last executing test programs:

7m39.812070961s ago: executing program 2 (id=287):
mmap$auto(0x6, 0x20009, 0xf3, 0x400000000eb1, 0xffffffffffffffff, 0x1000000000000003)
fcntl$auto(0x3, 0x4, 0xa553)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x400, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r3)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto_HDIO_GETGEO(r4, 0x301, &(0x7f00000001c0))
sendmsg$auto_NL80211_CMD_GET_WIPHY(r3, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
recvmmsg$auto(r3, 0x0, 0x10a, 0x6, 0x0)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x201, 0x0)
openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r5 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
listen$auto(r5, 0x5)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/misc/userfaultfd/power/control\x00', 0x668000, 0x0)
socket(0x2, 0x1, 0x106)
shutdown$auto(0xffffffffffffffff, 0x2)
read$auto_rng_chrdev_ops_core(r2, 0x0, 0x0)

7m35.758238698s ago: executing program 2 (id=293):
madvise$auto(0x0, 0x2000040080000004, 0xe)
r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dri/card1\x00', 0x109c01, 0x0)
ioctl$auto(r0, 0x92106411, 0xffffffffffffffff)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x4, 0x1, 0x0, 0x7, 0xfffffffffffffffe)
write$auto(r1, &(0x7f0000000440)='/Eev/audio1\x00VI\xa3\xa2\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc\x9f\v\xa8\x1b\xab\x9b\x89#Zvu\x95wm\x92\xf5A\xdf\xc5\x11~\x87\x8c\x80\x9c#rh\xbfQ\x85^\xdf\x91N\xfc\xc6\x8d3v-\x7f\x8e\n\x00\x00\x00\x00\x00\x00\x00\v7\xc6\x14\xec2\xae\"\xe4\x9e\x98\xf7\xb0#\xb4\x03]\x01v\xdfgt\x19\a\xed\xdfW_\xcdF\x04^\xe6\x9c\xd6\xb1L\xc4z\xbf\xe6\xb4\v,V\x84\x97\xb3\xa5\'\x9d\x9c\xd4\x1f\xb1b}bq6\xaa\n+-\x11T\x0e\xfe\xf8\xcd#^\xac\xbcB\fZ\x03\xcf\x00\x00l\x1a\xd8r\xa3{[-$Dm\xb0)\x00\'\xccH7b*v\xa1\xb15\xd2T_\x00\x16\x9f\xf2\x19\xd1\xb9fk18\xb2T\xcbW\x12;#\x17\xbf\x00\xdb&-\x9b\xe0+,\x8f^o7\xf9\x84$B\xfa\x1fG_\xe4\xd4\x02\x0e\x8a\x13\xfc\x92\xb1\x9f\xbc\x00', 0x100000a3d9)
mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = socket(0x2, 0x801, 0x6)
setsockopt$auto(r2, 0x2, 0x15, 0x0, 0xa4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/nbd9\x00', 0x18, 0x0)
r3 = openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/events/vmalloc/free_vmap_area_noflush/filter\x00', 0x2, 0x0)
write$auto_ftrace_event_filter_fops_trace_events(r3, &(0x7f0000000300)="2baf82c1a5bc872318c266c40109c6b2b8e16198d96732ec3515702f77291f", 0x1f)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_DISCONNECT(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="01002dbd7000ffdbdf25020000000800010089000000"], 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x2000c800)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x8000b)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
syslog$auto(0x3, 0x0, 0x5)
poll$auto(0x0, 0x7f, 0x9)
socket(0x25, 0x5, 0x6)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
setsockopt$auto_SO_OOBINLINE(r6, 0x80000001, 0xa, &(0x7f0000000080)=',\x00', 0xfffffffc)
r7 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f00000001c0), 0x82200, 0x0)
pread64$auto(r7, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001)
r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0)
sendfile$auto(r8, r8, 0x0, 0x3)

7m33.967155256s ago: executing program 2 (id=301):
mmap$auto(0x6, 0x20009, 0xf3, 0x400000000eb1, 0xffffffffffffffff, 0x1000000000000003)
fcntl$auto(0x3, 0x4, 0xa553)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x400, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r3)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto_HDIO_GETGEO(r4, 0x301, &(0x7f00000001c0))
sendmsg$auto_NL80211_CMD_GET_WIPHY(r3, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
recvmmsg$auto(r3, 0x0, 0x10a, 0x6, 0x0)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x201, 0x0)
openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r5 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
listen$auto(r5, 0x5)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/misc/userfaultfd/power/control\x00', 0x668000, 0x0)
socket(0x2, 0x1, 0x106)
shutdown$auto(0xffffffffffffffff, 0x2)
read$auto_rng_chrdev_ops_core(r2, 0x0, 0x0)

7m30.879384486s ago: executing program 2 (id=306):
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon7\x00', 0x40080, 0x0)
mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0)
clock_settime$auto(0xfffffffe, &(0x7f0000000000)={0x100000004, 0x8})
r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0)
mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
r1 = socket(0x22, 0x1, 0x100)
r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x101100, 0x0)
ioctl$auto_SW_SYNC_GET_DEADLINE(r2, 0xc0105702, &(0x7f00000002c0)={0x0, 0x0, r1})
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r4 = socket(0x2, 0x5, 0x0)
sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x7ec284a4a8dc18cd}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="6d4e1120", @ANYRES16=0x0, @ANYBLOB="00012bbd7000fedbdf250100000008000900", @ANYRES32, @ANYBLOB="050001000000000008000200", @ANYRES32, @ANYBLOB="0800050005000000"], 0x34}, 0x1, 0x0, 0x0, 0x40800}, 0x20040901)
getsockopt$auto_SO_LOCK_FILTER(r4, 0x0, 0x2c, 0x0, &(0x7f0000000100)=0x8)
syz_genetlink_get_family_id$auto_psample(0x0, 0xffffffffffffffff)
mmap$auto(0x7, 0x20009, 0x5, 0xffffffff, 0x405, 0x8000)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
mmap$auto(0x1, 0x1000, 0x40000000000fc, 0x775, 0xffffffffffffffff, 0x6)
r5 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
ioctl$auto_UBI_IOCATT(r5, 0x40186f40, 0x0)
r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r6, 0x4b41, 0x7)

7m29.135488123s ago: executing program 2 (id=312):
bind$auto(0x3, 0x0, 0x6a)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/net/eql/statistics/tx_carrier_errors\x00', 0x800, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x200, 0x0, 0x0, 0x10)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
tkill$auto(0x1, 0x7)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)=""/45, 0x2d)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = socket(0xa, 0x1, 0x84)
semctl$auto(0x1ff, 0xb, 0x405, 0xa)
setsockopt$auto(0x3, 0x10000000084, 0x10, 0x0, 0xc)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4c041)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/ram8/trace/pid\x00', 0x101042, 0x0)
write$auto(r2, &(0x7f0000000380)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1=$:`\xa9\x06H\xafjc\x9c\x88\xefq:Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\x8dm\'+\xd0I>\x8f\x00\xe5\x1c*\xed`-a\xdb?\xc8K\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4)
readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8)
r3 = socket(0xf, 0x5, 0xf)
ioctl$auto_VHOST_SET_VRING_KICK2(0xffffffffffffffff, 0x4008af20, &(0x7f00000000c0)={0xfffffc00, r1})
mmap$auto(0x2, 0x20009, 0xdf, 0xebf, r3, 0x5)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0xb896, 0x1, 0x9, 0xfffffe01, 0x22, 0x940, 0x1ffde, 0x3, 0x5, 0x7, 0x1e, 0x6, 0x0, 0x8000000000000001, 0xb0, 0x7, 0x3, 0x3, 0x5, 0x7, 0xfffffffe, 0x5, 0x0, 0x1000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, [0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffeffc, 0x5c1d, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x5, 0x5, 0x0, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x401, 0xd, 0x2, 0x1, 0x0, 0x0, 0x8000000000000000]}, 0x4, 0x281)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r4 = socket(0x10, 0x2, 0x0)
r5 = openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bluetooth/hci1/power\x00', 0x2, 0x0)
ioctl$auto_BTRFS_IOC_QUOTA_CTL(r5, 0xc0109428, &(0x7f0000000080)={0x29, 0x1ff})
sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x900, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

7m26.871884846s ago: executing program 2 (id=316):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
lseek$auto(0x3, 0x2, 0x4)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0xa)
unshare$auto(0x40000080)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0x101500, 0x0)
readv$auto(r1, &(0x7f00000000c0)={&(0x7f0000000180), 0x200}, 0x6)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x80980, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/bond_slave_1/disable_policy\x00', 0x202, 0x0)
sendfile$auto(r4, r3, 0x0, 0x48)
getdents$auto(0xffffffffffffffff, 0x0, 0xfff)
ioctl$auto_FS_IOC_ADD_ENCRYPTION_KEY2(0xffffffffffffffff, 0xc0506617, &(0x7f0000000240)={{0x6, 0x0, @descriptor="4162321b541a99f9"}, 0x40, 0x3, '\x00', "e2f7e40b7cce3e65d1db4db51b80cf38922a872425af5bf165b0239ccb25816fc69d199e87a289ed19eb4f7ef27299173036d9aa83b6a2b553d850823e304ad0c7e178b6a35c64a146e217fa11076f4d90d848b2a255f1e9c1ccc47659a82fddd4625b241d40f6746a0e915d47a8809c826e427c348ce0f954421ad80b7f7d62e7074930fb9b2ad0df39da91be4fe1d4d60996a993585aa794162339e39d1382df42ce1cb3c8d0c6d057ac5bea2e1df924ff61f143f22a1e52c49668b162568ed0a319be36fd461ec98b1771754eb030fe955f9a3ed944b2022d7aec2425dd56bd54fd9ef9f639f5bce8e833ea"})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0)
unshare$auto(0x40000080)
madvise$auto(0x0, 0xffffffffffff0009, 0x13)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'veth1_to_team\x00'})
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
ioctl$auto_posix_clock_file_operations_posix_clock(0xffffffffffffffff, 0x43403d05, 0x0)
madvise$auto(0x0, 0x53, 0x9)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)

7m26.260305467s ago: executing program 32 (id=316):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
lseek$auto(0x3, 0x2, 0x4)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0xa)
unshare$auto(0x40000080)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0x101500, 0x0)
readv$auto(r1, &(0x7f00000000c0)={&(0x7f0000000180), 0x200}, 0x6)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x80980, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/bond_slave_1/disable_policy\x00', 0x202, 0x0)
sendfile$auto(r4, r3, 0x0, 0x48)
getdents$auto(0xffffffffffffffff, 0x0, 0xfff)
ioctl$auto_FS_IOC_ADD_ENCRYPTION_KEY2(0xffffffffffffffff, 0xc0506617, &(0x7f0000000240)={{0x6, 0x0, @descriptor="4162321b541a99f9"}, 0x40, 0x3, '\x00', "e2f7e40b7cce3e65d1db4db51b80cf38922a872425af5bf165b0239ccb25816fc69d199e87a289ed19eb4f7ef27299173036d9aa83b6a2b553d850823e304ad0c7e178b6a35c64a146e217fa11076f4d90d848b2a255f1e9c1ccc47659a82fddd4625b241d40f6746a0e915d47a8809c826e427c348ce0f954421ad80b7f7d62e7074930fb9b2ad0df39da91be4fe1d4d60996a993585aa794162339e39d1382df42ce1cb3c8d0c6d057ac5bea2e1df924ff61f143f22a1e52c49668b162568ed0a319be36fd461ec98b1771754eb030fe955f9a3ed944b2022d7aec2425dd56bd54fd9ef9f639f5bce8e833ea"})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0)
unshare$auto(0x40000080)
madvise$auto(0x0, 0xffffffffffff0009, 0x13)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'veth1_to_team\x00'})
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
ioctl$auto_posix_clock_file_operations_posix_clock(0xffffffffffffffff, 0x43403d05, 0x0)
madvise$auto(0x0, 0x53, 0x9)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)

23.322101459s ago: executing program 3 (id=1364):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0006, 0x6)
mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}})
madvise$auto(0x97, 0xffffffff80000001, 0x4)
r0 = open(0x0, 0x22240, 0x154)
connect$auto(0x3, 0x0, 0x55)
mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0)
pread64$auto(r1, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x9)
ioctl$auto_SNDRV_PCM_IOCTL_LINK(r0, 0x40044160, &(0x7f0000000140)=0x4d)
add_key$auto_KEY_SPEC_USER_KEYRING(&(0x7f0000001c80)='\\\x00', &(0x7f0000001cc0)='\x00', 0x0, 0x0, 0xfffffffffffffffc)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
ioctl$auto_UDMABUF_CREATE_LIST(0xffffffffffffffff, 0x40087543, &(0x7f0000000100)={0x5eea, 0x7, [{r2, 0x0, 0x4, 0x6}]})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mremap$auto(0x6, 0xffffffffffffffff, 0x5, 0x4, 0x7fffffffb000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0xd4, 0x0, 0x4)
prctl$auto(0x23, 0x20000000000000b, 0x7fffffffefff, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x18, r4, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@HWSIM_ATTR_MULTI_RADIO={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
socket(0xa, 0x801, 0x84)
clock_nanosleep$auto(0x5, 0x1ff, &(0x7f0000000000)={0x7, 0x8}, &(0x7f0000000040)={0x7, 0x7})

20.432375393s ago: executing program 3 (id=1366):
rseq$auto(&(0x7f0000000040)={0xe, 0x401, 0x0, 0x4, 0x6, 0x2}, 0x8000, 0x0, 0x6) (async, rerun: 32)
r0 = socket(0x11, 0xa, 0x9) (rerun: 32)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'pimreg0\x00'}) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/bus/pci/drivers/net2280/new_id\x00', 0xa001, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000)
r2 = socket(0xa, 0x1, 0x84) (async)
io_uring_setup$auto(0x401, 0x0)
syz_clone(0x20043100, 0x0, 0x59, 0x0, 0x0, 0x0) (async)
getsockopt$auto(r2, 0x84, 0x11, 0x0, 0x0) (async)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0) (async)
setrlimit$auto(0x1000000007, 0x0) (async, rerun: 64)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xa, 0x8000) (rerun: 64)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
socket(0x10, 0x2, 0x0)
r3 = socket(0x18, 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'veth0\x00'}) (async)
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
socket(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84) (async, rerun: 64)
r5 = socket(0x18, 0x5, 0x1) (rerun: 64)
connect$auto(r5, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x80047437, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$auto(0xffffffffffffffff, 0x29, 0x4b, 0x0, 0x1)

17.245700567s ago: executing program 4 (id=1368):
fsopen$auto(0x0, 0x1)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x2ab01, 0x0)
ioctl$auto_USBDEVFS_DROP_PRIVILEGES(r1, 0x4004551e, 0x0)
sendfile$auto(0xffffffffffffffff, 0x3, 0x0, 0x400000000008)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
rmdir$auto(&(0x7f0000000080)='./cgroup/../file0\x00')
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
statmount$auto(&(0x7f0000000000)={0x81, @inferred, 0x5, 0xffffffff, 0xfffffffffffffff2}, &(0x7f0000000040)={0x0, 0x0, 0x38, 0xffffff01, 0x9, 0x8000000000000000, 0x8, 0x7, 0x9, 0x5, 0x5, 0x9, 0x3, 0x8, 0x5, 0xf, 0x0, 0x9, 0x10001, 0x5}, 0x800, 0x0)
writev$auto(0x3, 0x0, 0x8009)
mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000)
close_range$auto(0x2, 0x8, 0x0)
sysfs$auto(0x7fffffff, 0x10000000, 0x80)
fsopen$auto(0x0, 0x1)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x5, 0x2000000001, 0x8, 0xd, 0xe13, 0x81, 0xe, 0x2000000000000002, 0x0, 0x9, 0x1, 0x2, 0x7ffffffd, 0x8627, 0x9, 0x20000800001, 0x3, 0x5, 0x1eb68525, 0x6, 0x7, 0x0, 0xffffffee, 0x2a17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x18, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffc, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x209, 0x81)
r3 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0)
pread64$auto(r3, 0x0, 0x101, 0x103)
read$auto_mon_fops_text_t_mon_text(r3, 0x0, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0)
ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f000000c380)={0x7f, 0x10001, 0x1, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x204, 0xc351, 0x5, 0x28, 0x20000000000003, 0x7})
openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/crash_hotplug\x00', 0x8a080, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000001100)=""/4105, 0x1009)
openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x101000, 0x0)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)

16.735923376s ago: executing program 3 (id=1369):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
ioperm$auto(0x29, 0x1, 0x2) (async, rerun: 32)
r0 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32)
close_range$auto(0x2, 0x8000, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) (rerun: 32)
sendmsg$auto_TIPC_NL_PEER_REMOVE(r1, &(0x7f00000110c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f000000e000)={0x18, r2, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x104}, 0x40) (async)
syz_genetlink_get_family_id$auto_nl80211(0x0, r0)

15.696703224s ago: executing program 3 (id=1370):
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5)
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080))
fchdir$auto(r0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0xdef, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000001380), 0x0, 0x0)
io_uring_setup$auto(0x7, 0x0)
read$auto(0x3, 0x0, 0x80)
close_range$auto(0x2, 0x8, 0x0)
socket(0x15, 0x5, 0x0)
openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/nbd14/sched/write2_fifo_list\x00', 0x0, 0x0)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
r2 = socket(0x28, 0x801, 0x0)
socket(0xf, 0x3, 0x2)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72)
socket(0x2, 0x1, 0x0)
select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xfff, 0x8fb6, 0x948b, 0x3, 0x95f4da2d, 0xc, 0x6, 0x62, 0x7, 0x7, 0x6d3f, 0xa, 0x5, 0x5]}, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000140), 0x60a41, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x6, 0x1, 0xffffffffffffffe7, 0x800000000000948b, 0x3, 0x15f4da0a, 0x3, 0x4000000000000003, 0x62, 0x80000021, 0x7, 0x6d3e, 0x7fff, 0x8, 0x6]}, 0x0)
listen$auto(r2, 0xffffffff)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
write$auto(r1, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x1)
close_range$auto(0x2, 0x8, 0x0)
madvise$auto(0x4010c230000, 0x80, 0x200)

15.057866487s ago: executing program 4 (id=1371):
mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x752502, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x1, 0x106)
socket(0x25, 0x1, 0x9)
shutdown$auto(0x200000003, 0x2)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
listen$auto(0x3, 0x3)
eventfd$auto(0x8e)
openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, 0x0, 0x22a40, 0x0)
mlock$auto(0xfbe8, 0x4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r1, &(0x7f0000000040)='//\xf2\x00', 0xfffffffffffffbff)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
r2 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r2, 0x84, 0x2, 0x0, 0x0)
munlock$auto(0xffff, 0x1)

12.786782654s ago: executing program 4 (id=1374):
r0 = openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000b00), 0x40042, 0x0)
write$auto_safesetid_uid_file_fops_securityfs(r0, &(0x7f0000000b40)="33e06908f7cef2ef9652d5e3d0f91cdb9aa7fcd4f56b3ae50e2e7a3fce17ad39061182af048f047adfa552adf5a64941ae9a2564ce32560a", 0x38)
socket(0xa, 0x1, 0x84)
setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x0)
r1 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2)
socket(0x10, 0x4, 0xffffffc0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7)
ioctl$auto_XFS_IOC_ALLOCSP64(r1, 0x40305824, &(0x7f0000000080)={0x1ff, 0x1000, 0xfffffffffffffff7, 0x1, 0x9})
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
write$auto(r2, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
write$auto(r2, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
r3 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20881, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x10003c, 0x1, 0x1ffde, 0x7, 0x3, 0xfffffffffffffffe, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x9, 0x10005, 0x80, 0x4, 0xffefffff, 0x7, 0x2000, 0x203, 0x0, 0x20e9d17d, 0x400300000000000, 0xdb, 0x0, 0x80000000, 0xf04, [0xfffffffffffffffe, 0x0, 0x2, 0xfffffffffffffffd, 0x2, 0xfffffffffffffffe, 0x0, 0x20000000000007, 0x6be, 0x0, 0x0, 0x0, 0x4, 0x9, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x2, 0x0, 0x0, 0x5, 0xff5b, 0xc72, 0x0, 0x9, 0x0, 0x66, 0x2, 0x1, 0x0, 0x0, 0x80000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x8c]}, 0x2, 0xd)
ioctl$auto_EVIOCGRAB(r3, 0x40044590, &(0x7f0000000000)=0x2)
write$auto(r3, &(0x7f0000000040)='/dev/input/event1\x00', 0x10001)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x4, 0x15)
socket(0x10, 0x2, 0xffffffff)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x109500, 0x0)
pread64$auto(r4, 0x0, 0x8, 0xffff)
madvise$auto(0xffdffffffffffffc, 0x200006, 0x0)
setresuid$auto(0x2, 0x7, 0x8080)
socket(0x2b, 0x2, 0x20a)
write$auto_tomoyo_operations_securityfs_if(0xffffffffffffffff, &(0x7f00000000c0)="0a1b9a3c3e3efd6ea3d31791840bd70c00000082574c58e9865c42d76e1cadd6a7b7b426b7fcdc8e357080d70b5ab848770dc8f745d1c76eedaa12b9db4b519958c62bf692d2c9df7a9a2e8a556b30aeb5dfce3531f694dabdbc08f62cb37e5bc82e660cfd70f603b20416c7bf0e95345b899b4466bf6a70b1274b19782b41ac172a25e65be53e69c6369b67a4cbd6383a0d766de0287d84516183587530a17dbfd83a7678c6dad9917b91c7c9de3d61af452f90cf22400c4bcbb8410703641b3bccd058f9f2bad31f2ce81e389e210b34f43b4a5af377a6d4353989b4e9d49b2537b0a63a5cf6ae230d1296", 0xec)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty51\x00', 0x200300, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x8080, 0x0)

11.785603261s ago: executing program 3 (id=1376):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/devices/virtual/block/ram4/queue/io_poll\x00', 0x103300, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001680)=""/59, 0x3b)
openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bdi/43:192/wb_stats\x00', 0x40, 0x0)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x582, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x4}, 0x7e, 0x0, 0x0, 0x9}, 0x9ac}, 0x3, 0x8)
writev$auto(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180), 0x9}, 0xb)
prctl$auto(0xb35, 0x80000000000001, 0x0, 0x2, 0x0)
r1 = socket(0x18, 0x2, 0x0)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/pcmC1D0p\x00', 0x1, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_INTERFACE(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x48c3}, 0x200c0085)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x80000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
read$auto_rng_chrdev_ops_core(r3, &(0x7f0000000040)=""/4096, 0xfffffe82)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
r4 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/devices\x00', 0x600, 0x0)
read$auto_proc_mountinfo_operations_mnt_namespace(r4, &(0x7f0000001100)=""/4096, 0x1000)
mmap$auto(0x0, 0x400008, 0x40000000df, 0x7e, 0x2, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)

