last executing test programs:

10.259244102s ago: executing program 2 (id=2028):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x11, 0x3, 0x9)
syz_open_procfs$namespace(0x0, &(0x7f0000000040))
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x4a402, 0x0)
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000006900)='/sys/kernel/config/target/dbroot\x00', 0x189002, 0x0)
mmap$auto(0x0, 0xe983, 0x7f, 0xeb1, 0x401, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_no_ssthresh_metrics_save\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x103040, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1fb, 0x10000, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x0, 0x3, 0x62, 0x80000001, 0xa23, 0x6d3f, 0x8001, 0x2, 0xfffffffffffffffe]}, 0x0)

8.01059207s ago: executing program 3 (id=2036):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0)
r0 = openat$auto_percpu_stats_fops_(0xffffffffffffff9c, 0x0, 0x200, 0x0)
mmap$auto(0x0, 0x10000002020009, 0x3, 0xeb1, r0, 0x6)
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="080029bd7000efdbdf25020000002e00ac00672fb6451420fec1810bd236750741415e76ca9df1212137cc44f6f6ac9ca3ba918bf58dd3712fb6107200"], 0x44}, 0x1, 0x0, 0x0, 0x4880}, 0x8810)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0)
ioctl$auto_BINDER_WRITE_READ(r1, 0xc0306201, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x280303, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x1}, 0x8)
connect$auto(0x4, 0x0, 0x10)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x602, 0x1)
r3 = open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98)
fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r3, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45)
fanotify_mark$auto(r2, 0x9, 0xa, r3, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x0, 0x0)
mkdir$auto(0x0, 0x8001)
mount$auto(0x0, 0x0, &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
mount$auto(0x0, 0x0, 0x0, 0x339, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)

7.717157904s ago: executing program 2 (id=2038):
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0)
socket(0x28, 0x1, 0x100)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/snd/pcmC1D1c\x00', 0x0, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xa, 0x8fd6, 0x400000000000948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x5, 0x3, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)

6.076296493s ago: executing program 2 (id=2043):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xe0742, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
semctl$auto(0x9, 0x20000001, 0x13, 0x4)
close_range$auto(0x0, 0x5, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0)
ioctl$auto(r0, 0x541c, 0xffffffffffffffff)
madvise$auto(0x0, 0x2003f0, 0x15)
fallocate$auto(0xffffffffffffffff, 0x1, 0xd, 0x5)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/input/event1\x00', 0x0, 0x0)
ioctl$auto_EVIOCGRAB(r1, 0x40044590, &(0x7f0000000040)=0x8)
close_range$auto(0x2, 0x8, 0x0)

5.637415963s ago: executing program 3 (id=2048):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/usbcore/parameters/quirks\x00', 0xc0202, 0x0)
socket(0x10, 0x3, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYRES16=0x0, @ANYBLOB="20002cbd7000fbdbdf2502000000080003008000400008000300"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0x10004010)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = socket(0x15, 0x5, 0x0)
setsockopt$auto(r0, 0x114, 0x8, 0x0, 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r1, 0xffffffffffdffe00, &(0x7f0000000140)=';')
socket(0xa, 0x1, 0x100)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
read$auto_rng_chrdev_ops_core(r2, &(0x7f0000000040)=""/4096, 0xfffffe82)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
mmap$auto(0xe, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
ioprio_set$auto(0x3, 0x0, 0x4b34)
madvise$auto(0x16, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001040)=ANY=[@ANYBLOB="140000", @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf250300000059a17a4d056ba4bbfe9e544cd33bcc57da2ba37ba9385be912f6304f265b8dd51a681030e06645b08d170a27d277"], 0x14}, 0x1, 0x0, 0x0, 0x18a64d47ddec21b1}, 0x40090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x8}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

5.52313314s ago: executing program 2 (id=2049):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0)
r0 = openat$auto_percpu_stats_fops_(0xffffffffffffff9c, 0x0, 0x200, 0x0)
mmap$auto(0x0, 0x10000002020009, 0x3, 0xeb1, r0, 0x6)
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="080029bd7000efdbdf25020000002e00ac00672fb6451420fec1810bd236750741415e76ca9df1212137cc44f6f6ac9ca3ba918bf58dd3712fb6107200"], 0x44}, 0x1, 0x0, 0x0, 0x4880}, 0x8810)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0)
ioctl$auto_BINDER_WRITE_READ(r1, 0xc0306201, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x280303, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x1}, 0x8)
connect$auto(0x4, 0x0, 0x10)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x602, 0x1)
r3 = open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98)
fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r3, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45)
fanotify_mark$auto(r2, 0x9, 0xa, r3, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x0, 0x0)
mkdir$auto(0x0, 0x8001)
mount$auto(0x0, 0x0, &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
mount$auto(0x0, 0x0, 0x0, 0x339, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)

3.483841188s ago: executing program 0 (id=2054):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
r0 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0)
setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000000, 0x7, 0x6, 0x1ff, 0x3, 0x3, 0x2, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, 0x0)

3.333613219s ago: executing program 0 (id=2055):
socket(0x29, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x840, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)

3.210072384s ago: executing program 1 (id=2056):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x29c401, 0x0)
write$auto(r0, 0x0, 0x100000a3d9)
mremap$auto(0x0, 0x5, 0xb, 0x800007, 0x7ffe)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, 0x0, 0x10d0c1, 0x0)
close_range$auto(0x0, 0x5, 0x0)
pipe$auto(0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
pipe$auto(0x0)
tee$auto(0x2000000000000, 0x3, 0x402, 0xd)

2.807798513s ago: executing program 2 (id=2057):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0)
r0 = openat$auto_percpu_stats_fops_(0xffffffffffffff9c, 0x0, 0x200, 0x0)
mmap$auto(0x0, 0x10000002020009, 0x3, 0xeb1, r0, 0x6)
capset$auto(0x0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0)
ioctl$auto_BINDER_WRITE_READ(r1, 0xc0306201, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x280303, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x1}, 0x8)
connect$auto(0x4, 0x0, 0x10)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x602, 0x1)
r3 = open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98)
fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r3, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45)
fanotify_mark$auto(r2, 0x9, 0xa, r3, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x0, 0x0)
mkdir$auto(0x0, 0x8001)
mount$auto(0x0, 0x0, &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
mount$auto(0x0, 0x0, 0x0, 0x339, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)

2.41500925s ago: executing program 3 (id=2058):
sendmsg$auto_TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, 0x0, 0x20)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_CREATE_VM(r0, 0x4004ae8b, 0x80ffff)
madvise$auto(0x0, 0x2003f0, 0x17)

2.379339978s ago: executing program 0 (id=2059):
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
ustat$auto(0x801, 0x0)
mincore$auto(0x1000, 0x8001, 0x0)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
r1 = socket(0x2, 0x1, 0x106)
setsockopt$auto(r1, 0x1, 0x21, 0x0, 0x9)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a)
r2 = socket(0x2, 0x1, 0x106)
listen$auto(0x3, 0x81)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
write$auto(r2, 0x0, 0x5)

2.195980227s ago: executing program 0 (id=2060):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0)
r0 = openat$auto_percpu_stats_fops_(0xffffffffffffff9c, 0x0, 0x200, 0x0)
mmap$auto(0x0, 0x10000002020009, 0x3, 0xeb1, r0, 0x6)
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="080029bd7000efdbdf25020000002e00ac00672fb6451420fec1810bd236750741415e76ca9df1212137cc44f6f6ac9ca3ba918bf58dd3712fb6107200"], 0x44}, 0x1, 0x0, 0x0, 0x4880}, 0x8810)
capset$auto(0x0, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0)
ioctl$auto_BINDER_WRITE_READ(r1, 0xc0306201, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x280303, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x1}, 0x8)
connect$auto(0x4, 0x0, 0x10)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x602, 0x1)
r3 = open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98)
fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r3, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45)
fanotify_mark$auto(r2, 0x9, 0xa, r3, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x0, 0x0)
mkdir$auto(0x0, 0x8001)
mount$auto(0x0, 0x0, &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
mount$auto(0x0, 0x0, 0x0, 0x339, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)

2.194533642s ago: executing program 1 (id=2061):
r0 = socket(0x15, 0x5, 0x0)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
r1 = openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0)
socket(0x1e, 0x1, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000180)='/dev/uhid\x00', 0x6)
openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/mem\x00', 0x402, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0xffffffffffffffff, 0x300000000000)
write$auto(0x3, 0x0, 0x2a9)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0x18000)
write$auto(0x3, 0x0, 0xffd8)
r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0xc8101, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
select$auto(0x5, 0x0, 0x0, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_TIOCMGET2(r3, 0x5415, &(0x7f0000000340))
ioctl$auto_FIONBIO(r4, 0x5421, 0x2)
sendmsg$auto_SMC_NETLINK_DISABLE_SEID(r5, 0x0, 0x810)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
read$auto(0x3, 0x0, 0x80)
shmctl$auto_SHM_LOCK(0x1, 0xb, 0x0)
socketcall$auto_SYS_SOCKETPAIR(0x8, &(0x7f00000001c0)=0x4)

1.558366325s ago: executing program 3 (id=2062):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = inotify_init1$auto(0x3000000000000)
io_uring_setup$auto(0x6, 0x0)
r1 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/clear_refs\x00', 0x101000, 0x0)
close_range$auto(r0, r1, 0x1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x848000000015, 0x805, 0x0)
bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x6b)
sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d80)=ANY=[@ANYBLOB="05000000", @ANYRES16=0x0, @ANYBLOB="010025bd7000ffdbdf25150000000500120010000000080027000c000000380b2b80330b248004008080ba89ebda4be9067b59c90d50dab4ba175b1b13d15e19ee0f5bf6c6d2095efcc719c8e137b7ec6062c6c768e512acd0f1208ee2be2b891868abd1934bd95a54945e649a2afd1272f72e8fffb57e3ba1c8fb306ce2ba95180cf54dcca46ab950e626ff31022afd57f1306ee00962cb60c30a9946d642a00256ed0006ec8364307874f7c763c6e9af0222943721fb4fa5b1cecfe3a908b1fd515dad1e0ca0998fa55ca4bbf9412855250567f1b98186d8597ab6fb715cef224b510a7ccc4cae047b6d4ab94775e1158d87be4806455bbd76baaa3a656ed5f316b17a5a27a6ec9904006d80460a8e80b634a4b1ce57b5a586e945eb157cc566d02bed93630b901c93d3fde23606aa3e80e4d0644fef266741cf5f2879924594cd388ed548e2dea74f9d72af19edad4a810af64d79eaa131b2afaca3f428fd83499d9c7a99dfd9a24cbd9bf5b0f0446521fcf1f416f83791795dc86d63c7a05e38c547e208be35b17fb8aa1fa57ea4ac59aac09a5bfb9f08a6d02e58d5040324f4241a9eb63d5a1e48cff0ed3e97c4af9506ca950ce9d115d242277c614a27a77df014ced1df35f069b42113bc6bf5427f9c1ba6924ec8bafc11ba6d9303461e92e3c3e1b4d5b2954d259654ee2bab0385e3b106c4a93525200ce6e3f1e9f6d4b87b61583abced950ff97dade7ebde309c78d4f1ddbff5cb5c3fd141cbb4e56a97183f705019716cf6d6f300c9677b6f14b2b8d708b675b5c4f2357d9c22dd6bba1195ba295a5f713ac28f043cc671fc7b43fb9b40bf17766c79d698dd68d0e385e926971a18a3c3687c3c8202b806432be62b3030a2c9e31da55a6cd98165f7439f9a09508b8c4b9c5ea32aaf1f7c4246ea8700aaccaf476d9cd5e3b2340d17f13ba40c8fdaf4aa4c4b8763fd86d35bda9aab03e3a252d7e4aea01cdad1fad040b29a9e92ee1fd8c010c30b4cc69917cee531e42efa59c735fe8159a292f57fa7a4600e6833032846d87a515d9803770eb4db6712bce7b51fc2f0eff8a292023a8c7c1544c6e53012f9fe13aa8caf795caccfa4ff2321116a86938e2b782e7a57fe5cbff8df11b0bc86d691a7a8df0cc9486c4898e8bafd0b374798ecdba9af994890465f435d5e6408dd9ddd96df1673098864522e964b565d69882198a999ee41c980dafdf3538400c81ad57dc970a72b75d75850913452021a4dfe885342c4e5c33dbcd801b10866908de67b13c5dc4fb51dce74dae4c4c27413c00b50c8e18d1dcfe28974fee5df4cefd05f7e8e21e8881ef7300ca75af8ef7c8cfa0a1cf8771444e3bd449f957fa4500c1f371ccc31a7b196ca809935887d26d3ed24d2dc16c83aa263abd880df1d27d8463e4f29673fbb0a073caaf975314f5660bdf89c285291a46ddb2f8410b02e86bc522808052288fe16dbb7733976605ed2342c69717ba18334138bc68c994ffa20bbad1672a4ee0dc19a0ec177f36995edc671ef8d29211e4b7d0723a18c36c398df2e924a4f55ef95687e6a4aebcf86d36a9791d561c2203fc4a545d30a5173ffc84612c333a73fd0c84f92554294cfbbe86088e79bc6f1c9bc880b4502e4b47af767f47dbccbf4318ec6a33ee42cafc3e6ced6720adf772de614a754c7b0d93208cb0bdd285e8ff9ffe078bb782a57a14204784880a3379af47423967bf134933d350324a845e7aca06245efec7dd272177bbb663bf83c23161cf7d8b32d45502f6bbc6416720652aa197556c3cf5be55e2f8ace74ce95feb288f681d92ed529bb9892472c3633f744bfde252c8b00808d92daa2a3b4771eee9cc83745c326f8ea02119b55a99bddfc498948e53ce2efa0635276810d2211e9e0e63bc850029865d525cbf43cde05009dca149084d9569a1abb0e5f941bd5c67a77685e965b354dc744617960e642512f2cd86236c9a1791f446e822b86518185d668e7e93daec7b1a9f53034aeabc7c7bf52deefbf5e2a90b085c41c0f528ff2cf81dbc1c28ed95ad75fd65c0e0d793d7111dce84883cbf60cd55e025b824d84e141d54da72111ea2fed1fd8f3c9cf47763ee47a7988d5021ac661641ee95ea9c9d57dd2f8e537f3cb71830a6c1608dadf6beb7339961811f8da34f8fb7b5190f9c146942fda73801812ed6bffa1a60c80e5fd6528e045b40fa78c10f37797d93f827539aa389d59c48254397ff7b72325465d18b04acac619d9d5f80d46b57d28a76fbe83203ecacb91328b145ebbe356178a1eb1c09101fe785c98aab93485ae7b4217412b7ea31fdd965eaaf78d3ab4eec8bc689062b738c002fd94f9cd18bbc5285c57854f9092e85d90ec205f43fcc9d27cd6041fb73ed3164e7f2cb3ea694b89a1879f8cbcdbffdab4b277d0fa3dba5061952d266b2f3821f79cd2b3bf107c6250e711c9ddba407c9ed323d2dfda23d5a4088f8199d1cbb311a1b051da8d792299f471f0ca7fd7925695acaf01e7ad022d96dfb30e66d551fb37522baf2ea71cc5a6416124ee2138c3f2fb5cca4b71eb9d3571deebc898b62406f416caa3fcd732f9661548d8b7ec74bc94d9dcc92b0048abc2b358c0007a905c9513affbd873a368e0b5872a2f4cdc4bb8602ad3ec77cba3e150c8993f5fc88ac7e6b2642f4660486d5823482aae8f90ee7913abdb064398cebe5946c2920d7d99935571f9b1eeb4529373538e699dda91425660a1010a4cf7e9a10713f57fa1d601467ec51ad5153bd94582320ff55380ca7efefacf62f822b948cb3b93f68978f248639c51ac97e3f56bcca9990839ee01df9773b22cf261310d4b3c6b03ef54a9a848c10d1252d0412a8f01ff61bd6978112d6b69e2f71e02a04f43f3a1a8259f7e83c26fc5bc703a8b6d3d325f08b08f9dc10b8f654871386ef94d2493463f7f3d0b20bf93be475b0ed9e870aaedd63b8d08877651bace68300e3a1b0a5d1a3da2b246fef82de3b57eca440ae7a7656ff31ae74cad3a80f1ae615f2747589d4859ec1981a6a5176168db86ab5f6930d4679762956e408d2268cad53aa10727c8b8952114b17c352782dc9afc120535bcb99bcf1161397f19ac4d288677e48f0e6bfdcf5f852a8bc1b432399f0ade5db9585e09e4cc96a63dd7bddecbbaae880678f94111108d76c5d825629a3eee16b2a6362c59ba3cf99a2e2bcfa62d010706bca5c0d009b141f1c3f6a9cc58234f97a5721a3ee31772877ffda5507f8e7053e15cb60df08184dbdd9f2af7a618781fdd39d32404f3e2dc6ac48f35ce31bc70a019235b7776114ef2ae75ebf7b7191e5a61e1c5c82340e12dd98cf9125a3fb1c8062a206ac2aa98e708a190b1b70d1c2450b47394d8e1f21c541b3f4139d2159e9a37acf2ee9ba5e0cf99221a43b46793cad7b7b71784032a0092abb25380fa77646f948ed456d6fa1fb749f736e10491e39569c073308ee782562a59a719e4b8910f737a41ee0644db9905d22f44bae257749b03667b535af492012ad1c50f1d88a46a2c3aeeca86026c6e5ca8289bb153ff85aade4bd00b9bb87017d7816c24a0e71b0d0dcf6dedbc956c81bf445d665da7cb1c009be2f8d7eb286e2e2595166b8df0541ff0b80ab20d9ba30058ef52dc2c1905133bcca7193320811e0bc083798b80bce7e84ea9135d976fbc339b0814cb4f4dd9a71f9a2f1a78da4c60c1671b6ef41798646a702fd9eeb67bd250df336f0c1889c54be82bfc4238d6568ca0e7bf7a3005126d605a867b47f2c96fd6a92a9cf463270a9e2df32c6959c2f272b48a6b76fe7393dc12713c99888e0d03ffdac04f5d3c87e5343bc1a6127484b6d7e18e97a329ae582b8c3dd1be170cff9fdebcadfb339c67a303e15d6f779da6fbd91b401ac8e32fe1a0f16b5aa52ca7801d12aaba5c57945b3d0e768370e031d268b101df06ceaca597ca754d933b08f3b248548d267cbb16430c5110cdaf5b36bc2cf6a7c24f143277f606cbe77ef320505986fa5dc876e87ec74a2c06d0e893ed3da67cd814f209b3720e98d1b2f6afd245bcb682167978b98b9976c2ef41c8e4d5018fca6b1643fc"], 0xb5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x48880)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55)
sendmsg$auto_ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4044}, 0x0)

1.373488957s ago: executing program 3 (id=2063):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0)
r0 = openat$auto_percpu_stats_fops_(0xffffffffffffff9c, 0x0, 0x200, 0x0)
mmap$auto(0x0, 0x10000002020009, 0x3, 0xeb1, r0, 0x6)
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="080029bd7000efdbdf25020000002e00ac00672fb6451420fec1810bd236750741415e76ca9df1212137cc44f6f6ac9ca3ba918bf58dd3712fb6107200"], 0x44}, 0x1, 0x0, 0x0, 0x4880}, 0x8810)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0)
ioctl$auto_BINDER_WRITE_READ(r1, 0xc0306201, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x280303, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x1}, 0x8)
connect$auto(0x4, 0x0, 0x10)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x602, 0x1)
r3 = open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98)
fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r3, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45)
fanotify_mark$auto(r2, 0x9, 0xa, r3, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x0, 0x0)
mkdir$auto(0x0, 0x8001)
mount$auto(0x0, 0x0, &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
mount$auto(0x0, 0x0, 0x0, 0x339, 0x0)

1.179637876s ago: executing program 2 (id=2064):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x3, 0x100)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
getsockopt$auto(0xffffffffffffffff, 0x84, 0x10, 0x0, &(0x7f0000000240)=0x10009b)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vhci_hcd.3/usb16/power/runtime_suspended_time\x00', 0x101100, 0x0)
ioctl$auto_RTC_PARAM_GET(0xffffffffffffffff, 0x40187013, 0x0)
r0 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x20, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0)
write$auto(0x3, 0x0, 0xfdef)
ioctl$auto(0x3, 0x5402, r0)
ioctl$auto(0x3, 0x541b, 0x38)

1.074333631s ago: executing program 1 (id=2065):
r0 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0xa800, 0x0)
ioctl$auto(r0, 0x200, 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000380), r1)
sendmsg$auto_MACSEC_CMD_UPD_OFFLOAD(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="000000ea", @ANYRES16=r2, @ANYBLOB="01002abd7000ffdbdf250a000000080009800400010008000100", @ANYRES32=0x0, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x40400c1}, 0x40080)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000009c0), 0xffffffffffffffff)
sendmsg$auto_IPVS_CMD_SET_SERVICE(r3, &(0x7f0000002ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
getpgid$auto(0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = socket(0x10, 0x3, 0x9)
write$auto(r4, 0x0, 0x5)
ioctl$auto(r1, 0x8, r0)

885.8696ms ago: executing program 1 (id=2066):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mq_notify$auto(0x1, 0xffffffffffffffff)
r0 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r1, 0x4, 0x7ff)
ptrace$auto(0x8, r1, 0x9, 0x4)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyyb\x00', 0x68140, 0x0)
ioctl$auto_TIOCVHANGUP2(r2, 0x5437, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/loop15/queue/rotational\x00', 0xa081, 0x0)
write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
r4 = epoll_create$auto(0x5a5d)
epoll_ctl$auto(r4, 0x1, r0, 0x0)

646.442364ms ago: executing program 1 (id=2067):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/usbcore/parameters/quirks\x00', 0xc0202, 0x0)
socket(0x10, 0x3, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYRES16=0x0, @ANYBLOB="20002cbd7000fbdbdf2502000000080003008000400008000300"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0x10004010)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = socket(0x15, 0x5, 0x0)
setsockopt$auto(r0, 0x114, 0x8, 0x0, 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r1, 0xffffffffffdffe00, &(0x7f0000000140)=';')
socket(0xa, 0x1, 0x100)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
read$auto_rng_chrdev_ops_core(r2, &(0x7f0000000040)=""/4096, 0xfffffe82)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
mmap$auto(0xe, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
ioprio_set$auto(0x3, 0x0, 0x4b34)
madvise$auto(0x16, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001040)=ANY=[@ANYBLOB="140000", @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf250300000059a17a4d056ba4bbfe9e544cd33bcc57da2ba37ba9385be912f6304f265b8dd51a681030e06645b08d170a27d277"], 0x14}, 0x1, 0x0, 0x0, 0x18a64d47ddec21b1}, 0x40090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x8}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

