last executing test programs:

3m41.07355929s ago: executing program 1 (id=1022):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x408802, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rpc/nfs4.idtoname/content\x00', 0x181b80, 0x0)
read$auto(r1, &(0x7f0000000440)='2\x06J Nwe0\xbd\"\x8f\xe5h_b\xde\x19\xa5\x0e\xfa\xe0\xcb\xb7\xaceW\x1a\x1f\xae\xd8\xfe\x01Y\xd6\xba\xde3\xc7\xf8\x91\xda\xf6_%\xf30\xdc\x97<\xf3A\xa7\xb4\x8dj\xbd\x02\xb1}{e\xf64\xecC\x83,\xecp7j\xf8<\xc8x\xd4\xb0\x1d\b\xb08\x01\x9e\x9et\x8aa\xe1\re\xcf\x8e\x02\xeeW\xf0z\vk\x02_\xdb\x15f8>;zM\xa95\x16\xe9l\xf5\xaa\xaa\x03\x18p\x0e\xde$\xc3\xa9\xac\xc7\x98\x05<\xef\xcd@z\fx}F\x93\xe1\xbd\xb3s\x80\xc1e\xe9T1\xbf\xc8_^\a\x03\xad\ni\n~-u)\x88\x97\xed\xa7\x9b\x0f\xef\x99\x13\xdc<\xd1{\br\xd6[\xd3\xa9-(KH\b\xdfJ\xdek\xef\xc9\xd7\n\x83m\x86\xf2\a\x8d\x19\xe0\\\xf0lg?\x98\xc8\x8e\xbd2?C\xa5\x8a\xe3\xc6\xd7\x00\x14n\xb8<\xab\x96\x8d\xa1\xf4\x87\xe5\a:z\xea\xcc\xa1\x8d\xae8\x12\xa6\xb9\xd99\xaa\xc5\x10\xad\xdd\x89\xddC\xf5\xd2Q\x92\xcd\xcc\x9f\x1a\xdbR\xeeL:\x87\xb3\xb0\x84\x1bR\xf2\xe2/\xa3\x0e\x90\x98\x8c\xc0\xa4\xda+U\b\x88\xa7\x88\x1fC\xbb\xa8\xce\x0f\xd5\xdew\x99\x18G.s\x16\xfa\xf2\x96|\x1e]\xe5\xf8\xb1\x8b.}\x841\xd8\x98\xd8f86h\xab\x94\x7f\xc4<\x03\xdd\x86=\xb6\x1e@\xab6\x81\xce\xaa\xcf\xfd\x947\xc3\x86\xfe\xb7O\xd9\xa9\xb6[\xcc\xd8\xe1\xa9\x84[\xe0\xd4\x03\x90@\x03\xbe\xba\xee\xed\xe9\xb1\xd2\xf1\x8cgn\xb7m/\xf1\"\xc2\xeb\x1d\x04\xf3\xf1\x96\xf2\x00C\xf0wg\xd6\x11\x18\xb5o\x9d\xd7`\xce\x81\x9b1b\x8ce\x99*\xa3\xd2\x8dAw\xd9\xa6l\\\x17\xbb\xf6\xe2\xa2<\n\xc0\f:\x97\xff\xc6y\x05<\xa6\x81\xd92\xc9\x9e\f[\xf9\xfc\xf1ih\"J\x92\xd2\xd4\xc2\xe8\x89 \x81\xbf8C\xa9\x1at\xa1\xdc\x94\xc5\xc8K\xbb\x14h\xa9)\xaa\xf2\xda\xaf\xb1\rs\xe6\x97\x1e\xcc6\x94\xff\x1b\x8e\x98\xf7\xa0', 0x67b)
socket(0x1e, 0x6, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9)
setsockopt$auto(0xffffffffffffffff, 0x9, 0x69ce, &(0x7f0000000040)='(%}[\x00', 0x3)
r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_LINK_GET(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000051c0)={&(0x7f0000000440)={0x1c, r3, 0x301, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_LINK={0x8, 0x4, 0x0, 0x1, [@nested={0x4, 0x1}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000055}, 0x4)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/tty/ptyqe/power/control\x00', 0xa0b02, 0x0)
r5 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/security/tomoyo/profile\x00', 0x48802, 0x0)
read$auto(r5, 0x0, 0xb4d3)
write$auto(0x3, 0x0, 0x70)
write$auto(0x3, 0x0, 0xfdef)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0x2, 0x8000)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
mremap$auto(0x4000, 0xba, 0x13fd4, 0x3, 0xfffff000)
ioctl$auto(0xc8, 0x800454da, 0x5)

3m35.609052964s ago: executing program 1 (id=1037):
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec4\x00', 0x101901, 0x0)
mmap$auto(0x0, 0xfff, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = epoll_create$auto(0x4)
mprotect$auto(0x200000000000, 0x806121, 0x8)
landlock_create_ruleset$auto(&(0x7f0000000040)={0x4, 0x0, 0xfffffffffffffffb}, 0x7ff, 0x0)
epoll_ctl$auto(r1, 0x1, r0, 0x0)

3m35.380998632s ago: executing program 1 (id=1038):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/devices/uprobe/format/ref_ctr_offset\x00', 0x700, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/dummy_hcd.2/usb3/authorized\x00', 0x40601, 0x0)
write$auto(r1, &(0x7f00000002c0)='1\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0xd4d0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/4096, 0x1000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/devices/uprobe/format/ref_ctr_offset\x00', 0x700, 0x0) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/dummy_hcd.2/usb3/authorized\x00', 0x40601, 0x0) (async)
write$auto(r1, &(0x7f00000002c0)='1\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0xd4d0) (async)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/4096, 0x1000) (async)

3m34.842914078s ago: executing program 1 (id=1040):
openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci1/hci1:201\x00', 0x482c0, 0x0) (async)
openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci1/hci1:201\x00', 0x482c0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/lapb0/napi_defer_hard_irqs\x00', 0x8a401, 0x0) (async)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/lapb0/napi_defer_hard_irqs\x00', 0x8a401, 0x0)
write$auto(r0, &(0x7f0000000080)='+\x00\\\xa0\xe2\xff\xaa8nr\xec\x13Dy\xe9\xd2-\xec\xb7F\x92\x05\x1e\xfa\x1c\x80\xc2);\x11\xfemdV\x9cc\x8e\x88A\xb7(\xcc\x04\xff;k\xa5\x1b=yYp4-\x89\x189\xba<\x83\xee\xc4&-\x81\xa8\x98\xaf\xaac\x06g\x84\x9e\x9f\x00\x00\x00\x00\xfed\xfdvT,', 0x81) (async)
write$auto(r0, &(0x7f0000000080)='+\x00\\\xa0\xe2\xff\xaa8nr\xec\x13Dy\xe9\xd2-\xec\xb7F\x92\x05\x1e\xfa\x1c\x80\xc2);\x11\xfemdV\x9cc\x8e\x88A\xb7(\xcc\x04\xff;k\xa5\x1b=yYp4-\x89\x189\xba<\x83\xee\xc4&-\x81\xa8\x98\xaf\xaac\x06g\x84\x9e\x9f\x00\x00\x00\x00\xfed\xfdvT,', 0x81)
socket(0x11, 0x2, 0x0)
capset$auto(0x0, &(0x7f0000000000)={0xc, 0x3, 0x4})
r1 = socket(0x10, 0x5, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1c2580, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000200)=""/91, 0x5b)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
getcwd$auto(0x0, 0xffffffffffffffff) (async)
getcwd$auto(0x0, 0xffffffffffffffff)
setsockopt$auto(r1, 0x10000000084, 0x2, 0x0, 0x8)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) (async)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
r3 = socket(0xa, 0x2, 0x3a)
bind$auto(r3, &(0x7f0000000040)=@generic={0x25, "0021000000f7004000"}, 0x66)
ioperm$auto(0x6, 0x18001, 0x80001)
r4 = socketpair$auto(0x5, 0x5, 0x8000000000000000, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
ioctl$auto_USB_RAW_IOCTL_EP0_READ(r4, 0xc0085504, &(0x7f0000000180)={0x1, 0x8, 0x80000001, "21a0fcf0ad551f4f19f430c9a28397a563b8899d7f0fcdb38a0a9a0c997d6c8a466846c99ae42b06d481a64a4c7a5bebf855952783092368a177291c01b17bda69b57e2b7fa3b8721750"}) (async)
ioctl$auto_USB_RAW_IOCTL_EP0_READ(r4, 0xc0085504, &(0x7f0000000180)={0x1, 0x8, 0x80000001, "21a0fcf0ad551f4f19f430c9a28397a563b8899d7f0fcdb38a0a9a0c997d6c8a466846c99ae42b06d481a64a4c7a5bebf855952783092368a177291c01b17bda69b57e2b7fa3b8721750"})
mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
sysfs$auto(0x2, 0x2, 0x0)
fsopen$auto(0x0, 0x1)
fsmount$auto(0x4, 0x0, 0x200003)
madvise$auto(0x0, 0x80000001, 0x8)
mbind$auto(0x4, 0x2491d2, 0x4, 0x0, 0x4, 0x2)
shutdown$auto(0x200000003, 0x2)

3m34.354306848s ago: executing program 1 (id=1041):
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x802, 0x0)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0)
ioctl$auto(0x3, 0xc038563c, 0x38)
socket(0xa, 0x1, 0x100)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1a, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
execve$auto(&(0x7f0000000080)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1fc, 0x7, 0xd, 0x1, 0xc5e1, 0x3, 0x88, 0x3, 0x0, 0x62, 0x8, 0x10, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x7, 0x13)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_MACSEC_CMD_ADD_RXSC(r1, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40b4ff743f26f506}, 0x0)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x60840, 0x0)
ioctl$auto(0x3, 0xc0045520, 0x38)

3m32.893075241s ago: executing program 1 (id=1046):
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
mmap$auto(0x0, 0x2000b, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/arch_status\x00', 0x8200, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
rseq$auto(&(0x7f0000000080)={0x9, 0x8, 0x0, 0x7, 0xffffffff, 0x2}, 0x7ffd, 0xfffffff4, 0x8)
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x121141, 0x0)
ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, 0x0)
mmap$auto(0x400000000000, 0x2000b, 0x0, 0xeb2, 0x401, 0x8000)
socket(0x2, 0x801, 0x106)
sendmsg$auto_NL80211_CMD_STOP_AP(0xffffffffffffffff, 0x0, 0x40)
r1 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
sendmsg$auto_ETHTOOL_MSG_RSS_GET(r1, 0x0, 0x8010)
setsockopt$auto_SO_BUF_LOCK(r1, 0x0, 0x48, &(0x7f00000000c0)='\x00', 0x4)
r2 = syz_genetlink_get_family_id$auto_nfc(0x0, 0xffffffffffffffff)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000380)='/proc/fs/cifs/cifsFYI\x00', 0x88400, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f0000000180)=""/210, 0xd2)
sendmsg$auto_NFC_CMD_STOP_POLL(0xffffffffffffffff, &(0x7f0000002680)={0x0, 0x0, &(0x7f0000002640)={&(0x7f0000001600)={0x14, r2, 0x1, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40008d5}, 0x4010)
r4 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mbind$auto(0x0, 0x900000004, 0x7, 0x0, 0x1, 0x2)
mmap$auto(0x0, 0x40000000000008, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
copy_file_range$auto(r4, 0x0, r4, 0x0, 0x3, 0x2)
io_uring_setup$auto(0x6, 0x0)
read$auto(0x3, 0x0, 0x80)
close_range$auto(0x2, 0x8, 0x0)

3m17.590255293s ago: executing program 32 (id=1046):
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
mmap$auto(0x0, 0x2000b, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/arch_status\x00', 0x8200, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
rseq$auto(&(0x7f0000000080)={0x9, 0x8, 0x0, 0x7, 0xffffffff, 0x2}, 0x7ffd, 0xfffffff4, 0x8)
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x121141, 0x0)
ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, 0x0)
mmap$auto(0x400000000000, 0x2000b, 0x0, 0xeb2, 0x401, 0x8000)
socket(0x2, 0x801, 0x106)
sendmsg$auto_NL80211_CMD_STOP_AP(0xffffffffffffffff, 0x0, 0x40)
r1 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
sendmsg$auto_ETHTOOL_MSG_RSS_GET(r1, 0x0, 0x8010)
setsockopt$auto_SO_BUF_LOCK(r1, 0x0, 0x48, &(0x7f00000000c0)='\x00', 0x4)
r2 = syz_genetlink_get_family_id$auto_nfc(0x0, 0xffffffffffffffff)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000380)='/proc/fs/cifs/cifsFYI\x00', 0x88400, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f0000000180)=""/210, 0xd2)
sendmsg$auto_NFC_CMD_STOP_POLL(0xffffffffffffffff, &(0x7f0000002680)={0x0, 0x0, &(0x7f0000002640)={&(0x7f0000001600)={0x14, r2, 0x1, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40008d5}, 0x4010)
r4 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mbind$auto(0x0, 0x900000004, 0x7, 0x0, 0x1, 0x2)
mmap$auto(0x0, 0x40000000000008, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
copy_file_range$auto(r4, 0x0, r4, 0x0, 0x3, 0x2)
io_uring_setup$auto(0x6, 0x0)
read$auto(0x3, 0x0, 0x80)
close_range$auto(0x2, 0x8, 0x0)

11.328101369s ago: executing program 3 (id=1592):
mmap$auto(0x0, 0xa020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
r0 = socket(0x15, 0x5, 0x0)
sendmsg$auto(r0, 0x0, 0x0) (async)
madvise$auto(0x0, 0x200007, 0x19) (async)
remap_file_pages$auto(0x3, 0x1000, 0x0, 0x3, 0x4)
sethostname$auto(0xfffffffffffffffe, 0x0)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) (async)
io_uring_setup$auto(0x1, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r1, 0xffffffffffdffe00, &(0x7f0000000140)=';') (async)
r2 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, 0x0, 0x40, 0x0)
ioctl$auto(0x3, 0xc0086202, r2)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x15, 0x5, 0x0)
setsockopt$auto(r0, 0x114, 0xa, 0x0, 0x4) (async)
mmap$auto(0x0, 0x40009, 0x6, 0x9b72, 0x7, 0x3) (async, rerun: 64)
listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0x2, 0x2}, 0x0, 0xf4240, 0x1) (rerun: 64)
r3 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000001c0), 0x100, 0x0) (async)
r4 = socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f0000000140), 0x55) (async)
sendto$auto(r4, 0x0, 0x402, 0xacf8, &(0x7f0000000000)=@generic={0xa, "e2e13d0ee94e00"}, 0x1b) (async)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000280)={{0x3, 0x1000, 0x1, 0x1, 0x4}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"}) (async, rerun: 32)
ioctl$auto_SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, 0x0) (async, rerun: 32)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0)
unshare$auto(0x40000080) (async)
write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f0000000e00)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde4727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e28782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee98a7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d5574bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc942cf4e2d69742edeeddb66b1d459fcf6f744b2c40111104ab21fd4e99b4477e25cc5a9af59108c8b2f569d4ba227c754f294fdc1e6b383fd89861a203f4d4ee33814aeb21ee411a0d6918533aa2450b1e35c97ab6f01f", 0xc83)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x48400, 0x0)

10.876941432s ago: executing program 4 (id=1593):
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000)
ioctl$auto_SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x2272, &(0x7f0000000380)="a1a1d138c4c4b7ba26eb4ac17f230f58f3ff36ca208cd70775ddf2ca72ee086c67bff2ea6e3646c074eb784b532c33990bc22f18b013e28ded")
r1 = socket(0x11, 0xa, 0x9)
bind$auto(r1, &(0x7f0000000140), 0x10)
close_range$auto(0x2, 0x8, 0x0)
r2 = open(0x0, 0x261c2, 0x184)
openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0)
readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket(0x15, 0x5, 0x0)
bind$auto(r5, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
move_pages$auto(r4, 0x1002, 0x0, 0x0, 0x0, 0x2)
r6 = getpid()
sendmsg$auto_NL80211_CMD_DEL_TX_TS(r0, &(0x7f0000001a80)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001a40)={&(0x7f0000000640)=ANY=[@ANYBLOB="cc010000e96034176258261d7304a9f13b072a9446b801f7d953b7e1513dd7126c3a8bbefe681005ec9eb48a8c2dff8fd6b83a78d948bebb8dadbfc603aed289d1ab3dc560", @ANYRES16=0x0, @ANYBLOB], 0x1cc}, 0x1, 0x0, 0x0, 0x4000004}, 0x24004000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
fcntl$auto(0x3, 0x804, 0xa553)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
kcmp$auto(r4, r6, 0x7, 0xffffffffffffffff, r3)
waitid$auto_P_PIDFD(0x3, r2, &(0x7f00000001c0)={@siginfo_0_0={0x8, 0x6, 0x80, @_rt={r6, 0x0, @sival_int=0x6}}}, 0x8, &(0x7f0000000240)={{0x23ba, 0x7}, {0x9, 0x5}, 0x6, 0x4000, 0x5, 0x7f, 0x1ff, 0xe, 0x2, 0x6, 0x28, 0xc3, 0x3, 0x6, 0xffffffff, 0x1cd})

10.269098302s ago: executing program 0 (id=1594):
mmap$auto(0x1, 0x400020009, 0xe2, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x7, 0x202000c, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_fastopen_key\x00', 0x8300, 0x0)
read$auto(r0, &(0x7f0000000240)='nl80211\x00', 0x7)
sendmmsg$auto(0x3, 0x0, 0x40, 0x100)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0)
r1 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x3c, 0x65c, 0x1ffde, 0x7, 0x200000003, 0x1, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x9, 0x1000b, 0x80, 0x4, 0x10, 0x7, 0x1ffc, 0x303, 0x0, 0xfffffff7, 0x400300000000000, 0xdb, 0x0, 0x80000000, 0x0, [0x2, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x2, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x2400c080}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x7fc}, 0x7, 0x4008)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x1)
close_range$auto(r1, r0, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x101120, 0x0)
ioctl$auto_TUNSETSNDBUF(r2, 0x400454d4, &(0x7f0000000040)=0x1)
poll$auto(&(0x7f00000001c0)={r2, 0xfffd, 0x1000}, 0x7, 0x4)
socket(0x1d, 0x3, 0x1)
madvise$auto(0x0, 0xffffffffffff0101, 0x15)
clone$auto(0x1, 0x3, 0x0, 0x0, 0x3)
epoll_wait$auto(0xffffffffffffffff, 0x0, 0xe007, 0x1)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x20040000)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000)
setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x3)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000440), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'veth1_to_bond\x00'})

9.703018798s ago: executing program 3 (id=1596):
socket(0x15, 0x5, 0x0)
bpf$auto(0x6, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0xfff, 0x5, 0x10, 0x0)
ioprio_set$auto(0x3, 0x0, 0x4b34)
socket(0x15, 0x5, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_EEE_GET(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000007c0)={0x2c, r1, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@ETHTOOL_A_EEE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x804}, 0x400c850)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
mmap$auto(0x8000000000, 0xc3a, 0xe2, 0x9b72, 0x7, 0x1000)
sysfs$auto(0x2, 0x4d, 0x0)
fsopen$auto(0x0, 0x1)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, 0xffffffffffffffff)
ioctl$auto_KVM_GET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0x2})
clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6)
prctl$auto(0x2, 0x17, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
statmount$auto(0x0, &(0x7f0000000180)={0x407, 0x1, 0x44f, 0x7, 0x1, 0x1007181, 0x8a0d, 0x7, 0x7, 0x7, 0x89, 0x26, 0x4, 0x200000000001, 0xfffffffffffff343, 0xfffffffffffffffa, 0x500000000000000, 0x0, 0x30, 0x0, 0x864, 0xe, 0x22000, 0x9, 0x0, 0x84}, 0x9, 0xd)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)

9.186750325s ago: executing program 0 (id=1599):
r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x0, 0x0)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x240001, 0x0)
r2 = socket(0xa, 0x1, 0x84)
r3 = syz_clone(0x20831400, &(0x7f00000001c0)="dfd68b372a4a5299152dbd70056f2b5c64f1043715f434d4be2fafc448b69c928ac3dd42556b64dcbfd97797b4225d2b129040e993f05eafe7c3d6b97642b3dd25d2050b63c92e41fd835644128a64db1c", 0x51, &(0x7f0000000240), &(0x7f0000000280), &(0x7f00000002c0)="83f7f8ac5f7a98b252712aa0e1f1a9e3ea81683d84fcf1ac04bdeaab32fa32333266a6fcb4e0a5618cb582459d6be12c78897f7be0f471ec1edf465aa2067c0a051afd91c4c810b2e724a4a66a2366c94dd1b30217742f600abf3048df5a05f97f424ce478de7ee0378d2393ae10cee09f0e79a2ab59571e20ffa5818f8474f602902561e7aa776ed611de8cdfdc46e636af0609d0c9a5")
prctl$auto(0x4, 0x4, r3, 0x6, 0x7fffffff)
close_range$auto(0x0, 0x5, 0x0)
timerfd_create$auto(0xfffffffb, 0x4)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/dirtytime_expire_seconds\x00', 0x202, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/tty/tty62/power/control\x00', 0x100, 0x0)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ptrace$auto_PTRACE_OLDSETOPTIONS(0x15, r3, 0x3, 0x100000000)
ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$auto(r2, 0xc040aed4, r4)
ioctl$auto_PPPIOCSMRU(r1, 0x40047452, &(0x7f0000000080)=0x7)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000005c0)={'veth0_to_bridge\x00'})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'bond0\x00'})
bpf$auto(0x0, &(0x7f0000000100)=@link_detach={r1}, 0x96)
ioctl$auto(r0, 0x64c8, r0)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
waitid$auto_P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0xbf2b, &(0x7f0000000440)={{0x1, 0x401}, {0x8000000000000000, 0x4}, 0x2511, 0xfffffffffffffffb, 0x1, 0x3, 0x7, 0x0, 0x4, 0x3, 0x9, 0x7fffffff, 0x80, 0x6072, 0x3, 0x6})
socket(0x1d, 0x80000, 0x0)
open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x9}, 0x3)
r7 = socket(0x11, 0x3, 0x9)
sendmmsg$auto(r7, &(0x7f0000000400)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={0x0, 0x49}, 0x1, 0x0, 0x5, 0x3}, 0x5}, 0x2, 0x100)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x303000, 0x0)

8.597634834s ago: executing program 3 (id=1600):
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/tty/driver/serial\x00', 0x43102, 0x0)
r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2)
syz_genetlink_get_family_id$auto_macsec(0x0, r0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r2, 0x4, 0x8000040006)
socket$nl_generic(0x10, 0x3, 0x10)
ptrace$auto(0xf, r2, 0xfffffffffffffffe, 0x8000000000000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x9, 0x2, 0xb, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyd9\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0)
ioctl$auto(0x3, 0x541b, 0x10000000000402)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x20803, 0x0)
setsockopt$auto(r0, 0x3, 0x8, &(0x7f0000000040)='/dev/dsp1\x00', 0x44)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1cb842, 0x0)
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000140), 0x880, 0x0)
read$auto(0x3, 0x0, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/nbd6/queue/iosched/writes_starved\x00', 0xa001, 0x0)
write$auto(r4, &(0x7f0000000100)='%\x00', 0x38f)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/nbd14/capability\x00', 0x180, 0x0)
sendfile$auto(0x2, 0x3, 0x0, 0xc3e0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0)
r5 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
read$auto(r5, 0x0, 0xb4d3)
write$auto(0x3, 0x0, 0xffd8)