8.817789041s ago: executing program 4 (id=1381):
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) (async)
r0 = socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) (async)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) (async)
io_uring_setup$auto(0x1, 0x0) (async)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0x8) (async)
socket(0x29, 0x2, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$auto_GTP_CMD_ECHOREQ(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="24000002", @ANYRES16=r2, @ANYBLOB="030225bd7000ffdbdf2503000000080001000100000008000200cd0d0000"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) (async)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x0, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) (async)
write$auto(r3, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9)
r4 = getpid()
process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x292a41, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0) (async)
socket(0x2, 0x4, 0x4) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r5, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
bpf$auto(0x2, 0x0, 0x0) (async)
memfd_secret$auto(0x0)
ioctl$auto(0x3, 0x400454ca, 0x38) (async)
socket$nl_generic(0x10, 0x3, 0x10)

6.819735451s ago: executing program 4 (id=1385):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x210a00, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000003b00)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x600, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, r0, 0x2)
r1 = socket(0x1, 0x1, 0x1)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0)
close_range$auto(0x2, 0x8, 0x0)
syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000140), r1)
r2 = socket(0xa, 0x3, 0x3b)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, r2, 0x8000)
madvise$auto(0x0, 0x2000040080000004, 0x10)
mlock$auto(0x401, 0x439)
sendmmsg$auto(0x3, 0x0, 0x40, 0x100)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/set_event\x00', 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), r2)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
close_range$auto(r3, 0x8, 0x0)
brk$auto(0xffffffffffffff66)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0xda)
r6 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0)
pread64$auto(r6, 0x0, 0x800003, 0x270)
r7 = socket(0x29, 0x2, 0x0)
sendmsg$auto_MACSEC_CMD_DEL_RXSA(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000013c0)=ANY=[], 0x1190}, 0x1, 0x0, 0x0, 0x2c095}, 0x4080)
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x89/s\x1cJ\x99\x00:\x00!\r?\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2\x00'/97, 0xe, 0x3)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ttyt5\x00', 0x20102, 0x0)

5.652180979s ago: executing program 3 (id=1388):
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x184)
openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0)
readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram11\x00', 0x14be02, 0x0)
syz_clone3(&(0x7f0000000440)={0x20900, &(0x7f00000000c0), &(0x7f00000001c0), &(0x7f0000000200), {0x1e}, &(0x7f0000000280), 0x0, &(0x7f0000000340)=""/175, 0x0}, 0x58)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
ioctl$auto_SNDCTL_DSP_MAPOUTBUF(0xffffffffffffffff, 0x80105014, &(0x7f0000000240)="56d2a31415a192ee779dea7567d602a61d6d6ba276224c1928c76b3f00034e5ab9dcd4fbab40111ab2132faaf5b8e3c45f83417d5e5e9e6e74719fa7489e27afa7c8f9a503682fab9c41eedb14c5ec7b0edf2f195684f1f4ed79486f75ecb4a478fda881360669f86d57590ddee1a20900a160f2d3b6aaa1fb76c52efca466215b95222b5a")
rseq$auto(0x0, 0xfffffff4, 0x0, 0x5)
r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, 0x0)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0)
rseq$auto(0x0, 0x2000aa7, 0x3, 0x2020401)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)

5.198581115s ago: executing program 0 (id=1389):
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/037/001\x00', 0x20882, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x14, 0x5, 0x7fc, 0x7fb, &(0x7f00000002c0)}) (async)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async, rerun: 64)
mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) (async, rerun: 64)
close_range$auto(0x0, 0xffffeffe, 0x2)
io_uring_setup$auto(0x7, 0x0) (async)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x181902, 0x0)
io_uring_setup$auto(0x6, 0x0) (async)
mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9)
rename$auto(&(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='./file1/file0\x00') (async)
io_uring_register$auto(0x2, 0x1e, &(0x7f00000001c0)="8138034e72ac", 0x1) (async)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv6/conf/netdevsim2/hop_limit\x00', 0x5014c0, 0x0) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004814}, 0x8800) (async, rerun: 32)
mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) (rerun: 32)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
close_range$auto(0x2, r0, 0x2007f)
r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/mouse0\x00', 0x0, 0x0)
write$auto_mousedev_fops_mousedev(r2, &(0x7f0000001380)="22d2", 0x2) (async)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcsa\x00', 0x108002, 0x0) (async)
r3 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$auto_nvram_misc_fops_nvram(r3, &(0x7f0000000280)=""/210, 0xd2) (async)
ioctl$auto_NVRAM_INIT(r3, 0x7040, 0x0)
prctl$auto(0x43, 0x0, 0xffffffffffffffff, 0x0, 0x0) (async)
openat$auto_minstrel_ht_stat_csv_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy3/netdev:wlan0/stations/08:02:11:00:00:01/rc_stats_csv\x00', 0x2000, 0x0) (async)
r4 = getsockopt$auto_SO_PEERPIDFD(0xffffffffffffffff, 0x1, 0x4d, &(0x7f0000000180)='\x00\x10\\.\x87\xf8Bw\x9bJx\amt\n\xfe\x9c', &(0x7f0000000040)=0xf7)
ioctl$auto_FIONREAD(r4, 0x541b, 0x5) (async)
setgroups$auto(0xe32, 0x0)

3.663929794s ago: executing program 0 (id=1393):
r0 = socket(0xa, 0x6, 0x3c)
connect$auto(r0, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) (async)
sendmsg$auto_CTRL_CMD_GETFAMILY(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000380)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000128bd70726f632f7379732f13a86e65742f676f72652f7270735f6465666175c4fe7e9606c3a300"/53], 0x2a}, 0x1, 0x0, 0x0, 0x4}, 0x48850) (async)
write$auto(r0, &(0x7f0000000080)='+&\x00I\xaar\x1c\xbb\xde\ah\x15,\xeb|\x85\xe8\x97Z\xc30\xae}\xa1\x17K(\x80]]\x8d\xb5\xeb-\x9d\xc1\xceU\xbb_\xcf\xe8#U\xd0_|\x15f\x92\xaa\x9f\xa0l}7z#u\xf6\xd1\xe1\x8d\x05=w\xf1\xb9K\xf4\\\a\xdf\x87\xbb\x03d6\xe1\x14\xb1|\x98\x82$\xf3\xb2\xcf\xb7\x7f\xf8f*/\xc2\x82\x8c2\x8d^\x10\xc6\x1cs', 0x263f)

3.448147768s ago: executing program 4 (id=1395):
r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0)
socket(0x1a, 0x1, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000040)=""/209, 0xd1)
socket(0x2, 0x1, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = openat$dir(0xffffffffffffff9c, 0x0, 0x68802, 0x1a4)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0)
writev$auto(r3, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x6, 0x2, 0x6)
mknodat$auto(r2, &(0x7f0000000380)='./file0\x00', 0x0, 0x7fffffff)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x20001, 0x44f, 0x7, 0x1, 0x1007181, 0x10008a0d, 0x7, 0x7, 0x7, 0x89, 0x26, 0x4, 0x200000000001, 0xfffffffffffff343, 0xfffffffffffffffa, 0x500000000000000, 0x0, 0x30, 0x0, 0x864, 0xe, 0x22000, 0x9, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xae1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}, 0x5, 0xd)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(0xffffffffffffffff, 0x80, &(0x7f00000001c0))
semctl$auto_SETVAL(0x4, 0xfffffff7, 0x10, 0x0)
mmap$auto(0x9, 0xe983, 0xc, 0xeb1, r0, 0x1)
read$auto(0xffffffffffffffff, 0x0, 0x20)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/bond0/bonding/ad_actor_system\x00', 0x0, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000180)={0x7fffffff, 0xffffff03, 0x2, 0x6, 0x4, 0x8, 0xffffffffffffffff, [0x0, 0x3], {0x6, 0x6, 0xf, 0x29f, 0x4, 0xffffdffd, 0x101, 0x17f, 0x2}, {0x2ff, 0xfffffffd, 0x90, 0x5, 0xffffffff, 0x40, 0x4, 0x8, 0x100000004}})
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/fs/lockd/nlm_end_grace\x00', 0x8282, 0x0)
socket(0x2b, 0x1, 0x0)

2.728895503s ago: executing program 1 (id=1396):
r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d80200", @ANYRES8, @ANYBLOB="01002dbd7000fcdbdf25010000000c0002000500000000000000c5000700c1007cf7c27c120e3984130834a73f9221887ac28e443c4a1a7da8d2ddcf2890cce5822826764f3f410e53f43f300d2e04700395778e7935c99f6a38f6f3e56e7d8a18d15791b3b4f9378d743a8f0cbbe1c604a782030626ead26826f4790233f19c29fbaf1da77e1b84522d05ca0f4237b24aead8"], 0x1d8}, 0x1, 0x0, 0x0, 0x40080}, 0x24040000)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/mountinfo\x00', 0x42100, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/usb/drivers/kinect/unbind\x00', 0x301001, 0x0)
lseek$auto(0x3, 0x8, 0x0)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sg1\x00', 0x109002, 0x0)
ioctl$auto_BLKSECTGET2(r1, 0x1267, 0x200000000000000)
mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000080)='nfsd\x00', 0x7, 0x0)
chdir$auto(&(0x7f0000000000)='}[,&*}\x00')
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
lseek$auto(0x0, 0x101, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0)
read$auto(r2, &(0x7f00000000c0)='/sys/devices/~latform/vhci_hc$.7/usb23/23-0:1.0/~\xda=\x8eep_81/inver', 0x6864a34)
r3 = socket(0x11, 0x3, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
sendmmsg$auto(r3, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f00000000c0)={&(0x7f0000000080)="4c06000002000000000000007f00000000000000071b", 0x4b}, 0x2, 0x0, 0x5, 0x3ff}, 0xa2}, 0x2, 0x100)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop12\x00', 0x24040, 0x0)
ioctl$auto_BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000240)={"ef65ce7cb454168d6c0000000000002713df81000000ffffffffffffff2900", 0x3ff, 0x405, 0xffc, 0x400004, 0x200000000040000d})
mmap$auto(0x0, 0x2020009, 0x100000000000003, 0xeb1, r2, 0x8000)
bpf$auto(0x24, 0x0, 0x8)
r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/rt_acct\x00', 0x840, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r5, &(0x7f0000000180)=""/138, 0x8a)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003ec, 0x14)
ioctl$auto_BLKTRACETEARDOWN(r4, 0x1276, 0x0)
ioctl$auto_BLKTRACETEARDOWN(r4, 0x1276, 0x0)
ioctl$auto_VHOST_SET_BACKEND_FEATURES(r0, 0x4008af25, &(0x7f00000002c0)=0x7)

2.447868488s ago: executing program 0 (id=1397):
inotify_init1$auto(0x3000000000000)
r0 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xe1, 0x9b72, r0, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
fanotify_init$auto(0x65, 0x2)
pipe$auto(0x0)
dup2$auto(0x5, 0x4)
splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9)
write$auto(0x6, 0x0, 0x100000001)
setsockopt$auto(0x3, 0x1, 0x2a, 0x0, 0x9)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80302, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0x1, 0x8fd6, 0x948b, 0x3, 0x3392, 0x4, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8s\xf46y{\xef\xe8\x8b\x11:T\xe3\xce\x81\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?\xedK[\xea\xcfsw}a\x19\xe6\xd7i\x9b\xfe\xe7\xe1J3\xa5Rk\xa8\x95\xc408\xc7_\x82\x90\x8dq1\x10\xbf\xa9\xc7j\xe6-\xe2\xbf\xdb\x13e\xeb\x81\xc3\xb8=\x9b\xa4\xa5\xcc\xd4\xb9\xa5\xb4\x12\xd0\xfb\x96\x1cj\xd2z\n\x8at\x14\xd6\x89\b\xcf\xd4B\xa3\b[\xdc$\x8d\xc8\xd4\xe5\xb0\x8er', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)

2.192598559s ago: executing program 1 (id=1398):
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x184)
openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0)
readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram11\x00', 0x14be02, 0x0)
syz_clone3(&(0x7f0000000440)={0x20900, &(0x7f00000000c0), &(0x7f00000001c0), &(0x7f0000000200), {0x1e}, &(0x7f0000000280), 0x0, &(0x7f0000000340)=""/175, 0x0}, 0x58)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
ioctl$auto_SNDCTL_DSP_MAPOUTBUF(0xffffffffffffffff, 0x80105014, &(0x7f0000000240)="56d2a31415a192ee779dea7567d602a61d6d6ba276224c1928c76b3f00034e5ab9dcd4fbab40111ab2132faaf5b8e3c45f83417d5e5e9e6e74719fa7489e27afa7c8f9a503682fab9c41eedb14c5ec7b0edf2f195684f1f4ed79486f75ecb4a478fda881360669f86d57590ddee1a20900a160f2d3b6aaa1fb76c52efca466215b95222b5a")
rseq$auto(0x0, 0xfffffff4, 0x0, 0x5)
r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, 0x0)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0)
rseq$auto(0x0, 0x2000aa7, 0x3, 0x2020401)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)

1.960759671s ago: executing program 0 (id=1399):
capset$auto(0x0, 0x0)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x100fe)
openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0x101200, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0x10006, 0x300000000000)
socket(0x2, 0x3, 0x6)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x6a)
write$auto_console_fops_tty_io(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/kernel/debug/bdi/1:15/wb_stats\x00', 0x40, 0x0)
syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff)
socket(0x10, 0x80000, 0xb0000000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/current_tracer\x00', 0x41, 0x0)
socket(0xa, 0x5, 0x0)
socket(0xa, 0x2, 0x88)
close_range$auto(r0, 0xffffffffffffffff, 0x2)
mmap$auto(0x0, 0x4020009, 0x1, 0x1010, 0x401, 0x8000)
capset$auto(0x0, 0x0)
r1 = open(0x0, 0x22240, 0x154)
socket(0xa, 0x2, 0x88)
bpf$auto(0x0, &(0x7f0000000400)=@link_update={r1, @new_prog_fd=0x4, 0x4, @old_map_fd=0x3ff}, 0xa3)
bpf$auto(0x0, &(0x7f00000000c0)=@query={@target_ifindex, 0x3c5, 0x8, 0x104, 0x46da, @prog_cnt=0x5, 0x0, 0x1c, 0x9, 0x9, 0x9}, 0x10)
bpf$auto(0x2, &(0x7f00000001c0)=@bpf_attr_1={0xffffffffffffffff, 0xbb8, @value, 0x3}, 0xcd)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
socket(0x0, 0xa, 0x3)
socketpair$auto(0x1e, 0x3, 0xfffffffe, 0x0)

1.183012458s ago: executing program 1 (id=1400):
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x200)
mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000200)='nfsd\x00~T\x01\x00\x00\x00|\x1ei\x19\'8&\x13~\xd9t\xec\v\xc3\xfd\x8b\x1a\xd0wWXfa\f\v_\x9e:\x88\x9ej\x1aYAW\xa5a\x13\x9c\xae\x17\x7fob\xde\xb3\\\x94\xfal\xf2Y\xf9+\xf2\xf8\x88\xc4\xb8fI\xde6#mP\xe7\x85\'\x1b\x04\xcd\x1fW\x88T\xe9\x1e\xb7\xa20\t\x17\xc16\f\x05?-\xb2v\x1f\x8b}\n\xd7~\xdd\xb6\xee\xf1 \x9d\xd8\xd2kt}\xe3\xe4Q\xc4\x81\x11\xc2,\x89\xa5)\xf0y4\xb6\x9e\xf0h\x7f\x04\x91\x92|b\xd4\xcd\x10\x92\xe2\x03Op\x14Fe\xb6\x11\x9c\xe5\xe4X+\x94J\xf1\xa6\x86\xf0\xbd\x04uin\x11\xd9\xfe\x86BBa*\x1c\xa0\x8dG\x9d\x1b0\x05\x9ct\xfd\x82:.Bm]\x1cT\xeay\\W\x82c-\xbe\xefXE\xa7\xd53X\xa1?\x8a1\xb0\x8d\\\x85\x05y(\xd5n\xb3\xe6\x8cm\xf2\xb4lYC/n\x9b\xf7O4\xb6|\x96\x97\x8b\xf7F\xfd\xba\xf41\xec \xc5\xf7\x87@\x93\x1e\xba%<\xae\xeb\x1d\xeaVm\xc7\xb5\xe3\xb1\x83|\xc9\x1c\xe2N\nG\xfdVL\x80\xd0\x00\x00\xbb\x14\xfb\xcf\x1f\xf5\xfb9\xd8\x83\x12\xf3\xc6\xd1\xef\xc4\xd8\xcf\xd8\xfc\x18\xc9Lr\xfb\xfd\xf2\xa5re\x94\x98\a\xfc\xf9X\xc8\b\x1a\xb9\x1bX\xe2\n\"\xbf2\x12j`\xf5\xec\xfd\xd6\xa7\x1e\xd0\n\xbe\x1f\x06_T!z\xe3\xfd\x01\x0e\xd0Um\xa9\x9f\x13\xa0|\xe4\x17r\xd1\xec-\xb4\x81\"_O\xe0(\xb9\xaf\xeb7\xe6\x16Q\xf6\xc6\xa9\x1b\xe5\xbab.UH`\xb0r\x18#6zQ\xc9\xcf\x8c\xfe\x91\x99\xc7\x04\xf3\x13\x1d()\x91\x03\xff\xd8\"\xcd\xa6\x90e\x89\xe6\xca\x9e\x1b?\x9aP\xa1\x86:42 \xb2\v_\xd3(\x92\x93\x15\xac`\x12\xceoa\bY\xa9V#\r\'bko\xd9T\x80\xc4\x8dL#$\x98\x88\xb5+\xe3\xe7\xbf_FX\x81c\xc2\xe5\x8b\x12\x8fFIdy\nu\x03\xf7\xd9\x7f\x9a\x01\xf1|\xd5k\xef\x84j\xe2\xa6\x94?T\x06Y\v`\x194\xca\xf6|yr\xafH\x0e\x1b\xdcpV\xa4\xd4;\x1f0n\xf3\xc8\x83\x8a\'AT\x01\xea\xb9;i\x9d\xf9Z\xc68sM\xa9\xf2\x02\x8f\xd7RQ^\xc8\xa5~\x19AI\x15\x18\x98\xdd{]\xd4\xa2\xa0\xfb\xaa', 0x800, 0x0)
mount$auto(0x0, &(0x7f0000000000)='}[,&*}\x00', 0x0, 0x3375, 0x0)

1.085556854s ago: executing program 1 (id=1401):
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xa3, 0xeb1, r0, 0x8000)
socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0xfffd, 0x8000, 0x0)
timer_gettime$auto(0x9c0, &(0x7f0000000040)={{0x2, 0x9}, {0x7d, 0x5}})
sendmmsg$auto(0x3, 0x0, 0x7878, 0x7000000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
sendmmsg$auto(0x3, 0x0, 0x2, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x2, 0x8, 0x0)
getpriority$auto_PRIO_PGRP(0x1, 0x0)
mmap$auto(0xfff, 0x2820009, 0x3, 0x17, r0, 0x7ffd)
socket(0x2, 0x3, 0xa)
socket(0x11, 0x80003, 0x300)
clone3$auto(0x0, 0x9)
socketpair$auto(0x1, 0x0, 0xfffffffc, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/tty10\x00', 0xc7f16bff2a10ba01, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0)
ioctl$auto_TIOCVHANGUP2(r1, 0x5437, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capset$auto(&(0x7f0000000180)={0x19980330}, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
open(0x0, 0x22240, 0x154)
bpf$auto(0x7, 0x0, 0xa3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x6, 0x14)
ptrace$auto_ARCH_MAP_VDSO_64(0x5, 0x0, 0x7fffffff, 0x2003)
socket(0x11, 0x80003, 0x300)
socket(0x1d, 0x2, 0x7)
socket(0x2, 0x1, 0x0)

830.147313ms ago: executing program 0 (id=1402):
r0 = socket(0xa, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01032cb57000fbdbdf250a0000000600010017000000"], 0x1c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0)
r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), r2)
sendmsg$auto_MACSEC_CMD_ADD_RXSC(r1, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="01efba04a40495702d8834"], 0x14}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000040)
r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000280), r0)
sendmsg$auto_NFSD_CMD_VERSION_GET(r1, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, r5, 0x1, 0x70bd28, 0x25dfdbff, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000040}, 0xa3cfcaa6c34b3237)
sendto$auto(r0, 0x0, 0x402, 0xacf8, &(0x7f0000000000)=@generic={0xa, "e2e13d0ee94e00"}, 0x1b)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r6 = io_uring_setup$auto(0x6, 0x0)
r7 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/usbmon8\x00', 0x640, 0x0)
read$auto_mon_fops_binary_mon_bin(r7, 0x0, 0x2f)
close_range$auto(0x2, 0x8, 0x0)
waitid$auto_P_ALL(0x0, 0x0, &(0x7f0000000040)={@_si_pad}, 0x200, &(0x7f0000000140)={{0x4b, 0x40}, {0xce6, 0x9}, 0x3ff, 0x2400, 0x3ff, 0xffffffffffffffff, 0x0, 0x6, 0x9bce, 0x3, 0x3, 0x0, 0x3, 0x2, 0xe, 0x8})
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r8 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0\x00', 0x2, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000480)='/dev/dsp\x00', 0x301040, 0x0)
ioctl$auto_USBDEVFS_ALLOC_STREAMS(r6, 0x8008551c, &(0x7f00000004c0)=ANY=[@ANYBLOB="00080000e7120000ecc624fd1dc9750900cbad751197dfc5dffeaabe0d4e8c3e62b9602174179283f22fd40af575d0e4332168cd13637874"])
ioctl$auto_FBIOPAN_DISPLAY(r8, 0x4606, &(0x7f0000000000))