365.419294ms ago: executing program 3 (id=2068):
r0 = socket(0x15, 0x5, 0x0)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
r1 = openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0)
socket(0x1e, 0x1, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000180)='/dev/uhid\x00', 0x6)
openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/mem\x00', 0x402, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0xffffffffffffffff, 0x300000000000)
write$auto(0x3, 0x0, 0x2a9)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0x18000)
write$auto(0x3, 0x0, 0xffd8)
r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0xc8101, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
select$auto(0x5, 0x0, 0x0, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_TIOCMGET2(r3, 0x5415, &(0x7f0000000340)="378290385b8ca13926f9a72c9f496bf362331920edbc5d38bd912827ca80816045eef6c7f1ecfc79e6783d43e33799c703a95c0c9e2e20ef02c3a73bb982685688b47af3858709e466117184fad91ea65d426c838da8e3112f911f68b7745af44176ff9d089d4d05b2456a09a5f488b1d6410d67b04ff25578db70ae3e48a102a808199f2b05374756c9ae2bd314d988e9")
ioctl$auto_FIONBIO(r4, 0x5421, 0x2)
sendmsg$auto_SMC_NETLINK_DISABLE_SEID(r5, 0x0, 0x810)
read$auto(0x3, 0x0, 0x80)
shmctl$auto_SHM_LOCK(0x1, 0xb, 0x0)
socketcall$auto_SYS_SOCKETPAIR(0x8, &(0x7f00000001c0)=0x4)

213.627447ms ago: executing program 0 (id=2069):
r0 = socket(0x2, 0x1, 0x106)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
r1 = socket(0xa, 0x801, 0x84)
setsockopt$auto(r1, 0x10000000084, 0x21, 0x0, 0x2)
connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback=0xac14140a}, 0x55)
setsockopt$auto(r0, 0x1, 0x9, 0x0, 0xeb66)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x1ad240, 0x1b1)
socket(0xa, 0x3, 0x3b)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55)

11.809094ms ago: executing program 0 (id=2070):
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/key-users\x00', 0x18b800, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop7\x00', 0x10f602, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop2/queue/discard_max_hw_bytes\x00', 0x42200, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x73)
socketpair$auto(0x3, 0x4, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$auto(0x3, 0x40106f52, r0)

0s ago: executing program 1 (id=2071):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7)
write$auto_sg_fops_sg(r0, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1eded0e91b86c61b6b42ed6", 0x2e)
mmap$auto(0x80000000, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000)
mmap$auto(0xfffffffffffffff7, 0x8, 0x3, 0x12, 0xffffffffffffffff, 0xffffffffca5f5a00)
ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x100082)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x448080, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)

kernel console output (not intermixed with test programs):