8.419675603s ago: executing program 4 (id=1601):
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x929, 0x44b, 0x7, 0x5, 0x100717e, 0xd1, 0x7, 0x7, 0x7ff, 0xfffffffe, 0x80000001, 0x4, 0x200000000001, 0x384, 0xfffffffffffffffb, 0x8, 0x0, 0x2, 0x0, 0x864, 0xe, 0x22000, 0x200, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, [0x7, 0x800000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc]}, 0xa, 0xd)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
sched_get_priority_min$auto(0x1)
openat$auto_debug_help_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f0000000000), 0x2480, 0x0)
io_uring_register$auto(0x2, 0x16, &(0x7f0000000040), 0x40000001)
r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/usb/drivers/ums-jumpshot/unbind\x00', 0xb80f2394d1b480dc, 0x0)
mknod$auto(&(0x7f00000000c0)='./file0\x00', 0x1001, 0x804)
truncate$auto(&(0x7f0000000140)='./file0\x00', 0x9)
ioctl$auto__ctl_fops_dm_ioctl(r0, 0xfffffff7effffd01, &(0x7f00000001c0))
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x141241, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto_proc_projid_map_operations_base(0xffffffffffffffff, 0x0, 0x0)
mincore$auto(0x1000, 0x4000000, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x100e42, 0x0)
mmap$auto(0x2, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
mmap$auto(0x0, 0x4000000000020009, 0x4000000000df, 0xeb1, 0x6, 0x2)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x37a}, 0x9, 0x0, 0x7, 0x800a505}, 0x2}, 0x4, 0x4008)
open(&(0x7f0000000140)='./file0\x00', 0x60000, 0x140)
execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00')

8.16258102s ago: executing program 0 (id=1602):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r0 = bpf$auto(0x0, 0x0, 0xc)
r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x1, 0x0)
r2 = openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/nbd4/queue/optimal_io_size\x00', 0x40000, 0x0)
read$auto(r0, 0x0, 0x1c)
read$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(r2, 0x0, 0x0)
read$auto(r1, 0x0, 0x1f40)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:00.0/device\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000002980)=""/4075, 0xfeb)
r4 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$auto_VHOST_VSOCK_SET_GUEST_CID(r4, 0x4008af60, &(0x7f0000000100)=0x643)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket(0x10, 0x3, 0x6)
r7 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x50, r7, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x7}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x4}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x40}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x4}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x2000000}]}, 0x50}, 0x1, 0x0, 0x0, 0x4048081}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/pressure/memory\x00', 0x48041, 0x0)
socket(0x2, 0x1, 0x0)
epoll_create$auto(0x4)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
mkdir$auto(&(0x7f0000000080)='./file0\x00', 0x1)
rmdir$auto(&(0x7f0000000280)='./file0\x00')
syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000200), r5)

7.288817468s ago: executing program 4 (id=1604):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
mmap$auto(0x2, 0x400007, 0xe895, 0x16, r0, 0x401)
mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
io_uring_setup$auto(0x406, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
getrandom$auto(0x0, 0x6000000, 0x3)
io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46)
r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0)
fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x7, 0xd, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x7ffc)
r2 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000002", @ANYRES16=r2, @ANYBLOB="000326bd7000ffdbdf2588000000"], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080)
write$auto(0x3, 0x0, 0xfffffdef)
mmap$auto(0x0, 0x70, 0xdf, 0x9b72, 0x2, 0x80000000008000)
setsockopt$auto(0xffffffffffffffff, 0x107, 0x5, 0x0, 0xce24)
connect$auto(0x3, 0x0, 0x55)
openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0xa001, 0x0)
bpf$auto(0x0, 0x0, 0x0)
read$auto(0x3, 0x0, 0x80)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
ioctl$auto_BLKRRPART(0xffffffffffffffff, 0x125f, 0x0)

6.920536172s ago: executing program 3 (id=1605):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x141140, 0x0)
remap_file_pages$auto(0x100000001, 0xe, 0xc7f, 0x6, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0x10006, 0x300000000000)
r1 = socket(0x2, 0x3, 0x6)
r2 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
bpf$auto_BPF_ENABLE_STATS(0x20, &(0x7f0000000180)=@bpf_attr_0={0x3ff, 0x8, 0xffff, 0x7fffffff, 0xc2, r1, 0x7, "3f8850b8c665dabcdf3c01e5fde04738", 0x0, r1, 0x10001, 0x0, 0x1, 0x2, r1, r1}, 0xffffffc0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/kernel/debug/bdi/1:15/wb_stats\x00', 0x40, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51)
socket(0x2, 0x1, 0x0)
socketpair$auto(0x1e, 0x3, 0xfffffffe, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3}, 0x7}, 0x3, 0xcad7)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
write$auto(0x3, 0x0, 0x100085)
read$auto_proc_pid_maps_operations_internal(r0, &(0x7f00000010c0)=""/4082, 0xff2)
openat$auto_trace_time_stamp_mode_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/timestamp_mode\x00', 0x20000, 0x0)

6.875018847s ago: executing program 0 (id=1606):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask_requested\x00', 0x44042, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/downdelay\x00', 0x10b142, 0x0)
sendfile$auto(r0, r0, 0x0, 0x200)
read$auto(0xffffffffffffffff, 0x0, 0x1)
r1 = socket(0xa, 0x2, 0x3a)
r2 = syz_genetlink_get_family_id$auto_net_dm(&(0x7f00000000c0), r1)
sendmsg$auto_NET_DM_CMD_CONFIG(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, r2, 0xb00, 0x70bd29, 0x25dfdbfe, {}, [@NET_DM_ATTR_HW_DROPS={0x4}, @NET_DM_ATTR_SW_DROPS={0x4}, @NET_DM_ATTR_UNSPEC={0x4}, @NET_DM_ATTR_ALERT_MODE={0x5, 0x1, 0x4}, @NET_DM_ATTR_SW_DROPS={0x4}, @NET_DM_ATTR_SW_DROPS={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x4040004)
bind$auto(r1, &(0x7f0000000180)=@can, 0x7)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0xa8)

6.578237599s ago: executing program 2 (id=1607):
mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x1)
socketpair$auto(0x20, 0x5, 0x200000, 0x0)
r0 = socket(0x2, 0x1, 0x100)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/0u\x00', 0x80, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/034/001\x00', 0x88002, 0x0)
mmap$auto(0x0, 0x4020009, 0x2, 0xeb1, r0, 0x8000)
get_robust_list$auto(0x0, 0x0, 0x0)
r1 = io_uring_setup$auto(0x1, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
sendmsg$auto_TIPC_NL_KEY_SET(r1, 0x0, 0x2400c004)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = open(0x0, 0x22240, 0x55)
r4 = socket(0xa, 0x2, 0x3a)
r5 = socket(0x26, 0x80002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x6, 0x0)
timerfd_create$auto(0x8, 0x800)
timerfd_settime$auto(r5, 0x2, 0x0, 0x0)
openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/dri/vkms/Writeback-1/edid_override\x00', 0xc0a82, 0x0)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
setsockopt$auto(r4, 0x2b, 0x18, 0x0, 0x1ff)
r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000140), r3)
sendmsg$auto_NL802154_CMD_SET_CHANNEL(r4, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1ec80bf67143f834c40000", @ANYRES16=r6, @ANYBLOB="000425bd7000fedbdf25090000000500120006000000080027000900000090002b808900a100f21501c2f8faa12944e31462794b0c852c531748806a7b6d2090f7bc96ae7bf9d3b1b66e529530b143dcb01f4bbee1eb280d780b4df564da399a46d303fa5f950d83e3aac8ac6af6010190c4b945ca9e3d498c353e1a3dfc5f6dbda7b5f4ad8936cad1bcfe1c1f9208c4a3053e5e0cd2e8056c542a16b7820b386962c3c1df310d71d72e5e000000"], 0xb4}, 0x1, 0x0, 0x0, 0x20000000}, 0x8040)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0xffffffffffffffff, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10c00}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20054846}, 0x80)

6.263991154s ago: executing program 0 (id=1608):
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x96141, 0x0)
r0 = socket(0x1b, 0x3, 0x76)
madvise$auto(0x0, 0x2000040080000003, 0xe)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r1, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
getsockopt$auto_SO_RCVPRIORITY(0xffffffffffffffff, 0xfffffff9, 0x52, 0x0, &(0x7f0000000240)=0x7)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = socket(0x2, 0x801, 0x106)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$auto(r3, 0x11c, 0x2, 0x0, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xfffd}, 0x3)
r4 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f000000c380)={0x20000000000061, 0x0, 0x100000, 0x8cce, 0x0, 0x2, 0x0, 0x8118, 0x2c, 0x2c, 0xfffffffffffffff5})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), r0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count\x00', 0xc0082, 0x0)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
r5 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x100, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_CHANNEL_INFO2(r5, 0x80184132, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

6.03464504s ago: executing program 4 (id=1609):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x80000000000000a, 0xffffffffffffffff, 0x3, 0x2e)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0)
write$auto_tty_fops_tty_io(r1, &(0x7f00000001c0)="976f09bd689a850edbe36136c8535f593331280bb0b4ba0edd7932ab185cca064833fd9b3e0f81d1b16c3cca5b2611827c2f1ca88b", 0x35)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0xffffffffffffffff, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
modify_ldt$auto(0x2, 0x0, 0x80)
modify_ldt$auto(0x1, 0x0, 0x10)
r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x8040, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x403c6f2b, 0x0)
mmap$auto(0x80000000, 0x2020006, 0x3, 0xfffffffffffffb9b, 0xfffffffffffffffa, 0xffffffffffffffff)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000062c0), 0xffffffffffffffff)
ioctl$auto_AUTOFS_IOC_ASKUMOUNT(0xffffffffffffffff, 0x80049370, &(0x7f0000000000)=0x5)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r3)
sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r3, 0x0, 0x4)
mremap$auto(0x0, 0x100000000, 0x3fd6, 0x3, 0x7fffffffb000)
brk$auto(0x7fffffffafff)

5.786928883s ago: executing program 2 (id=1610):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$auto_OVS_CT_LIMIT_CMD_GET(r0, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f0000004540)={0x40, r1, 0x1, 0x70bd27, 0x25dfdbff, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x28, 0x1, 0x0, 0x1, [@nested={0x24, 0x11c, 0x0, 0x1, [@nested={0x20, 0x90, 0x0, 0x1, [@nested={0x1c, 0x9, 0x0, 0x1, [@nested={0x18, 0xa4, 0x0, 0x1, [@typed={0x14, 0x87, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @broadcast}}]}]}]}]}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0xb00000000000000)

5.347602608s ago: executing program 2 (id=1611):
mmap$auto(0x0, 0x2020009, 0x126, 0xf8, 0xffffffffffffffff, 0x8000)
close_range$auto(0x0, 0x5, 0x0)
r0 = pipe$auto(0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xb, 0xb5, 0x10, 0x4, 0x53000000, 0xffffffffffffffff, 0x9, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x4f4, 0x7}, 0x10)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/028/001\x00', 0xad40, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
open(0x0, 0x40000, 0x0)
r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sg0\x00', 0x0, 0x0)
ioctl$auto_SNDCTL_DSP_RESET(r0, 0x5000, &(0x7f00000000c0)="3191db97518294ceb9cb30e1718abcb8e9bcdef45ea290203f647fe60798654fdef52957e4f401e6384f95701efe4ae8fc93822ede920d7ed8e936abf8aaf5c18016024633c963656445b48a92c506ca977bf4cd55992e22268fa3654f94e175342413023db19f85415c6b717b15bab9a0ec58fb0130167764cd")
ioctl$auto_BLKSECTGET2(r1, 0x1267, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x450501, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x309502, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r3 = io_uring_setup$auto(0x4, 0x0)
close_range$auto(0x2, r3, 0x0)
arch_prctl$auto_ARCH_MAP_VDSO_32(0x2002, 0x3)
mmap$auto(0x0, 0x7000000000, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x0, 0x0)
shutdown$auto(0x200000003, 0x2)
read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
r4 = ioctl$auto_XFS_IOC_OPEN_BY_HANDLE(r3, 0xc038586b, &(0x7f0000000200)={r2, &(0x7f0000000040)="be1378eb", 0x9, &(0x7f0000000080)="ab7e96136cf4b117f316ed6c0a2f0fa4e0b5f6ed893b713880bad3fae169efd0", 0x8, &(0x7f0000000180)="dd1f12de7dbb1f59002cc76a2518", &(0x7f00000001c0)=0x1})
syz_genetlink_get_family_id$auto_nl80211(0x0, r3)
sendmsg$auto_NL80211_CMD_TDLS_OPER(r4, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x4004001)
socket(0x2, 0x80002, 0x73)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0)

5.112477887s ago: executing program 4 (id=1612):
unshare$auto(0x40000080)
unshare$auto(0x3)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/ptp/ptp0/n_external_timestamps\x00', 0x8a684, 0x0)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0))
r3 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
r4 = syz_genetlink_get_family_id$auto_nl80211(0x0, r1)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x8)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendto$auto(0x3, 0x0, 0x100000000, 0x8, 0x0, 0x1c)
sendmsg$auto_NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x4000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0)
r5 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/block/loop12/hctx0/tags\x00', 0x8080, 0x0)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r5, &(0x7f0000000080)=""/229, 0xe5)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), r6)
sendmsg$auto_TIPC_NL_NET_SET(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000003f80)={0x24, r7, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0xa1}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x815}, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x5, 0x54f, 0xa, 0x400, 0x1087181, 0x8a0d, 0x7, 0x7, 0x7ff, 0x89, 0x27, 0x4, 0x200003fffffe, 0x384, 0xffffffeffffffffa, 0x9, 0x4000000, 0x30, 0x0, 0x864, 0xe, 0x22000, 0x200, 0x67aa4df3, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0xb, 0x3)
io_uring_setup$auto(0x3, &(0x7f0000000380)={0x511e3f9f, 0x0, 0x7, 0x8, 0xaf, 0x8, r3, [0x81, 0x3, 0x3818aaa6], {0x3, 0x1a9f, 0x5, 0x1ff, 0x1, 0x1ff, 0x1, 0xfffffffe, 0x2}, {0x8, 0x0, 0x7fff, 0x8, 0x6, 0x6, 0x3, 0x2, 0x2}})

2.930472264s ago: executing program 2 (id=1613):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0)
sendmsg$auto_NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, 0x0, 0x51)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x9, 0x3, 0x16, 0x93f, 0x1ffe0, 0x3, 0x6, 0x2, 0x0, 0x5, 0xfff, 0xf, 0xb0, 0x1, 0x5, 0x7, 0x9, 0x7, 0x0, 0x0, 0x0, 0x200, 0xfffffffe, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3043, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x11, 0x8000000000000001]}, 0x1fe, 0x10081)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa503}, 0x800}, 0x7, 0x4008)
swapon$auto(&(0x7f0000000080)='/dev/vhost-vsock\x00', 0xffffffff)
write$auto(0xffffffffffffffff, &(0x7f0000000440)='\xce*+#\x00', 0x1080)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.7/usb8/bConfigurationValue\x00', 0x10b042, 0x0)
sendfile$auto(r1, r1, 0x0, 0x2)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
r2 = fanotify_init$auto(0x5, 0x2000000000002)
fanotify_mark$auto(r2, 0x201, 0x9, 0x4, 0x0)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r3 = socket(0x2, 0xa, 0x1)
r4 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1f, r3, 0x10000}, 0x10)
mmap$auto(0x0, 0x2009, 0xfffffffffffffff9, 0x8000200008011, r4, 0x8000)
mmap$auto(0x0, 0x10, 0xdf, 0xeb2, 0xffffffffffffffff, 0x8000)
socket(0x1d, 0x2, 0x6)
mmap$auto(0x0, 0x40009, 0xde, 0x9b72, 0x7, 0x28000)
capset$auto(0x0, 0x0)
socket(0xa, 0xa, 0x88)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'team0\x00'})
bpf$auto(0x0, 0x0, 0xf)
sendmsg$auto_NL802154_CMD_SET_MAX_FRAME_RETRIES(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="4000100000", @ANYRES16], 0x240}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)

2.701427797s ago: executing program 3 (id=1614):
ioctl$auto_TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, &(0x7f0000000200)={0xfffc, &(0x7f0000000000)={0xffff, 0x5, 0x7}})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000001f80), 0xffffffffffffffff)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socket(0x2, 0x2, 0x1)
io_uring_setup$auto(0x6, 0x0)
sendto$auto(r2, 0x0, 0xb, 0xf0, &(0x7f0000000000)=@in={0x2, 0x4e24, @remote}, 0x1c)
madvise$auto(0x100000, 0x1000, 0x15)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x412100, 0x0)
r3 = socket(0xa, 0x5, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x00\rs\x1cJ\x99\x00:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x1)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'ip6_vti0\x00'})
r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x5)
ioctl$auto_VHOST_NET_SET_BACKEND(r4, 0x4008af30, &(0x7f0000000000)={0x6})
bpf$auto(0x40000000, &(0x7f0000000100)=@iter_create={r1, 0x81}, 0x96)
bpf$auto(0x18, &(0x7f0000000240)=@raw_tracepoint={0x916, 0xffffffffffffffff, 0x0, 0x800}, 0x92)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
getsockopt$auto(r3, 0x84, 0x1d, 0x0, 0x0)
read$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffffff, &(0x7f0000000100)=""/153, 0x99)
madvise$auto(0x5, 0x81, 0x5)
getpid()
r5 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
read$auto(r5, 0x0, 0xb4d3)

1.316307104s ago: executing program 2 (id=1615):
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x302, 0x0)
timer_create$auto(0xfffffffa, &(0x7f0000000100)={@sival_ptr=0x0, @inferred, 0x1, @_tid=0xffffffffffffffff}, &(0x7f0000000140)=0x6)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0xb)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x10000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/037/001\x00', 0x20882, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x14, 0x5, 0x7fc, 0x7fb, &(0x7f00000002c0)})
pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400)
write$auto(0xffffffffffffffff, &(0x7f0000000280)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x98\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\x8b\x8f\x04E\xc0\xbd\xc5v.\xd1\xe8\xa8@\xcc', 0x100000a3d9)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/ip6tnl0/bootp_relay\x00', 0x5014c0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
mmap$auto(0x0, 0x0, 0xdf, 0x9b72, r0, 0x8000)
msync$auto(0x904, 0xc, 0x4)
close_range$auto(0x2, 0x8, 0x0)
read$auto_vcs_fops_vc_screen(0xffffffffffffffff, &(0x7f0000000080)=""/238, 0xffffffe9)
r2 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$auto_nvram_misc_fops_nvram(r2, &(0x7f0000000080)=""/209, 0xd1)
ioctl$auto_NVRAM_INIT(r2, 0x7040, 0x0)
write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000)
r3 = prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0)
close_range$auto(0xffffffffffffffff, r3, 0x10)
r4 = getsockopt$auto_SO_PEERPIDFD(0xffffffffffffffff, 0x1, 0x4d, &(0x7f0000000000)='.\x00', &(0x7f0000000040)=0x1060)
ioctl$auto_FIONREAD(r4, 0x541b, 0x7ff)
futex$auto(0x0, 0x5, 0x9, 0x0, 0x0, 0xffff7fff)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f0, 0x15)
madvise$auto(0x0, 0x200007, 0x19)

877.015911ms ago: executing program 3 (id=1616):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x408802, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rpc/nfs4.idtoname/content\x00', 0x181b80, 0x0)
read$auto(r1, &(0x7f0000000440)='2\x06J Nwe0\xbd\"\x8f\xe5h_b\xde\x19\xa5\x0e\xfa\xe0\xcb\xb7\xaceW\x1a\x1f\xae\xd8\xfe\x01Y\xd6\xba\xde3\xc7\xf8\x91\xda\xf6_%\xf30\xdc\x97<\xf3A\xa7\xb4\x8dj\xbd\x02\xb1}{e\xf64\xecC\x83,\xecp7j\xf8<\xc8x\xd4\xb0\x1d\b\xb08\x01\x9e\x9et\x8aa\xe1\re\xcf\x8e\x02\xeeW\xf0z\vk\x02_\xdb\x15f8>;zM\xa95\x16\xe9l\xf5\xaa\xaa\x03\x18p\x0e\xde$\xc3\xa9\xac\xc7\x98\x05<\xef\xcd@z\fx}F\x93\xe1\xbd\xb3s\x80\xc1e\xe9T1\xbf\xc8_^\a\x03\xad\ni\n~-u)\x88\x97\xed\xa7\x9b\x0f\xef\x99\x13\xdc<\xd1{\br\xd6[\xd3\xa9-(KH\b\xdfJ\xdek\xef\xc9\xd7\n\x83m\x86\xf2\a\x8d\x19\xe0\\\xf0lg?\x98\xc8\x8e\xbd2?C\xa5\x8a\xe3\xc6\xd7\x00\x14n\xb8<\xab\x96\x8d\xa1\xf4\x87\xe5\a:z\xea\xcc\xa1\x8d\xae8\x12\xa6\xb9\xd99\xaa\xc5\x10\xad\xdd\x89\xddC\xf5\xd2Q\x92\xcd\xcc\x9f\x1a\xdbR\xeeL:\x87\xb3\xb0\x84\x1bR\xf2\xe2/\xa3\x0e\x90\x98\x8c\xc0\xa4\xda+U\b\x88\xa7\x88\x1fC\xbb\xa8\xce\x0f\xd5\xdew\x99\x18G.s\x16\xfa\xf2\x96|\x1e]\xe5\xf8\xb1\x8b.}\x841\xd8\x98\xd8f86h\xab\x94\x7f\xc4<\x03\xdd\x86=\xb6\x1e@\xab6\x81\xce\xaa\xcf\xfd\x947\xc3\x86\xfe\xb7O\xd9\xa9\xb6[\xcc\xd8\xe1\xa9\x84[\xe0\xd4\x03\x90@\x03\xbe\xba\xee\xed\xe9\xb1\xd2\xf1\x8cgn\xb7m/\xf1\"\xc2\xeb\x1d\x04\xf3\xf1\x96\xf2\x00C\xf0wg\xd6\x11\x18\xb5o\x9d\xd7`\xce\x81\x9b1b\x8ce\x99*\xa3\xd2\x8dAw\xd9\xa6l\\\x17\xbb\xf6\xe2\xa2<\n\xc0\f:\x97\xff\xc6y\x05<\xa6\x81\xd92\xc9\x9e\f[\xf9\xfc\xf1ih\"J\x92\xd2\xd4\xc2\xe8\x89 \x81\xbf8C\xa9\x1at\xa1\xdc\x94\xc5\xc8K\xbb\x14h\xa9)\xaa\xf2\xda\xaf\xb1\rs\xe6\x97\x1e\xcc6\x94\xff\x1b\x8e\x98\xf7\xa0', 0x67b)
socket(0x1e, 0x6, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9)
setsockopt$auto(0xffffffffffffffff, 0x9, 0x69ce, &(0x7f0000000040)='(%}[\x00', 0x3)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_LINK_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000051c0)={&(0x7f0000000440)={0x1c, 0x0, 0x301, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_LINK={0x8, 0x4, 0x0, 0x1, [@nested={0x4, 0x1}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000055}, 0x4)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/tty/ptyqe/power/control\x00', 0xa0b02, 0x0)
r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/security/tomoyo/profile\x00', 0x48802, 0x0)
read$auto(r4, 0x0, 0xb4d3)
write$auto(0x3, 0x0, 0x70)
write$auto(0x3, 0x0, 0xfdef)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
mremap$auto(0x4000, 0xba, 0x13fd4, 0x3, 0xfffff000)
ioctl$auto(0xc8, 0x800454da, 0x5)

488.162572ms ago: executing program 2 (id=1617):
mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0xffffffffffffffff, 0x7ffd)
r0 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000000), 0x8202, 0x0)
write$auto(r0, 0x0, 0xa0d)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f0000000200)=0x74)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0))
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SYNC(r3, 0x5001, 0x0)
read$auto(r2, 0x0, 0x1000)
mmap$auto(0x0, 0x400008, 0x40000000000000df, 0x11, r1, 0x8001)
write$auto(0x3, 0x0, 0x100082)
r4 = socket(0x5, 0x4, 0x2)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000180), r4)
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x9f8ff8dd1a59f57c, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
close_range$auto(0x2, 0x8, 0x0)
symlink$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00')
socket(0x3, 0x5, 0xa245)
socket(0x2, 0x1, 0x0)
getsockopt$auto(0x3, 0x6, 0xb, 0x0, 0x0)
shutdown$auto(0x200000003, 0x2)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto(0x3, 0x0, 0xffd8)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
listen$auto(0x3, 0x3)
openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, 0x0, 0x22a40, 0x0)