300.200265ms ago: executing program 0 (id=1403):
mmap$auto(0x0, 0x40007, 0xdf, 0x9b72, 0x7, 0x28000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x9, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0)
socket(0x2, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop6\x00', 0x105000, 0x0)
sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x405b)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
semctl$auto(0x4, 0x804, 0x13, 0x46)
select$auto(0x5, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xf, 0x1, 0x948b, 0x3, 0x7f, 0x3, 0x8000000003, 0x62, 0x8000001f, 0x40007, 0x4, 0x9, 0x1, 0x8]}, 0x0)
mmap$auto(0x0, 0x202000a, 0x3, 0x1000eb1, 0xfffffffffffffffa, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/path_max\x00', 0x0, 0x0)
read$auto(0x3, 0x0, 0x7)
r1 = socket(0x6, 0xa, 0x80a)
getsockopt$auto(r1, 0x0, 0x29, 0x0, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r2, 0x0, 0x7)
setrlimit$auto(0x0, 0x0)
setrlimit$auto(0x0, &(0x7f0000000040)={0x3346, 0xffffffffffffffff})
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x2000c, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4020009, 0xdb, 0xebf, 0xffffffffffffffff, 0x1)
ioctl$auto_TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)

84.023996ms ago: executing program 1 (id=1404):
pipe$auto(&(0x7f0000000000))
r0 = bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
socket(0x1, 0x5, 0x0)
memfd_create$auto(&(0x7f00000000c0)='\xc4--:\xdd:,./-${\x00', 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x3}, 0xed7138c}, 0x7, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0xa, 0x2, 0x88)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=0x4, 0x4, @old_map_fd=r0}, 0xa3)

0s ago: executing program 1 (id=1405):
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC1\x00', 0x48880, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000040)=0x5)
read$auto_force_wakeup_fops_hci_vhci(0xffffffffffffffff, &(0x7f0000000080)=""/216, 0xfffffffffffffce1)
r1 = prctl$auto(0x59616d61, 0x7, 0x1, 0x8, 0xfffffffffffffffb)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
syz_genetlink_get_family_id$auto_nl80211(0x0, r1)
msgctl$auto_IPC_STAT(0x25, 0x2, &(0x7f0000000180)={{0x7, 0xee00, 0x0, 0x7ffffffd, 0x7fff, 0x5}, &(0x7f0000000000)=0x6, 0x0, 0x3, 0xff, 0x506, 0x2, 0x10001, 0x3b5d, 0x7ff, 0x2, @raw=0x8})
set_mempolicy$auto(0x6, &(0x7f0000000000)=0x3, 0x21)
sendmsg$auto_NL80211_CMD_JOIN_MESH(r1, 0x0, 0x48800)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0)
r3 = clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9)
writev$auto(r2, &(0x7f0000000080)={0x0, 0x1000}, 0x3)
sendfile$auto(r0, r0, &(0x7f0000000200)=0x80000001, 0x7fffffffffffffff)
r4 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/mouse0\x00', 0x181502, 0x0)
r5 = fcntl$auto(0x3, 0x4, 0xa553)
set_mempolicy$auto(0x9, &(0x7f00000003c0)=0xe00000000000000, 0x8)
write$auto(r4, &(0x7f0000000140)=',\x00', 0x3)
r6 = pidfd_open$auto(r3, 0x2)
read$auto_proc_mountstats_operations_mnt_namespace(r6, &(0x7f0000000240)=""/253, 0xfd)
r7 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r7, &(0x7f0000000440)="671f264add69b6440843b6e6688a2b5ad9df2669e6f9cd9b6532b20ed763ac8caf4b9b4d", 0x24)
socket(0x23, 0x5, 0x5)
r8 = socket(0x11, 0x3, 0x6)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x4a})
sendmmsg$auto(r8, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000180), 0x5ea}, 0x7, 0x0, 0x0, 0x1001}, 0x5}, 0x2, 0x140)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000340)='/dev/audio\x00', 0x1, 0x0)
syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000380), r5)

kernel console output (not intermixed with test programs):

