last executing test programs:

11m11.043814171s ago: executing program 2 (id=1077):
ioctl$auto_XFS_IOC_SWAPEXT(0xffffffffffffffff, 0xc0c0586d, &(0x7f0000000280)={0x8000000000000000, @raw=0x3, @inferred, 0x1, 0xfffffffffffffff7, '\x00', {0x2, 0x76e6, 0x1000, 0xffffffffffffffff, 0xffffffffffffffff, 0x8, 0x9, 0x8, {0x1, 0x2}, {0x10000, 0x4}, {0x1, 0x8}, 0x3, 0x101, 0x200, 0x200, 0x0, 0x401, 0xfff, 0xfc00, 0x0, 0x2, '\x00', 0x0, 0x3840, 0xe5, 0x1}})
setgroups$auto(0x10000, &(0x7f0000000040)=0x7fff)
syz_clone(0x408d800, 0x0, 0xfffffffffffffe1b, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x84)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0)
r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x440400, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa833e6fc65b6b3cf705001900ffff8eac2cdafc1f64010043eeb0b0530300000000000e00", @raw=0x1}, 0x4, 0x966, 0x3, @raw=0x404, @integer64={0x6, 0x3f, 0x7f4}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"})
write$auto(r0, &(0x7f00000002c0)='T\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92\x90|l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00'/507, 0x1098c7)
mmap$auto(0x0, 0x400005, 0x200, 0x9b72, 0x2, 0x8000)
madvise$auto(0xfffffffffffffffc, 0x0, 0x66)
madvise$auto(0x0, 0x0, 0x6)
mmap$auto(0x0, 0xe983, 0xa3, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = socketpair$auto(0x1, 0x3, 0x9, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181702, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/workqueue/nf_ft_offload_stats/affinity_scope\x00', 0x8000, 0x0)
r4 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto(r4, 0x4004556a, r4)
read$auto(r3, 0x0, 0x20)
close_range$auto(0x0, r3, 0x4000000000002)
r5 = socket(0x2, 0x801, 0x106)
socketpair$auto(0x1a, 0x9, 0x8000000000000000, 0x0)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000001c0), r2)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x1ff, 0x3, 0x8, 0xc, 0x2e, 0x0, 0x3}, 0x6f4)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000440)={'team_slave_1\x00'})
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtd0\x00', 0x0, 0x0)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x4000, 0x0)
ioctl$auto_BLKPG2(r2, 0x1269, 0x0)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)

11m10.951188454s ago: executing program 2 (id=1079):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 64)
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) (rerun: 64)
ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, 0x0) (async, rerun: 64)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) (async, rerun: 64)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000280)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xccx\x8b\xa8=\n\xe2\xc8Y\xc8\xf7\xf52\xa1>\xc2\xb9p\x92=\xc6\xf05\x7f\xb9x\xe1J\x83\xbf\x9e.\fup\x03\x00\x00\x00\x00\x00\x00\x00\x01\xb3%.\x03\x15\xcdB\xd5I\x94\x9f\xc9o\xb1W(x\xd5\x88\x7f\xe2Rwaz \xfa>\xff<\x9d\x9a\x94\x1e\xb6\xa9\x94\x11\xcd\xf2Q\xf8\xdb\xf7\x95\x9b\f\xac\xc5^\xfeG\xed\x82\x99XB\xfb\xaa\xb8\xa8\x8e\x15\xff\x12\xfa\xa2\x9a\b\x7f\xd7#\x148\xc65\x00}m\x9a^B\xf8\xd7\xa6\xd0\x9c\xaaj\xe4<\xba\xe0\xca^!\xdb\xb3\xa1\xca\x80&\xd7\x8f<\xd6\t8\x8cq\xb4\xf2\x18\xaf\x16\xad^h\xa2I)\xf7O\x82^\xf0~b\xc1\xa3\x98Q[m\x90\xbe\xde\xb7\xa6[C-\xf3^\x9cA%\xeaD\xa6a\xe7\xd47\xef\x01o\bQ\xf8wwvw0\xbb\xfe', 0x100000a3d9) (async, rerun: 64)
socket(0x10, 0x2, 0x6) (async, rerun: 64)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x242a82, 0x0) (async)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x848000, 0x0) (async)
write$auto(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64)
mmap$auto(0x0, 0x10005, 0x1, 0xeb1, 0x40000000000a5, 0x8000) (rerun: 64)
r2 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000180), 0x40900, 0x0)
ioctl$auto_UBI_IOCATT(r2, 0x40186f40, 0x0) (async)
ioctl$auto_UBI_IOCDET(r2, 0x40046f41, 0x0)
prctl$auto(0x3e, 0xfffffffffffffffd, 0x0, 0x1, 0x0) (async)
pivot_root$auto(0x0, 0x0) (async)
r3 = open(0x0, 0x76bd, 0x12)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) (async)
close_range$auto(0x0, r3, 0x130a) (async, rerun: 32)
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) (async, rerun: 32)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x0, 0x0) (async)
r4 = epoll_create$auto(0x3e)
epoll_ctl$auto(r4, 0x1, 0x8000000000000000, 0x0) (async)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa98b02, 0x0) (async)
mmap$auto(0x0, 0x20009, 0x8, 0x100000ebf, 0x40000000000a1, 0x8000) (async, rerun: 32)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32)
r5 = mq_open$auto(0x0, 0x62, 0xfffc, 0x0)
mq_timedsend$auto(0xffffffffffffffff, 0x0, 0x81, 0x9, 0x0) (async)
mq_timedreceive$auto(r5, 0x0, 0x4dcd, 0x0, &(0x7f0000000080)={0x4, 0xd}) (async)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)

11m10.744804674s ago: executing program 2 (id=1080):
mmap$auto(0x0, 0x400008, 0x4, 0xa910, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000e0, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0xa0681, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0x40405515, 0x0)
set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21)
unshare$auto(0x40000080)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, &(0x7f00000001c0)=0x6, &(0x7f0000000200)=0x1, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf})
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = socket(0xa, 0x5, 0x84)
getsockopt$auto(r3, 0x84, 0x14, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000300), r2)
sendmsg$auto_TCP_METRICS_CMD_GET(r3, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x44, r4, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @loopback}, @TCP_METRICS_ATTR_SADDR_IPV6={0x14, 0xc, @mcast1}, @TCP_METRICS_ATTR_ADDR_IPV6={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x27}}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0xe57c91ee1bde9e58)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyxf\x00', 0x109401, 0x0)
ioctl$auto(r5, 0x540a, 0x0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0)
sendfile$auto(r6, r6, 0x0, 0x3)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
msgrcv$auto(0x9, 0x0, 0xfffffffffffffffd, 0x6, 0x80008)
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
mremap$auto(0x7f, 0x6, 0x6, 0x4, 0x400000002)
r7 = socket(0x2, 0x3, 0xa)
setsockopt$auto_SO_BUF_LOCK(r7, 0x1, 0x48, &(0x7f0000000000)='/dev/sg0\x00', 0x1ff)
unshare$auto(0x20000080)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)

11m8.95261417s ago: executing program 2 (id=1087):
mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0)
r1 = openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, &(0x7f0000002840)='/sys/kernel/tracing/trace_clock\x00', 0x8000, 0x0)
preadv$auto(r1, &(0x7f0000002940)={&(0x7f0000002880), 0xa93a}, 0xf, 0x1, 0x6)
read$auto(r0, 0x0, 0x20)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0xd87)
close_range$auto(0x2, 0x8, 0x0)
setresuid$auto(0x0, 0x8, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/netdevsim3/sriov_numvfs\x00', 0x10b142, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/devices/virtual/mac80211_hwsim/hwsim1/ieee80211/phy1/rfkill3/state\x00', 0x102, 0x0)
sendfile$auto(r2, r3, 0x0, 0x7)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/fs/o2cb/logmask/SOCKET\x00', 0x20102, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_GET_SEC_DEV(r4, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x2c, r5, 0x20, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_ACKREQ_DEFAULT={0x5}, @NL802154_ATTR_SEC_FRAME_COUNTER={0x8, 0x2c, 0x101}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x810}, 0x800)
r6 = io_uring_setup$auto(0x1fe, 0x0)
ioctl$auto_EVIOCGRAB(r6, 0x40044590, &(0x7f0000000600)=0x10001)
ioctl$auto_TIOCGSERIAL(r6, 0x541e, &(0x7f0000000280)="02b84f39b8ac5246f122e07a49377abb2bdb859496b7cf7af247f977bb5f12cfd949efa13c4a2d2ee9ca11fa81d2915eaf88e6febb9a947e37b843c018bdeeee2ac116819171a0cddf582d0dc45c4d26be68ccd501e7a19a40df4866332b7325e4f80d8a0361ad2b27ca9e7b6fb5824223507866d49db67661e7caf789d06f73e8042957849d4cd05167081f")
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x80a02, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x6}, 0x1)
write$auto(0xffffffffffffffff, 0x0, 0x881)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000100), 0xffffffffffffffff)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)

11m8.668947973s ago: executing program 2 (id=1090):
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
mmap$auto(0x0, 0x1ff, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x400008000)
r0 = socket(0x9, 0xa, 0xba1204) (async)
r1 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, 0x0, 0x20201, 0x0)
write$auto(r1, &(0x7f0000000c40)='gthtool\x00', 0x5) (async, rerun: 32)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) (async, rerun: 32)
r2 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) (async, rerun: 32)
semctl$auto(0x80001ff, 0x2000804, 0xffffff01, 0x4) (async, rerun: 32)
getsockopt$auto(r2, 0x84, 0xa, 0x0, &(0x7f0000000000)=0x7ffe) (async, rerun: 32)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (rerun: 32)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async, rerun: 32)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) (async, rerun: 32)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
read$auto(r0, 0x0, 0x7) (async, rerun: 64)
mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffffb) (async, rerun: 64)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) (async, rerun: 32)
io_uring_setup$auto(0x52, 0x0) (async, rerun: 32)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
socket(0x1e, 0xa, 0x82) (async)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) (async)
openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x10, 0x2, 0x6) (async)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi15\x00', 0x802, 0x0) (async)
r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi15\x00', 0x42c00, 0x0)
ppoll$auto(&(0x7f0000000040)={r3, 0x5, 0xf}, 0x4, 0x0, 0x0, 0x8) (async)
ioctl$auto(0x3, 0x40045612, 0x38)

11m7.752380894s ago: executing program 2 (id=1096):
close_range$auto(0x2, 0x8000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0x400454ca, 0x38)
write$auto(r0, 0x0, 0x400000000005)
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x82, 0x0)
socket(0x2, 0x3, 0x8)
socket(0x2, 0x800, 0xfffffffd)
epoll_create$auto(0x7)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0xa, 0x3, 0x3, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0x8000]}, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
epoll_ctl$auto(0x5, 0x1, r1, 0x0)
capset$auto(0x0, 0x0)
epoll_ctl$auto(0x5, 0x3, r2, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x81, 0x0)
ioctl$auto_KVM_GET_EMULATED_CPUID(r3, 0xc008ae09, &(0x7f0000000180)={0x5, 0x0, [{0x3, 0x5, 0x101, 0xb, 0x7f, 0x5, 0x1}, {0x80, 0xd, 0x3, 0x7, 0xffff, 0x6ae5, 0x4}]})
landlock_create_ruleset$auto(&(0x7f0000000080)={0x6, 0x6, 0x7ffdffffffffffff}, 0xfffffffffffffffc, 0x800)
r4 = openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/per_cpu/cpu1/buffer_size_kb\x00', 0x4000, 0x0)
connect$auto(r4, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0x2}, 0x3)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000000000008000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)

10m52.113394731s ago: executing program 32 (id=1096):
close_range$auto(0x2, 0x8000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0x400454ca, 0x38)
write$auto(r0, 0x0, 0x400000000005)
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x82, 0x0)
socket(0x2, 0x3, 0x8)
socket(0x2, 0x800, 0xfffffffd)
epoll_create$auto(0x7)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0xa, 0x3, 0x3, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0x8000]}, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
epoll_ctl$auto(0x5, 0x1, r1, 0x0)
capset$auto(0x0, 0x0)
epoll_ctl$auto(0x5, 0x3, r2, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x81, 0x0)
ioctl$auto_KVM_GET_EMULATED_CPUID(r3, 0xc008ae09, &(0x7f0000000180)={0x5, 0x0, [{0x3, 0x5, 0x101, 0xb, 0x7f, 0x5, 0x1}, {0x80, 0xd, 0x3, 0x7, 0xffff, 0x6ae5, 0x4}]})
landlock_create_ruleset$auto(&(0x7f0000000080)={0x6, 0x6, 0x7ffdffffffffffff}, 0xfffffffffffffffc, 0x800)
r4 = openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/per_cpu/cpu1/buffer_size_kb\x00', 0x4000, 0x0)
connect$auto(r4, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0x2}, 0x3)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000000000008000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)

13.168226762s ago: executing program 1 (id=3845):
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0)
pwrite64$auto(r0, 0x0, 0x6bc, 0x5) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_REQ_SET_REG(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x54) (async)
readahead$auto(r0, 0x4, 0x4)
sysfs$auto(0x1003, 0x401, 0x0) (async, rerun: 32)
unshare$auto(0x2000000040000080) (async, rerun: 32)
socket(0x5, 0x801, 0x80ff) (async)
mmap$auto(0x0, 0xdf33, 0xe2, 0xeb1, 0x405, 0x8000) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) (async, rerun: 64)
mmap$auto(0x0, 0x1ff, 0xdf, 0x200000810, 0xffffffffffffffff, 0x8000) (async, rerun: 64)
madvise$auto(0x0, 0x200007, 0x19)
r2 = socket(0x2, 0x1, 0x106) (async)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e) (async, rerun: 64)
sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) (async, rerun: 64)
socketpair$auto(0xfffffffe, 0x1, 0x8000000000000000, 0x0) (async)
sendmsg$auto_NL80211_CMD_START_P2P_DEVICE(r3, 0x0, 0x14)
setsockopt$auto(r2, 0x6, 0x17, 0x0, 0x7) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/tty/ttyu3/power/runtime_status\x00', 0x2280c0, 0x0) (async)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b7e, 0x7, 0x28000) (async)
socketpair$auto(0x1, 0x4, 0x8000000000000000, 0x0)
recvmmsg$auto(0xffffffffffffffff, 0x0, 0x4000005, 0x7fffffff, 0x0) (async)
mbind$auto(0x9, 0x84, 0x4, 0x0, 0x80000000, 0x7f)

12.679841196s ago: executing program 1 (id=3848):
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040))
r1 = fcntl$auto(r0, 0x402, 0xffffffffffffffff)
getdents64$auto(r1, 0x0, 0x4)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
ioctl$auto(0x3, 0x80084d17, 0x38)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)

12.260041359s ago: executing program 4 (id=3849):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/domainname\x00', 0x88042, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socket(0x2, 0x1, 0x106)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = open(0x0, 0x22240, 0x155)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
pidfd_open$auto(0x1, 0x0)
socket(0x2, 0x80002, 0x73)
ioctl$auto_XFS_IOC_COMMIT_RANGE(r1, 0x40585883, &(0x7f00000001c0)={r0, 0x0, 0xffff, 0x101, 0x9, 0xad, [0x4, 0x8, 0x2, 0x0, 0x5a2858c, 0x3615]})
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/tracing_cpumask\x00', 0x688480, 0x0)
socketpair$auto(0x1, 0x1, 0x4, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x12de82, 0x0)
ioctl$auto(0x3, 0x40106f52, r2)
r3 = socket(0x2, 0x80802, 0x0)
setsockopt$auto(r3, 0x11, 0x67, 0x0, 0x8)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f0000000180)=@in={0x2, 0x4, @multicast1}, 0x55)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xa}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000d00), 0x48900, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0xf000, 0x8, 0x1000000003, 0x9b72, 0x2, 0x8000)

12.14100498s ago: executing program 1 (id=3850):
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:01/PNP0400:00/uid\x00', 0x8000, 0x0)
unshare$auto(0x40000080)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
setregid$auto(0x0, 0xffffffffffffffff)
ioctl$auto_PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f000000c380)={0x60, 0x1, 0x87, 0x7fffffffefff, 0x0, 0x9, 0x54906bd6, 0xfffffffffffffffd, 0xffffffffffffffff, 0x8, 0x0, 0x9})
r1 = fcntl$auto(0x3, 0x400, 0x9ec0000000000000)
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x12d83, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0)
r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x20282, 0x0)
ioctl$auto_UI_DEV_SETUP(r2, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x9, 0x80}, "6a034a07c7b8edb8fc3b39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x6})
ioctl$auto_UI_DEV_CREATE(r2, 0x5501, 0x0)
r3 = dup$auto(0xffffffffffffffff)
unshare$auto(0x40000080)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x1000000000008)
mmap$auto(0x0, 0x9, 0xdf, 0x517b, r3, 0x1000)
socket(0x15, 0x1, 0x3)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/netdevsim2/new_port\x00', 0x183841, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0)
write$auto(r0, 0x0, 0x5c9)
close_range$auto(0x2, 0xa, 0x0)
getsockopt$auto(r1, 0x9, 0xce, 0x0, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x204000, 0x0)
read$auto(r4, 0x0, 0x20)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vbi21\x00', 0x149800, 0x0)
msgctl$auto_IPC_INFO(0x9ae3, 0x3, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x4a2, 0x8, 0x391}, &(0x7f0000000240)=0x10, &(0x7f0000000300), 0x7, 0x3, 0x2, 0x7, 0x4, 0x9, 0x0, 0x3ff, @inferred, @raw=0x1000})
openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x2, 0x0)

11.810795064s ago: executing program 4 (id=3851):
getcwd$auto(0x0, 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_VPORT_CMD_DEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x240460c0}, 0x4000000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2000a, 0x4000000000df, 0x7fff, r0, 0x8000000000370)
r1 = socket(0x21, 0x2, 0x2)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vhci_hcd.5/usb19/power/autosuspend\x00', 0x440300, 0x0)
read$auto(r3, 0x0, 0x20)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x4)
sendmmsg$auto(r3, 0x0, 0x6, 0x8)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x4048000)
write$auto(0x3, 0x0, 0x7fffffff)
openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0)
socket(0x6, 0x1, 0x0)
epoll_create$auto(0x9)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9d\xa8Zs\a\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97\x1d\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x80000, 0x400005, 0x80000001, 0x9b72, 0x2, 0x8000)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/nr8/flags\x00', 0x509a01, 0x0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r6, 0x0, 0x20)
socket(0x2, 0x2, 0x88)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb4, 0x401, 0x80007ffd)
ioctl$auto(r0, 0x40, r5)
socket(0x6, 0x2, 0x36f6)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff)
socket(0x6, 0x80003, 0x300)

11.567946638s ago: executing program 4 (id=3852):
unshare$auto(0x9)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
setfsuid$auto(0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmsg$auto_TASKSTATS_CMD_GET(0xffffffffffffffff, 0x0, 0x20004000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r0, 0x0, 0x101)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000180)={0x0, 0x7}, 0x6)
getpid()
ioctl$auto_XFS_IOC_ATTRMULTI_BY_HANDLE(0xffffffffffffffff, 0x4048587b, 0x0)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xeb, 0x0)

11.378578336s ago: executing program 4 (id=3853):
r0 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC0D0p\x00', 0x400200, 0x0)
ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR32(r0, 0xc0844123, &(0x7f0000000000)={0xfffff0de, @reserved="71119574d35ebd72449c12b274df550c75db018d483b05cd3058aec4b29af4a72dc76610cefd0784c3eecd85fe07e8f2ae95c2aae22d2676c85b5210cab4e72e", @reserved="9d92f5c7f63e1053e7ca4e6b87cf17e2e0a0810a15882ffcb924e8e9bc7ac33e01a3be43889309f30d432c352cf8d97ea92cd7a49a1d43cf93c72f0bad22eb78"})

11.088847603s ago: executing program 4 (id=3855):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
ioprio_get$auto(0x3, 0x0)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
madvise$auto(0x0, 0xffffffffffff0006, 0x17)
mmap$auto(0x0, 0x8de, 0xdf, 0x591b, 0x2, 0xb)
socket(0x2, 0x1, 0x106) (async)
r1 = socket(0x2, 0x1, 0x106)
bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) (async)
bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) (async)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
ioctl$auto(0xffffffffffffffff, 0x8983, 0x4) (async)
ioctl$auto(0xffffffffffffffff, 0x8983, 0x4)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x3, 0x948b, 0x8000000000003, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x1000, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb})
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/134, 0x86)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
write$auto(0x3, 0x0, 0xfffffdef)
r3 = getpid()
ioctl$auto_EVIOCGMASK(r0, 0x80104592, &(0x7f0000000340)={0x8, 0x5, 0xf4})
r4 = set_tid_address$auto(0x0)
tgkill$auto(r3, r4, 0x4) (async)
tgkill$auto(r3, r4, 0x4)
openat$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f00000000c0), 0x20f02, 0x0) (async)
openat$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f00000000c0), 0x20f02, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1) (async)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="00082cbd7017ffdbdf251f0000000800400002000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40837}, 0x8000)
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)

8.052174031s ago: executing program 1 (id=3866):
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x8001, 0x0)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x7eb680, 0x100)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
socket(0x2, 0x1, 0x106)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/set_event\x00', 0xa0301, 0x0)
write$auto(r1, 0x0, 0x4)
rseq$auto(0x0, 0x8000, 0x0, 0x6)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
shutdown$auto(0x200000003, 0x2)
write$auto_cachefiles_daemon_fops_internal(r0, &(0x7f00000000c0)='a', 0x1)
pipe$auto(&(0x7f0000000500)=<r2=>0xffffffffffffffff)
flock$auto(r2, 0x5)
read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000180)=""/250, 0xfa)
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
unshare$auto(0x40000080)
close_range$auto(0x2, 0xa, 0x0)
io_uring_setup$auto(0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_PUBL_GET(r3, &(0x7f0000002100)={0x0, 0x0, &(0x7f00000020c0)={&(0x7f0000000300)={0x18, r4, 0x705, 0x70bd2a, 0x25dfdbff, {}, [@TIPC_NLA_SOCK={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x1}, 0x0)

7.752807198s ago: executing program 4 (id=3867):
unshare$auto(0x9)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
setfsuid$auto(0xee00)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x22004840}, 0xc080)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="660f0000", @ANYRES16=0x0, @ANYBLOB="00032cbd70b6e23d9cd7251a00fedbdf25aabf14d8443f8d8000"], 0x24}, 0x1, 0x0, 0x0, 0x4d894}, 0x4008800)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="010024bd7000fbdbdf250a000000e5f951aefd440ed0a26a105ab5ecd79d00fa"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!'], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0)
r1 = prctl$auto(0x3e, 0x7, 0x0, 0x0, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='./cgroup.net/net_prio.ifpriomap\x00', 0x10b142, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x1000008000)
read$auto(0x3, 0x0, 0x80)
sendfile$auto(r2, r2, 0x0, 0x5)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x7fff)
sendmsg$auto_TASKSTATS_CMD_GET(r1, 0x0, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r1, 0x4, &(0x7f0000000080)="17e703e5cb8a13e2550919f46362415367e6e2248c108588d9adf1a6d83f0c9acf56121968450f1700659954ba387d7eada6")
ioctl$auto_SNDRV_TIMER_IOCTL_STATUS32(r1, 0x80585414, &(0x7f00000000c0)={0x9, 0x10001, 0x80000000, 0x3057, 0x79b, 0x400, "73025bd432f6935f1587ac4874fe1eeda0fb6b8c8782371f1201e72ab0b611b5df20402e866df490f2010b9c59d13db8ce5135427965d649029b4bb428006c0e"})
r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/oom_adj\x00', 0x48002, 0x0)
read$auto(r3, 0x0, 0x101)
writev$auto(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x7}, 0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
capset$auto(0x0, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)

6.054007823s ago: executing program 1 (id=3872):
openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000340)='/proc/thread-self/attr/current\x00', 0x48000, 0x0) (async)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/sunrpc/parameters/auth_hashtable_size\x00', 0x2ab42, 0x0)
sendfile$auto(r0, r0, 0x0, 0x4f64a1d2)
r1 = io_uring_setup$auto(0x3ff, 0x0)
mmap$auto(0x0, 0x8004008, 0x2000000329, 0x2000000010011, r1, 0x8000) (async)
prctl$auto(0x44, 0x7, 0x0, 0x6fffffffffffffff, 0x7) (async)
mmap$auto_v4l2_fops_v4l2_dev(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000000, 0x100010, r1, 0x4) (async)
seccomp$auto(0x2, 0x0, 0x0)
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
r2 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0) (async)
pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL802154_CMD_GET_INTERFACE(r3, &(0x7f0000000300)={0x0, 0xfffffe15, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x14}, 0x1, 0x0, 0x0, 0x4004010}, 0x4040008) (async)
exit$auto(0x5)
lseek$auto(r2, 0x61, 0x401) (async)
openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000000040), 0x60200, 0x0)
openat$auto_transactions_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0xfd75fe4ff7475aaf, 0x0)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100cda4429629bd7100f9db5f250200000000000000", @ANYRES32], 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80)
r5 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (async)
signalfd4$auto(r1, &(0x7f0000000000), 0x1, 0x80000000)

4.864506426s ago: executing program 1 (id=3875):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0xc0200, 0x0)
r1 = socket(0x1e, 0x6, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9)
sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f00000002c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4008000}, 0x8010)
r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x40, 0x0)
ioctl$auto(r3, 0x9000643f, 0xc35)
mmap$auto(0x0, 0x9, 0x4000000000dc, 0x19, 0x401, 0x8003)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x200000eb5, 0x401, 0x8000)
prctl$auto(0x8, 0x1, 0xffffffffffffffff, 0x80000000000008, 0x1)
unshare$auto(0x40000080)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendfile$auto(0x1, 0x3, 0x0, 0x74c)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000140)={'wlan1\x00', <r7=>0x0})
sendmsg$auto_NL80211_CMD_GET_INTERFACE(r4, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010b27bd7000fda5c5a62073660008000300", @ANYRES32=r7], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4040080)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000001280)='/sys/kernel/security/tomoyo/query\x00', 0x80402, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8001)
mmap$auto(0x0, 0x4020009, 0x6cac286d, 0xeb1, 0x401, 0x8000)
capset$auto(0x0, 0x0)
ioctl$auto(0xffffffffffffffff, 0x401070cd, 0x5)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)

