last executing test programs:

9.776111429s ago: executing program 1 (id=985):
fadvise64$auto_POSIX_FADV_RANDOM(0xffffffffffffffff, 0x8, 0x1, 0x1)
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0)
openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000600)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x103041, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xf, 0x3, 0x2)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x2, 0x2, 0x0)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x50b880, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x62c, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
statmount$auto(0x0, &(0x7f0000000180)={0x7d5, 0x1, 0x401bf, 0x7352, 0x3f, 0x8000, 0x1ffde, 0x7, 0x2, 0x4, 0x9, 0x3, 0x5, 0x8, 0x3000, 0x9, 0x6, 0x10002, 0x80, 0x400, 0x0, 0x7, 0x1ffc, 0x8203, 0x400, 0x84, 0x0, 0x0, 0x0, 0x5, 0x0, [0xffffffffffffffff, 0x0, 0x0, 0x1000000000000000, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x5]}, 0x1fe, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x20048810}, 0x40000)
mmap$auto(0x5, 0x2000b, 0xe2, 0xeb1, 0x405, 0x7ffb)
r3 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0xfe, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
select$auto(0x4, 0x0, 0x0, &(0x7f00000002c0)={[0x1fb, 0x6d4, 0xd, 0x1, 0x6, 0x10000003, 0x15f4da0a, 0x5, 0x3, 0x3, 0x400000208000001e, 0x1000, 0x6d3c, 0x9, 0xffffffffffffffff, 0x6]}, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/cmdline\x00', 0x481, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan1\x00'})
mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002)
socket(0x11, 0x6, 0x5)
close_range$auto(0x2, 0x8, 0x0)
waitid$auto_P_ALL(0x0, 0x468e, &(0x7f00000001c0)={@siginfo_0_0={0x7, 0x4, 0x309, @_rt={<r4=>0x0, 0x0, @sival_ptr=&(0x7f00000000c0)="361da6425979f321f15c64a6f5fa0b6cba1f0e4285504a768d83e5b21be75dd346782ab711f42ffe91741f05e24e30be16bbe7ac358ec9c81c091f1f8538451b6f89c6fbc4edbf8b0a309e31b55bc7f04f5f7a39aaee1b9943cd809e753b48adfca1b8"}}}, 0x3, &(0x7f0000000340)={{0x8, 0x5}, {0x7, 0xffe}, 0x7, 0x1af, 0xfffffffffffffffa, 0x2, 0xfffffffffffff5a2, 0x5, 0x402, 0x2, 0xe6, 0x8, 0x4e6033bf, 0x6, 0x101, 0x8})
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/fib_trie\x00', 0x0, 0x0)
pread64$auto(r5, 0x0, 0x8, 0x7fff)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000440)={{@inferred=r4, 0x80, 0x3, 0x1, "977d648a0881449f3ce8ba5b483e904dfacb519a28d0b90b462bf9ad3e3c7e488826dc0852829cf353806ac4"}, 0x0, 0x7, 0x4, @raw=0x9, @integer={0x5, 0xfffffffffffffff4, 0x4}, "b957b0168b84987d4211529b4bf24c25c2a1e7c1cbcff5c254d7954a4ffb435e9426e9c83a87cd49439334e9a0bf167595e50bfb2200e43a76fd8e68ce7be399"})
getsockopt$auto_SO_TXREHASH(r0, 0x7, 0x4a, &(0x7f0000000580)='/dev/snd/midiC2D0\x00', &(0x7f00000005c0)=0x8)

8.356553011s ago: executing program 1 (id=988):
r0 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/kvm/mmu_pde_zapped\x00', 0x2100, 0x0)
read$auto_stat_fops_per_vm_kvm_main(r0, 0x0, 0x0)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x1001, 0x24, 0x1, 0xffffffffffffffff, 0x0, 0x5}, 0x4f4)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x5)
ioctl$auto_VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000000)={0x6})
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
socket(0xf, 0x3, 0x2)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = socket(0x2, 0x2, 0x0)
r5 = socket(0x10, 0x3, 0xa)
sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x24, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x5, 0xb}}, @NL80211_ATTR_MDID={0x6, 0xb1, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, 0x0, 0x20c01, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3d, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x800001ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0x69a, 0x6, 0x3, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, r4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan1\x00'})
mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002)
socket(0xa, 0x5, 0x8)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002b80)='/dev/snd/pcmC1D1p\x00', 0x2205, 0x0)
ioctl$auto_SOUND_MIXER_READ_DEVMASK2(0xffffffffffffffff, 0x80044dfe, &(0x7f0000000040))
unshare$auto(0x40000080)