10/0x10
[  346.360277][ T8962]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  346.360340][ T8962]  ? __fget_files+0x20e/0x3c0
[  346.360385][ T8962]  __x64_sys_recvmmsg+0x22a/0x280
[  346.360439][ T8962]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  346.360503][ T8962]  do_syscall_64+0xcd/0x490
[  346.360556][ T8962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.360588][ T8962] RIP: 0033:0x7f7a1f98ebe9
[  346.360611][ T8962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.360641][ T8962] RSP: 002b:00007f7a1dbb4038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  346.360670][ T8962] RAX: ffffffffffffffda RBX: 00007f7a1fbc6180 RCX: 00007f7a1f98ebe9
[  346.360691][ T8962] RDX: 000000000000010a RSI: 0000000000000000 RDI: 0000000000000005
[  346.360709][ T8962] RBP: 00007f7a1dbb4090 R08: 0000000000000000 R09: 0000000000000000
[  346.360728][ T8962] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000002
[  346.360746][ T8962] R13: 00007f7a1fbc6218 R14: 00007f7a1fbc6180 R15: 00007fffc9acd348
[  346.360786][ T8962]  </TASK>
[  347.142857][ T8965] ubi: mtd0 is already attached to ubi0
[  347.426087][ T8977] ubi: mtd0 is already attached to ubi0
[  349.134404][ T8995] netlink: 8 bytes leftover after parsing attributes in process `syz.3.555'.
[  349.474392][ T8992] netlink: 338 bytes leftover after parsing attributes in process `syz.4.553'.
[  350.085959][ T9006] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.558'.
[  351.063830][   T31] audit: type=1800 audit(1757185351.894:7): pid=9025 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.562" name="dbroot" dev="configfs" ino=20355 res=0 errno=0
[  351.732904][ T9016] FAULT_INJECTION: forcing a failure.
[  351.732904][ T9016] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  351.810480][ T9016] CPU: 0 UID: 0 PID: 9016 Comm: syz.3.560 Not tainted syzkaller #0 PREEMPT(full) 
[  351.810522][ T9016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  351.810541][ T9016] Call Trace:
[  351.810551][ T9016]  <TASK>
[  351.810561][ T9016]  dump_stack_lvl+0x16c/0x1f0
[  351.810614][ T9016]  should_fail_ex+0x512/0x640
[  351.810671][ T9016]  _copy_from_user+0x2e/0xd0
[  351.810707][ T9016]  copy_msghdr_from_user+0x98/0x160
[  351.810767][ T9016]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  351.810825][ T9016]  ? kfree+0x24f/0x4d0
[  351.810854][ T9016]  ? __lock_acquire+0x62e/0x1ce0
[  351.810906][ T9016]  ___sys_recvmsg+0xdb/0x1a0
[  351.810957][ T9016]  ? __pfx____sys_recvmsg+0x10/0x10
[  351.811029][ T9016]  ? __pfx___might_resched+0x10/0x10
[  351.811071][ T9016]  do_recvmmsg+0x2fe/0x750
[  351.811127][ T9016]  ? __pfx_do_recvmmsg+0x10/0x10
[  351.811186][ T9016]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  351.811251][ T9016]  ? __fget_files+0x20e/0x3c0
[  351.811288][ T9016]  __x64_sys_recvmmsg+0x22a/0x280
[  351.811327][ T9016]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  351.811373][ T9016]  do_syscall_64+0xcd/0x490
[  351.811411][ T9016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.811434][ T9016] RIP: 0033:0x7f0875f8ebe9
[  351.811451][ T9016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.811473][ T9016] RSP: 002b:00007f08741b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  351.811509][ T9016] RAX: ffffffffffffffda RBX: 00007f08761c6180 RCX: 00007f0875f8ebe9
[  351.811523][ T9016] RDX: 000000000000010a RSI: 0000000000000000 RDI: 0000000000000005
[  351.811536][ T9016] RBP: 00007f08741b4090 R08: 0000000000000000 R09: 0000000000000000
[  351.811549][ T9016] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000002
[  351.811562][ T9016] R13: 00007f08761c6218 R14: 00007f08761c6180 R15: 00007ffd6e0d8288
[  351.811590][ T9016]  </TASK>
[  352.543826][ T9037] ubi: mtd0 is already attached to ubi0
[  353.317913][ T9044] ubi: mtd0 is already attached to ubi0
[  354.105099][ T9052] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18
[  354.495800][ T9058] FAULT_INJECTION: forcing a failure.
[  354.495800][ T9058] name failslab, interval 1, probability 0, space 0, times 0
[  354.512345][ T9058] CPU: 1 UID: 0 PID: 9058 Comm: syz.1.569 Not tainted syzkaller #0 PREEMPT(full) 
[  354.512390][ T9058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  354.512410][ T9058] Call Trace:
[  354.512421][ T9058]  <TASK>
[  354.512434][ T9058]  dump_stack_lvl+0x16c/0x1f0
[  354.512492][ T9058]  should_fail_ex+0x512/0x640
[  354.512547][ T9058]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  354.512587][ T9058]  should_failslab+0xc2/0x120
[  354.512632][ T9058]  __kmalloc_cache_noprof+0x6a/0x3e0
[  354.512669][ T9058]  ? alloc_netdev_mqs+0xec4/0x1530
[  354.512728][ T9058]  alloc_netdev_mqs+0xec4/0x1530
[  354.512795][ T9058]  slip_open+0x35c/0x1150
[  354.512830][ T9058]  ? __pfx___might_resched+0x10/0x10
[  354.512865][ T9058]  ? __pfx_n_tty_close+0x10/0x10
[  354.512901][ T9058]  ? find_held_lock+0x2b/0x80
[  354.512933][ T9058]  ? __pfx_slip_open+0x10/0x10
[  354.512964][ T9058]  ? down_write+0x14d/0x200
[  354.512999][ T9058]  ? __pfx_slip_open+0x10/0x10
[  354.513030][ T9058]  tty_ldisc_open+0x9f/0x120
[  354.513077][ T9058]  tty_set_ldisc+0x32b/0x780
[  354.513131][ T9058]  tty_ioctl+0xc2e/0x1680
[  354.513195][ T9058]  ? __pfx_tty_ioctl+0x10/0x10
[  354.513261][ T9058]  ? find_held_lock+0x2b/0x80
[  354.513293][ T9058]  ? hook_file_ioctl_common+0x145/0x410
[  354.513349][ T9058]  ? __fget_files+0x20e/0x3c0
[  354.513393][ T9058]  ? __pfx_tty_ioctl+0x10/0x10
[  354.513446][ T9058]  __x64_sys_ioctl+0x18e/0x210
[  354.513504][ T9058]  do_syscall_64+0xcd/0x490
[  354.513559][ T9058]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.513593][ T9058] RIP: 0033:0x7f7a1f98ebe9
[  354.513621][ T9058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  354.513654][ T9058] RSP: 002b:00007f7a1dbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  354.513686][ T9058] RAX: ffffffffffffffda RBX: 00007f7a1fbc5fa0 RCX: 00007f7a1f98ebe9
[  354.513708][ T9058] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000007
[  354.513728][ T9058] RBP: 00007f7a1fa11e19 R08: 0000000000000000 R09: 0000000000000000
[  354.513749][ T9058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  354.513769][ T9058] R13: 00007f7a1fbc6038 R14: 00007f7a1fbc5fa0 R15: 00007fffc9acd348
[  354.513814][ T9058]  </TASK>
[  356.170851][ T9054] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19
[  357.160918][ T9085] netlink: 16 bytes leftover after parsing attributes in process `syz.4.574'.
[  360.817128][ T9135] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  365.632275][ T5185] Bluetooth: hci3: command 0x0406 tx timeout
[  365.932766][ T9215] netlink: 16 bytes leftover after parsing attributes in process `syz.3.597'.
[  367.786756][ T9213] ubi: mtd0 is already attached to ubi0
[  370.199344][ T9263] FAULT_INJECTION: forcing a failure.
[  370.199344][ T9263] name failslab, interval 1, probability 0, space 0, times 0
[  370.212364][ T9263] CPU: 0 UID: 0 PID: 9263 Comm: syz.1.604 Not tainted syzkaller #0 PREEMPT(full) 
[  370.212394][ T9263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  370.212409][ T9263] Call Trace:
[  370.212416][ T9263]  <TASK>
[  370.212425][ T9263]  dump_stack_lvl+0x16c/0x1f0
[  370.212466][ T9263]  should_fail_ex+0x512/0x640
[  370.212504][ T9263]  ? fs_reclaim_acquire+0xae/0x150
[  370.212542][ T9263]  ? tomoyo_encode2+0x100/0x3e0
[  370.212576][ T9263]  should_failslab+0xc2/0x120
[  370.212608][ T9263]  __kmalloc_noprof+0xd2/0x510
[  370.212643][ T9263]  tomoyo_encode2+0x100/0x3e0
[  370.212682][ T9263]  tomoyo_encode+0x29/0x50
[  370.212715][ T9263]  tomoyo_realpath_from_path+0x18f/0x6e0
[  370.212755][ T9263]  ? tomoyo_profile+0x47/0x60
[  370.212779][ T9263]  tomoyo_path_number_perm+0x245/0x580
[  370.212808][ T9263]  ? tomoyo_path_number_perm+0x237/0x580
[  370.212841][ T9263]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  370.212902][ T9263]  ? find_held_lock+0x2b/0x80
[  370.212925][ T9263]  ? hook_file_ioctl_common+0x145/0x410
[  370.212965][ T9263]  ? __fget_files+0x20e/0x3c0
[  370.213006][ T9263]  security_file_ioctl+0x9b/0x240
[  370.213040][ T9263]  __x64_sys_ioctl+0xb7/0x210
[  370.213081][ T9263]  do_syscall_64+0xcd/0x490
[  370.213121][ T9263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.213146][ T9263] RIP: 0033:0x7f7a1f98ebe9
[  370.213164][ T9263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  370.213186][ T9263] RSP: 002b:00007f7a1dbd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  370.213208][ T9263] RAX: ffffffffffffffda RBX: 00007f7a1fbc6090 RCX: 00007f7a1f98ebe9
[  370.213223][ T9263] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000008
[  370.213237][ T9263] RBP: 00007f7a1fa11e19 R08: 0000000000000000 R09: 0000000000000000
[  370.213251][ T9263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  370.213265][ T9263] R13: 00007f7a1fbc6128 R14: 00007f7a1fbc6090 R15: 00007fffc9acd348
[  370.213294][ T9263]  </TASK>
[  370.213314][ T9263] ERROR: Out of memory at tomoyo_realpath_from_path.
[  370.433274][ T9264] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20
[  372.222984][ T9266] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21
[  372.631180][ T9288] ubi: mtd0 is already attached to ubi0
[  374.524738][ T9313] FAULT_INJECTION: forcing a failure.
[  374.524738][ T9313] name failslab, interval 1, probability 0, space 0, times 0
[  374.537726][ T9313] CPU: 1 UID: 0 PID: 9313 Comm: syz.1.614 Not tainted syzkaller #0 PREEMPT(full) 
[  374.537757][ T9313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  374.537770][ T9313] Call Trace:
[  374.537779][ T9313]  <TASK>
[  374.537788][ T9313]  dump_stack_lvl+0x16c/0x1f0
[  374.537828][ T9313]  should_fail_ex+0x512/0x640
[  374.537865][ T9313]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  374.537893][ T9313]  should_failslab+0xc2/0x120
[  374.537924][ T9313]  __kmalloc_cache_noprof+0x6a/0x3e0
[  374.537948][ T9313]  ? cuse_channel_open+0x1de/0x7f0
[  374.537987][ T9313]  cuse_channel_open+0x1de/0x7f0
[  374.538021][ T9313]  ? __pfx_cuse_channel_open+0x10/0x10
[  374.538056][ T9313]  misc_open+0x35d/0x420
[  374.538086][ T9313]  ? __pfx_misc_open+0x10/0x10
[  374.538114][ T9313]  chrdev_open+0x234/0x6a0
[  374.538144][ T9313]  ? __pfx_apparmor_file_open+0x10/0x10
[  374.538170][ T9313]  ? __pfx_chrdev_open+0x10/0x10
[  374.538202][ T9313]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  374.538234][ T9313]  do_dentry_open+0x982/0x1530
[  374.538263][ T9313]  ? __pfx_chrdev_open+0x10/0x10
[  374.538299][ T9313]  vfs_open+0x82/0x3f0
[  374.538338][ T9313]  path_openat+0x1de4/0x2cb0
[  374.538388][ T9313]  ? __pfx_path_openat+0x10/0x10
[  374.538424][ T9313]  do_filp_open+0x20b/0x470
[  374.538452][ T9313]  ? __pfx_do_filp_open+0x10/0x10
[  374.538506][ T9313]  ? alloc_fd+0x471/0x7d0
[  374.538557][ T9313]  do_sys_openat2+0x11b/0x1d0
[  374.538595][ T9313]  ? __pfx_do_sys_openat2+0x10/0x10
[  374.538646][ T9313]  __x64_sys_openat+0x174/0x210
[  374.538685][ T9313]  ? __pfx___x64_sys_openat+0x10/0x10
[  374.538735][ T9313]  do_syscall_64+0xcd/0x490
[  374.538774][ T9313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.538799][ T9313] RIP: 0033:0x7f7a1f98ebe9
[  374.538817][ T9313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  374.538840][ T9313] RSP: 002b:00007f7a1dbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  374.538862][ T9313] RAX: ffffffffffffffda RBX: 00007f7a1fbc5fa0 RCX: 00007f7a1f98ebe9
[  374.538878][ T9313] RDX: 0000000000000000 RSI: 0000200000000380 RDI: ffffffffffffff9c
[  374.538892][ T9313] RBP: 00007f7a1fa11e19 R08: 0000000000000000 R09: 0000000000000000
[  374.538906][ T9313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  374.538920][ T9313] R13: 00007f7a1fbc6038 R14: 00007f7a1fbc5fa0 R15: 00007fffc9acd348
[  374.538950][ T9313]  </TASK>
[  376.173667][ T9330] FAULT_INJECTION: forcing a failure.
[  376.173667][ T9330] name failslab, interval 1, probability 0, space 0, times 0
[  376.189066][ T9330] CPU: 1 UID: 0 PID: 9330 Comm: syz.1.618 Not tainted syzkaller #0 PREEMPT(full) 
[  376.189098][ T9330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  376.189112][ T9330] Call Trace:
[  376.189119][ T9330]  <TASK>
[  376.189129][ T9330]  dump_stack_lvl+0x16c/0x1f0
[  376.189170][ T9330]  should_fail_ex+0x512/0x640
[  376.189207][ T9330]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  376.189242][ T9330]  should_failslab+0xc2/0x120
[  376.189275][ T9330]  __kmalloc_cache_noprof+0x6a/0x3e0
[  376.189298][ T9330]  ? down_write_killable+0x154/0x250
[  376.189322][ T9330]  ? alloc_ldt_struct+0x5d/0x1a0
[  376.189350][ T9330]  alloc_ldt_struct+0x5d/0x1a0
[  376.189374][ T9330]  write_ldt+0x852/0xd20
[  376.189426][ T9330]  ? __pfx_write_ldt+0x10/0x10
[  376.189447][ T9330]  ? lockdep_hardirqs_on+0x7c/0x110
[  376.189493][ T9330]  __x64_sys_modify_ldt+0xb1/0x170
[  376.189519][ T9330]  do_syscall_64+0xcd/0x490
[  376.189557][ T9330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.189580][ T9330] RIP: 0033:0x7f7a1f98ebe9
[  376.189597][ T9330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  376.189618][ T9330] RSP: 002b:00007f7a1dbf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000009a
[  376.189640][ T9330] RAX: ffffffffffffffda RBX: 00007f7a1fbc5fa0 RCX: 00007f7a1f98ebe9
[  376.189655][ T9330] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000001
[  376.189668][ T9330] RBP: 00007f7a1fa11e19 R08: 0000000000000000 R09: 0000000000000000
[  376.189692][ T9330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  376.189704][ T9330] R13: 00007f7a1fbc6038 R14: 00007f7a1fbc5fa0 R15: 00007fffc9acd348
[  376.189730][ T9330]  </TASK>
[  376.509432][ T9333] ubi: mtd0 is already attached to ubi0
[  377.984596][ T9352] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22
[  379.117534][ T9354] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23
[  380.363868][ T5867] Bluetooth: hci1: Unable to find connection for big 0xd2
[  382.813485][ T9409] ubi: mtd0 is already attached to ubi0
[  384.869192][ T9427] netlink: 16 bytes leftover after parsing attributes in process `syz.3.633'.
[  388.037174][ T9467] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24
[  389.159056][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  389.165796][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  390.331540][ T9474] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25
[  392.592787][ T9521] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26
[  393.209650][ T9519] FAULT_INJECTION: forcing a failure.
[  393.209650][ T9519] name failslab, interval 1, probability 0, space 0, times 0
[  393.292310][ T9519] CPU: 1 UID: 0 PID: 9519 Comm: syz.4.652 Not tainted syzkaller #0 PREEMPT(full) 
[  393.292356][ T9519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  393.292376][ T9519] Call Trace:
[  393.292387][ T9519]  <TASK>
[  393.292399][ T9519]  dump_stack_lvl+0x16c/0x1f0
[  393.292457][ T9519]  should_fail_ex+0x512/0x640
[  393.292509][ T9519]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  393.292548][ T9519]  should_failslab+0xc2/0x120
[  393.292595][ T9519]  __kmalloc_cache_noprof+0x6a/0x3e0
[  393.292632][ T9519]  ? kobject_uevent_env+0x265/0x1870
[  393.292675][ T9519]  kobject_uevent_env+0x265/0x1870
[  393.292729][ T9519]  nfs_netns_sysfs_setup+0x16f/0x1f0
[  393.292769][ T9519]  nfs_net_init+0x10a/0x340
[  393.292811][ T9519]  ? __pfx_nfs_net_init+0x10/0x10
[  393.292850][ T9519]  ops_init+0x1df/0x5f0
[  393.292919][ T9519]  setup_net+0x10f/0x380
[  393.292946][ T9519]  ? lockdep_init_map_type+0x5c/0x280
[  393.292994][ T9519]  ? __pfx_setup_net+0x10/0x10
[  393.293027][ T9519]  ? debug_mutex_init+0x37/0x70
[  393.293065][ T9519]  copy_net_ns+0x2a6/0x5f0
[  393.293104][ T9519]  create_new_namespaces+0x3ea/0xa90
[  393.293154][ T9519]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  393.293202][ T9519]  ksys_unshare+0x45b/0xa40
[  393.293251][ T9519]  ? __pfx_ksys_unshare+0x10/0x10
[  393.293299][ T9519]  ? xfd_validate_state+0x61/0x180
[  393.293362][ T9519]  __x64_sys_unshare+0x31/0x40
[  393.293409][ T9519]  do_syscall_64+0xcd/0x490
[  393.293465][ T9519]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.293499][ T9519] RIP: 0033:0x7f99a8f8ebe9
[  393.293524][ T9519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  393.293556][ T9519] RSP: 002b:00007f99a9d32038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  393.293589][ T9519] RAX: ffffffffffffffda RBX: 00007f99a91c5fa0 RCX: 00007f99a8f8ebe9
[  393.293611][ T9519] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  393.293630][ T9519] RBP: 00007f99a9011e19 R08: 0000000000000000 R09: 0000000000000000
[  393.293650][ T9519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  393.293669][ T9519] R13: 00007f99a91c6038 R14: 00007f99a91c5fa0 R15: 00007ffe30540c08
[  393.293713][ T9519]  </TASK>
[  393.295485][ T9532] ubi: mtd0 is already attached to ubi0
[  393.559604][ T9522] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27
[  393.907758][ T9534] ubi: mtd0 is already attached to ubi0
[  394.467866][ T9545] CIFS: VFS: Invalid SecurityFlags: 
[  394.948457][   T31] audit: type=1800 audit(1757185395.784:8): pid=9545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.655" name="lu_gp_id" dev="configfs" ino=22262 res=0 errno=0
[  397.346572][ T9593] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28
[  398.091662][ T9599] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29
[  399.030930][ T9616] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30
[  400.885172][ T9620] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input31
[  403.697350][ T9675] netlink: 330 bytes leftover after parsing attributes in process `syz.1.678'.
[  403.749198][ T9675] gretap0: refused to change device tx_queue_len
[  406.168888][ T9699] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input32
[  407.222946][ T9700] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33
[  407.880316][ T9713] FAULT_INJECTION: forcing a failure.
[  407.880316][ T9713] name failslab, interval 1, probability 0, space 0, times 0
[  407.893163][ T9713] CPU: 1 UID: 0 PID: 9713 Comm: syz.1.686 Not tainted syzkaller #0 PREEMPT(full) 
[  407.893195][ T9713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  407.893209][ T9713] Call Trace:
[  407.893217][ T9713]  <TASK>
[  407.893225][ T9713]  dump_stack_lvl+0x16c/0x1f0
[  407.893266][ T9713]  should_fail_ex+0x512/0x640
[  407.893303][ T9713]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  407.893331][ T9713]  should_failslab+0xc2/0x120
[  407.893365][ T9713]  __kmalloc_cache_noprof+0x6a/0x3e0
[  407.893389][ T9713]  ? lockdep_init_map_type+0x5c/0x280
[  407.893422][ T9713]  ? slip_open+0x846/0x1150
[  407.893443][ T9713]  ? do_init_timer+0xc9/0x110
[  407.893473][ T9713]  slip_open+0x846/0x1150
[  407.893503][ T9713]  ? __pfx_n_tty_close+0x10/0x10
[  407.893530][ T9713]  ? find_held_lock+0x2b/0x80
[  407.893552][ T9713]  ? __pfx_slip_open+0x10/0x10
[  407.893574][ T9713]  ? down_write+0x14d/0x200
[  407.893599][ T9713]  ? __pfx_slip_open+0x10/0x10
[  407.893621][ T9713]  tty_ldisc_open+0x9f/0x120
[  407.893655][ T9713]  tty_set_ldisc+0x32b/0x780
[  407.893693][ T9713]  tty_ioctl+0xc2e/0x1680
[  407.893731][ T9713]  ? __pfx_tty_ioctl+0x10/0x10
[  407.893777][ T9713]  ? find_held_lock+0x2b/0x80
[  407.893800][ T9713]  ? hook_file_ioctl_common+0x145/0x410
[  407.893840][ T9713]  ? __fget_files+0x20e/0x3c0
[  407.893871][ T9713]  ? __pfx_tty_ioctl+0x10/0x10
[  407.893909][ T9713]  __x64_sys_ioctl+0x18e/0x210
[  407.893950][ T9713]  do_syscall_64+0xcd/0x490
[  407.893990][ T9713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.894014][ T9713] RIP: 0033:0x7f7a1f98ebe9
[  407.894032][ T9713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.894055][ T9713] RSP: 002b:00007f7a1dbd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  407.894077][ T9713] RAX: ffffffffffffffda RBX: 00007f7a1fbc6090 RCX: 00007f7a1f98ebe9
[  407.894092][ T9713] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000007
[  407.894106][ T9713] RBP: 00007f7a1fa11e19 R08: 0000000000000000 R09: 0000000000000000
[  407.894120][ T9713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  407.894134][ T9713] R13: 00007f7a1fbc6128 R14: 00007f7a1fbc6090 R15: 00007fffc9acd348
[  407.894164][ T9713]  </TASK>
[  412.370134][ T9760] ubi: mtd0 is already attached to ubi0
[  413.051106][ T9769] netlink: 16 bytes leftover after parsing attributes in process `syz.3.697'.
[  414.919437][ T9794] ubi: mtd0 is already attached to ubi0
[  415.840778][ T9801] ubi: mtd0 is already attached to ubi0
[  418.086196][ T9830] netlink: 16 bytes leftover after parsing attributes in process `syz.3.715'.
[  418.785364][ T9836] FAULT_INJECTION: forcing a failure.
[  418.785364][ T9836] name failslab, interval 1, probability 0, space 0, times 0
[  418.798414][ T9836] CPU: 0 UID: 0 PID: 9836 Comm: syz.1.717 Not tainted syzkaller #0 PREEMPT(full) 
[  418.798444][ T9836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  418.798458][ T9836] Call Trace:
[  418.798466][ T9836]  <TASK>
[  418.798474][ T9836]  dump_stack_lvl+0x16c/0x1f0
[  418.798533][ T9836]  should_fail_ex+0x512/0x640
[  418.798571][ T9836]  ? fs_reclaim_acquire+0xae/0x150
[  418.798609][ T9836]  ? tomoyo_encode2+0x100/0x3e0
[  418.798643][ T9836]  should_failslab+0xc2/0x120
[  418.798674][ T9836]  __kmalloc_noprof+0xd2/0x510
[  418.798709][ T9836]  tomoyo_encode2+0x100/0x3e0
[  418.798747][ T9836]  tomoyo_encode+0x29/0x50
[  418.798780][ T9836]  tomoyo_realpath_from_path+0x18f/0x6e0
[  418.798831][ T9836]  ? tomoyo_profile+0x47/0x60
[  418.798855][ T9836]  tomoyo_path_perm+0x274/0x460
[  418.798882][ T9836]  ? tomoyo_path_perm+0x260/0x460
[  418.798912][ T9836]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  418.798971][ T9836]  ? __pfx_ima_file_check+0x10/0x10
[  418.798993][ T9836]  ? hook_file_truncate+0xc7/0x250
[  418.799032][ T9836]  security_file_truncate+0x84/0x1e0
[  418.799065][ T9836]  path_openat+0xc10/0x2cb0
[  418.799102][ T9836]  ? __pfx_path_openat+0x10/0x10
[  418.799137][ T9836]  do_filp_open+0x20b/0x470
[  418.799165][ T9836]  ? __pfx_do_filp_open+0x10/0x10
[  418.799225][ T9836]  ? alloc_fd+0x471/0x7d0
[  418.799257][ T9836]  do_sys_openat2+0x11b/0x1d0
[  418.799293][ T9836]  ? __pfx_do_sys_openat2+0x10/0x10
[  418.799340][ T9836]  __x64_sys_openat+0x174/0x210
[  418.799377][ T9836]  ? __pfx___x64_sys_openat+0x10/0x10
[  418.799424][ T9836]  do_syscall_64+0xcd/0x490
[  418.799462][ T9836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.799485][ T9836] RIP: 0033:0x7f7a1f98ebe9
[  418.799503][ T9836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  418.799524][ T9836] RSP: 002b:00007f7a1dbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  418.799546][ T9836] RAX: ffffffffffffffda RBX: 00007f7a1fbc5fa0 RCX: 00007f7a1f98ebe9
[  418.799561][ T9836] RDX: 00000000000a8200 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  418.799575][ T9836] RBP: 00007f7a1fa11e19 R08: 0000000000000000 R09: 0000000000000000
[  418.799588][ T9836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  418.799602][ T9836] R13: 00007f7a1fbc6038 R14: 00007f7a1fbc5fa0 R15: 00007fffc9acd348
[  418.799631][ T9836]  </TASK>
[  418.799652][ T9836] ERROR: Out of memory at tomoyo_realpath_from_path.
[  420.624195][ T9858] netlink: 16 bytes leftover after parsing attributes in process `syz.4.721'.
[  421.865688][ T9870] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34
[  422.668623][ T9871] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input36
[  423.373366][ T9883] ubi: mtd0 is already attached to ubi0
[  424.132232][ T9897] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input37
[  424.775252][ T9900] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input38
[  425.371411][ T9919] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input39
[  425.416289][ T9919] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input40
[  427.065869][ T9928] ubi: mtd0 is already attached to ubi0
[  430.155318][ T9966] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input41
[  432.412026][ T9971] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input42
[  434.509975][T10008] ubi: mtd0 is already attached to ubi0
[  435.086292][T10021] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2096996216 (4193992432 ns) > initial count (500876422 ns). Using initial count to start timer.
[  435.852792][T10028] netlink: 16 bytes leftover after parsing attributes in process `syz.0.751'.
[  441.434508][T10096] FAULT_INJECTION: forcing a failure.
[  441.434508][T10096] name failslab, interval 1, probability 0, space 0, times 0
[  441.560099][T10096] CPU: 1 UID: 0 PID: 10096 Comm: syz.3.768 Not tainted syzkaller #0 PREEMPT(full) 
[  441.560140][T10096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  441.560159][T10096] Call Trace:
[  441.560169][T10096]  <TASK>
[  441.560180][T10096]  dump_stack_lvl+0x16c/0x1f0
[  441.560233][T10096]  should_fail_ex+0x512/0x640
[  441.560282][T10096]  ? fs_reclaim_acquire+0xae/0x150