4.689353641s ago: executing program 3 (id=3877):
mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000001c0), r0)
read$auto(r0, &(0x7f0000000100)='nl80211\x00', 0xbe62)
r1 = socket(0xf, 0x3, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000040), r1)
sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r3, 0x400, 0x70bd2b, 0x25dfdbfe, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4014}, 0x20000891)
sendmsg$auto_KSMBD_EVENT_LOGOUT_REQUEST(r0, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000280)={&(0x7f0000000040)={0x14, r3, 0x100, 0x70bd2a, 0x25dfdbff, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20042084}, 0x2000c801)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x6)
socket(0x10, 0x2, 0x0)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_FLOW_CMD_GET(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x30, r4, 0x1, 0x70bd29, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x18, 0x1, 0x0, 0x1, [@nested={0x14, 0x10, 0x0, 0x1, [@typed={0x8, 0x8, 0x0, 0x0, @ipv4=@remote}, @typed={0x8, 0x8, 0x0, 0x0, @uid}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

4.42384063s ago: executing program 3 (id=3878):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3a, 0x1, 0x0, 0x1, 0x0) (async, rerun: 32)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async, rerun: 32)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
connect$auto(0x3, &(0x7f0000000080)=@nl=@proc={0x10, 0x0, 0x25dfdbfe, 0x4}, 0x81) (async)
mmap$auto(0x2, 0x2000c, 0xde, 0x20eb0, 0x40000000000a5, 0x8000) (async, rerun: 64)
close_range$auto(0x2, 0x8, 0x0) (rerun: 64)
r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0)
pread64$auto(r1, 0x0, 0x400100000001, 0x4) (async)
readv$auto(0x3, 0x0, 0x4) (async)
unshare$auto(0x40000080) (async)
mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) (async, rerun: 64)
futex$auto(0x0, 0x10a, 0xe775, &(0x7f0000000040)={0x2, 0x200000000004}, 0x0, 0x3) (rerun: 64)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130)
fallocate$auto(0x8000000000000003, 0x0, 0x2, 0x4cbd5d) (async)
ptrace$auto(0x5, 0x0, 0xfffffffffffffffa, 0x8) (async)
mmap$auto(0xf22, 0x6, 0xfd5, 0x9d, r2, 0xfffffffffffffff7)
openat$auto_ht40allow_map_ops_debugfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/ieee80211/phy7/ht40allow_map\x00', 0x20000, 0x0) (async, rerun: 32)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 32)
socket(0x1d, 0x3, 0x1) (async)
setsockopt$auto(r2, 0x67, 0x1000, 0x0, 0x5)
syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000080), 0xffffffffffffffff) (async)
r3 = getpid()
process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/kallsyms\x00', 0x20100, 0x0)
close_range$auto(0xffffffffffffffff, r1, 0x4) (async)
io_uring_setup$auto(0x6, 0x0) (async)
io_uring_register$auto(0x2, 0x1b, &(0x7f0000000000), 0x1) (async)
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x3, 0x5)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)

4.13578464s ago: executing program 0 (id=3880):
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:01/PNP0400:00/uid\x00', 0x8000, 0x0)
unshare$auto(0x40000080)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
setregid$auto(0x0, 0xffffffffffffffff)
ioctl$auto_PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f000000c380)={0x60, 0x1, 0x87, 0x7fffffffefff, 0x0, 0x9, 0x54906bd6, 0xfffffffffffffffd, 0xffffffffffffffff, 0x8, 0x0, 0x9})
r1 = fcntl$auto(0x3, 0x400, 0x9ec0000000000000)
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x12d83, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0)
r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x20282, 0x0)
ioctl$auto_UI_DEV_SETUP(r2, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x9, 0x80}, "6a034a07c7b8edb8fc3b39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x6})
ioctl$auto_UI_DEV_CREATE(r2, 0x5501, 0x0)
r3 = dup$auto(0xffffffffffffffff)
unshare$auto(0x40000080)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x1000000000008)
mmap$auto(0x0, 0x9, 0xdf, 0x517b, r3, 0x1000)
socket(0x15, 0x1, 0x3)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/netdevsim2/new_port\x00', 0x183841, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0)
write$auto(r0, 0x0, 0x5c9)
close_range$auto(0x2, 0xa, 0x0)
getsockopt$auto(r1, 0x9, 0xce, 0x0, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x204000, 0x0)
read$auto(r4, 0x0, 0x20)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vbi21\x00', 0x149800, 0x0)
msgctl$auto_IPC_INFO(0x9ae3, 0x3, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x4a2, 0x8, 0x391}, &(0x7f0000000240)=0x10, &(0x7f0000000300), 0x7, 0x3, 0x2, 0x7, 0x4, 0x9, 0x0, 0x3ff, @inferred, @raw=0x1000})
openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x2, 0x0)

1.979760445s ago: executing program 0 (id=3881):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_FLOW_CMD_GET(r1, 0x0, 0x800)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x1c, 0x9, 0x63, 0x0, 0x0, 0x0, 0x1000, 0x8, 0x80000000000000a, 0x40000402, 0x9, 0x9, 0xffffffff80000000, 0xd, 0x6, 0x200000100103})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
write$auto(r0, 0x0, 0x6)
mmap$auto(0x0, 0x20009, 0x29b010c0, 0x100000eb1, 0x40000000000a1, 0x8000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) (async)
socket(0x2b, 0x5, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0)
sendmmsg$auto(r3, 0x0, 0x7, 0x4008) (async)
sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r0, 0x0, 0x4000000) (async)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async)
move_pages$auto(0x1, 0x400000000f54, 0x0, 0x0, 0x0, 0x8000000000000000)
r4 = getpgid(0x0)
rt_tgsigqueueinfo$auto(0xffffffffffffffff, r4, 0x8, &(0x7f0000000100)={@siginfo_0_0={0x6, 0xe, 0x5, @_sigchld={r4, 0x0, 0x401, 0x5, 0x3}}})
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) (async)
execve$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)=&(0x7f0000000080)='\xac\x00', 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async)
statmount$auto(&(0x7f0000000000)={0x4, @inferred=r2, 0x78c2, 0x6}, &(0x7f0000000440)={0x3, 0x129e3b17, 0x8001, 0x3, 0x7, 0x3, 0x5, 0x3, 0x9, 0x5, 0x5e4, 0xc, 0x4, 0x7035, 0x100000000, 0x3, 0x4, 0x22, 0xb0d, 0xfffffffffffffffe, 0x4, 0x1, 0x200000, 0x5a4b, 0xfe0, 0x7ff, 0x0, 0x1ba, 0x0, 0x9, 0xfffffff7, [0xcb2, 0x5, 0x5, 0x40, 0x9, 0x0, 0x7fffffff, 0xe, 0x7b, 0x800, 0x7, 0x3, 0x8000000000000001, 0x4, 0x6, 0x3, 0xffffffffffffff80, 0x80, 0x7fffffffffffffff, 0x74, 0x3800000000000, 0x0, 0xea42, 0xaa00, 0x0, 0x5, 0xc6d, 0x9, 0x7, 0x7c1, 0xfffffffffffffff8, 0xfff, 0x800000000000, 0xffff, 0x4, 0x4, 0x5, 0x3, 0x1, 0x5, 0xfffffffffffffffc, 0x31, 0x6], "c143d2f4bfd06fc81495d5b608c56a27f72ab4e0357a89fb078bf30e64c1fba35a3319d4"}, 0x9, 0x1) (async)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0)
sendfile$auto(r5, r5, 0x0, 0x3)

1.880811758s ago: executing program 3 (id=3882):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x800000000001, 0x0)
write$auto(r0, &(0x7f00000005c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D_#\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc^:\xd1\xe3\xf1@\xc0\x93^:Mn#Oi\xaa[X\x93)\x8f\x03K\xe6\xa4\x11?\xf1\x02+\\\xf9\x8b\xe5l5\x11\x006c\x907E\xeb\x81\fB\xe3\xf8n\x8f\x94V\xbcB\x9cm\x9f\x15\x00Q\xf8\x8fFW#?\xd5Z~\xa51\x832\xbd|\x19\xda\x8e\xff\x17\r\x96\xa3\xcc+\xf4a\xffN\xd2_\xe5\\\xf8Lzc\xd4\xa0\x1f\x04_\xf1\xc6\fO\xbe?)Q\xc7\\B\xdb\xeaI\xde\xe9m\xf5\xf9\x19\xd3@IK\xe3c\x0ek\x8drZ\xad\xdc\xbb\xfc\xd4\x1f\xdaOW\x87\xb6Fm\x12\xadw(z\\j\xcc0P\xaeC\x9f\xbf\xd5\xf9\xe3\x85~cG\f\x85\xd6\x84ma\xfd\xdayNj\x80\xdd3^\x87,\x14\x8e\xbe$\x05\x8a\xb0 M\xf6$B TCs\xa9\x91dil[\xfc\a\xbfD\xd9\x8d(F\x1e\f\xec\xe9K|h\xf5\xcaUI\x18#\xbed\xa8C\x8a\xbb\fE\xe6\xa3|\xf7\xa8\xbb\xd3\x97l.V/uc\xb5Q\x1eY\xe0\x03\xa1\xc1\xc8\xe2=RK\x7fWV;\xe4\xccTsf\xa7[\xdd\x9cR\xab\xf81s\xbc\x9c\xaaSGH\x9al\xb9%u\v\xb4\x9d\x95\x16\x01\xbbT\x99S\xf8A\xcd\bRC\xf4\xb0\x1a%\xdd+1\x81\x9d6\x90\xe8\xc6\xc1\x1e\xf0~\xaf\x10g&\xd6\x01l::V\xdbJiVW\xab4G\x97\x9cl', 0x100000a3d9)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ipv6_route\x00', 0x101000, 0x0)
pread64$auto(r2, 0x0, 0x8, 0xffff)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x2, 0x8, 0x0)
write$auto(r1, 0x0, 0x6)
symlink$auto(&(0x7f0000001500)='./file0/file0\x00', &(0x7f0000001540)='./file0\x00')
sendmsg$auto_OVS_DP_CMD_GET(0xffffffffffffffff, 0x0, 0x0)
keyctl$auto(0x1b, 0x0, 0x0, 0xee00, 0xe)
prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x7, 0x3)
openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000100), 0x12080, 0x0)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
close_range$auto(0xffffffffffffffff, 0xfffffffffffff000, 0x2000008)
io_uring_setup$auto(0x6, 0x0)
timerfd_create$auto(0x2, 0x40000009)
socket(0xb, 0x1, 0x0)
close_range$auto(0x2, 0x8000, 0x0)

1.862774245s ago: executing program 0 (id=3883):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dri/card1\x00', 0x101002, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'veth1_virt_wifi\x00', <r3=>0x0})
r4 = socket(0xa, 0x2, 0x88)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'bond0\x00', <r6=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r6, <r7=>r5, 0x4, 0x1ff, r4, @relative_id=0x13, 0xe600}, 0xf)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'veth1_vlan\x00', <r8=>0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'ip6gre0\x00', <r9=>0x0})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = io_uring_setup$auto(0x6, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000480)={'bridge0\x00'})
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r12=>0x0})
bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r12, r11, 0x99, 0x8, 0x1, @relative_id=0x4, 0x9}, 0x8a4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'veth1_virt_wifi\x00', <r13=>0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'bond0\x00', <r14=>0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'bridge_slave_1\x00', <r15=>0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'pim6reg0\x00', <r16=>0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'vxcan1\x00', <r17=>0x0})
sendmsg$auto_NET_SHAPER_CMD_GET2(r1, &(0x7f0000000440)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000ffdbdf250100000008000800", @ANYRES32=r3, @ANYBLOB='\b\x00\b\x00', @ANYRES32=r6, @ANYBLOB='\b\x00\b\x00', @ANYRES32=r8, @ANYBLOB='\b\x00\b\x00', @ANYRES32=r9, @ANYBLOB='\b\x00\b\x00', @ANYRES32=r12, @ANYBLOB='\b\x00\b\x00', @ANYRES32=r13, @ANYBLOB='\b\x00\b\x00', @ANYRES32=r14, @ANYBLOB='\x00\b\x00\x00', @ANYRES32=r15, @ANYBLOB='\b\x00\b\x00', @ANYRES32=r16, @ANYBLOB='\b\x00\b\x00', @ANYRES32=r17, @ANYBLOB], 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x2)
ioctl$auto(r0, 0x9000643a, 0xc35)
r18 = openat$auto_fops_atomic_t_ro_(0xffffffffffffff9c, &(0x7f0000000000), 0x45c001, 0x0)
read$auto_fops_atomic_t_ro_(r18, &(0x7f0000000040)=""/122, 0x7a)

1.782787968s ago: executing program 0 (id=3884):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x5)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x40, 0x20001, 0x4000000000dc, 0x40000000000eb1, r0, 0x8003)
r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="c866", 0x2)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
r2 = socket(0x1d, 0x2, 0x7)
r3 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r4=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r4}, 0x6a)
mmap$auto(0x101, 0x8, 0x3, 0x9b72, 0x2, 0xb36)
r5 = io_uring_setup$auto(0x5, 0x0)
io_uring_register$auto(r5, 0x1e, &(0x7f0000000200), 0xa)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'virt_wifi0\x00'})
connect$auto(0x3, &(0x7f00000018c0)=@vsock={0x28, 0x0, 0x2710}, 0x18)
recvmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x9, &(0x7f0000000080)={0x0, 0x9}, 0x7, 0x0, 0x6, 0x4}, 0x4}, 0x10000, 0x300, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xa389}, 0x1, 0x0, 0x0, 0x2000009}, 0x9}, 0x3, 0x0)
adjtimex$auto(0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x99e, 0x48dd)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
r6 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r6, 0xc0045002, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
nanosleep$auto(0x0, 0x0)
ioctl$auto_SNDCTL_DSP_SYNC(r6, 0x5001, 0xfffffffffffffffc)

893.025509ms ago: executing program 0 (id=3885):
r0 = socket(0x25, 0x1, 0x0)
sendto$auto(r0, 0x0, 0x0, 0x0, 0x0, 0x3)
r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0400, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
fallocate$auto(r1, 0x1, 0x2, 0x6653)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x4c1a, 0x8, 0x1, 0x9, 0xf, 0x1]}, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x5, 0x0)
socket(0x1d, 0x2, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1d, 0x2, 0x7)
socketpair$auto(0x1e, 0x1, 0x0, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0)
ioctl$auto_TIOCSTI2(r3, 0x5412, &(0x7f0000000000)="fe")
select$auto(0x4673, 0x0, 0x0, 0x0, 0x0)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
ioctl$auto(0x3, 0x2287, 0xffffffffffffffff)
socket(0x23, 0x80805, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x418502, 0x0)
write$auto_proc_mem_operations_base(r4, &(0x7f0000000300)="bf82642ab700000000000000", 0xffffffffffffff26)
madvise$auto(0x0, 0x20200, 0x15)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)

892.667391ms ago: executing program 3 (id=3886):
mmap$auto(0x200, 0x7f, 0xdf, 0x100000009b72, 0x2, 0x0)
r0 = openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/free_buffer\x00', 0x20103, 0x0)
close_range$auto(r0, r0, 0x400006)
r1 = socket(0x2, 0x80002, 0x73)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0)
msgctl$auto_MSG_STAT(0xbf, 0xb, &(0x7f0000000180)={{0x922, 0xee01, 0xffffffffffffffff, 0x4, 0x6, 0xff, 0x3}, 0x0, 0x0, 0x80000000, 0x9, 0x80000001, 0x8000000000000000, 0x3, 0x2, 0xc, 0x0, @raw=0x3, @inferred=0xffffffffffffffff})
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16, @ANYBLOB="000126bd7000fbdbdf2502000000080001"], 0x44}, 0x1, 0x0, 0x0, 0x20040000}, 0x8080)
r2 = socket(0x10, 0x2, 0x0)
syz_clone3(&(0x7f00000004c0)={0x2000000, 0x0, 0x0, 0x0, {0x20}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
socket(0x2, 0x3, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x22, 0x2, 0x4)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d)
sendfile$auto(0x6, 0x3, 0x0, 0x20000fffffdef)
socket(0x23, 0x5, 0x0)
listen$auto(0x3, 0x81)
accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="06000000", @ANYRES16=0x0, @ANYBLOB="0100"], 0x14}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040804)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0x96bc}, 0x5, &(0x7f0000000380), 0x7, 0xa505}, 0x9}, 0x7, 0x4008)
madvise$auto(0x9, 0x0, 0x2)
open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
ioctl$auto(0x3, 0x4020565a, 0x38)
r3 = open(0x0, 0x0, 0xe3cb2f8102c7b484)
getdents$auto(r3, 0x0, 0x400018)
signalfd$auto(r0, &(0x7f00000000c0)={0x6}, 0x1)

493.060555ms ago: executing program 3 (id=3887):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0)
mmap$auto(0x0, 0x6, 0xdf, 0x9b72, 0xffffffffffffffff, 0x9)
r0 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x37fb00, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0)
ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
sysinfo$auto(&(0x7f0000000100)={0x6, [0x4, 0xc, 0x100], 0x8, 0xd5, 0x0, 0x6, 0x6, 0x1, 0x7f, 0x0, 0x100000000, 0x7, 0x6})
openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000740), 0x101001, 0x0)
writev$auto(r0, &(0x7f0000000100)={0x0, 0x27fdfef}, 0x8)
mmap$auto(0x0, 0x2020009, 0xe, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, 0x0, 0x204282, 0x0)
setsockopt$auto_SO_DEVMEM_DONTNEED(r2, 0xdb, 0x50, 0x0, 0x9)
r3 = socket(0xa, 0x2, 0x0)
setsockopt$auto(r3, 0x25, 0xd, 0x0, 0x0)
clock_nanosleep$auto(0x400000, 0x1, 0x0, 0x0)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r4, 0x1261, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/orangefs/perf_history_size\x00', 0x1182, 0x0)
socket(0x33caee0f5550c67b, 0x4, 0xffffffc0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r5 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
ioctl$auto_IOCTL_VMCI_VERSION2(r5, 0x7a7, 0x0)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x6)
mmap$auto(0x3, 0x20000400008, 0xdf, 0x9b72, 0x2, 0x8000)

130.832528ms ago: executing program 3 (id=3888):
mmap$auto(0x0, 0xe983, 0xa3, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0\x00', 0x1902, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/workqueue/nf_ft_offload_stats/affinity_scope\x00', 0x8000, 0x0)
read$auto(r0, 0x0, 0x20)
close_range$auto(0x0, r0, 0x4000000000002)
r1 = socket(0x2, 0x801, 0x106)
r2 = socketpair$auto(0x1a, 0x9, 0x8000000000000000, 0x0)
r3 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtd0ro\x00', 0x0, 0x0)
ioctl$auto_BLKPG2(r3, 0x1269, 0x0)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000300)="f03f1b397f28f78468aa57b414e5dc0072c84a7d609b0f1522a4a3ff5741cb0b772bdfb4ddf3b98327c8895d8803d6f1d2bee15cc64eb8929ee98e470cd33ea41bed591a589a8f81dcb4c7aa293b75facd41b92c7a398ab1a820f0c76f72e5fbc46226a41de4d4650920051d9528860c6d14a6985257f548a345d5b8ea172cf2974772f8db73c443d36fddb1e14ad594fd169a45a60cd0fa05cd23ce07eb5edd09c66b959c61eb9f6665219e05761b8fcea8794f129e1ae77b1acc5e0f")
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r5, 0x0, 0x1f42)
r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r6, &(0x7f00000001c0)={0x0, 0x9}, 0x3)
io_uring_setup$auto(0x3, &(0x7f0000000280)={0x6, 0xf085, 0x0, 0x3841, 0xfffffffe, 0x5, r5, [0x8000000, 0xc37, 0x6], {0x4, 0x5, 0xfffff5d3, 0x2, 0x2, 0x0, 0x7ff, 0x8, 0x6}, {0x8, 0x9, 0x7, 0x7, 0xe4ae, 0x95, 0x7ff, 0x8, 0x3}})
sendmsg$auto_NL802154_CMD_DEL_INTERFACE(r1, &(0x7f0000000580)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x4c, 0x0, 0xfeda8faec104aebb, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_PID={0x8}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0xe46}, @NL802154_ATTR_BEACON_INTERVAL={0x5, 0x26, 0x8}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x2}, @NL802154_ATTR_IFTYPE={0x8, 0x5, 0x7}, @NL802154_ATTR_SEC_FRAME_COUNTER={0x8}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
mmap$auto(0x5, 0x6, 0xdf, 0x9b72, 0x2, 0x8000)
r7 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/kernel/watchdog_cpumask\x00', 0x141241, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram12/queue/io_poll_delay\x00', 0x80000, 0x0)
read$auto(r5, 0x0, 0x4)
write$auto(r7, 0x0, 0x3)
io_uring_setup$auto(0x0, &(0x7f0000000200)={0x7, 0x541180b8, 0x7ceb, 0x3, 0x8000, 0x8, 0xffffffffffffffff, [0x0, 0x135, 0x5], {0x2, 0x1, 0x7fff, 0x8000, 0x5, 0x7, 0x2, 0x800, 0xffffffffffffffff}, {0x9, 0x0, 0x5, 0xd, 0x2, 0x9, 0x7f, 0x6, 0x80000000000004}})