6.300947256s ago: executing program 0 (id=992):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0xff, 0x2, 0x9}, 0x9, 0x0)
landlock_restrict_self$auto(r0, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x10, 0x2, 0xc)
socket(0xa, 0x801, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@generic={0xa, "ab040200ff00f7f500"}, 0x6)
close_range$auto(0x0, 0xfffff004, 0x2)
socket(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0xa, 0x2, 0x88)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bond0\x00', <r4=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x8, 0xff, r1, @relative_fd, 0xe600}, 0xf)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x1}, 0x4)
bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xb)

6.109461475s ago: executing program 0 (id=993):
r0 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0)
read$auto(r1, 0x0, 0x9)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto(r2, 0x2282, r2)

5.243237114s ago: executing program 0 (id=995):
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$auto_OSS_GETVERSION2(r1, 0x80044d76, &(0x7f0000000080)="ff7b2e9de77548a04aa8ebc6582e143be134af4dfbf51b1c84d89f3675b1fd4b3378b4375d6da8")
setresuid$auto(0xffffffffffffffff, 0x0, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004)
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0x0, 0x200007, 0x19)
personality$auto(0x9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x51, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002dbd7000f9dbdf2501000000060002000100000005000700570000000800090108000000050004000300000014001f00fe88000000000000000000000000000114002000ff010000000000000000000000000001"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
move_pages$auto(0x0, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
write$auto(r2, &(0x7f0000000040)='S\x00\x00\x00\xfc\xff\xff\xff', 0x8587)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/ip_mr_cache\x00', 0x0, 0x0)

5.231386642s ago: executing program 2 (id=997):
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmstat\x00', 0x20000, 0x0)
pread64$auto(r0, &(0x7f0000000040)='/proc/scsi/sg/devices\x00', 0x100000001, 0x100)

5.043854162s ago: executing program 1 (id=999):
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
madvise$auto(0x0, 0xffffffffffff0006, 0x55)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f0000000380)=@in={0x2, 0x4e23, @broadcast}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/i8042/serio1/rate\x00', 0x2, 0x0)
read$auto(0x3, 0x0, 0xfffffdef)
write$auto(0x3, 0x0, 0xfdef)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
setsockopt$auto(0x3, 0x6, 0x9, 0x0, 0xfb3)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8000, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0xd, 0xb979, 0x8000001f, 0x1000, 0x6d3d, 0xc, 0x2, 0x8]}, 0x0)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/snmp\x00', 0x60980, 0x0)
pread64$auto(r3, 0x0, 0x2, 0x8000)
openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, &(0x7f0000002440)='/sys/kernel/tracing/tracing_on\x00', 0x2, 0x0)
sendmsg$auto(r2, 0x0, 0x5)
select$auto(0x9, &(0x7f00000000c0)={[0x40, 0x7, 0xb, 0x9, 0x6, 0x1fc, 0x3, 0x3, 0x2, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb})
recvfrom$auto(0x3, 0x0, 0xc, 0x100, 0x0, 0xfffffffffffffffd)
write$auto(0x3, 0x0, 0xfffffdef)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a1842, 0x0)
unshare$auto(0x40000080)
sendmsg$auto_NFC_CMD_GET_DEVICE(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)={0x150, 0x0, 0x4, 0x70bd2d, 0x25dfdbfc, {}, [@NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x4}, @NFC_ATTR_DEVICE_POWERED={0x5, 0xc, 0xff}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1482}, @NFC_ATTR_VENDOR_DATA={0x101, 0x1f, "3e3fe36d2345c4a020a978d05c864042975f4eb9e314243e49d7e98adb21c07b702a4b5d172d64253010602703b76d4ad5a4ef0a65b8b595c314c263f23bf62adaae34fb3e709d2f5dfaf9f77ed1cc0ba0215d7b170a39ab66e1ef0b72f41da7341218461f5d028d826e0dcd1fafd700943c344cfad1b65649cda9ea2667c440759f936c60abdb555eb86c93e8cd4981386b86f415daede1c8af855bb00e00afa1437cb3d72420b6bae18e9691dc8621e1f1330952ea61dea3c66dbb782cdfff01b92929a972c395317754ba9e76a09759828d5a54784dd4df1639a729670d024b50095daabf3d4da5e98511c45bd0217a9936077aebaca627c49a4ca2"}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, 0x1000}, @NFC_ATTR_LLC_PARAM_RW={0x5}, @NFC_ATTR_FIRMWARE_NAME={0xe, 0x14, '/dev/vmci\x00'}]}, 0x150}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(r0, &(0x7f0000000240)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x841}, 0x200000c0)

4.894715511s ago: executing program 2 (id=1000):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r0, 0x5608, 0x7)