[  441.560331][T10096]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  441.560388][T10096]  should_failslab+0xc2/0x120
[  441.560430][T10096]  __kmalloc_noprof+0xd2/0x510
[  441.560480][T10096]  tomoyo_realpath_from_path+0xc2/0x6e0
[  441.560532][T10096]  ? tomoyo_profile+0x47/0x60
[  441.560565][T10096]  tomoyo_path_number_perm+0x245/0x580
[  441.560610][T10096]  ? tomoyo_path_number_perm+0x237/0x580
[  441.560655][T10096]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  441.560696][T10096]  ? find_held_lock+0x2b/0x80
[  441.560762][T10096]  ? find_held_lock+0x2b/0x80
[  441.560792][T10096]  ? hook_file_ioctl_common+0x145/0x410
[  441.560843][T10096]  ? __fget_files+0x20e/0x3c0
[  441.560883][T10096]  security_file_ioctl+0x9b/0x240
[  441.560924][T10096]  __x64_sys_ioctl+0xb7/0x210
[  441.560978][T10096]  do_syscall_64+0xcd/0x490
[  441.561030][T10096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  441.561060][T10096] RIP: 0033:0x7f0875f8ebe9
[  441.561088][T10096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  441.561117][T10096] RSP: 002b:00007f08741f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  441.561147][T10096] RAX: ffffffffffffffda RBX: 00007f08761c5fa0 RCX: 00007f0875f8ebe9
[  441.561167][T10096] RDX: ffffffffffffffff RSI: 0000000000004b68 RDI: 0000000000000003
[  441.561186][T10096] RBP: 00007f08741f6090 R08: 0000000000000000 R09: 0000000000000000
[  441.561205][T10096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  441.561223][T10096] R13: 00007f08761c6038 R14: 00007f08761c5fa0 R15: 00007ffd6e0d8288
[  441.561263][T10096]  </TASK>
[  441.774619][T10096] ERROR: Out of memory at tomoyo_realpath_from_path.
[  442.959923][T10122] FAULT_INJECTION: forcing a failure.
[  442.959923][T10122] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  442.973314][T10122] CPU: 1 UID: 0 PID: 10122 Comm: syz.0.773 Not tainted syzkaller #0 PREEMPT(full) 
[  442.973355][T10122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  442.973375][T10122] Call Trace:
[  442.973386][T10122]  <TASK>
[  442.973398][T10122]  dump_stack_lvl+0x16c/0x1f0
[  442.973454][T10122]  should_fail_ex+0x512/0x640
[  442.973512][T10122]  _copy_from_user+0x2e/0xd0
[  442.973549][T10122]  copy_msghdr_from_user+0x98/0x160
[  442.973602][T10122]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  442.973660][T10122]  ? kfree+0x24f/0x4d0
[  442.973690][T10122]  ? __lock_acquire+0x62e/0x1ce0
[  442.973742][T10122]  ___sys_recvmsg+0xdb/0x1a0
[  442.973793][T10122]  ? __pfx____sys_recvmsg+0x10/0x10
[  442.973867][T10122]  ? __pfx___might_resched+0x10/0x10
[  442.973911][T10122]  do_recvmmsg+0x2fe/0x750
[  442.973968][T10122]  ? __pfx_do_recvmmsg+0x10/0x10
[  442.974028][T10122]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  442.974094][T10122]  ? __fget_files+0x20e/0x3c0
[  442.974140][T10122]  __x64_sys_recvmmsg+0x22a/0x280
[  442.974203][T10122]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  442.974271][T10122]  do_syscall_64+0xcd/0x490
[  442.974326][T10122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.974359][T10122] RIP: 0033:0x7f20d2b8ebe9
[  442.974385][T10122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  442.974417][T10122] RSP: 002b:00007f20d39e1038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  442.974447][T10122] RAX: ffffffffffffffda RBX: 00007f20d2dc6180 RCX: 00007f20d2b8ebe9
[  442.974469][T10122] RDX: 000000000000010a RSI: 0000000000000000 RDI: 0000000000000005
[  442.974488][T10122] RBP: 00007f20d39e1090 R08: 0000000000000000 R09: 0000000000000000
[  442.974508][T10122] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000002
[  442.974527][T10122] R13: 00007f20d2dc6218 R14: 00007f20d2dc6180 R15: 00007ffca05848a8
[  442.974569][T10122]  </TASK>
[  446.980679][T10176] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input44
[  447.629294][T10177] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input45
[  449.784541][T10211] FAULT_INJECTION: forcing a failure.
[  449.784541][T10211] name failslab, interval 1, probability 0, space 0, times 0
[  449.812246][T10211] CPU: 0 UID: 0 PID: 10211 Comm: syz.1.794 Not tainted syzkaller #0 PREEMPT(full) 
[  449.812296][T10211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  449.812318][T10211] Call Trace:
[  449.812329][T10211]  <TASK>
[  449.812342][T10211]  dump_stack_lvl+0x16c/0x1f0
[  449.812399][T10211]  should_fail_ex+0x512/0x640
[  449.812450][T10211]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  449.812489][T10211]  should_failslab+0xc2/0x120
[  449.812534][T10211]  __kmalloc_cache_noprof+0x6a/0x3e0
[  449.812578][T10211]  ? snd_seq_pool_new+0x44/0x230
[  449.812618][T10211]  ? __pfx_snd_seq_open+0x10/0x10
[  449.812651][T10211]  snd_seq_pool_new+0x44/0x230
[  449.812689][T10211]  seq_create_client1+0x66/0x5e0
[  449.812725][T10211]  ? __pfx_snd_seq_open+0x10/0x10
[  449.812757][T10211]  snd_seq_open+0x59/0x550
[  449.812789][T10211]  ? __pfx_snd_seq_open+0x10/0x10
[  449.812818][T10211]  snd_open+0x22a/0x4c0
[  449.812850][T10211]  ? __pfx_snd_open+0x10/0x10
[  449.812877][T10211]  chrdev_open+0x234/0x6a0
[  449.812922][T10211]  ? __pfx_apparmor_file_open+0x10/0x10
[  449.812957][T10211]  ? __pfx_chrdev_open+0x10/0x10
[  449.813003][T10211]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  449.813050][T10211]  do_dentry_open+0x982/0x1530
[  449.813090][T10211]  ? __pfx_chrdev_open+0x10/0x10
[  449.813140][T10211]  vfs_open+0x82/0x3f0
[  449.813194][T10211]  path_openat+0x1de4/0x2cb0
[  449.813246][T10211]  ? __pfx_path_openat+0x10/0x10
[  449.813295][T10211]  do_filp_open+0x20b/0x470
[  449.813339][T10211]  ? __pfx_do_filp_open+0x10/0x10
[  449.813407][T10211]  ? alloc_fd+0x471/0x7d0
[  449.813453][T10211]  do_sys_openat2+0x11b/0x1d0
[  449.813504][T10211]  ? __pfx_do_sys_openat2+0x10/0x10
[  449.813583][T10211]  __x64_sys_openat+0x174/0x210
[  449.813637][T10211]  ? __pfx___x64_sys_openat+0x10/0x10
[  449.813709][T10211]  do_syscall_64+0xcd/0x490
[  449.813765][T10211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  449.813798][T10211] RIP: 0033:0x7f7a1f98ebe9
[  449.813823][T10211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  449.813853][T10211] RSP: 002b:00007f7a1dbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  449.813883][T10211] RAX: ffffffffffffffda RBX: 00007f7a1fbc5fa0 RCX: 00007f7a1f98ebe9
[  449.813903][T10211] RDX: 00000000000a2741 RSI: 00002000000011c0 RDI: ffffffffffffff9c
[  449.813921][T10211] RBP: 00007f7a1fa11e19 R08: 0000000000000000 R09: 0000000000000000
[  449.813940][T10211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  449.813959][T10211] R13: 00007f7a1fbc6038 R14: 00007f7a1fbc5fa0 R15: 00007fffc9acd348
[  449.813999][T10211]  </TASK>
[  450.596864][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  450.603479][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  451.761240][T10236] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input46
[  452.241142][T10242] netlink: 330 bytes leftover after parsing attributes in process `syz.1.799'.
[  453.435160][T10239] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input47
[  454.527797][T10253] random: crng reseeded on system resumption
[  454.929578][T10271] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input48
[  455.755820][T10252] ubi: mtd0 is already attached to ubi0
[  455.767261][T10272] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input49
[  457.548088][T10308] ubi: mtd0 is already attached to ubi0
[  458.103412][T10323] netlink: 16 bytes leftover after parsing attributes in process `syz.1.815'.
[  459.126834][T10330] netlink: 206 bytes leftover after parsing attributes in process `syz.4.817'.
[  463.093387][T10389] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input50
[  463.286608][T10390] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input51
[  465.659807][T10419] netlink: 28 bytes leftover after parsing attributes in process `syz.4.834'.
[  465.895648][T10415] ubi: mtd0 is already attached to ubi0
[  466.613761][T10430] FAULT_INJECTION: forcing a failure.
[  466.613761][T10430] name fail_futex, interval 1, probability 0, space 0, times 0
[  466.634798][T10430] CPU: 0 UID: 0 PID: 10430 Comm: syz.1.837 Not tainted syzkaller #0 PREEMPT(full) 
[  466.634841][T10430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  466.634861][T10430] Call Trace:
[  466.634871][T10430]  <TASK>
[  466.634883][T10430]  dump_stack_lvl+0x16c/0x1f0
[  466.634937][T10430]  should_fail_ex+0x512/0x640
[  466.634995][T10430]  get_futex_key+0x1d0/0x1560
[  466.635040][T10430]  ? __pfx_get_futex_key+0x10/0x10
[  466.635094][T10430]  futex_wake+0xea/0x530
[  466.635146][T10430]  ? __pfx_futex_wake+0x10/0x10
[  466.635194][T10430]  ? rcu_is_watching+0x12/0xc0
[  466.635244][T10430]  do_futex+0x1e3/0x350
[  466.635286][T10430]  ? __pfx_do_futex+0x10/0x10
[  466.635331][T10430]  ? __pfx___might_resched+0x10/0x10
[  466.635369][T10430]  __x64_sys_futex+0x1e0/0x4c0
[  466.635413][T10430]  ? __pfx_blkcg_maybe_throttle_current+0x10/0x10
[  466.635460][T10430]  ? __pfx___x64_sys_futex+0x10/0x10
[  466.635518][T10430]  do_syscall_64+0xcd/0x490
[  466.635572][T10430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  466.635604][T10430] RIP: 0033:0x7f7a1f98ebe9
[  466.635629][T10430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  466.635662][T10430] RSP: 002b:00007f7a1dbf60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  466.635691][T10430] RAX: ffffffffffffffda RBX: 00007f7a1fbc5fa8 RCX: 00007f7a1f98ebe9
[  466.635711][T10430] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7a1fbc5fac
[  466.635731][T10430] RBP: 00007f7a1fbc5fa0 R08: 00007f7a2070e000 R09: 0000000000000000
[  466.635751][T10430] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  466.635770][T10430] R13: 00007f7a1fbc6038 R14: 00007fffc9acd260 R15: 00007fffc9acd348
[  466.635822][T10430]  </TASK>
[  468.987285][T10463] netlink: 'syz.3.844': attribute type 1 has an invalid length.
[  469.339665][T10463] netlink: zone id is out of range
[  469.383124][T10463] netlink: zone id is out of range
[  469.428799][T10470] ubi: mtd0 is already attached to ubi0
[  469.442337][T10463] netlink: zone id is out of range
[  469.478550][T10463] netlink: zone id is out of range
[  469.511866][T10463] netlink: zone id is out of range
[  469.547085][T10463] netlink: zone id is out of range
[  469.692276][T10463] netlink: zone id is out of range
[  469.804465][T10463] netlink: zone id is out of range
[  469.810034][T10463] netlink: zone id is out of range
[  469.817384][T10463] netlink: zone id is out of range
[  470.239733][T10476] zswap: compressor @ not available
[  472.917310][T10528] ubi: mtd0 is already attached to ubi0
[  473.207786][T10535] ubi: mtd0 is already attached to ubi0
[  473.629001][T10536] zswap: compressor @ not available
[  474.936988][T10557] ubi: mtd0 is already attached to ubi0
[  476.050178][T10575] netlink: 16 bytes leftover after parsing attributes in process `syz.3.866'.
[  476.557139][T10588] netlink: 16 bytes leftover after parsing attributes in process `syz.0.868'.
[  478.297672][T10612] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input52
[  478.342564][T10610] netlink: 4 bytes leftover after parsing attributes in process `syz.1.875'.
[  478.356749][T10610] netlink: 354 bytes leftover after parsing attributes in process `syz.1.875'.
[  479.505203][T10613] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input53
[  481.618784][T10647] zswap: compressor @ not available
[  482.470199][T10673] random: crng reseeded on system resumption
[  485.520033][T10718] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input54
[  486.535265][T10735] netlink: 146 bytes leftover after parsing attributes in process `syz.0.898'.
[  486.589645][T10720] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input55
[  487.567456][T10757] ubi: mtd0 is already attached to ubi0
[  488.008970][T10763] zswap: compressor @ not available
[  488.244014][T10775] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input56
[  489.161403][T10776] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input57
[  489.814476][T10799] netlink: 'syz.1.908': attribute type 1 has an invalid length.
[  489.853076][T10799] net_ratelimit: 417 callbacks suppressed
[  489.853101][T10799] netlink: zone id is out of range
[  489.885935][T10799] netlink: zone id is out of range
[  489.894811][T10799] netlink: zone id is out of range
[  489.912385][T10799] netlink: zone id is out of range
[  489.917541][T10799] netlink: zone id is out of range
[  489.937415][T10799] netlink: zone id is out of range
[  489.942720][T10799] netlink: zone id is out of range
[  489.947841][T10799] netlink: zone id is out of range
[  489.953584][T10799] netlink: zone id is out of range
[  489.958734][T10799] netlink: zone id is out of range
[  496.015676][T10882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.924'.
[  497.868233][T10915] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input58
[  498.028143][T10917] FAULT_INJECTION: forcing a failure.
[  498.028143][T10917] name failslab, interval 1, probability 0, space 0, times 0
[  498.042825][T10917] CPU: 1 UID: 0 PID: 10917 Comm: syz.4.929 Not tainted syzkaller #0 PREEMPT(full) 
[  498.042867][T10917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  498.042893][T10917] Call Trace:
[  498.042903][T10917]  <TASK>
[  498.042914][T10917]  dump_stack_lvl+0x16c/0x1f0
[  498.042967][T10917]  should_fail_ex+0x512/0x640
[  498.043015][T10917]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  498.043059][T10917]  should_failslab+0xc2/0x120
[  498.043100][T10917]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  498.043137][T10917]  ? css_rstat_updated+0x1c2/0x510
[  498.043170][T10917]  ? sock_alloc_inode+0x25/0x1c0
[  498.043207][T10917]  ? __pfx_sock_alloc_inode+0x10/0x10
[  498.043237][T10917]  sock_alloc_inode+0x25/0x1c0
[  498.043268][T10917]  alloc_inode+0x64/0x240
[  498.043314][T10917]  sock_alloc+0x40/0x280
[  498.043345][T10917]  __sock_create+0xc1/0x8d0
[  498.043389][T10917]  __sys_socket+0x14d/0x260
[  498.043427][T10917]  ? __pfx___sys_socket+0x10/0x10
[  498.043468][T10917]  ? do_user_addr_fault+0x843/0x1370
[  498.043525][T10917]  __x64_sys_socket+0x72/0xb0
[  498.043560][T10917]  ? lockdep_hardirqs_on+0x7c/0x110
[  498.043606][T10917]  do_syscall_64+0xcd/0x490
[  498.043657][T10917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  498.043689][T10917] RIP: 0033:0x7f99a8f90b07
[  498.043713][T10917] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  498.043744][T10917] RSP: 002b:00007f99a71f4fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  498.043775][T10917] RAX: ffffffffffffffda RBX: 00007f99a91c6090 RCX: 00007f99a8f90b07
[  498.043796][T10917] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  498.043814][T10917] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  498.043833][T10917] R10: 00002000000010c0 R11: 0000000000000286 R12: 0000000000000000
[  498.043852][T10917] R13: 00007f99a91c6128 R14: 00007f99a91c6090 R15: 00007ffe30540c08
[  498.043900][T10917]  </TASK>
[  498.043920][T10917] net_ratelimit: 417 callbacks suppressed
[  498.043935][T10917] socket: no more sockets
[  498.529417][T10926] netlink: 16 bytes leftover after parsing attributes in process `syz.0.931'.
[  498.988598][T10916] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input59
[  500.209236][T10935] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input60
[  500.969385][T10937] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input61
[  501.440479][T10960] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input62
[  501.991690][T10962] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input63
[  502.707489][T10984] vivid-003: =================  START STATUS  =================
[  502.725597][T10984] vivid-003: Radio HW Seek Mode: Bounded
[  502.733428][T10984] vivid-003: Radio Programmable HW Seek: false
[  502.741900][T10984] vivid-003: RDS Rx I/O Mode: Block I/O
[  502.752436][T10984] vivid-003: Generate RBDS Instead of RDS: false
[  502.758960][T10984] vivid-003: RDS Reception: true
[  502.764053][T10984] vivid-003: RDS Program Type: 0 inactive
[  502.769944][T10984] vivid-003: RDS PS Name:  inactive
[  502.784800][T10984] vivid-003: RDS Radio Text:  inactive
[  502.798555][T10984] vivid-003: RDS Traffic Announcement: false inactive
[  502.807413][T10984] vivid-003: RDS Traffic Program: false inactive
[  502.818450][T10984] vivid-003: RDS Music: false inactive
[  502.830762][T10984] vivid-003: ==================  END STATUS  ==================
[  502.897886][T10988] netlink: 16 bytes leftover after parsing attributes in process `syz.0.943'.
[  503.026988][T10991] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input64
[  503.356215][T10993] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input65
[  506.589605][T11031] netlink: 16 bytes leftover after parsing attributes in process `syz.1.955'.
[  506.631816][T11026] zswap: compressor @ not available
[  510.080191][T11086] zswap: compressor @ not available
[  510.342272][T11091] netlink: 16 bytes leftover after parsing attributes in process `syz.1.966'.
[  510.670917][T11098] netlink: 342 bytes leftover after parsing attributes in process `syz.0.968'.
[  511.040870][T11103] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input66
[  511.861498][T11118] tipc: Started in network mode
[  511.869616][T11118] tipc: Node identity ee00, cluster identity 4711
[  511.877089][T11118] tipc: Node number set to 60928
[  511.927873][T11105] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input67
[  511.959441][ T5873] smpboot: CPU 1 is now offline
[  512.038449][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  512.044960][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  512.926188][T11125] zswap: compressor @ not available
[  515.107875][T11174] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input68
[  515.644899][T11175] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input69
[  519.811055][T11224] ubi0: detaching mtd0
[  519.842959][T11224] ubi0: mtd0 is detached
[  519.990558][T11224] netlink: 'syz.1.996': attribute type 10 has an invalid length.
[  520.009006][T11224] netlink: 230 bytes leftover after parsing attributes in process `syz.1.996'.
[  520.027159][T11224] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  521.057411][T11239] FAULT_INJECTION: forcing a failure.
[  521.057411][T11239] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  521.162337][T11239] CPU: 0 UID: 0 PID: 11239 Comm: syz.1.999 Not tainted syzkaller #0 PREEMPT(full) 
[  521.162371][T11239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  521.162385][T11239] Call Trace:
[  521.162393][T11239]  <TASK>
[  521.162402][T11239]  dump_stack_lvl+0x16c/0x1f0
[  521.162444][T11239]  should_fail_ex+0x512/0x640
[  521.162486][T11239]  _copy_from_user+0x2e/0xd0
[  521.162512][T11239]  copy_msghdr_from_user+0x98/0x160
[  521.162549][T11239]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  521.162590][T11239]  ? kfree+0x24f/0x4d0
[  521.162611][T11239]  ? __lock_acquire+0x62e/0x1ce0
[  521.162656][T11239]  ___sys_recvmsg+0xdb/0x1a0
[  521.162692][T11239]  ? __pfx____sys_recvmsg+0x10/0x10
[  521.162745][T11239]  ? __pfx___might_resched+0x10/0x10
[  521.162775][T11239]  do_recvmmsg+0x2fe/0x750
[  521.162815][T11239]  ? __pfx_do_recvmmsg+0x10/0x10
[  521.162858][T11239]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  521.162905][T11239]  ? __fget_files+0x20e/0x3c0
[  521.162938][T11239]  __x64_sys_recvmmsg+0x22a/0x280
[  521.162978][T11239]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  521.163016][T11239]  ? syscall_user_dispatch+0x78/0x140
[  521.163062][T11239]  do_syscall_64+0xcd/0x490
[  521.163101][T11239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.163126][T11239] RIP: 0033:0x7f7a1f98ebe9
[  521.163143][T11239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  521.163167][T11239] RSP: 002b:00007f7a1dbd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  521.163189][T11239] RAX: ffffffffffffffda RBX: 00007f7a1fbc6090 RCX: 00007f7a1f98ebe9
[  521.163205][T11239] RDX: 000000000000010a RSI: 0000000000000000 RDI: 0000000000000005
[  521.163218][T11239] RBP: 00007f7a1dbd5090 R08: 0000000000000000 R09: 0000000000000000
[  521.163233][T11239] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000002
[  521.163246][T11239] R13: 00007f7a1fbc6128 R14: 00007f7a1fbc6090 R15: 00007fffc9acd348
[  521.163275][T11239]  </TASK>
[  528.540379][T11300] ubi0: attaching mtd0
[  528.592580][T11300] ubi0: scanning is finished
[  528.930106][T11300] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  528.940105][T11300] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  528.953407][T11300] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  528.967517][T11300] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  528.981080][T11300] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  528.998515][T11300] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  529.010777][T11300] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 0
[  529.032293][T11300] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  529.057621][T11305] ubi0: background thread "ubi_bgt0d" started, PID 11305
[  531.077599][T11332] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input70
[  531.230199][T11327] nvme_fabrics: missing parameter 'transport=%s'
[  531.352678][T11327] nvme_fabrics: missing parameter 'nqn=%s'
[  531.449120][T11340] ubi: mtd0 is already attached to ubi0
[  531.714143][T11331] nvme_fabrics: missing parameter 'transport=%s'
[  531.822411][T11331] nvme_fabrics: missing parameter 'nqn=%s'
[  531.860915][T11334] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input71
[  532.535560][T11351] random: crng reseeded on system resumption
[  532.842188][T11356] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1021'.
[  533.901629][T11369] FAULT_INJECTION: forcing a failure.
[  533.901629][T11369] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  533.943627][T11369] CPU: 0 UID: 0 PID: 11369 Comm: syz.1.1022 Not tainted syzkaller #0 PREEMPT(full) 
[  533.943660][T11369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  533.943674][T11369] Call Trace:
[  533.943681][T11369]  <TASK>
[  533.943690][T11369]  dump_stack_lvl+0x16c/0x1f0
[  533.943730][T11369]  should_fail_ex+0x512/0x640
[  533.943773][T11369]  _copy_from_user+0x2e/0xd0
[  533.943799][T11369]  copy_msghdr_from_user+0x98/0x160
[  533.943836][T11369]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  533.943878][T11369]  ? kfree+0x24f/0x4d0
[  533.943898][T11369]  ? __lock_acquire+0x62e/0x1ce0
[  533.943936][T11369]  ___sys_recvmsg+0xdb/0x1a0
[  533.943973][T11369]  ? __pfx____sys_recvmsg+0x10/0x10
[  533.944025][T11369]  ? __pfx___might_resched+0x10/0x10
[  533.944055][T11369]  do_recvmmsg+0x2fe/0x750
[  533.944095][T11369]  ? __pfx_do_recvmmsg+0x10/0x10
[  533.944138][T11369]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  533.944184][T11369]  ? __fget_files+0x20e/0x3c0
[  533.944217][T11369]  __x64_sys_recvmmsg+0x22a/0x280
[  533.944257][T11369]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  533.944326][T11369]  do_syscall_64+0xcd/0x490
[  533.944365][T11369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  533.944389][T11369] RIP: 0033:0x7f7a1f98ebe9
[  533.944407][T11369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  533.944431][T11369] RSP: 002b:00007f7a1dbb4038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  533.944460][T11369] RAX: ffffffffffffffda RBX: 00007f7a1fbc6180 RCX: 00007f7a1f98ebe9
[  533.944476][T11369] RDX: 000000000000010a RSI: 0000000000000000 RDI: 0000000000000005
[  533.944490][T11369] RBP: 00007f7a1dbb4090 R08: 0000000000000000 R09: 0000000000000000
[  533.944504][T11369] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000002
[  533.944517][T11369] R13: 00007f7a1fbc6218 R14: 00007f7a1fbc6180 R15: 00007fffc9acd348
[  533.944546][T11369]  </TASK>
[  534.501759][T11381] FAULT_INJECTION: forcing a failure.
[  534.501759][T11381] name failslab, interval 1, probability 0, space 0, times 0
[  534.681715][T11381] CPU: 0 UID: 0 PID: 11381 Comm: syz.0.1024 Not tainted syzkaller #0 PREEMPT(full) 
[  534.681751][T11381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  534.681765][T11381] Call Trace:
[  534.681773][T11381]  <TASK>
[  534.681782][T11381]  dump_stack_lvl+0x16c/0x1f0
[  534.681823][T11381]  should_fail_ex+0x512/0x640
[  534.681861][T11381]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  534.681889][T11381]  should_failslab+0xc2/0x120
[  534.681922][T11381]  __kmalloc_cache_noprof+0x6a/0x3e0
[  534.681947][T11381]  ? do_eventfd+0x67/0x2c0
[  534.681987][T11381]  do_eventfd+0x67/0x2c0
[  534.682019][T11381]  ? rcu_is_watching+0x12/0xc0
[  534.682049][T11381]  __x64_sys_eventfd+0x32/0x50
[  534.682086][T11381]  do_syscall_64+0xcd/0x490
[  534.682127][T11381]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.682151][T11381] RIP: 0033:0x7f20d2b8ebe9