0s ago: executing program 0 (id=3889):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = eventfd$auto(0xfffff000)
read$auto_proc_page_owner_operations_page_owner(r0, &(0x7f0000000100)=""/223, 0xdf) (async)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64)
io_uring_setup$auto(0x6, 0x0) (async, rerun: 64)
r1 = socket(0xa, 0x2, 0x88) (async)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socket(0xa, 0x3, 0x6) (async)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
close_range$auto(0x2, r2, 0x0)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
r3 = socket(0x10, 0x2, 0x0)
setsockopt$auto(r3, 0x104000000000010e, 0x4, 0x0, 0x16)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x10484, 0x0) (async, rerun: 32)
r5 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) (rerun: 32)
mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x401f, 0x1, 0x8e051, r5, 0x0) (async, rerun: 32)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) (rerun: 32)
capset$auto(&(0x7f0000000100)={0x621b, 0xffffffffffffffff}, &(0x7f0000000140)={0x1, 0x3, 0xcc}) (async)
msgctl$auto_IPC_RMID(0x10000, 0x0, &(0x7f0000000440)={{0x3, 0x0, 0xee00, 0xfffffffb, 0xfffffff7, 0x6, 0x9}, &(0x7f00000003c0), &(0x7f0000000400)=0x1, 0x4, 0xb4, 0xfffffffffffffff3, 0x7fffffffffffffff, 0x16, 0x33f4, 0x81, 0x40, @raw=0x5, @raw=0xbf1}) (async)
sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000340)={&(0x7f00000026c0)=ANY=[@ANYBLOB="cc110000", @ANYRES16=0x0, @ANYBLOB="080028bd7000fedbdf250700000008000100000000809a112d8038476bf815e884fb1db2c74f9afdbbcba69a03a4863ad7dce4b4c1a1efb4b85139657d9f620f35c616d48bf972869b90d17f779322ce6f84116d35d3eea215af69b35dc58156bdfa91c31c78b7e9eb2c621c88a8afdbe492a9a535c0a68772563c933fe1ce9a351cd1a00c710b19cf1f8e9cc3d91b21de0c70ca03e8bb87ecd99a4ec3b1d6e3a4f7da044de124f96b16cd2644f5af61056948456da7be5f85fe5be3b86f732824647ab431906954d01e662550be17027ef3cd293035cd5212b1f7ad6bda677ef9e383e2f2d700eabcd7f9e5c9104bf185f67610d4a7b781f9e784644ae74f4ffb45cea848ac04070b86288eb1a87ec351aa12455870e93176c47808c757fa508bbd93752d64cb810e1ab35ed0c026fa1862bc175b4aee7232645214e634f5a879ff24365c5da64b982b1dfa3a3310b7af1984f6eef21cf9c51191c0071a847bdc2048f16a4ae919210251c0e5bb99352be10f1858fa45e224f2e812ebb84f9539674945d0478235cd5a8c4a61e32864beed3f52513faf64e33907ffaa13e784526e91432b24377f7c136bd036b4761282d6929f4e9e2561439bd6aa1a1e39ab40001b59f1e4edf0efec0e2b2b079c272b38ae12246f3eefe0b5179e46334ef7311aa30d1061c90228a2585bfd7ab0c746b62d94a57b634ea61c2a161eef2f24fd6712e83c4e29dd1f4cfe27b63d553f923c02d5cb1b3a7a69f21c9ec0342e6ee6ff814c9fe8db83077fa30c123544f6a9ad5fb1989a88ed280b7fe8f567cb9d102c036cc0af4d06e8c16d2d7ea36d9922d12e7b9155b7fd00e9520bf44324df34cd711360a812c6a85cfbcd6f697bf4f2ac731d805db32ccd0adae0e7649546808f9caf23f34714a09166469516cbd94cab9ee4a44435d006fe6a0d705c3a191da753ac5f6b156b5c69c78d501394d19674b889a7e6232ce831e2a1c7efb22a0bac2c8d786360108ea6b75f52caf91d3de9a5511a986c60462c804e0cfaa1d144fcd8ba842f880d0f6f52da7861552c03a2e4a7f6cce9b6dbc3f11c0dd45d55be20ba7a76c975cf6573436f0cce50348e45ac8090faaeafdc7a2fb6962a6579a30cf1346635700b99cf176d5dd737ad62b328b1826d3aed35ff2c0fe679b43ed92c8f5288998544c421f049f840595093873dd813773047ed6d25b814cef369def0797627965dc384297804b4720775894712ca844ad9888a2164c3246aba06b18622a1814bdec2478168aaa00e5eaea83da6f7fa11657979f3a54d7a8abf45d870e1fa414b8fcefb24f8a5418114ea32a29d419f7b64da7ced2acea7d48f70f2de6522d390ff442e3af1c85d6125de0b1ac58488bd46840277b9a218a25f3384862e76989dce39bad376e232345f60be844f29fa33946b47166ffdee5fe6a79b94e510cb2d4c65ca479327d084e6df2c51c009199b2bb86b3b1e5e8e45799134a99f9e657eeb9d9ceba55abe335291b1521f15a3a42451c1b16d5ea1abcf68c705c139134b6f63908d5a2a8a9741faf406c034cdece82b61ef380f38286456b8a67079273d554f93eb94dcf56a0e85a6e1c645926210c6b5a0c83838e3e0ed740a93b2b35fcde1082e2d77f9696063b31137bb3b0a3906cdc7695d126bac6fdbaca966a647174e3be62024f1e823e11706eb7350f94890b74e30ece8656048b7a4b5feeab1420d3778bb993723c9821d66fbe67f87bccd4f091ad82cf3a7a56da7c9e878d0d2e61569bd4eb9e47babde236bd3bbce6dd53725e1e73e6d4e7d071231ae950f9ff0d50ea3bf1082317c1b531e8cf7ef5a3496ace85a1682aef28c58df386c79abb95e239a71288862b77bdafbba37d1de32c91d39b1555f05968e8a0da3452cb233c0138be6c0f6d8d20aacacb805fd024a2782a967fee7edff1aae8136fe42bb4d9fa55f44de895cf29c64270074d5ec32cac2a22b075be3b19297162d7a026daa95cd0e25106f9042a19dbc1520ee4d02e0343e14f1ada8398f4363bf54c04efd28be10629e6bbc40f61885bdded78e05bb609e34f3e45102d2907c130aadbccdb93052e55eefdbe98fca6f3a48c33acc2f9b3bdf03f2297a083f077d325e49044eb7b4bbe78ba250e3139ec3f9dd494bd9bbb638d97929541cc01dac1f4b9c69f930ca22685257801fa554d02afaea1cdeffdc4b949ff3245b8176f21cf633896f887445bc3b61b90c51dc67f6b2feae3017c6b21388bbe73ea9509357050b980540ff6ce6b4c0c31addb407d7d998f94a2f117a45a79e7367efbd78e55163cc91bbaa7aebe5c71951dbb79bd129fa2789bd03ed89581a909c3c038c7f6072891d6f1d605f59ed9504b1adb9d19f542f5b032cafd1dfd8574863d7d0619052de8f3a5ec8ac32a79c40507830ab3decb0ed61cd498a03c274e66792acfa332722f1503d949e016af7e499d60f761a73726d82688ac83edd50f4237d229a16a542fb5d1334496355dd8c3ffa42876b6517cbb715c62693fb7dfd8c7a450b112c8431f9e0a720fd5b415b07346da668dc54b72a1cb288c99b0f25d5a43e816c0721949999146e5d21118a5668f67ad9c482928961a13963e1ce61d63a5437c8981417ee667f968f34990aa97d0c62c5da43bee6283ed93431c8d64b8b491676ca6d07eeef21fd7724bac7867cb4674086fa797a15c1fd99d85371301324157de3594a242f2c75ec0f956b97f63a5d5d923ca6572072c064ef7b1f1154f2e683d31542e6e9eca5a9b2e304f51bdcce64db796139a15db09932c24ac1877773678b8b554ca6acd2e6f65fd80e670781e765f1e4937c44f082b2fc8efac75012e4c509407ba778fa58817eedb1399e11e71885773a7205e1f19ce421effe4f03d6698dd5dc19b432e2d4f1958249581c9a17e8e5d02ed38c71ff2dd1d71b3e1b62359684090f7aa263b32bda950fec02bc3937bdd0799c0697d82a5091d49a54c4dd123a4645482cdbb3c4e2009a3432811371d0ce263ff9c0e3505a27569d57ff2ed4738809919130b5506d2a1bb6430093a96de43984c1f09b7f3c3d7898ab9bc9f582edc0d2fd5e53e4a54e980ad6132c137110d642b530d34d3fbb2b4e3f69f6987da5c3062680270a58d3182bcc7e7d1d4553612f94441d1ad3c16d012e31306d340bb38c4377b3849d025d59a06d8f1449583a2f04ed76939bdcaf9c04690d7e9ae667f471836002f4db9ddd18b7ad3cb499ef6613200c6c2b7858d2b0cae1c4829b2e63c6a8bfd6021e38898ddd359920aa8cf08756efa225a3b7f457bb58282f448c43bc08392265cdd4f668e4c7a8e791598ed5a318ed94d7b97fb4a74e57b8a903a7fe3595d005c3005c7564694bd45c06b9dba9c9500d6cdc2758b0515c45a5465f06456bb076463c54013e588e95fc053353e6fe8f3b915a2d40da2511689d224b21284307f9a7e2e30226d6a433f3726f1e5c7fe38ff935de2db4bbdfa3d0d26e274301d7906dd2e9caddf7bdc88d141aacb47fa5e49c3b5849fe56e41d2ea297eb840b34755ea7b8fee4a04f75d541b42baae74accb1261bcb25b5b12672d683c7d9387985af1c1482e12a9216f844f93117da8174b53f8d5837c8022f9a1dc27b5607f659d0220ab6b4bffda150ff09dd27e26133b3b86a4bd89ebc119312187cdca2954ff889ae5430c9c02fb12cf135a09cb566565087f3f7de8ef8f9751e97151fbf668e303bfea25988f5c9911b2c756f07d5e7b49d419654679bd8336f47b085e3043f4fb019ee339bb5623f5d47eb169a8302b73c82d31673ccb05f3ac9d8ef0d09ddf50d581a7035fe6a595c82dff8bca3003eba0d52b7ab3f88b74f8159a2c42cbbd4e9a310b55514d651e6e0f7122716892db53924054d5a1f8c42ee1f3d883776cdf0a8b628729a602f3640596944b8374f42373a2219e821710ba9ae97a71cc90f7a0070734dbbfd85039738ea0fbb3ae0ef61c29d56e156613a92aebd9e889b366797b10be02efb189ae0c0a96825ed143f2489762dfecf823076123296ee772b6befe9dbfb15b101a12cc535dcc553e50041ef0c64a797a69d7595a291910433683ea1339227e75f883ea4824a38be61e105df67dc23242d57c4ec4c72260e70427a7630741228c8bac63653ab86bc34a66b721663df41a5fc65800e7c6758f92020497bfd05263f34dee2c683e5c35da9b5a77128de0111589117affe80a45cb41f769e8c07454192f94ba9b03009e32c9af46cfafa5a35582c4ca8886e53dd2ff492b39a4a6053e029ecae791a92a30dcbcec8900fbdab505e836063eb9b1b51680ede560c5a908f67299226a152a83d2ebb50171d8e6cad47990f7b7c8d23abcc587f66e3f5700def1154a13ac3f37f65ed95280fd092041febf41fc7cca61324c4d8eb033f84adda5e5dff471592f691a49a026eec35c87b653eba8ce16768e26b82225ceb91d7b54f171746d0918ca007a4622d44aadade459adb1b5ac81796c4dd082c232d0a7fa64d7f25de79bc1b193341072440449669cba2a4106a88d6353346140c33da9c023675d2b7e0ed17fed873f77a44d74afda12c1215fe5b4c0f2f67f1701d3ece001f85e535419e4a73de39643ab588437e2eadef7fb9fd1bcd90225c3ab77d4343e62b8a258f60020a06804ba99b1cb918f9b8570fa0fc273b03c7fa69192e30574004632a5528a420b91edec3aa12e80aedbee2753b4c4de31064ed6f754ca459c12605aa435dd0d2a6da8570375e2d2d998c1808b49c358d602f893f06d35e8830ad57170fde4d46ddc10c744b2e5c72067ac8578f936704f156fff3efcd006575faf46dd0c92a80c16378be26238672ee9fb37c38293dabe8d25e45de8a9b88aec0c93099eda10cf2dbd8ae53a41db23c3cf7504a68a5f71548f308c66d0acb4691f68a10ab78e299daddbaaaa8703f93c77905201e8e4b91005b5603827bcc47d9eb74f7033bb3eb538b1fc8e12a1a7245935578bb147be7f1612cf57cbf962ab569242525703231706302361dfd52bf4e848445afa97e080ba68bdd79fe7f9cde7bb4b956a39963e2c90bc1aa45df55c0a8c0df759f43acc1642056a35d92ba1ec7c6a2d541bade0bbe23c7a1994de12f7ae3d937ef836df03ad851614adca6b31ebb157f6afe1e6fec34906557bfeb1b49726978ec2c9de91b9d03b257ee99a7cc7194be4fb81c0fe56ba1366610e1f18818189d22aae6a558e9cc1634db142863a6fb9e17d3d4f7a3f14afe7690a8758d7043bdb17af8f51b5c5c2e027ab183518a47db0c40fa833528d141d34986d2725ef2f316fa05f6c66e925ff88757d9980b92c02532adbe440631e2c816a86234b48b8dc818bb1876b9294788789a98240c1193d447bcef16a2708be58b39cec5d3acfc5aa378457c96ddd31f33c8910664715dae82f20086ea622876a0acaff479100565d3015552e74990ab65653af6ea5e2ae87e7d10fb1aa999228c3faa9e81c3bda3d1dc3b4676a00be580786c540943dc42f504b899d6f50a794495fdc3beb73dbb6dc618d90662c0bc98c44f469e9b0e98a54b7cadc5afecbc45ac7c1d08bde1a25f1c0a7e5ab8468f2737e69ccb76e96fc8846b169047fa43ce672c311742312b77035d36aac4a886a63eff8d9d4e91048f3b0569668ab9a109f47adae01dafe0fe96f97724f5d2a748437b4043281d73d85e7eb4ed9219d1e6270a56d034cf6c0d050c042390cc6a76d67292cea12d9abaf493c7ca5d47fac5b491e86e75b78bea90b0f8dc0f7b572b1c3059d67f25def47e5600263e4d13b3fb4197268200a840824e57896dddf4be7a9723ec7d4bb851278d741bc974aa1eaaf9906ea572a5d070de3df19668304d41a9cec4a733f0d4413f3d7c939e5da4cefdf09ab9ec5a4b01aa43774ff489162310b17d145bd61e4f8f249ab1a8a012cbf575fb186a71eda625f60dadf80dfe35553ccb5d874e0e870a00b7fe594d2945c3bbe474d5dfc75576e2294bf49ca8eb6b6fbf038dfa02f4e2e1e1a4c842d75872b2aaa53dce95073b32861f256e27c86e4aa75f238ca2978ce4c2fa9eb3ba399b0c27b230b4f9b20de1c0dd73ee88ecc86b2ae06347309f860b1afe8214ac70477f3350e76234ca564aa8f5fce23db3b5499178d55ad00f05f9ba737989b28a62f6c2e2a9c15739577058cd04338497000880040073809d2982bd03c54182164f86164ebbc88f90079bde32143e72ec39a171e1d5cd5fc6d364cfc86a036cab741a6c96663412ed0312c7bcf6fabab5a71d38036b98dd53261b04e0a795b7f4827f19cd2ec5f42880ba1bf4f384639f89ea631c66f5e2374e907b08b7498b205fa3789e5ea52d647a20f35acfd93137db448a6dfbd748c31f50c0753b102dcecb060400608000000008000c00000000000c0017000900"], 0x11cc}, 0x1, 0x0, 0x0, 0x40}, 0x8044) (async)
sendmsg$auto_NL802154_CMD_SET_SHORT_ADDR(r1, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB='\a\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd7000fbdbdf250b000000"], 0x14}, 0x1, 0x0, 0x0, 0x84}, 0x4008000) (async)
ioctl$auto(0xffffffffffffffff, 0xae3d, 0xffffffffffffffff) (async)
ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) (async)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(r3, 0x0, 0x0)
ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x30, 0xff, 0x0, @raw=0xfffff030}})
openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) (async)
flistxattr$auto(0xffffffffffffffff, 0x0, 0x8)

kernel console output (not intermixed with test programs):