278.26566ms ago: executing program 4 (id=1618):
mmap$auto(0x0, 0x20009, 0x100000000, 0x11, 0x40000000000a5, 0x8000) (async)
r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x400c02, 0x0)
ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) (async, rerun: 64)
socket(0x1f, 0x80003, 0x7) (rerun: 64)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) (async)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async)
recvmmsg$auto(0xffffffffffffffff, 0x0, 0x10000, 0xfffffffd, 0x0) (async)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
epoll_create$auto(0x4)
syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) (async)
move_mount$auto(0xffffffffffffffff, 0xfffffffffffffffe, 0xffffffffffffffff, 0x0, 0x6) (async)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20080, 0x0) (async)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) (async)
write$auto(0xffffffffffffffff, 0x0, 0xa3d9) (async)
socket(0x15, 0x5, 0x0) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vxcan1\x00'}) (rerun: 64)
bpf$auto(0x3, 0x0, 0x6f2) (async)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x200)
listmount$auto(&(0x7f0000000040)={0x200, @inferred=r1, 0x7f, 0x81, 0x400}, &(0x7f0000000140)=0x10000, 0xf, 0x5)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
write$auto(r2, &(0x7f0000000300)='*o\xd3\xa49\xaf\xa9\xe4\xe17\x12\xb3Z\x17I\x82\xdc\xbeiw\xc1\xd1\x8d\x9b\r\x9aR\xe7\x9f\xd8\xab\x16`f\nT\xaa\xfap \xe6\xdaV\xdeD\x8dR5\xd2\xe58\n\xff\x19+\xeb\xb3+\xf6\xc6\a\x00\x00\x00\xf1A\xa5\x95\x1fk\x1f\xff\x99gP\x9e\x88\x97]\x93\xf4\xdd<\xe7p\x0e\xd4C\xdc\x84\v\xafz\xfd\x81\xa3\xb2\xbb\xa4\xd9\xf2P\xa8\xe9\x8f\x13\xa7\x98\x85\xf8\v\aB\xfc\xfa\x14E\xb8y\x884<\xa7\xffyb\x8a\b\xbb\x1b\x13W\xe3\xf7\xd8\x83\xc9\xd7\x8c', 0x6)
syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) (async)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0x0) (async)
mmap$auto(0x0, 0x4, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0)
read$auto(r3, 0x0, 0x22)

0s ago: executing program 0 (id=1619):
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
madvise$auto(0x0, 0xffffffffffff0006, 0x17)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
bind$auto(0x3, 0x0, 0x6a)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x1000, 0x6d3e, 0xffffffffffffffff, 0x2, 0x8]}, 0x0)
sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff)
msync$auto(0xfffffffffffffffc, 0x3, 0xfff)
sendmsg$auto_NFSD_CMD_RPC_STATUS_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, 0x0, 0x800, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
select$auto(0x9, &(0x7f0000000380)={[0xeeda, 0x7, 0x100000001, 0x2, 0x3, 0x1ff, 0xfff, 0x3, 0x0, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9, 0x7, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb})
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
epoll_ctl$auto_EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x2, 0x0)
r3 = openat$auto_ctl_device_fops_user(0xffffffffffffff9c, &(0x7f0000001c40), 0x0, 0x0)
read$auto_ctl_device_fops_user(r3, &(0x7f0000001c80)=""/12, 0xc)
unshare$auto(0x40000080)
socket(0xa, 0x1, 0x100)
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x60d80, 0x0)

kernel console output (not intermixed with test programs):