[  534.682170][T11381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  534.682193][T11381] RSP: 002b:00007f20d39e1038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c
[  534.682216][T11381] RAX: ffffffffffffffda RBX: 00007f20d2dc6180 RCX: 00007f20d2b8ebe9
[  534.682232][T11381] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  534.682245][T11381] RBP: 00007f20d2c11e19 R08: 0000000000000000 R09: 0000000000000000
[  534.682260][T11381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  534.682274][T11381] R13: 00007f20d2dc6218 R14: 00007f20d2dc6180 R15: 00007ffca05848a8
[  534.682303][T11381]  </TASK>
[  536.295776][T11401] ubi: mtd0 is already attached to ubi0
[  537.715944][T11420] ubi: mtd0 is already attached to ubi0
[  538.222014][T11425] FAULT_INJECTION: forcing a failure.
[  538.222014][T11425] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  538.242679][T11429] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input72
[  538.257810][T11425] CPU: 0 UID: 0 PID: 11425 Comm: syz.1.1036 Not tainted syzkaller #0 PREEMPT(full) 
[  538.257841][T11425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  538.257855][T11425] Call Trace:
[  538.257863][T11425]  <TASK>
[  538.257871][T11425]  dump_stack_lvl+0x16c/0x1f0
[  538.257912][T11425]  should_fail_ex+0x512/0x640
[  538.257954][T11425]  _copy_from_user+0x2e/0xd0
[  538.257980][T11425]  copy_msghdr_from_user+0x98/0x160
[  538.258017][T11425]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  538.258058][T11425]  ? kfree+0x24f/0x4d0
[  538.258098][T11425]  ? __lock_acquire+0x62e/0x1ce0
[  538.258135][T11425]  ___sys_recvmsg+0xdb/0x1a0
[  538.258172][T11425]  ? __pfx____sys_recvmsg+0x10/0x10
[  538.258224][T11425]  ? __pfx___might_resched+0x10/0x10
[  538.258255][T11425]  do_recvmmsg+0x2fe/0x750
[  538.258295][T11425]  ? __pfx_do_recvmmsg+0x10/0x10
[  538.258337][T11425]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  538.258384][T11425]  ? __fget_files+0x20e/0x3c0
[  538.258417][T11425]  __x64_sys_recvmmsg+0x22a/0x280
[  538.258457][T11425]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  538.258494][T11425]  ? syscall_user_dispatch+0x78/0x140
[  538.258540][T11425]  do_syscall_64+0xcd/0x490
[  538.258579][T11425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.258603][T11425] RIP: 0033:0x7f7a1f98ebe9
[  538.258621][T11425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  538.258645][T11425] RSP: 002b:00007f7a1dbd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  538.258668][T11425] RAX: ffffffffffffffda RBX: 00007f7a1fbc6090 RCX: 00007f7a1f98ebe9
[  538.258684][T11425] RDX: 000000000000010a RSI: 0000000000000000 RDI: 0000000000000005
[  538.258698][T11425] RBP: 00007f7a1dbd5090 R08: 0000000000000000 R09: 0000000000000000
[  538.258712][T11425] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000002
[  538.258726][T11425] R13: 00007f7a1fbc6128 R14: 00007f7a1fbc6090 R15: 00007fffc9acd348
[  538.258755][T11425]  </TASK>
[  540.963931][T11431] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input73
[  542.260365][T11469] FAULT_INJECTION: forcing a failure.
[  542.260365][T11469] name failslab, interval 1, probability 0, space 0, times 0
[  542.273440][T11469] CPU: 0 UID: 0 PID: 11469 Comm: syz.1.1044 Not tainted syzkaller #0 PREEMPT(full) 
[  542.273474][T11469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  542.273489][T11469] Call Trace:
[  542.273497][T11469]  <TASK>
[  542.273506][T11469]  dump_stack_lvl+0x16c/0x1f0
[  542.273548][T11469]  should_fail_ex+0x512/0x640
[  542.273585][T11469]  ? __kvmalloc_node_noprof+0x124/0x620
[  542.273616][T11469]  should_failslab+0xc2/0x120
[  542.273648][T11469]  __kvmalloc_node_noprof+0x137/0x620
[  542.273681][T11469]  ? lockdep_init_map_type+0x5c/0x280
[  542.273716][T11469]  ? alloc_netdev_mqs+0xc82/0x1530
[  542.273761][T11469]  ? alloc_netdev_mqs+0xc82/0x1530
[  542.273796][T11469]  alloc_netdev_mqs+0xc82/0x1530
[  542.273839][T11469]  slip_open+0x35c/0x1150
[  542.273862][T11469]  ? __pfx___might_resched+0x10/0x10
[  542.273886][T11469]  ? __pfx_n_tty_close+0x10/0x10
[  542.273911][T11469]  ? find_held_lock+0x2b/0x80
[  542.273934][T11469]  ? __pfx_slip_open+0x10/0x10
[  542.273955][T11469]  ? down_write+0x14d/0x200
[  542.273980][T11469]  ? __pfx_slip_open+0x10/0x10
[  542.274002][T11469]  tty_ldisc_open+0x9f/0x120
[  542.274034][T11469]  tty_set_ldisc+0x32b/0x780
[  542.274072][T11469]  tty_ioctl+0xc2e/0x1680
[  542.274109][T11469]  ? __pfx_tty_ioctl+0x10/0x10
[  542.274154][T11469]  ? find_held_lock+0x2b/0x80
[  542.274177][T11469]  ? hook_file_ioctl_common+0x145/0x410
[  542.274216][T11469]  ? __fget_files+0x20e/0x3c0
[  542.274247][T11469]  ? __pfx_tty_ioctl+0x10/0x10
[  542.274284][T11469]  __x64_sys_ioctl+0x18e/0x210
[  542.274325][T11469]  do_syscall_64+0xcd/0x490
[  542.274364][T11469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.274388][T11469] RIP: 0033:0x7f7a1f98ebe9
[  542.274406][T11469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  542.274430][T11469] RSP: 002b:00007f7a1dbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  542.274458][T11469] RAX: ffffffffffffffda RBX: 00007f7a1fbc5fa0 RCX: 00007f7a1f98ebe9
[  542.274474][T11469] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000006
[  542.274488][T11469] RBP: 00007f7a1fa11e19 R08: 0000000000000000 R09: 0000000000000000
[  542.274503][T11469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  542.274517][T11469] R13: 00007f7a1fbc6038 R14: 00007f7a1fbc5fa0 R15: 00007fffc9acd348
[  542.274547][T11469]  </TASK>
[  542.595537][T11476] random: crng reseeded on system resumption
[  543.063947][T11483] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  543.940358][T11493] capability: warning: `syz.1.1048' uses 32-bit capabilities (legacy support in use)
[  544.454493][T11504] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input74
[  545.128010][T11506] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input75
[  545.425324][T11512] netlink: 268 bytes leftover after parsing attributes in process `syz.3.1052'.
[  546.556544][T11530] ubi: mtd0 is already attached to ubi0
[  546.995007][T11512] syz.3.1052 (11512) used greatest stack depth: 17080 bytes left
[  547.972217][T11545] ICMPv6: process `syz.3.1059' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead
[  548.698025][T11539] zswap: compressor  not available
[  550.909088][T11579] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1065'.
[  552.778135][T11608] bond0: option all_slaves_active: invalid value (
)
[  553.266978][T11613] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  554.537423][T11629] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1076'.
[  554.808806][T11637] ubi: mtd0 is already attached to ubi0
[  556.219280][T11655] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input76
[  557.441360][T11656] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input77
[  557.920293][T11677] ubi: mtd0 is already attached to ubi0
[  561.031563][T11710] i2c i2c-0: new_device: Invalid device name
[  561.136957][T11712] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1094'.
[  562.759335][T11736] netlink: 268 bytes leftover after parsing attributes in process `syz.4.1098'.
[  563.424261][T11750] ubi: mtd0 is already attached to ubi0
[  566.514080][T11776] FAULT_INJECTION: forcing a failure.
[  566.514080][T11776] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  566.753154][T11776] CPU: 0 UID: 0 PID: 11776 Comm: syz.0.1108 Not tainted syzkaller #0 PREEMPT(full) 
[  566.753186][T11776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  566.753201][T11776] Call Trace:
[  566.753208][T11776]  <TASK>
[  566.753217][T11776]  dump_stack_lvl+0x16c/0x1f0
[  566.753256][T11776]  should_fail_ex+0x512/0x640
[  566.753297][T11776]  _copy_from_user+0x2e/0xd0
[  566.753324][T11776]  copy_msghdr_from_user+0x98/0x160
[  566.753361][T11776]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  566.753402][T11776]  ? kfree+0x24f/0x4d0
[  566.753423][T11776]  ? __lock_acquire+0x62e/0x1ce0
[  566.753469][T11776]  ___sys_recvmsg+0xdb/0x1a0
[  566.753506][T11776]  ? __pfx____sys_recvmsg+0x10/0x10
[  566.753558][T11776]  ? __pfx___might_resched+0x10/0x10
[  566.753588][T11776]  do_recvmmsg+0x2fe/0x750
[  566.753628][T11776]  ? __pfx_do_recvmmsg+0x10/0x10
[  566.753671][T11776]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  566.753717][T11776]  ? __fget_files+0x20e/0x3c0
[  566.753750][T11776]  __x64_sys_recvmmsg+0x22a/0x280
[  566.753790][T11776]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  566.753828][T11776]  ? syscall_user_dispatch+0x78/0x140
[  566.753874][T11776]  do_syscall_64+0xcd/0x490
[  566.753913][T11776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.753942][T11776] RIP: 0033:0x7f20d2b8ebe9
[  566.753960][T11776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  566.753983][T11776] RSP: 002b:00007f20d3a02038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  566.754006][T11776] RAX: ffffffffffffffda RBX: 00007f20d2dc6090 RCX: 00007f20d2b8ebe9
[  566.754022][T11776] RDX: 000000000000010a RSI: 0000000000000000 RDI: 0000000000000005
[  566.754036][T11776] RBP: 00007f20d3a02090 R08: 0000000000000000 R09: 0000000000000000
[  566.754051][T11776] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000002
[  566.754065][T11776] R13: 00007f20d2dc6128 R14: 00007f20d2dc6090 R15: 00007ffca05848a8
[  566.754095][T11776]  </TASK>
[  568.115200][T11811] ubi: mtd0 is already attached to ubi0
[  568.892576][T11818] ubi: mtd0 is already attached to ubi0
[  569.499819][T11826] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input78
[  569.584536][T11829] Invalid ELF header magic: != ELF
[  570.926659][T11830] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input79
[  571.109546][   T31] audit: type=1800 audit(1757189668.124:9): pid=11845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1122" name="discovery_nqn" dev="configfs" ino=32681 res=0 errno=0
[  571.768368][T11851] FAULT_INJECTION: forcing a failure.
[  571.768368][T11851] name fail_futex, interval 1, probability 0, space 0, times 0
[  571.816644][T11851] CPU: 0 UID: 0 PID: 11851 Comm: syz.0.1123 Not tainted syzkaller #0 PREEMPT(full) 
[  571.816677][T11851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  571.816690][T11851] Call Trace:
[  571.816698][T11851]  <TASK>
[  571.816706][T11851]  dump_stack_lvl+0x16c/0x1f0
[  571.816744][T11851]  should_fail_ex+0x512/0x640
[  571.816784][T11851]  get_futex_key+0x1d0/0x1560
[  571.816815][T11851]  ? __pfx_get_futex_key+0x10/0x10
[  571.816852][T11851]  futex_wake+0xea/0x530
[  571.816886][T11851]  ? rcu_is_watching+0x12/0xc0
[  571.816910][T11851]  ? __pfx_futex_wake+0x10/0x10
[  571.816952][T11851]  ? kmem_cache_free+0x2d1/0x4d0
[  571.816977][T11851]  ? fd_install+0x225/0x750
[  571.817000][T11851]  ? putname+0x154/0x1a0
[  571.817035][T11851]  do_futex+0x1e3/0x350
[  571.817065][T11851]  ? __pfx_do_futex+0x10/0x10
[  571.817094][T11851]  ? find_held_lock+0x2b/0x80
[  571.817117][T11851]  ? handle_mm_fault+0x2ab/0xd10
[  571.817143][T11851]  __x64_sys_futex+0x1e0/0x4c0
[  571.817174][T11851]  ? __x64_sys_openat+0x174/0x210
[  571.817211][T11851]  ? __pfx___x64_sys_futex+0x10/0x10
[  571.817252][T11851]  do_syscall_64+0xcd/0x490
[  571.817291][T11851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  571.817314][T11851] RIP: 0033:0x7f20d2b8ebe9
[  571.817331][T11851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  571.817354][T11851] RSP: 002b:00007f20d3a020e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  571.817375][T11851] RAX: ffffffffffffffda RBX: 00007f20d2dc6098 RCX: 00007f20d2b8ebe9
[  571.817390][T11851] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f20d2dc609c
[  571.817404][T11851] RBP: 00007f20d2dc6090 R08: 00007f20d3a24000 R09: 0000000000000000
[  571.817418][T11851] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[  571.817431][T11851] R13: 00007f20d2dc6128 R14: 00007ffca05847c0 R15: 00007ffca05848a8
[  571.817459][T11851]  </TASK>
[  572.075112][T11834] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1120'.
[  572.084280][T11834] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1120'.
[  573.291444][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  573.299558][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  573.610482][T11881] ubi: mtd0 is already attached to ubi0
[  574.433416][T11892] netlink: 'syz.4.1130': attribute type 1 has an invalid length.
[  574.508673][T11892] nbd: error processing sock list
[  579.164170][T11960] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1140'.
[  580.154942][T11975] ubi: mtd0 is already attached to ubi0
[  580.160943][T11960] bond0: (slave bond_slave_1): Releasing backup interface
[  581.611661][T11988] ubi: mtd0 is already attached to ubi0
[  583.304280][T12011] vivid-003: =================  START STATUS  =================
[  583.304315][T12011] vivid-003: Radio HW Seek Mode: Bounded
[  583.304347][T12011] vivid-003: Radio Programmable HW Seek: false
[  583.304371][T12011] vivid-003: RDS Rx I/O Mode: Block I/O
[  583.304394][T12011] vivid-003: Generate RBDS Instead of RDS: false
[  583.304418][T12011] vivid-003: RDS Reception: true
[  583.304440][T12011] vivid-003: RDS Program Type: 0 inactive
[  583.304469][T12011] vivid-003: RDS PS Name:  inactive
[  583.304496][T12011] vivid-003: RDS Radio Text:  inactive
[  583.304524][T12011] vivid-003: RDS Traffic Announcement: false inactive
[  583.304571][T12011] vivid-003: RDS Traffic Program: false inactive
[  583.304600][T12011] vivid-003: RDS Music: false inactive
[  583.304628][T12011] vivid-003: ==================  END STATUS  ==================
[  589.324591][T12080] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1167'.
[  590.059452][T12094] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1168'.
[  591.961917][T12115] vhci_hcd: invalid port number 16
[  591.991739][T12115] vhci_hcd: invalid port number 16
[  592.570969][T12133] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1178'.
[  592.849339][T12135] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  592.930148][T12135] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  593.040936][T12135] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  593.198846][T12135] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  593.465423][T12135] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  594.254783][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.265934][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.273479][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.282860][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.290270][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.300693][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.308142][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.318654][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.326570][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.340776][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.348277][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.364163][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.371944][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.380862][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.388275][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.398389][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.407022][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.430288][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.437724][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.446665][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.456310][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.466123][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.473902][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.484080][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.491592][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.500637][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.508046][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.539704][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.547145][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.557702][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.565245][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.574645][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.582181][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.591119][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.598517][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.609840][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.617255][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.629152][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.636599][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.647781][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.657344][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.668653][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.676146][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.686723][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.697407][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.706505][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.714280][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.725120][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.734477][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.743832][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.758439][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.767356][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.778268][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.787138][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.795137][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.806675][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.817640][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.826614][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.834980][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.847125][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.854772][ T5185] Bluetooth: hci0: command 0x0c1a tx timeout
[  594.863045][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.876905][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.884437][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.895571][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.903974][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.915565][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.924996][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.935011][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.944408][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.967556][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.974982][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  594.987337][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  594.995220][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.007133][ T5185] Bluetooth: hci2: command 0x0c1a tx timeout
[  595.013843][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.021953][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.032232][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.040174][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.049425][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.060343][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.070258][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.079517][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.095101][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.102636][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.111907][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.119926][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.136617][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.144029][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.156850][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.165408][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.185951][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.206059][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.220503][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.228038][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.236965][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.244352][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.253344][ T5185] Bluetooth: hci3: command 0x0406 tx timeout
[  595.265615][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.279949][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.298922][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.306459][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.315267][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.322836][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.332239][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.339756][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.355406][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.373331][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.395385][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.415033][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.429616][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.444810][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.475088][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.494773][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.511008][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.518476][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.527433][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.539776][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.551730][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.560041][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.569175][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.577637][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.594229][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.601748][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.610737][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.618850][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.633895][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.641393][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.650404][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.657893][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.667341][ T5867] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  595.676370][ T5867] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  595.685339][ T5867] Bluetooth: hci1: command 0x0c1a tx timeout
[  597.315187][ T5867] Bluetooth: hci3: command 0x0406 tx timeout
[  600.627150][T12324] Invalid ELF header magic: != ELF
[  602.042065][T12437] ubi: mtd0 is already attached to ubi0
[  604.803486][T12498] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1210'.
[  606.068113][T12520] ubi: mtd0 is already attached to ubi0
[  606.994011][T12539] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1218'.
[  607.086636][T12539] geneve1: entered promiscuous mode
[  607.225370][T12548] ubi: mtd0 is already attached to ubi0
[  607.340499][T12539] geneve1: entered allmulticast mode
[  607.518539][T12544] Invalid ELF header magic: != ELF
[  607.902019][T12539] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1218'.
[  608.957008][T12565] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1222'.
[  611.316194][T12600] ubi: mtd0 is already attached to ubi0
[  612.668307][T12619] FAULT_INJECTION: forcing a failure.
[  612.668307][T12619] name failslab, interval 1, probability 0, space 0, times 0
[  612.861988][T12619] CPU: 0 UID: 0 PID: 12619 Comm: syz.4.1234 Not tainted syzkaller #0 PREEMPT(full) 
[  612.862023][T12619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  612.862038][T12619] Call Trace:
[  612.862046][T12619]  <TASK>
[  612.862055][T12619]  dump_stack_lvl+0x16c/0x1f0
[  612.862097][T12619]  should_fail_ex+0x512/0x640
[  612.862136][T12619]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  612.862174][T12619]  should_failslab+0xc2/0x120
[  612.862207][T12619]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  612.862236][T12619]  ? __kernfs_new_node+0xd2/0x8e0
[  612.862272][T12619]  __kernfs_new_node+0xd2/0x8e0
[  612.862306][T12619]  ? __pfx___kernfs_new_node+0x10/0x10
[  612.862345][T12619]  ? find_held_lock+0x2b/0x80
[  612.862370][T12619]  ? kernfs_root+0xee/0x2a0
[  612.862406][T12619]  kernfs_new_node+0x13c/0x1e0
[  612.862446][T12619]  __kernfs_create_file+0x53/0x350
[  612.862474][T12619]  sysfs_add_file_mode_ns+0x207/0x3c0
[  612.862511][T12619]  internal_create_group+0x578/0xf30
[  612.862550][T12619]  ? __pfx_internal_create_group+0x10/0x10
[  612.862587][T12619]  ? kernfs_create_link+0x1bd/0x240
[  612.862616][T12619]  internal_create_groups+0x9d/0x150
[  612.862651][T12619]  device_add+0x6d1/0x1aa0
[  612.862681][T12619]  ? __pfx_device_add+0x10/0x10
[  612.862707][T12619]  ? lockdep_init_map_type+0x5c/0x280
[  612.862740][T12619]  ? __init_waitqueue_head+0xca/0x150