.710576][T30909]  __kmem_cache_create_args+0x128/0x3c0
[  821.710595][T30909]  mon_text_open+0x333/0x510
[  821.710615][T30909]  ? __pfx_mon_text_open+0x10/0x10
[  821.710636][T30909]  ? __pfx_mon_text_ctor+0x10/0x10
[  821.710655][T30909]  ? __pfx_apparmor_file_open+0x10/0x10
[  821.710674][T30909]  ? lockdown_is_locked_down+0x3f/0x130
[  821.710698][T30909]  ? bpf_lsm_locked_down+0x9/0x10
[  821.710721][T30909]  ? __pfx_mon_text_open+0x10/0x10
[  821.710738][T30909]  full_proxy_open_regular+0x1b6/0x360
[  821.710761][T30909]  do_dentry_open+0x982/0x1530
[  821.710779][T30909]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  821.710803][T30909]  vfs_open+0x82/0x3f0
[  821.710826][T30909]  path_openat+0x1de4/0x2cb0
[  821.710849][T30909]  ? __pfx_path_openat+0x10/0x10
[  821.710871][T30909]  do_filp_open+0x20b/0x470
[  821.710887][T30909]  ? __pfx_do_filp_open+0x10/0x10
[  821.710918][T30909]  ? alloc_fd+0x471/0x7d0
[  821.710938][T30909]  do_sys_openat2+0x11b/0x1d0
[  821.710959][T30909]  ? __pfx_do_sys_openat2+0x10/0x10
[  821.710981][T30909]  ? find_held_lock+0x2b/0x80
[  821.711006][T30909]  __x64_sys_openat+0x174/0x210
[  821.711028][T30909]  ? __pfx___x64_sys_openat+0x10/0x10
[  821.711057][T30909]  do_syscall_64+0xcd/0x4b0
[  821.711076][T30909]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  821.711090][T30909] RIP: 0033:0x7f086838eec9
[  821.711102][T30909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  821.711117][T30909] RSP: 002b:00007f086922c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  821.711130][T30909] RAX: ffffffffffffffda RBX: 00007f08685e5fa0 RCX: 00007f086838eec9
[  821.711140][T30909] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  821.711149][T30909] RBP: 00007f0868411f91 R08: 0000000000000000 R09: 0000000000000000
[  821.711158][T30909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  821.711166][T30909] R13: 00007f08685e6038 R14: 00007f08685e5fa0 R15: 00007ffe035e7d98
[  821.711185][T30909]  </TASK>
[  821.950029][    C1] vkms_vblank_simulate: vblank timer overrun
[  823.743581][T31025] netlink: 'syz.1.3213': attribute type 2 has an invalid length.
[  824.011743][T31020] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  824.018107][T31020] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  824.024409][T31020] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  824.034444][T31020] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  824.045553][T31020] CPU0 is offline.
[  824.501613][T31075] ima: policy update failed
[  824.603804][   T30] audit: type=1802 audit(4294967402.807:44): pid=31075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.3217" res=0 errno=0
[  824.693219][T10140] Bluetooth: hci0: ISO packet for unknown connection handle 0
[  824.773494][T31121] FAULT_INJECTION: forcing a failure.
[  824.773494][T31121] name failslab, interval 1, probability 0, space 0, times 0
[  824.853090][T31121] CPU: 1 UID: 0 PID: 31121 Comm: syz.4.3220 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  824.853118][T31121] Tainted: [U]=USER
[  824.853123][T31121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  824.853132][T31121] Call Trace:
[  824.853139][T31121]  <TASK>
[  824.853145][T31121]  dump_stack_lvl+0x16c/0x1f0
[  824.853172][T31121]  should_fail_ex+0x512/0x640
[  824.853229][T31121]  ? __kmalloc_cache_noprof+0x5f/0x780
[  824.853248][T31121]  should_failslab+0xc2/0x120
[  824.853270][T31121]  __kmalloc_cache_noprof+0x72/0x780
[  824.853285][T31121]  ? _raw_read_unlock_irqrestore+0x3b/0x80
[  824.853301][T31121]  ? snd_pcm_attach_substream+0x441/0xd60
[  824.853323][T31121]  ? snd_pcm_attach_substream+0x441/0xd60
[  824.853340][T31121]  snd_pcm_attach_substream+0x441/0xd60
[  824.853363][T31121]  snd_pcm_open_substream+0x8d/0x17f0
[  824.853382][T31121]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  824.853400][T31121]  ? rcu_is_watching+0x12/0xc0
[  824.853422][T31121]  snd_pcm_open+0x29e/0x730
[  824.853441][T31121]  ? __pfx_snd_pcm_open+0x10/0x10
[  824.853461][T31121]  ? __pfx_default_wake_function+0x10/0x10
[  824.853484][T31121]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  824.853501][T31121]  snd_pcm_capture_open+0x89/0xe0
[  824.853518][T31121]  snd_open+0x22a/0x4c0
[  824.853539][T31121]  ? __pfx_snd_open+0x10/0x10
[  824.853559][T31121]  chrdev_open+0x234/0x6a0
[  824.853577][T31121]  ? __pfx_apparmor_file_open+0x10/0x10
[  824.853598][T31121]  ? __pfx_chrdev_open+0x10/0x10
[  824.853616][T31121]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  824.853638][T31121]  do_dentry_open+0x982/0x1530
[  824.853656][T31121]  ? __pfx_chrdev_open+0x10/0x10
[  824.853678][T31121]  vfs_open+0x82/0x3f0
[  824.853701][T31121]  path_openat+0x1de4/0x2cb0
[  824.853725][T31121]  ? __pfx_path_openat+0x10/0x10
[  824.853746][T31121]  do_filp_open+0x20b/0x470
[  824.853763][T31121]  ? __pfx_do_filp_open+0x10/0x10
[  824.853794][T31121]  ? alloc_fd+0x471/0x7d0
[  824.853815][T31121]  do_sys_openat2+0x11b/0x1d0
[  824.853835][T31121]  ? __pfx_do_sys_openat2+0x10/0x10
[  824.853864][T31121]  __x64_sys_openat+0x174/0x210
[  824.853886][T31121]  ? __pfx___x64_sys_openat+0x10/0x10
[  824.853915][T31121]  do_syscall_64+0xcd/0x4b0
[  824.853934][T31121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  824.853949][T31121] RIP: 0033:0x7f086838eec9
[  824.853962][T31121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  824.853976][T31121] RSP: 002b:00007f086922c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  824.853990][T31121] RAX: ffffffffffffffda RBX: 00007f08685e5fa0 RCX: 00007f086838eec9
[  824.854000][T31121] RDX: 0000000000000080 RSI: 0000200000002040 RDI: ffffffffffffff9c
[  824.854009][T31121] RBP: 00007f0868411f91 R08: 0000000000000000 R09: 0000000000000000
[  824.854018][T31121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  824.854026][T31121] R13: 00007f08685e6038 R14: 00007f08685e5fa0 R15: 00007ffe035e7d98
[  824.854046][T31121]  </TASK>
[  825.147019][    C1] vkms_vblank_simulate: vblank timer overrun
[  825.168400][T31129] netlink: zone id is out of range
[  825.173597][T31129] netlink: zone id is out of range
[  825.178699][T31129] netlink: zone id is out of range
[  825.183882][T31129] netlink: zone id is out of range
[  825.188981][T31129] netlink: zone id is out of range
[  825.194632][T31129] netlink: zone id is out of range
[  825.199779][T31129] netlink: zone id is out of range
[  825.204919][T31129] netlink: zone id is out of range
[  825.501033][T10140] Bluetooth: hci4: command 0x0c1a tx timeout
[  825.994392][T31173] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3228'.
[  826.019021][T31173] bridge0: port 2(bridge_slave_1) entered disabled state
[  826.043493][T10388] Bluetooth: hci2: command 0x0c1a tx timeout
[  826.050407][T10388] Bluetooth: hci0: command 0x0c1a tx timeout
[  826.056499][T10388] Bluetooth: hci1: command 0x0406 tx timeout
[  826.070590][T31173] bridge_slave_1 (unregistering): left allmulticast mode
[  826.086959][T31173] bridge_slave_1 (unregistering): left promiscuous mode
[  826.094106][T31173] bridge0: port 2(bridge_slave_1) entered disabled state
[  826.284527][T31181] synth uevent: /bus/mei: unknown uevent action string
[  827.115487][T31255] random: crng reseeded on system resumption
[  828.150446][T31219] kexec: Could not allocate control_code_buffer
[  828.426672][T31315] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3240'.
[  828.446501][T31316] FAULT_INJECTION: forcing a failure.
[  828.446501][T31316] name failslab, interval 1, probability 0, space 0, times 0
[  828.516819][T31316] CPU: 1 UID: 0 PID: 31316 Comm: syz.1.3239 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  828.516848][T31316] Tainted: [U]=USER
[  828.516853][T31316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  828.516862][T31316] Call Trace:
[  828.516868][T31316]  <TASK>
[  828.516875][T31316]  dump_stack_lvl+0x16c/0x1f0
[  828.516899][T31316]  should_fail_ex+0x512/0x640
[  828.516920][T31316]  ? __kmalloc_cache_noprof+0x5f/0x780
[  828.516938][T31316]  should_failslab+0xc2/0x120
[  828.516958][T31316]  __kmalloc_cache_noprof+0x72/0x780
[  828.516972][T31316]  ? __pfx___might_resched+0x10/0x10
[  828.516989][T31316]  ? snd_card_file_add+0x52/0x340
[  828.517004][T31316]  ? rcu_is_watching+0x12/0xc0
[  828.517023][T31316]  ? snd_card_file_add+0x52/0x340
[  828.517035][T31316]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  828.517051][T31316]  snd_card_file_add+0x52/0x340
[  828.517064][T31316]  ? snd_lookup_minor_data+0xee/0x1b0
[  828.517086][T31316]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  828.517103][T31316]  snd_pcm_open+0xf1/0x730
[  828.517121][T31316]  ? __pfx_snd_pcm_open+0x10/0x10
[  828.517147][T31316]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  828.517164][T31316]  snd_pcm_capture_open+0x89/0xe0
[  828.517181][T31316]  snd_open+0x22a/0x4c0
[  828.517202][T31316]  ? __pfx_snd_open+0x10/0x10
[  828.517221][T31316]  chrdev_open+0x234/0x6a0
[  828.517239][T31316]  ? __pfx_apparmor_file_open+0x10/0x10
[  828.517259][T31316]  ? __pfx_chrdev_open+0x10/0x10
[  828.517278][T31316]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  828.517298][T31316]  do_dentry_open+0x982/0x1530
[  828.517316][T31316]  ? __pfx_chrdev_open+0x10/0x10
[  828.517338][T31316]  vfs_open+0x82/0x3f0
[  828.517360][T31316]  path_openat+0x1de4/0x2cb0
[  828.517383][T31316]  ? __pfx_path_openat+0x10/0x10
[  828.517404][T31316]  do_filp_open+0x20b/0x470
[  828.517421][T31316]  ? __pfx_do_filp_open+0x10/0x10
[  828.517451][T31316]  ? alloc_fd+0x471/0x7d0
[  828.517471][T31316]  do_sys_openat2+0x11b/0x1d0
[  828.517498][T31316]  ? __pfx_do_sys_openat2+0x10/0x10
[  828.517528][T31316]  __x64_sys_openat+0x174/0x210
[  828.517550][T31316]  ? __pfx___x64_sys_openat+0x10/0x10
[  828.517584][T31316]  do_syscall_64+0xcd/0x4b0
[  828.517603][T31316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  828.517620][T31316] RIP: 0033:0x7f7f2af8eec9
[  828.517633][T31316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  828.517651][T31316] RSP: 002b:00007f7f2bd57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  828.517666][T31316] RAX: ffffffffffffffda RBX: 00007f7f2b1e5fa0 RCX: 00007f7f2af8eec9
[  828.517676][T31316] RDX: 0000000000000080 RSI: 0000200000002040 RDI: ffffffffffffff9c
[  828.517685][T31316] RBP: 00007f7f2b011f91 R08: 0000000000000000 R09: 0000000000000000
[  828.517695][T31316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  828.517705][T31316] R13: 00007f7f2b1e6038 R14: 00007f7f2b1e5fa0 R15: 00007ffd961c0bf8
[  828.517724][T31316]  </TASK>
[  829.904231][   T30] audit: type=1800 audit(4294967408.134:45): pid=31344 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3240" name="dbroot" dev="configfs" ino=91406 res=0 errno=0
[  832.109146][T31412] FAULT_INJECTION: forcing a failure.
[  832.109146][T31412] name failslab, interval 1, probability 0, space 0, times 0
[  832.261132][T31412] CPU: 1 UID: 8 PID: 31412 Comm: syz.4.3255 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  832.261160][T31412] Tainted: [U]=USER
[  832.261165][T31412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  832.261174][T31412] Call Trace:
[  832.261180][T31412]  <TASK>
[  832.261187][T31412]  dump_stack_lvl+0x16c/0x1f0
[  832.261211][T31412]  should_fail_ex+0x512/0x640
[  832.261231][T31412]  ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0
[  832.261254][T31412]  should_failslab+0xc2/0x120
[  832.261276][T31412]  __kmalloc_node_track_caller_noprof+0xde/0x8a0
[  832.261296][T31412]  ? kstrdup_const+0x63/0x80
[  832.261316][T31412]  ? kstrdup+0x53/0x100
[  832.261330][T31412]  kstrdup+0x53/0x100
[  832.261347][T31412]  kstrdup_const+0x63/0x80
[  832.261363][T31412]  __kmem_cache_create_args+0x16c/0x3c0
[  832.261380][T31412]  mon_text_open+0x333/0x510
[  832.261402][T31412]  ? __pfx_mon_text_open+0x10/0x10
[  832.261422][T31412]  ? __pfx_mon_text_ctor+0x10/0x10
[  832.261448][T31412]  ? __pfx_apparmor_file_open+0x10/0x10
[  832.261469][T31412]  ? lockdown_is_locked_down+0x3f/0x130
[  832.261489][T31412]  ? bpf_lsm_locked_down+0x9/0x10
[  832.261512][T31412]  ? __pfx_mon_text_open+0x10/0x10
[  832.261530][T31412]  full_proxy_open_regular+0x1b6/0x360
[  832.261553][T31412]  do_dentry_open+0x982/0x1530
[  832.261571][T31412]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  832.261596][T31412]  vfs_open+0x82/0x3f0
[  832.261619][T31412]  path_openat+0x1de4/0x2cb0
[  832.261643][T31412]  ? __pfx_path_openat+0x10/0x10
[  832.261665][T31412]  do_filp_open+0x20b/0x470
[  832.261682][T31412]  ? __pfx_do_filp_open+0x10/0x10
[  832.261713][T31412]  ? alloc_fd+0x471/0x7d0
[  832.261734][T31412]  do_sys_openat2+0x11b/0x1d0
[  832.261755][T31412]  ? __pfx_do_sys_openat2+0x10/0x10
[  832.261777][T31412]  ? find_held_lock+0x2b/0x80
[  832.261800][T31412]  __x64_sys_openat+0x174/0x210
[  832.261822][T31412]  ? __pfx___x64_sys_openat+0x10/0x10
[  832.261851][T31412]  do_syscall_64+0xcd/0x4b0
[  832.261871][T31412]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  832.261886][T31412] RIP: 0033:0x7f086838eec9
[  832.261899][T31412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  832.261913][T31412] RSP: 002b:00007f086922c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  832.261927][T31412] RAX: ffffffffffffffda RBX: 00007f08685e5fa0 RCX: 00007f086838eec9
[  832.261937][T31412] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  832.261947][T31412] RBP: 00007f0868411f91 R08: 0000000000000000 R09: 0000000000000000
[  832.261957][T31412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  832.261966][T31412] R13: 00007f08685e6038 R14: 00007f08685e5fa0 R15: 00007ffe035e7d98
[  832.261987][T31412]  </TASK>
[  832.261995][T31412] __kmem_cache_create_args(mon_text_ffff888029744000) failed with error -12
[  833.528698][T31445] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0]
[  833.685656][T31446] FAULT_INJECTION: forcing a failure.
[  833.685656][T31446] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  833.952043][T31446] CPU: 1 UID: 0 PID: 31446 Comm: syz.1.3261 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  833.952069][T31446] Tainted: [U]=USER
[  833.952075][T31446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  833.952085][T31446] Call Trace:
[  833.952090][T31446]  <TASK>
[  833.952096][T31446]  dump_stack_lvl+0x16c/0x1f0
[  833.952121][T31446]  should_fail_ex+0x512/0x640
[  833.952146][T31446]  should_fail_alloc_page+0xe7/0x130
[  833.952169][T31446]  prepare_alloc_pages+0x3c2/0x610
[  833.952189][T31446]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  833.952207][T31446]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  833.952233][T31446]  ? __lock_acquire+0xb97/0x1ce0
[  833.952254][T31446]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  833.952279][T31446]  ? __pfx___mutex_trylock_common+0x10/0x10
[  833.952302][T31446]  ? __pfx___might_resched+0x10/0x10
[  833.952330][T31446]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  833.952348][T31446]  ? policy_nodemask+0xea/0x4e0
[  833.952371][T31446]  alloc_pages_mpol+0x1fb/0x550
[  833.952392][T31446]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  833.952412][T31446]  ? __pfx___mutex_lock+0x10/0x10
[  833.952434][T31446]  ___kmalloc_large_node+0xed/0x160
[  833.952458][T31446]  __kmalloc_large_noprof+0x1c/0x70
[  833.952479][T31446]  uhid_char_open+0x24/0x250
[  833.952500][T31446]  ? __pfx_uhid_char_open+0x10/0x10
[  833.952525][T31446]  misc_open+0x26a/0x450
[  833.952542][T31446]  ? __pfx_misc_open+0x10/0x10
[  833.952557][T31446]  chrdev_open+0x234/0x6a0
[  833.952577][T31446]  ? __pfx_apparmor_file_open+0x10/0x10
[  833.952598][T31446]  ? __pfx_chrdev_open+0x10/0x10
[  833.952617][T31446]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  833.952638][T31446]  do_dentry_open+0x982/0x1530
[  833.952656][T31446]  ? __pfx_chrdev_open+0x10/0x10
[  833.952677][T31446]  vfs_open+0x82/0x3f0
[  833.952700][T31446]  path_openat+0x1de4/0x2cb0
[  833.952723][T31446]  ? __pfx_path_openat+0x10/0x10
[  833.952745][T31446]  do_filp_open+0x20b/0x470
[  833.952762][T31446]  ? __pfx_do_filp_open+0x10/0x10
[  833.952792][T31446]  ? alloc_fd+0x471/0x7d0
[  833.952814][T31446]  do_sys_openat2+0x11b/0x1d0
[  833.952835][T31446]  ? __pfx_do_sys_openat2+0x10/0x10
[  833.952864][T31446]  __x64_sys_openat+0x174/0x210
[  833.952885][T31446]  ? __pfx___x64_sys_openat+0x10/0x10
[  833.952914][T31446]  do_syscall_64+0xcd/0x4b0
[  833.952933][T31446]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  833.952947][T31446] RIP: 0033:0x7f7f2af8eec9
[  833.952961][T31446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  833.952976][T31446] RSP: 002b:00007f7f291f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  833.952990][T31446] RAX: ffffffffffffffda RBX: 00007f7f2b1e6090 RCX: 00007f7f2af8eec9
[  833.953001][T31446] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  833.953011][T31446] RBP: 00007f7f2b011f91 R08: 0000000000000000 R09: 0000000000000000
[  833.953020][T31446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  833.953029][T31446] R13: 00007f7f2b1e6128 R14: 00007f7f2b1e6090 R15: 00007ffd961c0bf8
[  833.953049][T31446]  </TASK>
[  834.781164][T31412] CPU: 1 UID: 8 PID: 31412 Comm: syz.4.3255 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  834.781189][T31412] Tainted: [U]=USER
[  834.781194][T31412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  834.781208][T31412] Call Trace:
[  834.781215][T31412]  <TASK>
[  834.781222][T31412]  dump_stack_lvl+0x16c/0x1f0
[  834.781245][T31412]  __kmem_cache_create_args+0x128/0x3c0
[  834.781264][T31412]  mon_text_open+0x333/0x510
[  834.781285][T31412]  ? __pfx_mon_text_open+0x10/0x10
[  834.781306][T31412]  ? __pfx_mon_text_ctor+0x10/0x10
[  834.781325][T31412]  ? __pfx_apparmor_file_open+0x10/0x10
[  834.781345][T31412]  ? lockdown_is_locked_down+0x3f/0x130
[  834.781363][T31412]  ? bpf_lsm_locked_down+0x9/0x10
[  834.781386][T31412]  ? __pfx_mon_text_open+0x10/0x10
[  834.781403][T31412]  full_proxy_open_regular+0x1b6/0x360
[  834.781426][T31412]  do_dentry_open+0x982/0x1530
[  834.781444][T31412]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  834.781469][T31412]  vfs_open+0x82/0x3f0
[  834.781492][T31412]  path_openat+0x1de4/0x2cb0
[  834.781515][T31412]  ? __pfx_path_openat+0x10/0x10
[  834.781540][T31412]  do_filp_open+0x20b/0x470
[  834.781557][T31412]  ? __pfx_do_filp_open+0x10/0x10
[  834.781587][T31412]  ? alloc_fd+0x471/0x7d0
[  834.781607][T31412]  do_sys_openat2+0x11b/0x1d0
[  834.781628][T31412]  ? __pfx_do_sys_openat2+0x10/0x10
[  834.781650][T31412]  ? find_held_lock+0x2b/0x80
[  834.781673][T31412]  __x64_sys_openat+0x174/0x210
[  834.781694][T31412]  ? __pfx___x64_sys_openat+0x10/0x10
[  834.781724][T31412]  do_syscall_64+0xcd/0x4b0
[  834.781743][T31412]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  834.781758][T31412] RIP: 0033:0x7f086838eec9
[  834.781770][T31412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  834.781783][T31412] RSP: 002b:00007f086922c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  834.781797][T31412] RAX: ffffffffffffffda RBX: 00007f08685e5fa0 RCX: 00007f086838eec9
[  834.781806][T31412] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  834.781815][T31412] RBP: 00007f0868411f91 R08: 0000000000000000 R09: 0000000000000000
[  834.781824][T31412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  834.781832][T31412] R13: 00007f08685e6038 R14: 00007f08685e5fa0 R15: 00007ffe035e7d98
[  834.781852][T31412]  </TASK>
[  835.133107][T31578] FAULT_INJECTION: forcing a failure.
[  835.133107][T31578] name fail_futex, interval 1, probability 0, space 0, times 0
[  835.146097][T31578] CPU: 1 UID: 0 PID: 31578 Comm: syz.1.3265 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  835.146131][T31578] Tainted: [U]=USER
[  835.146137][T31578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  835.146146][T31578] Call Trace:
[  835.146151][T31578]  <TASK>
[  835.146158][T31578]  dump_stack_lvl+0x16c/0x1f0
[  835.146208][T31578]  should_fail_ex+0x512/0x640
[  835.146232][T31578]  get_futex_key+0x1d0/0x1560
[  835.146255][T31578]  ? __pfx_get_futex_key+0x10/0x10
[  835.146277][T31578]  ? __pick_eevdf+0x30a/0x670
[  835.146301][T31578]  futex_wait_setup+0x9d/0x550
[  835.146321][T31578]  __futex_wait+0x193/0x2f0
[  835.146336][T31578]  ? __pfx___futex_wait+0x10/0x10
[  835.146350][T31578]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  835.146365][T31578]  ? lockdep_hardirqs_on+0x7c/0x110
[  835.146383][T31578]  ? __pfx_futex_wake_mark+0x10/0x10
[  835.146400][T31578]  ? futex_private_hash_put+0x176/0x300
[  835.146422][T31578]  ? futex_private_hash_put+0x18a/0x300
[  835.146442][T31578]  futex_wait+0xe8/0x380
[  835.146456][T31578]  ? __pfx_futex_wait+0x10/0x10
[  835.146476][T31578]  ? keyctl_get_persistent+0x5ec/0x8c0
[  835.146496][T31578]  do_futex+0x229/0x350
[  835.146517][T31578]  ? __pfx_do_futex+0x10/0x10
[  835.146538][T31578]  ? __pfx_keyctl_get_persistent+0x10/0x10
[  835.146556][T31578]  __x64_sys_futex+0x1e0/0x4c0
[  835.146579][T31578]  ? __pfx___x64_sys_futex+0x10/0x10
[  835.146599][T31578]  ? xfd_validate_state+0x61/0x180
[  835.146611][T31578]  ? __pfx_do_writev+0x10/0x10
[  835.146633][T31578]  do_syscall_64+0xcd/0x4b0
[  835.146651][T31578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  835.146666][T31578] RIP: 0033:0x7f7f2af8eec9
[  835.146678][T31578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  835.146692][T31578] RSP: 002b:00007f7f2bd570e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  835.146706][T31578] RAX: ffffffffffffffda RBX: 00007f7f2b1e5fa8 RCX: 00007f7f2af8eec9
[  835.146716][T31578] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7f2b1e5fa8
[  835.146725][T31578] RBP: 00007f7f2b1e5fa0 R08: 0000000000000000 R09: 0000000000000000
[  835.146734][T31578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  835.146742][T31578] R13: 00007f7f2b1e6038 R14: 00007ffd961c0b10 R15: 00007ffd961c0bf8
[  835.146761][T31578]  </TASK>
[  837.137042][T31647] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3276'.
[  837.226364][T31645] FAULT_INJECTION: forcing a failure.
[  837.226364][T31645] name failslab, interval 1, probability 0, space 0, times 0
[  837.333737][T31649] FAULT_INJECTION: forcing a failure.
[  837.333737][T31649] name failslab, interval 1, probability 0, space 0, times 0
[  837.364557][T31645] CPU: 1 UID: 0 PID: 31645 Comm: syz.4.3275 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  837.364585][T31645] Tainted: [U]=USER
[  837.364590][T31645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  837.364600][T31645] Call Trace:
[  837.364605][T31645]  <TASK>
[  837.364612][T31645]  dump_stack_lvl+0x16c/0x1f0
[  837.364635][T31645]  should_fail_ex+0x512/0x640
[  837.364656][T31645]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  837.364675][T31645]  should_failslab+0xc2/0x120
[  837.364695][T31645]  kmem_cache_alloc_noprof+0x75/0x6e0
[  837.364711][T31645]  ? alloc_empty_file+0x55/0x1e0
[  837.364736][T31645]  ? alloc_empty_file+0x55/0x1e0
[  837.364754][T31645]  alloc_empty_file+0x55/0x1e0
[  837.364775][T31645]  path_openat+0xda/0x2cb0
[  837.364798][T31645]  ? __pfx_path_openat+0x10/0x10
[  837.364820][T31645]  do_filp_open+0x20b/0x470
[  837.364837][T31645]  ? __pfx_do_filp_open+0x10/0x10
[  837.364867][T31645]  ? alloc_fd+0x471/0x7d0
[  837.364887][T31645]  do_sys_openat2+0x11b/0x1d0
[  837.364908][T31645]  ? __pfx_do_sys_openat2+0x10/0x10
[  837.364943][T31645]  ? find_held_lock+0x2b/0x80
[  837.364967][T31645]  __x64_sys_openat+0x174/0x210
[  837.364990][T31645]  ? __pfx___x64_sys_openat+0x10/0x10
[  837.365027][T31645]  do_syscall_64+0xcd/0x4b0
[  837.365047][T31645]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.365063][T31645] RIP: 0033:0x7f086838eec9
[  837.365075][T31645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  837.365089][T31645] RSP: 002b:00007f086922c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  837.365103][T31645] RAX: ffffffffffffffda RBX: 00007f08685e5fa0 RCX: 00007f086838eec9
[  837.365113][T31645] RDX: 0000000000002082 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  837.365122][T31645] RBP: 00007f0868411f91 R08: 0000000000000000 R09: 0000000000000000
[  837.365131][T31645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  837.365139][T31645] R13: 00007f08685e6038 R14: 00007f08685e5fa0 R15: 00007ffe035e7d98
[  837.365158][T31645]  </TASK>
[  837.786202][T31649] CPU: 1 UID: 8 PID: 31649 Comm: syz.1.3277 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  837.786231][T31649] Tainted: [U]=USER
[  837.786236][T31649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  837.786246][T31649] Call Trace:
[  837.786252][T31649]  <TASK>
[  837.786259][T31649]  dump_stack_lvl+0x16c/0x1f0
[  837.786284][T31649]  should_fail_ex+0x512/0x640
[  837.786305][T31649]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  837.786324][T31649]  should_failslab+0xc2/0x120
[  837.786347][T31649]  kmem_cache_alloc_node_noprof+0x78/0x770
[  837.786362][T31649]  ? reciprocal_value+0x3a/0x90
[  837.786379][T31649]  ? do_kmem_cache_create+0x25b/0x740
[  837.786401][T31649]  ? do_kmem_cache_create+0x25b/0x740
[  837.786419][T31649]  do_kmem_cache_create+0x25b/0x740
[  837.786441][T31649]  __kmem_cache_create_args+0x202/0x3c0
[  837.786459][T31649]  mon_text_open+0x333/0x510
[  837.786479][T31649]  ? __pfx_mon_text_open+0x10/0x10
[  837.786508][T31649]  ? __pfx_mon_text_ctor+0x10/0x10
[  837.786528][T31649]  ? __pfx_apparmor_file_open+0x10/0x10
[  837.786549][T31649]  ? lockdown_is_locked_down+0x3f/0x130
[  837.786568][T31649]  ? bpf_lsm_locked_down+0x9/0x10
[  837.786592][T31649]  ? __pfx_mon_text_open+0x10/0x10
[  837.786610][T31649]  full_proxy_open_regular+0x1b6/0x360