: 00007f8d489b5fa0 R15: 00007ffc818cbc88
[  438.009793][T10995]  </TASK>
[  438.013081][    C0] vkms_vblank_simulate: vblank timer overrun
[  438.034659][T10995] program syz.3.1017 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  438.276823][T10995] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  438.323810][T10995] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  438.506761][T10995] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  438.541429][T10995] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  438.559933][T10995] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  438.566668][T10995] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  438.581243][T10995] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  438.589729][T10995] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  438.729442][   T30] audit: type=1800 audit(4294967924.383:9): pid=11001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1018" name="features" dev="configfs" ino=25701 res=0 errno=0
[  440.268907][   T51] Bluetooth: hci0: command 0x0406 tx timeout
[  440.509889][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  440.587786][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  440.587796][ T5857] Bluetooth: hci3: command 0x0406 tx timeout
[  442.347780][   T51] Bluetooth: hci0: command 0x0406 tx timeout
[  442.590422][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  442.667562][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  442.677563][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  443.493775][T11074] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1030'.
[  445.056706][T11087] netdevsim netdevsim15 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  445.083014][T11093] hub 3-0:1.0: USB hub found
[  445.101607][T11093] hub 3-0:1.0: 1 port detected
[  445.155000][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  445.161478][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  445.242724][T11093] usb usb3: authorized to connect
[  445.582130][T11113] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1039'.
[  445.947049][T11116] input: jJǸ-���9�X����l��Q�	J86�� as /devices/virtual/input/input78
[  446.022392][T11107] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1034'.
[  447.777956][T11150] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input79
[  449.943143][T11185] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1055'.
[  450.113620][T11184] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3)
[  451.551306][T11209] random: crng reseeded on system resumption
[  451.852721][T11209] input input80: cannot allocate more than FF_MAX_EFFECTS effects
[  451.900036][T11209] FAULT_INJECTION: forcing a failure.
[  451.900036][T11209] name failslab, interval 1, probability 0, space 0, times 0
[  451.960106][T11209] CPU: 1 UID: 0 PID: 11209 Comm: syz.2.1061 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  451.960160][T11209] Tainted: [U]=USER
[  451.960172][T11209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  451.960192][T11209] Call Trace:
[  451.960211][T11209]  <TASK>
[  451.960225][T11209]  dump_stack_lvl+0x16c/0x1f0
[  451.960264][T11209]  should_fail_ex+0x512/0x640
[  451.960299][T11209]  ? __kvmalloc_node_noprof+0x124/0x620
[  451.960355][T11209]  should_failslab+0xc2/0x120
[  451.960393][T11209]  __kvmalloc_node_noprof+0x137/0x620
[  451.960442][T11209]  ? lockdep_init_map_type+0x5c/0x280
[  451.960489][T11209]  ? open_substream+0x30c/0x9b0
[  451.960539][T11209]  ? open_substream+0x30c/0x9b0
[  451.960578][T11209]  ? open_substream+0x19a/0x9b0
[  451.960617][T11209]  open_substream+0x30c/0x9b0
[  451.960656][T11209]  ? lockdep_hardirqs_on+0x7c/0x110
[  451.960683][T11209]  rawmidi_open_priv+0x543/0x6e0
[  451.960728][T11209]  snd_rawmidi_open+0x4cc/0xbf0
[  451.960774][T11209]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  451.960815][T11209]  ? __pfx_default_wake_function+0x10/0x10
[  451.960846][T11209]  ? kobject_get_unless_zero+0x156/0x1e0
[  451.960881][T11209]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  451.960922][T11209]  snd_open+0x1fe/0x450
[  451.960955][T11209]  ? __pfx_snd_open+0x10/0x10
[  451.960984][T11209]  chrdev_open+0x231/0x6a0
[  451.961013][T11209]  ? __pfx_apparmor_file_open+0x10/0x10
[  451.961057][T11209]  ? __pfx_chrdev_open+0x10/0x10
[  451.961089][T11209]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  451.961138][T11209]  do_dentry_open+0x744/0x1c10
[  451.961165][T11209]  ? __pfx_chrdev_open+0x10/0x10
[  451.961213][T11209]  vfs_open+0x82/0x3f0
[  451.961257][T11209]  path_openat+0x1de4/0x2cb0
[  451.961294][T11209]  ? __pfx_path_openat+0x10/0x10
[  451.961324][T11209]  ? __lock_acquire+0xb8a/0x1c90
[  451.961370][T11209]  do_filp_open+0x20b/0x470
[  451.961398][T11209]  ? __pfx_do_filp_open+0x10/0x10
[  451.961449][T11209]  ? alloc_fd+0x471/0x7d0
[  451.961497][T11209]  do_sys_openat2+0x11b/0x1d0
[  451.961534][T11209]  ? __pfx_do_sys_openat2+0x10/0x10
[  451.961588][T11209]  __x64_sys_openat+0x174/0x210
[  451.961629][T11209]  ? __pfx___x64_sys_openat+0x10/0x10
[  451.961689][T11209]  do_syscall_64+0xcd/0x490
[  451.961728][T11209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  451.961761][T11209] RIP: 0033:0x7f4cdaf8e9a9
[  451.961787][T11209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  451.961819][T11209] RSP: 002b:00007f4cdbd41038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  451.961849][T11209] RAX: ffffffffffffffda RBX: 00007f4cdb1b5fa0 RCX: 00007f4cdaf8e9a9
[  451.961870][T11209] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  451.961890][T11209] RBP: 00007f4cdb010d69 R08: 0000000000000000 R09: 0000000000000000
[  451.961910][T11209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  451.961926][T11209] R13: 0000000000000000 R14: 00007f4cdb1b5fa0 R15: 00007ffefef61178
[  451.961955][T11209]  </TASK>
[  455.935833][   T51] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260
[  455.935885][   T51] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260
[  455.958590][   T51] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[  455.958631][   T51] Bluetooth: hci1: adv larger than maximum supported
[  455.965741][   T51] Bluetooth: hci1: adv larger than maximum supported
[  455.973600][   T51] Bluetooth: hci1: Malformed LE Event: 0x0d
[  456.591706][T11262] FAULT_INJECTION: forcing a failure.
[  456.591706][T11262] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  456.607056][T11262] CPU: 1 UID: 0 PID: 11262 Comm: syz.2.1071 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  456.607111][T11262] Tainted: [U]=USER
[  456.607123][T11262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  456.607144][T11262] Call Trace:
[  456.607155][T11262]  <TASK>
[  456.607167][T11262]  dump_stack_lvl+0x16c/0x1f0
[  456.607210][T11262]  should_fail_ex+0x512/0x640
[  456.607253][T11262]  should_fail_alloc_page+0xe7/0x130
[  456.607298][T11262]  prepare_alloc_pages+0x3c2/0x610
[  456.607346][T11262]  ? rcu_is_watching+0x12/0xc0
[  456.607388][T11262]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  456.607426][T11262]  ? kasan_save_stack+0x42/0x60
[  456.607466][T11262]  ? __lock_acquire+0x622/0x1c90
[  456.607511][T11262]  ? drm_edid_valid+0x154/0x5f0
[  456.607566][T11262]  ? __vmf_anon_prepare+0x11c/0x240
[  456.607616][T11262]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  456.607651][T11262]  ? __lock_acquire+0x622/0x1c90
[  456.607698][T11262]  ? drm_edid_valid+0x154/0x5f0
[  456.607772][T11262]  ? __lock_acquire+0x622/0x1c90
[  456.607822][T11262]  ? __lock_acquire+0x622/0x1c90
[  456.607869][T11262]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  456.607926][T11262]  ? policy_nodemask+0xea/0x4e0
[  456.607969][T11262]  alloc_pages_mpol+0x1fb/0x550
[  456.608009][T11262]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  456.608061][T11262]  folio_alloc_mpol_noprof+0x36/0x2f0
[  456.608110][T11262]  vma_alloc_folio_noprof+0xed/0x1e0
[  456.608157][T11262]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  456.608202][T11262]  ? find_held_lock+0x2b/0x80
[  456.608239][T11262]  ? __handle_mm_fault+0x1092/0x5490
[  456.608299][T11262]  __handle_mm_fault+0x2f21/0x5490
[  456.608365][T11262]  ? __pfx___handle_mm_fault+0x10/0x10
[  456.608420][T11262]  ? __pte_offset_map_lock+0x174/0x310
[  456.608464][T11262]  ? find_held_lock+0x2b/0x80
[  456.608504][T11262]  ? find_held_lock+0x2b/0x80
[  456.608551][T11262]  ? follow_page_pte+0x3af/0x14c0
[  456.608609][T11262]  handle_mm_fault+0x589/0xd10
[  456.608674][T11262]  __get_user_pages+0x589/0x3b80
[  456.608750][T11262]  ? __pfx_mt_find+0x10/0x10
[  456.608791][T11262]  ? __pfx___get_user_pages+0x10/0x10
[  456.608871][T11262]  populate_vma_page_range+0x278/0x3a0
[  456.608924][T11262]  ? __pfx_populate_vma_page_range+0x10/0x10
[  456.608974][T11262]  ? __pfx_find_vma_intersection+0x10/0x10
[  456.609022][T11262]  ? do_mmap+0x69c/0x1210
[  456.609072][T11262]  __mm_populate+0x1d8/0x380
[  456.609123][T11262]  ? __pfx___mm_populate+0x10/0x10
[  456.609175][T11262]  ? up_write+0x1b2/0x520
[  456.609232][T11262]  vm_mmap_pgoff+0x362/0x450
[  456.609280][T11262]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  456.609323][T11262]  ? __pfx_sched_core_share_pid+0x10/0x10
[  456.609370][T11262]  ? __x64_sys_futex+0x1e0/0x4c0
[  456.609410][T11262]  ? __x64_sys_futex+0x1e9/0x4c0
[  456.609458][T11262]  ksys_mmap_pgoff+0x7d/0x5c0
[  456.609501][T11262]  ? xfd_validate_state+0x61/0x180
[  456.609545][T11262]  ? __pfx___do_sys_prctl+0x10/0x10
[  456.609604][T11262]  __x64_sys_mmap+0x125/0x190
[  456.609660][T11262]  do_syscall_64+0xcd/0x490
[  456.609698][T11262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.609734][T11262] RIP: 0033:0x7f4cdaf8e9a9
[  456.609769][T11262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  456.609804][T11262] RSP: 002b:00007f4cd8df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  456.609836][T11262] RAX: ffffffffffffffda RBX: 00007f4cdb1b6160 RCX: 00007f4cdaf8e9a9
[  456.609860][T11262] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[  456.609880][T11262] RBP: 00007f4cdb010d69 R08: 0000000000000002 R09: 0000000000008000
[  456.609901][T11262] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  456.609921][T11262] R13: 0000000000000000 R14: 00007f4cdb1b6160 R15: 00007ffefef61178
[  456.609965][T11262]  </TASK>
[  462.853189][T11327] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137
[  462.958406][T11327] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138
[  463.011882][T11327] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum
[  463.258555][T11331] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 1: bad block bitmap checksum
[  464.745681][ T5857] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  464.763812][ T5857] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  464.773036][ T5857] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  464.783980][ T5857] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  464.798181][ T5857] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  465.782461][T11367] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1092'.
[  465.840206][T11347] chnl_net:caif_netlink_parms(): no params data found
[  466.233016][T11347] bridge0: port 1(bridge_slave_0) entered blocking state
[  466.241093][T11347] bridge0: port 1(bridge_slave_0) entered disabled state
[  466.251841][T11347] bridge_slave_0: entered allmulticast mode
[  466.260032][T11347] bridge_slave_0: entered promiscuous mode
[  466.272014][T11347] bridge0: port 2(bridge_slave_1) entered blocking state
[  466.279525][T11347] bridge0: port 2(bridge_slave_1) entered disabled state
[  466.294490][T11347] bridge_slave_1: entered allmulticast mode
[  466.302073][T11375] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1095'.
[  466.307072][T11347] bridge_slave_1: entered promiscuous mode
[  466.370486][T11347] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  466.446810][T11347] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  466.840449][   T51] Bluetooth: hci4: command tx timeout
[  466.946469][T11347] team0: Port device team_slave_0 added
[  466.995696][T11347] team0: Port device team_slave_1 added
[  467.332373][T11347] batman_adv: batadv0: Adding interface: batadv_slave_0
[  467.339981][T11347] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  467.385191][T11347] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  467.432781][T11347] batman_adv: batadv0: Adding interface: batadv_slave_1
[  467.440657][T11347] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  467.469542][T11347] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  468.146759][T11347] hsr_slave_0: entered promiscuous mode
[  468.203867][T11347] hsr_slave_1: entered promiscuous mode
[  468.227644][T11347] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  468.235295][T11347] Cannot create hsr debugfs directory
[  468.907821][   T51] Bluetooth: hci4: command tx timeout
[  469.073156][T11394] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(1)
[  470.082523][T11405] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1101'.
[  470.394975][T11417] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1102'.
[  470.555514][T11347] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  470.604706][T11347] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  470.717765][T11347] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  470.841322][T11347] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  470.989042][   T51] Bluetooth: hci4: command tx timeout
[  471.275803][ T5859] Process accounting resumed
[  471.816382][T11347] 8021q: adding VLAN 0 to HW filter on device bond0
[  471.944043][T11347] 8021q: adding VLAN 0 to HW filter on device team0
[  472.003823][T10601] bridge0: port 1(bridge_slave_0) entered blocking state
[  472.011142][T10601] bridge0: port 1(bridge_slave_0) entered forwarding state
[  472.102314][T10601] bridge0: port 2(bridge_slave_1) entered blocking state
[  472.110163][T10601] bridge0: port 2(bridge_slave_1) entered forwarding state
[  472.751945][T11441] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1105'.
[  472.993132][T11445] FAULT_INJECTION: forcing a failure.
[  472.993132][T11445] name failslab, interval 1, probability 0, space 0, times 0
[  473.047696][T11445] CPU: 1 UID: 0 PID: 11445 Comm: syz.2.1106 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  473.047751][T11445] Tainted: [U]=USER
[  473.047761][T11445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  473.047780][T11445] Call Trace:
[  473.047791][T11445]  <TASK>
[  473.047803][T11445]  dump_stack_lvl+0x16c/0x1f0
[  473.047842][T11445]  should_fail_ex+0x512/0x640
[  473.047875][T11445]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  473.047925][T11445]  should_failslab+0xc2/0x120
[  473.047964][T11445]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  473.047995][T11445]  ? __proc_create+0xc3/0x8c0
[  473.048030][T11445]  ? __proc_create+0x2ce/0x8c0
[  473.048071][T11445]  __proc_create+0x2ce/0x8c0
[  473.048109][T11445]  ? __pfx___proc_create+0x10/0x10
[  473.048248][T11445]  ? _raw_write_unlock+0x28/0x50
[  473.048284][T11445]  ? proc_register+0x314/0x5f0
[  473.048325][T11445]  proc_create_reg+0x7d/0x180
[  473.048369][T11445]  proc_create_seq_private+0x8e/0x1d0
[  473.048416][T11445]  ? __pfx_proc_create_seq_private+0x10/0x10
[  473.048469][T11445]  xt_proto_init+0x45b/0xc10
[  473.048522][T11445]  ? __pfx_xt_proto_init+0x10/0x10
[  473.048570][T11445]  ? __kmalloc_noprof+0x242/0x510
[  473.048602][T11445]  ? __kasan_kmalloc+0xaa/0xb0
[  473.048640][T11445]  ? __pfx_arp_tables_net_init+0x10/0x10
[  473.048678][T11445]  ops_init+0x1df/0x5f0
[  473.048723][T11445]  setup_net+0x1ff/0x510
[  473.048760][T11445]  ? lockdep_init_map_type+0x5c/0x280
[  473.048809][T11445]  ? __pfx_setup_net+0x10/0x10
[  473.048852][T11445]  ? debug_mutex_init+0x37/0x70
[  473.048893][T11445]  copy_net_ns+0x2a6/0x5f0
[  473.048941][T11445]  create_new_namespaces+0x3ea/0xa90
[  473.048991][T11445]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  473.049035][T11445]  ksys_unshare+0x45b/0xa40
[  473.049083][T11445]  ? __pfx_ksys_unshare+0x10/0x10
[  473.049132][T11445]  ? xfd_validate_state+0x61/0x180
[  473.049204][T11445]  __x64_sys_unshare+0x31/0x40
[  473.049251][T11445]  do_syscall_64+0xcd/0x490
[  473.049290][T11445]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  473.049325][T11445] RIP: 0033:0x7f4cdaf8e9a9
[  473.049351][T11445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  473.049384][T11445] RSP: 002b:00007f4cdbd41038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  473.049415][T11445] RAX: ffffffffffffffda RBX: 00007f4cdb1b5fa0 RCX: 00007f4cdaf8e9a9
[  473.049437][T11445] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  473.049458][T11445] RBP: 00007f4cdb010d69 R08: 0000000000000000 R09: 0000000000000000
[  473.049478][T11445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  473.049497][T11445] R13: 0000000000000000 R14: 00007f4cdb1b5fa0 R15: 00007ffefef61178
[  473.049540][T11445]  </TASK>
[  473.408293][   T51] Bluetooth: hci4: command tx timeout
[  473.453022][T11347] 8021q: adding VLAN 0 to HW filter on device batadv0
[  474.726877][T11347] veth0_vlan: entered promiscuous mode
[  474.783741][T11347] veth1_vlan: entered promiscuous mode
[  474.925376][T11347] veth0_macvtap: entered promiscuous mode
[  474.939205][T11347] veth1_macvtap: entered promiscuous mode
[  474.972008][T11347] batman_adv: batadv0: Interface activated: batadv_slave_0
[  475.003055][T11347] batman_adv: batadv0: Interface activated: batadv_slave_1
[  475.014858][T11347] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  475.044348][T11347] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  475.080788][T11347] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  475.106731][T11347] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  475.739538][ T7133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  475.786182][ T7133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  475.940795][ T7146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  475.965448][ T7146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  476.249578][T11483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1113'.
[  479.849372][T11518] FAULT_INJECTION: forcing a failure.
[  479.849372][T11518] name failslab, interval 1, probability 0, space 0, times 0
[  479.887761][T11518] CPU: 0 UID: 0 PID: 11518 Comm: syz.4.1120 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  479.887800][T11518] Tainted: [U]=USER
[  479.887807][T11518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  479.887820][T11518] Call Trace:
[  479.887826][T11518]  <TASK>
[  479.887835][T11518]  dump_stack_lvl+0x16c/0x1f0
[  479.887863][T11518]  should_fail_ex+0x512/0x640
[  479.887909][T11518]  should_failslab+0xc2/0x120
[  479.887937][T11518]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  479.887963][T11518]  ? skb_clone+0x190/0x3f0
[  479.887993][T11518]  skb_clone+0x190/0x3f0
[  479.888019][T11518]  netlink_deliver_tap+0xabd/0xd30
[  479.888054][T11518]  netlink_unicast+0x62f/0x850
[  479.888087][T11518]  ? __pfx_netlink_unicast+0x10/0x10
[  479.888124][T11518]  netlink_sendmsg+0x8d1/0xdd0
[  479.888158][T11518]  ? __pfx_netlink_sendmsg+0x10/0x10
[  479.888199][T11518]  ____sys_sendmsg+0xa95/0xc70
[  479.888233][T11518]  ? copy_msghdr_from_user+0x10a/0x160
[  479.888264][T11518]  ? __pfx_____sys_sendmsg+0x10/0x10
[  479.888310][T11518]  ___sys_sendmsg+0x134/0x1d0
[  479.888337][T11518]  ? __pfx____sys_sendmsg+0x10/0x10
[  479.888359][T11518]  ? __lock_acquire+0x622/0x1c90
[  479.888428][T11518]  __sys_sendmsg+0x16d/0x220
[  479.888454][T11518]  ? __pfx___sys_sendmsg+0x10/0x10
[  479.888497][T11518]  do_syscall_64+0xcd/0x490
[  479.888524][T11518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  479.888548][T11518] RIP: 0033:0x7f2bd8b8e9a9
[  479.888566][T11518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  479.888589][T11518] RSP: 002b:00007f2bd9a03038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  479.888610][T11518] RAX: ffffffffffffffda RBX: 00007f2bd8db5fa0 RCX: 00007f2bd8b8e9a9
[  479.888625][T11518] RDX: 0000000000040844 RSI: 0000200000001f80 RDI: 0000000000000007
[  479.888640][T11518] RBP: 00007f2bd9a03090 R08: 0000000000000000 R09: 0000000000000000
[  479.888654][T11518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  479.888668][T11518] R13: 0000000000000000 R14: 00007f2bd8db5fa0 R15: 00007fff4d0efa48
[  479.888697][T11518]  </TASK>
[  480.110592][    C0] vkms_vblank_simulate: vblank timer overrun
[  482.481234][T11540] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1125'.
[  485.626338][T11572] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1132'.
[  487.914415][T11602] ubi0: attaching mtd0
[  487.930461][T11603] ecryptfs_parse_packet_length: Error parsing packet length
[  488.009919][T11603] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22]
[  488.990388][T11621] random: crng reseeded on system resumption
[  489.236995][T11621] input input83: cannot allocate more than FF_MAX_EFFECTS effects
[  490.148550][T11636] GUP no longer grows the stack in syz.0.1144 (11636): 14000-401000 (4000)
[  490.161936][T11633] netlink: set zone limit has 8 unknown bytes
[  490.208689][T11636] CPU: 1 UID: 0 PID: 11636 Comm: syz.0.1144 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  490.208742][T11636] Tainted: [U]=USER
[  490.208752][T11636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  490.208771][T11636] Call Trace:
[  490.208781][T11636]  <TASK>
[  490.208794][T11636]  dump_stack_lvl+0x16c/0x1f0
[  490.208832][T11636]  gup_vma_lookup+0x1d2/0x220
[  490.208876][T11636]  __get_user_pages+0x271/0x3b80
[  490.208931][T11636]  ? __pfx___schedule+0x10/0x10
[  490.208983][T11636]  ? __pfx___get_user_pages+0x10/0x10
[  490.209043][T11636]  __gup_longterm_locked+0x20d/0x1840
[  490.209102][T11636]  ? __pfx___gup_longterm_locked+0x10/0x10
[  490.209172][T11636]  ? __pfx_rwsem_down_read_slowpath+0x10/0x10
[  490.209235][T11636]  pin_user_pages_remote+0xed/0x140
[  490.209285][T11636]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  490.209331][T11636]  ? mm_access+0x22d/0x2e0
[  490.209387][T11636]  process_vm_rw_core.constprop.0+0x41b/0x9a0
[  490.209449][T11636]  ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[  490.209493][T11636]  ? iovec_from_user+0xbb/0x140
[  490.209553][T11636]  ? iovec_from_user+0xbb/0x140
[  490.209596][T11636]  process_vm_rw+0x216/0x2c0
[  490.209637][T11636]  ? __pfx_process_vm_rw+0x10/0x10
[  490.209736][T11636]  ? xfd_validate_state+0x61/0x180
[  490.209781][T11636]  ? __task_pid_nr_ns+0x17c/0x500
[  490.209833][T11636]  __x64_sys_process_vm_readv+0xe2/0x1c0
[  490.209872][T11636]  ? do_syscall_64+0x91/0x490
[  490.209906][T11636]  ? lockdep_hardirqs_on+0x7c/0x110
[  490.209937][T11636]  do_syscall_64+0xcd/0x490
[  490.209975][T11636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.210009][T11636] RIP: 0033:0x7fa4d9d8e9a9
[  490.210035][T11636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  490.210066][T11636] RSP: 002b:00007fa4dab96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  490.210097][T11636] RAX: ffffffffffffffda RBX: 00007fa4d9fb6240 RCX: 00007fa4d9d8e9a9
[  490.210118][T11636] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 00000000000004ff
[  490.210146][T11636] RBP: 00007fa4d9e10d69 R08: 0000000000000003 R09: 0000000000000000
[  490.210166][T11636] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000
[  490.210187][T11636] R13: 0000000000000000 R14: 00007fa4d9fb6240 R15: 00007ffdfcceacf8
[  490.210230][T11636]  </TASK>
[  492.780457][T11693] snd_aloop snd_aloop.0: control 16781581:65539:6:�'x?F���/��zF˷fC���:7 is already present
[  493.877851][T11716] FAULT_INJECTION: forcing a failure.
[  493.877851][T11716] name failslab, interval 1, probability 0, space 0, times 0
[  493.891222][T11716] CPU: 1 UID: 0 PID: 11716 Comm: syz.4.1161 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  493.891279][T11716] Tainted: [U]=USER
[  493.891287][T11716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  493.891304][T11716] Call Trace:
[  493.891313][T11716]  <TASK>
[  493.891323][T11716]  dump_stack_lvl+0x16c/0x1f0
[  493.891355][T11716]  should_fail_ex+0x512/0x640
[  493.891388][T11716]  should_failslab+0xc2/0x120
[  493.891420][T11716]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  493.891469][T11716]  ? radix_tree_node_alloc.constprop.0+0x7c/0x350
[  493.891519][T11716]  radix_tree_node_alloc.constprop.0+0x7c/0x350
[  493.891569][T11716]  idr_get_free+0x528/0xa30
[  493.891626][T11716]  idr_alloc_u32+0x190/0x2f0
[  493.891673][T11716]  ? __pfx_idr_alloc_u32+0x10/0x10
[  493.891722][T11716]  ? lock_acquire+0x179/0x350
[  493.891767][T11716]  idr_alloc_cyclic+0x10b/0x230
[  493.891821][T11716]  ? __pfx_idr_alloc_cyclic+0x10/0x10
[  493.891865][T11716]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  493.891921][T11716]  map_create+0x9aa/0x1db0
[  493.891986][T11716]  ? __pfx_map_create+0x10/0x10
[  493.892024][T11716]  ? __might_fault+0xe3/0x190
[  493.892049][T11716]  ? __might_fault+0xe3/0x190
[  493.892075][T11716]  ? __might_fault+0x13b/0x190
[  493.892115][T11716]  __sys_bpf+0x4d8d/0x4ea0
[  493.892142][T11716]  ? __pfx___sys_bpf+0x10/0x10