[  612.862785][T12619]  netdev_register_kobject+0x1a9/0x3d0
[  612.862816][T12619]  register_netdevice+0x13dc/0x2270
[  612.862845][T12619]  ? __pfx_register_netdevice+0x10/0x10
[  612.862878][T12619]  slip_open+0xb86/0x1150
[  612.862906][T12619]  ? __pfx_slip_open+0x10/0x10
[  612.862928][T12619]  ? down_write+0x14d/0x200
[  612.862953][T12619]  ? __pfx_slip_open+0x10/0x10
[  612.862975][T12619]  tty_ldisc_open+0x9f/0x120
[  612.863009][T12619]  tty_set_ldisc+0x32b/0x780
[  612.863051][T12619]  tty_ioctl+0xc2e/0x1680
[  612.863089][T12619]  ? __pfx_tty_ioctl+0x10/0x10
[  612.863135][T12619]  ? find_held_lock+0x2b/0x80
[  612.863163][T12619]  ? hook_file_ioctl_common+0x145/0x410
[  612.863203][T12619]  ? __fget_files+0x20e/0x3c0
[  612.863233][T12619]  ? __pfx_tty_ioctl+0x10/0x10
[  612.863271][T12619]  __x64_sys_ioctl+0x18e/0x210
[  612.863312][T12619]  do_syscall_64+0xcd/0x490
[  612.863352][T12619]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  612.863377][T12619] RIP: 0033:0x7f99a8f8ebe9
[  612.863396][T12619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  612.863419][T12619] RSP: 002b:00007f99a9d32038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  612.863443][T12619] RAX: ffffffffffffffda RBX: 00007f99a91c5fa0 RCX: 00007f99a8f8ebe9
[  612.863458][T12619] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000006
[  612.863472][T12619] RBP: 00007f99a9011e19 R08: 0000000000000000 R09: 0000000000000000
[  612.863487][T12619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  612.863501][T12619] R13: 00007f99a91c6038 R14: 00007f99a91c5fa0 R15: 00007ffe30540c08
[  612.863532][T12619]  </TASK>
[  613.494541][T12614] rnbd_client L202: map_device: Unknown parameter or missing value '('
[  614.284810][T12640] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input80
[  614.568392][T12652] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input81
[  614.996038][T12700] ubi: mtd0 is already attached to ubi0
[  617.323495][T12762] zswap: compressor  not available
[  618.654950][T12773] FAULT_INJECTION: forcing a failure.
[  618.654950][T12773] name failslab, interval 1, probability 0, space 0, times 0
[  618.830934][T12773] CPU: 0 UID: 0 PID: 12773 Comm: syz.0.1249 Not tainted syzkaller #0 PREEMPT(full) 
[  618.830967][T12773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  618.830982][T12773] Call Trace:
[  618.830989][T12773]  <TASK>
[  618.830998][T12773]  dump_stack_lvl+0x16c/0x1f0
[  618.831039][T12773]  should_fail_ex+0x512/0x640
[  618.831076][T12773]  ? __kvmalloc_node_noprof+0x124/0x620
[  618.831106][T12773]  should_failslab+0xc2/0x120
[  618.831138][T12773]  __kvmalloc_node_noprof+0x137/0x620
[  618.831165][T12773]  ? __pfx___mutex_lock+0x10/0x10
[  618.831201][T12773]  ? __mutex_lock+0x1c5/0x1060
[  618.831236][T12773]  ? traverse.part.0.constprop.0+0x392/0x640
[  618.831266][T12773]  ? traverse.part.0.constprop.0+0x392/0x640
[  618.831289][T12773]  traverse.part.0.constprop.0+0x392/0x640
[  618.831313][T12773]  ? __pfx___mutex_lock+0x10/0x10
[  618.831350][T12773]  ? find_held_lock+0x2b/0x80
[  618.831379][T12773]  seq_lseek+0x2bb/0x450
[  618.831407][T12773]  full_proxy_llseek+0x121/0x180
[  618.831448][T12773]  ksys_lseek+0xf0/0x1b0
[  618.831474][T12773]  do_syscall_64+0xcd/0x490
[  618.831513][T12773]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  618.831537][T12773] RIP: 0033:0x7f20d2b8ebe9
[  618.831555][T12773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  618.831585][T12773] RSP: 002b:00007f20d3a02038 EFLAGS: 00000246 ORIG_RAX: 0000000000000008
[  618.831608][T12773] RAX: ffffffffffffffda RBX: 00007f20d2dc6090 RCX: 00007f20d2b8ebe9
[  618.831623][T12773] RDX: 0000000000000001 RSI: 7fffffffffffffff RDI: 0000000000000003
[  618.831637][T12773] RBP: 00007f20d3a02090 R08: 0000000000000000 R09: 0000000000000000
[  618.831651][T12773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  618.831665][T12773] R13: 00007f20d2dc6128 R14: 00007f20d2dc6090 R15: 00007ffca05848a8
[  618.831695][T12773]  </TASK>
[  620.060701][T12809] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input82
[  621.332430][T12814] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input83
[  622.337181][T12903] ubi: mtd0 is already attached to ubi0
[  623.627531][T12957] FAULT_INJECTION: forcing a failure.
[  623.627531][T12957] name failslab, interval 1, probability 0, space 0, times 0
[  623.668352][T12957] CPU: 0 UID: 0 PID: 12957 Comm: syz.1.1263 Not tainted syzkaller #0 PREEMPT(full) 
[  623.668388][T12957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  623.668410][T12957] Call Trace:
[  623.668418][T12957]  <TASK>
[  623.668427][T12957]  dump_stack_lvl+0x16c/0x1f0
[  623.668468][T12957]  should_fail_ex+0x512/0x640
[  623.668506][T12957]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  623.668538][T12957]  should_failslab+0xc2/0x120
[  623.668571][T12957]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  623.668598][T12957]  ? __lock_acquire+0x62e/0x1ce0
[  623.668630][T12957]  ? __pmd_alloc+0xbf/0x930
[  623.668671][T12957]  __pmd_alloc+0xbf/0x930
[  623.668710][T12957]  walk_pgd_range+0x88b/0x1f50
[  623.668744][T12957]  ? mt_find+0x757/0xa30
[  623.668765][T12957]  ? __pfx_guard_install_set_pte+0x10/0x10
[  623.668799][T12957]  ? mt_find+0x3ef/0xa30
[  623.668820][T12957]  ? __pfx_guard_install_set_pte+0x10/0x10
[  623.668853][T12957]  ? __pfx_guard_install_set_pte+0x10/0x10
[  623.668887][T12957]  ? __pfx_walk_pgd_range+0x10/0x10
[  623.668926][T12957]  __walk_page_range+0x163/0x820
[  623.668958][T12957]  ? find_vma+0xbf/0x140
[  623.668989][T12957]  ? __pfx_find_vma+0x10/0x10
[  623.669023][T12957]  ? walk_page_test+0x9b/0x180
[  623.669053][T12957]  walk_page_range_mm+0x461/0xb40
[  623.669088][T12957]  ? __pfx_walk_page_range_mm+0x10/0x10
[  623.669126][T12957]  ? __anon_vma_prepare+0x2e2/0x5e0
[  623.669157][T12957]  madvise_vma_behavior+0xa62/0x2d60
[  623.669195][T12957]  ? mas_prev_setup.constprop.0+0xb6/0x9d0
[  623.669232][T12957]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  623.669270][T12957]  ? __pfx_mas_prev+0x10/0x10
[  623.669313][T12957]  ? find_vma_prev+0xda/0x160
[  623.669346][T12957]  ? find_held_lock+0x2b/0x80
[  623.669368][T12957]  ? __pfx_find_vma_prev+0x10/0x10
[  623.669409][T12957]  ? futex_unqueue+0x133/0x2c0
[  623.669446][T12957]  ? __futex_wait+0x24c/0x2f0
[  623.669487][T12957]  madvise_walk_vmas+0x31f/0x9c0
[  623.669527][T12957]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  623.669571][T12957]  madvise_do_behavior+0x1e2/0x530
[  623.669605][T12957]  ? futex_private_hash_put+0x18a/0x300
[  623.669634][T12957]  ? __pfx_madvise_do_behavior+0x10/0x10
[  623.669671][T12957]  ? down_read+0x13d/0x480
[  623.669708][T12957]  do_madvise+0x176/0x240
[  623.669742][T12957]  ? __pfx_do_madvise+0x10/0x10
[  623.669775][T12957]  ? do_futex+0x122/0x350
[  623.669824][T12957]  ? xfd_validate_state+0x61/0x180
[  623.669859][T12957]  ? __pfx_ksys_write+0x10/0x10
[  623.669892][T12957]  __x64_sys_madvise+0xa9/0x110
[  623.669927][T12957]  ? lockdep_hardirqs_on+0x7c/0x110
[  623.669961][T12957]  do_syscall_64+0xcd/0x490
[  623.670002][T12957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  623.670026][T12957] RIP: 0033:0x7f7a1f98ebe9
[  623.670045][T12957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  623.670068][T12957] RSP: 002b:00007f7a1dbf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  623.670091][T12957] RAX: ffffffffffffffda RBX: 00007f7a1fbc5fa0 RCX: 00007f7a1f98ebe9
[  623.670107][T12957] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000
[  623.670122][T12957] RBP: 00007f7a1fa11e19 R08: 0000000000000000 R09: 0000000000000000
[  623.670137][T12957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  623.670151][T12957] R13: 00007f7a1fbc6038 R14: 00007f7a1fbc5fa0 R15: 00007fffc9acd348
[  623.670181][T12957]  </TASK>
[  623.675907][ T5867] Bluetooth: hci1: unexpected event 0x03 length: 725 > 11
[  625.134362][T12946] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input84
[  626.107611][T13059] FAULT_INJECTION: forcing a failure.
[  626.107611][T13059] name failslab, interval 1, probability 0, space 0, times 0
[  626.137132][T13059] CPU: 0 UID: 0 PID: 13059 Comm: syz.1.1271 Not tainted syzkaller #0 PREEMPT(full) 
[  626.137167][T13059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  626.137182][T13059] Call Trace:
[  626.137190][T13059]  <TASK>
[  626.137200][T13059]  dump_stack_lvl+0x16c/0x1f0
[  626.137242][T13059]  should_fail_ex+0x512/0x640
[  626.137280][T13059]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  626.137313][T13059]  should_failslab+0xc2/0x120
[  626.137347][T13059]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  626.137378][T13059]  ? __d_alloc+0x32/0xae0
[  626.137412][T13059]  __d_alloc+0x32/0xae0
[  626.137446][T13059]  d_alloc_parallel+0x111/0x1480
[  626.137492][T13059]  ? stack_depot_save_flags+0x29/0x9c0
[  626.137535][T13059]  ? __pfx_d_alloc_parallel+0x10/0x10
[  626.137577][T13059]  ? lockdep_init_map_type+0x5c/0x280
[  626.137613][T13059]  ? lockdep_init_map_type+0x5c/0x280
[  626.137652][T13059]  __lookup_slow+0x193/0x460
[  626.137692][T13059]  ? __pfx___lookup_slow+0x10/0x10
[  626.137733][T13059]  ? perf_trace_mm_compaction_suitable_template+0x1c0/0x5e0
[  626.137778][T13059]  ? perf_trace_mm_compaction_suitable_template+0x1c0/0x5e0
[  626.137815][T13059]  ? d_lookup+0xe7/0x190
[  626.137858][T13059]  lookup_noperm+0xe1/0x110
[  626.137905][T13059]  simple_start_creating+0xd1/0x1b0
[  626.137934][T13059]  start_creating.part.0+0x82/0x190
[  626.137965][T13059]  debugfs_create_dir+0x6c/0x5f0
[  626.137997][T13059]  ptp_open+0x334/0x550
[  626.138030][T13059]  ? __pfx_ptp_open+0x10/0x10
[  626.138067][T13059]  ? __pfx_ptp_open+0x10/0x10
[  626.138097][T13059]  posix_clock_open+0x17b/0x290
[  626.138127][T13059]  ? __pfx_posix_clock_open+0x10/0x10
[  626.138154][T13059]  chrdev_open+0x234/0x6a0
[  626.138186][T13059]  ? __pfx_apparmor_file_open+0x10/0x10
[  626.138214][T13059]  ? __pfx_chrdev_open+0x10/0x10
[  626.138247][T13059]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  626.138281][T13059]  do_dentry_open+0x982/0x1530
[  626.138313][T13059]  ? __pfx_chrdev_open+0x10/0x10
[  626.138350][T13059]  vfs_open+0x82/0x3f0
[  626.138390][T13059]  path_openat+0x1de4/0x2cb0
[  626.138429][T13059]  ? __pfx_path_openat+0x10/0x10
[  626.138466][T13059]  do_filp_open+0x20b/0x470
[  626.138495][T13059]  ? __pfx_do_filp_open+0x10/0x10
[  626.138546][T13059]  ? alloc_fd+0x471/0x7d0
[  626.138580][T13059]  do_sys_openat2+0x11b/0x1d0
[  626.138618][T13059]  ? __pfx_do_sys_openat2+0x10/0x10
[  626.138668][T13059]  __x64_sys_openat+0x174/0x210
[  626.138707][T13059]  ? __pfx___x64_sys_openat+0x10/0x10
[  626.138758][T13059]  do_syscall_64+0xcd/0x490
[  626.138799][T13059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  626.138824][T13059] RIP: 0033:0x7f7a1f98ebe9
[  626.138843][T13059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  626.138873][T13059] RSP: 002b:00007f7a1dbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  626.138897][T13059] RAX: ffffffffffffffda RBX: 00007f7a1fbc5fa0 RCX: 00007f7a1f98ebe9
[  626.138913][T13059] RDX: 0000000000000440 RSI: 0000200000000280 RDI: ffffffffffffff9c
[  626.138928][T13059] RBP: 00007f7a1fa11e19 R08: 0000000000000000 R09: 0000000000000000
[  626.138942][T13059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  626.138956][T13059] R13: 00007f7a1fbc6038 R14: 00007f7a1fbc5fa0 R15: 00007fffc9acd348
[  626.138987][T13059]  </TASK>
[  626.649099][T13067] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1273'.
[  626.776461][T13069] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1274'.
[  626.863753][T13071] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1275'.
[  627.574149][T13096] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1277'.
[  628.306311][T13119] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1282'.
[  632.374679][T13248] syz.1.1294 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  632.904493][T13291] FAULT_INJECTION: forcing a failure.
[  632.904493][T13291] name failslab, interval 1, probability 0, space 0, times 0
[  632.982569][T13291] CPU: 0 UID: 0 PID: 13291 Comm: syz.4.1295 Not tainted syzkaller #0 PREEMPT(full) 
[  632.982602][T13291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  632.982616][T13291] Call Trace:
[  632.982624][T13291]  <TASK>
[  632.982632][T13291]  dump_stack_lvl+0x16c/0x1f0
[  632.982676][T13291]  should_fail_ex+0x512/0x640
[  632.982711][T13291]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  632.982742][T13291]  should_failslab+0xc2/0x120
[  632.982772][T13291]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  632.982800][T13291]  ? alloc_empty_file+0x55/0x1e0
[  632.982837][T13291]  alloc_empty_file+0x55/0x1e0
[  632.982873][T13291]  path_openat+0xda/0x2cb0
[  632.982898][T13291]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  632.982932][T13291]  ? __pfx_path_openat+0x10/0x10
[  632.982966][T13291]  do_filp_open+0x20b/0x470
[  632.982994][T13291]  ? __pfx_do_filp_open+0x10/0x10
[  632.983041][T13291]  ? alloc_fd+0x471/0x7d0
[  632.983073][T13291]  do_sys_openat2+0x11b/0x1d0
[  632.983109][T13291]  ? __pfx_do_sys_openat2+0x10/0x10
[  632.983148][T13291]  ? __fget_files+0x20e/0x3c0
[  632.983177][T13291]  __x64_sys_openat+0x174/0x210
[  632.983214][T13291]  ? __pfx___x64_sys_openat+0x10/0x10
[  632.983250][T13291]  ? ksys_write+0x1ac/0x250
[  632.983285][T13291]  do_syscall_64+0xcd/0x490
[  632.983323][T13291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  632.983346][T13291] RIP: 0033:0x7f99a8f8ebe9
[  632.983363][T13291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  632.983386][T13291] RSP: 002b:00007f99a71f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  632.983408][T13291] RAX: ffffffffffffffda RBX: 00007f99a91c6090 RCX: 00007f99a8f8ebe9
[  632.983423][T13291] RDX: 0000000000040001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  632.983438][T13291] RBP: 00007f99a71f6090 R08: 0000000000000000 R09: 0000000000000000
[  632.983451][T13291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  632.983465][T13291] R13: 00007f99a91c6128 R14: 00007f99a91c6090 R15: 00007ffe30540c08
[  632.983493][T13291]  </TASK>
[  634.032669][T13314] netlink: 29 bytes leftover after parsing attributes in process `syz.0.1298'.
[  634.408592][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  634.422435][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  635.008912][T13331] FAULT_INJECTION: forcing a failure.
[  635.008912][T13331] name failslab, interval 1, probability 0, space 0, times 0
[  635.188251][T13331] CPU: 0 UID: 0 PID: 13331 Comm: syz.0.1301 Not tainted syzkaller #0 PREEMPT(full) 
[  635.188288][T13331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  635.188303][T13331] Call Trace:
[  635.188312][T13331]  <TASK>
[  635.188321][T13331]  dump_stack_lvl+0x16c/0x1f0
[  635.188364][T13331]  should_fail_ex+0x512/0x640
[  635.188403][T13331]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  635.188437][T13331]  should_failslab+0xc2/0x120
[  635.188470][T13331]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  635.188502][T13331]  ? __d_alloc+0x32/0xae0
[  635.188538][T13331]  __d_alloc+0x32/0xae0
[  635.188573][T13331]  d_alloc_parallel+0x111/0x1480
[  635.188626][T13331]  ? __pfx_d_alloc_parallel+0x10/0x10
[  635.188670][T13331]  ? lockdep_init_map_type+0x5c/0x280
[  635.188707][T13331]  ? lockdep_init_map_type+0x5c/0x280
[  635.188748][T13331]  __lookup_slow+0x193/0x460
[  635.188788][T13331]  ? __pfx___lookup_slow+0x10/0x10
[  635.188831][T13331]  ? perf_trace_mm_compaction_suitable_template+0x1c0/0x5e0
[  635.188876][T13331]  ? perf_trace_mm_compaction_suitable_template+0x1c0/0x5e0
[  635.188915][T13331]  ? d_lookup+0xe7/0x190
[  635.188958][T13331]  lookup_noperm+0xe1/0x110
[  635.188998][T13331]  simple_start_creating+0xd1/0x1b0
[  635.189028][T13331]  start_creating.part.0+0x82/0x190
[  635.189074][T13331]  __debugfs_create_file+0xa7/0x6b0
[  635.189109][T13331]  debugfs_create_file_full+0x41/0x60
[  635.189142][T13331]  ? __pfx_sl_setup+0x10/0x10
[  635.189181][T13331]  ref_tracker_dir_debugfs+0x19d/0x290
[  635.189206][T13331]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  635.189259][T13331]  ? __kvmalloc_node_noprof+0x298/0x620
[  635.189287][T13331]  ? sprintf+0xa0/0x100
[  635.189323][T13331]  ? lockdep_init_map_type+0x5c/0x280
[  635.189363][T13331]  alloc_netdev_mqs+0x30f/0x1530
[  635.189404][T13331]  ? slip_open+0x31c/0x1150
[  635.189428][T13331]  slip_open+0x35c/0x1150
[  635.189451][T13331]  ? __pfx___might_resched+0x10/0x10
[  635.189476][T13331]  ? __pfx_n_tty_close+0x10/0x10
[  635.189502][T13331]  ? find_held_lock+0x2b/0x80
[  635.189526][T13331]  ? __pfx_slip_open+0x10/0x10
[  635.189548][T13331]  ? down_write+0x14d/0x200
[  635.189574][T13331]  ? __pfx_slip_open+0x10/0x10
[  635.189597][T13331]  tty_ldisc_open+0x9f/0x120
[  635.189631][T13331]  tty_set_ldisc+0x32b/0x780
[  635.189670][T13331]  tty_ioctl+0xc2e/0x1680
[  635.189709][T13331]  ? __pfx_tty_ioctl+0x10/0x10
[  635.189756][T13331]  ? find_held_lock+0x2b/0x80
[  635.189779][T13331]  ? hook_file_ioctl_common+0x145/0x410
[  635.189820][T13331]  ? __fget_files+0x20e/0x3c0
[  635.189852][T13331]  ? __pfx_tty_ioctl+0x10/0x10
[  635.189891][T13331]  __x64_sys_ioctl+0x18e/0x210
[  635.189934][T13331]  do_syscall_64+0xcd/0x490
[  635.189976][T13331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  635.190002][T13331] RIP: 0033:0x7f20d2b8ebe9
[  635.190023][T13331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  635.190056][T13331] RSP: 002b:00007f20d3a23038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  635.190081][T13331] RAX: ffffffffffffffda RBX: 00007f20d2dc5fa0 RCX: 00007f20d2b8ebe9
[  635.190097][T13331] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000007
[  635.190112][T13331] RBP: 00007f20d2c11e19 R08: 0000000000000000 R09: 0000000000000000
[  635.190128][T13331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  635.190143][T13331] R13: 00007f20d2dc6038 R14: 00007f20d2dc5fa0 R15: 00007ffca05848a8
[  635.190174][T13331]  </TASK>
[  637.283286][T13396] random: crng reseeded on system resumption
[  637.428810][T13396] Unrecognized hibernate image header format!
[  637.443080][T13399] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(1)
[  637.456392][T13396] PM: hibernation: Image mismatch: architecture specific data
[  641.097592][T13476] FAULT_INJECTION: forcing a failure.
[  641.097592][T13476] name failslab, interval 1, probability 0, space 0, times 0
[  641.248569][T13491] ubi: mtd0 is already attached to ubi0
[  641.264394][T13476] CPU: 0 UID: 0 PID: 13476 Comm: syz.3.1315 Not tainted syzkaller #0 PREEMPT(full) 
[  641.264427][T13476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  641.264442][T13476] Call Trace:
[  641.264457][T13476]  <TASK>
[  641.264466][T13476]  dump_stack_lvl+0x16c/0x1f0
[  641.264508][T13476]  should_fail_ex+0x512/0x640
[  641.264551][T13476]  should_failslab+0xc2/0x120
[  641.264585][T13476]  __kmalloc_cache_noprof+0x6a/0x3e0
[  641.264610][T13476]  ? __pfx___might_resched+0x10/0x10
[  641.264634][T13476]  ? __hw_addr_add_ex+0x3c9/0x7c0
[  641.264661][T13476]  ? rcu_is_watching+0x12/0xc0
[  641.264689][T13476]  __hw_addr_add_ex+0x3c9/0x7c0
[  641.264721][T13476]  ? __pfx___hw_addr_add_ex+0x10/0x10
[  641.264749][T13476]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  641.264797][T13476]  ? __pfx_sl_setup+0x10/0x10
[  641.264833][T13476]  dev_addr_init+0x161/0x250
[  641.264864][T13476]  ? __pfx_dev_addr_init+0x10/0x10
[  641.264905][T13476]  alloc_netdev_mqs+0x35e/0x1530
[  641.264950][T13476]  slip_open+0x35c/0x1150
[  641.264972][T13476]  ? __pfx___might_resched+0x10/0x10
[  641.264995][T13476]  ? __pfx_n_tty_close+0x10/0x10
[  641.265021][T13476]  ? find_held_lock+0x2b/0x80
[  641.265044][T13476]  ? __pfx_slip_open+0x10/0x10
[  641.265065][T13476]  ? down_write+0x14d/0x200
[  641.265089][T13476]  ? __pfx_slip_open+0x10/0x10
[  641.265112][T13476]  tty_ldisc_open+0x9f/0x120
[  641.265145][T13476]  tty_set_ldisc+0x32b/0x780
[  641.265182][T13476]  tty_ioctl+0xc2e/0x1680
[  641.265220][T13476]  ? __pfx_tty_ioctl+0x10/0x10
[  641.265265][T13476]  ? find_held_lock+0x2b/0x80
[  641.265287][T13476]  ? hook_file_ioctl_common+0x145/0x410
[  641.265327][T13476]  ? __fget_files+0x20e/0x3c0
[  641.265358][T13476]  ? __pfx_tty_ioctl+0x10/0x10
[  641.265398][T13476]  __x64_sys_ioctl+0x18e/0x210
[  641.265440][T13476]  do_syscall_64+0xcd/0x490
[  641.265485][T13476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.265510][T13476] RIP: 0033:0x7f0875f8ebe9
[  641.265529][T13476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  641.265552][T13476] RSP: 002b:00007f08741f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  641.265575][T13476] RAX: ffffffffffffffda RBX: 00007f08761c5fa0 RCX: 00007f0875f8ebe9
[  641.265590][T13476] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000007
[  641.265605][T13476] RBP: 00007f0876011e19 R08: 0000000000000000 R09: 0000000000000000
[  641.265619][T13476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  641.265634][T13476] R13: 00007f08761c6038 R14: 00007f08761c5fa0 R15: 00007ffd6e0d8288
[  641.265664][T13476]  </TASK>
[  641.655539][T13476] Falling back ldisc for ptm1.
[  641.893678][T13526] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1318'.
[  642.360778][T13561] FAULT_INJECTION: forcing a failure.
[  642.360778][T13561] name failslab, interval 1, probability 0, space 0, times 0
[  642.416607][T13511] zswap: compressor @ not available
[  642.513677][T13561] CPU: 0 UID: 0 PID: 13561 Comm: syz.4.1321 Not tainted syzkaller #0 PREEMPT(full) 
[  642.513710][T13561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  642.513724][T13561] Call Trace:
[  642.513733][T13561]  <TASK>
[  642.513741][T13561]  dump_stack_lvl+0x16c/0x1f0
[  642.513781][T13561]  should_fail_ex+0x512/0x640
[  642.513819][T13561]  ? fs_reclaim_acquire+0xae/0x150
[  642.513857][T13561]  ? tomoyo_encode2+0x100/0x3e0
[  642.513895][T13561]  should_failslab+0xc2/0x120
[  642.513927][T13561]  __kmalloc_noprof+0xd2/0x510
[  642.513961][T13561]  tomoyo_encode2+0x100/0x3e0
[  642.513999][T13561]  tomoyo_encode+0x29/0x50
[  642.514032][T13561]  tomoyo_realpath_from_path+0x18f/0x6e0
[  642.514076][T13561]  tomoyo_check_open_permission+0x2ab/0x3c0
[  642.514108][T13561]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  642.514169][T13561]  ? do_raw_spin_lock+0x12c/0x2b0
[  642.514234][T13561]  tomoyo_file_open+0x6b/0x90
[  642.514258][T13561]  security_file_open+0x84/0x1e0
[  642.514292][T13561]  do_dentry_open+0x596/0x1530
[  642.514331][T13561]  vfs_open+0x82/0x3f0
[  642.514371][T13561]  path_openat+0x1de4/0x2cb0
[  642.514409][T13561]  ? __pfx_path_openat+0x10/0x10
[  642.514446][T13561]  do_filp_open+0x20b/0x470
[  642.514474][T13561]  ? __pfx_do_filp_open+0x10/0x10
[  642.514524][T13561]  ? alloc_fd+0x471/0x7d0
[  642.514558][T13561]  do_sys_openat2+0x11b/0x1d0
[  642.514594][T13561]  ? __pfx_do_sys_openat2+0x10/0x10
[  642.514641][T13561]  ? __fget_files+0x20e/0x3c0
[  642.514677][T13561]  __x64_sys_openat+0x174/0x210
[  642.514716][T13561]  ? __pfx___x64_sys_openat+0x10/0x10
[  642.514753][T13561]  ? ksys_write+0x1ac/0x250
[  642.514795][T13561]  do_syscall_64+0xcd/0x490
[  642.514835][T13561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  642.514859][T13561] RIP: 0033:0x7f99a8f8ebe9
[  642.514878][T13561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  642.514901][T13561] RSP: 002b:00007f99a71f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  642.514923][T13561] RAX: ffffffffffffffda RBX: 00007f99a91c6090 RCX: 00007f99a8f8ebe9
[  642.514939][T13561] RDX: 0000000000040001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  642.514953][T13561] RBP: 00007f99a71f6090 R08: 0000000000000000 R09: 0000000000000000
[  642.514968][T13561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  642.514981][T13561] R13: 00007f99a91c6128 R14: 00007f99a91c6090 R15: 00007ffe30540c08
[  642.515011][T13561]  </TASK>
[  642.783829][T13561] ERROR: Out of memory at tomoyo_realpath_from_path.
[  643.802171][T13597] [U] 
[  644.723934][T13582] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1323'.
[  645.062198][T13629] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  645.443974][T13629] netlink: 'syz.0.1328': attribute type 1 has an invalid length.
[  646.363125][T13663] FAULT_INJECTION: forcing a failure.
[  646.363125][T13663] name failslab, interval 1, probability 0, space 0, times 0
[  646.530152][T13663] CPU: 0 UID: 0 PID: 13663 Comm: syz.3.1332 Not tainted syzkaller #0 PREEMPT(full) 
[  646.530185][T13663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  646.530199][T13663] Call Trace:
[  646.530207][T13663]  <TASK>
[  646.530216][T13663]  dump_stack_lvl+0x16c/0x1f0
[  646.530257][T13663]  should_fail_ex+0x512/0x640
[  646.530297][T13663]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  646.530325][T13663]  should_failslab+0xc2/0x120