[  837.786632][T31649]  do_dentry_open+0x982/0x1530
[  837.786651][T31649]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  837.786675][T31649]  vfs_open+0x82/0x3f0
[  837.786698][T31649]  path_openat+0x1de4/0x2cb0
[  837.786722][T31649]  ? __pfx_path_openat+0x10/0x10
[  837.786744][T31649]  do_filp_open+0x20b/0x470
[  837.786761][T31649]  ? __pfx_do_filp_open+0x10/0x10
[  837.786792][T31649]  ? alloc_fd+0x471/0x7d0
[  837.786814][T31649]  do_sys_openat2+0x11b/0x1d0
[  837.786835][T31649]  ? __pfx_do_sys_openat2+0x10/0x10
[  837.786871][T31649]  __x64_sys_openat+0x174/0x210
[  837.786894][T31649]  ? __pfx___x64_sys_openat+0x10/0x10
[  837.786925][T31649]  do_syscall_64+0xcd/0x4b0
[  837.786946][T31649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.786961][T31649] RIP: 0033:0x7f7f2af8eec9
[  837.786974][T31649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  837.786989][T31649] RSP: 002b:00007f7f2bd57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  837.787003][T31649] RAX: ffffffffffffffda RBX: 00007f7f2b1e5fa0 RCX: 00007f7f2af8eec9
[  837.787013][T31649] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  837.787023][T31649] RBP: 00007f7f2b011f91 R08: 0000000000000000 R09: 0000000000000000
[  837.787032][T31649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  837.787041][T31649] R13: 00007f7f2b1e6038 R14: 00007f7f2b1e5fa0 R15: 00007ffd961c0bf8
[  837.787061][T31649]  </TASK>
[  837.787092][T31649] __kmem_cache_create_args(mon_text_ffff8880355ba400) failed with error -22
[  840.381666][T31649] CPU: 1 UID: 8 PID: 31649 Comm: syz.1.3277 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  840.381691][T31649] Tainted: [U]=USER
[  840.381696][T31649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  840.381705][T31649] Call Trace:
[  840.381710][T31649]  <TASK>
[  840.381717][T31649]  dump_stack_lvl+0x16c/0x1f0
[  840.381740][T31649]  __kmem_cache_create_args+0x128/0x3c0
[  840.381758][T31649]  mon_text_open+0x333/0x510
[  840.381779][T31649]  ? __pfx_mon_text_open+0x10/0x10
[  840.381799][T31649]  ? __pfx_mon_text_ctor+0x10/0x10
[  840.381819][T31649]  ? __pfx_apparmor_file_open+0x10/0x10
[  840.381839][T31649]  ? lockdown_is_locked_down+0x3f/0x130
[  840.381857][T31649]  ? bpf_lsm_locked_down+0x9/0x10
[  840.381879][T31649]  ? __pfx_mon_text_open+0x10/0x10
[  840.381897][T31649]  full_proxy_open_regular+0x1b6/0x360
[  840.381919][T31649]  do_dentry_open+0x982/0x1530
[  840.381937][T31649]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  840.381965][T31649]  vfs_open+0x82/0x3f0
[  840.381988][T31649]  path_openat+0x1de4/0x2cb0
[  840.382011][T31649]  ? __pfx_path_openat+0x10/0x10
[  840.382033][T31649]  do_filp_open+0x20b/0x470
[  840.382049][T31649]  ? __pfx_do_filp_open+0x10/0x10
[  840.382080][T31649]  ? alloc_fd+0x471/0x7d0
[  840.382100][T31649]  do_sys_openat2+0x11b/0x1d0
[  840.382121][T31649]  ? __pfx_do_sys_openat2+0x10/0x10
[  840.382149][T31649]  __x64_sys_openat+0x174/0x210
[  840.382171][T31649]  ? __pfx___x64_sys_openat+0x10/0x10
[  840.382200][T31649]  do_syscall_64+0xcd/0x4b0
[  840.382219][T31649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  840.382234][T31649] RIP: 0033:0x7f7f2af8eec9
[  840.382246][T31649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  840.382259][T31649] RSP: 002b:00007f7f2bd57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  840.382273][T31649] RAX: ffffffffffffffda RBX: 00007f7f2b1e5fa0 RCX: 00007f7f2af8eec9
[  840.382283][T31649] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  840.382292][T31649] RBP: 00007f7f2b011f91 R08: 0000000000000000 R09: 0000000000000000
[  840.382300][T31649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  840.382309][T31649] R13: 00007f7f2b1e6038 R14: 00007f7f2b1e5fa0 R15: 00007ffd961c0bf8
[  840.382328][T31649]  </TASK>
[  840.945805][T31761] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  841.005312][T31761] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  841.055679][T31761] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  841.090768][T31817] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3285'.
[  841.108250][T31761] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  841.114914][T31761] CPU0 is offline.
[  841.156038][T31772] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  841.226027][T31823] netlink: 350 bytes leftover after parsing attributes in process `syz.3.3286'.
[  841.339956][T31817] team0 (unregistering): Port device team_slave_0 removed
[  841.350573][T31817] team0 (unregistering): Port device team_slave_1 removed
[  842.048932][T31822] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  842.070857][T31822] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  842.121067][T31822] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  842.169821][T31822] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  842.209433][T31822] CPU0 is offline.
[  842.266736][T31823] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  842.304504][T31823] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  842.358710][T31823] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  842.418989][T31823] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  842.450698][T31823] CPU0 is offline.
[  844.130587][T32002] FAULT_INJECTION: forcing a failure.
[  844.130587][T32002] name failslab, interval 1, probability 0, space 0, times 0
[  844.205893][T32002] CPU: 1 UID: 8 PID: 32002 Comm: syz.4.3299 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  844.205920][T32002] Tainted: [U]=USER
[  844.205926][T32002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  844.205935][T32002] Call Trace:
[  844.205941][T32002]  <TASK>
[  844.205949][T32002]  dump_stack_lvl+0x16c/0x1f0
[  844.205972][T32002]  should_fail_ex+0x512/0x640
[  844.205993][T32002]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  844.206014][T32002]  should_failslab+0xc2/0x120
[  844.206034][T32002]  kmem_cache_alloc_node_noprof+0x78/0x770
[  844.206049][T32002]  ? reciprocal_value+0x3a/0x90
[  844.206066][T32002]  ? do_kmem_cache_create+0x25b/0x740
[  844.206089][T32002]  ? do_kmem_cache_create+0x25b/0x740
[  844.206107][T32002]  do_kmem_cache_create+0x25b/0x740
[  844.206129][T32002]  __kmem_cache_create_args+0x202/0x3c0
[  844.206147][T32002]  mon_text_open+0x333/0x510
[  844.206168][T32002]  ? __pfx_mon_text_open+0x10/0x10
[  844.206188][T32002]  ? __pfx_mon_text_ctor+0x10/0x10
[  844.206208][T32002]  ? __pfx_apparmor_file_open+0x10/0x10
[  844.206228][T32002]  ? lockdown_is_locked_down+0x3f/0x130
[  844.206248][T32002]  ? bpf_lsm_locked_down+0x9/0x10
[  844.206269][T32002]  ? __pfx_mon_text_open+0x10/0x10
[  844.206288][T32002]  full_proxy_open_regular+0x1b6/0x360
[  844.206310][T32002]  do_dentry_open+0x982/0x1530
[  844.206336][T32002]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  844.206362][T32002]  vfs_open+0x82/0x3f0
[  844.206387][T32002]  path_openat+0x1de4/0x2cb0
[  844.206413][T32002]  ? __pfx_path_openat+0x10/0x10
[  844.206435][T32002]  do_filp_open+0x20b/0x470
[  844.206452][T32002]  ? __pfx_do_filp_open+0x10/0x10
[  844.206483][T32002]  ? alloc_fd+0x471/0x7d0
[  844.206504][T32002]  do_sys_openat2+0x11b/0x1d0
[  844.206525][T32002]  ? __pfx_do_sys_openat2+0x10/0x10
[  844.206547][T32002]  ? find_held_lock+0x2b/0x80
[  844.206570][T32002]  __x64_sys_openat+0x174/0x210
[  844.206591][T32002]  ? __pfx___x64_sys_openat+0x10/0x10
[  844.206621][T32002]  do_syscall_64+0xcd/0x4b0
[  844.206640][T32002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  844.206655][T32002] RIP: 0033:0x7f086838eec9
[  844.206668][T32002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  844.206683][T32002] RSP: 002b:00007f086922c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  844.206697][T32002] RAX: ffffffffffffffda RBX: 00007f08685e5fa0 RCX: 00007f086838eec9
[  844.206707][T32002] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  844.206716][T32002] RBP: 00007f0868411f91 R08: 0000000000000000 R09: 0000000000000000
[  844.206725][T32002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  844.206733][T32002] R13: 00007f08685e6038 R14: 00007f08685e5fa0 R15: 00007ffe035e7d98
[  844.206754][T32002]  </TASK>
[  844.206786][T32002] __kmem_cache_create_args(mon_text_ffff88805b47c800) failed with error -22
[  844.528483][T13890] Bluetooth: hci1: command 0x0406 tx timeout
[  844.534638][T13890] Bluetooth: hci4: command 0x0c1a tx timeout
[  844.540632][T13890] Bluetooth: hci2: command 0x0c1a tx timeout
[  844.547735][T13890] Bluetooth: hci0: command 0x0c1a tx timeout
[  845.237589][T32002] CPU: 1 UID: 8 PID: 32002 Comm: syz.4.3299 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  845.237615][T32002] Tainted: [U]=USER
[  845.237621][T32002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  845.237629][T32002] Call Trace:
[  845.237635][T32002]  <TASK>
[  845.237641][T32002]  dump_stack_lvl+0x16c/0x1f0
[  845.237663][T32002]  __kmem_cache_create_args+0x128/0x3c0
[  845.237681][T32002]  mon_text_open+0x333/0x510
[  845.237703][T32002]  ? __pfx_mon_text_open+0x10/0x10
[  845.237723][T32002]  ? __pfx_mon_text_ctor+0x10/0x10
[  845.237743][T32002]  ? __pfx_apparmor_file_open+0x10/0x10
[  845.237763][T32002]  ? lockdown_is_locked_down+0x3f/0x130
[  845.237781][T32002]  ? bpf_lsm_locked_down+0x9/0x10
[  845.237804][T32002]  ? __pfx_mon_text_open+0x10/0x10
[  845.237822][T32002]  full_proxy_open_regular+0x1b6/0x360
[  845.237845][T32002]  do_dentry_open+0x982/0x1530
[  845.237863][T32002]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  845.237887][T32002]  vfs_open+0x82/0x3f0
[  845.237910][T32002]  path_openat+0x1de4/0x2cb0
[  845.237933][T32002]  ? __pfx_path_openat+0x10/0x10
[  845.237955][T32002]  do_filp_open+0x20b/0x470
[  845.237971][T32002]  ? __pfx_do_filp_open+0x10/0x10
[  845.238001][T32002]  ? alloc_fd+0x471/0x7d0
[  845.238022][T32002]  do_sys_openat2+0x11b/0x1d0
[  845.238043][T32002]  ? __pfx_do_sys_openat2+0x10/0x10
[  845.238064][T32002]  ? find_held_lock+0x2b/0x80
[  845.238087][T32002]  __x64_sys_openat+0x174/0x210
[  845.238109][T32002]  ? __pfx___x64_sys_openat+0x10/0x10
[  845.238138][T32002]  do_syscall_64+0xcd/0x4b0
[  845.238157][T32002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  845.238179][T32002] RIP: 0033:0x7f086838eec9
[  845.238190][T32002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  845.238203][T32002] RSP: 002b:00007f086922c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  845.238218][T32002] RAX: ffffffffffffffda RBX: 00007f08685e5fa0 RCX: 00007f086838eec9
[  845.238227][T32002] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  845.238236][T32002] RBP: 00007f0868411f91 R08: 0000000000000000 R09: 0000000000000000
[  845.238244][T32002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  845.238253][T32002] R13: 00007f08685e6038 R14: 00007f08685e5fa0 R15: 00007ffe035e7d98
[  845.238271][T32002]  </TASK>
[  845.850823][T32037] FAULT_INJECTION: forcing a failure.
[  845.850823][T32037] name failslab, interval 1, probability 0, space 0, times 0
[  845.957318][T32043] netlink: zone id is out of range
[  845.969581][T32037] CPU: 1 UID: 0 PID: 32037 Comm: syz.1.3300 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  845.969611][T32037] Tainted: [U]=USER
[  845.969616][T32037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  845.969626][T32037] Call Trace:
[  845.969632][T32037]  <TASK>
[  845.969639][T32037]  dump_stack_lvl+0x16c/0x1f0
[  845.969663][T32037]  should_fail_ex+0x512/0x640
[  845.969684][T32037]  ? __kmalloc_cache_noprof+0x5f/0x780
[  845.969702][T32037]  should_failslab+0xc2/0x120
[  845.969724][T32037]  __kmalloc_cache_noprof+0x72/0x780
[  845.969738][T32037]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[  845.969759][T32037]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[  845.969779][T32037]  ? loopback_open+0x145/0x13f0
[  845.969800][T32037]  ? loopback_open+0x145/0x13f0
[  845.969817][T32037]  loopback_open+0x145/0x13f0
[  845.969839][T32037]  snd_pcm_open_substream+0xa60/0x17f0
[  845.969859][T32037]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  845.969877][T32037]  ? rcu_is_watching+0x12/0xc0
[  845.969899][T32037]  snd_pcm_open+0x29e/0x730
[  845.969918][T32037]  ? __pfx_snd_pcm_open+0x10/0x10
[  845.969938][T32037]  ? __pfx_default_wake_function+0x10/0x10
[  845.969962][T32037]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  845.969979][T32037]  snd_pcm_capture_open+0x89/0xe0
[  845.969996][T32037]  snd_open+0x22a/0x4c0
[  845.970018][T32037]  ? __pfx_snd_open+0x10/0x10
[  845.970038][T32037]  chrdev_open+0x234/0x6a0
[  845.970056][T32037]  ? __pfx_apparmor_file_open+0x10/0x10
[  845.970078][T32037]  ? __pfx_chrdev_open+0x10/0x10
[  845.970097][T32037]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  845.970118][T32037]  do_dentry_open+0x982/0x1530
[  845.970136][T32037]  ? __pfx_chrdev_open+0x10/0x10
[  845.970159][T32037]  vfs_open+0x82/0x3f0
[  845.970188][T32037]  path_openat+0x1de4/0x2cb0
[  845.970214][T32037]  ? __pfx_path_openat+0x10/0x10
[  845.970238][T32037]  do_filp_open+0x20b/0x470
[  845.970256][T32037]  ? __pfx_do_filp_open+0x10/0x10
[  845.970289][T32037]  ? alloc_fd+0x471/0x7d0
[  845.970311][T32037]  do_sys_openat2+0x11b/0x1d0
[  845.970331][T32037]  ? __pfx_do_sys_openat2+0x10/0x10
[  845.970361][T32037]  __x64_sys_openat+0x174/0x210
[  845.970391][T32037]  ? __pfx___x64_sys_openat+0x10/0x10
[  845.970422][T32037]  do_syscall_64+0xcd/0x4b0
[  845.970443][T32037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  845.970458][T32037] RIP: 0033:0x7f7f2af8eec9
[  845.970471][T32037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  845.970485][T32037] RSP: 002b:00007f7f2bd57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  845.970501][T32037] RAX: ffffffffffffffda RBX: 00007f7f2b1e5fa0 RCX: 00007f7f2af8eec9
[  845.970512][T32037] RDX: 0000000000000080 RSI: 0000200000002040 RDI: ffffffffffffff9c
[  845.970521][T32037] RBP: 00007f7f2b011f91 R08: 0000000000000000 R09: 0000000000000000
[  845.970531][T32037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  845.970540][T32037] R13: 00007f7f2b1e6038 R14: 00007f7f2b1e5fa0 R15: 00007ffd961c0bf8
[  845.970560][T32037]  </TASK>
[  846.275485][T32044] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3300'.
[  846.287297][T32044] bridge0: port 2(bridge_slave_1) entered disabled state
[  846.299604][T32043] netlink: zone id is out of range
[  846.305046][T32043] netlink: zone id is out of range
[  846.310227][T32043] netlink: zone id is out of range
[  846.315446][T32043] netlink: zone id is out of range
[  846.320908][T32043] netlink: zone id is out of range
[  846.326303][T32043] netlink: zone id is out of range
[  846.331548][T32043] netlink: zone id is out of range
[  846.336690][T32043] netlink: zone id is out of range
[  846.341980][T32043] netlink: zone id is out of range
[  846.369692][T32044] bridge_slave_1 (unregistering): left allmulticast mode
[  846.377173][T32044] bridge_slave_1 (unregistering): left promiscuous mode
[  846.384784][T32044] bridge0: port 2(bridge_slave_1) entered disabled state
[  847.211011][T32086] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3312'.
[  849.389698][T32220] FAULT_INJECTION: forcing a failure.
[  849.389698][T32220] name failslab, interval 1, probability 0, space 0, times 0
[  849.446442][T32220] CPU: 1 UID: 0 PID: 32220 Comm: syz.1.3330 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  849.446469][T32220] Tainted: [U]=USER
[  849.446474][T32220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  849.446484][T32220] Call Trace:
[  849.446489][T32220]  <TASK>
[  849.446496][T32220]  dump_stack_lvl+0x16c/0x1f0
[  849.446519][T32220]  should_fail_ex+0x512/0x640
[  849.446540][T32220]  ? __kmalloc_cache_noprof+0x5f/0x780
[  849.446558][T32220]  should_failslab+0xc2/0x120
[  849.446579][T32220]  __kmalloc_cache_noprof+0x72/0x780
[  849.446594][T32220]  ? loopback_open+0xa4e/0x13f0
[  849.446616][T32220]  ? loopback_open+0xa4e/0x13f0
[  849.446632][T32220]  loopback_open+0xa4e/0x13f0
[  849.446654][T32220]  snd_pcm_open_substream+0xa60/0x17f0
[  849.446674][T32220]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  849.446693][T32220]  ? rcu_is_watching+0x12/0xc0
[  849.446714][T32220]  snd_pcm_open+0x29e/0x730
[  849.446734][T32220]  ? __pfx_snd_pcm_open+0x10/0x10
[  849.446753][T32220]  ? __pfx_default_wake_function+0x10/0x10
[  849.446777][T32220]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  849.446794][T32220]  snd_pcm_capture_open+0x89/0xe0
[  849.446811][T32220]  snd_open+0x22a/0x4c0
[  849.446833][T32220]  ? __pfx_snd_open+0x10/0x10
[  849.446853][T32220]  chrdev_open+0x234/0x6a0
[  849.446871][T32220]  ? __pfx_apparmor_file_open+0x10/0x10
[  849.446892][T32220]  ? __pfx_chrdev_open+0x10/0x10
[  849.446911][T32220]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  849.446932][T32220]  do_dentry_open+0x982/0x1530
[  849.446950][T32220]  ? __pfx_chrdev_open+0x10/0x10
[  849.446971][T32220]  vfs_open+0x82/0x3f0
[  849.447003][T32220]  path_openat+0x1de4/0x2cb0
[  849.447035][T32220]  ? __pfx_path_openat+0x10/0x10
[  849.447058][T32220]  do_filp_open+0x20b/0x470
[  849.447076][T32220]  ? __pfx_do_filp_open+0x10/0x10
[  849.447108][T32220]  ? alloc_fd+0x471/0x7d0
[  849.447130][T32220]  do_sys_openat2+0x11b/0x1d0
[  849.447152][T32220]  ? __pfx_do_sys_openat2+0x10/0x10
[  849.447184][T32220]  __x64_sys_openat+0x174/0x210
[  849.447206][T32220]  ? __pfx___x64_sys_openat+0x10/0x10
[  849.447236][T32220]  do_syscall_64+0xcd/0x4b0
[  849.447255][T32220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  849.447270][T32220] RIP: 0033:0x7f7f2af8eec9
[  849.447283][T32220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  849.447297][T32220] RSP: 002b:00007f7f2bd57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  849.447311][T32220] RAX: ffffffffffffffda RBX: 00007f7f2b1e5fa0 RCX: 00007f7f2af8eec9
[  849.447325][T32220] RDX: 0000000000000080 RSI: 0000200000002040 RDI: ffffffffffffff9c
[  849.447335][T32220] RBP: 00007f7f2b011f91 R08: 0000000000000000 R09: 0000000000000000
[  849.447343][T32220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  849.447352][T32220] R13: 00007f7f2b1e6038 R14: 00007f7f2b1e5fa0 R15: 00007ffd961c0bf8
[  849.447371][T32220]  </TASK>
[  850.901620][T32257] Process accounting resumed
[  851.890475][T32313] usb usb2: usbfs: process 32313 (syz.1.3350) did not claim interface 0 before use
[  852.217353][T32328] FAULT_INJECTION: forcing a failure.
[  852.217353][T32328] name failslab, interval 1, probability 0, space 0, times 0
[  852.333848][T32328] CPU: 1 UID: 8 PID: 32328 Comm: syz.1.3353 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  852.333877][T32328] Tainted: [U]=USER
[  852.333882][T32328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  852.333891][T32328] Call Trace:
[  852.333896][T32328]  <TASK>
[  852.333903][T32328]  dump_stack_lvl+0x16c/0x1f0
[  852.333925][T32328]  should_fail_ex+0x512/0x640
[  852.333946][T32328]  ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0
[  852.333970][T32328]  should_failslab+0xc2/0x120
[  852.333991][T32328]  __kmalloc_node_track_caller_noprof+0xde/0x8a0
[  852.334010][T32328]  ? kstrdup_const+0x63/0x80
[  852.334030][T32328]  ? kstrdup+0x53/0x100
[  852.334045][T32328]  kstrdup+0x53/0x100
[  852.334061][T32328]  kstrdup_const+0x63/0x80
[  852.334078][T32328]  __kmem_cache_create_args+0x16c/0x3c0
[  852.334095][T32328]  mon_text_open+0x333/0x510
[  852.334116][T32328]  ? __pfx_mon_text_open+0x10/0x10
[  852.334137][T32328]  ? __pfx_mon_text_ctor+0x10/0x10
[  852.334156][T32328]  ? __pfx_apparmor_file_open+0x10/0x10
[  852.334177][T32328]  ? lockdown_is_locked_down+0x3f/0x130
[  852.334196][T32328]  ? bpf_lsm_locked_down+0x9/0x10
[  852.334219][T32328]  ? __pfx_mon_text_open+0x10/0x10
[  852.334236][T32328]  full_proxy_open_regular+0x1b6/0x360
[  852.334260][T32328]  do_dentry_open+0x982/0x1530
[  852.334278][T32328]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  852.334302][T32328]  vfs_open+0x82/0x3f0
[  852.334332][T32328]  path_openat+0x1de4/0x2cb0
[  852.334357][T32328]  ? __pfx_path_openat+0x10/0x10
[  852.334380][T32328]  do_filp_open+0x20b/0x470
[  852.334398][T32328]  ? __pfx_do_filp_open+0x10/0x10
[  852.334430][T32328]  ? alloc_fd+0x471/0x7d0
[  852.334451][T32328]  do_sys_openat2+0x11b/0x1d0
[  852.334473][T32328]  ? __pfx_do_sys_openat2+0x10/0x10
[  852.334500][T32328]  ? find_held_lock+0x2b/0x80
[  852.334524][T32328]  __x64_sys_openat+0x174/0x210
[  852.334547][T32328]  ? __pfx___x64_sys_openat+0x10/0x10
[  852.334577][T32328]  do_syscall_64+0xcd/0x4b0
[  852.334596][T32328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  852.334611][T32328] RIP: 0033:0x7f7f2af8eec9
[  852.334624][T32328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  852.334638][T32328] RSP: 002b:00007f7f2bd57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  852.334653][T32328] RAX: ffffffffffffffda RBX: 00007f7f2b1e5fa0 RCX: 00007f7f2af8eec9
[  852.334664][T32328] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  852.334673][T32328] RBP: 00007f7f2b011f91 R08: 0000000000000000 R09: 0000000000000000
[  852.334683][T32328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  852.334692][T32328] R13: 00007f7f2b1e6038 R14: 00007f7f2b1e5fa0 R15: 00007ffd961c0bf8
[  852.334712][T32328]  </TASK>
[  852.334721][T32328] __kmem_cache_create_args(mon_text_ffff8880598edc00) failed with error -12
[  853.031072][   T30] audit: type=1800 audit(4294967431.334:46): pid=32369 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3358" name="dbroot" dev="configfs" ino=93964 res=0 errno=0
[  853.800792][T32406] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3360'.
[  854.225412][T32328] CPU: 1 UID: 8 PID: 32328 Comm: syz.1.3353 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  854.225438][T32328] Tainted: [U]=USER
[  854.225442][T32328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  854.225451][T32328] Call Trace:
[  854.225456][T32328]  <TASK>
[  854.225463][T32328]  dump_stack_lvl+0x16c/0x1f0
[  854.225486][T32328]  __kmem_cache_create_args+0x128/0x3c0
[  854.225504][T32328]  mon_text_open+0x333/0x510
[  854.225525][T32328]  ? __pfx_mon_text_open+0x10/0x10
[  854.225545][T32328]  ? __pfx_mon_text_ctor+0x10/0x10
[  854.225565][T32328]  ? __pfx_apparmor_file_open+0x10/0x10
[  854.225584][T32328]  ? lockdown_is_locked_down+0x3f/0x130
[  854.225603][T32328]  ? bpf_lsm_locked_down+0x9/0x10
[  854.225626][T32328]  ? __pfx_mon_text_open+0x10/0x10
[  854.225643][T32328]  full_proxy_open_regular+0x1b6/0x360
[  854.225666][T32328]  do_dentry_open+0x982/0x1530
[  854.225685][T32328]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  854.225709][T32328]  vfs_open+0x82/0x3f0
[  854.225731][T32328]  path_openat+0x1de4/0x2cb0
[  854.225755][T32328]  ? __pfx_path_openat+0x10/0x10
[  854.225776][T32328]  do_filp_open+0x20b/0x470
[  854.225793][T32328]  ? __pfx_do_filp_open+0x10/0x10
[  854.225824][T32328]  ? alloc_fd+0x471/0x7d0
[  854.225845][T32328]  do_sys_openat2+0x11b/0x1d0
[  854.225866][T32328]  ? __pfx_do_sys_openat2+0x10/0x10
[  854.225888][T32328]  ? find_held_lock+0x2b/0x80
[  854.225910][T32328]  __x64_sys_openat+0x174/0x210
[  854.225932][T32328]  ? __pfx___x64_sys_openat+0x10/0x10
[  854.225962][T32328]  do_syscall_64+0xcd/0x4b0
[  854.225981][T32328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.225996][T32328] RIP: 0033:0x7f7f2af8eec9
[  854.226008][T32328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  854.226022][T32328] RSP: 002b:00007f7f2bd57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  854.226037][T32328] RAX: ffffffffffffffda RBX: 00007f7f2b1e5fa0 RCX: 00007f7f2af8eec9
[  854.226046][T32328] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  854.226055][T32328] RBP: 00007f7f2b011f91 R08: 0000000000000000 R09: 0000000000000000
[  854.226064][T32328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  854.226072][T32328] R13: 00007f7f2b1e6038 R14: 00007f7f2b1e5fa0 R15: 00007ffd961c0bf8
[  854.226090][T32328]  </TASK>
[  854.461510][    C1] vkms_vblank_simulate: vblank timer overrun
[  855.041291][T32452] FAULT_INJECTION: forcing a failure.
[  855.041291][T32452] name failslab, interval 1, probability 0, space 0, times 0
[  855.206768][T32452] CPU: 1 UID: 0 PID: 32452 Comm: syz.1.3366 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  855.206792][T32452] Tainted: [U]=USER
[  855.206797][T32452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  855.206806][T32452] Call Trace:
[  855.206811][T32452]  <TASK>
[  855.206817][T32452]  dump_stack_lvl+0x16c/0x1f0
[  855.206841][T32452]  should_fail_ex+0x512/0x640
[  855.206861][T32452]  ? __kmalloc_cache_noprof+0x5f/0x780
[  855.206879][T32452]  should_failslab+0xc2/0x120
[  855.206899][T32452]  __kmalloc_cache_noprof+0x72/0x780
[  855.206914][T32452]  ? pidlist_array_load+0x529/0x9d0
[  855.206937][T32452]  ? pidlist_array_load+0x529/0x9d0
[  855.206955][T32452]  pidlist_array_load+0x529/0x9d0
[  855.206977][T32452]  ? __pfx_pidlist_array_load+0x10/0x10
[  855.206996][T32452]  ? __pfx___mutex_lock+0x10/0x10
[  855.207022][T32452]  ? kernfs_root+0xf8/0x2a0
[  855.207045][T32452]  cgroup_pidlist_start+0x3a3/0x4f0
[  855.207065][T32452]  ? __pfx_cgroup_seqfile_start+0x10/0x10
[  855.207088][T32452]  kernfs_seq_start+0x130/0x2a0
[  855.207104][T32452]  seq_read_iter+0x2c1/0x12d0
[  855.207128][T32452]  kernfs_fop_read_iter+0x46c/0x610
[  855.207143][T32452]  ? rw_verify_area+0xcf/0x6c0
[  855.207159][T32452]  vfs_read+0x8bc/0xcf0
[  855.207178][T32452]  ? __pfx___mutex_lock+0x10/0x10
[  855.207203][T32452]  ? __pfx_vfs_read+0x10/0x10
[  855.207233][T32452]  ksys_read+0x12a/0x250
[  855.207249][T32452]  ? __pfx_ksys_read+0x10/0x10
[  855.207272][T32452]  do_syscall_64+0xcd/0x4b0