x3c0
[  517.858850][T12305]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  517.858884][T12305]  ? find_held_lock+0x2b/0x80
[  517.858903][T12305]  tomoyo_file_open+0x6b/0x90
[  517.858923][T12305]  security_file_open+0x84/0x1e0
[  517.858940][T12305]  do_dentry_open+0x596/0x1530
[  517.858962][T12305]  vfs_open+0x82/0x3f0
[  517.858984][T12305]  path_openat+0x1de4/0x2cb0
[  517.859006][T12305]  ? __pfx_path_openat+0x10/0x10
[  517.859027][T12305]  do_filp_open+0x20b/0x470
[  517.859043][T12305]  ? __pfx_do_filp_open+0x10/0x10
[  517.859072][T12305]  ? alloc_fd+0x471/0x7d0
[  517.859099][T12305]  do_sys_openat2+0x11b/0x1d0
[  517.859119][T12305]  ? __pfx_do_sys_openat2+0x10/0x10
[  517.859148][T12305]  __x64_sys_openat+0x174/0x210
[  517.859169][T12305]  ? __pfx___x64_sys_openat+0x10/0x10
[  517.859198][T12305]  do_syscall_64+0xcd/0x490
[  517.859222][T12305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.859236][T12305] RIP: 0033:0x7f926738eb69
[  517.859248][T12305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  517.859262][T12305] RSP: 002b:00007f92681ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  517.859276][T12305] RAX: ffffffffffffffda RBX: 00007f92675b5fa0 RCX: 00007f926738eb69
[  517.859285][T12305] RDX: 00000000001a1842 RSI: 00002000000001c0 RDI: ffffffffffffff9c
[  517.859294][T12305] RBP: 00007f9267411df1 R08: 0000000000000000 R09: 0000000000000000
[  517.859303][T12305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  517.859311][T12305] R13: 0000000000000000 R14: 00007f92675b5fa0 R15: 00007ffc91d273b8
[  517.859329][T12305]  </TASK>
[  518.095391][T12305] ERROR: Out of memory at tomoyo_realpath_from_path.
[  518.499559][T12312] binder: 12311:12312 unknown command 3
[  518.517446][T12312] binder: 12311:12312 ioctl c0306201 0 returned -22
[  518.733647][T12318] binder: 12315:12318 unknown command 3
[  518.757529][T12318] binder: 12315:12318 ioctl c0306201 0 returned -22
[  522.079707][T12335] kexec: Could not allocate control_code_buffer
[  523.347741][T12372] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1137'.
[  523.729233][T12374] binder: 12373:12374 unknown command 3
[  523.758219][T12374] binder: 12373:12374 ioctl c0306201 0 returned -22
[  525.074453][T12388] mkiss: ax0: crc mode is auto.
[  527.824238][T12436] random: crng reseeded on system resumption
[  528.305428][T12449] binder: 12448:12449 unknown command 3
[  528.333138][T12449] binder: 12448:12449 ioctl c0306201 0 returned -22
[  529.159594][T12458] blktrace: Concurrent blktraces are not allowed on ram7
[  529.699439][T12461] binder: 12460:12461 unknown command 3
[  529.734587][T12461] binder: 12460:12461 ioctl c0306201 0 returned -22
[  530.693750][T12474] binder: 12472:12474 unknown command 3
[  530.724490][T12474] binder: 12472:12474 ioctl c0306201 0 returned -22
[  531.026412][T12481] mkiss: ax0: crc mode is auto.
[  531.887777][T12496] binder: 12495:12496 unknown command 3
[  531.893344][T12496] binder: 12495:12496 ioctl c0306201 0 returned -22
[  533.255570][T12520] binder: 12519:12520 unknown command 3
[  533.298948][T12520] binder: 12519:12520 ioctl c0306201 0 returned -22
[  534.111337][T12507] kexec: Could not allocate control_code_buffer
[  535.667419][T12540] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1167'.
[  535.944032][T12545] Format for deleting device is "id" (uint).
[  537.752938][T12576] binder: 12574:12576 unknown command 3
[  537.782219][T12576] binder: 12574:12576 ioctl c0306201 0 returned -22
[  539.689864][T12603] binder: 12602:12603 unknown command 3
[  539.750679][T12603] binder: 12602:12603 ioctl c0306201 0 returned -22
[  540.914194][T12588] Process accounting resumed
[  541.794491][T12624] binder: 12623:12624 unknown command 3
[  541.829127][T12624] binder: 12623:12624 ioctl c0306201 0 returned -22
[  546.979641][T12696] binder: 12693:12696 unknown command 3
[  547.013581][T12696] binder: 12693:12696 ioctl c0306201 0 returned -22
[  547.376415][T12701] ubi0: attaching mtd0
[  547.450584][T12701] ubi0: scanning is finished
[  547.541180][T12701] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record
[  547.923061][T12701] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  549.873883][T12739] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input44
[  550.557102][T12746] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input45
[  550.658132][T12757] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1199'.
[  552.666374][T12793] binder: 12792:12793 unknown command 3
[  552.683524][T12795] binder: 12794:12795 unknown command 3
[  552.689412][T12793] binder: 12792:12793 ioctl c0306201 0 returned -22
[  552.710050][T12795] binder: 12794:12795 ioctl c0306201 0 returned -22
[  555.133936][T12823] binder: 12822:12823 unknown command 3
[  555.164063][T12823] binder: 12822:12823 ioctl c0306201 0 returned -22
[  556.562292][T12840] binder: 12836:12840 unknown command 3
[  556.580938][T12840] binder: 12836:12840 ioctl c0306201 0 returned -22
[  557.509404][T12850] binder: 12849:12850 unknown command 3
[  557.539881][T12850] binder: 12849:12850 ioctl c0306201 0 returned -22
[  557.940362][T12859] binder: 12858:12859 unknown command 3
[  557.971792][T12859] binder: 12858:12859 ioctl c0306201 0 returned -22
[  558.949261][T12866] FAULT_INJECTION: forcing a failure.
[  558.949261][T12866] name fail_futex, interval 1, probability 0, space 0, times 0
[  559.014157][T12866] CPU: 1 UID: 0 PID: 12866 Comm: syz.2.1218 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  559.014181][T12866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  559.014189][T12866] Call Trace:
[  559.014194][T12866]  <TASK>
[  559.014200][T12866]  dump_stack_lvl+0x16c/0x1f0
[  559.014225][T12866]  should_fail_ex+0x512/0x640
[  559.014242][T12866]  get_futex_key+0xff0/0x1560
[  559.014261][T12866]  ? __pfx_get_futex_key+0x10/0x10
[  559.014276][T12866]  ? __mutex_trylock_common+0xe9/0x250
[  559.014299][T12866]  futex_wake+0xea/0x530
[  559.014320][T12866]  ? __pfx_futex_wake+0x10/0x10
[  559.014347][T12866]  do_futex+0x1e3/0x350
[  559.014364][T12866]  ? __pfx_do_futex+0x10/0x10
[  559.014379][T12866]  ? __might_fault+0xe3/0x190
[  559.014399][T12866]  mm_release+0x24e/0x300
[  559.014416][T12866]  do_exit+0x68e/0x2bf0
[  559.014438][T12866]  ? __pfx_do_exit+0x10/0x10
[  559.014455][T12866]  ? do_raw_spin_lock+0x12c/0x2b0
[  559.014474][T12866]  ? find_held_lock+0x2b/0x80
[  559.014490][T12866]  do_group_exit+0xd3/0x2a0
[  559.014509][T12866]  get_signal+0x2673/0x26d0
[  559.014526][T12866]  ? kmem_cache_free+0x2d1/0x4d0
[  559.014541][T12866]  ? fd_install+0x225/0x750
[  559.014558][T12866]  ? __pfx_get_signal+0x10/0x10
[  559.014572][T12866]  ? do_futex+0x122/0x350
[  559.014589][T12866]  ? __pfx_do_futex+0x10/0x10
[  559.014606][T12866]  arch_do_signal_or_restart+0x8f/0x790
[  559.014626][T12866]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  559.014648][T12866]  ? xfd_validate_state+0x61/0x180
[  559.014672][T12866]  exit_to_user_mode_loop+0x84/0x110
[  559.014693][T12866]  do_syscall_64+0x3f6/0x490
[  559.014715][T12866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  559.014728][T12866] RIP: 0033:0x7f89af38eb69
[  559.014740][T12866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  559.014753][T12866] RSP: 002b:00007f89b01770e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  559.014767][T12866] RAX: fffffffffffffe00 RBX: 00007f89af5b5fa8 RCX: 00007f89af38eb69
[  559.014777][T12866] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f89af5b5fa8
[  559.014785][T12866] RBP: 00007f89af5b5fa0 R08: 0000000000000000 R09: 0000000000000000
[  559.014793][T12866] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f89af5b5fac
[  559.014801][T12866] R13: 0000000000000000 R14: 00007fff425dcf70 R15: 00007fff425dd058
[  559.014819][T12866]  </TASK>
[  562.258781][T12875] kexec: Could not allocate control_code_buffer
[  562.982689][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  562.989705][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  563.145438][T12879] Format for deleting device is "id" (uint).
[  564.593476][T12911] binder: 12910:12911 unknown command 3
[  564.641155][T12911] binder: 12910:12911 ioctl c0306201 0 returned -22
[  567.404678][T12944] binder: 12943:12944 unknown command 3
[  567.464847][T12944] binder: 12943:12944 ioctl c0306201 0 returned -22
[  568.471653][T12953] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1236'.
[  569.328024][T12965] binder: 12961:12965 unknown command 3
[  569.365142][T12965] binder: 12961:12965 ioctl c0306201 0 returned -22
[  570.413244][T12984] random: crng reseeded on system resumption
[  571.495213][T13001] Process accounting paused
[  572.772567][T13020] binder: 13017:13020 unknown command 3
[  572.814134][T13020] binder: 13017:13020 ioctl c0306201 0 returned -22
[  577.657932][T13089] binder: 13088:13089 unknown command 3
[  577.695720][T13089] binder: 13088:13089 ioctl c0306201 0 returned -22
[  579.694858][T13116] ubi0: attaching mtd0
[  579.743370][T13116] ubi0: scanning is finished
[  579.807303][T13116] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record
[  580.102668][T13116] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  581.140338][T13122] random: crng reseeded on system resumption
[  581.170196][T13136] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input46
[  581.553009][T13138] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input47
[  582.910924][T13165] binder: 13164:13165 unknown command 3
[  582.916503][T13165] binder: 13164:13165 ioctl c0306201 0 returned -22
[  586.598032][T13212] binder: 13211:13212 unknown command 3
[  586.603603][T13212] binder: 13211:13212 ioctl c0306201 0 returned -22
[  587.393124][T13223] binder: 13222:13223 unknown command 3
[  587.430376][T13223] binder: 13222:13223 ioctl c0306201 0 returned -22
[  591.399388][T13283] binder: 13281:13283 unknown command 3
[  591.404956][T13283] binder: 13281:13283 ioctl c0306201 0 returned -22
[  592.608161][T13307] random: crng reseeded on system resumption
[  593.541851][T13319] binder: 13318:13319 unknown command 3
[  593.572607][T13319] binder: 13318:13319 ioctl c0306201 0 returned -22
[  594.742849][T13337] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input48
[  595.178925][T13338] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input49
[  595.875637][T13345] ALSA: mixer_oss: invalid OSS volume '0'
[  596.044012][T13345] ALSA: mixer_oss: invalid OSS volume ''
[  596.172562][T13328] kexec: Could not allocate control_code_buffer
[  596.477967][T13352] binder: 13351:13352 unknown command 3
[  596.505315][T13352] binder: 13351:13352 ioctl c0306201 0 returned -22
[  597.769113][T13370] ubi0: attaching mtd0
[  597.848886][T13370] ubi0: scanning is finished
[  597.953502][T13370] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  598.273074][T13370] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  598.838929][T13385] binder: 13384:13385 unknown command 3
[  598.877933][T13385] binder: 13384:13385 ioctl c0306201 0 returned -22
[  602.867494][T13427] Process accounting resumed
[  604.170961][T13452] mkiss: ax0: crc mode is auto.
[  604.888021][T13470] binder: 13468:13470 unknown command 3
[  604.911332][T13470] binder: 13468:13470 ioctl c0306201 0 returned -22
[  605.998157][T13482] binder: 13481:13482 unknown command 3
[  606.057529][T13482] binder: 13481:13482 ioctl c0306201 0 returned -22
[  607.358574][T13479] random: crng reseeded on system resumption
[  608.252810][T13495] binder: 13492:13495 unknown command 3
[  608.280974][T13495] binder: 13492:13495 ioctl c0306201 0 returned -22
[  610.388578][T13529] program syz.1.1341 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  610.408225][T13531] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input50
[  610.511191][T13533] binder: 13532:13533 unknown command 3
[  610.558135][T13533] binder: 13532:13533 ioctl c0306201 0 returned -22
[  612.029719][T13552] binder: 13551:13552 unknown command 3
[  612.060935][T13552] binder: 13551:13552 ioctl c0306201 0 returned -22
[  613.108373][T13568] binder: 13567:13568 unknown command 3
[  613.137655][T13568] binder: 13567:13568 ioctl c0306201 0 returned -22
[  614.445693][T13589] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  614.555821][T13593] binder: 13592:13593 unknown command 3
[  614.600740][T13593] binder: 13592:13593 ioctl c0306201 0 returned -22
[  615.307671][T13608] binder: 13607:13608 unknown command 3
[  615.313241][T13608] binder: 13607:13608 ioctl c0306201 0 returned -22
[  616.466060][T13616] FAULT_INJECTION: forcing a failure.
[  616.466060][T13616] name failslab, interval 1, probability 0, space 0, times 0
[  616.548144][T13616] CPU: 1 UID: 0 PID: 13616 Comm: syz.1.1347 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  616.548169][T13616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  616.548179][T13616] Call Trace:
[  616.548184][T13616]  <TASK>
[  616.548190][T13616]  dump_stack_lvl+0x16c/0x1f0
[  616.548224][T13616]  should_fail_ex+0x512/0x640
[  616.548239][T13616]  ? __kmalloc_noprof+0xbf/0x510
[  616.548258][T13616]  ? devlink_fmsg_put_name+0xf0/0x3f0
[  616.548279][T13616]  should_failslab+0xc2/0x120
[  616.548297][T13616]  __kmalloc_noprof+0xd2/0x510
[  616.548319][T13616]  devlink_fmsg_put_name+0xf0/0x3f0
[  616.548343][T13616]  devlink_fmsg_binary_pair_put+0xd1/0x4f0
[  616.548363][T13616]  nsim_dev_dummy_fmsg_put+0xb5/0x1e0
[  616.548386][T13616]  devlink_health_do_dump+0x240/0x620
[  616.548403][T13616]  devlink_health_report+0x3c9/0x9c0
[  616.548423][T13616]  ? __pfx_devlink_health_report+0x10/0x10
[  616.548437][T13616]  ? _copy_from_user+0x59/0xd0
[  616.548455][T13616]  nsim_dev_health_break_write+0x166/0x210
[  616.548478][T13616]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[  616.548507][T13616]  full_proxy_write+0x12e/0x1a0
[  616.548528][T13616]  ? __pfx_full_proxy_write+0x10/0x10
[  616.548545][T13616]  vfs_write+0x29d/0x1150
[  616.548564][T13616]  ? __pfx___mutex_lock+0x10/0x10
[  616.548585][T13616]  ? __pfx_vfs_write+0x10/0x10
[  616.548605][T13616]  ? __fget_files+0x20e/0x3c0
[  616.548626][T13616]  ksys_write+0x12a/0x250
[  616.548641][T13616]  ? __pfx_ksys_write+0x10/0x10
[  616.548663][T13616]  do_syscall_64+0xcd/0x490
[  616.548687][T13616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  616.548701][T13616] RIP: 0033:0x7f011f18eb69
[  616.548713][T13616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  616.548727][T13616] RSP: 002b:00007f011ffcf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  616.548741][T13616] RAX: ffffffffffffffda RBX: 00007f011f3b5fa0 RCX: 00007f011f18eb69
[  616.548751][T13616] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000008
[  616.548759][T13616] RBP: 00007f011f211df1 R08: 0000000000000000 R09: 0000000000000000
[  616.548767][T13616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  616.548779][T13616] R13: 0000000000000000 R14: 00007f011f3b5fa0 R15: 00007fffe8eadfa8
[  616.548798][T13616]  </TASK>
[  616.928558][T13619] mkiss: ax0: crc mode is auto.
[  617.247948][T13625] ubi0: attaching mtd0
[  617.269078][T13625] ubi0: scanning is finished
[  617.316526][T13625] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  617.693209][T13625] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  618.095847][T13642] binder: 13640:13642 unknown command 3
[  618.123937][T13642] binder: 13640:13642 ioctl c0306201 0 returned -22
[  619.082274][T13658] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  620.450979][T13677] Invalid ELF header magic: != ELF
[  622.722894][T13723] binder: 13722:13723 unknown command 3
[  622.751958][T13723] binder: 13722:13723 ioctl c0306201 0 returned -22
[  623.816887][T13735] binder: 13734:13735 unknown command 3
[  623.844854][T13735] binder: 13734:13735 ioctl c0306201 0 returned -22
[  624.421358][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  624.429611][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  624.828476][T13743] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  624.865708][T13743] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  624.892012][T13743] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  624.927489][T13743] CPU0 is offline.
[  625.550549][T13760] bond0: option all_slaves_active: invalid value (
)
[  625.960010][T13766] FAULT_INJECTION: forcing a failure.
[  625.960010][T13766] name failslab, interval 1, probability 0, space 0, times 0
[  626.025593][T13766] CPU: 1 UID: 0 PID: 13766 Comm: syz.3.1376 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  626.025615][T13766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  626.025624][T13766] Call Trace:
[  626.025629][T13766]  <TASK>
[  626.025635][T13766]  dump_stack_lvl+0x16c/0x1f0
[  626.025664][T13766]  should_fail_ex+0x512/0x640
[  626.025678][T13766]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  626.025696][T13766]  should_failslab+0xc2/0x120
[  626.025718][T13766]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  626.025732][T13766]  ? __pfx_acct_collect+0x10/0x10
[  626.025752][T13766]  ? taskstats_exit+0x654/0xbe0
[  626.025773][T13766]  taskstats_exit+0x654/0xbe0
[  626.025792][T13766]  ? __pfx_taskstats_exit+0x10/0x10
[  626.025816][T13766]  do_exit+0x5dc/0x2bf0
[  626.025838][T13766]  ? __pfx_do_exit+0x10/0x10
[  626.025855][T13766]  ? do_raw_spin_lock+0x12c/0x2b0
[  626.025874][T13766]  ? find_held_lock+0x2b/0x80
[  626.025890][T13766]  do_group_exit+0xd3/0x2a0
[  626.025910][T13766]  get_signal+0x2673/0x26d0
[  626.025927][T13766]  ? kmem_cache_free+0x2d1/0x4d0
[  626.025941][T13766]  ? fd_install+0x225/0x750
[  626.025958][T13766]  ? __pfx_get_signal+0x10/0x10
[  626.025972][T13766]  ? do_futex+0x122/0x350
[  626.025989][T13766]  ? __pfx_do_futex+0x10/0x10
[  626.026007][T13766]  arch_do_signal_or_restart+0x8f/0x790
[  626.026026][T13766]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  626.026048][T13766]  ? xfd_validate_state+0x61/0x180
[  626.026072][T13766]  exit_to_user_mode_loop+0x84/0x110
[  626.026093][T13766]  do_syscall_64+0x3f6/0x490
[  626.026115][T13766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  626.026129][T13766] RIP: 0033:0x7f7d5bb8eb69
[  626.026140][T13766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  626.026153][T13766] RSP: 002b:00007f7d5ca4b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  626.026167][T13766] RAX: fffffffffffffe00 RBX: 00007f7d5bdb5fa8 RCX: 00007f7d5bb8eb69
[  626.026176][T13766] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7d5bdb5fa8
[  626.026184][T13766] RBP: 00007f7d5bdb5fa0 R08: 0000000000000000 R09: 0000000000000000
[  626.026193][T13766] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7d5bdb5fac
[  626.026201][T13766] R13: 0000000000000000 R14: 00007fffcbf98c30 R15: 00007fffcbf98d18
[  626.026218][T13766]  </TASK>
[  626.258185][    C1] vkms_vblank_simulate: vblank timer overrun
[  626.540020][ T5866] Bluetooth: hci0: command 0x0c1a tx timeout
[  626.947947][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  626.955208][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  628.090198][T13791] mkiss: ax0: crc mode is auto.
[  629.729960][T13824] binder: 13823:13824 unknown command 3
[  629.729979][T13824] binder: 13823:13824 ioctl c0306201 0 returned -22
[  631.368175][T13844] binder: 13840:13844 unknown command 3
[  631.380940][T13846] binder: 13841:13846 unknown command 3
[  631.394872][T13845] FAULT_INJECTION: forcing a failure.
[  631.394872][T13845] name failslab, interval 1, probability 0, space 0, times 0
[  631.408275][T13844] binder: 13840:13844 ioctl c0306201 0 returned -22
[  631.419815][T13846] binder: 13841:13846 ioctl c0306201 0 returned -22
[  631.451172][T13845] CPU: 1 UID: 0 PID: 13845 Comm: syz.2.1389 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  631.451195][T13845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  631.451204][T13845] Call Trace:
[  631.451209][T13845]  <TASK>
[  631.451215][T13845]  dump_stack_lvl+0x16c/0x1f0
[  631.451242][T13845]  should_fail_ex+0x512/0x640
[  631.451256][T13845]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  631.451276][T13845]  should_failslab+0xc2/0x120
[  631.451295][T13845]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  631.451310][T13845]  ? lockdep_init_map_type+0x5c/0x280
[  631.451330][T13845]  ? mempool_init_node+0x31d/0x760
[  631.451350][T13845]  ? __pfx_mempool_alloc_slab+0x10/0x10
[  631.451370][T13845]  mempool_init_node+0x31d/0x760
[  631.451394][T13845]  ? __pfx_mempool_alloc_slab+0x10/0x10
[  631.451413][T13845]  ? __pfx_mempool_free_slab+0x10/0x10
[  631.451439][T13845]  mempool_init_noprof+0x3a/0x50
[  631.451462][T13845]  bioset_init+0x37a/0x880
[  631.451480][T13845]  ? __pfx_bioset_init+0x10/0x10
[  631.451501][T13845]  __alloc_disk_node+0x83/0x630
[  631.451515][T13845]  ? blk_alloc_queue+0x1a3/0x760
[  631.451534][T13845]  __blk_alloc_disk+0xd0/0x160
[  631.451548][T13845]  ? __pfx___blk_alloc_disk+0x10/0x10
[  631.451572][T13845]  ? lockdep_init_map_type+0x5c/0x280
[  631.451592][T13845]  ? lockdep_init_map_type+0x5c/0x280
[  631.451613][T13845]  dm_create+0x4bf/0x1160
[  631.451637][T13845]  dev_create+0x121/0x290
[  631.451652][T13845]  ? __pfx_dev_create+0x10/0x10
[  631.451665][T13845]  ? __might_fault+0x13b/0x190
[  631.451687][T13845]  ctl_ioctl+0x798/0xd60
[  631.451702][T13845]  ? __pfx_dev_create+0x10/0x10
[  631.451716][T13845]  ? __pfx_ctl_ioctl+0x10/0x10
[  631.451749][T13845]  ? __fget_files+0x20e/0x3c0
[  631.451777][T13845]  dm_ctl_ioctl+0x22/0x30
[  631.451790][T13845]  ? __pfx_dm_ctl_ioctl+0x10/0x10
[  631.451804][T13845]  __x64_sys_ioctl+0x18b/0x210
[  631.451828][T13845]  do_syscall_64+0xcd/0x490
[  631.451851][T13845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  631.451866][T13845] RIP: 0033:0x7f89af38eb69
[  631.451878][T13845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  631.451892][T13845] RSP: 002b:00007f89b0177038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  631.451906][T13845] RAX: ffffffffffffffda RBX: 00007f89af5b5fa0 RCX: 00007f89af38eb69
[  631.451915][T13845] RDX: 00002000000001c0 RSI: fffffffffffffd03 RDI: 0000000000000003
[  631.451924][T13845] RBP: 00007f89af411df1 R08: 0000000000000000 R09: 0000000000000000
[  631.451932][T13845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  631.451940][T13845] R13: 0000000000000000 R14: 00007f89af5b5fa0 R15: 00007fff425dd058
[  631.451958][T13845]  </TASK>