[  493.892167][T11716]  ? ksys_write+0x190/0x250
[  493.892198][T11716]  ? do_futex+0x122/0x350
[  493.892233][T11716]  ? __pfx_do_futex+0x10/0x10
[  493.892279][T11716]  ? fput+0x70/0xf0
[  493.892311][T11716]  ? xfd_validate_state+0x61/0x180
[  493.892347][T11716]  ? __pfx_ksys_write+0x10/0x10
[  493.892378][T11716]  __x64_sys_bpf+0x78/0xc0
[  493.892402][T11716]  ? lockdep_hardirqs_on+0x7c/0x110
[  493.892428][T11716]  do_syscall_64+0xcd/0x490
[  493.892458][T11716]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.892485][T11716] RIP: 0033:0x7f2bd8b8e9a9
[  493.892506][T11716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  493.892534][T11716] RSP: 002b:00007f2bd9a03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  493.892558][T11716] RAX: ffffffffffffffda RBX: 00007f2bd8db5fa0 RCX: 00007f2bd8b8e9a9
[  493.892576][T11716] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000000
[  493.892593][T11716] RBP: 00007f2bd8c10d69 R08: 0000000000000000 R09: 0000000000000000
[  493.892610][T11716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  493.892626][T11716] R13: 0000000000000000 R14: 00007f2bd8db5fa0 R15: 00007fff4d0efa48
[  493.892659][T11716]  </TASK>
[  496.258522][T11735] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1166'.
[  500.375288][T11797] ima: policy update failed
[  500.382219][   T30] audit: type=1802 audit(4294967986.033:10): pid=11797 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1176" res=0 errno=0
[  500.984485][T11808] netlink: 'syz.4.1180': attribute type 1 has an invalid length.
[  501.029205][T11808] netlink: 'syz.4.1180': attribute type 1 has an invalid length.
[  501.382756][T11805] netlink: set zone limit has 8 unknown bytes
[  504.148216][T11843] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1187'.
[  504.286236][T11843] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1187'.
[  504.322182][T11843] geneve1: entered promiscuous mode
[  504.331600][T11843] geneve1: entered allmulticast mode
[  504.380236][T11843] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1187'.
[  505.418198][   T51] Bluetooth: hci0: ISO packet for unknown connection handle 0
[  505.995896][T11876] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1191'.
[  506.594960][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  506.601438][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  508.888807][T11903] FAULT_INJECTION: forcing a failure.
[  508.888807][T11903] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  508.952242][T11903] CPU: 1 UID: 0 PID: 11903 Comm: syz.3.1199 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  508.952296][T11903] Tainted: [U]=USER
[  508.952306][T11903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  508.952325][T11903] Call Trace:
[  508.952335][T11903]  <TASK>
[  508.952346][T11903]  dump_stack_lvl+0x16c/0x1f0
[  508.952384][T11903]  should_fail_ex+0x512/0x640
[  508.952424][T11903]  should_fail_alloc_page+0xe7/0x130
[  508.952464][T11903]  prepare_alloc_pages+0x3c2/0x610
[  508.952510][T11903]  ? rcu_is_watching+0x12/0xc0
[  508.952547][T11903]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  508.952584][T11903]  ? find_held_lock+0x2b/0x80
[  508.952625][T11903]  ? css_rstat_updated+0x9d/0xd30
[  508.952668][T11903]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  508.952700][T11903]  ? __lock_acquire+0x622/0x1c90
[  508.952758][T11903]  ? __lock_acquire+0x622/0x1c90
[  508.952805][T11903]  ? __lock_acquire+0x622/0x1c90
[  508.952846][T11903]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  508.952897][T11903]  ? policy_nodemask+0xea/0x4e0
[  508.952937][T11903]  alloc_pages_mpol+0x1fb/0x550
[  508.952976][T11903]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  508.953042][T11903]  folio_alloc_mpol_noprof+0x36/0x2f0
[  508.953088][T11903]  vma_alloc_folio_noprof+0xed/0x1e0
[  508.953132][T11903]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  508.953176][T11903]  ? find_held_lock+0x2b/0x80
[  508.953209][T11903]  ? __handle_mm_fault+0x1092/0x5490
[  508.953266][T11903]  __handle_mm_fault+0x2f21/0x5490
[  508.953327][T11903]  ? __pfx___handle_mm_fault+0x10/0x10
[  508.953380][T11903]  ? __pte_offset_map_lock+0x174/0x310
[  508.953421][T11903]  ? find_held_lock+0x2b/0x80
[  508.953452][T11903]  ? find_held_lock+0x2b/0x80
[  508.953495][T11903]  ? follow_page_pte+0x3af/0x14c0
[  508.953549][T11903]  handle_mm_fault+0x589/0xd10
[  508.953612][T11903]  __get_user_pages+0x589/0x3b80
[  508.953668][T11903]  ? __pfx_mt_find+0x10/0x10
[  508.953705][T11903]  ? __pfx___get_user_pages+0x10/0x10
[  508.953765][T11903]  populate_vma_page_range+0x278/0x3a0
[  508.953815][T11903]  ? __pfx_populate_vma_page_range+0x10/0x10
[  508.953861][T11903]  ? __pfx_find_vma_intersection+0x10/0x10
[  508.953908][T11903]  ? do_mmap+0x69c/0x1210
[  508.953955][T11903]  __mm_populate+0x1d8/0x380
[  508.954003][T11903]  ? __pfx___mm_populate+0x10/0x10
[  508.954052][T11903]  ? up_write+0x1b2/0x520
[  508.954105][T11903]  vm_mmap_pgoff+0x362/0x450
[  508.954150][T11903]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  508.954198][T11903]  ? __x64_sys_futex+0x1e0/0x4c0
[  508.954237][T11903]  ? __x64_sys_futex+0x1e9/0x4c0
[  508.954281][T11903]  ksys_mmap_pgoff+0x7d/0x5c0
[  508.954327][T11903]  ? xfd_validate_state+0x61/0x180
[  508.954377][T11903]  __x64_sys_mmap+0x125/0x190
[  508.954429][T11903]  do_syscall_64+0xcd/0x490
[  508.954465][T11903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.954497][T11903] RIP: 0033:0x7f8d4878e9a9
[  508.954523][T11903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  508.954555][T11903] RSP: 002b:00007f8d49625038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  508.954585][T11903] RAX: ffffffffffffffda RBX: 00007f8d489b5fa0 RCX: 00007f8d4878e9a9
[  508.954613][T11903] RDX: fffffffffffffffe RSI: 0000000000400005 RDI: 0000000000000000
[  508.954633][T11903] RBP: 00007f8d48810d69 R08: 0000000000000002 R09: 0000000000008000
[  508.954653][T11903] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  508.954673][T11903] R13: 0000000000000000 R14: 00007f8d489b5fa0 R15: 00007ffc818cbc88
[  508.954713][T11903]  </TASK>
[  509.306203][    C1] vkms_vblank_simulate: vblank timer overrun
[  511.647171][T11931] mkiss: ax0: crc mode is auto.
[  512.263690][T11943] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1205'.
[  514.805513][T11972] ptrace attach of "./syz-executor exec"[11976] was attempted by "./syz-executor exec"[11972]
[  514.983207][T11951] __vm_enough_memory: pid: 11951, comm: syz.4.1206, bytes: 4398046511104 not enough memory for the allocation
[  517.995617][T11999] netlink: zone id is out of range
[  518.838573][T12009] vhci_hcd: invalid port number 16
[  518.854363][T12009] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub
[  520.416820][T12032] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1222'.
[  522.354993][T12056] FAULT_INJECTION: forcing a failure.
[  522.354993][T12056] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  522.397870][T12056] CPU: 1 UID: 0 PID: 12056 Comm: syz.4.1226 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  522.397927][T12056] Tainted: [U]=USER
[  522.397938][T12056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  522.397958][T12056] Call Trace:
[  522.397969][T12056]  <TASK>
[  522.397982][T12056]  dump_stack_lvl+0x16c/0x1f0
[  522.398028][T12056]  should_fail_ex+0x512/0x640
[  522.398070][T12056]  should_fail_alloc_page+0xe7/0x130
[  522.398115][T12056]  prepare_alloc_pages+0x3c2/0x610
[  522.398171][T12056]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  522.398211][T12056]  ? find_held_lock+0x2b/0x80
[  522.398257][T12056]  ? page_table_check_set+0x627/0x750
[  522.398304][T12056]  ? page_table_check_set+0x631/0x750
[  522.398344][T12056]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  522.398385][T12056]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  522.398436][T12056]  ? const_folio_flags+0x5b/0x100
[  522.398483][T12056]  ? const_folio_flags+0x5b/0x100
[  522.398535][T12056]  ? folio_remove_rmap_pmd+0x2eb/0x7d0
[  522.398596][T12056]  ? split_huge_pmd_locked+0x731/0x3b20
[  522.398646][T12056]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  522.398701][T12056]  ? policy_nodemask+0xea/0x4e0
[  522.398745][T12056]  alloc_pages_mpol+0x1fb/0x550
[  522.398786][T12056]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  522.398827][T12056]  ? __split_huge_pmd+0x203/0x350
[  522.398883][T12056]  folio_alloc_mpol_noprof+0x36/0x2f0
[  522.398933][T12056]  vma_alloc_folio_noprof+0xed/0x1e0
[  522.398980][T12056]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  522.399029][T12056]  ? rcu_read_unlock+0x2d/0xb0
[  522.399070][T12056]  do_wp_page+0x1e5b/0x4f20
[  522.399128][T12056]  ? __pfx_do_wp_page+0x10/0x10
[  522.399178][T12056]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  522.399251][T12056]  __handle_mm_fault+0x2223/0x5490
[  522.399317][T12056]  ? __pfx___handle_mm_fault+0x10/0x10
[  522.399370][T12056]  ? kernel_text_address+0x8d/0x100
[  522.399432][T12056]  ? __lock_acquire+0xb8a/0x1c90
[  522.399505][T12056]  handle_mm_fault+0x589/0xd10
[  522.399567][T12056]  __get_user_pages+0x589/0x3b80
[  522.399632][T12056]  ? __pfx___get_user_pages+0x10/0x10
[  522.399678][T12056]  ? __pfx_down_read_killable+0x10/0x10
[  522.399736][T12056]  __gup_longterm_locked+0x20d/0x1840
[  522.399797][T12056]  ? __pfx___gup_longterm_locked+0x10/0x10
[  522.399852][T12056]  ? find_held_lock+0x2b/0x80
[  522.399899][T12056]  gup_fast_fallback+0x1ab3/0x29e0
[  522.399977][T12056]  ? __pfx_gup_fast_fallback+0x10/0x10
[  522.400023][T12056]  ? __kasan_kmalloc+0xaa/0xb0
[  522.400053][T12056]  ? refill_pi_state_cache+0x89/0x250
[  522.400099][T12056]  ? futex_lock_pi+0x173/0x740
[  522.400144][T12056]  ? __x64_sys_futex+0x1e0/0x4c0
[  522.400185][T12056]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.400240][T12056]  get_user_pages_fast+0xa7/0xf0
[  522.400295][T12056]  ? __pfx_get_user_pages_fast+0x10/0x10
[  522.400356][T12056]  get_futex_key+0x2c6/0x1540
[  522.400401][T12056]  ? __pfx_get_futex_key+0x10/0x10
[  522.400445][T12056]  ? kasan_save_track+0x14/0x30
[  522.400478][T12056]  ? __kasan_kmalloc+0xaa/0xb0
[  522.400517][T12056]  futex_lock_pi+0x1ca/0x740
[  522.400572][T12056]  ? __pfx_futex_lock_pi+0x10/0x10
[  522.400618][T12056]  ? __futex_wait+0x24c/0x2f0
[  522.400671][T12056]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  522.400765][T12056]  ? __pfx_futex_wake_mark+0x10/0x10
[  522.400830][T12056]  ? do_writev+0x218/0x340
[  522.400890][T12056]  do_futex+0x11a/0x350
[  522.400933][T12056]  ? __pfx_do_futex+0x10/0x10
[  522.400971][T12056]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  522.401021][T12056]  __x64_sys_futex+0x1e0/0x4c0
[  522.401066][T12056]  ? fput+0x70/0xf0
[  522.401105][T12056]  ? __pfx___x64_sys_futex+0x10/0x10
[  522.401149][T12056]  ? xfd_validate_state+0x61/0x180
[  522.401193][T12056]  ? __pfx_do_writev+0x10/0x10
[  522.401267][T12056]  do_syscall_64+0xcd/0x490
[  522.401307][T12056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.401342][T12056] RIP: 0033:0x7f2bd8b8e9a9
[  522.401369][T12056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  522.401402][T12056] RSP: 002b:00007f2bd99e2038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  522.401433][T12056] RAX: ffffffffffffffda RBX: 00007f2bd8db6080 RCX: 00007f2bd8b8e9a9
[  522.401457][T12056] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000000
[  522.401476][T12056] RBP: 00007f2bd8c10d69 R08: 0000000000000000 R09: 0000000000000006
[  522.401497][T12056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  522.401517][T12056] R13: 0000000000000000 R14: 00007f2bd8db6080 R15: 00007fff4d0efa48
[  522.401560][T12056]  </TASK>
[  523.653711][T12062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1228'.
[  523.669738][T12059] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1227'.
[  523.779974][T12059] bridge0: port 2(bridge_slave_1) entered disabled state
[  523.959264][T12059] bridge_slave_1 (unregistering): left allmulticast mode
[  523.966373][T12059] bridge_slave_1 (unregistering): left promiscuous mode
[  524.006898][T12059] bridge0: port 2(bridge_slave_1) entered disabled state
[  524.107178][T12072] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input85
[  524.612718][T12075] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input86
[  525.038085][T12087] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1235'.
[  527.966761][T12122] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1242'.
[  529.869094][T12138] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1245'.
[  531.712876][T12152] nbd: must specify a size in bytes for the device
[  533.611539][T12173] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1253'.
[  535.783435][T12215] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  535.997988][T12220] FAULT_INJECTION: forcing a failure.
[  535.997988][T12220] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  536.012829][T12220] CPU: 0 UID: 0 PID: 12220 Comm: syz.3.1263 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  536.012879][T12220] Tainted: [U]=USER
[  536.012889][T12220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  536.012909][T12220] Call Trace:
[  536.012919][T12220]  <TASK>
[  536.012931][T12220]  dump_stack_lvl+0x16c/0x1f0
[  536.012969][T12220]  should_fail_ex+0x512/0x640
[  536.013009][T12220]  _copy_from_user+0x2e/0xd0
[  536.013047][T12220]  core_sys_select+0x35b/0xc10
[  536.013108][T12220]  ? __pfx_core_sys_select+0x10/0x10
[  536.013218][T12220]  kern_select+0x15d/0x1e0
[  536.013270][T12220]  ? __pfx_kern_select+0x10/0x10
[  536.013325][T12220]  ? __pfx_blkcg_maybe_throttle_current+0x10/0x10
[  536.013376][T12220]  ? __pfx_mem_cgroup_handle_over_high+0x10/0x10
[  536.013422][T12220]  __x64_sys_select+0xbd/0x160
[  536.013471][T12220]  ? do_syscall_64+0x91/0x490
[  536.013503][T12220]  ? lockdep_hardirqs_on+0x7c/0x110
[  536.013533][T12220]  do_syscall_64+0xcd/0x490
[  536.013569][T12220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  536.013602][T12220] RIP: 0033:0x7f8d4878e9a9
[  536.013634][T12220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  536.013664][T12220] RSP: 002b:00007f8d495e3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[  536.013694][T12220] RAX: ffffffffffffffda RBX: 00007f8d489b6160 RCX: 00007f8d4878e9a9
[  536.013715][T12220] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e
[  536.013733][T12220] RBP: 00007f8d495e3090 R08: 0000000000000000 R09: 0000000000000000
[  536.013752][T12220] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  536.013772][T12220] R13: 0000000000000001 R14: 00007f8d489b6160 R15: 00007ffc818cbc88
[  536.013813][T12220]  </TASK>
[  536.198515][    C0] vkms_vblank_simulate: vblank timer overrun
[  536.379833][T12222] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1263'.
[  539.273619][T12261] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  539.290964][T12261] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  539.297160][T12261] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  539.307910][T12261] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  539.314879][T12261] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  539.326610][T12266] FAULT_INJECTION: forcing a failure.
[  539.326610][T12266] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  539.328486][T12258] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1274'.
[  539.357601][T12266] CPU: 1 UID: 0 PID: 12266 Comm: syz.4.1274 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  539.357652][T12266] Tainted: [U]=USER
[  539.357663][T12266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  539.357680][T12266] Call Trace:
[  539.357690][T12266]  <TASK>
[  539.357701][T12266]  dump_stack_lvl+0x16c/0x1f0
[  539.357738][T12266]  should_fail_ex+0x512/0x640
[  539.357775][T12266]  core_sys_select+0x4c5/0xc10
[  539.357836][T12266]  ? __pfx_core_sys_select+0x10/0x10
[  539.357893][T12266]  ? proc_fail_nth_write+0x9f/0x250
[  539.357970][T12266]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  539.358014][T12266]  kern_select+0x15d/0x1e0
[  539.358082][T12266]  ? __pfx_kern_select+0x10/0x10
[  539.358139][T12266]  ? __pfx_ksys_write+0x10/0x10
[  539.358178][T12266]  __x64_sys_select+0xbd/0x160
[  539.358229][T12266]  ? do_syscall_64+0x91/0x490
[  539.358262][T12266]  ? lockdep_hardirqs_on+0x7c/0x110
[  539.358293][T12266]  do_syscall_64+0xcd/0x490
[  539.358330][T12266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.358364][T12266] RIP: 0033:0x7f2bd8b8e9a9
[  539.358389][T12266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  539.358421][T12266] RSP: 002b:00007f2bd99c1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[  539.358451][T12266] RAX: ffffffffffffffda RBX: 00007f2bd8db6160 RCX: 00007f2bd8b8e9a9
[  539.358473][T12266] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e
[  539.358491][T12266] RBP: 00007f2bd99c1090 R08: 0000000000000000 R09: 0000000000000000
[  539.358510][T12266] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  539.358530][T12266] R13: 0000000000000001 R14: 00007f2bd8db6160 R15: 00007fff4d0efa48
[  539.358580][T12266]  </TASK>
[  539.366681][T12261] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  539.751579][T12261] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  540.298683][T12274] netlink: zone id is out of range
[  540.304389][T12274] netlink: zone id is out of range
[  540.384947][T12274] netlink: get zone limit has 4 unknown bytes
[  541.307680][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  541.313798][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  541.328161][   T51] Bluetooth: hci0: command 0x0406 tx timeout
[  541.390333][T12297] Bluetooth: hci4: command 0x0c1a tx timeout
[  541.396542][T12297] Bluetooth: hci2: command 0x0406 tx timeout
[  543.467710][T12315] Bluetooth: hci4: command 0x0c1a tx timeout
[  544.060300][T12348] netlink: zone id is out of range
[  544.065521][T12348] netlink: zone id is out of range
[  544.077525][T12348] netlink: get zone limit has 4 unknown bytes
[  544.653923][T12358] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.1291' sets config #32769
[  544.719583][T12358] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1291'.
[  544.773020][T12359] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1291'.
[  544.935032][T12326] netlink: set zone limit has 8 unknown bytes
[  544.994073][T12362] random: crng reseeded on system resumption
[  545.364530][T12365] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1293'.
[  545.409289][T12362] input input88: cannot allocate more than FF_MAX_EFFECTS effects
[  545.456173][T12362] FAULT_INJECTION: forcing a failure.
[  545.456173][T12362] name failslab, interval 1, probability 0, space 0, times 0
[  545.472613][T12362] CPU: 1 UID: 0 PID: 12362 Comm: syz.0.1292 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  545.472658][T12362] Tainted: [U]=USER
[  545.472666][T12362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  545.472680][T12362] Call Trace:
[  545.472687][T12362]  <TASK>
[  545.472696][T12362]  dump_stack_lvl+0x16c/0x1f0
[  545.472731][T12362]  should_fail_ex+0x512/0x640
[  545.472755][T12362]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  545.472795][T12362]  should_failslab+0xc2/0x120
[  545.472823][T12362]  __kmalloc_cache_noprof+0x6a/0x3e0
[  545.472860][T12362]  ? snd_midi_event_new+0x6f/0x210
[  545.472890][T12362]  snd_midi_event_new+0x6f/0x210
[  545.472917][T12362]  snd_virmidi_output_open+0x106/0x670
[  545.472950][T12362]  open_substream+0x478/0x9b0
[  545.472987][T12362]  rawmidi_open_priv+0x543/0x6e0
[  545.473028][T12362]  snd_rawmidi_open+0x4cc/0xbf0
[  545.473069][T12362]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  545.473107][T12362]  ? __pfx_default_wake_function+0x10/0x10
[  545.473153][T12362]  ? kobject_get_unless_zero+0x156/0x1e0
[  545.473184][T12362]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  545.473221][T12362]  snd_open+0x1fe/0x450
[  545.473249][T12362]  ? __pfx_snd_open+0x10/0x10
[  545.473275][T12362]  chrdev_open+0x231/0x6a0
[  545.473301][T12362]  ? __pfx_apparmor_file_open+0x10/0x10
[  545.473339][T12362]  ? __pfx_chrdev_open+0x10/0x10
[  545.473367][T12362]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  545.473411][T12362]  do_dentry_open+0x744/0x1c10
[  545.473436][T12362]  ? __pfx_chrdev_open+0x10/0x10
[  545.473468][T12362]  vfs_open+0x82/0x3f0
[  545.473502][T12362]  path_openat+0x1de4/0x2cb0
[  545.473535][T12362]  ? __pfx_path_openat+0x10/0x10
[  545.473560][T12362]  ? __lock_acquire+0xb8a/0x1c90
[  545.473596][T12362]  do_filp_open+0x20b/0x470
[  545.473620][T12362]  ? __pfx_do_filp_open+0x10/0x10
[  545.473664][T12362]  ? alloc_fd+0x471/0x7d0
[  545.473716][T12362]  do_sys_openat2+0x11b/0x1d0
[  545.473748][T12362]  ? __pfx_do_sys_openat2+0x10/0x10
[  545.473792][T12362]  __x64_sys_openat+0x174/0x210
[  545.473825][T12362]  ? __pfx___x64_sys_openat+0x10/0x10
[  545.473871][T12362]  do_syscall_64+0xcd/0x490
[  545.473899][T12362]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.473923][T12362] RIP: 0033:0x7fa4d9d8e9a9
[  545.473941][T12362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  545.473967][T12362] RSP: 002b:00007fa4dabf9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  545.473989][T12362] RAX: ffffffffffffffda RBX: 00007fa4d9fb5fa0 RCX: 00007fa4d9d8e9a9
[  545.474005][T12362] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  545.474020][T12362] RBP: 00007fa4d9e10d69 R08: 0000000000000000 R09: 0000000000000000
[  545.474034][T12362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  545.474049][T12362] R13: 0000000000000000 R14: 00007fa4d9fb5fa0 R15: 00007ffdfcceacf8
[  545.474078][T12362]  </TASK>
[  545.768471][    C1] vkms_vblank_simulate: vblank timer overrun
[  545.778181][T12315] Bluetooth: hci4: command 0x0c1a tx timeout
[  547.539059][T12394] random: crng reseeded on system resumption
[  547.585840][T12389] kexec: Could not allocate control_code_buffer
[  547.623937][T12395] netlink: zone id is out of range
[  547.661598][T12395] netlink: zone id is out of range
[  547.968973][T12394] input input90: cannot allocate more than FF_MAX_EFFECTS effects
[  547.998143][T12394] FAULT_INJECTION: forcing a failure.
[  547.998143][T12394] name failslab, interval 1, probability 0, space 0, times 0
[  548.015797][T12394] CPU: 1 UID: 0 PID: 12394 Comm: syz.0.1299 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  548.015844][T12394] Tainted: [U]=USER
[  548.015852][T12394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  548.015866][T12394] Call Trace:
[  548.015873][T12394]  <TASK>
[  548.015882][T12394]  dump_stack_lvl+0x16c/0x1f0
[  548.015909][T12394]  should_fail_ex+0x512/0x640
[  548.015933][T12394]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  548.015973][T12394]  should_failslab+0xc2/0x120
[  548.016000][T12394]  __kmalloc_cache_noprof+0x6a/0x3e0
[  548.016036][T12394]  ? trace_kmalloc+0x2b/0xd0
[  548.016063][T12394]  ? snd_virmidi_output_open+0xc4/0x670
[  548.016097][T12394]  snd_virmidi_output_open+0xc4/0x670
[  548.016130][T12394]  open_substream+0x478/0x9b0
[  548.016165][T12394]  rawmidi_open_priv+0x543/0x6e0
[  548.016205][T12394]  snd_rawmidi_open+0x4cc/0xbf0
[  548.016246][T12394]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  548.016284][T12394]  ? __pfx_default_wake_function+0x10/0x10
[  548.016313][T12394]  ? kobject_get_unless_zero+0x156/0x1e0
[  548.016343][T12394]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  548.016379][T12394]  snd_open+0x1fe/0x450
[  548.016406][T12394]  ? __pfx_snd_open+0x10/0x10
[  548.016431][T12394]  chrdev_open+0x231/0x6a0
[  548.016467][T12394]  ? __pfx_apparmor_file_open+0x10/0x10
[  548.016504][T12394]  ? __pfx_chrdev_open+0x10/0x10
[  548.016532][T12394]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  548.016574][T12394]  do_dentry_open+0x744/0x1c10
[  548.016598][T12394]  ? __pfx_chrdev_open+0x10/0x10
[  548.016629][T12394]  vfs_open+0x82/0x3f0
[  548.016662][T12394]  path_openat+0x1de4/0x2cb0
[  548.016696][T12394]  ? __pfx_path_openat+0x10/0x10
[  548.016720][T12394]  ? __lock_acquire+0xb8a/0x1c90
[  548.016755][T12394]  do_filp_open+0x20b/0x470
[  548.016778][T12394]  ? __pfx_do_filp_open+0x10/0x10
[  548.016822][T12394]  ? alloc_fd+0x471/0x7d0
[  548.016866][T12394]  do_sys_openat2+0x11b/0x1d0
[  548.016897][T12394]  ? __pfx_do_sys_openat2+0x10/0x10
[  548.016939][T12394]  __x64_sys_openat+0x174/0x210
[  548.016971][T12394]  ? __pfx___x64_sys_openat+0x10/0x10
[  548.017014][T12394]  do_syscall_64+0xcd/0x490
[  548.017041][T12394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.017064][T12394] RIP: 0033:0x7fa4d9d8e9a9
[  548.017082][T12394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  548.017104][T12394] RSP: 002b:00007fa4dabf9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  548.017125][T12394] RAX: ffffffffffffffda RBX: 00007fa4d9fb5fa0 RCX: 00007fa4d9d8e9a9
[  548.017141][T12394] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  548.017155][T12394] RBP: 00007fa4d9e10d69 R08: 0000000000000000 R09: 0000000000000000
[  548.017169][T12394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  548.017182][T12394] R13: 0000000000000000 R14: 00007fa4d9fb5fa0 R15: 00007ffdfcceacf8