[  855.207292][T32452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  855.207306][T32452] RIP: 0033:0x7f7f2af8eec9
[  855.207319][T32452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  855.207332][T32452] RSP: 002b:00007f7f2bd57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  855.207346][T32452] RAX: ffffffffffffffda RBX: 00007f7f2b1e5fa0 RCX: 00007f7f2af8eec9
[  855.207356][T32452] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000004
[  855.207364][T32452] RBP: 00007f7f2b011f91 R08: 0000000000000000 R09: 0000000000000000
[  855.207373][T32452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  855.207382][T32452] R13: 00007f7f2b1e6038 R14: 00007f7f2b1e5fa0 R15: 00007ffd961c0bf8
[  855.207402][T32452]  </TASK>
[  855.439998][    C1] vkms_vblank_simulate: vblank timer overrun
[  856.507211][T32481] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3372'.
[  856.656064][   T30] audit: type=1326 audit(4294967300.271:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32475 comm="syz.1.3370" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7f2af8eec9 code=0x0
[  857.433672][T32563] netlink: 338 bytes leftover after parsing attributes in process `syz.0.3377'.
[  858.067381][T32568] ima: policy update failed
[  858.092485][   T30] audit: type=1802 audit(4294967301.738:48): pid=32568 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.3378" res=0 errno=0
[  858.273981][T32596] FAULT_INJECTION: forcing a failure.
[  858.273981][T32596] name failslab, interval 1, probability 0, space 0, times 0
[  858.309757][T32606] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3382'.
[  858.471355][T32596] CPU: 1 UID: 0 PID: 32596 Comm: syz.4.3380 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  858.471384][T32596] Tainted: [U]=USER
[  858.471390][T32596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  858.471404][T32596] Call Trace:
[  858.471410][T32596]  <TASK>
[  858.471417][T32596]  dump_stack_lvl+0x16c/0x1f0
[  858.471440][T32596]  should_fail_ex+0x512/0x640
[  858.471461][T32596]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  858.471481][T32596]  should_failslab+0xc2/0x120
[  858.471501][T32596]  kmem_cache_alloc_noprof+0x75/0x6e0
[  858.471517][T32596]  ? __pmd_alloc+0xbf/0x8b0
[  858.471540][T32596]  ? __pmd_alloc+0xbf/0x8b0
[  858.471558][T32596]  __pmd_alloc+0xbf/0x8b0
[  858.471577][T32596]  ? __pud_alloc+0x51f/0x6b0
[  858.471597][T32596]  walk_to_pmd+0x3a6/0x4c0
[  858.471619][T32596]  __get_locked_pte+0x25/0xc0
[  858.471640][T32596]  map_ldt_struct+0x3b0/0xa60
[  858.471662][T32596]  ? __pfx_map_ldt_struct+0x10/0x10
[  858.471679][T32596]  ? alloc_pages_noprof+0x23c/0x390
[  858.471702][T32596]  write_ldt+0x8fa/0xd20
[  858.471722][T32596]  ? __pfx_write_ldt+0x10/0x10
[  858.471737][T32596]  ? fput+0x9b/0xd0
[  858.471758][T32596]  ? __pfx_ksys_write+0x10/0x10
[  858.471779][T32596]  __x64_sys_modify_ldt+0xb1/0x170
[  858.471797][T32596]  do_syscall_64+0xcd/0x4b0
[  858.471816][T32596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  858.471831][T32596] RIP: 0033:0x7f086838eec9
[  858.471843][T32596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  858.471857][T32596] RSP: 002b:00007f086922c038 EFLAGS: 00000246 ORIG_RAX: 000000000000009a
[  858.471871][T32596] RAX: ffffffffffffffda RBX: 00007f08685e5fa0 RCX: 00007f086838eec9
[  858.471888][T32596] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000001
[  858.471898][T32596] RBP: 00007f0868411f91 R08: 0000000000000000 R09: 0000000000000000
[  858.471907][T32596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  858.471917][T32596] R13: 00007f08685e6038 R14: 00007f08685e5fa0 R15: 00007ffe035e7d98
[  858.471936][T32596]  </TASK>
[  860.123956][   T30] audit: type=1800 audit(4294967298.738:49): pid=32661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3386" name="dbroot" dev="configfs" ino=94580 res=0 errno=0
[  860.844063][T10388] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  861.223320][T32728] FAULT_INJECTION: forcing a failure.
[  861.223320][T32728] name failslab, interval 1, probability 0, space 0, times 0
[  861.321302][T32728] CPU: 1 UID: 0 PID: 32728 Comm: syz.1.3391 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  861.321329][T32728] Tainted: [U]=USER
[  861.321335][T32728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  861.321344][T32728] Call Trace:
[  861.321349][T32728]  <TASK>
[  861.321356][T32728]  dump_stack_lvl+0x16c/0x1f0
[  861.321379][T32728]  should_fail_ex+0x512/0x640
[  861.321400][T32728]  ? __kmalloc_cache_noprof+0x5f/0x780
[  861.321418][T32728]  should_failslab+0xc2/0x120
[  861.321438][T32728]  __kmalloc_cache_noprof+0x72/0x780
[  861.321453][T32728]  ? snd_timer_user_open+0x6b/0x180
[  861.321471][T32728]  ? snd_timer_user_open+0x6b/0x180
[  861.321485][T32728]  ? stream_open+0xd/0x50
[  861.321499][T32728]  ? __pfx_snd_timer_user_open+0x10/0x10
[  861.321513][T32728]  snd_timer_user_open+0x6b/0x180
[  861.321528][T32728]  snd_open+0x22a/0x4c0
[  861.321549][T32728]  ? __pfx_snd_open+0x10/0x10
[  861.321569][T32728]  chrdev_open+0x234/0x6a0
[  861.321586][T32728]  ? __pfx_apparmor_file_open+0x10/0x10
[  861.321607][T32728]  ? __pfx_chrdev_open+0x10/0x10
[  861.321625][T32728]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  861.321646][T32728]  do_dentry_open+0x982/0x1530
[  861.321671][T32728]  ? __pfx_chrdev_open+0x10/0x10
[  861.321693][T32728]  vfs_open+0x82/0x3f0
[  861.321717][T32728]  path_openat+0x1de4/0x2cb0
[  861.321740][T32728]  ? __pfx_path_openat+0x10/0x10
[  861.321762][T32728]  do_filp_open+0x20b/0x470
[  861.321779][T32728]  ? __pfx_do_filp_open+0x10/0x10
[  861.321808][T32728]  ? alloc_fd+0x471/0x7d0
[  861.321828][T32728]  do_sys_openat2+0x11b/0x1d0
[  861.321850][T32728]  ? __pfx_do_sys_openat2+0x10/0x10
[  861.321872][T32728]  ? find_held_lock+0x2b/0x80
[  861.321893][T32728]  __x64_sys_openat+0x174/0x210
[  861.321915][T32728]  ? __pfx___x64_sys_openat+0x10/0x10
[  861.321944][T32728]  do_syscall_64+0xcd/0x4b0
[  861.321963][T32728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.321978][T32728] RIP: 0033:0x7f7f2af8eec9
[  861.321993][T32728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  861.322007][T32728] RSP: 002b:00007f7f2bd57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  861.322021][T32728] RAX: ffffffffffffffda RBX: 00007f7f2b1e5fa0 RCX: 00007f7f2af8eec9
[  861.322031][T32728] RDX: 0000000000040080 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  861.322041][T32728] RBP: 00007f7f2b011f91 R08: 0000000000000000 R09: 0000000000000000
[  861.322050][T32728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  861.322060][T32728] R13: 00007f7f2b1e6038 R14: 00007f7f2b1e5fa0 R15: 00007ffd961c0bf8
[  861.322079][T32728]  </TASK>
[  862.119381][T32747] FAULT_INJECTION: forcing a failure.
[  862.119381][T32747] name failslab, interval 1, probability 0, space 0, times 0
[  862.158305][T32747] CPU: 1 UID: 0 PID: 32747 Comm: syz.1.3393 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  862.158332][T32747] Tainted: [U]=USER
[  862.158337][T32747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  862.158346][T32747] Call Trace:
[  862.158352][T32747]  <TASK>
[  862.158359][T32747]  dump_stack_lvl+0x16c/0x1f0
[  862.158383][T32747]  should_fail_ex+0x512/0x640
[  862.158405][T32747]  ? __kmalloc_cache_noprof+0x5f/0x780
[  862.158424][T32747]  should_failslab+0xc2/0x120
[  862.158444][T32747]  __kmalloc_cache_noprof+0x72/0x780
[  862.158460][T32747]  ? loopback_open+0xa4e/0x13f0
[  862.158482][T32747]  ? loopback_open+0xa4e/0x13f0
[  862.158498][T32747]  loopback_open+0xa4e/0x13f0
[  862.158520][T32747]  snd_pcm_open_substream+0xa60/0x17f0
[  862.158541][T32747]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  862.158560][T32747]  ? rcu_is_watching+0x12/0xc0
[  862.158581][T32747]  snd_pcm_open+0x29e/0x730
[  862.158609][T32747]  ? __pfx_snd_pcm_open+0x10/0x10
[  862.158629][T32747]  ? __pfx_default_wake_function+0x10/0x10
[  862.158655][T32747]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  862.158672][T32747]  snd_pcm_capture_open+0x89/0xe0
[  862.158689][T32747]  snd_open+0x22a/0x4c0
[  862.158711][T32747]  ? __pfx_snd_open+0x10/0x10
[  862.158731][T32747]  chrdev_open+0x234/0x6a0
[  862.158749][T32747]  ? __pfx_apparmor_file_open+0x10/0x10
[  862.158769][T32747]  ? __pfx_chrdev_open+0x10/0x10
[  862.158788][T32747]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  862.158809][T32747]  do_dentry_open+0x982/0x1530
[  862.158827][T32747]  ? __pfx_chrdev_open+0x10/0x10
[  862.158849][T32747]  vfs_open+0x82/0x3f0
[  862.158872][T32747]  path_openat+0x1de4/0x2cb0
[  862.158896][T32747]  ? __pfx_path_openat+0x10/0x10
[  862.158918][T32747]  do_filp_open+0x20b/0x470
[  862.158935][T32747]  ? __pfx_do_filp_open+0x10/0x10
[  862.158966][T32747]  ? alloc_fd+0x471/0x7d0
[  862.158987][T32747]  do_sys_openat2+0x11b/0x1d0
[  862.159008][T32747]  ? __pfx_do_sys_openat2+0x10/0x10
[  862.159037][T32747]  __x64_sys_openat+0x174/0x210
[  862.159058][T32747]  ? __pfx___x64_sys_openat+0x10/0x10
[  862.159088][T32747]  do_syscall_64+0xcd/0x4b0
[  862.159106][T32747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.159121][T32747] RIP: 0033:0x7f7f2af8eec9
[  862.159134][T32747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  862.159148][T32747] RSP: 002b:00007f7f2bd57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  862.159162][T32747] RAX: ffffffffffffffda RBX: 00007f7f2b1e5fa0 RCX: 00007f7f2af8eec9
[  862.159176][T32747] RDX: 0000000000000080 RSI: 0000200000002040 RDI: ffffffffffffff9c
[  862.159186][T32747] RBP: 00007f7f2b011f91 R08: 0000000000000000 R09: 0000000000000000
[  862.159195][T32747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  862.159203][T32747] R13: 00007f7f2b1e6038 R14: 00007f7f2b1e5fa0 R15: 00007ffd961c0bf8
[  862.159223][T32747]  </TASK>
[  862.745603][T32757] random: crng reseeded on system resumption
[  862.830517][  T306] Unrecognized hibernate image header format!
[  862.846648][  T306] PM: hibernation: Image mismatch: architecture specific data
[  863.568134][T32747] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3393'.
[  863.699564][  T378] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.3404: iget: checksum invalid
[  863.733549][  T378] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  863.769974][  T378] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.3404: iget: checksum invalid
[  863.818656][  T378] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  863.842759][  T378] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.3404: iget: checksum invalid
[  863.872766][  T378] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  863.914186][  T378] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.3404: iget: checksum invalid
[  863.936139][  T378] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  863.987432][  T378] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  864.073854][  T378] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  865.454970][  T434] FAULT_INJECTION: forcing a failure.
[  865.454970][  T434] name failslab, interval 1, probability 0, space 0, times 0
[  865.581670][  T434] CPU: 1 UID: 8 PID: 434 Comm: syz.4.3410 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  865.581696][  T434] Tainted: [U]=USER
[  865.581702][  T434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  865.581717][  T434] Call Trace:
[  865.581723][  T434]  <TASK>
[  865.581730][  T434]  dump_stack_lvl+0x16c/0x1f0
[  865.581757][  T434]  should_fail_ex+0x512/0x640
[  865.581779][  T434]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  865.581799][  T434]  should_failslab+0xc2/0x120
[  865.581819][  T434]  kmem_cache_alloc_node_noprof+0x78/0x770
[  865.581835][  T434]  ? reciprocal_value+0x3a/0x90
[  865.581852][  T434]  ? do_kmem_cache_create+0x25b/0x740
[  865.581875][  T434]  ? do_kmem_cache_create+0x25b/0x740
[  865.581896][  T434]  do_kmem_cache_create+0x25b/0x740
[  865.581919][  T434]  __kmem_cache_create_args+0x202/0x3c0
[  865.581940][  T434]  mon_text_open+0x333/0x510
[  865.581962][  T434]  ? __pfx_mon_text_open+0x10/0x10
[  865.581986][  T434]  ? __pfx_mon_text_ctor+0x10/0x10
[  865.582006][  T434]  ? __pfx_apparmor_file_open+0x10/0x10
[  865.582027][  T434]  ? lockdown_is_locked_down+0x3f/0x130
[  865.582045][  T434]  ? bpf_lsm_locked_down+0x9/0x10
[  865.582067][  T434]  ? __pfx_mon_text_open+0x10/0x10
[  865.582088][  T434]  full_proxy_open_regular+0x1b6/0x360
[  865.582114][  T434]  do_dentry_open+0x982/0x1530
[  865.582133][  T434]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  865.582161][  T434]  vfs_open+0x82/0x3f0
[  865.582190][  T434]  path_openat+0x1de4/0x2cb0
[  865.582215][  T434]  ? __pfx_path_openat+0x10/0x10
[  865.582238][  T434]  do_filp_open+0x20b/0x470
[  865.582256][  T434]  ? __pfx_do_filp_open+0x10/0x10
[  865.582294][  T434]  ? alloc_fd+0x471/0x7d0
[  865.582315][  T434]  do_sys_openat2+0x11b/0x1d0
[  865.582336][  T434]  ? __pfx_do_sys_openat2+0x10/0x10
[  865.582361][  T434]  ? find_held_lock+0x2b/0x80
[  865.582384][  T434]  __x64_sys_openat+0x174/0x210
[  865.582405][  T434]  ? __pfx___x64_sys_openat+0x10/0x10
[  865.582435][  T434]  do_syscall_64+0xcd/0x4b0
[  865.582455][  T434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  865.582473][  T434] RIP: 0033:0x7f086838eec9
[  865.582487][  T434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  865.582501][  T434] RSP: 002b:00007f086922c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  865.582519][  T434] RAX: ffffffffffffffda RBX: 00007f08685e5fa0 RCX: 00007f086838eec9
[  865.582529][  T434] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  865.582539][  T434] RBP: 00007f0868411f91 R08: 0000000000000000 R09: 0000000000000000
[  865.582548][  T434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  865.582558][  T434] R13: 00007f08685e6038 R14: 00007f08685e5fa0 R15: 00007ffe035e7d98
[  865.582579][  T434]  </TASK>
[  865.865290][  T434] __kmem_cache_create_args(mon_text_ffff88805b97f800) failed with error -22
[  865.874303][  T434] CPU: 1 UID: 8 PID: 434 Comm: syz.4.3410 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  865.874328][  T434] Tainted: [U]=USER
[  865.874334][  T434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  865.874343][  T434] Call Trace:
[  865.874348][  T434]  <TASK>
[  865.874354][  T434]  dump_stack_lvl+0x16c/0x1f0
[  865.874377][  T434]  __kmem_cache_create_args+0x128/0x3c0
[  865.874395][  T434]  mon_text_open+0x333/0x510
[  865.874418][  T434]  ? __pfx_mon_text_open+0x10/0x10
[  865.874440][  T434]  ? __pfx_mon_text_ctor+0x10/0x10
[  865.874460][  T434]  ? __pfx_apparmor_file_open+0x10/0x10
[  865.874479][  T434]  ? lockdown_is_locked_down+0x3f/0x130
[  865.874497][  T434]  ? bpf_lsm_locked_down+0x9/0x10
[  865.874520][  T434]  ? __pfx_mon_text_open+0x10/0x10
[  865.874537][  T434]  full_proxy_open_regular+0x1b6/0x360
[  865.874560][  T434]  do_dentry_open+0x982/0x1530
[  865.874578][  T434]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  865.874602][  T434]  vfs_open+0x82/0x3f0
[  865.874625][  T434]  path_openat+0x1de4/0x2cb0
[  865.874648][  T434]  ? __pfx_path_openat+0x10/0x10
[  865.874670][  T434]  do_filp_open+0x20b/0x470
[  865.874687][  T434]  ? __pfx_do_filp_open+0x10/0x10
[  865.874718][  T434]  ? alloc_fd+0x471/0x7d0
[  865.874739][  T434]  do_sys_openat2+0x11b/0x1d0
[  865.874759][  T434]  ? __pfx_do_sys_openat2+0x10/0x10
[  865.874781][  T434]  ? find_held_lock+0x2b/0x80
[  865.874804][  T434]  __x64_sys_openat+0x174/0x210
[  865.874826][  T434]  ? __pfx___x64_sys_openat+0x10/0x10
[  865.874855][  T434]  do_syscall_64+0xcd/0x4b0
[  865.874874][  T434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  865.874889][  T434] RIP: 0033:0x7f086838eec9
[  865.874902][  T434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  865.874916][  T434] RSP: 002b:00007f086922c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  865.874930][  T434] RAX: ffffffffffffffda RBX: 00007f08685e5fa0 RCX: 00007f086838eec9
[  865.874940][  T434] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  865.874949][  T434] RBP: 00007f0868411f91 R08: 0000000000000000 R09: 0000000000000000
[  865.874958][  T434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  865.874966][  T434] R13: 00007f08685e6038 R14: 00007f08685e5fa0 R15: 00007ffe035e7d98
[  865.874985][  T434]  </TASK>
[  866.924170][  T448] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3414'.
[  867.139280][  T448] bridge0: port 2(bridge_slave_1) entered disabled state
[  867.527775][  T448] bridge_slave_1 (unregistering): left allmulticast mode
[  867.601030][  T448] bridge_slave_1 (unregistering): left promiscuous mode
[  867.690640][  T448] bridge0: port 2(bridge_slave_1) entered disabled state
[  868.052783][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  868.059261][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  868.068199][  T460] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3415'.
[  868.786096][  T493] nbd: must specify an index to disconnect
[  869.566782][  T526] FAULT_INJECTION: forcing a failure.
[  869.566782][  T526] name failslab, interval 1, probability 0, space 0, times 0
[  869.566833][  T526] CPU: 1 UID: 0 PID: 526 Comm: syz.1.3426 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  869.566855][  T526] Tainted: [U]=USER
[  869.566860][  T526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  869.566870][  T526] Call Trace:
[  869.566876][  T526]  <TASK>
[  869.566882][  T526]  dump_stack_lvl+0x16c/0x1f0
[  869.566904][  T526]  should_fail_ex+0x512/0x640
[  869.566924][  T526]  ? __kmalloc_cache_noprof+0x5f/0x780
[  869.566942][  T526]  should_failslab+0xc2/0x120
[  869.566963][  T526]  __kmalloc_cache_noprof+0x72/0x780
[  869.566977][  T526]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[  869.566998][  T526]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[  869.567018][  T526]  ? loopback_open+0x145/0x13f0
[  869.567041][  T526]  ? loopback_open+0x145/0x13f0
[  869.567057][  T526]  loopback_open+0x145/0x13f0
[  869.567079][  T526]  snd_pcm_open_substream+0xa60/0x17f0
[  869.567097][  T526]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  869.567116][  T526]  ? rcu_is_watching+0x12/0xc0
[  869.567137][  T526]  snd_pcm_open+0x29e/0x730
[  869.567156][  T526]  ? __pfx_snd_pcm_open+0x10/0x10
[  869.567175][  T526]  ? __pfx_default_wake_function+0x10/0x10
[  869.567198][  T526]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  869.567215][  T526]  snd_pcm_capture_open+0x89/0xe0
[  869.567232][  T526]  snd_open+0x22a/0x4c0
[  869.567253][  T526]  ? __pfx_snd_open+0x10/0x10
[  869.567272][  T526]  chrdev_open+0x234/0x6a0
[  869.567290][  T526]  ? __pfx_apparmor_file_open+0x10/0x10
[  869.567311][  T526]  ? __pfx_chrdev_open+0x10/0x10
[  869.567329][  T526]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  869.567350][  T526]  do_dentry_open+0x982/0x1530
[  869.567368][  T526]  ? __pfx_chrdev_open+0x10/0x10
[  869.567390][  T526]  vfs_open+0x82/0x3f0
[  869.567412][  T526]  path_openat+0x1de4/0x2cb0
[  869.567436][  T526]  ? __pfx_path_openat+0x10/0x10
[  869.567457][  T526]  do_filp_open+0x20b/0x470
[  869.567474][  T526]  ? __pfx_do_filp_open+0x10/0x10
[  869.567505][  T526]  ? alloc_fd+0x471/0x7d0
[  869.567529][  T526]  do_sys_openat2+0x11b/0x1d0
[  869.567550][  T526]  ? __pfx_do_sys_openat2+0x10/0x10
[  869.567579][  T526]  __x64_sys_openat+0x174/0x210
[  869.567601][  T526]  ? __pfx___x64_sys_openat+0x10/0x10
[  869.567631][  T526]  do_syscall_64+0xcd/0x4b0
[  869.567651][  T526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  869.567665][  T526] RIP: 0033:0x7f7f2af8eec9
[  869.567679][  T526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  869.567693][  T526] RSP: 002b:00007f7f2bd57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  869.567708][  T526] RAX: ffffffffffffffda RBX: 00007f7f2b1e5fa0 RCX: 00007f7f2af8eec9
[  869.567717][  T526] RDX: 0000000000000080 RSI: 0000200000002040 RDI: ffffffffffffff9c
[  869.567728][  T526] RBP: 00007f7f2b011f91 R08: 0000000000000000 R09: 0000000000000000
[  869.567737][  T526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  869.567746][  T526] R13: 00007f7f2b1e6038 R14: 00007f7f2b1e5fa0 R15: 00007ffd961c0bf8
[  869.567766][  T526]  </TASK>
[  869.616015][  T532] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3428'.
[  869.691371][  T532] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3428'.
[  869.703436][  T532] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3428'.
[  869.703612][  T532] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3428'.
[  869.703717][  T532] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3428'.
[  869.703842][  T532] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3428'.
[  869.703951][  T532] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3428'.
[  869.704076][  T532] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3428'.
[  869.704182][  T532] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3428'.
[  869.704305][  T532] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3428'.
[  870.131700][  T578] program syz.0.3433 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  872.253399][  T536] tty tty36: ldisc open failed (-12), clearing slot 35
[  874.367068][  T887] HfR: entered promiscuous mode
[  874.502858][  T885] netlink: 'syz.0.3449': attribute type 1 has an invalid length.
[  874.547017][  T885] HfR: left promiscuous mode
[  875.713194][  T927] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  876.409765][  T984] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input37
[  876.492299][  T991] Process accounting resumed
[  876.583816][  T994] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(173544298.2314043776.706666779), cmd(6)
[  877.114508][ T1004] can0: slcan on pty215.
[  877.342058][ T1024] __nla_validate_parse: 26 callbacks suppressed
[  877.342079][ T1024] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3467'.
[  877.436684][ T1003] can0 (unregistered): slcan off pty215.
[  877.593800][ T1031] FAULT_INJECTION: forcing a failure.
[  877.593800][ T1031] name failslab, interval 1, probability 0, space 0, times 0
[  877.704083][T10388] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  877.704107][T10388] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  877.722103][T10388] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  877.722148][T10388] Bluetooth: hci0: adv larger than maximum supported
[  877.730876][T10388] Bluetooth: hci0: adv larger than maximum supported
[  877.737590][T10388] Bluetooth: hci0: Malformed LE Event: 0x0d
[  877.870755][ T1031] CPU: 1 UID: 0 PID: 1031 Comm: syz.1.3469 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  877.870784][ T1031] Tainted: [U]=USER
[  877.870789][ T1031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  877.870798][ T1031] Call Trace:
[  877.870804][ T1031]  <TASK>
[  877.870811][ T1031]  dump_stack_lvl+0x16c/0x1f0
[  877.870834][ T1031]  should_fail_ex+0x512/0x640
[  877.870854][ T1031]  ? __kmalloc_cache_noprof+0x5f/0x780
[  877.870895][ T1031]  should_failslab+0xc2/0x120
[  877.870916][ T1031]  __kmalloc_cache_noprof+0x72/0x780
[  877.870931][ T1031]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[  877.870952][ T1031]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[  877.870972][ T1031]  ? loopback_open+0x145/0x13f0
[  877.870993][ T1031]  ? loopback_open+0x145/0x13f0
[  877.871015][ T1031]  loopback_open+0x145/0x13f0
[  877.871038][ T1031]  snd_pcm_open_substream+0xa60/0x17f0
[  877.871058][ T1031]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  877.871077][ T1031]  ? rcu_is_watching+0x12/0xc0
[  877.871100][ T1031]  snd_pcm_open+0x29e/0x730
[  877.871119][ T1031]  ? __pfx_snd_pcm_open+0x10/0x10
[  877.871139][ T1031]  ? __pfx_default_wake_function+0x10/0x10
[  877.871163][ T1031]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  877.871180][ T1031]  snd_pcm_capture_open+0x89/0xe0
[  877.871197][ T1031]  snd_open+0x22a/0x4c0
[  877.871218][ T1031]  ? __pfx_snd_open+0x10/0x10
[  877.871238][ T1031]  chrdev_open+0x234/0x6a0
[  877.871256][ T1031]  ? __pfx_apparmor_file_open+0x10/0x10
[  877.871276][ T1031]  ? __pfx_chrdev_open+0x10/0x10
[  877.871295][ T1031]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  877.871316][ T1031]  do_dentry_open+0x982/0x1530
[  877.871333][ T1031]  ? __pfx_chrdev_open+0x10/0x10
[  877.871356][ T1031]  vfs_open+0x82/0x3f0
[  877.871378][ T1031]  path_openat+0x1de4/0x2cb0
[  877.871402][ T1031]  ? __pfx_path_openat+0x10/0x10
[  877.871424][ T1031]  do_filp_open+0x20b/0x470
[  877.871441][ T1031]  ? __pfx_do_filp_open+0x10/0x10
[  877.871473][ T1031]  ? alloc_fd+0x471/0x7d0
[  877.871493][ T1031]  do_sys_openat2+0x11b/0x1d0
[  877.871515][ T1031]  ? __pfx_do_sys_openat2+0x10/0x10
[  877.871546][ T1031]  __x64_sys_openat+0x174/0x210
[  877.871568][ T1031]  ? __pfx___x64_sys_openat+0x10/0x10
[  877.871598][ T1031]  do_syscall_64+0xcd/0x4b0
[  877.871618][ T1031]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  877.871633][ T1031] RIP: 0033:0x7f7f2af8eec9
[  877.871645][ T1031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  877.871659][ T1031] RSP: 002b:00007f7f2bd57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  877.871674][ T1031] RAX: ffffffffffffffda RBX: 00007f7f2b1e5fa0 RCX: 00007f7f2af8eec9
[  877.871683][ T1031] RDX: 0000000000000080 RSI: 0000200000002040 RDI: ffffffffffffff9c
[  877.871693][ T1031] RBP: 00007f7f2b011f91 R08: 0000000000000000 R09: 0000000000000000
[  877.871703][ T1031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  877.871712][ T1031] R13: 00007f7f2b1e6038 R14: 00007f7f2b1e5fa0 R15: 00007ffd961c0bf8
[  877.871732][ T1031]  </TASK>
[  878.172811][    C1] vkms_vblank_simulate: vblank timer overrun