[  631.725139][    C1] vkms_vblank_simulate: vblank timer overrun
[  633.445192][T13872] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input51
[  634.764958][T13868] Process accounting paused
[  635.699261][T13894] bond0: option all_slaves_active: invalid value (
)
[  636.861905][T13920] binder: 13918:13920 unknown command 3
[  636.892871][T13920] binder: 13918:13920 ioctl c0306201 0 returned -22
[  637.069858][T13926] binder: 13925:13926 unknown command 3
[  637.107776][T13926] binder: 13925:13926 ioctl c0306201 0 returned -22
[  637.788670][T13924] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  637.813653][T13924] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  637.841476][T13924] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  637.860403][T13924] CPU0 is offline.
[  639.377046][T13784] Bluetooth: hci0: command 0x0c1a tx timeout
[  639.857017][T13784] Bluetooth: hci3: command 0x0c1a tx timeout
[  639.863180][ T5866] Bluetooth: hci2: command 0x0c1a tx timeout
[  640.284238][T13970] bond0: option all_slaves_active: invalid value (
)
[  640.999755][T13992] binder: 13991:13992 unknown command 3
[  641.005341][T13992] binder: 13991:13992 ioctl c0306201 0 returned -22
[  644.926066][ T2994] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  647.355614][T14082] FAULT_INJECTION: forcing a failure.
[  647.355614][T14082] name failslab, interval 1, probability 0, space 0, times 0
[  647.519274][T14082] CPU: 1 UID: 0 PID: 14082 Comm: syz.1.1433 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  647.519298][T14082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  647.519308][T14082] Call Trace:
[  647.519314][T14082]  <TASK>
[  647.519320][T14082]  dump_stack_lvl+0x16c/0x1f0
[  647.519348][T14082]  should_fail_ex+0x512/0x640
[  647.519363][T14082]  ? __kmalloc_noprof+0xbf/0x510
[  647.519381][T14082]  ? ops_init+0x77/0x5f0
[  647.519401][T14082]  should_failslab+0xc2/0x120
[  647.519420][T14082]  __kmalloc_noprof+0xd2/0x510
[  647.519441][T14082]  ops_init+0x77/0x5f0
[  647.519463][T14082]  setup_net+0x10f/0x380
[  647.519474][T14082]  ? lockdep_init_map_type+0x5c/0x280
[  647.519493][T14082]  ? __pfx_setup_net+0x10/0x10
[  647.519506][T14082]  ? debug_mutex_init+0x37/0x70
[  647.519522][T14082]  copy_net_ns+0x2a6/0x5f0
[  647.519538][T14082]  create_new_namespaces+0x3ea/0xa90
[  647.519559][T14082]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  647.519577][T14082]  ksys_unshare+0x45b/0xa40
[  647.519595][T14082]  ? __pfx_ksys_unshare+0x10/0x10
[  647.519615][T14082]  ? xfd_validate_state+0x61/0x180
[  647.519640][T14082]  __x64_sys_unshare+0x31/0x40
[  647.519658][T14082]  do_syscall_64+0xcd/0x490
[  647.519680][T14082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  647.519695][T14082] RIP: 0033:0x7f011f18eb69
[  647.519707][T14082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  647.519720][T14082] RSP: 002b:00007f011ffcf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  647.519734][T14082] RAX: ffffffffffffffda RBX: 00007f011f3b5fa0 RCX: 00007f011f18eb69
[  647.519743][T14082] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  647.519751][T14082] RBP: 00007f011f211df1 R08: 0000000000000000 R09: 0000000000000000
[  647.519760][T14082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  647.519768][T14082] R13: 0000000000000000 R14: 00007f011f3b5fa0 R15: 00007fffe8eadfa8
[  647.519786][T14082]  </TASK>
[  647.727027][    C1] vkms_vblank_simulate: vblank timer overrun
[  648.739044][T14095] bridge0: port 2(team0) entered blocking state
[  648.795322][T14095] bridge0: port 2(team0) entered disabled state
[  648.825841][T14095] team0: entered allmulticast mode
[  648.856402][T14095] team_slave_0: entered allmulticast mode
[  648.913892][T14095] team_slave_1: entered allmulticast mode
[  648.966521][T14095] team0: entered promiscuous mode
[  649.010709][T14095] team_slave_0: entered promiscuous mode
[  649.049360][T14095] team_slave_1: entered promiscuous mode
[  649.093749][T14095] bridge0: port 2(team0) entered blocking state
[  649.100203][T14095] bridge0: port 2(team0) entered forwarding state
[  649.513884][T14105] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1438'.
[  650.660532][T14123] binder: 14121:14123 unknown command 3
[  650.660549][T14123] binder: 14121:14123 ioctl c0306201 0 returned -22
[  654.607117][T14184] ubi0: attaching mtd0
[  654.691678][T14184] ubi0: scanning is finished
[  654.796293][T14184] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  655.218770][T14184] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  655.350547][T14197] vivid-007: =================  START STATUS  =================
[  655.386409][T14197] vivid-007: Generate PTS: true
[  655.419650][T14197] vivid-007: Generate SCR: true
[  655.424557][T14197] tpg source WxH: 320x240 (Y'CbCr)
[  655.463790][T14197] tpg field: 1
[  655.481094][T14197] tpg crop: (0,0)/320x240
[  655.505786][T14197] tpg compose: (0,0)/320x240
[  655.524948][T14197] tpg colorspace: 8
[  655.543260][T14197] tpg transfer function: 0/0
[  655.613628][T14197] tpg Y'CbCr encoding: 0/0
[  655.647221][T14197] tpg quantization: 0/0
[  655.699173][T14197] tpg RGB range: 0/2
[  655.761368][T14197] vivid-007: ==================  END STATUS  ==================
[  655.797338][T14207] binder: 14206:14207 unknown command 3
[  655.803006][T14207] binder: 14206:14207 ioctl c0306201 0 returned -22
[  656.055330][T14197] can: request_module (can-proto-3) failed.
[  656.708912][T14219] binder: 14218:14219 unknown command 3
[  656.776351][T14219] binder: 14218:14219 ioctl c0306201 0 returned -22
[  657.981487][T14225] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1455'.
[  658.034901][T14225] ipvlan0: entered allmulticast mode
[  658.105729][T14225] veth0_vlan: entered allmulticast mode
[  658.381941][T14244] bridge0: port 2(team0) entered blocking state
[  658.483360][T14244] bridge0: port 2(team0) entered disabled state
[  658.593145][T14244] team0: entered allmulticast mode
[  658.698506][T14244] team_slave_0: entered allmulticast mode
[  658.766425][T14244] team_slave_1: entered allmulticast mode
[  658.871090][T14244] team0: entered promiscuous mode
[  658.937487][T14244] team_slave_0: entered promiscuous mode
[  658.943391][T14244] team_slave_1: entered promiscuous mode
[  659.035253][T14244] bridge0: port 2(team0) entered blocking state
[  659.041706][T14244] bridge0: port 2(team0) entered forwarding state
[  659.394395][T14257] binder: 14254:14257 unknown command 3
[  659.422228][T14257] binder: 14254:14257 ioctl c0306201 0 returned -22
[  661.858149][T14282] binder: 14280:14282 unknown command 3
[  661.875710][T14282] binder: 14280:14282 ioctl c0306201 0 returned -22
[  662.171433][T14289] binder: 14288:14289 unknown command 3
[  662.207451][T14289] binder: 14288:14289 ioctl c0306201 0 returned -22
[  663.662741][T14304] binder: 14303:14304 unknown command 3
[  663.704886][T14304] binder: 14303:14304 ioctl c0306201 0 returned -22
[  665.263487][T14311] Process accounting resumed
[  666.812466][T14343] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  666.843894][T14343] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  666.882822][T14343] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  666.928221][T14343] CPU0 is offline.
[  667.205138][T14361] binder: 14360:14361 unknown command 3
[  667.249632][T14361] binder: 14360:14361 ioctl c0306201 0 returned -22
[  668.257551][T13784] Bluetooth: hci0: command 0x0c1a tx timeout
[  668.897442][T13784] Bluetooth: hci3: command 0x0c1a tx timeout
[  668.903526][ T5866] Bluetooth: hci2: command 0x0c1a tx timeout
[  670.510573][T14433] binder: 14430:14433 unknown command 3
[  670.549843][T14433] binder: 14430:14433 ioctl c0306201 0 returned -22
[  672.720546][T14461] ubi0: attaching mtd0
[  672.755896][T14461] ubi0: scanning is finished
[  672.822502][T14461] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  673.161673][T14461] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  673.963291][T14479] sp0: Synchronizing with TNC
[  674.340141][T14492] vivid-007: =================  START STATUS  =================
[  674.367908][T14492] vivid-007: Generate PTS: true
[  674.384845][T14492] vivid-007: Generate SCR: true
[  674.410937][T14492] tpg source WxH: 320x240 (Y'CbCr)
[  674.432614][T14492] tpg field: 1
[  674.436011][T14492] tpg crop: (0,0)/320x240
[  674.463240][T14492] tpg compose: (0,0)/320x240
[  674.490697][T14492] tpg colorspace: 8
[  674.509367][T14492] tpg transfer function: 0/0
[  674.536797][T14492] tpg Y'CbCr encoding: 0/0
[  674.573398][T14492] tpg quantization: 0/0
[  674.610127][T14492] tpg RGB range: 0/2
[  674.651812][T14492] vivid-007: ==================  END STATUS  ==================
[  674.945442][T14492] can: request_module (can-proto-3) failed.
[  676.574191][T14535] binder: 14534:14535 unknown command 3
[  676.594675][T14535] binder: 14534:14535 ioctl c0306201 0 returned -22
[  677.263782][T14549] binder: 14548:14549 unknown command 3
[  677.289244][T14549] binder: 14548:14549 ioctl c0306201 0 returned -22
[  677.414892][T14553] binder: 14552:14553 unknown command 3
[  677.498429][T14553] binder: 14552:14553 ioctl c0306201 0 returned -22
[  679.908318][T14580] mkiss: ax0: crc mode is auto.
[  680.351169][T14588] Invalid ELF header magic: != ELF
[  681.340762][T14598] FAULT_INJECTION: forcing a failure.
[  681.340762][T14598] name failslab, interval 1, probability 0, space 0, times 0
[  681.402895][T14598] CPU: 1 UID: 0 PID: 14598 Comm: syz.3.1525 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  681.402918][T14598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  681.402928][T14598] Call Trace:
[  681.402933][T14598]  <TASK>
[  681.402939][T14598]  dump_stack_lvl+0x16c/0x1f0
[  681.402966][T14598]  should_fail_ex+0x512/0x640
[  681.402981][T14598]  ? __kvmalloc_node_noprof+0x124/0x620
[  681.402999][T14598]  should_failslab+0xc2/0x120
[  681.403018][T14598]  __kvmalloc_node_noprof+0x137/0x620
[  681.403034][T14598]  ? bucket_table_alloc.isra.0+0x83/0x460
[  681.403052][T14598]  ? bucket_table_alloc.isra.0+0x83/0x460
[  681.403066][T14598]  bucket_table_alloc.isra.0+0x83/0x460
[  681.403083][T14598]  rhashtable_init_noprof+0x41a/0x7e0
[  681.403096][T14598]  ? kasan_save_track+0x14/0x30
[  681.403113][T14598]  fqdir_init+0xb4/0x1f0
[  681.403128][T14598]  ipv6_frags_init_net+0x2b/0x350
[  681.403144][T14598]  ? __pfx_ipv6_frags_init_net+0x10/0x10
[  681.403159][T14598]  ops_init+0x1e2/0x5f0
[  681.403183][T14598]  setup_net+0x10f/0x380
[  681.403194][T14598]  ? lockdep_init_map_type+0x5c/0x280
[  681.403214][T14598]  ? __pfx_setup_net+0x10/0x10
[  681.403228][T14598]  ? debug_mutex_init+0x37/0x70
[  681.403243][T14598]  copy_net_ns+0x2a6/0x5f0
[  681.403259][T14598]  create_new_namespaces+0x3ea/0xa90
[  681.403279][T14598]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  681.403297][T14598]  ksys_unshare+0x45b/0xa40
[  681.403315][T14598]  ? __pfx_ksys_unshare+0x10/0x10
[  681.403334][T14598]  ? xfd_validate_state+0x61/0x180
[  681.403360][T14598]  __x64_sys_unshare+0x31/0x40
[  681.403378][T14598]  do_syscall_64+0xcd/0x490
[  681.403400][T14598]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  681.403415][T14598] RIP: 0033:0x7f7d5bb8eb69
[  681.403426][T14598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  681.403440][T14598] RSP: 002b:00007f7d5ca4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  681.403453][T14598] RAX: ffffffffffffffda RBX: 00007f7d5bdb5fa0 RCX: 00007f7d5bb8eb69
[  681.403463][T14598] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  681.403471][T14598] RBP: 00007f7d5bc11df1 R08: 0000000000000000 R09: 0000000000000000
[  681.403479][T14598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  681.403487][T14598] R13: 0000000000000000 R14: 00007f7d5bdb5fa0 R15: 00007fffcbf98d18
[  681.403505][T14598]  </TASK>
[  683.318221][T14629] binder: 14628:14629 unknown command 3
[  683.348559][T14629] binder: 14628:14629 ioctl c0306201 0 returned -22
[  683.699031][T14626] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  683.726172][T14626] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  683.756659][T14626] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  683.780533][T14626] CPU0 is offline.
[  684.025519][T14639] QAT: Stopping all acceleration devices.
[  684.054662][T14641] qrtr: Invalid version 0
[  685.297824][T14508] Bluetooth: hci0: command 0x0c1a tx timeout
[  685.777043][T14508] Bluetooth: hci3: command 0x0c1a tx timeout
[  685.783113][T14508] Bluetooth: hci2: command 0x0c1a tx timeout
[  685.859754][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  685.869025][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  686.103467][T14674] qrtr: Invalid version 0
[  687.030013][T14693] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1542'.
[  687.430475][T14701] random: crng reseeded on system resumption
[  687.448710][T14700] qrtr: Invalid version 0
[  687.610304][T14697] FAULT_INJECTION: forcing a failure.
[  687.610304][T14697] name fail_futex, interval 1, probability 0, space 0, times 0
[  687.680364][T14697] CPU: 1 UID: 0 PID: 14697 Comm: syz.1.1543 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  687.680388][T14697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  687.680396][T14697] Call Trace:
[  687.680402][T14697]  <TASK>
[  687.680407][T14697]  dump_stack_lvl+0x16c/0x1f0
[  687.680432][T14697]  should_fail_ex+0x512/0x640
[  687.680449][T14697]  get_futex_key+0x1d0/0x1560
[  687.680468][T14697]  ? __pfx_get_futex_key+0x10/0x10
[  687.680484][T14697]  ? __mutex_trylock_common+0xe9/0x250
[  687.680507][T14697]  futex_wake+0xea/0x530
[  687.680528][T14697]  ? __pfx_futex_wake+0x10/0x10
[  687.680554][T14697]  do_futex+0x1e3/0x350
[  687.680571][T14697]  ? __pfx_do_futex+0x10/0x10
[  687.680586][T14697]  ? __might_fault+0xe3/0x190
[  687.680606][T14697]  mm_release+0x24e/0x300
[  687.680622][T14697]  do_exit+0x68e/0x2bf0
[  687.680644][T14697]  ? __pfx_do_exit+0x10/0x10
[  687.680662][T14697]  ? do_raw_spin_lock+0x12c/0x2b0
[  687.680681][T14697]  ? find_held_lock+0x2b/0x80
[  687.680696][T14697]  do_group_exit+0xd3/0x2a0
[  687.680716][T14697]  get_signal+0x2673/0x26d0
[  687.680733][T14697]  ? kmem_cache_free+0x2d1/0x4d0
[  687.680747][T14697]  ? fd_install+0x225/0x750
[  687.680764][T14697]  ? __pfx_get_signal+0x10/0x10
[  687.680779][T14697]  ? do_futex+0x122/0x350
[  687.680795][T14697]  ? __pfx_do_futex+0x10/0x10
[  687.680813][T14697]  arch_do_signal_or_restart+0x8f/0x790
[  687.680832][T14697]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  687.680854][T14697]  ? xfd_validate_state+0x61/0x180
[  687.680877][T14697]  exit_to_user_mode_loop+0x84/0x110
[  687.680898][T14697]  do_syscall_64+0x3f6/0x490
[  687.680919][T14697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  687.680933][T14697] RIP: 0033:0x7f011f18eb69
[  687.680945][T14697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  687.680958][T14697] RSP: 002b:00007f011ffae0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  687.680972][T14697] RAX: fffffffffffffe00 RBX: 00007f011f3b6088 RCX: 00007f011f18eb69
[  687.680981][T14697] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f011f3b6088
[  687.680989][T14697] RBP: 00007f011f3b6080 R08: 0000000000000000 R09: 0000000000000000
[  687.680997][T14697] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f011f3b608c
[  687.681006][T14697] R13: 0000000000000000 R14: 00007fffe8eadec0 R15: 00007fffe8eadfa8
[  687.681023][T14697]  </TASK>
[  688.011005][T14691] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  688.021207][T14691] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  688.887976][T14720] qrtr: Invalid version 0
[  688.926953][T14718] FAULT_INJECTION: forcing a failure.
[  688.926953][T14718] name failslab, interval 1, probability 0, space 0, times 0
[  688.971027][T14718] CPU: 1 UID: 0 PID: 14718 Comm: syz.1.1546 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  688.971051][T14718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  688.971060][T14718] Call Trace:
[  688.971066][T14718]  <TASK>
[  688.971072][T14718]  dump_stack_lvl+0x16c/0x1f0
[  688.971101][T14718]  should_fail_ex+0x512/0x640
[  688.971116][T14718]  ? __kmalloc_noprof+0xbf/0x510
[  688.971135][T14718]  ? slhc_init+0x1ad/0x570
[  688.971150][T14718]  should_failslab+0xc2/0x120
[  688.971169][T14718]  __kmalloc_noprof+0xd2/0x510
[  688.971190][T14718]  slhc_init+0x1ad/0x570
[  688.971203][T14718]  ? kasan_save_track+0x14/0x30
[  688.971221][T14718]  slip_open+0x8ee/0x1150
[  688.971235][T14718]  ? __pfx_n_tty_close+0x10/0x10
[  688.971257][T14718]  ? __pfx_slip_open+0x10/0x10
[  688.971271][T14718]  ? down_write+0x14d/0x200
[  688.971286][T14718]  ? __pfx_slip_open+0x10/0x10
[  688.971314][T14718]  tty_ldisc_open+0x9c/0x120
[  688.971336][T14718]  tty_set_ldisc+0x32b/0x780
[  688.971359][T14718]  tty_ioctl+0xc2e/0x1680
[  688.971374][T14718]  ? __pfx_tty_ioctl+0x10/0x10
[  688.971393][T14718]  ? find_held_lock+0x2b/0x80
[  688.971407][T14718]  ? hook_file_ioctl_common+0x145/0x410
[  688.971433][T14718]  ? __fget_files+0x20e/0x3c0
[  688.971451][T14718]  ? __pfx_tty_ioctl+0x10/0x10
[  688.971465][T14718]  __x64_sys_ioctl+0x18b/0x210
[  688.971487][T14718]  do_syscall_64+0xcd/0x490
[  688.971510][T14718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  688.971524][T14718] RIP: 0033:0x7f011f18eb69
[  688.971536][T14718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  688.971550][T14718] RSP: 002b:00007f011ffae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  688.971565][T14718] RAX: ffffffffffffffda RBX: 00007f011f3b6080 RCX: 00007f011f18eb69
[  688.971574][T14718] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000c
[  688.971582][T14718] RBP: 00007f011f211df1 R08: 0000000000000000 R09: 0000000000000000
[  688.971590][T14718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  688.971598][T14718] R13: 0000000000000000 R14: 00007f011f3b6080 R15: 00007fffe8eadfa8
[  688.971617][T14718]  </TASK>
[  689.599430][T14729] binder: 14728:14729 unknown command 3
[  689.621177][T14729] binder: 14728:14729 ioctl c0306201 0 returned -22
[  689.840974][T14733] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1549'.
[  689.861206][T14733] ipvlan0: entered allmulticast mode
[  689.891116][T14733] veth0_vlan: entered allmulticast mode
[  690.570187][T14740] qrtr: Invalid version 0
[  691.480772][T14748] qrtr: Invalid version 0
[  692.631056][T14770] binder: 14769:14770 unknown command 3
[  692.636671][T14770] binder: 14769:14770 ioctl c0306201 0 returned -22
[  692.919413][T14768] Invalid ELF header magic: != ELF
[  693.755926][T14789] qrtr: Invalid version 0
[  694.914219][T14805] sp0: Synchronizing with TNC
[  696.079469][T14829] Process accounting paused
[  697.947376][T14864] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  698.007138][T14864] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  698.087458][T14864] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  698.118179][T14864] CPU0 is offline.
[  698.462407][T14877] QAT: Stopping all acceleration devices.
[  700.019988][T14668] Bluetooth: hci2: command 0x0c1a tx timeout
[  700.026103][T14668] Bluetooth: hci0: command 0x0c1a tx timeout
[  700.097075][T14668] Bluetooth: hci3: command 0x0c1a tx timeout
[  702.604070][T14932] FAULT_INJECTION: forcing a failure.
[  702.604070][T14932] name failslab, interval 1, probability 0, space 0, times 0
[  702.677462][T14932] CPU: 1 UID: 0 PID: 14932 Comm: syz.0.1587 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  702.677487][T14932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  702.677496][T14932] Call Trace:
[  702.677502][T14932]  <TASK>
[  702.677508][T14932]  dump_stack_lvl+0x16c/0x1f0
[  702.677535][T14932]  should_fail_ex+0x512/0x640
[  702.677549][T14932]  ? __kmalloc_cache_node_noprof+0x5a/0x420
[  702.677567][T14932]  should_failslab+0xc2/0x120
[  702.677587][T14932]  __kmalloc_cache_node_noprof+0x6d/0x420
[  702.677603][T14932]  ? blk_alloc_queue+0x630/0x760
[  702.677629][T14932]  ? __alloc_disk_node+0x5a/0x630
[  702.677646][T14932]  __alloc_disk_node+0x5a/0x630
[  702.677659][T14932]  ? blk_alloc_queue+0x1a3/0x760
[  702.677679][T14932]  __blk_alloc_disk+0xd0/0x160
[  702.677693][T14932]  ? __pfx___blk_alloc_disk+0x10/0x10
[  702.677718][T14932]  ? lockdep_init_map_type+0x5c/0x280
[  702.677741][T14932]  ? lockdep_init_map_type+0x5c/0x280
[  702.677762][T14932]  dm_create+0x4bf/0x1160
[  702.677785][T14932]  dev_create+0x121/0x290
[  702.677800][T14932]  ? __pfx_dev_create+0x10/0x10
[  702.677814][T14932]  ? __might_fault+0x13b/0x190
[  702.677834][T14932]  ctl_ioctl+0x798/0xd60
[  702.677848][T14932]  ? __pfx_dev_create+0x10/0x10
[  702.677863][T14932]  ? __pfx_ctl_ioctl+0x10/0x10
[  702.677895][T14932]  ? __fget_files+0x20e/0x3c0
[  702.677914][T14932]  dm_ctl_ioctl+0x22/0x30
[  702.677926][T14932]  ? __pfx_dm_ctl_ioctl+0x10/0x10
[  702.677940][T14932]  __x64_sys_ioctl+0x18b/0x210
[  702.677964][T14932]  do_syscall_64+0xcd/0x490
[  702.677986][T14932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  702.678000][T14932] RIP: 0033:0x7f926738eb69
[  702.678012][T14932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  702.678026][T14932] RSP: 002b:00007f92681ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  702.678040][T14932] RAX: ffffffffffffffda RBX: 00007f92675b5fa0 RCX: 00007f926738eb69
[  702.678049][T14932] RDX: 00002000000001c0 RSI: fffffffffffffd03 RDI: 0000000000000004
[  702.678058][T14932] RBP: 00007f9267411df1 R08: 0000000000000000 R09: 0000000000000000
[  702.678066][T14932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  702.678075][T14932] R13: 0000000000000000 R14: 00007f92675b5fa0 R15: 00007ffc91d273b8
[  702.678093][T14932]  </TASK>
[  702.963279][T14946] ptrace attach of "./syz-executor exec"[5867] was attempted by "./syz-executor exec"[14946]
[  703.964050][T14967] ubi0: attaching mtd0
[  704.021476][T14967] ubi0: scanning is finished
[  704.051273][T14967] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  704.445792][T14967] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  705.658458][T14986] qrtr: Invalid version 0
[  707.051914][T15013] Invalid ELF header magic: != ELF
[  707.082589][T15010] FAULT_INJECTION: forcing a failure.
[  707.082589][T15010] name failslab, interval 1, probability 0, space 0, times 0