[  548.017211][T12394]  </TASK>
[  548.307728][    C1] vkms_vblank_simulate: vblank timer overrun
[  550.773392][T12448] random: crng reseeded on system resumption
[  551.244397][T12439] netlink: set zone limit has 8 unknown bytes
[  551.311633][T12448] FAULT_INJECTION: forcing a failure.
[  551.311633][T12448] name failslab, interval 1, probability 0, space 0, times 0
[  551.346520][T12448] CPU: 1 UID: 0 PID: 12448 Comm: syz.2.1311 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  551.346563][T12448] Tainted: [U]=USER
[  551.346570][T12448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  551.346583][T12448] Call Trace:
[  551.346590][T12448]  <TASK>
[  551.346598][T12448]  dump_stack_lvl+0x16c/0x1f0
[  551.346625][T12448]  should_fail_ex+0x512/0x640
[  551.346647][T12448]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  551.346684][T12448]  should_failslab+0xc2/0x120
[  551.346710][T12448]  __kmalloc_cache_noprof+0x6a/0x3e0
[  551.346745][T12448]  ? snd_midi_event_new+0x6f/0x210
[  551.346774][T12448]  snd_midi_event_new+0x6f/0x210
[  551.346799][T12448]  snd_virmidi_output_open+0x106/0x670
[  551.346830][T12448]  open_substream+0x478/0x9b0
[  551.346864][T12448]  rawmidi_open_priv+0x543/0x6e0
[  551.346902][T12448]  snd_rawmidi_open+0x4cc/0xbf0
[  551.346940][T12448]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  551.346975][T12448]  ? __pfx_default_wake_function+0x10/0x10
[  551.347007][T12448]  ? kobject_get_unless_zero+0x156/0x1e0
[  551.347035][T12448]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  551.347068][T12448]  snd_open+0x1fe/0x450
[  551.347100][T12448]  ? __pfx_snd_open+0x10/0x10
[  551.347124][T12448]  chrdev_open+0x231/0x6a0
[  551.347165][T12448]  ? __pfx_apparmor_file_open+0x10/0x10
[  551.347202][T12448]  ? __pfx_chrdev_open+0x10/0x10
[  551.347229][T12448]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  551.347271][T12448]  do_dentry_open+0x744/0x1c10
[  551.347296][T12448]  ? __pfx_chrdev_open+0x10/0x10
[  551.347326][T12448]  vfs_open+0x82/0x3f0
[  551.347361][T12448]  path_openat+0x1de4/0x2cb0
[  551.347393][T12448]  ? __pfx_path_openat+0x10/0x10
[  551.347427][T12448]  ? __lock_acquire+0xb8a/0x1c90
[  551.347476][T12448]  do_filp_open+0x20b/0x470
[  551.347510][T12448]  ? __pfx_do_filp_open+0x10/0x10
[  551.347554][T12448]  ? alloc_fd+0x471/0x7d0
[  551.347598][T12448]  do_sys_openat2+0x11b/0x1d0
[  551.347629][T12448]  ? __pfx_do_sys_openat2+0x10/0x10
[  551.347672][T12448]  __x64_sys_openat+0x174/0x210
[  551.347704][T12448]  ? __pfx___x64_sys_openat+0x10/0x10
[  551.347747][T12448]  do_syscall_64+0xcd/0x490
[  551.347773][T12448]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  551.347797][T12448] RIP: 0033:0x7f4cdaf8e9a9
[  551.347815][T12448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  551.347837][T12448] RSP: 002b:00007f4cdbd41038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  551.347859][T12448] RAX: ffffffffffffffda RBX: 00007f4cdb1b5fa0 RCX: 00007f4cdaf8e9a9
[  551.347875][T12448] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  551.347889][T12448] RBP: 00007f4cdb010d69 R08: 0000000000000000 R09: 0000000000000000
[  551.347904][T12448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  551.347917][T12448] R13: 0000000000000000 R14: 00007f4cdb1b5fa0 R15: 00007ffefef61178
[  551.347946][T12448]  </TASK>
[  551.637809][    C1] vkms_vblank_simulate: vblank timer overrun
[  553.148162][T12484] random: crng reseeded on system resumption
[  553.410981][T12480] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1319'.
[  553.591284][T12484] FAULT_INJECTION: forcing a failure.
[  553.591284][T12484] name failslab, interval 1, probability 0, space 0, times 0
[  553.641693][T12484] CPU: 0 UID: 0 PID: 12484 Comm: syz.3.1321 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  553.641750][T12484] Tainted: [U]=USER
[  553.641762][T12484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  553.641783][T12484] Call Trace:
[  553.641794][T12484]  <TASK>
[  553.641808][T12484]  dump_stack_lvl+0x16c/0x1f0
[  553.641849][T12484]  should_fail_ex+0x512/0x640
[  553.641884][T12484]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  553.641952][T12484]  should_failslab+0xc2/0x120
[  553.641993][T12484]  __kmalloc_cache_noprof+0x6a/0x3e0
[  553.642047][T12484]  ? trace_kmalloc+0x2b/0xd0
[  553.642087][T12484]  ? snd_virmidi_output_open+0xc4/0x670
[  553.642139][T12484]  snd_virmidi_output_open+0xc4/0x670
[  553.642189][T12484]  open_substream+0x478/0x9b0
[  553.642242][T12484]  rawmidi_open_priv+0x543/0x6e0
[  553.642302][T12484]  snd_rawmidi_open+0x4cc/0xbf0
[  553.642364][T12484]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  553.642419][T12484]  ? __pfx_default_wake_function+0x10/0x10
[  553.642460][T12484]  ? kobject_get_unless_zero+0x156/0x1e0
[  553.642505][T12484]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  553.642559][T12484]  snd_open+0x1fe/0x450
[  553.642599][T12484]  ? __pfx_snd_open+0x10/0x10
[  553.642638][T12484]  chrdev_open+0x231/0x6a0
[  553.642679][T12484]  ? __pfx_apparmor_file_open+0x10/0x10
[  553.642733][T12484]  ? __pfx_chrdev_open+0x10/0x10
[  553.642772][T12484]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  553.642835][T12484]  do_dentry_open+0x744/0x1c10
[  553.642871][T12484]  ? __pfx_chrdev_open+0x10/0x10
[  553.642930][T12484]  vfs_open+0x82/0x3f0
[  553.642979][T12484]  path_openat+0x1de4/0x2cb0
[  553.643028][T12484]  ? __pfx_path_openat+0x10/0x10
[  553.643064][T12484]  ? __lock_acquire+0xb8a/0x1c90
[  553.643118][T12484]  do_filp_open+0x20b/0x470
[  553.643153][T12484]  ? __pfx_do_filp_open+0x10/0x10
[  553.643218][T12484]  ? alloc_fd+0x471/0x7d0
[  553.643284][T12484]  do_sys_openat2+0x11b/0x1d0
[  553.643329][T12484]  ? __pfx_do_sys_openat2+0x10/0x10
[  553.643392][T12484]  __x64_sys_openat+0x174/0x210
[  553.643440][T12484]  ? __pfx___x64_sys_openat+0x10/0x10
[  553.643505][T12484]  do_syscall_64+0xcd/0x490
[  553.643545][T12484]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  553.643580][T12484] RIP: 0033:0x7f8d4878e9a9
[  553.643607][T12484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  553.643641][T12484] RSP: 002b:00007f8d49625038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  553.643674][T12484] RAX: ffffffffffffffda RBX: 00007f8d489b5fa0 RCX: 00007f8d4878e9a9
[  553.643696][T12484] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  553.643717][T12484] RBP: 00007f8d48810d69 R08: 0000000000000000 R09: 0000000000000000
[  553.643737][T12484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  553.643758][T12484] R13: 0000000000000000 R14: 00007f8d489b5fa0 R15: 00007ffc818cbc88
[  553.643801][T12484]  </TASK>
[  555.001719][T12495] netlink: set zone limit has 8 unknown bytes
[  555.130317][T12507] Invalid ELF header magic: != ELF
[  556.659192][T12517] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1328'.
[  557.258004][T12523] raw_sendmsg: syz.4.1330 forgot to set AF_INET. Fix it!
[  557.325792][T12536] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1332'.
[  557.849211][T12552] FAULT_INJECTION: forcing a failure.
[  557.849211][T12552] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  557.921744][T12552] CPU: 1 UID: 0 PID: 12552 Comm: syz.4.1335 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  557.921798][T12552] Tainted: [U]=USER
[  557.921808][T12552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  557.921827][T12552] Call Trace:
[  557.921837][T12552]  <TASK>
[  557.921849][T12552]  dump_stack_lvl+0x16c/0x1f0
[  557.921884][T12552]  should_fail_ex+0x512/0x640
[  557.921923][T12552]  _copy_to_iter+0x29f/0x16f0
[  557.921962][T12552]  ? __pfx___up_read+0x10/0x10
[  557.922014][T12552]  ? traverse.part.0.constprop.0+0x2c0/0x640
[  557.922066][T12552]  ? __pfx__copy_to_iter+0x10/0x10
[  557.922109][T12552]  ? traverse.part.0.constprop.0+0x2c5/0x640
[  557.922172][T12552]  seq_read_iter+0x719/0x12c0
[  557.922239][T12552]  vfs_read+0x8bc/0xc60
[  557.922278][T12552]  ? __pfx_vfs_read+0x10/0x10
[  557.922305][T12552]  ? find_held_lock+0x2b/0x80
[  557.922367][T12552]  __x64_sys_pread64+0x1eb/0x250
[  557.922403][T12552]  ? __pfx___x64_sys_pread64+0x10/0x10
[  557.922450][T12552]  do_syscall_64+0xcd/0x490
[  557.922494][T12552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  557.922528][T12552] RIP: 0033:0x7f2bd8b8e9a9
[  557.922554][T12552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  557.922585][T12552] RSP: 002b:00007f2bd9a03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  557.922616][T12552] RAX: ffffffffffffffda RBX: 00007f2bd8db5fa0 RCX: 00007f2bd8b8e9a9
[  557.922637][T12552] RDX: 0000000080000000 RSI: 0000200000000040 RDI: 0000000000000003
[  557.922657][T12552] RBP: 00007f2bd9a03090 R08: 0000000000000000 R09: 0000000000000000
[  557.922693][T12552] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001
[  557.922712][T12552] R13: 0000000000000000 R14: 00007f2bd8db5fa0 R15: 00007fff4d0efa48
[  557.922754][T12552]  </TASK>
[  558.988823][T12566] random: crng reseeded on system resumption
[  561.603832][T12602] ovs_: entered promiscuous mode
[  561.808936][T12608] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input92
[  562.376399][T12611] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input93
[  563.549235][T12617] FAULT_INJECTION: forcing a failure.
[  563.549235][T12617] name failslab, interval 1, probability 0, space 0, times 0
[  563.562786][T12617] CPU: 0 UID: 0 PID: 12617 Comm: syz.3.1349 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  563.562824][T12617] Tainted: [U]=USER
[  563.562831][T12617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  563.562846][T12617] Call Trace:
[  563.562853][T12617]  <TASK>
[  563.562861][T12617]  dump_stack_lvl+0x16c/0x1f0
[  563.562889][T12617]  should_fail_ex+0x512/0x640
[  563.562913][T12617]  ? __kmalloc_noprof+0xbf/0x510
[  563.562939][T12617]  ? kvm_io_bus_register_dev+0x1b9/0x7f0
[  563.562962][T12617]  should_failslab+0xc2/0x120
[  563.562989][T12617]  __kmalloc_noprof+0xd2/0x510
[  563.563018][T12617]  kvm_io_bus_register_dev+0x1b9/0x7f0
[  563.563049][T12617]  kvm_pic_init+0x1fd/0x380
[  563.563085][T12617]  kvm_arch_vm_ioctl+0x8fd/0x1cf0
[  563.563113][T12617]  ? ima_match_policy+0x7f9/0x22e0
[  563.563145][T12617]  ? __pfx_kvm_arch_vm_ioctl+0x10/0x10
[  563.563174][T12617]  ? __lock_acquire+0x622/0x1c90
[  563.563220][T12617]  ? __lock_acquire+0x622/0x1c90
[  563.563258][T12617]  ? __lock_acquire+0x622/0x1c90
[  563.563296][T12617]  ? __lock_acquire+0x622/0x1c90
[  563.563350][T12617]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  563.563381][T12617]  ? is_bpf_text_address+0x94/0x1a0
[  563.563414][T12617]  ? kernel_text_address+0x8d/0x100
[  563.563452][T12617]  ? __kernel_text_address+0xd/0x40
[  563.563488][T12617]  ? unwind_get_return_address+0x59/0xa0
[  563.563526][T12617]  ? arch_stack_walk+0xa6/0x100
[  563.563558][T12617]  ? stack_trace_save+0x8e/0xc0
[  563.563602][T12617]  ? __pfx_stack_trace_save+0x10/0x10
[  563.563629][T12617]  ? stack_depot_save_flags+0x28/0xa40
[  563.563656][T12617]  ? __lock_acquire+0xb8a/0x1c90
[  563.563691][T12617]  ? kasan_save_stack+0x42/0x60
[  563.563713][T12617]  ? kasan_save_stack+0x33/0x60
[  563.563734][T12617]  ? kasan_save_track+0x14/0x30
[  563.563756][T12617]  ? kasan_save_free_info+0x3b/0x60
[  563.563789][T12617]  ? __kasan_slab_free+0x51/0x70
[  563.563812][T12617]  ? kfree+0x2b4/0x4d0
[  563.563844][T12617]  ? tomoyo_path_number_perm+0x470/0x580
[  563.563896][T12617]  ? security_file_ioctl+0x9b/0x240
[  563.563931][T12617]  ? __x64_sys_ioctl+0xb7/0x210
[  563.563962][T12617]  ? do_syscall_64+0xcd/0x490
[  563.563990][T12617]  kvm_vm_ioctl+0x19d3/0x3dd0
[  563.564041][T12617]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  563.564096][T12617]  ? kasan_quarantine_put+0x10a/0x240
[  563.564118][T12617]  ? lockdep_hardirqs_on+0x7c/0x110
[  563.564144][T12617]  ? find_held_lock+0x2b/0x80
[  563.564169][T12617]  ? tomoyo_path_number_perm+0x295/0x580
[  563.564214][T12617]  ? tomoyo_path_number_perm+0x18d/0x580
[  563.564252][T12617]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  563.564287][T12617]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  563.564330][T12617]  ? do_vfs_ioctl+0x523/0x1a60
[  563.564364][T12617]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  563.564417][T12617]  ? find_held_lock+0x2b/0x80
[  563.564441][T12617]  ? hook_file_ioctl_common+0x145/0x410
[  563.564480][T12617]  ? __fget_files+0x20e/0x3c0
[  563.564523][T12617]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  563.564563][T12617]  __x64_sys_ioctl+0x18e/0x210
[  563.564599][T12617]  do_syscall_64+0xcd/0x490
[  563.564625][T12617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.564649][T12617] RIP: 0033:0x7f8d4878e9a9
[  563.564668][T12617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  563.564691][T12617] RSP: 002b:00007f8d49625038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  563.564714][T12617] RAX: ffffffffffffffda RBX: 00007f8d489b5fa0 RCX: 00007f8d4878e9a9
[  563.564730][T12617] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003
[  563.564745][T12617] RBP: 00007f8d48810d69 R08: 0000000000000000 R09: 0000000000000000
[  563.564759][T12617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  563.564772][T12617] R13: 0000000000000000 R14: 00007f8d489b5fa0 R15: 00007ffc818cbc88
[  563.564802][T12617]  </TASK>
[  564.765389][T12649] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1357'.
[  566.795278][T12668] hub 8-0:1.0: USB hub found
[  566.829571][T12668] hub 8-0:1.0: 1 port detected
[  568.037379][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  568.043866][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  569.520120][T12692] netlink: set zone limit has 8 unknown bytes
[  571.075824][T12711] netlink: set zone limit has 8 unknown bytes
[  571.897096][T12736] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1375'.
[  572.117412][T12741] block2mtd: illegal erase size
[  574.270843][T12754] FAULT_INJECTION: forcing a failure.
[  574.270843][T12754] name failslab, interval 1, probability 0, space 0, times 0
[  574.306034][T12754] CPU: 1 UID: 0 PID: 12754 Comm: syz.0.1380 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  574.306092][T12754] Tainted: [U]=USER
[  574.306104][T12754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  574.306124][T12754] Call Trace:
[  574.306134][T12754]  <TASK>
[  574.306147][T12754]  dump_stack_lvl+0x16c/0x1f0
[  574.306196][T12754]  should_fail_ex+0x512/0x640
[  574.306230][T12754]  ? __kmalloc_noprof+0xbf/0x510
[  574.306270][T12754]  ? kvm_io_bus_register_dev+0x1b9/0x7f0
[  574.306304][T12754]  should_failslab+0xc2/0x120
[  574.306345][T12754]  __kmalloc_noprof+0xd2/0x510
[  574.306389][T12754]  kvm_io_bus_register_dev+0x1b9/0x7f0
[  574.306437][T12754]  kvm_pic_init+0x22f/0x380
[  574.306490][T12754]  kvm_arch_vm_ioctl+0x8fd/0x1cf0
[  574.306533][T12754]  ? ima_match_policy+0x7f9/0x22e0
[  574.306581][T12754]  ? __pfx_kvm_arch_vm_ioctl+0x10/0x10
[  574.306625][T12754]  ? __lock_acquire+0x622/0x1c90
[  574.306680][T12754]  ? __lock_acquire+0x622/0x1c90
[  574.306738][T12754]  ? __lock_acquire+0x622/0x1c90
[  574.306793][T12754]  ? __lock_acquire+0x622/0x1c90
[  574.306873][T12754]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  574.306914][T12754]  ? is_bpf_text_address+0x94/0x1a0
[  574.306955][T12754]  ? kernel_text_address+0x8d/0x100
[  574.307002][T12754]  ? __kernel_text_address+0xd/0x40
[  574.307046][T12754]  ? unwind_get_return_address+0x59/0xa0
[  574.307092][T12754]  ? arch_stack_walk+0xa6/0x100
[  574.307131][T12754]  ? stack_trace_save+0x8e/0xc0
[  574.307162][T12754]  ? __pfx_stack_trace_save+0x10/0x10
[  574.307201][T12754]  ? stack_depot_save_flags+0x28/0xa40
[  574.307234][T12754]  ? __lock_acquire+0xb8a/0x1c90
[  574.307281][T12754]  ? kasan_save_stack+0x42/0x60
[  574.307309][T12754]  ? kasan_save_stack+0x33/0x60
[  574.307334][T12754]  ? kasan_save_track+0x14/0x30
[  574.307360][T12754]  ? kasan_save_free_info+0x3b/0x60
[  574.307398][T12754]  ? __kasan_slab_free+0x51/0x70
[  574.307425][T12754]  ? kfree+0x2b4/0x4d0
[  574.307463][T12754]  ? tomoyo_path_number_perm+0x470/0x580
[  574.307502][T12754]  ? security_file_ioctl+0x9b/0x240
[  574.307542][T12754]  ? __x64_sys_ioctl+0xb7/0x210
[  574.307578][T12754]  ? do_syscall_64+0xcd/0x490
[  574.307613][T12754]  kvm_vm_ioctl+0x19d3/0x3dd0
[  574.307672][T12754]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  574.307735][T12754]  ? kasan_quarantine_put+0x10a/0x240
[  574.307762][T12754]  ? lockdep_hardirqs_on+0x7c/0x110
[  574.307793][T12754]  ? find_held_lock+0x2b/0x80
[  574.307822][T12754]  ? tomoyo_path_number_perm+0x295/0x580
[  574.307869][T12754]  ? tomoyo_path_number_perm+0x18d/0x580
[  574.307912][T12754]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  574.307955][T12754]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  574.308000][T12754]  ? do_vfs_ioctl+0x523/0x1a60
[  574.308038][T12754]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  574.308101][T12754]  ? find_held_lock+0x2b/0x80
[  574.308129][T12754]  ? hook_file_ioctl_common+0x145/0x410
[  574.308188][T12754]  ? __fget_files+0x20e/0x3c0
[  574.308246][T12754]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  574.308297][T12754]  __x64_sys_ioctl+0x18e/0x210
[  574.308346][T12754]  do_syscall_64+0xcd/0x490
[  574.308378][T12754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  574.308408][T12754] RIP: 0033:0x7fa4d9d8e9a9
[  574.308431][T12754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  574.308459][T12754] RSP: 002b:00007fa4dabf9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  574.308485][T12754] RAX: ffffffffffffffda RBX: 00007fa4d9fb5fa0 RCX: 00007fa4d9d8e9a9
[  574.308509][T12754] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003
[  574.308527][T12754] RBP: 00007fa4d9e10d69 R08: 0000000000000000 R09: 0000000000000000
[  574.308544][T12754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  574.308560][T12754] R13: 0000000000000000 R14: 00007fa4d9fb5fa0 R15: 00007ffdfcceacf8
[  574.308596][T12754]  </TASK>
[  574.694950][    C1] vkms_vblank_simulate: vblank timer overrun
[  574.952689][T12770] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1382'.
[  575.023716][T12770] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1382'.
[  575.474189][T12774] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input94
[  575.626368][T12781] netlink: 'syz.3.1385': attribute type 1 has an invalid length.
[  575.885107][T12775] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  575.891648][T12775] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  575.897943][T12775] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  575.904113][T12775] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  575.934843][T12775] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  576.061596][T12791] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1387'.
[  576.087765][T12791] veth0_vlan: entered allmulticast mode
[  576.823500][T12797] random: crng reseeded on system resumption
[  576.833374][T12797] FAULT_INJECTION: forcing a failure.
[  576.833374][T12797] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  576.872225][T12797] CPU: 0 UID: 0 PID: 12797 Comm: syz.0.1390 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  576.872282][T12797] Tainted: [U]=USER
[  576.872294][T12797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  576.872314][T12797] Call Trace:
[  576.872324][T12797]  <TASK>
[  576.872337][T12797]  dump_stack_lvl+0x16c/0x1f0
[  576.872376][T12797]  should_fail_ex+0x512/0x640
[  576.872419][T12797]  should_fail_alloc_page+0xe7/0x130
[  576.872464][T12797]  prepare_alloc_pages+0x3c2/0x610
[  576.872513][T12797]  ? rcu_is_watching+0x12/0xc0
[  576.872554][T12797]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  576.872604][T12797]  ? stack_trace_save+0x8e/0xc0
[  576.872643][T12797]  ? __pfx_stack_trace_save+0x10/0x10
[  576.872687][T12797]  ? stack_depot_save_flags+0x28/0xa40
[  576.872728][T12797]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  576.872771][T12797]  ? kasan_save_stack+0x42/0x60
[  576.872803][T12797]  ? kasan_save_stack+0x33/0x60
[  576.872854][T12797]  ? do_dentry_open+0x744/0x1c10
[  576.872887][T12797]  ? vfs_open+0x82/0x3f0
[  576.872927][T12797]  ? path_openat+0x1de4/0x2cb0
[  576.872955][T12797]  ? do_filp_open+0x20b/0x470
[  576.872984][T12797]  ? do_sys_openat2+0x11b/0x1d0
[  576.873026][T12797]  ? __x64_sys_openat+0x174/0x210
[  576.873071][T12797]  ? do_syscall_64+0xcd/0x490
[  576.873105][T12797]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  576.873141][T12797]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  576.873192][T12797]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  576.873248][T12797]  ? policy_nodemask+0xea/0x4e0
[  576.873292][T12797]  alloc_pages_mpol+0x1fb/0x550
[  576.873333][T12797]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  576.873387][T12797]  alloc_pages_noprof+0x131/0x390
[  576.873430][T12797]  get_zeroed_page_noprof+0x18/0xb0
[  576.873478][T12797]  get_image_page+0x18/0x190
[  576.873514][T12797]  alloc_rtree_node+0x3c/0xb0
[  576.873552][T12797]  memory_bm_create+0x519/0x810
[  576.873606][T12797]  create_basic_memory_bitmaps+0x10b/0x320
[  576.873655][T12797]  snapshot_open+0x235/0x2b0
[  576.873696][T12797]  ? __pfx_snapshot_open+0x10/0x10
[  576.873741][T12797]  misc_open+0x35d/0x420
[  576.873794][T12797]  ? __pfx_misc_open+0x10/0x10
[  576.873856][T12797]  chrdev_open+0x231/0x6a0
[  576.873892][T12797]  ? __pfx_apparmor_file_open+0x10/0x10
[  576.873947][T12797]  ? __pfx_chrdev_open+0x10/0x10
[  576.873987][T12797]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  576.874051][T12797]  do_dentry_open+0x744/0x1c10
[  576.874088][T12797]  ? __pfx_chrdev_open+0x10/0x10
[  576.874134][T12797]  vfs_open+0x82/0x3f0
[  576.874183][T12797]  path_openat+0x1de4/0x2cb0
[  576.874231][T12797]  ? __pfx_path_openat+0x10/0x10
[  576.874268][T12797]  ? __lock_acquire+0xb8a/0x1c90
[  576.874320][T12797]  do_filp_open+0x20b/0x470
[  576.874354][T12797]  ? __pfx_do_filp_open+0x10/0x10
[  576.874420][T12797]  ? alloc_fd+0x471/0x7d0
[  576.874486][T12797]  do_sys_openat2+0x11b/0x1d0
[  576.874531][T12797]  ? __pfx_do_sys_openat2+0x10/0x10
[  576.874574][T12797]  ? __fget_files+0x204/0x3c0
[  576.874643][T12797]  __x64_sys_openat+0x174/0x210
[  576.874690][T12797]  ? __pfx___x64_sys_openat+0x10/0x10
[  576.874754][T12797]  do_syscall_64+0xcd/0x490
[  576.874792][T12797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  576.874835][T12797] RIP: 0033:0x7fa4d9d8e9a9
[  576.874863][T12797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  576.874896][T12797] RSP: 002b:00007fa4dabf9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  576.874927][T12797] RAX: ffffffffffffffda RBX: 00007fa4d9fb5fa0 RCX: 00007fa4d9d8e9a9
[  576.874950][T12797] RDX: 0000000000001001 RSI: 0000200000000180 RDI: ffffffffffffff9c
[  576.874972][T12797] RBP: 00007fa4d9e10d69 R08: 0000000000000000 R09: 0000000000000000
[  576.874991][T12797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  576.875010][T12797] R13: 0000000000000000 R14: 00007fa4d9fb5fa0 R15: 00007ffdfcceacf8
[  576.875053][T12797]  </TASK>
[  577.303937][T12802] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1391'.
[  577.615711][T12725] Bluetooth: hci0: command 0x0406 tx timeout
[  577.990912][T12315] Bluetooth: hci4: command 0x0c1a tx timeout
[  577.997024][T12725] Bluetooth: hci2: command 0x0406 tx timeout
[  578.004615][T12315] Bluetooth: hci3: command 0x0406 tx timeout
[  578.011414][T12725] Bluetooth: hci1: command 0x0406 tx timeout
[  585.344547][   T30] audit: type=1800 audit(4294969397.755:11): pid=12905 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1411" name="features" dev="configfs" ino=35405 res=0 errno=0
[  585.476147][T12913] netlink: zone id is out of range
[  585.481468][T12913] netlink: zone id is out of range
[  585.486790][T12913] FAULT_INJECTION: forcing a failure.
[  585.486790][T12913] name failslab, interval 1, probability 0, space 0, times 0
[  585.500873][T12913] CPU: 1 UID: 0 PID: 12913 Comm: syz.2.1415 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  585.500925][T12913] Tainted: [U]=USER
[  585.500935][T12913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  585.500955][T12913] Call Trace:
[  585.500965][T12913]  <TASK>
[  585.500978][T12913]  dump_stack_lvl+0x16c/0x1f0
[  585.501015][T12913]  should_fail_ex+0x512/0x640
[  585.501056][T12913]  should_failslab+0xc2/0x120
[  585.501096][T12913]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  585.501132][T12913]  ? skb_clone+0x190/0x3f0
[  585.501174][T12913]  skb_clone+0x190/0x3f0
[  585.501211][T12913]  netlink_deliver_tap+0xabd/0xd30
[  585.501259][T12913]  netlink_unicast+0x702/0x850
[  585.501308][T12913]  ? __pfx_netlink_unicast+0x10/0x10
[  585.501347][T12913]  ? __asan_memset+0x23/0x50
[  585.501397][T12913]  ? __asan_memcpy+0x3c/0x60
[  585.501455][T12913]  ovs_ct_limit_cmd_get+0x7e1/0xf60
[  585.501517][T12913]  ? __pfx_ovs_ct_limit_cmd_get+0x10/0x10
[  585.501574][T12913]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  585.501626][T12913]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  585.501686][T12913]  genl_family_rcv_msg_doit+0x209/0x2f0