[  646.530357][T13663]  __kmalloc_cache_noprof+0x6a/0x3e0
[  646.530381][T13663]  ? bpf_lsm_capable+0x9/0x10
[  646.530403][T13663]  ? evm_write_xattrs+0x1ab/0x8d0
[  646.530437][T13663]  evm_write_xattrs+0x1ab/0x8d0
[  646.530469][T13663]  ? __pfx_evm_write_xattrs+0x10/0x10
[  646.530515][T13663]  ? __pfx_evm_write_xattrs+0x10/0x10
[  646.530544][T13663]  vfs_write+0x2a0/0x11d0
[  646.530576][T13663]  ? __pfx___mutex_lock+0x10/0x10
[  646.530613][T13663]  ? __pfx_vfs_write+0x10/0x10
[  646.530648][T13663]  ? __fget_files+0x20e/0x3c0
[  646.530682][T13663]  ksys_write+0x12a/0x250
[  646.530708][T13663]  ? __pfx_ksys_write+0x10/0x10
[  646.530744][T13663]  do_syscall_64+0xcd/0x490
[  646.530783][T13663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  646.530807][T13663] RIP: 0033:0x7f0875f8ebe9
[  646.530825][T13663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  646.530848][T13663] RSP: 002b:00007f08741f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  646.530870][T13663] RAX: ffffffffffffffda RBX: 00007f08761c5fa0 RCX: 00007f0875f8ebe9
[  646.530886][T13663] RDX: 000000000000001a RSI: 0000000000000000 RDI: 0000000000000007
[  646.530900][T13663] RBP: 00007f0876011e19 R08: 0000000000000000 R09: 0000000000000000
[  646.530914][T13663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  646.530928][T13663] R13: 00007f08761c6038 R14: 00007f08761c5fa0 R15: 00007ffd6e0d8288
[  646.530958][T13663]  </TASK>
[  646.819606][   T31] audit: type=1806 audit(4294967372.219:10):  res=-12
[  646.890565][T13675] __vm_enough_memory: pid: 13675, comm: syz.4.1333, bytes: 4398046511104 not enough memory for the allocation
[  646.960093][   T31] audit: type=1806 audit(4294967372.792:11): xattr="" res=-22
[  647.624874][ T5185] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  647.663911][ T5185] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  647.685450][ T5185] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  647.749434][ T5185] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  647.767940][ T5185] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  647.876813][T13700] FAULT_INJECTION: forcing a failure.
[  647.876813][T13700] name fail_futex, interval 1, probability 0, space 0, times 0
[  647.946155][T13700] CPU: 0 UID: 0 PID: 13700 Comm: syz.3.1337 Not tainted syzkaller #0 PREEMPT(full) 
[  647.946189][T13700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  647.946204][T13700] Call Trace:
[  647.946212][T13700]  <TASK>
[  647.946221][T13700]  dump_stack_lvl+0x16c/0x1f0
[  647.946263][T13700]  should_fail_ex+0x512/0x640
[  647.946301][T13700]  ? unwind_get_return_address+0x59/0xa0
[  647.946329][T13700]  get_futex_key+0x1d0/0x1560
[  647.946363][T13700]  ? __pfx_get_futex_key+0x10/0x10
[  647.946392][T13700]  ? stack_trace_save+0x8e/0xc0
[  647.946418][T13700]  ? __pfx_stack_trace_save+0x10/0x10
[  647.946451][T13700]  futex_wait_setup+0x9d/0x550
[  647.946496][T13700]  __futex_wait+0x194/0x2f0
[  647.946534][T13700]  ? __pfx___futex_wait+0x10/0x10
[  647.946576][T13700]  ? __pfx_futex_wake_mark+0x10/0x10
[  647.946618][T13700]  ? futex_private_hash_put+0x176/0x300
[  647.946650][T13700]  ? futex_private_hash_put+0x18a/0x300
[  647.946681][T13700]  futex_wait+0xe8/0x380
[  647.946718][T13700]  ? __pfx_futex_wait+0x10/0x10
[  647.946760][T13700]  ? kmem_cache_free+0x2d1/0x4d0
[  647.946787][T13700]  ? fd_install+0x225/0x750
[  647.946810][T13700]  ? putname+0x154/0x1a0
[  647.946848][T13700]  do_futex+0x229/0x350
[  647.946887][T13700]  ? __pfx_do_futex+0x10/0x10
[  647.946921][T13700]  ? find_held_lock+0x2b/0x80
[  647.946949][T13700]  __x64_sys_futex+0x1e0/0x4c0
[  647.946984][T13700]  ? __x64_sys_openat+0x174/0x210
[  647.947023][T13700]  ? __pfx___x64_sys_futex+0x10/0x10
[  647.947055][T13700]  ? xfd_validate_state+0x61/0x180
[  647.947100][T13700]  do_syscall_64+0xcd/0x490
[  647.947140][T13700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  647.947165][T13700] RIP: 0033:0x7f0875f8ebe9
[  647.947183][T13700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  647.947207][T13700] RSP: 002b:00007f08741d50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  647.947230][T13700] RAX: ffffffffffffffda RBX: 00007f08761c6098 RCX: 00007f0875f8ebe9
[  647.947246][T13700] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f08761c6098
[  647.947260][T13700] RBP: 00007f08761c6090 R08: 0000000000000000 R09: 0000000000000000
[  647.947274][T13700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  647.947288][T13700] R13: 00007f08761c6128 R14: 00007ffd6e0d81a0 R15: 00007ffd6e0d8288
[  647.947318][T13700]  </TASK>
[  649.647216][ T3176] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  649.765358][T13689] chnl_net:caif_netlink_parms(): no params data found
[  649.842156][ T5185] Bluetooth: hci1: command tx timeout
[  649.861544][T13838] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1340'.
[  649.873327][ T3176] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  649.918542][T13839] Invalid ELF header magic: != ELF
[  649.997572][T13839] Invalid ELF header magic: != ELF
[  650.015538][ T3176] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  650.047715][T13839] Invalid ELF header magic: != ELF
[  650.134326][T13839] Invalid ELF header magic: != ELF
[  650.205697][T13839] Invalid ELF header magic: != ELF
[  650.274612][T13839] Invalid ELF header magic: != ELF
[  650.368334][T13839] Invalid ELF header magic: != ELF
[  650.412060][T13839] Invalid ELF header magic: != ELF
[  650.466769][T13839] Invalid ELF header magic: != ELF
[  650.610194][ T3176] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  651.002891][T13913] FAULT_INJECTION: forcing a failure.
[  651.002891][T13913] name failslab, interval 1, probability 0, space 0, times 0
[  651.065008][T13689] bridge0: port 1(bridge_slave_0) entered blocking state
[  651.086125][T13913] CPU: 0 UID: 0 PID: 13913 Comm: syz.4.1342 Not tainted syzkaller #0 PREEMPT(full) 
[  651.086159][T13913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  651.086174][T13913] Call Trace:
[  651.086182][T13913]  <TASK>
[  651.086191][T13913]  dump_stack_lvl+0x16c/0x1f0
[  651.086232][T13913]  should_fail_ex+0x512/0x640
[  651.086271][T13913]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  651.086302][T13913]  should_failslab+0xc2/0x120
[  651.086335][T13913]  __kmalloc_cache_noprof+0x6a/0x3e0
[  651.086360][T13913]  ? tracing_open+0x328/0xdf0
[  651.086391][T13913]  tracing_open+0x328/0xdf0
[  651.086422][T13913]  do_dentry_open+0x982/0x1530
[  651.086453][T13913]  ? __pfx_tracing_open+0x10/0x10
[  651.086484][T13913]  vfs_open+0x82/0x3f0
[  651.086525][T13913]  path_openat+0x1de4/0x2cb0
[  651.086563][T13913]  ? __pfx_path_openat+0x10/0x10
[  651.086605][T13913]  do_filp_open+0x20b/0x470
[  651.086634][T13913]  ? __pfx_do_filp_open+0x10/0x10
[  651.086685][T13913]  ? alloc_fd+0x471/0x7d0
[  651.086718][T13913]  do_sys_openat2+0x11b/0x1d0
[  651.086757][T13913]  ? __pfx_do_sys_openat2+0x10/0x10
[  651.086806][T13913]  __x64_sys_openat+0x174/0x210
[  651.086845][T13913]  ? __pfx___x64_sys_openat+0x10/0x10
[  651.086895][T13913]  do_syscall_64+0xcd/0x490
[  651.086936][T13913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  651.086961][T13913] RIP: 0033:0x7f99a8f8ebe9
[  651.086979][T13913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  651.087003][T13913] RSP: 002b:00007f99a9d32038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  651.087025][T13913] RAX: ffffffffffffffda RBX: 00007f99a91c5fa0 RCX: 00007f99a8f8ebe9
[  651.087041][T13913] RDX: 0000000000020c00 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  651.087056][T13913] RBP: 00007f99a9011e19 R08: 0000000000000000 R09: 0000000000000000
[  651.087071][T13913] R10: 000000000000ffeb R11: 0000000000000246 R12: 0000000000000000
[  651.087086][T13913] R13: 00007f99a91c6038 R14: 00007f99a91c5fa0 R15: 00007ffe30540c08
[  651.087115][T13913]  </TASK>
[  651.308375][T13689] bridge0: port 1(bridge_slave_0) entered disabled state
[  651.315732][T13689] bridge_slave_0: entered allmulticast mode
[  651.323116][T13689] bridge_slave_0: entered promiscuous mode
[  651.626298][T13689] bridge0: port 2(bridge_slave_1) entered blocking state
[  651.688636][T13689] bridge0: port 2(bridge_slave_1) entered disabled state
[  651.725551][T13689] bridge_slave_1: entered allmulticast mode
[  651.744965][T13689] bridge_slave_1: entered promiscuous mode
[  651.920888][ T5185] Bluetooth: hci1: command tx timeout
[  652.161235][T13689] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  652.195974][T13689] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  652.567232][T13689] team0: Port device team_slave_0 added
[  652.605497][T13689] team0: Port device team_slave_1 added
[  652.634324][ T3176] bridge_slave_1: left allmulticast mode
[  652.682785][ T3176] bridge_slave_1: left promiscuous mode
[  652.719886][ T3176] bridge0: port 2(bridge_slave_1) entered disabled state
[  652.837789][ T3176] bridge_slave_0: left allmulticast mode
[  652.870707][ T3176] bridge_slave_0: left promiscuous mode
[  652.899355][ T3176] bridge0: port 1(bridge_slave_0) entered disabled state
[  653.482055][T14067] ubi: mtd0 is already attached to ubi0
[  653.983390][ T5185] Bluetooth: hci1: command tx timeout
[  654.527411][T14075] ubi: mtd0 is already attached to ubi0
[  654.636519][ T5185] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5
[  654.740423][ T3176] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  654.816755][ T3176] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  654.866890][ T3176] bond0 (unregistering): Released all slaves
[  655.075679][ T3176] ovs_ÿþ: left promiscuous mode
[  655.213072][T13689] batman_adv: batadv0: Adding interface: batadv_slave_0
[  655.250887][T13689] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  655.371686][T13689] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  655.423249][ T3176] tipc: Left network mode
[  655.443111][T13689] batman_adv: batadv0: Adding interface: batadv_slave_1
[  655.490068][T13689] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  655.516099][    C0] vkms_vblank_simulate: vblank timer overrun
[  655.629110][T13689] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  656.049938][ T5185] Bluetooth: hci1: command tx timeout
[  656.283113][T13689] hsr_slave_0: entered promiscuous mode
[  656.346388][T13689] hsr_slave_1: entered promiscuous mode
[  656.390210][T13689] debugfs: 'hsr0' already exists in 'hsr'
[  656.422882][T13689] Cannot create hsr debugfs directory
[  657.500652][T14182] zswap: compressor @ not available
[  661.271307][T14376] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  661.328423][T14376] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  661.386390][T14376] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  661.454580][T14376] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  661.468215][T14376] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  661.637410][T14376] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  661.910315][T13689] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  662.265336][T13689] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  662.303117][T14440] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1362'.
[  662.335181][T13689] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  662.503147][T13689] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  662.768032][ T3176] hsr_slave_0: left promiscuous mode
[  662.821530][ T3176] hsr_slave_1: left promiscuous mode
[  662.853742][ T3176] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  662.909561][ T3176] batman_adv: batadv0: Removing interface: batadv_slave_0
[  662.940359][ T3176] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  662.979421][ T3176] batman_adv: batadv0: Removing interface: batadv_slave_1
[  663.079650][ T3176] veth1_macvtap: left promiscuous mode
[  663.105189][ T3176] veth0_macvtap: left promiscuous mode
[  663.142001][ T3176] veth1_vlan: left promiscuous mode
[  663.170314][ T3176] veth0_vlan: left promiscuous mode
[  663.295719][ T5185] Bluetooth: hci0: command 0x0c1a tx timeout
[  663.371676][ T5185] Bluetooth: hci2: command 0x0c1a tx timeout
[  663.452123][ T5185] Bluetooth: hci3: command 0x0406 tx timeout
[  663.531198][ T5185] Bluetooth: hci1: command 0x0c1a tx timeout
[  664.730818][ T3176] team0 (unregistering): Port device team_slave_1 removed
[  664.924664][ T3176] team0 (unregistering): Port device team_slave_0 removed
[  665.601998][ T5185] Bluetooth: hci1: command 0x0c1a tx timeout
[  666.647069][T13689] 8021q: adding VLAN 0 to HW filter on device bond0
[  667.089803][T13689] 8021q: adding VLAN 0 to HW filter on device team0
[  667.347307][ T6552] bridge0: port 1(bridge_slave_0) entered blocking state
[  667.354525][ T6552] bridge0: port 1(bridge_slave_0) entered forwarding state
[  667.459853][ T6552] bridge0: port 2(bridge_slave_1) entered blocking state
[  667.467095][ T6552] bridge0: port 2(bridge_slave_1) entered forwarding state
[  667.671155][ T5185] Bluetooth: hci1: command 0x0c1a tx timeout
[  668.350888][T13689] 8021q: adding VLAN 0 to HW filter on device batadv0
[  668.560689][T13689] veth0_vlan: entered promiscuous mode
[  668.609468][T13689] veth1_vlan: entered promiscuous mode
[  668.999870][T13689] veth0_macvtap: entered promiscuous mode
[  669.088946][T13689] veth1_macvtap: entered promiscuous mode
[  669.193545][T13689] batman_adv: batadv0: Interface activated: batadv_slave_0
[  669.254750][T13689] batman_adv: batadv0: Interface activated: batadv_slave_1
[  669.363797][ T6552] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  669.408343][ T6552] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  669.477160][ T6552] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  669.512761][T14552] netlink: 54 bytes leftover after parsing attributes in process `syz.0.1367'.
[  669.533040][ T6552] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  670.377597][T14551] ima: policy update failed
[  670.383289][   T31] audit: type=1802 audit(4294967396.364:12): pid=14551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1367" res=0 errno=0
[  671.793939][T14609] =======================================================
[  671.793939][T14609] WARNING: The mand mount option has been deprecated and
[  671.793939][T14609]          and is ignored by this kernel. Remove the mand
[  671.793939][T14609]          option from the mount to silence this warning.
[  671.793939][T14609] =======================================================
[  672.060357][ T6559] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  672.129365][ T6559] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  672.966009][ T6559] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  673.038710][ T6559] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  673.387225][T14650] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1331'.
[  675.048363][T14687] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input85
[  675.908188][T14702] binder: 14701:14702 ioctl c018620c 200000000100 returned -22
[  679.279883][T14743] ptrace attach of "./syz-executor exec"[13689] was attempted by "./syz-executor exec"[14743]
[  679.343239][T14743] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  679.787794][T14741] FAULT_INJECTION: forcing a failure.
[  679.787794][T14741] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  680.055141][T14741] CPU: 0 UID: 0 PID: 14741 Comm: syz.4.1381 Not tainted syzkaller #0 PREEMPT(full) 
[  680.055175][T14741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  680.055190][T14741] Call Trace:
[  680.055198][T14741]  <TASK>
[  680.055207][T14741]  dump_stack_lvl+0x16c/0x1f0
[  680.055248][T14741]  should_fail_ex+0x512/0x640
[  680.055290][T14741]  _copy_from_user+0x2e/0xd0
[  680.055316][T14741]  __tun_chr_ioctl+0x1de/0x48b0
[  680.055343][T14741]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  680.055386][T14741]  ? __pfx___tun_chr_ioctl+0x10/0x10
[  680.055416][T14741]  ? hook_file_ioctl_common+0x145/0x410
[  680.055455][T14741]  ? __fget_files+0x20e/0x3c0
[  680.055485][T14741]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  680.055513][T14741]  __x64_sys_ioctl+0x18e/0x210
[  680.055552][T14741]  do_syscall_64+0xcd/0x490
[  680.055592][T14741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  680.055617][T14741] RIP: 0033:0x7f99a8f8ebe9
[  680.055634][T14741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  680.055658][T14741] RSP: 002b:00007f99a9d32038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  680.055680][T14741] RAX: ffffffffffffffda RBX: 00007f99a91c5fa0 RCX: 00007f99a8f8ebe9
[  680.055696][T14741] RDX: 0000000000000038 RSI: 00000000400454ca RDI: 0000000000000003
[  680.055710][T14741] RBP: 00007f99a9011e19 R08: 0000000000000000 R09: 0000000000000000
[  680.055725][T14741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  680.055739][T14741] R13: 00007f99a91c6038 R14: 00007f99a91c5fa0 R15: 00007ffe30540c08
[  680.055768][T14741]  </TASK>
[  680.225190][    C0] vkms_vblank_simulate: vblank timer overrun
[  680.239414][T14779] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input86
[  680.306416][T14775] mkiss: ax0: crc mode is auto.
[  681.122498][T14777] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input87
[  684.037866][T14879] ubi: mtd0 is already attached to ubi0
[  687.541784][T14951] ==================================================================
[  687.541802][T14951] BUG: KASAN: vmalloc-out-of-bounds in sys_fillrect+0x15d4/0x17b0
[  687.541837][T14951] Write of size 8 at addr ffffc90003799000 by task syz.1.1405/14951
[  687.541857][T14951] 
[  687.541867][T14951] CPU: 0 UID: 0 PID: 14951 Comm: syz.1.1405 Not tainted syzkaller #0 PREEMPT(full) 
[  687.541893][T14951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  687.541907][T14951] Call Trace:
[  687.541915][T14951]  <TASK>
[  687.541925][T14951]  dump_stack_lvl+0x116/0x1f0
[  687.541961][T14951]  print_report+0xcd/0x630
[  687.541992][T14951]  ? __virt_addr_valid+0x81/0x610
[  687.542024][T14951]  ? sys_fillrect+0x15d4/0x17b0
[  687.542049][T14951]  kasan_report+0xe0/0x110
[  687.542079][T14951]  ? sys_fillrect+0x15d4/0x17b0
[  687.542108][T14951]  sys_fillrect+0x15d4/0x17b0
[  687.542137][T14951]  ? __pfx_sys_fillrect+0x10/0x10
[  687.542164][T14951]  ? __pfx_bit_putcs+0x10/0x10
[  687.542212][T14951]  drm_fbdev_shmem_defio_fillrect+0x22/0x140
[  687.542250][T14951]  bit_clear+0x17d/0x220
[  687.542304][T14951]  ? __pfx_bit_clear+0x10/0x10
[  687.542341][T14951]  ? __pfx___might_resched+0x10/0x10
[  687.542364][T14951]  ? fb_get_color_depth+0x120/0x250
[  687.542397][T14951]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  687.542436][T14951]  ? __pfx_bit_clear+0x10/0x10
[  687.542471][T14951]  __fbcon_clear+0x603/0x780
[  687.542508][T14951]  fbcon_scroll+0x48b/0x690
[  687.542543][T14951]  con_scroll+0x45c/0x690
[  687.542581][T14951]  do_con_write+0x5560/0x8280
[  687.542619][T14951]  ? srcu_gp_start_if_needed+0xb70/0xe70
[  687.542663][T14951]  ? __pfx___mutex_lock+0x10/0x10
[  687.542700][T14951]  ? __pfx_do_con_write+0x10/0x10
[  687.542744][T14951]  con_write+0x23/0xb0
[  687.542780][T14951]  n_tty_write+0x41c/0x11e0
[  687.542812][T14951]  ? __pfx_n_tty_write+0x10/0x10
[  687.542836][T14951]  ? rcu_is_watching+0x12/0xc0
[  687.542860][T14951]  ? __pfx_woken_wake_function+0x10/0x10
[  687.542899][T14951]  ? kfree+0x24f/0x4d0
[  687.542919][T14951]  ? file_tty_write.constprop.0+0x6ef/0x9b0
[  687.542957][T14951]  ? __pfx_n_tty_write+0x10/0x10
[  687.542984][T14951]  file_tty_write.constprop.0+0x504/0x9b0
[  687.543025][T14951]  redirected_tty_write+0xd4/0x150
[  687.543062][T14951]  vfs_write+0x7d0/0x11d0
[  687.543089][T14951]  ? __pfx_redirected_tty_write+0x10/0x10
[  687.543128][T14951]  ? __pfx_vfs_write+0x10/0x10
[  687.543153][T14951]  ? find_held_lock+0x2b/0x80
[  687.543186][T14951]  ksys_write+0x12a/0x250
[  687.543219][T14951]  ? __pfx_ksys_write+0x10/0x10
[  687.543251][T14951]  do_syscall_64+0xcd/0x490
[  687.543289][T14951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  687.543314][T14951] RIP: 0033:0x7f8e5d58ebe9
[  687.543332][T14951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  687.543357][T14951] RSP: 002b:00007f8e5e3d8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  687.543380][T14951] RAX: ffffffffffffffda RBX: 00007f8e5d7c5fa0 RCX: 00007f8e5d58ebe9
[  687.543397][T14951] RDX: 0000000000000024 RSI: 0000200000000440 RDI: 0000000000000007
[  687.543412][T14951] RBP: 00007f8e5d611e19 R08: 0000000000000000 R09: 0000000000000000
[  687.543427][T14951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  687.543442][T14951] R13: 00007f8e5d7c6038 R14: 00007f8e5d7c5fa0 R15: 00007fff5172a7a8
[  687.543465][T14951]  </TASK>
[  687.543473][T14951] 
[  687.543479][T14951] The buggy address belongs to a vmalloc virtual mapping
[  687.543496][T14951] Memory state around the buggy address:
[  687.543509][T14951]  ffffc90003798f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  687.543526][T14951]  ffffc90003798f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  687.543544][T14951] >ffffc90003799000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  687.543557][T14951]                    ^
[  687.543569][T14951]  ffffc90003799080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  687.543586][T14951]  ffffc90003799100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  687.543599][T14951] ==================================================================
[  687.543613][T14951] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  687.543628][T14951] CPU: 0 UID: 0 PID: 14951 Comm: syz.1.1405 Not tainted syzkaller #0 PREEMPT(full) 
[  687.543656][T14951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  687.543670][T14951] Call Trace:
[  687.543678][T14951]  <TASK>
[  687.543686][T14951]  dump_stack_lvl+0x3d/0x1f0
[  687.543723][T14951]  vpanic+0x6e8/0x7a0
[  687.543757][T14951]  ? __pfx_vpanic+0x10/0x10
[  687.543791][T14951]  ? __pfx_vprintk_emit+0x10/0x10
[  687.543818][T14951]  ? sys_fillrect+0x15d4/0x17b0
[  687.543843][T14951]  panic+0xca/0xd0
[  687.543876][T14951]  ? __pfx_panic+0x10/0x10
[  687.543916][T14951]  check_panic_on_warn+0xab/0xb0
[  687.543953][T14951]  end_report+0x107/0x170
[  687.543983][T14951]  kasan_report+0xee/0x110
[  687.544014][T14951]  ? sys_fillrect+0x15d4/0x17b0
[  687.544044][T14951]  sys_fillrect+0x15d4/0x17b0
[  687.544073][T14951]  ? __pfx_sys_fillrect+0x10/0x10
[  687.544102][T14951]  ? __pfx_bit_putcs+0x10/0x10
[  687.544141][T14951]  drm_fbdev_shmem_defio_fillrect+0x22/0x140
[  687.544179][T14951]  bit_clear+0x17d/0x220
[  687.544222][T14951]  ? __pfx_bit_clear+0x10/0x10
[  687.544259][T14951]  ? __pfx___might_resched+0x10/0x10
[  687.544282][T14951]  ? fb_get_color_depth+0x120/0x250
[  687.544315][T14951]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  687.544354][T14951]  ? __pfx_bit_clear+0x10/0x10
[  687.544390][T14951]  __fbcon_clear+0x603/0x780
[  687.544427][T14951]  fbcon_scroll+0x48b/0x690
[  687.544462][T14951]  con_scroll+0x45c/0x690
[  687.544499][T14951]  do_con_write+0x5560/0x8280
[  687.544537][T14951]  ? srcu_gp_start_if_needed+0xb70/0xe70
[  687.544581][T14951]  ? __pfx___mutex_lock+0x10/0x10
[  687.544618][T14951]  ? __pfx_do_con_write+0x10/0x10
[  687.544663][T14951]  con_write+0x23/0xb0
[  687.544699][T14951]  n_tty_write+0x41c/0x11e0
[  687.544731][T14951]  ? __pfx_n_tty_write+0x10/0x10
[  687.544756][T14951]  ? rcu_is_watching+0x12/0xc0
[  687.544780][T14951]  ? __pfx_woken_wake_function+0x10/0x10
[  687.544822][T14951]  ? kfree+0x24f/0x4d0
[  687.544842][T14951]  ? file_tty_write.constprop.0+0x6ef/0x9b0
[  687.544881][T14951]  ? __pfx_n_tty_write+0x10/0x10
[  687.544907][T14951]  file_tty_write.constprop.0+0x504/0x9b0
[  687.544949][T14951]  redirected_tty_write+0xd4/0x150
[  687.544986][T14951]  vfs_write+0x7d0/0x11d0
[  687.545013][T14951]  ? __pfx_redirected_tty_write+0x10/0x10
[  687.545052][T14951]  ? __pfx_vfs_write+0x10/0x10
[  687.545078][T14951]  ? find_held_lock+0x2b/0x80
[  687.545110][T14951]  ksys_write+0x12a/0x250
[  687.545137][T14951]  ? __pfx_ksys_write+0x10/0x10
[  687.545169][T14951]  do_syscall_64+0xcd/0x490
[  687.545220][T14951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  687.545245][T14951] RIP: 0033:0x7f8e5d58ebe9
[  687.545262][T14951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  687.545285][T14951] RSP: 002b:00007f8e5e3d8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  687.545307][T14951] RAX: ffffffffffffffda RBX: 00007f8e5d7c5fa0 RCX: 00007f8e5d58ebe9
[  687.545324][T14951] RDX: 0000000000000024 RSI: 0000200000000440 RDI: 0000000000000007
[  687.545339][T14951] RBP: 00007f8e5d611e19 R08: 0000000000000000 R09: 0000000000000000
[  687.545354][T14951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  687.545369][T14951] R13: 00007f8e5d7c6038 R14: 00007f8e5d7c5fa0 R15: 00007fff5172a7a8
[  687.545392][T14951]  </TASK>
[  687.545466][T14951] Kernel Offset: disabled