[  707.130934][T15010] CPU: 1 UID: 0 PID: 15010 Comm: syz.3.1603 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  707.130958][T15010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  707.130968][T15010] Call Trace:
[  707.130973][T15010]  <TASK>
[  707.130979][T15010]  dump_stack_lvl+0x16c/0x1f0
[  707.131005][T15010]  should_fail_ex+0x512/0x640
[  707.131019][T15010]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  707.131038][T15010]  should_failslab+0xc2/0x120
[  707.131057][T15010]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  707.131072][T15010]  ? lockdep_init_map_type+0x5c/0x280
[  707.131090][T15010]  ? mempool_init_node+0x31d/0x760
[  707.131112][T15010]  ? __pfx_mempool_alloc_slab+0x10/0x10
[  707.131132][T15010]  mempool_init_node+0x31d/0x760
[  707.131155][T15010]  ? __pfx_mempool_alloc_slab+0x10/0x10
[  707.131180][T15010]  ? __pfx_mempool_free_slab+0x10/0x10
[  707.131200][T15010]  mempool_init_noprof+0x3a/0x50
[  707.131222][T15010]  bioset_init+0x37a/0x880
[  707.131239][T15010]  ? __pfx_bioset_init+0x10/0x10
[  707.131261][T15010]  __alloc_disk_node+0x83/0x630
[  707.131274][T15010]  ? blk_alloc_queue+0x1a3/0x760
[  707.131294][T15010]  __blk_alloc_disk+0xd0/0x160
[  707.131307][T15010]  ? __pfx___blk_alloc_disk+0x10/0x10
[  707.131331][T15010]  ? lockdep_init_map_type+0x5c/0x280
[  707.131350][T15010]  ? lockdep_init_map_type+0x5c/0x280
[  707.131371][T15010]  dm_create+0x4bf/0x1160
[  707.131394][T15010]  dev_create+0x121/0x290
[  707.131410][T15010]  ? __pfx_dev_create+0x10/0x10
[  707.131423][T15010]  ? __might_fault+0x13b/0x190
[  707.131443][T15010]  ctl_ioctl+0x798/0xd60
[  707.131458][T15010]  ? __pfx_dev_create+0x10/0x10
[  707.131472][T15010]  ? __pfx_ctl_ioctl+0x10/0x10
[  707.131504][T15010]  ? __fget_files+0x20e/0x3c0
[  707.131523][T15010]  dm_ctl_ioctl+0x22/0x30
[  707.131535][T15010]  ? __pfx_dm_ctl_ioctl+0x10/0x10
[  707.131549][T15010]  __x64_sys_ioctl+0x18b/0x210
[  707.131571][T15010]  do_syscall_64+0xcd/0x490
[  707.131594][T15010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  707.131608][T15010] RIP: 0033:0x7f7d5bb8eb69
[  707.131621][T15010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  707.131635][T15010] RSP: 002b:00007f7d5ca4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  707.131649][T15010] RAX: ffffffffffffffda RBX: 00007f7d5bdb5fa0 RCX: 00007f7d5bb8eb69
[  707.131659][T15010] RDX: 00002000000001c0 RSI: fffffffffffffd03 RDI: 0000000000000004
[  707.131667][T15010] RBP: 00007f7d5bc11df1 R08: 0000000000000000 R09: 0000000000000000
[  707.131676][T15010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  707.131684][T15010] R13: 0000000000000000 R14: 00007f7d5bdb5fa0 R15: 00007fffcbf98d18
[  707.131701][T15010]  </TASK>
[  708.154788][T15023] vivid-007: =================  START STATUS  =================
[  708.201556][T15023] vivid-007: Generate PTS: true
[  708.230046][T15023] vivid-007: Generate SCR: true
[  708.268212][T15023] tpg source WxH: 320x240 (Y'CbCr)
[  708.297189][T15023] tpg field: 1
[  708.346722][T15023] tpg crop: (0,0)/320x240
[  708.352883][T15023] tpg compose: (0,0)/320x240
[  708.378693][T15023] tpg colorspace: 8
[  708.382520][T15023] tpg transfer function: 0/0
[  708.444267][T15023] tpg Y'CbCr encoding: 0/0
[  708.486506][T15023] tpg quantization: 0/0
[  708.542474][T15023] tpg RGB range: 0/2
[  708.563401][T15023] vivid-007: ==================  END STATUS  ==================
[  708.912078][T15023] can: request_module (can-proto-3) failed.
[  710.021011][T15068] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  710.089754][T15068] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  710.129484][T15071] FAULT_INJECTION: forcing a failure.
[  710.129484][T15071] name failslab, interval 1, probability 0, space 0, times 0
[  710.157933][T15068] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  710.183673][T15068] CPU0 is offline.
[  710.194707][T15071] CPU: 1 UID: 0 PID: 15071 Comm: syz.3.1617 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  710.194729][T15071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  710.194739][T15071] Call Trace:
[  710.194744][T15071]  <TASK>
[  710.194751][T15071]  dump_stack_lvl+0x16c/0x1f0
[  710.194777][T15071]  should_fail_ex+0x512/0x640
[  710.194792][T15071]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  710.194809][T15071]  should_failslab+0xc2/0x120
[  710.194845][T15071]  __kmalloc_cache_noprof+0x6a/0x3e0
[  710.194860][T15071]  ? slip_open+0x88a/0x1150
[  710.194874][T15071]  ? kasan_save_track+0x14/0x30
[  710.194892][T15071]  slip_open+0x88a/0x1150
[  710.194914][T15071]  ? __pfx_n_tty_close+0x10/0x10
[  710.194933][T15071]  ? __pfx_slip_open+0x10/0x10
[  710.194947][T15071]  ? down_write+0x14d/0x200
[  710.194962][T15071]  ? __pfx_slip_open+0x10/0x10
[  710.194977][T15071]  tty_ldisc_open+0x9c/0x120
[  710.194997][T15071]  tty_set_ldisc+0x32b/0x780
[  710.195021][T15071]  tty_ioctl+0xc2e/0x1680
[  710.195035][T15071]  ? __pfx_tty_ioctl+0x10/0x10
[  710.195053][T15071]  ? find_held_lock+0x2b/0x80
[  710.195067][T15071]  ? hook_file_ioctl_common+0x145/0x410
[  710.195096][T15071]  ? __fget_files+0x20e/0x3c0
[  710.195114][T15071]  ? __pfx_tty_ioctl+0x10/0x10
[  710.195128][T15071]  __x64_sys_ioctl+0x18b/0x210
[  710.195151][T15071]  do_syscall_64+0xcd/0x490
[  710.195173][T15071]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  710.195187][T15071] RIP: 0033:0x7f7d5bb8eb69
[  710.195199][T15071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  710.195213][T15071] RSP: 002b:00007f7d5ca2a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  710.195227][T15071] RAX: ffffffffffffffda RBX: 00007f7d5bdb6080 RCX: 00007f7d5bb8eb69
[  710.195236][T15071] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000c
[  710.195244][T15071] RBP: 00007f7d5bc11df1 R08: 0000000000000000 R09: 0000000000000000
[  710.195253][T15071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  710.195261][T15071] R13: 0000000000000000 R14: 00007f7d5bdb6080 R15: 00007fffcbf98d18
[  710.195279][T15071]  </TASK>
[  711.349043][T15089] ubi0: attaching mtd0
[  711.381443][T15089] ubi0: scanning is finished
[  711.386077][T15089] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  711.446452][T15082] Invalid ELF header magic: != ELF
[  711.798361][T15089] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  712.106809][T14668] Bluetooth: hci2: command 0x0c1a tx timeout
[  712.112887][T14484] Bluetooth: hci0: command 0x0c1a tx timeout
[  712.182176][T14484] Bluetooth: hci3: command 0x0c1a tx timeout
[  714.285976][T15150] ubi0: attaching mtd0
[  714.342697][T15150] ubi0: scanning is finished
[  714.383659][T15150] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  714.730157][T15150] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  716.714804][T15203] netlink: 360 bytes leftover after parsing attributes in process `syz.1.1652'.
[  719.343404][T15266] random: crng reseeded on system resumption
[  720.202747][T15232] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  720.203010][T15232] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  722.402902][T15315] HfR: entered promiscuous mode
[  724.780540][T15357] random: crng reseeded on system resumption
[  725.291471][T15367] UHID_CREATE from different security context by process 1996 (syz.1.1697), this is not allowed.
[  725.501335][T15329] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  725.622695][T15329] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  726.815124][T15368] Process accounting resumed
[  727.135685][T15403] HfR: entered promiscuous mode
[  729.693122][T15456] openvswitch: HfR: Dropping previously announced user features
[  731.088662][T14484] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  734.017752][T15552] FAULT_INJECTION: forcing a failure.
[  734.017752][T15552] name failslab, interval 1, probability 0, space 0, times 0
[  734.082125][T15552] CPU: 1 UID: 0 PID: 15552 Comm: syz.3.1743 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  734.082150][T15552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  734.082159][T15552] Call Trace:
[  734.082165][T15552]  <TASK>
[  734.082171][T15552]  dump_stack_lvl+0x16c/0x1f0
[  734.082198][T15552]  should_fail_ex+0x512/0x640
[  734.082213][T15552]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  734.082233][T15552]  should_failslab+0xc2/0x120
[  734.082252][T15552]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  734.082268][T15552]  ? copy_process+0x4b6/0x7690
[  734.082288][T15552]  ? _raw_spin_unlock_irq+0x23/0x50
[  734.082308][T15552]  copy_process+0x4b6/0x7690
[  734.082325][T15552]  ? __pfx___futex_wait+0x10/0x10
[  734.082352][T15552]  ? __pfx_copy_process+0x10/0x10
[  734.082369][T15552]  ? futex_private_hash_put+0x176/0x300
[  734.082387][T15552]  ? futex_private_hash_put+0x18a/0x300
[  734.082406][T15552]  kernel_clone+0xfc/0x930
[  734.082425][T15552]  ? __pfx_kernel_clone+0x10/0x10
[  734.082452][T15552]  __do_sys_clone+0xce/0x120
[  734.082469][T15552]  ? __pfx___do_sys_clone+0x10/0x10
[  734.082485][T15552]  ? find_held_lock+0x2b/0x80
[  734.082506][T15552]  ? xfd_validate_state+0x61/0x180
[  734.082532][T15552]  do_syscall_64+0xcd/0x490
[  734.082563][T15552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  734.082579][T15552] RIP: 0033:0x7f7d5bb8eb69
[  734.082591][T15552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  734.082605][T15552] RSP: 002b:00007f7d5ca4afe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  734.082619][T15552] RAX: ffffffffffffffda RBX: 00007f7d5bdb5fa0 RCX: 00007f7d5bb8eb69
[  734.082628][T15552] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  734.082636][T15552] RBP: 00007f7d5bc11df1 R08: 0000000000000000 R09: 0000000000000000
[  734.082644][T15552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  734.082652][T15552] R13: 0000000000000000 R14: 00007f7d5bdb5fa0 R15: 00007fffcbf98d18
[  734.082670][T15552]  </TASK>
[  734.582487][T15555] random: crng reseeded on system resumption
[  734.689618][T15523] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  734.701962][T15523] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  740.425452][T15670] nvme_fcloop: unknown parameter or missing value '8000 1000'
[  745.208800][T15776] zswap: compressor 000 not available
[  745.830538][T15794] FAULT_INJECTION: forcing a failure.
[  745.830538][T15794] name failslab, interval 1, probability 0, space 0, times 0
[  745.880061][T15794] CPU: 1 UID: 7 PID: 15794 Comm: syz.3.1803 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  745.880085][T15794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  745.880094][T15794] Call Trace:
[  745.880100][T15794]  <TASK>
[  745.880105][T15794]  dump_stack_lvl+0x16c/0x1f0
[  745.880131][T15794]  should_fail_ex+0x512/0x640
[  745.880145][T15794]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  745.880162][T15794]  should_failslab+0xc2/0x120
[  745.880184][T15794]  __kmalloc_cache_noprof+0x6a/0x3e0
[  745.880199][T15794]  ? mqueue_init_fs_context+0x4b/0x480
[  745.880222][T15794]  ? __pfx_mqueue_init_fs_context+0x10/0x10
[  745.880242][T15794]  mqueue_init_fs_context+0x4b/0x480
[  745.880262][T15794]  ? __pfx_mqueue_init_fs_context+0x10/0x10
[  745.880283][T15794]  alloc_fs_context+0x54a/0x9c0
[  745.880315][T15794]  mq_init_ns+0x172/0x620
[  745.880330][T15794]  copy_ipcs+0x383/0x610
[  745.880343][T15794]  ? copy_utsname+0xab/0x470
[  745.880363][T15794]  create_new_namespaces+0x20a/0xa90
[  745.880379][T15794]  ? security_capable+0x7e/0x260
[  745.880401][T15794]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  745.880419][T15794]  ksys_unshare+0x45b/0xa40
[  745.880437][T15794]  ? __pfx_ksys_unshare+0x10/0x10
[  745.880456][T15794]  ? xfd_validate_state+0x61/0x180
[  745.880481][T15794]  __x64_sys_unshare+0x31/0x40
[  745.880499][T15794]  do_syscall_64+0xcd/0x490
[  745.880521][T15794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  745.880536][T15794] RIP: 0033:0x7f7d5bb8eb69
[  745.880548][T15794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  745.880562][T15794] RSP: 002b:00007f7d5ca4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  745.880576][T15794] RAX: ffffffffffffffda RBX: 00007f7d5bdb5fa0 RCX: 00007f7d5bb8eb69
[  745.880585][T15794] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400
[  745.880594][T15794] RBP: 00007f7d5bc11df1 R08: 0000000000000000 R09: 0000000000000000
[  745.880602][T15794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  745.880610][T15794] R13: 0000000000000000 R14: 00007f7d5bdb5fa0 R15: 00007fffcbf98d18
[  745.880628][T15794]  </TASK>
[  747.301321][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  747.317183][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  749.568361][T15877] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed.
[  753.783221][T15949] i2c i2c-0: delete_device: Can't find device in list
[  753.807042][T15952] FAULT_INJECTION: forcing a failure.
[  753.807042][T15952] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  753.874427][T15952] CPU: 1 UID: 0 PID: 15952 Comm: syz.2.1849 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  753.874451][T15952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  753.874461][T15952] Call Trace:
[  753.874466][T15952]  <TASK>
[  753.874472][T15952]  dump_stack_lvl+0x16c/0x1f0
[  753.874510][T15952]  should_fail_ex+0x512/0x640
[  753.874527][T15952]  _copy_to_user+0x32/0xd0
[  753.874545][T15952]  put_user_ifreq+0x72/0xc0
[  753.874560][T15952]  sock_do_ioctl+0x230/0x280
[  753.874574][T15952]  ? __pfx_sock_do_ioctl+0x10/0x10
[  753.874592][T15952]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  753.874620][T15952]  sock_ioctl+0x227/0x6b0
[  753.874637][T15952]  ? __pfx_sock_ioctl+0x10/0x10
[  753.874651][T15952]  ? hook_file_ioctl_common+0x145/0x410
[  753.874677][T15952]  ? __fget_files+0x20e/0x3c0
[  753.874694][T15952]  ? __pfx_sock_ioctl+0x10/0x10
[  753.874711][T15952]  __x64_sys_ioctl+0x18b/0x210
[  753.874733][T15952]  do_syscall_64+0xcd/0x490
[  753.874754][T15952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  753.874769][T15952] RIP: 0033:0x7f89af38eb69
[  753.874781][T15952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  753.874794][T15952] RSP: 002b:00007f89b0177038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  753.874808][T15952] RAX: ffffffffffffffda RBX: 00007f89af5b5fa0 RCX: 00007f89af38eb69
[  753.874817][T15952] RDX: 0000200000001300 RSI: 0000000000008933 RDI: 0000000000000005
[  753.874826][T15952] RBP: 00007f89af411df1 R08: 0000000000000000 R09: 0000000000000000
[  753.874834][T15952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  753.874842][T15952] R13: 0000000000000000 R14: 00007f89af5b5fa0 R15: 00007fff425dd058
[  753.874859][T15952]  </TASK>
[  756.044860][T15995] netlink: 146 bytes leftover after parsing attributes in process `syz.0.1864'.
[  757.009579][T16018] Process accounting paused
[  757.121437][T16021] FAULT_INJECTION: forcing a failure.
[  757.121437][T16021] name failslab, interval 1, probability 0, space 0, times 0
[  757.161849][T16021] CPU: 1 UID: 0 PID: 16021 Comm: syz.2.1872 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  757.161875][T16021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  757.161884][T16021] Call Trace:
[  757.161889][T16021]  <TASK>
[  757.161896][T16021]  dump_stack_lvl+0x16c/0x1f0
[  757.161924][T16021]  should_fail_ex+0x512/0x640
[  757.161939][T16021]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  757.161957][T16021]  should_failslab+0xc2/0x120
[  757.161975][T16021]  __kmalloc_cache_noprof+0x6a/0x3e0
[  757.161991][T16021]  ? mpi_alloc+0x46/0x230
[  757.162013][T16021]  mpi_alloc+0x46/0x230
[  757.162030][T16021]  rsa_check_payload+0x3b/0xc0
[  757.162051][T16021]  rsa_enc+0x198/0x3b0
[  757.162069][T16021]  ? __pfx_rsa_enc+0x10/0x10
[  757.162087][T16021]  ? __virt_addr_valid+0x81/0x610
[  757.162104][T16021]  ? __phys_addr+0xe8/0x180
[  757.162120][T16021]  ? sg_init_one+0xf5/0x1b0
[  757.162134][T16021]  rsassa_pkcs1_verify+0x502/0xb60
[  757.162169][T16021]  ? __pfx_rsassa_pkcs1_verify+0x10/0x10
[  757.162202][T16021]  ? rsa_max_size+0xd/0x70
[  757.162220][T16021]  ? rsassa_pkcs1_set_pub_key+0x17d/0x1f0
[  757.162245][T16021]  public_key_verify_signature+0x672/0x970
[  757.162267][T16021]  ? __pfx_public_key_verify_signature+0x10/0x10
[  757.162301][T16021]  x509_check_for_self_signed+0x31a/0x500
[  757.162324][T16021]  x509_cert_parse+0x5f8/0x900
[  757.162340][T16021]  ? kasan_save_stack+0x42/0x60
[  757.162355][T16021]  ? kasan_save_stack+0x33/0x60
[  757.162369][T16021]  ? kasan_save_track+0x14/0x30
[  757.162385][T16021]  pkcs7_extract_cert+0xa4/0x320
[  757.162407][T16021]  asn1_ber_decoder+0xc5f/0x1df0
[  757.162432][T16021]  ? __pfx_asn1_ber_decoder+0x10/0x10
[  757.162462][T16021]  pkcs7_parse_message+0x288/0x720
[  757.162484][T16021]  verify_pkcs7_signature+0x30/0xa0
[  757.162506][T16021]  valid_regdb+0x211/0x590
[  757.162527][T16021]  ? __pfx___mutex_lock+0x10/0x10
[  757.162549][T16021]  ? __pfx_valid_regdb+0x10/0x10
[  757.162573][T16021]  reg_reload_regdb+0x11a/0x460
[  757.162587][T16021]  ? __pfx_reg_reload_regdb+0x10/0x10
[  757.162601][T16021]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  757.162619][T16021]  ? nl80211_pre_doit+0x1b0/0xb10
[  757.162639][T16021]  genl_family_rcv_msg_doit+0x206/0x2f0
[  757.162657][T16021]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  757.162671][T16021]  ? rcu_is_watching+0x12/0xc0
[  757.162691][T16021]  ? bpf_lsm_capable+0x9/0x10
[  757.162705][T16021]  ? security_capable+0x7e/0x260
[  757.162730][T16021]  genl_rcv_msg+0x55c/0x800
[  757.162748][T16021]  ? __pfx_genl_rcv_msg+0x10/0x10
[  757.162763][T16021]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  757.162778][T16021]  ? __pfx_nl80211_reload_regdb+0x10/0x10
[  757.162799][T16021]  ? __pfx_nl80211_post_doit+0x10/0x10
[  757.162818][T16021]  netlink_rcv_skb+0x155/0x420
[  757.162840][T16021]  ? __pfx_genl_rcv_msg+0x10/0x10
[  757.162859][T16021]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  757.162888][T16021]  ? netlink_deliver_tap+0x1ae/0xd30
[  757.162911][T16021]  genl_rcv+0x28/0x40
[  757.162923][T16021]  netlink_unicast+0x5aa/0x870
[  757.162948][T16021]  ? __pfx_netlink_unicast+0x10/0x10
[  757.162971][T16021]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  757.162992][T16021]  ? __lock_acquire+0xb97/0x1ce0
[  757.163014][T16021]  netlink_sendmsg+0x8d1/0xdd0
[  757.163038][T16021]  ? __pfx_netlink_sendmsg+0x10/0x10
[  757.163067][T16021]  ____sys_sendmsg+0xa98/0xc70
[  757.163083][T16021]  ? copy_msghdr_from_user+0x10a/0x160
[  757.163104][T16021]  ? __pfx_____sys_sendmsg+0x10/0x10
[  757.163123][T16021]  ? __pfx_futex_wake_mark+0x10/0x10
[  757.163146][T16021]  ___sys_sendmsg+0x134/0x1d0
[  757.163203][T16021]  ? __pfx____sys_sendmsg+0x10/0x10
[  757.163249][T16021]  __sys_sendmsg+0x16d/0x220
[  757.163270][T16021]  ? __pfx___sys_sendmsg+0x10/0x10
[  757.163291][T16021]  ? __x64_sys_futex+0x1e0/0x4c0
[  757.163320][T16021]  do_syscall_64+0xcd/0x490
[  757.163343][T16021]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  757.163357][T16021] RIP: 0033:0x7f89af38eb69
[  757.163370][T16021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  757.163384][T16021] RSP: 002b:00007f89b0177038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  757.163399][T16021] RAX: ffffffffffffffda RBX: 00007f89af5b5fa0 RCX: 00007f89af38eb69
[  757.163409][T16021] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000005
[  757.163418][T16021] RBP: 00007f89af411df1 R08: 0000000000000000 R09: 0000000000000000
[  757.163427][T16021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  757.163436][T16021] R13: 0000000000000000 R14: 00007f89af5b5fa0 R15: 00007fff425dd058
[  757.163454][T16021]  </TASK>
[  757.991159][T16027] FAULT_INJECTION: forcing a failure.
[  757.991159][T16027] name failslab, interval 1, probability 0, space 0, times 0
[  758.004101][T16027] CPU: 1 UID: 0 PID: 16027 Comm: syz.3.1874 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  758.004123][T16027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  758.004132][T16027] Call Trace:
[  758.004138][T16027]  <TASK>
[  758.004144][T16027]  dump_stack_lvl+0x16c/0x1f0
[  758.004171][T16027]  should_fail_ex+0x512/0x640
[  758.004185][T16027]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  758.004204][T16027]  should_failslab+0xc2/0x120
[  758.004222][T16027]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  758.004238][T16027]  ? __pfx_apparmor_file_open+0x10/0x10
[  758.004254][T16027]  ? seq_open+0x55/0x170
[  758.004275][T16027]  seq_open+0x55/0x170
[  758.004294][T16027]  probes_open+0xb8/0x100
[  758.004314][T16027]  do_dentry_open+0x982/0x1530
[  758.004331][T16027]  ? __pfx_probes_open+0x10/0x10
[  758.004352][T16027]  vfs_open+0x82/0x3f0
[  758.004373][T16027]  path_openat+0x1de4/0x2cb0
[  758.004395][T16027]  ? __pfx_path_openat+0x10/0x10
[  758.004415][T16027]  do_filp_open+0x20b/0x470
[  758.004431][T16027]  ? __pfx_do_filp_open+0x10/0x10
[  758.004460][T16027]  ? alloc_fd+0x471/0x7d0
[  758.004479][T16027]  do_sys_openat2+0x11b/0x1d0
[  758.004499][T16027]  ? __pfx_do_sys_openat2+0x10/0x10
[  758.004518][T16027]  ? __sock_release+0x20b/0x270
[  758.004538][T16027]  __x64_sys_openat+0x174/0x210
[  758.004558][T16027]  ? __pfx___x64_sys_openat+0x10/0x10
[  758.004586][T16027]  do_syscall_64+0xcd/0x490
[  758.004608][T16027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  758.004622][T16027] RIP: 0033:0x7f7d5bb8eb69
[  758.004634][T16027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  758.004648][T16027] RSP: 002b:00007f7d5ca4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  758.004661][T16027] RAX: ffffffffffffffda RBX: 00007f7d5bdb5fa0 RCX: 00007f7d5bb8eb69
[  758.004671][T16027] RDX: 0000000000000002 RSI: 0000200000001680 RDI: ffffffffffffff9c
[  758.004680][T16027] RBP: 00007f7d5bc11df1 R08: 0000000000000000 R09: 0000000000000000
[  758.004688][T16027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  758.004697][T16027] R13: 0000000000000000 R14: 00007f7d5bdb5fa0 R15: 00007fffcbf98d18
[  758.004715][T16027]  </TASK>
[  760.898035][T16089] FAULT_INJECTION: forcing a failure.
[  760.898035][T16089] name failslab, interval 1, probability 0, space 0, times 0
[  760.967611][T16089] CPU: 1 UID: 0 PID: 16089 Comm: syz.2.1890 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  760.967635][T16089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  760.967644][T16089] Call Trace:
[  760.967650][T16089]  <TASK>
[  760.967656][T16089]  dump_stack_lvl+0x16c/0x1f0
[  760.967683][T16089]  should_fail_ex+0x512/0x640
[  760.967698][T16089]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  760.967719][T16089]  should_failslab+0xc2/0x120
[  760.967738][T16089]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  760.967757][T16089]  ? __kthread_create_on_node+0x186/0x3f0
[  760.967779][T16089]  kvasprintf+0xbc/0x160
[  760.967795][T16089]  ? __pfx_kvasprintf+0x10/0x10
[  760.967826][T16089]  ? __pfx_dvb_frontend_thread+0x10/0x10
[  760.967850][T16089]  __kthread_create_on_node+0x186/0x3f0
[  760.967870][T16089]  ? __pfx___kthread_create_on_node+0x10/0x10
[  760.967899][T16089]  ? __pfx_dvb_frontend_thread+0x10/0x10
[  760.967923][T16089]  kthread_create_on_node+0xc7/0x100
[  760.967942][T16089]  ? __pfx_kthread_create_on_node+0x10/0x10
[  760.967964][T16089]  ? mark_held_locks+0x49/0x80
[  760.967981][T16089]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  760.968000][T16089]  ? lockdep_hardirqs_on+0x7c/0x110
[  760.968023][T16089]  dvb_frontend_open+0xf47/0x1730
[  760.968049][T16089]  ? __pfx_dvb_frontend_open+0x10/0x10
[  760.968071][T16089]  dvb_device_open+0x26d/0x3b0
[  760.968085][T16089]  ? __pfx_dvb_device_open+0x10/0x10
[  760.968097][T16089]  chrdev_open+0x231/0x6a0
[  760.968114][T16089]  ? __pfx_apparmor_file_open+0x10/0x10
[  760.968130][T16089]  ? __pfx_chrdev_open+0x10/0x10
[  760.968148][T16089]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  760.968167][T16089]  do_dentry_open+0x982/0x1530
[  760.968184][T16089]  ? __pfx_chrdev_open+0x10/0x10
[  760.968205][T16089]  vfs_open+0x82/0x3f0
[  760.968226][T16089]  path_openat+0x1de4/0x2cb0
[  760.968249][T16089]  ? __pfx_path_openat+0x10/0x10
[  760.968270][T16089]  do_filp_open+0x20b/0x470
[  760.968285][T16089]  ? __pfx_do_filp_open+0x10/0x10
[  760.968315][T16089]  ? alloc_fd+0x471/0x7d0
[  760.968335][T16089]  do_sys_openat2+0x11b/0x1d0
[  760.968355][T16089]  ? __pfx_do_sys_openat2+0x10/0x10
[  760.968383][T16089]  __x64_sys_openat+0x174/0x210
[  760.968404][T16089]  ? __pfx___x64_sys_openat+0x10/0x10
[  760.968432][T16089]  do_syscall_64+0xcd/0x490
[  760.968454][T16089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  760.968469][T16089] RIP: 0033:0x7f89af38eb69
[  760.968481][T16089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  760.968495][T16089] RSP: 002b:00007f89b0177038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  760.968508][T16089] RAX: ffffffffffffffda RBX: 00007f89af5b5fa0 RCX: 00007f89af38eb69
[  760.968518][T16089] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  760.968526][T16089] RBP: 00007f89af411df1 R08: 0000000000000000 R09: 0000000000000000
[  760.968535][T16089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  760.968543][T16089] R13: 0000000000000000 R14: 00007f89af5b5fa0 R15: 00007fff425dd058
[  760.968562][T16089]  </TASK>
[  760.968586][T16089] i2c i2c-0: dvb_frontend_start: failed to start kthread (-12)
[  762.384204][T16124] [U] 
[  762.387008][T16124] [U] 
[  762.389708][T16124] [U] 
[  762.392407][T16124] [U] 
[  762.403961][T16124] [U] 
[  762.406667][T16124] [U] 
[  762.409346][T16124] [U] 
[  762.412016][T16124] [U] 
[  762.416386][T16124] [U] 
[  762.419079][T16124] [U] 
[  762.421749][T16124] [U] 
[  762.424450][T16124] [U] 
[  762.446556][T16124] [U] 
[  762.449266][T16124] [U] 
[  762.451940][T16124] [U] 
[  762.454613][T16124] [U] 
[  762.494613][T16124] [U] 
[  762.497358][T16124] [U] 
[  762.500070][T16124] [U] 
[  762.502751][T16124] [U] 
[  762.567836][T16130] [U] 
[  762.576123][T16129] FAULT_INJECTION: forcing a failure.
[  762.576123][T16129] name failslab, interval 1, probability 0, space 0, times 0
[  762.641522][T16129] CPU: 1 UID: 0 PID: 16129 Comm: syz.1.1900 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  762.641545][T16129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  762.641554][T16129] Call Trace:
[  762.641559][T16129]  <TASK>
[  762.641564][T16129]  dump_stack_lvl+0x16c/0x1f0
[  762.641591][T16129]  should_fail_ex+0x512/0x640
[  762.641627][T16129]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  762.641647][T16129]  should_failslab+0xc2/0x120
[  762.641667][T16129]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  762.641684][T16129]  ? __kernfs_new_node+0xd2/0x8e0
[  762.641705][T16129]  __kernfs_new_node+0xd2/0x8e0
[  762.641725][T16129]  ? __pfx___kernfs_new_node+0x10/0x10
[  762.641747][T16129]  ? find_held_lock+0x2b/0x80
[  762.641761][T16129]  ? kernfs_root+0xee/0x2a0
[  762.641781][T16129]  kernfs_new_node+0x13c/0x1e0
[  762.641804][T16129]  __kernfs_create_file+0x53/0x350
[  762.641826][T16129]  sysfs_add_file_mode_ns+0x207/0x3c0
[  762.641848][T16129]  internal_create_group+0x578/0xf30
[  762.641872][T16129]  ? __pfx_internal_create_group+0x10/0x10
[  762.641894][T16129]  ? kernfs_create_link+0x1bd/0x240
[  762.641910][T16129]  internal_create_groups+0x9d/0x150
[  762.641930][T16129]  device_add+0xf30/0x1aa0
[  762.641949][T16129]  ? __pfx_device_add+0x10/0x10
[  762.641965][T16129]  ? lockdep_init_map_type+0x5c/0x280
[  762.641984][T16129]  ? __init_waitqueue_head+0xca/0x150
[  762.642010][T16129]  netdev_register_kobject+0x1a9/0x3d0
[  762.642027][T16129]  register_netdevice+0x13dc/0x2270
[  762.642046][T16129]  ? __pfx_register_netdevice+0x10/0x10
[  762.642064][T16129]  ? __pfx_loopback_net_init+0x10/0x10
[  762.642084][T16129]  register_netdev+0x34/0x50
[  762.642097][T16129]  loopback_net_init+0x7a/0x170
[  762.642121][T16129]  ? __pfx_loopback_net_init+0x10/0x10
[  762.642138][T16129]  ops_init+0x1e2/0x5f0
[  762.642161][T16129]  setup_net+0x10f/0x380
[  762.642172][T16129]  ? lockdep_init_map_type+0x5c/0x280
[  762.642191][T16129]  ? __pfx_setup_net+0x10/0x10
[  762.642204][T16129]  ? debug_mutex_init+0x37/0x70
[  762.642219][T16129]  copy_net_ns+0x2a6/0x5f0
[  762.642235][T16129]  create_new_namespaces+0x3ea/0xa90
[  762.642256][T16129]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  762.642274][T16129]  ksys_unshare+0x45b/0xa40
[  762.642292][T16129]  ? __pfx_ksys_unshare+0x10/0x10
[  762.642311][T16129]  ? xfd_validate_state+0x61/0x180
[  762.642337][T16129]  __x64_sys_unshare+0x31/0x40
[  762.642354][T16129]  do_syscall_64+0xcd/0x490
[  762.642377][T16129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  762.642391][T16129] RIP: 0033:0x7f011f18eb69
[  762.642404][T16129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  762.642417][T16129] RSP: 002b:00007f011ffcf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  762.642431][T16129] RAX: ffffffffffffffda RBX: 00007f011f3b5fa0 RCX: 00007f011f18eb69
[  762.642440][T16129] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  762.642448][T16129] RBP: 00007f011f211df1 R08: 0000000000000000 R09: 0000000000000000
[  762.642456][T16129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  762.642465][T16129] R13: 0000000000000000 R14: 00007f011f3b5fa0 R15: 00007fffe8eadfa8
[  762.642485][T16129]  </TASK>
[  764.535013][T16162] FAULT_INJECTION: forcing a failure.
[  764.535013][T16162] name failslab, interval 1, probability 0, space 0, times 0
[  764.589368][T16162] CPU: 1 UID: 0 PID: 16162 Comm: syz.3.1908 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  764.589409][T16162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  764.589418][T16162] Call Trace:
[  764.589424][T16162]  <TASK>
[  764.589431][T16162]  dump_stack_lvl+0x16c/0x1f0
[  764.589458][T16162]  should_fail_ex+0x512/0x640
[  764.589473][T16162]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  764.589491][T16162]  should_failslab+0xc2/0x120
[  764.589517][T16162]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  764.589534][T16162]  ? __lock_acquire+0x107f/0x1ce0
[  764.589556][T16162]  ? __alloc_skb+0x2b2/0x380
[  764.589579][T16162]  __alloc_skb+0x2b2/0x380
[  764.589599][T16162]  ? __pfx___alloc_skb+0x10/0x10
[  764.589619][T16162]  ? do_raw_spin_lock+0x12c/0x2b0
[  764.589639][T16162]  ? find_held_lock+0x2b/0x80
[  764.589655][T16162]  inet6_netconf_notify_devconf+0x87/0x180
[  764.589674][T16162]  ip6_mroute_setsockopt+0x1253/0x20d0
[  764.589688][T16162]  ? rcu_is_watching+0x12/0xc0
[  764.589702][T16162]  ? finish_task_switch.isra.0+0x221/0xc10
[  764.589716][T16162]  ? lockdep_hardirqs_on+0x7c/0x110
[  764.589738][T16162]  ? __pfx_ip6_mroute_setsockopt+0x10/0x10
[  764.589751][T16162]  ? trace_sched_exit_tp+0xd1/0x120
[  764.589772][T16162]  ? __lock_acquire+0x62e/0x1ce0
[  764.589810][T16162]  ? do_ipv6_setsockopt+0x7ba/0x4350
[  764.589827][T16162]  do_ipv6_setsockopt+0x7ba/0x4350
[  764.589849][T16162]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  764.589866][T16162]  ? __futex_wait+0x24c/0x2f0
[  764.589887][T16162]  ? __pfx___futex_wait+0x10/0x10
[  764.589907][T16162]  ? aa_label_sk_perm+0x19b/0x5a0
[  764.589925][T16162]  ? __pfx_futex_wake_mark+0x10/0x10
[  764.589949][T16162]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  764.589965][T16162]  ? futex_private_hash_put+0x176/0x300
[  764.589984][T16162]  ? futex_private_hash_put+0x18a/0x300
[  764.590007][T16162]  ? __pfx___might_resched+0x10/0x10
[  764.590024][T16162]  ? ipv6_setsockopt+0xcb/0x170
[  764.590040][T16162]  ? aa_sk_perm+0x2f4/0xb10
[  764.590051][T16162]  ipv6_setsockopt+0xcb/0x170
[  764.590071][T16162]  rawv6_setsockopt+0xc2/0x510
[  764.590088][T16162]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  764.590105][T16162]  ? sock_common_setsockopt+0x2e/0xf0
[  764.590119][T16162]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  764.590135][T16162]  do_sock_setsockopt+0xf0/0x1d0
[  764.590152][T16162]  __sys_setsockopt+0x120/0x1a0
[  764.590176][T16162]  __x64_sys_setsockopt+0xbd/0x160
[  764.590194][T16162]  ? do_syscall_64+0x91/0x490
[  764.590214][T16162]  ? lockdep_hardirqs_on+0x7c/0x110
[  764.590233][T16162]  do_syscall_64+0xcd/0x490
[  764.590254][T16162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  764.590269][T16162] RIP: 0033:0x7f7d5bb8eb69
[  764.590282][T16162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  764.590295][T16162] RSP: 002b:00007f7d5ca4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  764.590309][T16162] RAX: ffffffffffffffda RBX: 00007f7d5bdb5fa0 RCX: 00007f7d5bb8eb69
[  764.590319][T16162] RDX: 00000000000000c8 RSI: 0000000000000029 RDI: 0400000000000003
[  764.590328][T16162] RBP: 00007f7d5bc11df1 R08: 0000000000000567 R09: 0000000000000000
[  764.590337][T16162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  764.590346][T16162] R13: 0000000000000000 R14: 00007f7d5bdb5fa0 R15: 00007fffcbf98d18
[  764.590364][T16162]  </TASK>
[  765.768697][T16188] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1916'.
[  765.780376][T16188] macsec0: entered allmulticast mode
[  765.785807][T16188] veth1_macvtap: entered allmulticast mode
[  766.003276][T16194] FAULT_INJECTION: forcing a failure.
[  766.003276][T16194] name fail_futex, interval 1, probability 0, space 0, times 0
[  766.039211][T16194] CPU: 1 UID: 0 PID: 16194 Comm: syz.0.1918 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  766.039235][T16194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  766.039244][T16194] Call Trace:
[  766.039256][T16194]  <TASK>
[  766.039262][T16194]  dump_stack_lvl+0x16c/0x1f0
[  766.039290][T16194]  should_fail_ex+0x512/0x640
[  766.039307][T16194]  get_futex_key+0x1d0/0x1560
[  766.039328][T16194]  ? __pfx_get_futex_key+0x10/0x10
[  766.039351][T16194]  futex_wake+0xea/0x530
[  766.039376][T16194]  ? rcu_is_watching+0x12/0xc0
[  766.039392][T16194]  ? __pfx_futex_wake+0x10/0x10
[  766.039415][T16194]  ? kmem_cache_free+0x2d1/0x4d0
[  766.039431][T16194]  ? fd_install+0x225/0x750
[  766.039445][T16194]  ? putname+0x154/0x1a0
[  766.039466][T16194]  do_futex+0x1e3/0x350
[  766.039485][T16194]  ? __pfx_do_futex+0x10/0x10
[  766.039508][T16194]  __x64_sys_futex+0x1e0/0x4c0
[  766.039526][T16194]  ? __x64_sys_openat+0x174/0x210
[  766.039546][T16194]  ? __pfx___x64_sys_futex+0x10/0x10
[  766.039563][T16194]  ? xfd_validate_state+0x61/0x180
[  766.039589][T16194]  do_syscall_64+0xcd/0x490
[  766.039611][T16194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  766.039625][T16194] RIP: 0033:0x7f926738eb69
[  766.039637][T16194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  766.039651][T16194] RSP: 002b:00007f92681ae0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  766.039665][T16194] RAX: ffffffffffffffda RBX: 00007f92675b5fa8 RCX: 00007f926738eb69
[  766.039675][T16194] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f92675b5fac
[  766.039683][T16194] RBP: 00007f92675b5fa0 R08: 00007f92681af000 R09: 0000000000000000
[  766.039691][T16194] R10: 0000000000000005 R11: 0000000000000246 R12: 00007f92675b5fac
[  766.039700][T16194] R13: 0000000000000000 R14: 00007ffc91d272d0 R15: 00007ffc91d273b8
[  766.039719][T16194]  </TASK>
[  766.236344][    C1] vkms_vblank_simulate: vblank timer overrun
[  766.367484][T16196] FAULT_INJECTION: forcing a failure.
[  766.367484][T16196] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  766.381171][T16196] CPU: 1 UID: 0 PID: 16196 Comm: syz.3.1920 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  766.381193][T16196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  766.381203][T16196] Call Trace:
[  766.381208][T16196]  <TASK>
[  766.381214][T16196]  dump_stack_lvl+0x16c/0x1f0
[  766.381241][T16196]  should_fail_ex+0x512/0x640
[  766.381258][T16196]  should_fail_alloc_page+0xe7/0x130
[  766.381279][T16196]  prepare_alloc_pages+0x3c2/0x610
[  766.381301][T16196]  ? stack_trace_save+0x8e/0xc0
[  766.381326][T16196]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  766.381347][T16196]  ? kasan_save_stack+0x42/0x60
[  766.381363][T16196]  ? kasan_save_stack+0x33/0x60
[  766.381377][T16196]  ? kasan_save_track+0x14/0x30
[  766.381392][T16196]  ? __kasan_kmalloc+0xaa/0xb0
[  766.381407][T16196]  ? fuse_dev_alloc+0x8e/0x280
[  766.381424][T16196]  ? fuse_dev_alloc_install+0x13/0x40
[  766.381441][T16196]  ? cuse_channel_open+0x100/0x7f0
[  766.381456][T16196]  ? misc_open+0x35a/0x420
[  766.381473][T16196]  ? chrdev_open+0x231/0x6a0
[  766.381489][T16196]  ? do_dentry_open+0x982/0x1530
[  766.381504][T16196]  ? vfs_open+0x82/0x3f0
[  766.381521][T16196]  ? path_openat+0x1de4/0x2cb0
[  766.381535][T16196]  ? look_up_lock_class+0x59/0x150
[  766.381555][T16196]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  766.381584][T16196]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  766.381605][T16196]  ? policy_nodemask+0xea/0x4e0
[  766.381624][T16196]  alloc_pages_mpol+0x1fb/0x550
[  766.381642][T16196]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  766.381660][T16196]  ? fuse_dev_alloc_install+0x2b/0x40
[  766.381682][T16196]  folio_alloc_noprof+0x20/0x2d0
[  766.381702][T16196]  cuse_channel_open+0x198/0x7f0
[  766.381718][T16196]  ? __pfx_cuse_channel_open+0x10/0x10
[  766.381735][T16196]  misc_open+0x35a/0x420
[  766.381753][T16196]  ? __pfx_misc_open+0x10/0x10
[  766.381770][T16196]  chrdev_open+0x231/0x6a0
[  766.381787][T16196]  ? __pfx_apparmor_file_open+0x10/0x10
[  766.381802][T16196]  ? __pfx_chrdev_open+0x10/0x10
[  766.381820][T16196]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  766.381840][T16196]  do_dentry_open+0x982/0x1530
[  766.381856][T16196]  ? __pfx_chrdev_open+0x10/0x10
[  766.381877][T16196]  vfs_open+0x82/0x3f0
[  766.381898][T16196]  path_openat+0x1de4/0x2cb0
[  766.381920][T16196]  ? __pfx_path_openat+0x10/0x10
[  766.381941][T16196]  do_filp_open+0x20b/0x470
[  766.381957][T16196]  ? __pfx_do_filp_open+0x10/0x10
[  766.381986][T16196]  ? alloc_fd+0x471/0x7d0
[  766.382006][T16196]  do_sys_openat2+0x11b/0x1d0
[  766.382026][T16196]  ? __pfx_do_sys_openat2+0x10/0x10
[  766.382053][T16196]  __x64_sys_openat+0x174/0x210
[  766.382073][T16196]  ? __pfx___x64_sys_openat+0x10/0x10
[  766.382101][T16196]  do_syscall_64+0xcd/0x490
[  766.382123][T16196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  766.382138][T16196] RIP: 0033:0x7f7d5bb8eb69
[  766.382151][T16196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  766.382165][T16196] RSP: 002b:00007f7d5ca4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  766.382179][T16196] RAX: ffffffffffffffda RBX: 00007f7d5bdb5fa0 RCX: 00007f7d5bb8eb69
[  766.382188][T16196] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  766.382198][T16196] RBP: 00007f7d5bc11df1 R08: 0000000000000000 R09: 0000000000000000
[  766.382207][T16196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  766.382215][T16196] R13: 0000000000000000 R14: 00007f7d5bdb5fa0 R15: 00007fffcbf98d18
[  766.382234][T16196]  </TASK>
[  766.730035][    C1] vkms_vblank_simulate: vblank timer overrun
[  766.906248][T16200] [U] 
[  766.909069][T16200] [U] 
[  766.911746][T16200] [U] 
[  766.914427][T16200] [U] 
[  766.917347][T16200] [U] 
[  766.920164][T16200] [U] 
[  766.922861][T16200] [U] 
[  766.925551][T16200] [U] 
[  766.928594][T16200] [U] 
[  766.931282][T16200] [U] 
[  766.933962][T16200] [U] 
[  766.936639][T16200] [U] 
[  766.939712][T16200] [U] 
[  766.942450][T16200] [U] 
[  766.945161][T16200] [U] 
[  766.947829][T16200] [U] 
[  766.951043][T16200] [U] 
[  766.953724][T16200] [U] 
[  766.956413][T16200] [U] 
[  766.959101][T16200] [U] 
[  766.961967][T16200] [U] 
[  766.964656][T16200] [U] 
[  766.967411][T16200] [U] 
[  766.970146][T16200] [U] 
[  766.972968][T16200] [U] 
[  766.976170][T16200] [U] 
[  766.978843][T16200] [U] 
[  766.981528][T16200] [U] 
[  766.984496][T16200] [U] 
[  766.987247][T16200] [U] 
[  766.989946][T16200] [U] 
[  766.992656][T16200] [U] 
[  766.995581][T16200] [U] 
[  766.998330][T16200] [U] 
[  767.001039][T16200] [U] 
[  767.003721][T16200] [U] 
[  767.006634][T16200] [U] 
[  767.009346][T16200] [U] 
[  767.012023][T16200] [U] 
[  767.014702][T16200] [U] 
[  767.017565][T16200] [U] 
[  767.020242][T16200] [U] 
[  767.022914][T16200] [U] 
[  767.025589][T16200] [U] 
[  767.028425][T16200] [U] 
[  767.031102][T16200] [U] 
[  767.033775][T16200] [U] 
[  767.036474][T16200] [U] 
[  767.039573][T16200] [U] 
[  767.042272][T16200] [U] 
[  767.044969][T16200] [U] 
[  767.047660][T16200] [U] 
[  767.050529][T16200] [U] 
[  767.053205][T16200] [U] 
[  767.055873][T16200] [U] 
[  767.058555][T16200] [U] 
[  767.061774][T16200] [U] 
[  767.064453][T16200] [U] 
[  767.067208][T16200] [U] 
[  767.069883][T16200] [U] 
[  767.072681][T16200] [U] 
[  767.075356][T16200] [U] 
[  767.078045][T16200] [U] 
[  767.080713][T16200] [U] 
[  767.083561][T16200] [U] 
[  767.086244][T16200] [U] 
[  767.088944][T16200] [U] 
[  767.091622][T16200] [U] 
[  767.094450][T16200] [U] 
[  767.097124][T16200] [U] 
[  767.099793][T16200] [U] 
[  767.102461][T16200] [U] 
[  767.128322][T16200] [U] 
[  767.131055][T16200] [U] 
[  767.133739][T16200] [U] 
[  767.136423][T16200] [U] 
[  767.197129][T16200] [U] 
[  767.199855][T16200] [U] 
[  767.202534][T16200] [U] 
[  767.205207][T16200] [U] 
[  767.235980][T16200] [U] 
[  767.238698][T16200] [U] 
[  767.241825][T16200] [U] 
[  767.244523][T16200] [U] 
[  767.263749][T16200] [U] 
[  767.266461][T16200] [U] 
[  767.269247][T16200] [U] 
[  767.271942][T16200] [U] 
[  767.285003][T16200] [U] 
[  767.287715][T16200] [U] 
[  767.290495][T16200] [U] 
[  767.293172][T16200] [U] 
[  767.307863][T16203] FAULT_INJECTION: forcing a failure.
[  767.307863][T16203] name failslab, interval 1, probability 0, space 0, times 0
[  767.320739][T16200] [U] 
[  767.323433][T16200] [U] 
[  767.326105][T16200] [U] 
[  767.328782][T16200] [U] 
[  767.335980][T16200] [U] 
[  767.338687][T16200] [U] 
[  767.341368][T16200] [U] 
[  767.344139][T16200] [U] 
[  767.349054][T16203] CPU: 1 UID: 0 PID: 16203 Comm: syz.2.1922 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  767.349078][T16203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  767.349088][T16203] Call Trace:
[  767.349093][T16203]  <TASK>
[  767.349099][T16203]  dump_stack_lvl+0x16c/0x1f0
[  767.349141][T16203]  should_fail_ex+0x512/0x640
[  767.349157][T16203]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  767.349182][T16203]  should_failslab+0xc2/0x120
[  767.349201][T16203]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  767.349216][T16203]  ? kernfs_add_one+0x37d/0x840
[  767.349236][T16203]  ? __kernfs_new_node+0xd2/0x8e0
[  767.349256][T16203]  __kernfs_new_node+0xd2/0x8e0
[  767.349274][T16203]  ? kernfs_add_one+0x14e/0x840
[  767.349292][T16203]  ? __pfx___kernfs_new_node+0x10/0x10
[  767.349314][T16203]  ? find_held_lock+0x2b/0x80
[  767.349329][T16203]  ? kernfs_root+0xee/0x2a0
[  767.349349][T16203]  kernfs_new_node+0x13c/0x1e0
[  767.349372][T16203]  kernfs_create_link+0xcc/0x240
[  767.349387][T16203]  sysfs_do_create_link_sd+0x90/0x140
[  767.349405][T16203]  sysfs_create_link+0x61/0xc0
[  767.349422][T16203]  device_add+0x50a/0x1aa0
[  767.349441][T16203]  ? __pfx_device_add+0x10/0x10
[  767.349457][T16203]  ? lockdep_init_map_type+0x5c/0x280
[  767.349477][T16203]  ? __init_waitqueue_head+0xca/0x150
[  767.349502][T16203]  netdev_register_kobject+0x1a9/0x3d0
[  767.349520][T16203]  register_netdevice+0x13dc/0x2270
[  767.349538][T16203]  ? __pfx_register_netdevice+0x10/0x10
[  767.349557][T16203]  register_netdev+0x34/0x50
[  767.349569][T16203]  sit_init_net+0x286/0x630
[  767.349588][T16203]  ? __pfx_sit_init_net+0x10/0x10
[  767.349605][T16203]  ops_init+0x1e2/0x5f0
[  767.349627][T16203]  setup_net+0x10f/0x380
[  767.349638][T16203]  ? lockdep_init_map_type+0x5c/0x280
[  767.349655][T16203]  ? __pfx_setup_net+0x10/0x10
[  767.349668][T16203]  ? debug_mutex_init+0x37/0x70
[  767.349683][T16203]  copy_net_ns+0x2a6/0x5f0
[  767.349699][T16203]  create_new_namespaces+0x3ea/0xa90
[  767.349719][T16203]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  767.349736][T16203]  ksys_unshare+0x45b/0xa40
[  767.349755][T16203]  ? __pfx_ksys_unshare+0x10/0x10
[  767.349773][T16203]  ? xfd_validate_state+0x61/0x180
[  767.349799][T16203]  __x64_sys_unshare+0x31/0x40
[  767.349817][T16203]  do_syscall_64+0xcd/0x490
[  767.349839][T16203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  767.349853][T16203] RIP: 0033:0x7f89af38eb69
[  767.349864][T16203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  767.349877][T16203] RSP: 002b:00007f89b0177038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  767.349891][T16203] RAX: ffffffffffffffda RBX: 00007f89af5b5fa0 RCX: 00007f89af38eb69