[  585.501773][T12913]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  585.501822][T12913]  ? genl_get_cmd+0x194/0x580
[  585.501881][T12913]  ? __radix_tree_lookup+0x21f/0x2c0
[  585.501941][T12913]  genl_rcv_msg+0x55c/0x800
[  585.501994][T12913]  ? __pfx_genl_rcv_msg+0x10/0x10
[  585.502043][T12913]  ? __pfx_ovs_ct_limit_cmd_get+0x10/0x10
[  585.502106][T12913]  netlink_rcv_skb+0x158/0x420
[  585.502148][T12913]  ? __pfx_genl_rcv_msg+0x10/0x10
[  585.502198][T12913]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  585.502258][T12913]  ? netlink_deliver_tap+0x1ae/0xd30
[  585.502304][T12913]  genl_rcv+0x28/0x40
[  585.502344][T12913]  netlink_unicast+0x58a/0x850
[  585.502392][T12913]  ? __pfx_netlink_unicast+0x10/0x10
[  585.502446][T12913]  netlink_sendmsg+0x8d1/0xdd0
[  585.502496][T12913]  ? __pfx_netlink_sendmsg+0x10/0x10
[  585.502554][T12913]  ____sys_sendmsg+0xa95/0xc70
[  585.502601][T12913]  ? copy_msghdr_from_user+0x10a/0x160
[  585.502636][T12913]  ? __pfx_____sys_sendmsg+0x10/0x10
[  585.502703][T12913]  ___sys_sendmsg+0x134/0x1d0
[  585.502750][T12913]  ? __pfx____sys_sendmsg+0x10/0x10
[  585.502780][T12913]  ? __lock_acquire+0x622/0x1c90
[  585.502880][T12913]  __sys_sendmsg+0x16d/0x220
[  585.502928][T12913]  ? __pfx___sys_sendmsg+0x10/0x10
[  585.502990][T12913]  do_syscall_64+0xcd/0x490
[  585.503027][T12913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  585.503060][T12913] RIP: 0033:0x7f4cdaf8e9a9
[  585.503084][T12913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  585.503115][T12913] RSP: 002b:00007f4cdbd41038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  585.503144][T12913] RAX: ffffffffffffffda RBX: 00007f4cdb1b5fa0 RCX: 00007f4cdaf8e9a9
[  585.503165][T12913] RDX: 0000000000000000 RSI: 0000200000002040 RDI: 0000000000000003
[  585.503184][T12913] RBP: 00007f4cdbd41090 R08: 0000000000000000 R09: 0000000000000000
[  585.503203][T12913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  585.503239][T12913] R13: 0000000000000000 R14: 00007f4cdb1b5fa0 R15: 00007ffefef61178
[  585.503282][T12913]  </TASK>
[  585.931606][T12906] netlink: set zone limit has 8 unknown bytes
[  586.650257][T12924] netlink: zone id is out of range
[  586.706358][T12924] netlink: zone id is out of range
[  589.894936][T12977] netlink: zone id is out of range
[  589.900245][T12977] netlink: zone id is out of range
[  590.702840][T12989] FAULT_INJECTION: forcing a failure.
[  590.702840][T12989] name fail_futex, interval 1, probability 0, space 0, times 0
[  590.722544][T12989] CPU: 1 UID: 0 PID: 12989 Comm: syz.4.1436 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  590.722601][T12989] Tainted: [U]=USER
[  590.722612][T12989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  590.722633][T12989] Call Trace:
[  590.722643][T12989]  <TASK>
[  590.722656][T12989]  dump_stack_lvl+0x16c/0x1f0
[  590.722697][T12989]  should_fail_ex+0x512/0x640
[  590.722739][T12989]  get_futex_key+0x1d0/0x1540
[  590.722784][T12989]  ? __pfx_get_futex_key+0x10/0x10
[  590.722852][T12989]  futex_wake+0xe7/0x4e0
[  590.722903][T12989]  ? __pfx_futex_wake+0x10/0x10
[  590.722955][T12989]  ? kmem_cache_free+0x2d1/0x4d0
[  590.722985][T12989]  ? fd_install+0x225/0x750
[  590.723033][T12989]  ? putname+0x154/0x1a0
[  590.723079][T12989]  do_futex+0x1e3/0x350
[  590.723119][T12989]  ? __pfx_do_futex+0x10/0x10
[  590.723171][T12989]  __x64_sys_futex+0x1e0/0x4c0
[  590.723215][T12989]  ? __x64_sys_openat+0x174/0x210
[  590.723260][T12989]  ? __pfx___x64_sys_futex+0x10/0x10
[  590.723317][T12989]  do_syscall_64+0xcd/0x490
[  590.723354][T12989]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  590.723387][T12989] RIP: 0033:0x7f2bd8b8e9a9
[  590.723413][T12989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  590.723445][T12989] RSP: 002b:00007f2bd9a030e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  590.723475][T12989] RAX: ffffffffffffffda RBX: 00007f2bd8db5fa8 RCX: 00007f2bd8b8e9a9
[  590.723497][T12989] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2bd8db5fac
[  590.723517][T12989] RBP: 00007f2bd8db5fa0 R08: 00007f2bd9a04000 R09: 0000000000000000
[  590.723544][T12989] R10: 0000000000000005 R11: 0000000000000246 R12: 00007f2bd8db5fac
[  590.723564][T12989] R13: 0000000000000000 R14: 00007fff4d0ef960 R15: 00007fff4d0efa48
[  590.723606][T12989]  </TASK>
[  591.338406][T13004] netlink: 206 bytes leftover after parsing attributes in process `syz.4.1439'.
[  592.624116][T13025] netlink: zone id is out of range
[  592.667428][T13025] netlink: zone id is out of range
[  592.919331][T13027] random: crng reseeded on system resumption
[  593.907963][T12814] Bluetooth: hci4: unexpected event 0x14 length: 16 > 6
[  597.677187][T13085] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1455'.
[  597.693755][T13085] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  597.703859][T13085] batman_adv: batadv0: Removing interface: batadv_slave_0
[  597.963815][T13085] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  597.971402][T13085] batman_adv: batadv0: Removing interface: batadv_slave_1
[  598.273351][T13077] FAULT_INJECTION: forcing a failure.
[  598.273351][T13077] name failslab, interval 1, probability 0, space 0, times 0
[  598.316868][T13077] CPU: 0 UID: 0 PID: 13077 Comm: syz.4.1454 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  598.316928][T13077] Tainted: [U]=USER
[  598.316940][T13077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  598.316962][T13077] Call Trace:
[  598.316973][T13077]  <TASK>
[  598.316985][T13077]  dump_stack_lvl+0x16c/0x1f0
[  598.317028][T13077]  should_fail_ex+0x512/0x640
[  598.317063][T13077]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  598.317121][T13077]  should_failslab+0xc2/0x120
[  598.317161][T13077]  __kmalloc_cache_noprof+0x6a/0x3e0
[  598.317215][T13077]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  598.317266][T13077]  ? kvm_set_irq_routing+0x24f/0x980
[  598.317319][T13077]  kvm_set_irq_routing+0x24f/0x980
[  598.317378][T13077]  kvm_arch_vm_ioctl+0x941/0x1cf0
[  598.317422][T13077]  ? ima_match_policy+0x7f9/0x22e0
[  598.317479][T13077]  ? __pfx_kvm_arch_vm_ioctl+0x10/0x10
[  598.317526][T13077]  ? __lock_acquire+0x622/0x1c90
[  598.317582][T13077]  ? __lock_acquire+0x622/0x1c90
[  598.317640][T13077]  ? __lock_acquire+0x622/0x1c90
[  598.317696][T13077]  ? __lock_acquire+0x622/0x1c90
[  598.317777][T13077]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  598.317820][T13077]  ? is_bpf_text_address+0x94/0x1a0
[  598.317868][T13077]  ? kernel_text_address+0x8d/0x100
[  598.317923][T13077]  ? __kernel_text_address+0xd/0x40
[  598.317974][T13077]  ? unwind_get_return_address+0x59/0xa0
[  598.318025][T13077]  ? arch_stack_walk+0xa6/0x100
[  598.318071][T13077]  ? stack_trace_save+0x8e/0xc0
[  598.318108][T13077]  ? __pfx_stack_trace_save+0x10/0x10
[  598.318143][T13077]  ? stack_depot_save_flags+0x28/0xa40
[  598.318180][T13077]  ? __lock_acquire+0xb8a/0x1c90
[  598.318227][T13077]  ? kasan_save_stack+0x42/0x60
[  598.318257][T13077]  ? kasan_save_stack+0x33/0x60
[  598.318286][T13077]  ? kasan_save_track+0x14/0x30
[  598.318315][T13077]  ? kasan_save_free_info+0x3b/0x60
[  598.318359][T13077]  ? __kasan_slab_free+0x51/0x70
[  598.318390][T13077]  ? kfree+0x2b4/0x4d0
[  598.318434][T13077]  ? tomoyo_path_number_perm+0x470/0x580
[  598.318486][T13077]  ? security_file_ioctl+0x9b/0x240
[  598.318531][T13077]  ? __x64_sys_ioctl+0xb7/0x210
[  598.318575][T13077]  ? do_syscall_64+0xcd/0x490
[  598.318613][T13077]  kvm_vm_ioctl+0x19d3/0x3dd0
[  598.318681][T13077]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  598.318755][T13077]  ? kasan_quarantine_put+0x10a/0x240
[  598.318786][T13077]  ? lockdep_hardirqs_on+0x7c/0x110
[  598.318821][T13077]  ? find_held_lock+0x2b/0x80
[  598.318855][T13077]  ? tomoyo_path_number_perm+0x295/0x580
[  598.318907][T13077]  ? tomoyo_path_number_perm+0x18d/0x580
[  598.318954][T13077]  ? do_raw_spin_unlock+0x94/0x230
[  598.319010][T13077]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  598.319059][T13077]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  598.319110][T13077]  ? do_vfs_ioctl+0x523/0x1a60
[  598.319156][T13077]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  598.319227][T13077]  ? find_held_lock+0x2b/0x80
[  598.319259][T13077]  ? hook_file_ioctl_common+0x145/0x410
[  598.319311][T13077]  ? __fget_files+0x20e/0x3c0
[  598.319366][T13077]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  598.319420][T13077]  __x64_sys_ioctl+0x18e/0x210
[  598.319475][T13077]  do_syscall_64+0xcd/0x490
[  598.319512][T13077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  598.319544][T13077] RIP: 0033:0x7f2bd8b8e9a9
[  598.319570][T13077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  598.319602][T13077] RSP: 002b:00007f2bd9a03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  598.319632][T13077] RAX: ffffffffffffffda RBX: 00007f2bd8db5fa0 RCX: 00007f2bd8b8e9a9
[  598.319653][T13077] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003
[  598.319673][T13077] RBP: 00007f2bd8c10d69 R08: 0000000000000000 R09: 0000000000000000
[  598.319692][T13077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  598.319711][T13077] R13: 0000000000000000 R14: 00007f2bd8db5fa0 R15: 00007fff4d0efa48
[  598.319752][T13077]  </TASK>
[  598.708076][    C0] vkms_vblank_simulate: vblank timer overrun
[  599.444952][T13107] ALSA: mixer_oss: invalid OSS volume '0'
[  599.474898][T13107] ALSA: mixer_oss: invalid OSS volume ''
[  600.677916][T13111] netlink: set zone limit has 8 unknown bytes
[  601.831218][T13135] FAULT_INJECTION: forcing a failure.
[  601.831218][T13135] name failslab, interval 1, probability 0, space 0, times 0
[  601.850472][T13135] CPU: 0 UID: 0 PID: 13135 Comm: syz.3.1467 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  601.850526][T13135] Tainted: [U]=USER
[  601.850538][T13135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  601.850557][T13135] Call Trace:
[  601.850567][T13135]  <TASK>
[  601.850578][T13135]  dump_stack_lvl+0x16c/0x1f0
[  601.850616][T13135]  should_fail_ex+0x512/0x640
[  601.850649][T13135]  ? __kmalloc_noprof+0xbf/0x510
[  601.850682][T13135]  ? kvm_io_bus_register_dev+0x1b9/0x7f0
[  601.850712][T13135]  should_failslab+0xc2/0x120
[  601.850747][T13135]  __kmalloc_noprof+0xd2/0x510
[  601.850786][T13135]  kvm_io_bus_register_dev+0x1b9/0x7f0
[  601.850828][T13135]  kvm_ioapic_init+0x3fa/0x550
[  601.850876][T13135]  kvm_arch_vm_ioctl+0x91f/0x1cf0
[  601.850913][T13135]  ? ima_match_policy+0x7f9/0x22e0
[  601.850953][T13135]  ? __pfx_kvm_arch_vm_ioctl+0x10/0x10
[  601.850991][T13135]  ? __lock_acquire+0x622/0x1c90
[  601.851038][T13135]  ? __lock_acquire+0x622/0x1c90
[  601.851087][T13135]  ? __lock_acquire+0x622/0x1c90
[  601.851135][T13135]  ? __lock_acquire+0x622/0x1c90
[  601.851203][T13135]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  601.851241][T13135]  ? is_bpf_text_address+0x94/0x1a0
[  601.851282][T13135]  ? kernel_text_address+0x8d/0x100
[  601.851329][T13135]  ? __kernel_text_address+0xd/0x40
[  601.851382][T13135]  ? unwind_get_return_address+0x59/0xa0
[  601.851431][T13135]  ? arch_stack_walk+0xa6/0x100
[  601.851475][T13135]  ? stack_trace_save+0x8e/0xc0
[  601.851511][T13135]  ? __pfx_stack_trace_save+0x10/0x10
[  601.851544][T13135]  ? stack_depot_save_flags+0x28/0xa40
[  601.851577][T13135]  ? __lock_acquire+0xb8a/0x1c90
[  601.851622][T13135]  ? kasan_save_stack+0x42/0x60
[  601.851648][T13135]  ? kasan_save_stack+0x33/0x60
[  601.851676][T13135]  ? kasan_save_track+0x14/0x30
[  601.851703][T13135]  ? kasan_save_free_info+0x3b/0x60
[  601.851742][T13135]  ? __kasan_slab_free+0x51/0x70
[  601.851771][T13135]  ? kfree+0x2b4/0x4d0
[  601.851829][T13135]  ? tomoyo_path_number_perm+0x470/0x580
[  601.851872][T13135]  ? security_file_ioctl+0x9b/0x240
[  601.851916][T13135]  ? __x64_sys_ioctl+0xb7/0x210
[  601.851957][T13135]  ? do_syscall_64+0xcd/0x490
[  601.851994][T13135]  kvm_vm_ioctl+0x19d3/0x3dd0
[  601.852061][T13135]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  601.852134][T13135]  ? kasan_quarantine_put+0x10a/0x240
[  601.852163][T13135]  ? lockdep_hardirqs_on+0x7c/0x110
[  601.852197][T13135]  ? find_held_lock+0x2b/0x80
[  601.852231][T13135]  ? tomoyo_path_number_perm+0x295/0x580
[  601.852282][T13135]  ? tomoyo_path_number_perm+0x18d/0x580
[  601.852331][T13135]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  601.852382][T13135]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  601.852434][T13135]  ? do_vfs_ioctl+0x523/0x1a60
[  601.852478][T13135]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  601.852549][T13135]  ? find_held_lock+0x2b/0x80
[  601.852581][T13135]  ? hook_file_ioctl_common+0x145/0x410
[  601.852632][T13135]  ? __fget_files+0x20e/0x3c0
[  601.852687][T13135]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  601.852738][T13135]  __x64_sys_ioctl+0x18e/0x210
[  601.852784][T13135]  do_syscall_64+0xcd/0x490
[  601.852820][T13135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  601.852851][T13135] RIP: 0033:0x7f8d4878e9a9
[  601.852875][T13135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  601.852905][T13135] RSP: 002b:00007f8d49625038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  601.852934][T13135] RAX: ffffffffffffffda RBX: 00007f8d489b5fa0 RCX: 00007f8d4878e9a9
[  601.852973][T13135] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003
[  601.852993][T13135] RBP: 00007f8d48810d69 R08: 0000000000000000 R09: 0000000000000000
[  601.853027][T13135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  601.853045][T13135] R13: 0000000000000000 R14: 00007f8d489b5fa0 R15: 00007ffc818cbc88
[  601.853086][T13135]  </TASK>
[  602.741224][T13144] svc: failed to register nfsdv3 RPC service (errno 111).
[  602.761183][T13144] svc: failed to register nfsaclv3 RPC service (errno 111).
[  603.118434][T13155] sd 0:0:1:0: PR command failed: 1026
[  603.123932][T13155] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  603.208263][T13155] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  605.052319][T13174] FAULT_INJECTION: forcing a failure.
[  605.052319][T13174] name failslab, interval 1, probability 0, space 0, times 0
[  605.112169][T13174] CPU: 0 UID: 0 PID: 13174 Comm: syz.4.1474 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  605.112229][T13174] Tainted: [U]=USER
[  605.112241][T13174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  605.112262][T13174] Call Trace:
[  605.112273][T13174]  <TASK>
[  605.112287][T13174]  dump_stack_lvl+0x16c/0x1f0
[  605.112329][T13174]  should_fail_ex+0x512/0x640
[  605.112364][T13174]  ? fs_reclaim_acquire+0xae/0x150
[  605.112418][T13174]  should_failslab+0xc2/0x120
[  605.112459][T13174]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  605.112498][T13174]  ? security_inode_alloc+0x3b/0x2b0
[  605.112553][T13174]  security_inode_alloc+0x3b/0x2b0
[  605.112603][T13174]  inode_init_always_gfp+0xce4/0x1030
[  605.112667][T13174]  alloc_inode+0x86/0x240
[  605.112712][T13174]  path_from_stashed+0x2be/0xb00
[  605.112754][T13174]  ? __pfx_path_from_stashed+0x10/0x10
[  605.112791][T13174]  ? __pfx_aa_get_newest_label+0x10/0x10
[  605.112845][T13174]  open_namespace+0x8d/0x190
[  605.112901][T13174]  ? __pfx_open_namespace+0x10/0x10
[  605.112959][T13174]  ? bpf_lsm_capable+0x9/0x10
[  605.113017][T13174]  open_related_ns+0x41/0x70
[  605.113071][T13174]  __tun_chr_ioctl+0x244c/0x47a0
[  605.113133][T13174]  ? __pfx___tun_chr_ioctl+0x10/0x10
[  605.113181][T13174]  ? hook_file_ioctl_common+0x145/0x410
[  605.113238][T13174]  ? __fget_files+0x20e/0x3c0
[  605.113300][T13174]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  605.113343][T13174]  __x64_sys_ioctl+0x18e/0x210
[  605.113396][T13174]  do_syscall_64+0xcd/0x490
[  605.113437][T13174]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  605.113471][T13174] RIP: 0033:0x7f2bd8b8e9a9
[  605.113500][T13174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  605.113534][T13174] RSP: 002b:00007f2bd9a03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  605.113568][T13174] RAX: ffffffffffffffda RBX: 00007f2bd8db5fa0 RCX: 00007f2bd8b8e9a9
[  605.113590][T13174] RDX: 0000000000005c8d RSI: 00000000000054e3 RDI: 00000000000000c8
[  605.113612][T13174] RBP: 00007f2bd8c10d69 R08: 0000000000000000 R09: 0000000000000000
[  605.113632][T13174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  605.113652][T13174] R13: 0000000000000000 R14: 00007f2bd8db5fa0 R15: 00007fff4d0efa48
[  605.113696][T13174]  </TASK>
[  608.276497][T13218] perf: Dynamic interrupt throttling disabled, can hang your system!
[  608.405002][T13211] FAULT_INJECTION: forcing a failure.
[  608.405002][T13211] name fail_futex, interval 1, probability 0, space 0, times 0
[  608.417993][T13211] CPU: 0 UID: 0 PID: 13211 Comm: syz.0.1482 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  608.418041][T13211] Tainted: [U]=USER
[  608.418052][T13211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  608.418069][T13211] Call Trace:
[  608.418079][T13211]  <TASK>
[  608.418090][T13211]  dump_stack_lvl+0x16c/0x1f0
[  608.418126][T13211]  should_fail_ex+0x512/0x640
[  608.418164][T13211]  should_fail_futex+0x4c/0x60
[  608.418199][T13211]  futex_lock_pi_atomic+0x101/0xdb0
[  608.418251][T13211]  futex_lock_pi+0x23d/0x740
[  608.418302][T13211]  ? __pfx_futex_lock_pi+0x10/0x10
[  608.418343][T13211]  ? __futex_wait+0x24c/0x2f0
[  608.418416][T13211]  ? __futex_hash.constprop.0+0x1e9/0x440
[  608.418459][T13211]  ? __pfx_futex_wake_mark+0x10/0x10
[  608.418526][T13211]  do_futex+0x11a/0x350
[  608.418564][T13211]  ? __pfx_do_futex+0x10/0x10
[  608.418602][T13211]  ? find_held_lock+0x2b/0x80
[  608.418635][T13211]  ? handle_mm_fault+0x2ab/0xd10
[  608.418686][T13211]  __x64_sys_futex+0x1e0/0x4c0
[  608.418736][T13211]  ? exc_page_fault+0x5c/0xb0
[  608.418764][T13211]  ? __pfx___x64_sys_futex+0x10/0x10
[  608.418803][T13211]  ? xfd_validate_state+0x61/0x180
[  608.418858][T13211]  do_syscall_64+0xcd/0x490
[  608.418892][T13211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  608.418923][T13211] RIP: 0033:0x7fa4d9d8e9a9
[  608.418948][T13211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  608.418977][T13211] RSP: 002b:00007fa4dabf9038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  608.419004][T13211] RAX: ffffffffffffffda RBX: 00007fa4d9fb5fa0 RCX: 00007fa4d9d8e9a9
[  608.419024][T13211] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000000
[  608.419043][T13211] RBP: 00007fa4d9e10d69 R08: 0000000000000000 R09: 0000000000000006
[  608.419062][T13211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  608.419080][T13211] R13: 0000000000000000 R14: 00007fa4d9fb5fa0 R15: 00007ffdfcceacf8
[  608.419118][T13211]  </TASK>
[  608.932157][T13223] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1483'.
[  611.195821][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  611.211751][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  611.223129][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  611.229656][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  611.239629][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  611.247841][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  611.257375][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  611.264728][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  612.399773][T13233] netlink: set zone limit has 8 unknown bytes
[  612.567889][T12814] Bluetooth: hci0: ACL packet too small
[  613.557280][T13259] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007
[  613.654983][T13259] Unable to find swap-space signature
[  614.296394][T13272] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1492'.
[  615.332485][T13278] FAULT_INJECTION: forcing a failure.
[  615.332485][T13278] name fail_futex, interval 1, probability 0, space 0, times 0
[  615.345519][T13278] CPU: 1 UID: 0 PID: 13278 Comm: syz.0.1495 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  615.345572][T13278] Tainted: [U]=USER
[  615.345583][T13278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  615.345603][T13278] Call Trace:
[  615.345615][T13278]  <TASK>
[  615.345628][T13278]  dump_stack_lvl+0x16c/0x1f0
[  615.345676][T13278]  should_fail_ex+0x512/0x640
[  615.345714][T13278]  should_fail_futex+0x4c/0x60
[  615.345751][T13278]  futex_lock_pi_atomic+0x101/0xdb0
[  615.345810][T13278]  futex_lock_pi+0x23d/0x740
[  615.345859][T13278]  ? __pfx_futex_lock_pi+0x10/0x10
[  615.345902][T13278]  ? __futex_wait+0x24c/0x2f0
[  615.345978][T13278]  ? __futex_hash.constprop.0+0x1e9/0x440
[  615.346021][T13278]  ? __pfx_futex_wake_mark+0x10/0x10
[  615.346089][T13278]  do_futex+0x11a/0x350
[  615.346128][T13278]  ? __pfx_do_futex+0x10/0x10
[  615.346164][T13278]  ? find_held_lock+0x2b/0x80
[  615.346197][T13278]  ? handle_mm_fault+0x2ab/0xd10
[  615.346249][T13278]  __x64_sys_futex+0x1e0/0x4c0
[  615.346289][T13278]  ? exc_page_fault+0x5c/0xb0
[  615.346317][T13278]  ? __pfx___x64_sys_futex+0x10/0x10
[  615.346356][T13278]  ? xfd_validate_state+0x61/0x180
[  615.346412][T13278]  do_syscall_64+0xcd/0x490
[  615.346447][T13278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  615.346478][T13278] RIP: 0033:0x7fa4d9d8e9a9
[  615.346501][T13278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  615.346531][T13278] RSP: 002b:00007fa4dabf9038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  615.346559][T13278] RAX: ffffffffffffffda RBX: 00007fa4d9fb5fa0 RCX: 00007fa4d9d8e9a9
[  615.346578][T13278] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000000
[  615.346595][T13278] RBP: 00007fa4d9e10d69 R08: 0000000000000000 R09: 0000000000000006
[  615.346612][T13278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  615.346628][T13278] R13: 0000000000000000 R14: 00007fa4d9fb5fa0 R15: 00007ffdfcceacf8
[  615.346664][T13278]  </TASK>
[  616.498443][T13308] netlink: zone id is out of range
[  616.504763][T13308] netlink: zone id is out of range
[  617.837177][T13330] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1507'.
[  618.352836][T13328] ubi0: attaching mtd0
[  618.375489][T13328] ubi0: scanning is finished
[  618.384137][T13328] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record
[  618.697025][T13328] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  618.725071][T13338] netlink: 'syz.4.1509': attribute type 1 has an invalid length.
[  619.865023][T13348] FAULT_INJECTION: forcing a failure.
[  619.865023][T13348] name failslab, interval 1, probability 0, space 0, times 0
[  619.893810][T13360] netlink: 'syz.3.1515': attribute type 64 has an invalid length.
[  619.901896][T13348] CPU: 0 UID: 0 PID: 13348 Comm: syz.4.1512 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  619.901945][T13348] Tainted: [U]=USER
[  619.901956][T13348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  619.901974][T13348] Call Trace:
[  619.901985][T13348]  <TASK>
[  619.901996][T13348]  dump_stack_lvl+0x16c/0x1f0
[  619.902056][T13348]  should_fail_ex+0x512/0x640
[  619.902102][T13348]  ? __kmalloc_noprof+0xbf/0x510
[  619.902137][T13348]  ? kvm_io_bus_register_dev+0x1b9/0x7f0
[  619.902168][T13348]  should_failslab+0xc2/0x120
[  619.902205][T13348]  __kmalloc_noprof+0xd2/0x510
[  619.902246][T13348]  kvm_io_bus_register_dev+0x1b9/0x7f0
[  619.902290][T13348]  kvm_pic_init+0x25e/0x380
[  619.902339][T13348]  kvm_arch_vm_ioctl+0x8fd/0x1cf0
[  619.902379][T13348]  ? ima_match_policy+0x7f9/0x22e0
[  619.902420][T13348]  ? __pfx_kvm_arch_vm_ioctl+0x10/0x10
[  619.902462][T13348]  ? __lock_acquire+0x622/0x1c90
[  619.902513][T13348]  ? __lock_acquire+0x622/0x1c90
[  619.902572][T13348]  ? __lock_acquire+0x622/0x1c90
[  619.902623][T13348]  ? __lock_acquire+0x622/0x1c90
[  619.902698][T13348]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  619.902737][T13348]  ? is_bpf_text_address+0x94/0x1a0
[  619.902782][T13348]  ? kernel_text_address+0x8d/0x100
[  619.902833][T13348]  ? __kernel_text_address+0xd/0x40
[  619.902883][T13348]  ? unwind_get_return_address+0x59/0xa0
[  619.902938][T13348]  ? arch_stack_walk+0xa6/0x100
[  619.902983][T13348]  ? stack_trace_save+0x8e/0xc0
[  619.903019][T13348]  ? __pfx_stack_trace_save+0x10/0x10
[  619.903054][T13348]  ? stack_depot_save_flags+0x28/0xa40
[  619.903089][T13348]  ? __lock_acquire+0xb8a/0x1c90
[  619.903137][T13348]  ? kasan_save_stack+0x42/0x60
[  619.903166][T13348]  ? kasan_save_stack+0x33/0x60
[  619.903193][T13348]  ? kasan_save_track+0x14/0x30
[  619.903231][T13348]  ? kasan_save_free_info+0x3b/0x60
[  619.903270][T13348]  ? __kasan_slab_free+0x51/0x70
[  619.903299][T13348]  ? kfree+0x2b4/0x4d0
[  619.903339][T13348]  ? tomoyo_path_number_perm+0x470/0x580
[  619.903380][T13348]  ? security_file_ioctl+0x9b/0x240
[  619.903421][T13348]  ? __x64_sys_ioctl+0xb7/0x210
[  619.903459][T13348]  ? do_syscall_64+0xcd/0x490
[  619.903494][T13348]  kvm_vm_ioctl+0x19d3/0x3dd0
[  619.903555][T13348]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  619.903628][T13348]  ? kasan_quarantine_put+0x10a/0x240
[  619.903655][T13348]  ? lockdep_hardirqs_on+0x7c/0x110
[  619.903693][T13348]  ? find_held_lock+0x2b/0x80
[  619.903724][T13348]  ? tomoyo_path_number_perm+0x295/0x580
[  619.903777][T13348]  ? tomoyo_path_number_perm+0x18d/0x580
