17030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  191.230381][ T8285] RAX: ffffffffffffffda RBX: 00007f6ecddb5fa0 RCX: 00007f6ecdb8d33c
[  191.230395][ T8285] RDX: 000000000000000f RSI: 00007f6ecea170a0 RDI: 0000000000000005
[  191.230406][ T8285] RBP: 00007f6ecea17090 R08: 0000000000000000 R09: 0000000000000000
[  191.230417][ T8285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.230427][ T8285] R13: 0000000000000000 R14: 00007f6ecddb5fa0 R15: 00007ffcc1f21768
[  191.230457][ T8285]  </TASK>
[  191.460777][    C1] vkms_vblank_simulate: vblank timer overrun
[  191.791519][ T8292] input: syz1 as /devices/virtual/input/input9
[  191.843834][ T8292] UDF-fs: warning (device rnullb0): udf_load_vrs: No VRS found
[  191.905216][ T5844] usbhid 4-1:0.0: can't add hid device: -71
[  191.930259][ T5844] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  191.967358][ T8292] UDF-fs: Scanning with blocksize 4096 failed
[  192.003063][ T5844] usb 4-1: USB disconnect, device number 18
[  192.251665][ T8298] overlay: ./file1 is not a directory
[  192.386286][ T8303] FAULT_INJECTION: forcing a failure.
[  192.386286][ T8303] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  192.447370][ T8303] CPU: 1 UID: 0 PID: 8303 Comm: syz.3.790 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  192.447397][ T8303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  192.447409][ T8303] Call Trace:
[  192.447417][ T8303]  <TASK>
[  192.447426][ T8303]  dump_stack_lvl+0x189/0x250
[  192.447452][ T8303]  ? __pfx____ratelimit+0x10/0x10
[  192.447475][ T8303]  ? __pfx_dump_stack_lvl+0x10/0x10
[  192.447495][ T8303]  ? __pfx__printk+0x10/0x10
[  192.447526][ T8303]  should_fail_ex+0x414/0x560
[  192.447555][ T8303]  strncpy_from_user+0x36/0x290
[  192.447583][ T8303]  getname_flags+0xf3/0x540
[  192.447612][ T8303]  __x64_sys_mknodat+0x96/0xc0
[  192.447634][ T8303]  do_syscall_64+0xfa/0x3b0
[  192.447655][ T8303]  ? lockdep_hardirqs_on+0x9c/0x150
[  192.447675][ T8303]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.447693][ T8303]  ? clear_bhb_loop+0x60/0xb0
[  192.447714][ T8303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.447731][ T8303] RIP: 0033:0x7f8deed8e929
[  192.447748][ T8303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.447763][ T8303] RSP: 002b:00007f8defb74038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[  192.447790][ T8303] RAX: ffffffffffffffda RBX: 00007f8deefb5fa0 RCX: 00007f8deed8e929
[  192.447808][ T8303] RDX: 00000000000021c0 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  192.447821][ T8303] RBP: 00007f8defb74090 R08: 0000000000000000 R09: 0000000000000000
[  192.447833][ T8303] R10: 0000000000000103 R11: 0000000000000246 R12: 0000000000000001
[  192.447844][ T8303] R13: 0000000000000000 R14: 00007f8deefb5fa0 R15: 00007ffc77f80438
[  192.447873][ T8303]  </TASK>
[  192.621950][    C1] vkms_vblank_simulate: vblank timer overrun
[  192.716443][ T8307] exFAT-fs (rnullb0): invalid boot record signature
[  192.723865][ T8307] exFAT-fs (rnullb0): failed to read boot sector
[  192.730304][ T8307] exFAT-fs (rnullb0): failed to recognize exfat type
[  192.741492][ T8307] BUG: sleeping function called from invalid context at ./include/linux/sched/mm.h:321
[  192.751560][ T8307] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 8307, name: syz.3.792
[  192.760581][ T8307] preempt_count: 0, expected: 0
[  192.765510][ T8307] RCU nest depth: 1, expected: 0
[  192.770583][ T8307] 2 locks held by syz.3.792/8307:
[  192.775652][ T8307]  #0: ffffffff8e33bee0 (rcu_read_lock){....}-{1:3}, at: query_vma_setup+0x18/0x110
[  192.785279][ T8307]  #1: ffff88805e3f1bc8 (vm_lock){++++}-{0:0}, at: lock_next_vma+0x146/0xdc0
[  192.794192][ T8307] CPU: 1 UID: 0 PID: 8307 Comm: syz.3.792 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  192.794219][ T8307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  192.794231][ T8307] Call Trace:
[  192.794239][ T8307]  <TASK>
[  192.794248][ T8307]  dump_stack_lvl+0x189/0x250
[  192.794277][ T8307]  ? __pfx_dump_stack_lvl+0x10/0x10
[  192.794307][ T8307]  ? print_lock_name+0xde/0x100
[  192.794333][ T8307]  __might_resched+0x495/0x610
[  192.794360][ T8307]  ? __pfx___might_resched+0x10/0x10
[  192.794390][ T8307]  ? __kmalloc_noprof+0xa3/0x4f0
[  192.794415][ T8307]  __kmalloc_noprof+0xbc/0x4f0
[  192.794434][ T8307]  ? procfs_procmap_ioctl+0x877/0xd10
[  192.794462][ T8307]  procfs_procmap_ioctl+0x877/0xd10
[  192.794491][ T8307]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  192.794526][ T8307]  ? __fget_files+0x2a/0x420
[  192.794565][ T8307]  ? __fget_files+0x2a/0x420
[  192.794585][ T8307]  ? __fget_files+0x3a0/0x420
[  192.794607][ T8307]  ? __fget_files+0x2a/0x420
[  192.794633][ T8307]  ? bpf_lsm_file_ioctl+0x9/0x20
[  192.794648][ T8307]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  192.794668][ T8307]  __se_sys_ioctl+0xfc/0x170
[  192.794689][ T8307]  do_syscall_64+0xfa/0x3b0
[  192.794709][ T8307]  ? lockdep_hardirqs_on+0x9c/0x150
[  192.794730][ T8307]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.794746][ T8307]  ? clear_bhb_loop+0x60/0xb0
[  192.794763][ T8307]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.794779][ T8307] RIP: 0033:0x7f8deed8e929
[  192.794796][ T8307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.794813][ T8307] RSP: 002b:00007f8defb74038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  192.794832][ T8307] RAX: ffffffffffffffda RBX: 00007f8deefb5fa0 RCX: 00007f8deed8e929
[  192.794845][ T8307] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000003
[  192.794857][ T8307] RBP: 00007f8deee10b39 R08: 0000000000000000 R09: 0000000000000000
[  192.794868][ T8307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  192.794879][ T8307] R13: 0000000000000000 R14: 00007f8deefb5fa0 R15: 00007ffc77f80438
[  192.794910][ T8307]  </TASK>
[  192.948331][ T8308] random: crng reseeded on system resumption
[  192.956991][    C1] vkms_vblank_simulate: vblank timer overrun
[  194.576554][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  194.588530][ T1303] ieee802154 phy1 wpan1: encryption failed: -22