[  879.584582][ T1125] netlink: 226 bytes leftover after parsing attributes in process `syz.0.3476'.
[  879.983617][ T1125] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3476'.
[  879.996110][ T1125] net_ratelimit: 366 callbacks suppressed
[  879.996124][ T1125] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  880.486835][ T1173] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3480'.
[  882.614545][ T1255] ima: policy update failed
[  882.621174][ T1169] Process accounting paused
[  882.664795][   T30] audit: type=1802 audit(4294967305.785:50): pid=1255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.3486" res=0 errno=0
[  883.075077][ T1288] random: crng reseeded on system resumption
[  887.200046][ T1426] FAULT_INJECTION: forcing a failure.
[  887.200046][ T1426] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  887.362986][ T1426] CPU: 1 UID: 0 PID: 1426 Comm: syz.1.3494 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  887.363013][ T1426] Tainted: [U]=USER
[  887.363018][ T1426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  887.363026][ T1426] Call Trace:
[  887.363032][ T1426]  <TASK>
[  887.363039][ T1426]  dump_stack_lvl+0x16c/0x1f0
[  887.363062][ T1426]  should_fail_ex+0x512/0x640
[  887.363086][ T1426]  should_fail_alloc_page+0xe7/0x130
[  887.363109][ T1426]  prepare_alloc_pages+0x3c2/0x610
[  887.363128][ T1426]  ? arch_stack_walk+0xa6/0x100
[  887.363147][ T1426]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  887.363168][ T1426]  ? stack_trace_save+0x8e/0xc0
[  887.363186][ T1426]  ? __pfx_stack_trace_save+0x10/0x10
[  887.363206][ T1426]  ? stack_depot_save_flags+0x29/0x9c0
[  887.363228][ T1426]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  887.363244][ T1426]  ? kasan_save_stack+0x42/0x60
[  887.363261][ T1426]  ? kasan_save_stack+0x33/0x60
[  887.363276][ T1426]  ? kasan_save_track+0x14/0x30
[  887.363292][ T1426]  ? __kasan_slab_alloc+0x89/0x90
[  887.363310][ T1426]  ? kmem_cache_alloc_noprof+0x250/0x6e0
[  887.363331][ T1426]  ? security_inode_alloc+0x3b/0x2b0
[  887.363352][ T1426]  ? inode_init_always_gfp+0xce4/0x1030
[  887.363371][ T1426]  ? do_syscall_64+0xcd/0x4b0
[  887.363388][ T1426]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  887.363407][ T1426]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  887.363424][ T1426]  ? policy_nodemask+0xea/0x4e0
[  887.363452][ T1426]  alloc_pages_mpol+0x1fb/0x550
[  887.363473][ T1426]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  887.363499][ T1426]  ___kmalloc_large_node+0xed/0x160
[  887.363522][ T1426]  __kmalloc_large_node_noprof+0x1c/0x70
[  887.363546][ T1426]  __kmalloc_noprof.cold+0xc/0x62
[  887.363566][ T1426]  ? sk_prot_alloc+0x1a8/0x2a0
[  887.363585][ T1426]  ? sk_prot_alloc+0x1a8/0x2a0
[  887.363598][ T1426]  sk_prot_alloc+0x1a8/0x2a0
[  887.363614][ T1426]  sk_alloc+0x36/0xc20
[  887.363634][ T1426]  can_create+0x1e5/0x630
[  887.363655][ T1426]  __sock_create+0x335/0x8d0
[  887.363676][ T1426]  __sys_socket+0x14d/0x260
[  887.363692][ T1426]  ? __pfx___sys_socket+0x10/0x10
[  887.363709][ T1426]  ? xfd_validate_state+0x61/0x180
[  887.363721][ T1426]  ? __pfx_ksys_write+0x10/0x10
[  887.363741][ T1426]  __x64_sys_socket+0x72/0xb0
[  887.363756][ T1426]  ? lockdep_hardirqs_on+0x7c/0x110
[  887.363772][ T1426]  do_syscall_64+0xcd/0x4b0
[  887.363790][ T1426]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  887.363805][ T1426] RIP: 0033:0x7f7f2af8eec9
[  887.363823][ T1426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  887.363837][ T1426] RSP: 002b:00007f7f291d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  887.363852][ T1426] RAX: ffffffffffffffda RBX: 00007f7f2b1e6180 RCX: 00007f7f2af8eec9
[  887.363861][ T1426] RDX: 0000000000000006 RSI: 0000000000000002 RDI: 000000000000001d
[  887.363871][ T1426] RBP: 00007f7f2b011f91 R08: 0000000000000000 R09: 0000000000000000
[  887.363880][ T1426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  887.363889][ T1426] R13: 00007f7f2b1e6218 R14: 00007f7f2b1e6180 R15: 00007ffd961c0bf8
[  887.363908][ T1426]  </TASK>
[  887.959862][ T1437] openvswitch: netlink: Tunnel attr 188 out of range max 16
[  888.086408][ T1447] bridge0: port 2(ipvlan1) entered blocking state
[  888.093225][ T1447] bridge0: port 2(ipvlan1) entered disabled state
[  888.108181][ T1447] ipvlan1: entered allmulticast mode
[  888.113660][ T1447] veth0_vlan: entered allmulticast mode
[  888.124641][ T1447] ipvlan1: left allmulticast mode
[  888.132406][ T1447] veth0_vlan: left allmulticast mode
[  889.607792][ T1475] bond0: option all_slaves_active: invalid value (
)
[  889.681966][ T1458] kexec: Could not allocate control_code_buffer
[  892.513076][ T1577] bond0: no command found in slaves file - use +ifname or -ifname
[  894.267043][ T1592] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88807fe00500 pfn:0x7fe00
[  894.458469][ T1592] flags: 0xfff00000000004(referenced|node=0|zone=1|lastcpupid=0x7ff)
[  894.531551][ T1592] raw: 00fff00000000004 0000000000000000 dead000000000122 0000000000000000
[  894.624314][ T1592] raw: ffff88807fe00500 0000000000000000 00000001ffffffff 0000000000000000
[  894.696447][ T1663] misc userio: No port type given on /dev/userio
[  894.721353][ T1592] page dumped because: unmovable page
[  894.761017][ T1644] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  894.787442][ T1592] page_owner tracks the page as allocated
[  894.827102][ T1663] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3527'.
[  894.871156][ T1592] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 16693, tgid 16693 (syz-executor), ts 520885996428, free_ts 512573573294
[  895.065421][ T1592]  post_alloc_hook+0x1c0/0x230
[  895.086513][ T1592]  get_page_from_freelist+0x10a3/0x3a30
[  895.105234][ T1592]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  895.128877][ T1592]  alloc_pages_mpol+0x1fb/0x550
[  895.144785][ T1592]  alloc_pages_noprof+0x131/0x390
[  895.166632][ T1592]  __vmalloc_node_range_noprof+0x6f8/0x1480
[  895.201571][ T1592]  vmalloc_user_noprof+0x9e/0xe0
[  895.220623][ T1592]  kcov_ioctl+0x4c/0x730
[  895.234128][ T1592]  __x64_sys_ioctl+0x18b/0x210
[  895.252898][ T1592]  do_syscall_64+0xcd/0x4b0
[  895.271148][ T1592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  895.292810][ T1592] page last free pid 5840 tgid 5840 stack trace:
[  895.318366][ T1592]  __free_frozen_pages+0x7df/0x1160
[  895.341727][ T1592]  pcpu_free_pages.constprop.0+0x126/0x210
[  895.364124][ T1592]  pcpu_balance_workfn+0x26b/0xe00
[  895.385331][ T1592]  process_one_work+0x9cc/0x1b70
[  895.406727][ T1592]  worker_thread+0x6c8/0xf10
[  895.425780][ T1592]  kthread+0x3c5/0x780
[  895.442233][ T1592]  ret_from_fork+0x56a/0x730
[  895.461492][ T1592]  ret_from_fork_asm+0x1a/0x30
[  895.549745][ T1681] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.3528: iget: checksum invalid
[  895.851652][ T1681] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  896.328642][ T1681] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.3528: iget: checksum invalid
[  896.432117][ T1681] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  896.564369][ T1681] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.3528: iget: checksum invalid
[  896.683002][ T1681] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  896.758901][ T1681] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.3528: iget: checksum invalid
[  896.873721][ T1681] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  896.941948][ T1731] random: crng reseeded on system resumption
[  896.966979][ T1681] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  897.066231][ T1681] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  897.078165][ T1737] openvswitch: netlink: push_nsh: missing base or metadata attributes
[  897.935468][ T1767] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in;
[  897.935468][ T1767]    program syz.1.3544 not setting count and/or reply_len properly
[  898.269707][ T1784] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3544'.
[  898.300089][ T1768] binder: 1763:1768 ioctl c0046209 ffffffffffffffff returned -22
[  898.442883][ T1788] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3544'.
[  900.232248][ T1871] nfs: Unknown parameter 'w��`_�����I+;��	��HY� ������Lu�>>��uh�*��C<+����'
[  900.446660][ T1871] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input38
[  900.897343][ T1893] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3555'.
[  900.957785][ T1893] geneve1: entered promiscuous mode
[  900.966297][ T1893] geneve1: entered allmulticast mode
[  901.240142][   T30] audit: type=1804 audit(4294967324.462:51): pid=1904 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.3557" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  901.266018][    C1] vkms_vblank_simulate: vblank timer overrun
[  905.057576][ T2031] FAULT_INJECTION: forcing a failure.
[  905.057576][ T2031] name failslab, interval 1, probability 0, space 0, times 0
[  905.196384][ T2031] CPU: 1 UID: 0 PID: 2031 Comm: syz.4.3566 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  905.196419][ T2031] Tainted: [U]=USER
[  905.196424][ T2031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  905.196434][ T2031] Call Trace:
[  905.196439][ T2031]  <TASK>
[  905.196447][ T2031]  dump_stack_lvl+0x16c/0x1f0
[  905.196471][ T2031]  should_fail_ex+0x512/0x640
[  905.196492][ T2031]  ? __kmalloc_noprof+0xca/0x880
[  905.196510][ T2031]  should_failslab+0xc2/0x120
[  905.196530][ T2031]  __kmalloc_noprof+0xdd/0x880
[  905.196544][ T2031]  ? __netlink_kernel_create+0x17f/0x750
[  905.196572][ T2031]  ? __netlink_kernel_create+0x17f/0x750
[  905.196592][ T2031]  __netlink_kernel_create+0x17f/0x750
[  905.196615][ T2031]  ? __pfx___netlink_kernel_create+0x10/0x10
[  905.196642][ T2031]  rtnetlink_net_init+0xb9/0x140
[  905.196662][ T2031]  ? __pfx_rtnetlink_net_init+0x10/0x10
[  905.196681][ T2031]  ? lockdep_init_map_type+0x5c/0x280
[  905.196702][ T2031]  ? __pfx_rtnetlink_rcv+0x10/0x10
[  905.196720][ T2031]  ? __pfx_rtnetlink_bind+0x10/0x10
[  905.196738][ T2031]  ? lockdep_init_map_type+0x5c/0x280
[  905.196760][ T2031]  ? debug_mutex_init+0x37/0x70
[  905.196778][ T2031]  ? __pfx_rtnetlink_net_init+0x10/0x10
[  905.196795][ T2031]  ops_init+0x1e2/0x5f0
[  905.196819][ T2031]  setup_net+0x100/0x390
[  905.196840][ T2031]  ? __pfx_setup_net+0x10/0x10
[  905.196862][ T2031]  ? debug_mutex_init+0x37/0x70
[  905.196881][ T2031]  copy_net_ns+0x2f8/0x690
[  905.196897][ T2031]  create_new_namespaces+0x3ea/0xa90
[  905.196921][ T2031]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  905.196941][ T2031]  ksys_unshare+0x45b/0xa40
[  905.196963][ T2031]  ? __pfx_ksys_unshare+0x10/0x10
[  905.196984][ T2031]  ? xfd_validate_state+0x61/0x180
[  905.197003][ T2031]  __x64_sys_unshare+0x31/0x40
[  905.197023][ T2031]  do_syscall_64+0xcd/0x4b0
[  905.197042][ T2031]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  905.197060][ T2031] RIP: 0033:0x7f086838eec9
[  905.197074][ T2031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  905.197088][ T2031] RSP: 002b:00007f086922c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  905.197103][ T2031] RAX: ffffffffffffffda RBX: 00007f08685e5fa0 RCX: 00007f086838eec9
[  905.197113][ T2031] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  905.197121][ T2031] RBP: 00007f0868411f91 R08: 0000000000000000 R09: 0000000000000000
[  905.197130][ T2031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  905.197139][ T2031] R13: 00007f08685e6038 R14: 00007f08685e5fa0 R15: 00007ffe035e7d98
[  905.197159][ T2031]  </TASK>
[  905.462683][    C1] vkms_vblank_simulate: vblank timer overrun
[  905.695831][ T2017] kexec: Could not allocate control_code_buffer
[  906.824948][ T2087] FAULT_INJECTION: forcing a failure.
[  906.824948][ T2087] name failslab, interval 1, probability 0, space 0, times 0
[  906.967209][ T2087] CPU: 1 UID: 0 PID: 2087 Comm: syz.1.3572 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  906.967236][ T2087] Tainted: [U]=USER
[  906.967241][ T2087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  906.967250][ T2087] Call Trace:
[  906.967257][ T2087]  <TASK>
[  906.967264][ T2087]  dump_stack_lvl+0x16c/0x1f0
[  906.967292][ T2087]  should_fail_ex+0x512/0x640
[  906.967314][ T2087]  ? __kmalloc_cache_noprof+0x5f/0x780
[  906.967332][ T2087]  should_failslab+0xc2/0x120
[  906.967353][ T2087]  __kmalloc_cache_noprof+0x72/0x780
[  906.967368][ T2087]  ? snd_timer_user_open+0x6b/0x180
[  906.967387][ T2087]  ? snd_timer_user_open+0x6b/0x180
[  906.967400][ T2087]  ? stream_open+0xd/0x50
[  906.967415][ T2087]  ? __pfx_snd_timer_user_open+0x10/0x10
[  906.967428][ T2087]  snd_timer_user_open+0x6b/0x180
[  906.967443][ T2087]  snd_open+0x22a/0x4c0
[  906.967465][ T2087]  ? __pfx_snd_open+0x10/0x10
[  906.967485][ T2087]  chrdev_open+0x234/0x6a0
[  906.967503][ T2087]  ? __pfx_apparmor_file_open+0x10/0x10
[  906.967524][ T2087]  ? __pfx_chrdev_open+0x10/0x10
[  906.967542][ T2087]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  906.967563][ T2087]  do_dentry_open+0x982/0x1530
[  906.967580][ T2087]  ? __pfx_chrdev_open+0x10/0x10
[  906.967602][ T2087]  vfs_open+0x82/0x3f0
[  906.967625][ T2087]  path_openat+0x1de4/0x2cb0
[  906.967647][ T2087]  ? __pfx_path_openat+0x10/0x10
[  906.967668][ T2087]  do_filp_open+0x20b/0x470
[  906.967685][ T2087]  ? __pfx_do_filp_open+0x10/0x10
[  906.967715][ T2087]  ? alloc_fd+0x471/0x7d0
[  906.967735][ T2087]  do_sys_openat2+0x11b/0x1d0
[  906.967756][ T2087]  ? __pfx_do_sys_openat2+0x10/0x10
[  906.967778][ T2087]  ? find_held_lock+0x2b/0x80
[  906.967800][ T2087]  __x64_sys_openat+0x174/0x210
[  906.967822][ T2087]  ? __pfx___x64_sys_openat+0x10/0x10
[  906.967851][ T2087]  do_syscall_64+0xcd/0x4b0
[  906.967870][ T2087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  906.967885][ T2087] RIP: 0033:0x7f7f2af8eec9
[  906.967898][ T2087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  906.967912][ T2087] RSP: 002b:00007f7f2bd57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  906.967927][ T2087] RAX: ffffffffffffffda RBX: 00007f7f2b1e5fa0 RCX: 00007f7f2af8eec9
[  906.967937][ T2087] RDX: 0000000000040080 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  906.967946][ T2087] RBP: 00007f7f2b011f91 R08: 0000000000000000 R09: 0000000000000000
[  906.967955][ T2087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  906.967963][ T2087] R13: 00007f7f2b1e6038 R14: 00007f7f2b1e5fa0 R15: 00007ffd961c0bf8
[  906.967982][ T2087]  </TASK>
[  909.040478][ T2100] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  909.133565][ T2100] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  909.189284][ T2100] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  909.276531][ T2100] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  909.337299][ T2100] CPU0 is offline.
[  909.592830][T13890] Bluetooth: hci4: command 0x0c1a tx timeout
[  909.821979][ T2176] netlink: 206 bytes leftover after parsing attributes in process `syz.1.3580'.
[  909.870837][ T2178] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3577'.
[  910.936736][ T2198] FAULT_INJECTION: forcing a failure.
[  910.936736][ T2198] name fail_futex, interval 1, probability 0, space 0, times 0
[  911.184458][T13890] Bluetooth: hci0: command 0x0c1a tx timeout
[  911.190514][T13890] Bluetooth: hci1: command 0x0406 tx timeout
[  911.274474][ T2184] sp0: Synchronizing with TNC
[  911.306812][ T2198] CPU: 1 UID: 0 PID: 2198 Comm: syz.4.3583 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  911.306839][ T2198] Tainted: [U]=USER
[  911.306844][ T2198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  911.306854][ T2198] Call Trace:
[  911.306859][ T2198]  <TASK>
[  911.306866][ T2198]  dump_stack_lvl+0x16c/0x1f0
[  911.306896][ T2198]  should_fail_ex+0x512/0x640
[  911.306921][ T2198]  get_futex_key+0x1d0/0x1560
[  911.306944][ T2198]  ? __pfx_get_futex_key+0x10/0x10
[  911.306970][ T2198]  futex_wake+0xea/0x530
[  911.306985][ T2198]  ? rcu_is_watching+0x12/0xc0
[  911.307004][ T2198]  ? __pfx_futex_wake+0x10/0x10
[  911.307020][ T2198]  ? kmem_cache_free+0x2d4/0x6c0
[  911.307036][ T2198]  ? putname+0x154/0x1a0
[  911.307059][ T2198]  do_futex+0x1e3/0x350
[  911.307079][ T2198]  ? __pfx_do_futex+0x10/0x10
[  911.307101][ T2198]  ? find_held_lock+0x2b/0x80
[  911.307119][ T2198]  __x64_sys_futex+0x1e0/0x4c0
[  911.307142][ T2198]  ? __x64_sys_openat+0x174/0x210
[  911.307163][ T2198]  ? __pfx___x64_sys_futex+0x10/0x10
[  911.307191][ T2198]  do_syscall_64+0xcd/0x4b0
[  911.307209][ T2198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  911.307225][ T2198] RIP: 0033:0x7f086838eec9
[  911.307237][ T2198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  911.307251][ T2198] RSP: 002b:00007f086922c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  911.307266][ T2198] RAX: ffffffffffffffda RBX: 00007f08685e5fa8 RCX: 00007f086838eec9
[  911.307276][ T2198] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f08685e5fac
[  911.307285][ T2198] RBP: 00007f08685e5fa0 R08: 00007f086922d000 R09: 0000000000000000
[  911.307295][ T2198] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000
[  911.307304][ T2198] R13: 00007f08685e6038 R14: 00007ffe035e7cb0 R15: 00007ffe035e7d98
[  911.307323][ T2198]  </TASK>
[  911.830291][T13890] Bluetooth: hci2: command 0x0c1a tx timeout
[  912.670790][ T2184] Falling back ldisc for pty185.
[  912.961440][ T2198] Process accounting resumed
[  914.001779][T10388] Bluetooth: hci2: unexpected event 0x3e length: 728 > 260
[  914.001805][T10388] Bluetooth: hci2: unexpected subevent 0x03 length: 727 > 9
[  914.341489][ T2299] random: crng reseeded on system resumption
[  914.592651][ T2316] netlink: 338 bytes leftover after parsing attributes in process `syz.0.3598'.
[  916.594499][ T2368] Console: switching to colour VGA+ 80x25
[  916.978294][ T2406] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.3613: iget: checksum invalid
[  917.001439][ T2406] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  917.034786][ T2406] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.3613: iget: checksum invalid
[  917.055979][ T2406] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  917.078368][ T2406] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.3613: iget: checksum invalid
[  917.104685][ T2406] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  917.118513][ T2406] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.3613: iget: checksum invalid
[  917.134832][ T2406] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  917.150508][ T2406] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  917.174467][ T2406] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  918.544207][ T2433] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3614'.
[  919.651381][ T2583] netlink: 504 bytes leftover after parsing attributes in process `syz.0.3629'.
[  920.340920][ T2646] random: crng reseeded on system resumption
[  920.620663][T16848] Process accounting resumed
[  920.857644][ T2681] zswap: compressor 000 not available
[  920.974319][ T2696] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3634'.
[  921.835799][ T2725] delete_channel: no stack
[  923.730031][ T2790] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  923.736572][ T2790] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  923.743037][ T2790] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  923.749809][ T2790] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  923.755797][ T2790] CPU0 is offline.
[  924.262648][ T2883] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3650'.
[  925.494820][ T2992] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88807fe00500 pfn:0x7fe00
[  925.510376][ T2992] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  925.519463][ T2992] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  925.552906][ T2992] raw: ffff88807fe00500 0000000000000000 00000001ffffffff 0000000000000000
[  925.619570][ T2992] page dumped because: unmovable page
[  925.662501][ T2992] page_owner tracks the page as allocated
[  925.668256][ T2992] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 16693, tgid 16693 (syz-executor), ts 520885996428, free_ts 512573573294
[  925.734670][ T2992]  post_alloc_hook+0x1c0/0x230
[  925.745797][ T2992]  get_page_from_freelist+0x10a3/0x3a30
[  925.755985][T13890] Bluetooth: hci0: command 0x0c1a tx timeout
[  925.762352][T13890] Bluetooth: hci1: command 0x0406 tx timeout
[  925.769037][T10388] Bluetooth: hci2: command 0x0c1a tx timeout
[  925.775040][T10388] Bluetooth: hci4: command 0x0c1a tx timeout
[  925.782779][ T2992]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  925.791444][ T2992]  alloc_pages_mpol+0x1fb/0x550
[  925.800244][ T2992]  alloc_pages_noprof+0x131/0x390
[  925.809006][ T2992]  __vmalloc_node_range_noprof+0x6f8/0x1480
[  925.817707][ T2992]  vmalloc_user_noprof+0x9e/0xe0
[  925.827232][ T2992]  kcov_ioctl+0x4c/0x730
[  925.836006][ T2992]  __x64_sys_ioctl+0x18b/0x210
[  925.842597][ T2992]  do_syscall_64+0xcd/0x4b0
[  925.851371][ T2992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  925.866346][ T2992] page last free pid 5840 tgid 5840 stack trace:
[  925.930328][ T2992]  __free_frozen_pages+0x7df/0x1160
[  925.935601][ T2992]  pcpu_free_pages.constprop.0+0x126/0x210
[  925.977439][ T2992]  pcpu_balance_workfn+0x26b/0xe00
[  925.983390][ T2992]  process_one_work+0x9cc/0x1b70
[  925.993816][ T2992]  worker_thread+0x6c8/0xf10
[  926.001705][ T2992]  kthread+0x3c5/0x780
[  926.016379][ T2992]  ret_from_fork+0x56a/0x730
[  926.021566][ T2992]  ret_from_fork_asm+0x1a/0x30
[  926.483867][ T3050] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3661'.
[  927.618964][ T3073] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3665'.
[  929.178737][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  929.185291][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  929.430774][ T3161] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3678'.
[  929.627946][ T3179] synth uevent: /devices/virtual/block/nbd6: unknown uevent action string
[  929.717727][ T3179] block nbd6: uevent: failed to send synthetic uevent: -22
[  929.790626][ T3191] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3680'.
[  929.977858][ T3191] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  930.036363][ T3191] batman_adv: batadv0: Removing interface: batadv_slave_0
[  930.085331][ T3191] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  930.182534][ T3191] batman_adv: batadv0: Removing interface: batadv_slave_1
[  930.877493][ T3222] nbd: socks must be embedded in a SOCK_ITEM attr
[  930.885366][ T3222] block nbd0: shutting down sockets
[  931.241139][ T3234] bond0: option arp_interval: invalid value ()
[  931.270138][ T3234] bond0: option arp_interval: allowed values 0 - 2147483647
[  932.798015][ T3354] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3691'.
[  933.311400][ T3359] Console: switching to colour frame buffer device 4x6
[  934.083175][ T3462] netlink: 186 bytes leftover after parsing attributes in process `syz.4.3698'.
[  934.159691][ T3467] netlink: 186 bytes leftover after parsing attributes in process `syz.4.3698'.
[  934.887547][ T3497] random: crng reseeded on system resumption
[  935.204988][ T3475] zswap: compressor  not available
[  935.788752][ T3579] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3710'.
[  936.007182][ T3579] ipvlan0: entered promiscuous mode
[  936.027864][ T3579] ipvlan0: entered allmulticast mode
[  936.047441][ T3579] veth0_vlan: entered allmulticast mode
[  937.390350][ T3671] random: crng reseeded on system resumption
[  937.689648][   T30] audit: type=1804 audit(4294967308.298:52): pid=3691 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.3717" name="/newroot/566/file0" dev="tmpfs" ino=2998 res=1 errno=0
[  937.711034][    C1] vkms_vblank_simulate: vblank timer overrun
[  939.339775][ T3778] vcan0: tx drop: invalid sa for name 0x00000000000000fd
[  939.658027][ T3824] ptrace attach of "./syz-executor exec"[23328] was attempted by "./syz-executor exec"[3824]
[  939.922336][ T3015] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  939.922359][ T3015] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  939.938756][ T3015] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  939.938779][ T3015] Bluetooth: hci0: adv larger than maximum supported
[  939.947162][ T3015] Bluetooth: hci0: adv larger than maximum supported
[  939.955699][ T3015] Bluetooth: hci0: Malformed LE Event: 0x0d
[  940.806643][ T3888] tipc: Can't bind to reserved service type 1
[  942.169566][ T3983] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  942.652259][ T3987] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3746'.
[  942.941247][ T3015] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260
[  942.941272][ T3015] Bluetooth: hci4: unexpected subevent 0x0d length: 725 > 260
[  942.956423][ T3015] Bluetooth: hci4: Unknown advertising packet type: 0x7f
[  942.956457][ T3015] Bluetooth: hci4: Malformed LE Event: 0x0d
[  943.170742][ T4011] Process accounting paused
[  944.530645][ T4079] netlink: 'syz.4.3760': attribute type 11 has an invalid length.
[  944.978248][ T4116] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3762'.
[  946.274597][ T4173] random: crng reseeded on system resumption
[  946.526048][ T4205] Unable to find swap-space signature
[  947.049483][ T4238] netlink: 'syz.0.3772': attribute type 11 has an invalid length.
[  948.716241][ T4327] random: crng reseeded on system resumption
[  948.740439][ T4327] Restarting kernel threads ...
[  948.755582][ T4327] Done restarting kernel threads.
[  948.840788][ T4331] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3778'.
[  949.185606][ T3015] Bluetooth: hci4: unexpected event 0x01 length: 5 > 1