[  619.903823][T13348]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  619.903865][T13348]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  619.903913][T13348]  ? do_vfs_ioctl+0x523/0x1a60
[  619.903953][T13348]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  619.904019][T13348]  ? find_held_lock+0x2b/0x80
[  619.904048][T13348]  ? hook_file_ioctl_common+0x145/0x410
[  619.904096][T13348]  ? __fget_files+0x20e/0x3c0
[  619.904147][T13348]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  619.904195][T13348]  __x64_sys_ioctl+0x18e/0x210
[  619.904238][T13348]  do_syscall_64+0xcd/0x490
[  619.904271][T13348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  619.904301][T13348] RIP: 0033:0x7f2bd8b8e9a9
[  619.904325][T13348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  619.904354][T13348] RSP: 002b:00007f2bd9a03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  619.904380][T13348] RAX: ffffffffffffffda RBX: 00007f2bd8db5fa0 RCX: 00007f2bd8b8e9a9
[  619.904400][T13348] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003
[  619.904418][T13348] RBP: 00007f2bd8c10d69 R08: 0000000000000000 R09: 0000000000000000
[  619.904456][T13348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  619.904475][T13348] R13: 0000000000000000 R14: 00007f2bd8db5fa0 R15: 00007fff4d0efa48
[  619.904516][T13348]  </TASK>
[  619.904690][T13360] netlink: 74 bytes leftover after parsing attributes in process `syz.3.1515'.
[  620.826314][T13370] random: crng reseeded on system resumption
[  622.090759][T13384] random: crng reseeded on system resumption
[  622.635062][T13394] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet.
[  624.137729][T13410] random: crng reseeded on system resumption
[  625.199523][T13425] zswap: compressor 000 not available
[  626.272530][   T30] audit: type=1800 audit(4294969438.918:12): pid=13456 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1534" name="dbroot" dev="configfs" ino=39819 res=0 errno=0
[  626.644600][T13447] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1536'.
[  627.133963][T13438] netlink: set zone limit has 8 unknown bytes
[  627.500007][T13471] dyndbg: expected <4096 bytes into control
[  627.730113][T13467] FAULT_INJECTION: forcing a failure.
[  627.730113][T13467] name failslab, interval 1, probability 0, space 0, times 0
[  627.773396][T13467] CPU: 1 UID: 0 PID: 13467 Comm: syz.2.1539 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  627.773451][T13467] Tainted: [U]=USER
[  627.773462][T13467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  627.773481][T13467] Call Trace:
[  627.773491][T13467]  <TASK>
[  627.773504][T13467]  dump_stack_lvl+0x16c/0x1f0
[  627.773542][T13467]  should_fail_ex+0x512/0x640
[  627.773586][T13467]  ? fs_reclaim_acquire+0xae/0x150
[  627.773640][T13467]  should_failslab+0xc2/0x120
[  627.773679][T13467]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  627.773716][T13467]  ? security_inode_alloc+0x3b/0x2b0
[  627.773767][T13467]  security_inode_alloc+0x3b/0x2b0
[  627.773815][T13467]  inode_init_always_gfp+0xce4/0x1030
[  627.773879][T13467]  alloc_inode+0x86/0x240
[  627.773921][T13467]  path_from_stashed+0x2be/0xb00
[  627.773962][T13467]  ? __pfx_path_from_stashed+0x10/0x10
[  627.773994][T13467]  ? find_held_lock+0x2b/0x80
[  627.774030][T13467]  ? alloc_fd+0x471/0x7d0
[  627.774088][T13467]  pidfs_alloc_file+0xf8/0x330
[  627.774137][T13467]  ? __pfx_pidfs_alloc_file+0x10/0x10
[  627.774190][T13467]  ? _raw_spin_unlock_irq+0x23/0x50
[  627.774247][T13467]  pidfd_prepare+0x10c/0x1b0
[  627.774293][T13467]  __x64_sys_pidfd_open+0x105/0x1a0
[  627.774346][T13467]  ? __pfx___x64_sys_pidfd_open+0x10/0x10
[  627.774411][T13467]  ? rcu_is_watching+0x12/0xc0
[  627.774452][T13467]  do_syscall_64+0xcd/0x490
[  627.774491][T13467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  627.774525][T13467] RIP: 0033:0x7f4cdaf8e9a9
[  627.774551][T13467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  627.774591][T13467] RSP: 002b:00007f4cdbd41038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2
[  627.774622][T13467] RAX: ffffffffffffffda RBX: 00007f4cdb1b5fa0 RCX: 00007f4cdaf8e9a9
[  627.774645][T13467] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  627.774665][T13467] RBP: 00007f4cdb010d69 R08: 0000000000000000 R09: 0000000000000000
[  627.774686][T13467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  627.774705][T13467] R13: 0000000000000000 R14: 00007f4cdb1b5fa0 R15: 00007ffefef61178
[  627.774752][T13467]  </TASK>
[  628.539964][T13479] FAULT_INJECTION: forcing a failure.
[  628.539964][T13479] name failslab, interval 1, probability 0, space 0, times 0
[  628.559587][T13479] CPU: 0 UID: 0 PID: 13479 Comm: syz.0.1541 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  628.559636][T13479] Tainted: [U]=USER
[  628.559646][T13479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  628.559663][T13479] Call Trace:
[  628.559673][T13479]  <TASK>
[  628.559685][T13479]  dump_stack_lvl+0x16c/0x1f0
[  628.559727][T13479]  should_fail_ex+0x512/0x640
[  628.559757][T13479]  ? fs_reclaim_acquire+0xae/0x150
[  628.559802][T13479]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  628.559831][T13479]  should_failslab+0xc2/0x120
[  628.559868][T13479]  __kmalloc_noprof+0xd2/0x510
[  628.559908][T13479]  tomoyo_realpath_from_path+0xc2/0x6e0
[  628.559949][T13479]  tomoyo_check_open_permission+0x2ab/0x3c0
[  628.559996][T13479]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  628.560080][T13479]  ? find_held_lock+0x2b/0x80
[  628.560123][T13479]  tomoyo_file_open+0x6b/0x90
[  628.560159][T13479]  security_file_open+0x84/0x1e0
[  628.560208][T13479]  do_dentry_open+0x596/0x1c10
[  628.560252][T13479]  vfs_open+0x82/0x3f0
[  628.560296][T13479]  path_openat+0x1de4/0x2cb0
[  628.560339][T13479]  ? __pfx_path_openat+0x10/0x10
[  628.560371][T13479]  ? __lock_acquire+0xb8a/0x1c90
[  628.560417][T13479]  do_filp_open+0x20b/0x470
[  628.560448][T13479]  ? __pfx_do_filp_open+0x10/0x10
[  628.560493][T13479]  ? __pfx_kfree_link+0x10/0x10
[  628.560545][T13479]  ? alloc_fd+0x471/0x7d0
[  628.560603][T13479]  do_sys_openat2+0x11b/0x1d0
[  628.560643][T13479]  ? __pfx_do_sys_openat2+0x10/0x10
[  628.560682][T13479]  ? find_held_lock+0x2b/0x80
[  628.560717][T13479]  ? handle_mm_fault+0x2ab/0xd10
[  628.560773][T13479]  __x64_sys_openat+0x174/0x210
[  628.560815][T13479]  ? __pfx___x64_sys_openat+0x10/0x10
[  628.560890][T13479]  do_syscall_64+0xcd/0x490
[  628.560926][T13479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  628.560958][T13479] RIP: 0033:0x7fa4d9d8d310
[  628.560982][T13479] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  628.561011][T13479] RSP: 002b:00007fa4dabd7fe0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  628.561039][T13479] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fa4d9d8d310
[  628.561066][T13479] RDX: 0000000000000002 RSI: 00007fa4d9e1104e RDI: 00000000ffffff9c
[  628.561085][T13479] RBP: 00007fa4d9e1104e R08: 0000000000000000 R09: 00007fa4dabfa000
[  628.561105][T13479] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  628.561123][T13479] R13: 0000000000000000 R14: 00007fa4d9fb6080 R15: 00007ffdfcceacf8
[  628.561163][T13479]  </TASK>
[  628.561176][T13479] ERROR: Out of memory at tomoyo_realpath_from_path.
[  628.860490][T13479] FAULT_INJECTION: forcing a failure.
[  628.860490][T13479] name failslab, interval 1, probability 0, space 0, times 0
[  628.874214][T13479] CPU: 0 UID: 0 PID: 13479 Comm: syz.0.1541 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  628.874266][T13479] Tainted: [U]=USER
[  628.874277][T13479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  628.874296][T13479] Call Trace:
[  628.874305][T13479]  <TASK>
[  628.874317][T13479]  dump_stack_lvl+0x16c/0x1f0
[  628.874362][T13479]  should_fail_ex+0x512/0x640
[  628.874396][T13479]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  628.874454][T13479]  should_failslab+0xc2/0x120
[  628.874493][T13479]  __kmalloc_cache_noprof+0x6a/0x3e0
[  628.874543][T13479]  ? refill_pi_state_cache+0x89/0x250
[  628.874596][T13479]  refill_pi_state_cache+0x89/0x250
[  628.874642][T13479]  futex_lock_pi+0x173/0x740
[  628.874697][T13479]  ? find_held_lock+0x2b/0x80
[  628.874735][T13479]  ? __pfx_futex_lock_pi+0x10/0x10
[  628.874828][T13479]  ? __pfx_futex_wake_mark+0x10/0x10
[  628.874885][T13479]  ? find_held_lock+0x2b/0x80
[  628.874918][T13479]  ? ksys_write+0x190/0x250
[  628.874955][T13479]  do_futex+0x11a/0x350
[  628.874995][T13479]  ? __pfx_do_futex+0x10/0x10
[  628.875044][T13479]  __x64_sys_futex+0x1e0/0x4c0
[  628.875088][T13479]  ? fput+0x70/0xf0
[  628.875125][T13479]  ? __pfx___x64_sys_futex+0x10/0x10
[  628.875163][T13479]  ? ksys_write+0x1ac/0x250
[  628.875192][T13479]  ? __pfx_ksys_write+0x10/0x10
[  628.875236][T13479]  do_syscall_64+0xcd/0x490
[  628.875273][T13479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  628.875306][T13479] RIP: 0033:0x7fa4d9d8e9a9
[  628.875331][T13479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  628.875362][T13479] RSP: 002b:00007fa4dabd8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  628.875393][T13479] RAX: ffffffffffffffda RBX: 00007fa4d9fb6080 RCX: 00007fa4d9d8e9a9
[  628.875415][T13479] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000000
[  628.875434][T13479] RBP: 00007fa4dabd8090 R08: 0000000000000000 R09: 0000000000000006
[  628.875454][T13479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  628.875473][T13479] R13: 0000000000000000 R14: 00007fa4d9fb6080 R15: 00007ffdfcceacf8
[  628.875514][T13479]  </TASK>
[  628.942019][T13488] ima: policy update failed
[  629.124756][   T30] audit: type=1802 audit(4294969441.783:13): pid=13488 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1544" res=0 errno=0
[  629.168266][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  629.174752][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  633.767082][T13546] FAULT_INJECTION: forcing a failure.
[  633.767082][T13546] name failslab, interval 1, probability 0, space 0, times 0
[  633.837719][T13546] CPU: 1 UID: 0 PID: 13546 Comm: syz.3.1559 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  633.837777][T13546] Tainted: [U]=USER
[  633.837788][T13546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  633.837807][T13546] Call Trace:
[  633.837818][T13546]  <TASK>
[  633.837830][T13546]  dump_stack_lvl+0x16c/0x1f0
[  633.837869][T13546]  should_fail_ex+0x512/0x640
[  633.837903][T13546]  ? __kmalloc_noprof+0xbf/0x510
[  633.837956][T13546]  ? snd_midi_event_new+0xa1/0x210
[  633.837994][T13546]  should_failslab+0xc2/0x120
[  633.838035][T13546]  __kmalloc_noprof+0xd2/0x510
[  633.838078][T13546]  snd_midi_event_new+0xa1/0x210
[  633.838117][T13546]  snd_virmidi_output_open+0x106/0x670
[  633.838178][T13546]  open_substream+0x478/0x9b0
[  633.838228][T13546]  rawmidi_open_priv+0x543/0x6e0
[  633.838285][T13546]  snd_rawmidi_open+0x4cc/0xbf0
[  633.838344][T13546]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  633.838415][T13546]  ? __pfx_default_wake_function+0x10/0x10
[  633.838457][T13546]  ? kobject_get_unless_zero+0x156/0x1e0
[  633.838501][T13546]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  633.838563][T13546]  snd_open+0x1fe/0x450
[  633.838601][T13546]  ? __pfx_snd_open+0x10/0x10
[  633.838637][T13546]  chrdev_open+0x231/0x6a0
[  633.838672][T13546]  ? __pfx_apparmor_file_open+0x10/0x10
[  633.838723][T13546]  ? __pfx_chrdev_open+0x10/0x10
[  633.838761][T13546]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  633.838821][T13546]  do_dentry_open+0x744/0x1c10
[  633.838856][T13546]  ? __pfx_chrdev_open+0x10/0x10
[  633.838899][T13546]  vfs_open+0x82/0x3f0
[  633.838955][T13546]  path_openat+0x1de4/0x2cb0
[  633.839003][T13546]  ? __pfx_path_openat+0x10/0x10
[  633.839038][T13546]  ? __lock_acquire+0xb8a/0x1c90
[  633.839088][T13546]  do_filp_open+0x20b/0x470
[  633.839121][T13546]  ? __pfx_do_filp_open+0x10/0x10
[  633.839182][T13546]  ? alloc_fd+0x471/0x7d0
[  633.839256][T13546]  do_sys_openat2+0x11b/0x1d0
[  633.839296][T13546]  ? __pfx_do_sys_openat2+0x10/0x10
[  633.839352][T13546]  __x64_sys_openat+0x174/0x210
[  633.839394][T13546]  ? __pfx___x64_sys_openat+0x10/0x10
[  633.839487][T13546]  do_syscall_64+0xcd/0x490
[  633.839523][T13546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  633.839554][T13546] RIP: 0033:0x7f8d4878e9a9
[  633.839578][T13546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  633.839607][T13546] RSP: 002b:00007f8d49625038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  633.839636][T13546] RAX: ffffffffffffffda RBX: 00007f8d489b5fa0 RCX: 00007f8d4878e9a9
[  633.839656][T13546] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  633.839675][T13546] RBP: 00007f8d48810d69 R08: 0000000000000000 R09: 0000000000000000
[  633.839693][T13546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  633.839711][T13546] R13: 0000000000000000 R14: 00007f8d489b5fa0 R15: 00007ffc818cbc88
[  633.839748][T13546]  </TASK>
[  638.460247][T13615] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1571'.
[  641.195775][T13642] input: jJǸ���;9�%v����l��Q�	J86�� as /devices/virtual/input/input97
[  642.129657][T12814] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  643.666860][T13671] random: crng reseeded on system resumption
[  646.026432][T13706] FAULT_INJECTION: forcing a failure.
[  646.026432][T13706] name failslab, interval 1, probability 0, space 0, times 0
[  646.094814][T13706] CPU: 0 UID: 0 PID: 13706 Comm: syz.0.1582 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  646.094855][T13706] Tainted: [U]=USER
[  646.094863][T13706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  646.094878][T13706] Call Trace:
[  646.094885][T13706]  <TASK>
[  646.094895][T13706]  dump_stack_lvl+0x16c/0x1f0
[  646.094923][T13706]  should_fail_ex+0x512/0x640
[  646.094948][T13706]  ? __kmalloc_noprof+0xbf/0x510
[  646.094977][T13706]  ? kvm_io_bus_register_dev+0x1b9/0x7f0
[  646.095001][T13706]  should_failslab+0xc2/0x120
[  646.095029][T13706]  __kmalloc_noprof+0xd2/0x510
[  646.095059][T13706]  kvm_io_bus_register_dev+0x1b9/0x7f0
[  646.095092][T13706]  kvm_pic_init+0x25e/0x380
[  646.095129][T13706]  kvm_arch_vm_ioctl+0x8fd/0x1cf0
[  646.095160][T13706]  ? ima_match_policy+0x7f9/0x22e0
[  646.095192][T13706]  ? __pfx_kvm_arch_vm_ioctl+0x10/0x10
[  646.095224][T13706]  ? __lock_acquire+0x622/0x1c90
[  646.095263][T13706]  ? __lock_acquire+0x622/0x1c90
[  646.095303][T13706]  ? __lock_acquire+0x622/0x1c90
[  646.095342][T13706]  ? __lock_acquire+0x622/0x1c90
[  646.095398][T13706]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  646.095428][T13706]  ? is_bpf_text_address+0x94/0x1a0
[  646.095462][T13706]  ? kernel_text_address+0x8d/0x100
[  646.095502][T13706]  ? __kernel_text_address+0xd/0x40
[  646.095539][T13706]  ? unwind_get_return_address+0x59/0xa0
[  646.095579][T13706]  ? arch_stack_walk+0xa6/0x100
[  646.095613][T13706]  ? stack_trace_save+0x8e/0xc0
[  646.095640][T13706]  ? __pfx_stack_trace_save+0x10/0x10
[  646.095667][T13706]  ? stack_depot_save_flags+0x28/0xa40
[  646.095694][T13706]  ? __lock_acquire+0xb8a/0x1c90
[  646.095747][T13706]  ? kasan_save_stack+0x42/0x60
[  646.095769][T13706]  ? kasan_save_stack+0x33/0x60
[  646.095790][T13706]  ? kasan_save_track+0x14/0x30
[  646.095812][T13706]  ? kasan_save_free_info+0x3b/0x60
[  646.095849][T13706]  ? __kasan_slab_free+0x51/0x70
[  646.095872][T13706]  ? kfree+0x2b4/0x4d0
[  646.095905][T13706]  ? tomoyo_path_number_perm+0x470/0x580
[  646.095939][T13706]  ? security_file_ioctl+0x9b/0x240
[  646.095973][T13706]  ? __x64_sys_ioctl+0xb7/0x210
[  646.096005][T13706]  ? do_syscall_64+0xcd/0x490
[  646.096033][T13706]  kvm_vm_ioctl+0x19d3/0x3dd0
[  646.096083][T13706]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  646.096138][T13706]  ? kasan_quarantine_put+0x10a/0x240
[  646.096160][T13706]  ? lockdep_hardirqs_on+0x7c/0x110
[  646.096186][T13706]  ? find_held_lock+0x2b/0x80
[  646.096211][T13706]  ? tomoyo_path_number_perm+0x295/0x580
[  646.096251][T13706]  ? tomoyo_path_number_perm+0x18d/0x580
[  646.096288][T13706]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  646.096322][T13706]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  646.096362][T13706]  ? do_vfs_ioctl+0x523/0x1a60
[  646.096395][T13706]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  646.096448][T13706]  ? find_held_lock+0x2b/0x80
[  646.096472][T13706]  ? hook_file_ioctl_common+0x145/0x410
[  646.096520][T13706]  ? __fget_files+0x20e/0x3c0
[  646.096580][T13706]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  646.096627][T13706]  __x64_sys_ioctl+0x18e/0x210
[  646.096663][T13706]  do_syscall_64+0xcd/0x490
[  646.096690][T13706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  646.096722][T13706] RIP: 0033:0x7fa4d9d8e9a9
[  646.096741][T13706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  646.096765][T13706] RSP: 002b:00007fa4dabf9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  646.096787][T13706] RAX: ffffffffffffffda RBX: 00007fa4d9fb5fa0 RCX: 00007fa4d9d8e9a9
[  646.096803][T13706] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003
[  646.096817][T13706] RBP: 00007fa4d9e10d69 R08: 0000000000000000 R09: 0000000000000000
[  646.096832][T13706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  646.096846][T13706] R13: 0000000000000000 R14: 00007fa4d9fb5fa0 R15: 00007ffdfcceacf8
[  646.096876][T13706]  </TASK>
[  648.234195][T13733] FAULT_INJECTION: forcing a failure.
[  648.234195][T13733] name failslab, interval 1, probability 0, space 0, times 0
[  648.264253][T13733] CPU: 0 UID: 0 PID: 13733 Comm: syz.4.1587 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  648.264293][T13733] Tainted: [U]=USER
[  648.264300][T13733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  648.264321][T13733] Call Trace:
[  648.264328][T13733]  <TASK>
[  648.264337][T13733]  dump_stack_lvl+0x16c/0x1f0
[  648.264365][T13733]  should_fail_ex+0x512/0x640
[  648.264389][T13733]  ? __kmalloc_noprof+0xbf/0x510
[  648.264415][T13733]  ? alloc_pipe_info+0x1ec/0x590
[  648.264439][T13733]  should_failslab+0xc2/0x120
[  648.264466][T13733]  __kmalloc_noprof+0xd2/0x510
[  648.264495][T13733]  alloc_pipe_info+0x1ec/0x590
[  648.264523][T13733]  splice_direct_to_actor+0x77d/0xa30
[  648.264572][T13733]  ? __pfx_direct_splice_actor+0x10/0x10
[  648.264611][T13733]  ? __pfx_aa_file_perm+0x10/0x10
[  648.264634][T13733]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  648.264669][T13733]  ? get_pid_task+0xfc/0x250
[  648.264707][T13733]  do_splice_direct+0x174/0x240
[  648.264743][T13733]  ? __pfx_do_splice_direct+0x10/0x10
[  648.264779][T13733]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  648.264820][T13733]  ? rw_verify_area+0xcf/0x680
[  648.264858][T13733]  do_sendfile+0xb06/0xe50
[  648.264900][T13733]  ? __pfx_do_sendfile+0x10/0x10
[  648.264938][T13733]  ? __fget_files+0x20e/0x3c0
[  648.264983][T13733]  __x64_sys_sendfile64+0x1d8/0x220
[  648.265010][T13733]  ? ksys_write+0x1ac/0x250
[  648.265031][T13733]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  648.265068][T13733]  do_syscall_64+0xcd/0x490
[  648.265094][T13733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  648.265118][T13733] RIP: 0033:0x7f2bd8b8e9a9
[  648.265136][T13733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  648.265160][T13733] RSP: 002b:00007f2bd9a03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  648.265181][T13733] RAX: ffffffffffffffda RBX: 00007f2bd8db5fa0 RCX: 00007f2bd8b8e9a9
[  648.265196][T13733] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  648.265210][T13733] RBP: 00007f2bd9a03090 R08: 0000000000000000 R09: 0000000000000000
[  648.265224][T13733] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001
[  648.265239][T13733] R13: 0000000000000000 R14: 00007f2bd8db5fa0 R15: 00007fff4d0efa48
[  648.265267][T13733]  </TASK>
[  651.690036][T13790] can: request_module (can-proto-0) failed.
[  652.051633][T13799] sp0: Synchronizing with TNC
[  652.808158][T13808] zram: Added device: zram2
[  653.853314][T13822] bond0: Unable to set down delay as MII monitoring is disabled
[  654.685780][T13847] netlink: zone id is out of range
[  654.709354][T13847] netlink: zone id is out of range
[  656.350434][T13871] netlink: 'syz.4.1612': attribute type 1 has an invalid length.
[  657.952822][T13889] hub 8-0:1.0: USB hub found
[  657.967256][T13889] hub 8-0:1.0: 1 port detected
[  659.253150][T13908] futex_wake_op: syz.2.1615 tries to shift op by -9; fix this program
[  660.354062][T12310] ==================================================================
[  660.362186][T12310] BUG: KASAN: vmalloc-out-of-bounds in hci_devcd_dump+0x142/0x240
[  660.370041][T12310] Read of size 140 at addr ffffc900055a3000 by task kworker/u11:0/12310
[  660.378382][T12310] 
[  660.380742][T12310] CPU: 0 UID: 0 PID: 12310 Comm: kworker/u11:0 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  660.380786][T12310] Tainted: [U]=USER
[  660.380794][T12310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  660.380810][T12310] Workqueue: hci0 hci_devcd_timeout
[  660.380847][T12310] Call Trace:
[  660.380856][T12310]  <TASK>
[  660.380865][T12310]  dump_stack_lvl+0x116/0x1f0
[  660.380889][T12310]  print_report+0xcd/0x630
[  660.380914][T12310]  ? __virt_addr_valid+0x81/0x610
[  660.380941][T12310]  ? hci_devcd_dump+0x142/0x240
[  660.380973][T12310]  kasan_report+0xe0/0x110
[  660.380998][T12310]  ? hci_devcd_dump+0x142/0x240
[  660.381035][T12310]  kasan_check_range+0x100/0x1b0
[  660.381066][T12310]  __asan_memcpy+0x23/0x60
[  660.381101][T12310]  hci_devcd_dump+0x142/0x240
[  660.381135][T12310]  hci_devcd_timeout+0xb5/0x2e0
[  660.381168][T12310]  ? rcu_is_watching+0x12/0xc0
[  660.381193][T12310]  process_one_work+0x9cc/0x1b70
[  660.381235][T12310]  ? __pfx_process_one_work+0x10/0x10
[  660.381275][T12310]  ? assign_work+0x1a0/0x250
[  660.381309][T12310]  worker_thread+0x6c8/0xf10
[  660.381355][T12310]  ? __pfx_worker_thread+0x10/0x10
[  660.381391][T12310]  kthread+0x3c5/0x780
[  660.381423][T12310]  ? __pfx_kthread+0x10/0x10
[  660.381457][T12310]  ? rcu_is_watching+0x12/0xc0
[  660.381480][T12310]  ? __pfx_kthread+0x10/0x10
[  660.381512][T12310]  ret_from_fork+0x5d4/0x6f0
[  660.381544][T12310]  ? __pfx_kthread+0x10/0x10
[  660.381577][T12310]  ret_from_fork_asm+0x1a/0x30
[  660.381609][T12310]  </TASK>
[  660.381616][T12310] 
[  660.534388][T12310] The buggy address belongs to a vmalloc virtual mapping
[  660.541427][T12310] Memory state around the buggy address:
[  660.547074][T12310]  ffffc900055a2f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  660.555169][T12310]  ffffc900055a2f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  660.563268][T12310] >ffffc900055a3000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  660.571697][T12310]                    ^
[  660.575782][T12310]  ffffc900055a3080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  660.583864][T12310]  ffffc900055a3100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  660.591936][T12310] ==================================================================
[  660.605860][T12310] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  660.613113][T12310] CPU: 0 UID: 0 PID: 12310 Comm: kworker/u11:0 Tainted: G     U              6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  660.627031][T12310] Tainted: [U]=USER
[  660.631025][T12310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  660.641097][T12310] Workqueue: hci0 hci_devcd_timeout
[  660.646336][T12310] Call Trace:
[  660.649640][T12310]  <TASK>
[  660.652604][T12310]  dump_stack_lvl+0x3d/0x1f0
[  660.657222][T12310]  panic+0x71c/0x800
[  660.661152][T12310]  ? __pfx_panic+0x10/0x10
[  660.665597][T12310]  ? mark_held_locks+0x49/0x80
[  660.670412][T12310]  ? preempt_schedule_thunk+0x16/0x30
[  660.675840][T12310]  ? hci_devcd_dump+0x142/0x240
[  660.680735][T12310]  ? preempt_schedule_common+0x44/0xc0
[  660.686265][T12310]  ? check_panic_on_warn+0x1f/0xb0
[  660.691463][T12310]  ? hci_devcd_dump+0x142/0x240
[  660.696355][T12310]  check_panic_on_warn+0xab/0xb0
[  660.701346][T12310]  end_report+0x107/0x170
[  660.705708][T12310]  kasan_report+0xee/0x110
[  660.710188][T12310]  ? hci_devcd_dump+0x142/0x240
[  660.715108][T12310]  kasan_check_range+0x100/0x1b0
[  660.720080][T12310]  __asan_memcpy+0x23/0x60
[  660.724532][T12310]  hci_devcd_dump+0x142/0x240
[  660.729254][T12310]  hci_devcd_timeout+0xb5/0x2e0
[  660.734152][T12310]  ? rcu_is_watching+0x12/0xc0
[  660.738942][T12310]  process_one_work+0x9cc/0x1b70
[  660.743916][T12310]  ? __pfx_process_one_work+0x10/0x10
[  660.749324][T12310]  ? assign_work+0x1a0/0x250
[  660.753961][T12310]  worker_thread+0x6c8/0xf10
[  660.758620][T12310]  ? __pfx_worker_thread+0x10/0x10
[  660.763781][T12310]  kthread+0x3c5/0x780
[  660.767883][T12310]  ? __pfx_kthread+0x10/0x10
[  660.772499][T12310]  ? rcu_is_watching+0x12/0xc0
[  660.777287][T12310]  ? __pfx_kthread+0x10/0x10
[  660.781905][T12310]  ret_from_fork+0x5d4/0x6f0
[  660.786527][T12310]  ? __pfx_kthread+0x10/0x10
[  660.791145][T12310]  ret_from_fork_asm+0x1a/0x30
[  660.795933][T12310]  </TASK>
[  660.799375][T12310] Kernel Offset: disabled
[  660.803715][T12310] Rebooting in 86400 seconds..