[  767.349900][T16203] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  767.349908][T16203] RBP: 00007f89af411df1 R08: 0000000000000000 R09: 0000000000000000
[  767.349916][T16203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  767.349924][T16203] R13: 0000000000000000 R14: 00007f89af5b5fa0 R15: 00007fff425dd058
[  767.349942][T16203]  </TASK>
[  767.657769][    C1] vkms_vblank_simulate: vblank timer overrun
[  767.683248][T16200] [U] 
[  768.246647][T16226] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1926'.
[  768.764968][T16241] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1931'.
[  769.021183][T16244] FAULT_INJECTION: forcing a failure.
[  769.021183][T16244] name failslab, interval 1, probability 0, space 0, times 0
[  769.034183][T16244] CPU: 1 UID: 0 PID: 16244 Comm: syz.0.1932 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  769.034205][T16244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  769.034214][T16244] Call Trace:
[  769.034221][T16244]  <TASK>
[  769.034228][T16244]  dump_stack_lvl+0x16c/0x1f0
[  769.034255][T16244]  should_fail_ex+0x512/0x640
[  769.034269][T16244]  ? bpf_ksym_find+0x124/0x1c0
[  769.034285][T16244]  should_failslab+0xc2/0x120
[  769.034304][T16244]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  769.034322][T16244]  ? skb_clone+0x190/0x3f0
[  769.034342][T16244]  ? __lock_acquire+0x62e/0x1ce0
[  769.034362][T16244]  skb_clone+0x190/0x3f0
[  769.034383][T16244]  dev_queue_xmit_nit+0x3e7/0xca0
[  769.034409][T16244]  dev_hard_start_xmit+0x5c3/0x740
[  769.034427][T16244]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[  769.034445][T16244]  __dev_queue_xmit+0xa46/0x4490
[  769.034470][T16244]  ? __pfx___dev_queue_xmit+0x10/0x10
[  769.034502][T16244]  ? __asan_memcpy+0x3c/0x60
[  769.034517][T16244]  ? __asan_memcpy+0x3c/0x60
[  769.034530][T16244]  ? __skb_clone+0x570/0x760
[  769.034552][T16244]  netlink_deliver_tap+0xa87/0xd30
[  769.034576][T16244]  netlink_unicast+0x64c/0x870
[  769.034599][T16244]  ? __pfx_netlink_unicast+0x10/0x10
[  769.034620][T16244]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  769.034647][T16244]  netlink_sendmsg+0x8d1/0xdd0
[  769.034671][T16244]  ? __pfx_netlink_sendmsg+0x10/0x10
[  769.034699][T16244]  __sys_sendto+0x4a0/0x520
[  769.034718][T16244]  ? __pfx___sys_sendto+0x10/0x10
[  769.034742][T16244]  ? find_held_lock+0x2b/0x80
[  769.034769][T16244]  __x64_sys_sendto+0xe0/0x1c0
[  769.034787][T16244]  ? do_syscall_64+0x91/0x490
[  769.034807][T16244]  ? lockdep_hardirqs_on+0x7c/0x110
[  769.034826][T16244]  do_syscall_64+0xcd/0x490
[  769.034848][T16244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  769.034863][T16244] RIP: 0033:0x7f92673909fc
[  769.034876][T16244] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  769.034891][T16244] RSP: 002b:00007f92681acec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  769.034906][T16244] RAX: ffffffffffffffda RBX: 00007f92681acfc0 RCX: 00007f92673909fc
[  769.034915][T16244] RDX: 000000000000001c RSI: 00007f92681ad010 RDI: 0000000000000004
[  769.034923][T16244] RBP: 0000000000000000 R08: 00007f92681acf14 R09: 000000000000000c
[  769.034932][T16244] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004
[  769.034940][T16244] R13: 00007f92681acf68 R14: 00007f92681ad010 R15: 0000000000000000
[  769.034958][T16244]  </TASK>
[  769.287981][    C1] vkms_vblank_simulate: vblank timer overrun
[  769.327236][T16246] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1933'.
[  769.415590][T16248] FAULT_INJECTION: forcing a failure.
[  769.415590][T16248] name failslab, interval 1, probability 0, space 0, times 0
[  769.429505][T16248] CPU: 1 UID: 0 PID: 16248 Comm: syz.3.1935 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  769.429527][T16248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  769.429537][T16248] Call Trace:
[  769.429542][T16248]  <TASK>
[  769.429548][T16248]  dump_stack_lvl+0x16c/0x1f0
[  769.429574][T16248]  should_fail_ex+0x512/0x640
[  769.429588][T16248]  ? fs_reclaim_acquire+0xae/0x150
[  769.429610][T16248]  ? tomoyo_encode2+0x100/0x3e0
[  769.429627][T16248]  should_failslab+0xc2/0x120
[  769.429645][T16248]  __kmalloc_noprof+0xd2/0x510
[  769.429660][T16248]  ? d_absolute_path+0x136/0x1a0
[  769.429682][T16248]  tomoyo_encode2+0x100/0x3e0
[  769.429700][T16248]  tomoyo_encode+0x29/0x50
[  769.429716][T16248]  tomoyo_realpath_from_path+0x18f/0x6e0
[  769.429738][T16248]  tomoyo_check_open_permission+0x2ab/0x3c0
[  769.429753][T16248]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  769.429787][T16248]  ? do_raw_spin_lock+0x12c/0x2b0
[  769.429813][T16248]  tomoyo_file_open+0x6b/0x90
[  769.429833][T16248]  security_file_open+0x84/0x1e0
[  769.429849][T16248]  do_dentry_open+0x596/0x1530
[  769.429871][T16248]  vfs_open+0x82/0x3f0
[  769.429893][T16248]  path_openat+0x1de4/0x2cb0
[  769.429915][T16248]  ? __pfx_path_openat+0x10/0x10
[  769.429936][T16248]  do_filp_open+0x20b/0x470
[  769.429952][T16248]  ? __pfx_do_filp_open+0x10/0x10
[  769.429981][T16248]  ? alloc_fd+0x471/0x7d0
[  769.430001][T16248]  do_sys_openat2+0x11b/0x1d0
[  769.430028][T16248]  ? __pfx_do_sys_openat2+0x10/0x10
[  769.430056][T16248]  __x64_sys_openat+0x174/0x210
[  769.430077][T16248]  ? __pfx___x64_sys_openat+0x10/0x10
[  769.430107][T16248]  do_syscall_64+0xcd/0x490
[  769.430128][T16248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  769.430143][T16248] RIP: 0033:0x7f7d5bb8eb69
[  769.430155][T16248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  769.430168][T16248] RSP: 002b:00007f7d5ca4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  769.430182][T16248] RAX: ffffffffffffffda RBX: 00007f7d5bdb5fa0 RCX: 00007f7d5bb8eb69
[  769.430191][T16248] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  769.430200][T16248] RBP: 00007f7d5bc11df1 R08: 0000000000000000 R09: 0000000000000000
[  769.430208][T16248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  769.430217][T16248] R13: 0000000000000000 R14: 00007f7d5bdb5fa0 R15: 00007fffcbf98d18
[  769.430236][T16248]  </TASK>
[  769.430253][T16248] ERROR: Out of memory at tomoyo_realpath_from_path.
[  770.171713][T16265] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1939'.
[  770.181852][T16265] macsec0: entered allmulticast mode
[  770.187983][T16265] veth1_macvtap: entered allmulticast mode
[  770.711658][T16274] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1941'.
[  770.849565][T16280] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1943'.
[  771.865804][T16306] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1950'.
[  771.899847][T16306] macsec0: entered allmulticast mode
[  771.918902][T16306] veth1_macvtap: entered allmulticast mode
[  772.129518][T16308] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1951'.
[  772.169122][T16313] netlink: 354 bytes leftover after parsing attributes in process `syz.2.1953'.
[  772.342220][T16317] FAULT_INJECTION: forcing a failure.
[  772.342220][T16317] name failslab, interval 1, probability 0, space 0, times 0
[  772.361517][T16319] FAULT_INJECTION: forcing a failure.
[  772.361517][T16319] name failslab, interval 1, probability 0, space 0, times 0
[  772.412575][T16317] CPU: 1 UID: 0 PID: 16317 Comm: syz.1.1954 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  772.412600][T16317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  772.412609][T16317] Call Trace:
[  772.412615][T16317]  <TASK>
[  772.412621][T16317]  dump_stack_lvl+0x16c/0x1f0
[  772.412658][T16317]  should_fail_ex+0x512/0x640
[  772.412673][T16317]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  772.412698][T16317]  should_failslab+0xc2/0x120
[  772.412716][T16317]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  772.412733][T16317]  ? __kernfs_new_node+0xd2/0x8e0
[  772.412755][T16317]  __kernfs_new_node+0xd2/0x8e0
[  772.412775][T16317]  ? __pfx___kernfs_new_node+0x10/0x10
[  772.412797][T16317]  ? find_held_lock+0x2b/0x80
[  772.412812][T16317]  ? kernfs_root+0xee/0x2a0
[  772.412832][T16317]  kernfs_new_node+0x13c/0x1e0
[  772.412855][T16317]  __kernfs_create_file+0x53/0x350
[  772.412871][T16317]  sysfs_add_file_mode_ns+0x207/0x3c0
[  772.412892][T16317]  internal_create_group+0x578/0xf30
[  772.412915][T16317]  ? __pfx_internal_create_group+0x10/0x10
[  772.412936][T16317]  ? kernfs_create_link+0x1bd/0x240
[  772.412952][T16317]  internal_create_groups+0x9d/0x150
[  772.412971][T16317]  device_add+0xf30/0x1aa0
[  772.412990][T16317]  ? __pfx_device_add+0x10/0x10
[  772.413006][T16317]  ? lockdep_init_map_type+0x5c/0x280
[  772.413024][T16317]  ? __init_waitqueue_head+0xca/0x150
[  772.413050][T16317]  netdev_register_kobject+0x1a9/0x3d0
[  772.413069][T16317]  register_netdevice+0x13dc/0x2270
[  772.413087][T16317]  ? __pfx_register_netdevice+0x10/0x10
[  772.413106][T16317]  internal_dev_create+0x2d3/0x520
[  772.413123][T16317]  ovs_vport_add+0x144/0x4d0
[  772.413146][T16317]  new_vport+0x16/0x1d0
[  772.413163][T16317]  ovs_dp_cmd_new+0x6ba/0xe60
[  772.413187][T16317]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[  772.413209][T16317]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  772.413226][T16317]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  772.413246][T16317]  genl_family_rcv_msg_doit+0x206/0x2f0
[  772.413262][T16317]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  772.413277][T16317]  ? trace_cap_capable+0x18d/0x200
[  772.413303][T16317]  ? bpf_lsm_capable+0x9/0x10
[  772.413315][T16317]  ? security_capable+0x7e/0x260
[  772.413335][T16317]  ? ns_capable+0xd7/0x110
[  772.413352][T16317]  genl_rcv_msg+0x55c/0x800
[  772.413369][T16317]  ? __pfx_genl_rcv_msg+0x10/0x10
[  772.413388][T16317]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[  772.413414][T16317]  netlink_rcv_skb+0x155/0x420
[  772.413435][T16317]  ? __pfx_genl_rcv_msg+0x10/0x10
[  772.413451][T16317]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  772.413481][T16317]  ? netlink_deliver_tap+0x1ae/0xd30
[  772.413504][T16317]  genl_rcv+0x28/0x40
[  772.413516][T16317]  netlink_unicast+0x5aa/0x870
[  772.413540][T16317]  ? __pfx_netlink_unicast+0x10/0x10
[  772.413561][T16317]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  772.413580][T16317]  ? __lock_acquire+0xb97/0x1ce0
[  772.413603][T16317]  netlink_sendmsg+0x8d1/0xdd0
[  772.413627][T16317]  ? __pfx_netlink_sendmsg+0x10/0x10
[  772.413662][T16317]  ____sys_sendmsg+0xa98/0xc70
[  772.413679][T16317]  ? copy_msghdr_from_user+0x10a/0x160
[  772.413700][T16317]  ? __pfx_____sys_sendmsg+0x10/0x10
[  772.413726][T16317]  ___sys_sendmsg+0x134/0x1d0
[  772.413748][T16317]  ? __pfx____sys_sendmsg+0x10/0x10
[  772.413793][T16317]  __sys_sendmsg+0x16d/0x220
[  772.413814][T16317]  ? __pfx___sys_sendmsg+0x10/0x10
[  772.413833][T16317]  ? __x64_sys_futex+0x1e0/0x4c0
[  772.413863][T16317]  do_syscall_64+0xcd/0x490
[  772.413885][T16317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  772.413900][T16317] RIP: 0033:0x7f011f18eb69
[  772.413913][T16317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  772.413926][T16317] RSP: 002b:00007f011ffcf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  772.413941][T16317] RAX: ffffffffffffffda RBX: 00007f011f3b5fa0 RCX: 00007f011f18eb69
[  772.413951][T16317] RDX: 0000000002000000 RSI: 0000200000000080 RDI: 0000000000000005
[  772.413960][T16317] RBP: 00007f011f211df1 R08: 0000000000000000 R09: 0000000000000000
[  772.413970][T16317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  772.413979][T16317] R13: 0000000000000000 R14: 00007f011f3b5fa0 R15: 00007fffe8eadfa8
[  772.413998][T16317]  </TASK>
[  772.414106][T16319] CPU: 1 UID: 0 PID: 16319 Comm: syz.0.1955 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  772.414126][T16319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  772.414135][T16319] Call Trace:
[  772.414140][T16319]  <TASK>
[  772.414145][T16319]  dump_stack_lvl+0x16c/0x1f0
[  772.414167][T16319]  should_fail_ex+0x512/0x640
[  772.414181][T16319]  ? __kmalloc_noprof+0xbf/0x510
[  772.414197][T16319]  ? lsm_blob_alloc+0x68/0x90
[  772.414215][T16319]  should_failslab+0xc2/0x120
[  772.414234][T16319]  __kmalloc_noprof+0xd2/0x510
[  772.414254][T16319]  lsm_blob_alloc+0x68/0x90
[  772.414272][T16319]  security_sk_alloc+0x30/0x270
[  772.414294][T16319]  sk_prot_alloc+0x1c7/0x2a0
[  772.414310][T16319]  sk_alloc+0x36/0xc20
[  772.414330][T16319]  __netlink_create+0x5e/0x2c0
[  772.414347][T16319]  ? __wake_up+0x3f/0x60
[  772.414367][T16319]  netlink_create+0x39e/0x620
[  772.414385][T16319]  ? __pfx_rtnetlink_bind+0x10/0x10
[  772.414407][T16319]  __sock_create+0x335/0x8d0
[  772.414426][T16319]  __sys_socket+0x14d/0x260
[  772.414442][T16319]  ? __x64_sys_openat+0x174/0x210
[  772.414463][T16319]  ? __pfx___sys_socket+0x10/0x10
[  772.414479][T16319]  ? xfd_validate_state+0x61/0x180
[  772.414503][T16319]  __x64_sys_socket+0x72/0xb0
[  772.414518][T16319]  ? lockdep_hardirqs_on+0x7c/0x110
[  772.414538][T16319]  do_syscall_64+0xcd/0x490
[  772.414560][T16319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  772.414574][T16319] RIP: 0033:0x7f926738eb69
[  772.414585][T16319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  772.414598][T16319] RSP: 002b:00007f92681ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  772.414611][T16319] RAX: ffffffffffffffda RBX: 00007f92675b5fa0 RCX: 00007f926738eb69
[  772.414620][T16319] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000010
[  772.414627][T16319] RBP: 00007f9267411df1 R08: 0000000000000000 R09: 0000000000000000
[  772.414636][T16319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  772.414644][T16319] R13: 0000000000000000 R14: 00007f92675b5fa0 R15: 00007ffc91d273b8
[  772.414670][T16319]  </TASK>
[  774.410785][T16346] FAULT_INJECTION: forcing a failure.
[  774.410785][T16346] name failslab, interval 1, probability 0, space 0, times 0
[  774.468551][T16346] CPU: 1 UID: 0 PID: 16346 Comm: syz.2.1963 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  774.468577][T16346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  774.468586][T16346] Call Trace:
[  774.468591][T16346]  <TASK>
[  774.468597][T16346]  dump_stack_lvl+0x16c/0x1f0
[  774.468624][T16346]  should_fail_ex+0x512/0x640
[  774.468637][T16346]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  774.468654][T16346]  should_failslab+0xc2/0x120
[  774.468672][T16346]  __kmalloc_cache_noprof+0x6a/0x3e0
[  774.468686][T16346]  ? allocate_file_region_entries+0x15b/0x620
[  774.468702][T16346]  ? allocate_file_region_entries+0x1a0/0x620
[  774.468721][T16346]  allocate_file_region_entries+0x1a0/0x620
[  774.468741][T16346]  ? __pfx_allocate_file_region_entries+0x10/0x10
[  774.468763][T16346]  region_chg+0x85/0x140
[  774.468780][T16346]  __vma_reservation_common+0x43b/0x740
[  774.468798][T16346]  ? __pfx___vma_reservation_common+0x10/0x10
[  774.468815][T16346]  ? __pfx___might_resched+0x10/0x10
[  774.468829][T16346]  ? folio_zero_user+0x1da/0x7c0
[  774.468846][T16346]  hugetlb_fault+0x198e/0x2f40
[  774.468863][T16346]  ? __pfx_hugetlb_fault+0x10/0x10
[  774.468884][T16346]  ? find_vma+0xbf/0x140
[  774.468900][T16346]  ? __pfx_find_vma+0x10/0x10
[  774.468920][T16346]  handle_mm_fault+0xbfa/0xd10
[  774.468934][T16346]  ? __pkru_allows_pkey+0x51/0xb0
[  774.468956][T16346]  do_user_addr_fault+0x7a6/0x1370
[  774.468979][T16346]  ? rcu_is_watching+0x12/0xc0
[  774.468995][T16346]  exc_page_fault+0x5c/0xb0
[  774.469015][T16346]  asm_exc_page_fault+0x26/0x30
[  774.469029][T16346] RIP: 0010:rep_movs_alternative+0x11/0x90
[  774.469046][T16346] Code: e9 84 22 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 22 04 00 66 66 2e 0f
[  774.469059][T16346] RSP: 0018:ffffc9000eedfdb0 EFLAGS: 00050206
[  774.469072][T16346] RAX: 000000000000002f RBX: 0000000000000005 RCX: 0000000000000005
[  774.469080][T16346] RDX: ffffed100b5bdca0 RSI: ffff88805adee4fb RDI: 0000000000000000
[  774.469089][T16346] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed100b5bdc9f
[  774.469097][T16346] R10: ffff88805adee4ff R11: 0000000000000000 R12: ffff88805adee4fb
[  774.469106][T16346] R13: 0000000000000005 R14: 00007ffffffff000 R15: 0000000000000000
[  774.469124][T16346]  _copy_to_user+0xbb/0xd0
[  774.469143][T16346]  __do_sys_getcwd+0x483/0x930
[  774.469167][T16346]  ? __pfx___do_sys_getcwd+0x10/0x10
[  774.469184][T16346]  ? fput+0x9b/0xd0
[  774.469204][T16346]  ? xfd_validate_state+0x61/0x180
[  774.469222][T16346]  ? __pfx_ksys_write+0x10/0x10
[  774.469243][T16346]  do_syscall_64+0xcd/0x490
[  774.469265][T16346]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  774.469278][T16346] RIP: 0033:0x7f89af38eb69
[  774.469289][T16346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  774.469302][T16346] RSP: 002b:00007f89b0177038 EFLAGS: 00000246 ORIG_RAX: 000000000000004f
[  774.469315][T16346] RAX: ffffffffffffffda RBX: 00007f89af5b5fa0 RCX: 00007f89af38eb69
[  774.469323][T16346] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000000
[  774.469331][T16346] RBP: 00007f89af411df1 R08: 0000000000000000 R09: 0000000000000000
[  774.469339][T16346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  774.469347][T16346] R13: 0000000000000000 R14: 00007f89af5b5fa0 R15: 00007fff425dd058
[  774.469366][T16346]  </TASK>
[  775.348767][T16355] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  775.476794][T16359] FAULT_INJECTION: forcing a failure.
[  775.476794][T16359] name failslab, interval 1, probability 0, space 0, times 0
[  775.539018][T16359] CPU: 1 UID: 0 PID: 16359 Comm: syz.1.1967 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  775.539043][T16359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  775.539052][T16359] Call Trace:
[  775.539057][T16359]  <TASK>
[  775.539063][T16359]  dump_stack_lvl+0x16c/0x1f0
[  775.539089][T16359]  should_fail_ex+0x512/0x640
[  775.539103][T16359]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  775.539124][T16359]  should_failslab+0xc2/0x120
[  775.539143][T16359]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  775.539161][T16359]  ? __kthread_create_on_node+0x186/0x3f0
[  775.539183][T16359]  kvasprintf+0xbc/0x160
[  775.539199][T16359]  ? __pfx_kvasprintf+0x10/0x10
[  775.539223][T16359]  ? __pfx_dvb_frontend_thread+0x10/0x10
[  775.539258][T16359]  __kthread_create_on_node+0x186/0x3f0
[  775.539277][T16359]  ? __pfx___kthread_create_on_node+0x10/0x10
[  775.539306][T16359]  ? __pfx_dvb_frontend_thread+0x10/0x10
[  775.539331][T16359]  kthread_create_on_node+0xc7/0x100
[  775.539349][T16359]  ? __pfx_kthread_create_on_node+0x10/0x10
[  775.539371][T16359]  ? mark_held_locks+0x49/0x80
[  775.539388][T16359]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  775.539407][T16359]  ? lockdep_hardirqs_on+0x7c/0x110
[  775.539430][T16359]  dvb_frontend_open+0xf47/0x1730
[  775.539457][T16359]  ? __pfx_dvb_frontend_open+0x10/0x10
[  775.539478][T16359]  dvb_device_open+0x26d/0x3b0
[  775.539492][T16359]  ? __pfx_dvb_device_open+0x10/0x10
[  775.539505][T16359]  chrdev_open+0x231/0x6a0
[  775.539522][T16359]  ? __pfx_apparmor_file_open+0x10/0x10
[  775.539538][T16359]  ? __pfx_chrdev_open+0x10/0x10
[  775.539556][T16359]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  775.539576][T16359]  do_dentry_open+0x982/0x1530
[  775.539593][T16359]  ? __pfx_chrdev_open+0x10/0x10
[  775.539622][T16359]  vfs_open+0x82/0x3f0
[  775.539645][T16359]  path_openat+0x1de4/0x2cb0
[  775.539669][T16359]  ? __pfx_path_openat+0x10/0x10
[  775.539691][T16359]  do_filp_open+0x20b/0x470
[  775.539708][T16359]  ? __pfx_do_filp_open+0x10/0x10
[  775.539741][T16359]  ? alloc_fd+0x471/0x7d0
[  775.539761][T16359]  do_sys_openat2+0x11b/0x1d0
[  775.539781][T16359]  ? __pfx_do_sys_openat2+0x10/0x10
[  775.539808][T16359]  __x64_sys_openat+0x174/0x210
[  775.539829][T16359]  ? __pfx___x64_sys_openat+0x10/0x10
[  775.539857][T16359]  do_syscall_64+0xcd/0x490
[  775.539879][T16359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  775.539894][T16359] RIP: 0033:0x7f011f18eb69
[  775.539906][T16359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  775.539920][T16359] RSP: 002b:00007f011ffcf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  775.539934][T16359] RAX: ffffffffffffffda RBX: 00007f011f3b5fa0 RCX: 00007f011f18eb69
[  775.539944][T16359] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  775.539953][T16359] RBP: 00007f011f211df1 R08: 0000000000000000 R09: 0000000000000000
[  775.539963][T16359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  775.539971][T16359] R13: 0000000000000000 R14: 00007f011f3b5fa0 R15: 00007fffe8eadfa8
[  775.539991][T16359]  </TASK>
[  775.540013][T16359] i2c i2c-0: dvb_frontend_start: failed to start kthread (-12)
[  776.305652][T16375] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1971'.
[  776.487376][T16379] netlink: 98 bytes leftover after parsing attributes in process `syz.0.1973'.
[  776.544749][T16379] netlink: 50 bytes leftover after parsing attributes in process `syz.0.1973'.
[  778.492826][T16423] FAULT_INJECTION: forcing a failure.
[  778.492826][T16423] name failslab, interval 1, probability 0, space 0, times 0
[  778.575878][T16423] CPU: 1 UID: 0 PID: 16423 Comm: syz.3.1984 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  778.575901][T16423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  778.575911][T16423] Call Trace:
[  778.575916][T16423]  <TASK>
[  778.575922][T16423]  dump_stack_lvl+0x16c/0x1f0
[  778.575950][T16423]  should_fail_ex+0x512/0x640
[  778.575965][T16423]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  778.575985][T16423]  should_failslab+0xc2/0x120
[  778.576004][T16423]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  778.576021][T16423]  ? __kernfs_new_node+0xd2/0x8e0
[  778.576043][T16423]  __kernfs_new_node+0xd2/0x8e0
[  778.576062][T16423]  ? __pfx___kernfs_new_node+0x10/0x10
[  778.576084][T16423]  ? find_held_lock+0x2b/0x80
[  778.576098][T16423]  ? kernfs_root+0xee/0x2a0
[  778.576119][T16423]  kernfs_new_node+0x13c/0x1e0
[  778.576142][T16423]  __kernfs_create_file+0x53/0x350
[  778.576158][T16423]  sysfs_add_file_mode_ns+0x207/0x3c0
[  778.576179][T16423]  internal_create_group+0x578/0xf30
[  778.576201][T16423]  ? __pfx_internal_create_group+0x10/0x10
[  778.576222][T16423]  ? kernfs_create_link+0x1bd/0x240
[  778.576239][T16423]  internal_create_groups+0x9d/0x150