[  949.219110][ T4346] serio: Serial port pty6
[  949.514854][ T4377] ptrace attach of "./syz-executor exec"[4380] was attempted by "./syz-executor exec"[4377]
[  950.468831][ T4455] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3786'.
[  950.483180][ T4451] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  950.913984][ T4470] random: crng reseeded on system resumption
[  951.208699][ T4476] bridge0: port 2(bond0) entered blocking state
[  951.271080][ T4476] bridge0: port 2(bond0) entered disabled state
[  951.415514][ T4476] bond0: entered allmulticast mode
[  951.520348][ T4476] bond_slave_0: entered allmulticast mode
[  951.567027][ T4476] bond_slave_1: entered allmulticast mode
[  951.763400][ T4476] bond0: entered promiscuous mode
[  951.995057][ T4476] bond_slave_0: entered promiscuous mode
[  952.124617][ T4476] bond_slave_1: entered promiscuous mode
[  952.185270][ T4476] bridge0: port 2(bond0) entered blocking state
[  952.191755][ T4476] bridge0: port 2(bond0) entered forwarding state
[  953.253424][ T4569] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 2, inode_bitmap = 139
[  953.620100][ T4592] ima: policy update failed
[  953.661599][   T30] audit: type=1802 audit(4294967313.700:53): pid=4592 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.3799" res=0 errno=0
[  953.759637][ T4603] ima: policy update failed
[  953.858057][   T30] audit: type=1802 audit(4294967313.911:54): pid=4603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.3799" res=0 errno=0
[  954.064678][T10363] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  954.275869][T10363] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  954.397121][T10140] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  954.409351][T10140] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  954.417874][T10140] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  954.425991][T10140] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  954.433927][T10140] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  954.550721][T10363] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  955.262800][T10363] bridge_slave_0: left allmulticast mode
[  955.294981][T10363] bridge_slave_0: left promiscuous mode
[  955.324500][T10363] bridge0: port 1(bridge_slave_0) entered disabled state
[  955.419035][ T4698] nvme_fabrics: missing parameter 'transport=%s'
[  955.484881][ T4698] nvme_fabrics: missing parameter 'nqn=%s'
[  956.469410][T10140] Bluetooth: hci0: command tx timeout
[  956.584193][ T4736] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3810'.
[  957.104496][T10363] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  957.118345][T10363] bond0 (unregistering): Released all slaves
[  957.138582][ T4730] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.3808: iget: checksum invalid
[  957.150037][ T4736] hsr_slave_0: left promiscuous mode
[  957.159394][ T4736] hsr_slave_1: left promiscuous mode
[  957.169661][ T4730] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  957.213546][ T4730] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.3808: iget: checksum invalid
[  957.245505][T10363] tipc: Left network mode
[  957.284756][ T4730] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  957.352567][ T4730] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.3808: iget: checksum invalid
[  957.462820][ T4730] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  957.521651][ T4802] FAULT_INJECTION: forcing a failure.
[  957.521651][ T4802] name failslab, interval 1, probability 0, space 0, times 0
[  957.577563][ T4730] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.3808: iget: checksum invalid
[  957.616545][ T4802] CPU: 1 UID: 0 PID: 4802 Comm: syz.4.3813 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  957.616574][ T4802] Tainted: [U]=USER
[  957.616580][ T4802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  957.616590][ T4802] Call Trace:
[  957.616596][ T4802]  <TASK>
[  957.616602][ T4802]  dump_stack_lvl+0x16c/0x1f0
[  957.616626][ T4802]  should_fail_ex+0x512/0x640
[  957.616648][ T4802]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  957.616669][ T4802]  should_failslab+0xc2/0x120
[  957.616691][ T4802]  kmem_cache_alloc_node_noprof+0x78/0x770
[  957.616708][ T4802]  ? reciprocal_value+0x3a/0x90
[  957.616726][ T4802]  ? do_kmem_cache_create+0x25b/0x740
[  957.616750][ T4802]  ? do_kmem_cache_create+0x25b/0x740
[  957.616769][ T4802]  do_kmem_cache_create+0x25b/0x740
[  957.616793][ T4802]  __kmem_cache_create_args+0x202/0x3c0
[  957.616812][ T4802]  mon_text_open+0x333/0x510
[  957.616835][ T4802]  ? __pfx_mon_text_open+0x10/0x10
[  957.616859][ T4802]  ? __pfx_mon_text_ctor+0x10/0x10
[  957.616881][ T4802]  ? __pfx_apparmor_file_open+0x10/0x10
[  957.616902][ T4802]  ? lockdown_is_locked_down+0x3f/0x130
[  957.616921][ T4802]  ? bpf_lsm_locked_down+0x9/0x10
[  957.616945][ T4802]  ? __pfx_mon_text_open+0x10/0x10
[  957.616964][ T4802]  full_proxy_open_regular+0x1b6/0x360
[  957.616989][ T4802]  do_dentry_open+0x982/0x1530
[  957.617009][ T4802]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  957.617036][ T4802]  vfs_open+0x82/0x3f0
[  957.617062][ T4802]  path_openat+0x1de4/0x2cb0
[  957.617086][ T4802]  ? __pfx_path_openat+0x10/0x10
[  957.617109][ T4802]  do_filp_open+0x20b/0x470
[  957.617127][ T4802]  ? __pfx_do_filp_open+0x10/0x10
[  957.617160][ T4802]  ? alloc_fd+0x471/0x7d0
[  957.617182][ T4802]  do_sys_openat2+0x11b/0x1d0
[  957.617205][ T4802]  ? __pfx_do_sys_openat2+0x10/0x10
[  957.617228][ T4802]  ? find_held_lock+0x2b/0x80
[  957.617252][ T4802]  __x64_sys_openat+0x174/0x210
[  957.617276][ T4802]  ? __pfx___x64_sys_openat+0x10/0x10
[  957.617307][ T4802]  do_syscall_64+0xcd/0x4b0
[  957.617328][ T4802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  957.617343][ T4802] RIP: 0033:0x7f086838eec9
[  957.617357][ T4802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  957.617372][ T4802] RSP: 002b:00007f086922c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  957.617387][ T4802] RAX: ffffffffffffffda RBX: 00007f08685e5fa0 RCX: 00007f086838eec9
[  957.617398][ T4802] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  957.617409][ T4802] RBP: 00007f0868411f91 R08: 0000000000000000 R09: 0000000000000000
[  957.617418][ T4802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  957.617427][ T4802] R13: 00007f08685e6038 R14: 00007f08685e5fa0 R15: 00007ffe035e7d98
[  957.617456][ T4802]  </TASK>
[  957.617487][ T4802] __kmem_cache_create_args(mon_text_ffff88814473c400) failed with error -22
[  957.842914][    C1] vkms_vblank_simulate: vblank timer overrun
[  957.934378][ T4730] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  957.979296][ T4730] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  958.004955][ T4730] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  958.106007][ T4624] chnl_net:caif_netlink_parms(): no params data found
[  958.257408][ T4885] random: crng reseeded on system resumption
[  958.554652][T10140] Bluetooth: hci0: command tx timeout
[  958.680585][T10363] hsr_slave_0: left promiscuous mode
[  958.701240][ T4802] CPU: 1 UID: 0 PID: 4802 Comm: syz.4.3813 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  958.701267][ T4802] Tainted: [U]=USER
[  958.701272][ T4802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  958.701281][ T4802] Call Trace:
[  958.701287][ T4802]  <TASK>
[  958.701294][ T4802]  dump_stack_lvl+0x16c/0x1f0
[  958.701317][ T4802]  __kmem_cache_create_args+0x128/0x3c0
[  958.701342][ T4802]  mon_text_open+0x333/0x510
[  958.701364][ T4802]  ? __pfx_mon_text_open+0x10/0x10
[  958.701386][ T4802]  ? __pfx_mon_text_ctor+0x10/0x10
[  958.701406][ T4802]  ? __pfx_apparmor_file_open+0x10/0x10
[  958.701426][ T4802]  ? lockdown_is_locked_down+0x3f/0x130
[  958.701445][ T4802]  ? bpf_lsm_locked_down+0x9/0x10
[  958.701469][ T4802]  ? __pfx_mon_text_open+0x10/0x10
[  958.701488][ T4802]  full_proxy_open_regular+0x1b6/0x360
[  958.701511][ T4802]  do_dentry_open+0x982/0x1530
[  958.701530][ T4802]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  958.701554][ T4802]  vfs_open+0x82/0x3f0
[  958.701578][ T4802]  path_openat+0x1de4/0x2cb0
[  958.701602][ T4802]  ? __pfx_path_openat+0x10/0x10
[  958.701624][ T4802]  do_filp_open+0x20b/0x470
[  958.701641][ T4802]  ? __pfx_do_filp_open+0x10/0x10
[  958.701672][ T4802]  ? alloc_fd+0x471/0x7d0
[  958.701693][ T4802]  do_sys_openat2+0x11b/0x1d0
[  958.701715][ T4802]  ? __pfx_do_sys_openat2+0x10/0x10
[  958.701737][ T4802]  ? find_held_lock+0x2b/0x80
[  958.701760][ T4802]  __x64_sys_openat+0x174/0x210
[  958.701783][ T4802]  ? __pfx___x64_sys_openat+0x10/0x10
[  958.701813][ T4802]  do_syscall_64+0xcd/0x4b0
[  958.701833][ T4802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  958.701847][ T4802] RIP: 0033:0x7f086838eec9
[  958.701859][ T4802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  958.701873][ T4802] RSP: 002b:00007f086922c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  958.701887][ T4802] RAX: ffffffffffffffda RBX: 00007f08685e5fa0 RCX: 00007f086838eec9
[  958.701897][ T4802] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  958.701906][ T4802] RBP: 00007f0868411f91 R08: 0000000000000000 R09: 0000000000000000
[  958.701915][ T4802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  958.701924][ T4802] R13: 00007f08685e6038 R14: 00007f08685e5fa0 R15: 00007ffe035e7d98
[  958.701943][ T4802]  </TASK>
[  959.125965][T10363] hsr_slave_1: left promiscuous mode
[  959.132797][T10363] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  959.144483][T10363] batman_adv: batadv0: Removing interface: batadv_slave_0
[  959.157384][T10363] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  959.167978][T10363] batman_adv: batadv0: Removing interface: batadv_slave_1
[  959.185458][T10363] veth1_macvtap: left promiscuous mode
[  959.191326][T10363] veth0_macvtap: left promiscuous mode
[  959.198639][T10363] veth1_vlan: left promiscuous mode
[  959.204133][T10363] veth0_vlan: left promiscuous mode
[  960.075923][ T4624] bridge0: port 1(bridge_slave_0) entered blocking state
[  960.084091][ T4624] bridge0: port 1(bridge_slave_0) entered disabled state
[  960.111961][ T4624] bridge_slave_0: entered allmulticast mode
[  960.119120][ T4624] bridge_slave_0: entered promiscuous mode
[  960.317898][ T4624] bridge0: port 2(bridge_slave_1) entered blocking state
[  960.345900][ T4624] bridge0: port 2(bridge_slave_1) entered disabled state
[  960.369380][ T4624] bridge_slave_1: entered allmulticast mode
[  960.407665][ T4624] bridge_slave_1: entered promiscuous mode
[  960.608259][T10140] Bluetooth: hci0: command tx timeout
[  960.787026][ T4624] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  960.851103][ T4624] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  960.865159][ T5048] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(10)
[  961.191877][ T4624] team0: Port device team_slave_0 added
[  961.257931][ T4624] team0: Port device team_slave_1 added
[  961.517323][ T4624] batman_adv: batadv0: Adding interface: batadv_slave_0
[  961.561438][ T4624] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  961.684155][ T4624] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  961.777969][ T4624] batman_adv: batadv0: Adding interface: batadv_slave_1
[  961.813620][ T4624] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  961.923758][ T4624] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  962.305854][ T4624] hsr_slave_0: entered promiscuous mode
[  962.337415][ T4624] hsr_slave_1: entered promiscuous mode
[  962.405014][ T4624] debugfs: 'hsr0' already exists in 'hsr'
[  962.422993][ T4624] Cannot create hsr debugfs directory
[  962.471432][ T5196] cifs: Unknown parameter '�����)�	Up��̢{��V]7�62']�Ψ��!�g�ʮ�7�9��fM�<*y�sE�h�
�'
[  962.676694][T10140] Bluetooth: hci0: command tx timeout
[  963.898935][ T4624] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  963.964063][ T4624] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  964.025470][ T4624] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  964.098288][ T4624] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  964.673318][ T5395] netlink: 252 bytes leftover after parsing attributes in process `syz.1.3835'.
[  964.814238][ T4624] 8021q: adding VLAN 0 to HW filter on device bond0
[  964.940943][ T4624] 8021q: adding VLAN 0 to HW filter on device team0
[  965.018028][T10141] bridge0: port 1(bridge_slave_0) entered blocking state
[  965.025204][T10141] bridge0: port 1(bridge_slave_0) entered forwarding state
[  965.118733][T10141] bridge0: port 2(bridge_slave_1) entered blocking state
[  965.125888][T10141] bridge0: port 2(bridge_slave_1) entered forwarding state
[  965.192447][ T4624] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  965.295116][ T4624] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  966.306533][ T4624] 8021q: adding VLAN 0 to HW filter on device batadv0
[  966.971481][ T4624] veth0_vlan: entered promiscuous mode
[  967.294429][ T4624] veth1_vlan: entered promiscuous mode
[  967.539822][ T4624] veth0_macvtap: entered promiscuous mode
[  967.562326][ T5545] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  967.604115][ T5545] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  967.643596][ T5545] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  967.664106][ T5545] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  967.686715][ T5545] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  967.792713][ T5545] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  967.886526][ T5545] CPU0 is offline.
[  967.923691][ T4624] veth1_macvtap: entered promiscuous mode
[  968.129892][ T4624] batman_adv: batadv0: Interface activated: batadv_slave_0
[  968.177714][ T4624] batman_adv: batadv0: Interface activated: batadv_slave_1
[  968.361452][T10141] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  968.430085][T10141] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  968.591829][T10141] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  968.944212][ T5638] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  969.098391][T10144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  969.145356][ T5663] input: jJǸ���;9�%v����l��Q�	J86�� as /devices/virtual/input/input40
[  969.163628][T10144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  969.362289][T10140] Bluetooth: hci4: command 0x0c1a tx timeout
[  969.500323][T10880] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  969.544147][T10880] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  969.601316][T10140] Bluetooth: hci2: command 0x0c1a tx timeout
[  969.607701][ T3015] Bluetooth: hci1: command 0x0406 tx timeout
[  969.680437][T10140] Bluetooth: hci0: command 0x0c1a tx timeout
[  970.670243][ T5761] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  971.749650][T10140] Bluetooth: hci0: command 0x0c1a tx timeout
[  972.862345][ T5879] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3865'.
[  973.100440][ T5747] Process accounting resumed
[  973.691884][ T5905] random: crng reseeded on system resumption
[  973.818555][T10140] Bluetooth: hci0: command 0x0c1a tx timeout
[  974.507672][ T5961] random: crng reseeded on system resumption
[  975.004277][ T5969] sp0: Synchronizing with TNC
[  975.772734][ T5989] Unable to find swap-space signature
[  976.169688][ T3015] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  976.179894][ T3015] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  976.193123][ T3015] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  976.201042][ T3015] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  976.209370][ T3015] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  976.413287][ T6012] openvswitch: netlink: Multiple metadata blocks provided
[  976.883974][ T6053] input: jJǸ���;9�%v����l��Q�	J86�� as /devices/virtual/input/input42
[  977.229917][T10880] bond0: left allmulticast mode
[  977.243991][T10880] bond_slave_0: left allmulticast mode
[  977.261805][T10880] bond_slave_1: left allmulticast mode
[  977.269595][T10880] bond0: left promiscuous mode
[  977.282776][T10880] bond_slave_0: left promiscuous mode
[  977.296578][T10880] bond_slave_1: left promiscuous mode
[  977.309980][T10880] bridge0: port 2(bond0) entered disabled state
[  977.327497][T10880] bridge_slave_0: left allmulticast mode
[  977.341206][T10880] bridge_slave_0: left promiscuous mode
[  977.356172][T10880] bridge0: port 1(bridge_slave_0) entered disabled state
[  978.219093][T10880] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  978.240834][T10880] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  978.261118][T10880] bond0 (unregistering): Released all slaves
[  978.275876][ T3015] Bluetooth: hci3: command tx timeout
[  978.448616][T10880] tipc: Left network mode
[  979.110025][ T6253] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3883'.
[  979.520684][ T5998] chnl_net:caif_netlink_parms(): no params data found
[  979.612894][T10880] hsr_slave_0: left promiscuous mode
[  979.637824][T10880] hsr_slave_1: left promiscuous mode
[  979.659796][T10880] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  979.689372][T10880] batman_adv: batadv0: Removing interface: batadv_slave_0
[  979.719216][T10880] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  979.746855][T10880] batman_adv: batadv0: Removing interface: batadv_slave_1
[  979.804568][T10880] veth1_macvtap: left promiscuous mode
[  979.832081][T10880] veth0_macvtap: left promiscuous mode
[  980.068562][ T6291] random: crng reseeded on system resumption
[  980.345572][ T3015] Bluetooth: hci3: command tx timeout
[  980.817189][T10880] team0 (unregistering): Port device team_slave_1 removed
[  980.874703][ T6308] 0x000200000001-0xa29656a63616329 : ""
[  980.887524][ T6308] mtd: partition "" is out of reach -- disabled
[  980.896206][ T6296] Falling back ldisc for ptm0.
[  981.007259][ T6311] ------------[ cut here ]------------
[  981.013146][ T6311] WARNING: CPU: 1 PID: 6311 at kernel/trace/trace.c:8604 tracing_buffers_mmap_close+0xdd/0x130
[  981.023745][ T6311] Modules linked in:
[  981.028220][ T6311] CPU: 1 UID: 0 PID: 6311 Comm: syz.0.3889 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  981.039200][ T6311] Tainted: [U]=USER
[  981.043054][ T6311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  981.053489][ T6311] RIP: 0010:tracing_buffers_mmap_close+0xdd/0x130
[  981.060290][ T6311] Code: 75 46 48 8b 7b 08 e8 d2 96 ff ff 31 ff 89 c3 89 c6 e8 37 4d fb ff 85 db 75 0a 48 83 c4 08 5b e9 e9 51 fb ff e8 e4 51 fb ff 90 <0f> 0b 90 48 83 c4 08 5b e9 d6 51 fb ff e8 61 cf 62 00 eb 87 e8 8a
[  981.080013][ T6311] RSP: 0018:ffffc900048df7f8 EFLAGS: 00010293
[  981.086117][ T6311] RAX: 0000000000000000 RBX: 00000000ffffffed RCX: ffffffff81bf40e9
[  981.094211][ T6311] RDX: ffff888025418000 RSI: ffffffff81bf40fc RDI: 0000000000000005
[  981.102482][ T6311] RBP: ffff8880548d82c8 R08: 0000000000000005 R09: 0000000000000000
[  981.110535][ T6311] R10: 00000000ffffffed R11: 0000000000000000 R12: dffffc0000000000
[  981.118635][ T6311] R13: 0000200000ffc000 R14: 0000000000000000 R15: ffffffff81bf4020
[  981.126685][ T6311] FS:  00007f8871ec46c0(0000) GS:ffff888124f6f000(0000) knlGS:0000000000000000
[  981.135869][ T6311] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  981.142475][ T6311] CR2: 00007f8871e60f98 CR3: 000000003850a000 CR4: 00000000003526f0
[  981.150508][ T6311] Call Trace:
[  981.153771][ T6311]  <TASK>
[  981.157020][ T6311]  __mmap_region+0x6bc/0x27a0
[  981.161923][ T6311]  ? do_pte_missing+0x567/0x3ba0
[  981.166870][ T6311]  ? __pfx___mmap_region+0x10/0x10
[  981.172035][ T6311]  ? __thp_vma_allowable_orders+0x1c8/0xcd0
[  981.177941][ T6311]  ? find_held_lock+0x2b/0x80
[  981.182983][ T6311]  ? __handle_mm_fault+0x5a8/0x2aa0
[  981.188242][ T6311]  ? __lock_acquire+0x62e/0x1ce0
[  981.193237][ T6311]  ? css_rstat_updated+0x1c2/0x510
[  981.198473][ T6311]  ? __pfx_css_rstat_updated+0x10/0x10
[  981.203989][ T6311]  ? trace_cgroup_rstat_lock_contended.constprop.0+0x180/0x220
[  981.211634][ T6311]  ? folios_put_refs+0x51d/0x750
[  981.216841][ T6311]  ? rcu_is_watching+0x12/0xc0
[  981.221749][ T6311]  mmap_region+0x1ab/0x3f0
[  981.226176][ T6311]  do_mmap+0xa3e/0x1210
[  981.230388][ T6311]  ? __pfx_do_mmap+0x10/0x10
[  981.235088][ T6311]  ? __pfx_down_write_killable+0x10/0x10
[  981.240763][ T6311]  vm_mmap_pgoff+0x29e/0x470
[  981.245350][ T6311]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  981.250504][ T6311]  ? __fget_files+0x20e/0x3c0
[  981.255216][ T6311]  ksys_mmap_pgoff+0x32c/0x5c0
[  981.260469][ T6311]  __x64_sys_mmap+0x125/0x190
[  981.265431][ T6311]  do_syscall_64+0xcd/0x4b0
[  981.270021][ T6311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  981.275908][ T6311] RIP: 0033:0x7f8870f8eec9
[  981.280355][ T6311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  981.299972][    C1] vkms_vblank_simulate: vblank timer overrun
[  981.306222][ T6311] RSP: 002b:00007f8871ec4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  981.314736][ T6311] RAX: ffffffffffffffda RBX: 00007f88711e6090 RCX: 00007f8870f8eec9
[  981.322830][ T6311] RDX: 0000000000000001 RSI: 000000000000401f RDI: 0000200000ffc000
[  981.330857][ T6311] RBP: 00007f8871011f91 R08: 0000000000000004 R09: 0000000000000000
[  981.338903][ T6311] R10: 000000000008e051 R11: 0000000000000246 R12: 0000000000000000
[  981.346939][ T6311] R13: 00007f88711e6128 R14: 00007f88711e6090 R15: 00007ffcec4ef4c8
[  981.354985][ T6311]  </TASK>
[  981.358006][ T6311] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  981.365295][ T6311] CPU: 1 UID: 0 PID: 6311 Comm: syz.0.3889 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  981.376149][ T6311] Tainted: [U]=USER
[  981.379950][ T6311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  981.390011][ T6311] Call Trace:
[  981.393288][ T6311]  <TASK>
[  981.396206][ T6311]  dump_stack_lvl+0x3d/0x1f0
[  981.400789][ T6311]  vpanic+0x640/0x6f0
[  981.404756][ T6311]  ? tracing_buffers_mmap_close+0xdd/0x130
[  981.410563][ T6311]  panic+0xca/0xd0
[  981.414291][ T6311]  ? __pfx_panic+0x10/0x10
[  981.418702][ T6311]  ? check_panic_on_warn+0x1f/0xb0
[  981.423810][ T6311]  check_panic_on_warn+0xab/0xb0
[  981.428754][ T6311]  __warn+0xf6/0x3c0
[  981.432645][ T6311]  ? tracing_buffers_mmap_close+0xdd/0x130
[  981.438443][ T6311]  report_bug+0x3c3/0x580
[  981.442760][ T6311]  ? tracing_buffers_mmap_close+0xdd/0x130
[  981.448556][ T6311]  handle_bug+0x184/0x210
[  981.452870][ T6311]  exc_invalid_op+0x17/0x50
[  981.457360][ T6311]  asm_exc_invalid_op+0x1a/0x20
[  981.462207][ T6311] RIP: 0010:tracing_buffers_mmap_close+0xdd/0x130
[  981.468615][ T6311] Code: 75 46 48 8b 7b 08 e8 d2 96 ff ff 31 ff 89 c3 89 c6 e8 37 4d fb ff 85 db 75 0a 48 83 c4 08 5b e9 e9 51 fb ff e8 e4 51 fb ff 90 <0f> 0b 90 48 83 c4 08 5b e9 d6 51 fb ff e8 61 cf 62 00 eb 87 e8 8a
[  981.488304][ T6311] RSP: 0018:ffffc900048df7f8 EFLAGS: 00010293
[  981.494356][ T6311] RAX: 0000000000000000 RBX: 00000000ffffffed RCX: ffffffff81bf40e9
[  981.502309][ T6311] RDX: ffff888025418000 RSI: ffffffff81bf40fc RDI: 0000000000000005
[  981.510258][ T6311] RBP: ffff8880548d82c8 R08: 0000000000000005 R09: 0000000000000000
[  981.518207][ T6311] R10: 00000000ffffffed R11: 0000000000000000 R12: dffffc0000000000
[  981.526160][ T6311] R13: 0000200000ffc000 R14: 0000000000000000 R15: ffffffff81bf4020
[  981.534157][ T6311]  ? __pfx_tracing_buffers_mmap_close+0x10/0x10
[  981.540395][ T6311]  ? tracing_buffers_mmap_close+0xc9/0x130
[  981.546188][ T6311]  ? tracing_buffers_mmap_close+0xdc/0x130
[  981.551984][ T6311]  ? tracing_buffers_mmap_close+0xdc/0x130
[  981.557777][ T6311]  __mmap_region+0x6bc/0x27a0
[  981.562613][ T6311]  ? do_pte_missing+0x567/0x3ba0
[  981.567533][ T6311]  ? __pfx___mmap_region+0x10/0x10
[  981.572638][ T6311]  ? __thp_vma_allowable_orders+0x1c8/0xcd0
[  981.578539][ T6311]  ? find_held_lock+0x2b/0x80
[  981.583202][ T6311]  ? __handle_mm_fault+0x5a8/0x2aa0
[  981.588385][ T6311]  ? __lock_acquire+0x62e/0x1ce0
[  981.593315][ T6311]  ? css_rstat_updated+0x1c2/0x510
[  981.598414][ T6311]  ? __pfx_css_rstat_updated+0x10/0x10
[  981.603864][ T6311]  ? trace_cgroup_rstat_lock_contended.constprop.0+0x180/0x220
[  981.611399][ T6311]  ? folios_put_refs+0x51d/0x750
[  981.616346][ T6311]  ? rcu_is_watching+0x12/0xc0
[  981.621108][ T6311]  mmap_region+0x1ab/0x3f0
[  981.625519][ T6311]  do_mmap+0xa3e/0x1210
[  981.629771][ T6311]  ? __pfx_do_mmap+0x10/0x10
[  981.634367][ T6311]  ? __pfx_down_write_killable+0x10/0x10
[  981.639992][ T6311]  vm_mmap_pgoff+0x29e/0x470
[  981.644586][ T6311]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  981.649727][ T6311]  ? __fget_files+0x20e/0x3c0
[  981.654408][ T6311]  ksys_mmap_pgoff+0x32c/0x5c0
[  981.659175][ T6311]  __x64_sys_mmap+0x125/0x190
[  981.663855][ T6311]  do_syscall_64+0xcd/0x4b0
[  981.668362][ T6311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  981.674241][ T6311] RIP: 0033:0x7f8870f8eec9
[  981.678653][ T6311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  981.698252][ T6311] RSP: 002b:00007f8871ec4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  981.706666][ T6311] RAX: ffffffffffffffda RBX: 00007f88711e6090 RCX: 00007f8870f8eec9
[  981.714619][ T6311] RDX: 0000000000000001 RSI: 000000000000401f RDI: 0000200000ffc000
[  981.722570][ T6311] RBP: 00007f8871011f91 R08: 0000000000000004 R09: 0000000000000000
[  981.730523][ T6311] R10: 000000000008e051 R11: 0000000000000246 R12: 0000000000000000
[  981.738487][ T6311] R13: 00007f88711e6128 R14: 00007f88711e6090 R15: 00007ffcec4ef4c8
[  981.746448][ T6311]  </TASK>
[  981.749522][ T6311] Kernel Offset: disabled
[  981.753850][ T6311] Rebooting in 86400 seconds..