[  778.576259][T16423]  device_add+0x6d1/0x1aa0
[  778.576286][T16423]  ? __pfx_device_add+0x10/0x10
[  778.576303][T16423]  ? lockdep_init_map_type+0x5c/0x280
[  778.576322][T16423]  ? __init_waitqueue_head+0xca/0x150
[  778.576349][T16423]  netdev_register_kobject+0x1a9/0x3d0
[  778.576368][T16423]  register_netdevice+0x13dc/0x2270
[  778.576387][T16423]  ? __pfx_register_netdevice+0x10/0x10
[  778.576409][T16423]  ? __pfx_loopback_net_init+0x10/0x10
[  778.576428][T16423]  register_netdev+0x34/0x50
[  778.576441][T16423]  loopback_net_init+0x7a/0x170
[  778.576459][T16423]  ? __pfx_loopback_net_init+0x10/0x10
[  778.576476][T16423]  ops_init+0x1e2/0x5f0
[  778.576499][T16423]  setup_net+0x10f/0x380
[  778.576510][T16423]  ? lockdep_init_map_type+0x5c/0x280
[  778.576529][T16423]  ? __pfx_setup_net+0x10/0x10
[  778.576542][T16423]  ? debug_mutex_init+0x37/0x70
[  778.576557][T16423]  copy_net_ns+0x2a6/0x5f0
[  778.576574][T16423]  create_new_namespaces+0x3ea/0xa90
[  778.576594][T16423]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  778.576612][T16423]  ksys_unshare+0x45b/0xa40
[  778.576631][T16423]  ? __pfx_ksys_unshare+0x10/0x10
[  778.576650][T16423]  ? xfd_validate_state+0x61/0x180
[  778.576675][T16423]  __x64_sys_unshare+0x31/0x40
[  778.576693][T16423]  do_syscall_64+0xcd/0x490
[  778.576715][T16423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  778.576729][T16423] RIP: 0033:0x7f7d5bb8eb69
[  778.576741][T16423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  778.576755][T16423] RSP: 002b:00007f7d5ca4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  778.576769][T16423] RAX: ffffffffffffffda RBX: 00007f7d5bdb5fa0 RCX: 00007f7d5bb8eb69
[  778.576779][T16423] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  778.576787][T16423] RBP: 00007f7d5bc11df1 R08: 0000000000000000 R09: 0000000000000000
[  778.576796][T16423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  778.576805][T16423] R13: 0000000000000000 R14: 00007f7d5bdb5fa0 R15: 00007fffcbf98d18
[  778.576828][T16423]  </TASK>
[  779.764868][T16432] zswap: compressor 000 not available
[  787.347041][T16586] Process accounting resumed
[  787.352037][T16588] FAULT_INJECTION: forcing a failure.
[  787.352037][T16588] name fail_futex, interval 1, probability 0, space 0, times 0
[  787.532782][T16588] CPU: 1 UID: 0 PID: 16588 Comm: syz.3.2026 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  787.532807][T16588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  787.532816][T16588] Call Trace:
[  787.532821][T16588]  <TASK>
[  787.532827][T16588]  dump_stack_lvl+0x16c/0x1f0
[  787.532853][T16588]  should_fail_ex+0x512/0x640
[  787.532871][T16588]  get_futex_key+0x1d0/0x1560
[  787.532890][T16588]  ? find_held_lock+0x2b/0x80
[  787.532904][T16588]  ? __pfx_get_futex_key+0x10/0x10
[  787.532922][T16588]  ? do_raw_spin_unlock+0x172/0x230
[  787.532942][T16588]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  787.532964][T16588]  futex_wait_setup+0x9d/0x550
[  787.532989][T16588]  __futex_wait+0x194/0x2f0
[  787.533009][T16588]  ? __pfx___futex_wait+0x10/0x10
[  787.533028][T16588]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  787.533045][T16588]  ? lockdep_hardirqs_on+0x7c/0x110
[  787.533067][T16588]  ? __pfx_futex_wake_mark+0x10/0x10
[  787.533089][T16588]  ? futex_private_hash_put+0x176/0x300
[  787.533107][T16588]  ? futex_private_hash_put+0x18a/0x300
[  787.533135][T16588]  futex_wait+0xe8/0x380
[  787.533155][T16588]  ? __pfx_futex_wait+0x10/0x10
[  787.533180][T16588]  ? debug_object_free+0x295/0x550
[  787.533204][T16588]  do_futex+0x229/0x350
[  787.533222][T16588]  ? __pfx_do_futex+0x10/0x10
[  787.533238][T16588]  ? __do_sys_futex_waitv+0x18f/0x2c0
[  787.533260][T16588]  __x64_sys_futex+0x1e0/0x4c0
[  787.533279][T16588]  ? __pfx___x64_sys_futex+0x10/0x10
[  787.533295][T16588]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  787.533325][T16588]  do_syscall_64+0xcd/0x490
[  787.533347][T16588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  787.533362][T16588] RIP: 0033:0x7f7d5bb8eb69
[  787.533374][T16588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  787.533388][T16588] RSP: 002b:00007f7d5ca2a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  787.533402][T16588] RAX: ffffffffffffffda RBX: 00007f7d5bdb6088 RCX: 00007f7d5bb8eb69
[  787.533412][T16588] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7d5bdb6088
[  787.533422][T16588] RBP: 00007f7d5bdb6080 R08: 0000000000000000 R09: 0000000000000000
[  787.533430][T16588] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7d5bdb608c
[  787.533439][T16588] R13: 0000000000000000 R14: 00007fffcbf98c30 R15: 00007fffcbf98d18
[  787.533456][T16588]  </TASK>
[  789.630323][   T30] audit: type=1800 audit(4294967327.860:24): pid=16603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2028" name="dbroot" dev="configfs" ino=50412 res=0 errno=0
[  790.162678][T16630] ubi0: attaching mtd0
[  790.183397][T16630] FAULT_INJECTION: forcing a failure.
[  790.183397][T16630] name failslab, interval 1, probability 0, space 0, times 0
[  790.249306][T16630] CPU: 1 UID: 0 PID: 16630 Comm: syz.0.2039 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  790.249330][T16630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  790.249339][T16630] Call Trace:
[  790.249344][T16630]  <TASK>
[  790.249350][T16630]  dump_stack_lvl+0x16c/0x1f0
[  790.249376][T16630]  should_fail_ex+0x512/0x640
[  790.249391][T16630]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  790.249411][T16630]  should_failslab+0xc2/0x120
[  790.249429][T16630]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  790.249447][T16630]  ? add_to_list+0xcc/0x5a0
[  790.249465][T16630]  add_to_list+0xcc/0x5a0
[  790.249485][T16630]  ? ubi_io_read_vid_hdr+0x2f9/0x7a0
[  790.249509][T16630]  ubi_attach+0x24bd/0x4bd0
[  790.249534][T16630]  ? __pfx_ubi_msg+0x10/0x10
[  790.249552][T16630]  ? __pfx_ubi_attach+0x10/0x10
[  790.249569][T16630]  ? ubi_attach_mtd_dev+0x155b/0x35d0
[  790.249585][T16630]  ? __vmalloc_node_noprof+0xad/0xf0
[  790.249606][T16630]  ? ubi_attach_mtd_dev+0x155b/0x35d0
[  790.249625][T16630]  ubi_attach_mtd_dev+0x15a7/0x35d0
[  790.249651][T16630]  ? __pfx_ubi_attach_mtd_dev+0x10/0x10
[  790.249667][T16630]  ? __pfx_get_mtd_device+0x10/0x10
[  790.249694][T16630]  ctrl_cdev_ioctl+0x337/0x3d0
[  790.249711][T16630]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  790.249733][T16630]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  790.249750][T16630]  __x64_sys_ioctl+0x18b/0x210
[  790.249773][T16630]  do_syscall_64+0xcd/0x490
[  790.249801][T16630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.249817][T16630] RIP: 0033:0x7f926738eb69
[  790.249829][T16630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  790.249843][T16630] RSP: 002b:00007f92681ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  790.249858][T16630] RAX: ffffffffffffffda RBX: 00007f92675b5fa0 RCX: 00007f926738eb69
[  790.249867][T16630] RDX: 0000200000000080 RSI: 0000000040186f40 RDI: 0000000000000006
[  790.249877][T16630] RBP: 00007f9267411df1 R08: 0000000000000000 R09: 0000000000000000
[  790.249889][T16630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  790.249897][T16630] R13: 0000000000000000 R14: 00007f92675b5fa0 R15: 00007ffc91d273b8
[  790.249915][T16630]  </TASK>
[  790.475880][    C1] vkms_vblank_simulate: vblank timer overrun
[  791.087663][T16630] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -12
[  792.085187][T16655] FAULT_INJECTION: forcing a failure.
[  792.085187][T16655] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  792.170255][T16655] CPU: 1 UID: 0 PID: 16655 Comm: syz.1.2046 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  792.170280][T16655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  792.170289][T16655] Call Trace:
[  792.170294][T16655]  <TASK>
[  792.170300][T16655]  dump_stack_lvl+0x16c/0x1f0
[  792.170327][T16655]  should_fail_ex+0x512/0x640
[  792.170343][T16655]  should_fail_alloc_page+0xe7/0x130
[  792.170364][T16655]  prepare_alloc_pages+0x3c2/0x610
[  792.170385][T16655]  ? rcu_is_watching+0x12/0xc0
[  792.170402][T16655]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  792.170419][T16655]  ? kmem_cache_alloc_lru_noprof+0x223/0x3b0
[  792.170435][T16655]  ? find_held_lock+0x2b/0x80
[  792.170447][T16655]  ? xas_alloc+0x34f/0x460
[  792.170474][T16655]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  792.170492][T16655]  ? __lock_acquire+0x62e/0x1ce0
[  792.170518][T16655]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  792.170539][T16655]  ? policy_nodemask+0xea/0x4e0
[  792.170558][T16655]  alloc_pages_mpol+0x1fb/0x550
[  792.170576][T16655]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  792.170595][T16655]  ? find_held_lock+0x2b/0x80
[  792.170610][T16655]  alloc_pages_noprof+0x131/0x390
[  792.170627][T16655]  ? brd_submit_bio+0x92c/0x1180
[  792.170644][T16655]  brd_submit_bio+0x942/0x1180
[  792.170667][T16655]  __submit_bio+0x301/0x690
[  792.170687][T16655]  ? __pfx___submit_bio+0x10/0x10
[  792.170715][T16655]  ? submit_bio_noacct_nocheck+0x852/0xd30
[  792.170734][T16655]  submit_bio_noacct_nocheck+0x852/0xd30
[  792.170756][T16655]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  792.170778][T16655]  ? __pfx___might_resched+0x10/0x10
[  792.170796][T16655]  submit_bio_noacct+0xb49/0x1eb0
[  792.170819][T16655]  blkdev_direct_IO+0x163f/0x1fe0
[  792.170848][T16655]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  792.170871][T16655]  ? filemap_check_errors+0xa9/0x160
[  792.170897][T16655]  blkdev_write_iter+0x703/0xe00
[  792.170929][T16655]  vfs_write+0x6c7/0x1150
[  792.170947][T16655]  ? __pfx_blkdev_write_iter+0x10/0x10
[  792.170971][T16655]  ? __pfx_vfs_write+0x10/0x10
[  792.170985][T16655]  ? find_held_lock+0x2b/0x80
[  792.171009][T16655]  ksys_write+0x12a/0x250
[  792.171024][T16655]  ? __pfx_ksys_write+0x10/0x10
[  792.171045][T16655]  do_syscall_64+0xcd/0x490
[  792.171067][T16655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  792.171081][T16655] RIP: 0033:0x7f011f18eb69
[  792.171093][T16655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  792.171107][T16655] RSP: 002b:00007f011ffcf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  792.171122][T16655] RAX: ffffffffffffffda RBX: 00007f011f3b5fa0 RCX: 00007f011f18eb69
[  792.171131][T16655] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  792.171139][T16655] RBP: 00007f011f211df1 R08: 0000000000000000 R09: 0000000000000000
[  792.171148][T16655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  792.171156][T16655] R13: 0000000000000000 R14: 00007f011f3b5fa0 R15: 00007fffe8eadfa8
[  792.171174][T16655]  </TASK>
[  792.474206][    C1] vkms_vblank_simulate: vblank timer overrun
[  796.868861][T16733] [U]  
[  796.871666][T16733] [U] 
[  796.874350][T16733] [U] 
[  796.877032][T16733] [U] 
[  796.994880][T16733] [U] 
[  796.997623][T16733] [U] 
[  797.000617][T16733] [U] 
[  797.003293][T16733] [U] 
[  797.124850][T16733] [U] 
[  797.127566][T16733] [U] 
[  797.130245][T16733] [U] 
[  797.132915][T16733] [U] 
[  797.264574][T16733] [U] 
[  797.267287][T16733] [U] 
[  797.269988][T16733] [U] 
[  797.272765][T16733] [U] 
[  797.434411][T16733] [U] 
[  797.437133][T16733] [U] 
[  797.439859][T16733] [U] 
[  797.442554][T16733] [U] 
[  797.574044][T16733] [U] 
[  797.791922][T16754] ==================================================================
[  797.800003][T16754] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0
[  797.807714][T16754] Read of size 8 at addr ffff888140ec8018 by task syz.0.2070/16754
[  797.815585][T16754] 
[  797.817900][T16754] CPU: 1 UID: 0 PID: 16754 Comm: syz.0.2070 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  797.817921][T16754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  797.817931][T16754] Call Trace:
[  797.817939][T16754]  <TASK>
[  797.817945][T16754]  dump_stack_lvl+0x116/0x1f0
[  797.817970][T16754]  print_report+0xcd/0x630
[  797.817988][T16754]  ? __virt_addr_valid+0x81/0x610
[  797.818006][T16754]  ? __phys_addr+0xe8/0x180
[  797.818023][T16754]  ? dvb_device_open+0x36a/0x3b0
[  797.818036][T16754]  kasan_report+0xe0/0x110
[  797.818053][T16754]  ? dvb_device_open+0x36a/0x3b0
[  797.818067][T16754]  ? __pfx_dvb_device_open+0x10/0x10
[  797.818079][T16754]  dvb_device_open+0x36a/0x3b0
[  797.818097][T16754]  ? __pfx_dvb_device_open+0x10/0x10
[  797.818109][T16754]  chrdev_open+0x231/0x6a0
[  797.818127][T16754]  ? __pfx_apparmor_file_open+0x10/0x10
[  797.818143][T16754]  ? __pfx_chrdev_open+0x10/0x10
[  797.818160][T16754]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  797.818176][T16754]  do_dentry_open+0x982/0x1530
[  797.818193][T16754]  ? __pfx_chrdev_open+0x10/0x10
[  797.818211][T16754]  vfs_open+0x82/0x3f0
[  797.818231][T16754]  path_openat+0x1de4/0x2cb0
[  797.818249][T16754]  ? __pfx_path_openat+0x10/0x10
[  797.818266][T16754]  do_filp_open+0x20b/0x470
[  797.818281][T16754]  ? __pfx_do_filp_open+0x10/0x10
[  797.818302][T16754]  ? alloc_fd+0x471/0x7d0
[  797.818318][T16754]  do_sys_openat2+0x11b/0x1d0
[  797.818337][T16754]  ? __pfx_do_sys_openat2+0x10/0x10
[  797.818357][T16754]  ? __pfx_do_sys_openat2+0x10/0x10
[  797.818377][T16754]  ? __pfx___might_resched+0x10/0x10
[  797.818393][T16754]  __x64_sys_openat+0x174/0x210
[  797.818413][T16754]  ? __pfx___x64_sys_openat+0x10/0x10
[  797.818436][T16754]  do_syscall_64+0xcd/0x490
[  797.818458][T16754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  797.818473][T16754] RIP: 0033:0x7f926738eb69
[  797.818485][T16754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  797.818499][T16754] RSP: 002b:00007f92681ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  797.818513][T16754] RAX: ffffffffffffffda RBX: 00007f92675b5fa0 RCX: 00007f926738eb69
[  797.818523][T16754] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  797.818533][T16754] RBP: 00007f9267411df1 R08: 0000000000000000 R09: 0000000000000000
[  797.818542][T16754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  797.818551][T16754] R13: 0000000000000000 R14: 00007f92675b5fa0 R15: 00007ffc91d273b8
[  797.818566][T16754]  </TASK>
[  797.818571][T16754] 
[  798.072039][T16754] Allocated by task 1:
[  798.076184][T16754]  kasan_save_stack+0x33/0x60
[  798.080853][T16754]  kasan_save_track+0x14/0x30
[  798.085511][T16754]  __kasan_kmalloc+0xaa/0xb0
[  798.090140][T16754]  dvb_register_device+0x1e4/0x2370
[  798.095498][T16754]  dvb_register_frontend+0x5a6/0x880
[  798.100869][T16754]  vidtv_bridge_probe+0x459/0xa90
[  798.105887][T16754]  platform_probe+0x106/0x1d0
[  798.110581][T16754]  really_probe+0x23e/0xa90
[  798.115088][T16754]  __driver_probe_device+0x1de/0x440
[  798.120448][T16754]  driver_probe_device+0x4c/0x1b0
[  798.125542][T16754]  __driver_attach+0x283/0x580
[  798.130294][T16754]  bus_for_each_dev+0x13b/0x1d0
[  798.135127][T16754]  bus_add_driver+0x2e9/0x690
[  798.139786][T16754]  driver_register+0x15c/0x4b0
[  798.144530][T16754]  vidtv_bridge_init+0x45/0x80
[  798.149280][T16754]  do_one_initcall+0x120/0x6e0
[  798.154151][T16754]  kernel_init_freeable+0x5c2/0x900
[  798.159355][T16754]  kernel_init+0x1c/0x2b0
[  798.163694][T16754]  ret_from_fork+0x5d4/0x6f0
[  798.168295][T16754]  ret_from_fork_asm+0x1a/0x30
[  798.173499][T16754] 
[  798.175897][T16754] Freed by task 16359:
[  798.179943][T16754]  kasan_save_stack+0x33/0x60
[  798.184704][T16754]  kasan_save_track+0x14/0x30
[  798.189379][T16754]  kasan_save_free_info+0x3b/0x60
[  798.194408][T16754]  __kasan_slab_free+0x51/0x70
[  798.199284][T16754]  kfree+0x2b4/0x4d0
[  798.203170][T16754]  dvb_device_put.part.0+0x60/0x90
[  798.208365][T16754]  dvb_device_open+0x2a4/0x3b0
[  798.213108][T16754]  chrdev_open+0x231/0x6a0
[  798.217519][T16754]  do_dentry_open+0x982/0x1530
[  798.222279][T16754]  vfs_open+0x82/0x3f0
[  798.226450][T16754]  path_openat+0x1de4/0x2cb0
[  798.231147][T16754]  do_filp_open+0x20b/0x470
[  798.235649][T16754]  do_sys_openat2+0x11b/0x1d0
[  798.240320][T16754]  __x64_sys_openat+0x174/0x210
[  798.245180][T16754]  do_syscall_64+0xcd/0x490
[  798.249675][T16754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  798.255560][T16754] 
[  798.257877][T16754] The buggy address belongs to the object at ffff888140ec8000
[  798.257877][T16754]  which belongs to the cache kmalloc-256 of size 256
[  798.272186][T16754] The buggy address is located 24 bytes inside of
[  798.272186][T16754]  freed 256-byte region [ffff888140ec8000, ffff888140ec8100)
[  798.286072][T16754] 
[  798.288491][T16754] The buggy address belongs to the physical page:
[  798.294885][T16754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888140ec8000 pfn:0x140ec8
[  798.305134][T16754] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  798.313633][T16754] flags: 0x57ff00000000240(workingset|head|node=1|zone=2|lastcpupid=0x7ff)
[  798.322220][T16754] page_type: f5(slab)
[  798.326280][T16754] raw: 057ff00000000240 ffff88801b841b40 ffff888140400708 ffffea0005327f90
[  798.334938][T16754] raw: ffff888140ec8000 000000000010000f 00000000f5000000 0000000000000000
[  798.343529][T16754] head: 057ff00000000240 ffff88801b841b40 ffff888140400708 ffffea0005327f90
[  798.352196][T16754] head: ffff888140ec8000 000000000010000f 00000000f5000000 0000000000000000
[  798.360910][T16754] head: 057ff00000000001 ffffea000503b201 00000000ffffffff 00000000ffffffff
[  798.369571][T16754] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  798.378237][T16754] page dumped because: kasan: bad access detected
[  798.384638][T16754] page_owner tracks the page as allocated
[  798.390419][T16754] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 19866030595, free_ts 0
[  798.410107][T16754]  post_alloc_hook+0x1c0/0x230
[  798.414871][T16754]  get_page_from_freelist+0x132b/0x38e0
[  798.420400][T16754]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  798.426279][T16754]  alloc_pages_mpol+0x1fb/0x550
[  798.431115][T16754]  new_slab+0x247/0x330
[  798.435267][T16754]  ___slab_alloc+0xcf2/0x1740
[  798.439920][T16754]  __slab_alloc.constprop.0+0x56/0xb0
[  798.445287][T16754]  __kmalloc_cache_noprof+0xfb/0x3e0
[  798.450838][T16754]  dvb_register_device+0x1e4/0x2370
[  798.456030][T16754]  dvb_register_frontend+0x5a6/0x880
[  798.461352][T16754]  vidtv_bridge_probe+0x459/0xa90
[  798.466367][T16754]  platform_probe+0x106/0x1d0
[  798.471052][T16754]  really_probe+0x23e/0xa90
[  798.475546][T16754]  __driver_probe_device+0x1de/0x440
[  798.480807][T16754]  driver_probe_device+0x4c/0x1b0
[  798.485816][T16754]  __driver_attach+0x283/0x580
[  798.490555][T16754] page_owner free stack trace missing
[  798.495986][T16754] 
[  798.498308][T16754] Memory state around the buggy address:
[  798.503914][T16754]  ffff888140ec7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  798.511973][T16754]  ffff888140ec7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  798.520013][T16754] >ffff888140ec8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  798.528050][T16754]                             ^
[  798.532892][T16754]  ffff888140ec8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  798.540945][T16754]  ffff888140ec8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  798.548988][T16754] ==================================================================
[  799.504802][T16754] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  799.512021][T16754] CPU: 1 UID: 0 PID: 16754 Comm: syz.0.2070 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  799.523750][T16754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  799.533809][T16754] Call Trace:
[  799.537081][T16754]  <TASK>
[  799.540006][T16754]  dump_stack_lvl+0x3d/0x1f0
[  799.544682][T16754]  vpanic+0x6a3/0x780
[  799.548673][T16754]  ? __pfx_vpanic+0x10/0x10
[  799.553180][T16754]  ? __pfx_vprintk_emit+0x10/0x10
[  799.558192][T16754]  ? dvb_device_open+0x36a/0x3b0
[  799.563126][T16754]  panic+0xca/0xd0
[  799.566861][T16754]  ? __pfx_panic+0x10/0x10
[  799.571291][T16754]  ? dvb_device_open+0x36a/0x3b0
[  799.576219][T16754]  ? preempt_schedule_common+0x44/0xc0
[  799.581847][T16754]  ? preempt_schedule_thunk+0x16/0x30
[  799.587299][T16754]  check_panic_on_warn+0xab/0xb0
[  799.592232][T16754]  end_report+0x107/0x170
[  799.596556][T16754]  kasan_report+0xee/0x110
[  799.600972][T16754]  ? dvb_device_open+0x36a/0x3b0
[  799.605919][T16754]  ? __pfx_dvb_device_open+0x10/0x10
[  799.611234][T16754]  dvb_device_open+0x36a/0x3b0
[  799.616116][T16754]  ? __pfx_dvb_device_open+0x10/0x10
[  799.621421][T16754]  chrdev_open+0x231/0x6a0
[  799.625872][T16754]  ? __pfx_apparmor_file_open+0x10/0x10
[  799.631445][T16754]  ? __pfx_chrdev_open+0x10/0x10
[  799.636493][T16754]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  799.642897][T16754]  do_dentry_open+0x982/0x1530
[  799.647684][T16754]  ? __pfx_chrdev_open+0x10/0x10
[  799.652706][T16754]  vfs_open+0x82/0x3f0
[  799.656775][T16754]  path_openat+0x1de4/0x2cb0
[  799.661439][T16754]  ? __pfx_path_openat+0x10/0x10
[  799.666406][T16754]  do_filp_open+0x20b/0x470
[  799.670911][T16754]  ? __pfx_do_filp_open+0x10/0x10
[  799.676006][T16754]  ? alloc_fd+0x471/0x7d0
[  799.680373][T16754]  do_sys_openat2+0x11b/0x1d0
[  799.685170][T16754]  ? __pfx_do_sys_openat2+0x10/0x10
[  799.690383][T16754]  ? __pfx_do_sys_openat2+0x10/0x10
[  799.695685][T16754]  ? __pfx___might_resched+0x10/0x10
[  799.700974][T16754]  __x64_sys_openat+0x174/0x210
[  799.705846][T16754]  ? __pfx___x64_sys_openat+0x10/0x10
[  799.711496][T16754]  do_syscall_64+0xcd/0x490
[  799.716017][T16754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  799.721980][T16754] RIP: 0033:0x7f926738eb69
[  799.726386][T16754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  799.746025][T16754] RSP: 002b:00007f92681ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  799.754692][T16754] RAX: ffffffffffffffda RBX: 00007f92675b5fa0 RCX: 00007f926738eb69
[  799.762727][T16754] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  799.770698][T16754] RBP: 00007f9267411df1 R08: 0000000000000000 R09: 0000000000000000
[  799.778670][T16754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  799.786623][T16754] R13: 0000000000000000 R14: 00007f92675b5fa0 R15: 00007ffc91d273b8
[  799.794583][T16754]  </TASK>
[  799.797651][T16754] Kernel Offset: disabled
[  799.802066][T16754] Rebooting in 86400 seconds..