4.488948239s ago: executing program 2 (id=1001):
bpf$auto(0x5, &(0x7f0000001100)=@bpf_attr_7={@start_id=0x1, 0x4, 0xf}, 0x8)

4.147943581s ago: executing program 2 (id=1003):
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyr0\x00', 0x60540, 0x0)
mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000)
socket(0x15, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/030/001\x00', 0x2901, 0x0)
prctl$auto_PR_SET_ENDIAN(0x14, 0x7, 0x6, 0x3, 0x5)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x11, 0x2, 0x73)
pipe2$auto(0x0, 0x0)
r0 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0)
write$auto_fuse_dev_operations_fuse_i(r0, &(0x7f0000000000)="1100000000000000001000000000000000", 0x11)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x801, 0x100)
socket(0x15, 0x5, 0x0)
mmap$auto(0x1, 0x32, 0x5, 0x410, r1, 0x6)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0)
sendfile$auto(r2, r2, 0x0, 0x10000800000003)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/notify_on_release\x00', 0x20000, 0x0)
pread64$auto(r3, 0x0, 0xb, 0x5c8)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x121940, 0x0)
io_uring_setup$auto(0x7e1b, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x5, 0x100000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0)

3.687345023s ago: executing program 1 (id=1005):
r0 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto(r1, 0x2282, r1)

2.840788885s ago: executing program 1 (id=1006):
r0 = socket(0x2, 0x801, 0x106)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55)
setreuid$auto(0x9, 0x1)
setrlimit$auto(0x6, &(0x7f0000000140)={0x0, 0x6})
clone$auto(0x9, 0x80000005, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x2)
write$auto(0x3, 0x0, 0xfdf3)
setsockopt$auto(r0, 0x6, 0x3, 0x0, 0xa1)

2.372377902s ago: executing program 2 (id=1007):
r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r1 = socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
write$auto(0x3, 0x0, 0xfdef)
read$auto(0x3, 0x0, 0x1f40)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000001c0)=0x6)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x3, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
fcntl$auto_F_NOTIFY(r1, 0x402, 0x8)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x101, 0x8000, 0x3fa, 0x200000401, 0x1000008000)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x23, 0x5, 0x2009, 0x0, 0x0)
r2 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/numa_maps\x00', 0x20000, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
ioctl$auto_TCFLSH2(r3, 0x80045439, 0x0)
ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0)
read$auto_proc_sessionid_operations_base(r2, &(0x7f00000000c0)=""/4073, 0xfe9)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/nr4/statistics/tx_window_errors\x00', 0x40000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000040)=""/195, 0xc3)
r5 = mq_open$auto(&(0x7f00000010c0)='\x1c*)A PH\xfd\xb4F\xd5\xa4z\xed<\\\x9a\x1e8\x88g \xbe\xe9:\f?\x1a\x11\xbf\x14\xf8jk\x18\x98\xe1[c\xf8\x17%\xdc!\x00*\xaeN\xa3y\xae\xd8q#\x06n\xbc\xd0k\xa7qx\x900\xe4\xaf\xae|\x05\xce\x00\xb8\x13\xd3W~\xa4b=\xcb\xf5q\xdd;\x9eQb\xda\xca\xaej\xd0\xf5\x8ac\xa0K\xb9@F;\xe5|8q\xd25\xc0\xb4\xdbk\x05l\xb2:$aB\xdcw;\xef:\x86\xae0e\xeb\xa0\x9c\x9b\x8e5/\x85\xb8\r\x87o\xbb\xbc,\x8d?w\x1fD\xbbW<\xae(3\vP@Z^]\xabp\x15\x04\xee\xc0k8\x97\x92\bw\x9f\xe0\xc6]\x93X\xc7HxXN\xc3\xa5gR\x00\xef\x9eY\x1a\xfc\x89B$\xb4\xd8\xe5=?qPl0{Miot\xbc\xba\xe1\xb6O2\xf2\x1e\x1em}vi\xcf\xa2\x9b\xe8\x93\x1e\xe8\xf3U!\xb9^)\nf\xdb\xe6\x84\xae{c\xd5)\xb8\xaf\xe0C\xb6\x0f\x14\x97\xd8\xc8O\xabV\x83\xce\x9d\xf6Az\xf1\x8f^\xd0\xe1A\xfa\xf2\x11O\xaa/\x82\tR\xa1\x04\xc7\xd4h\xccs\xfc\xa9I.\x19\xfb\xaaO\x06RnhE\xf1\xf9\x907\xda\x97\xa8rZKFKS\xfcu\xfe3\x1d\xd0hVg\xd8o\x9a\xed\xa6U\x9b\xb3\x81\a\x800\x84\x03D\x15Q\xd0\xe8\xd08\xf2\x9a\xe2e\xe4\xf4[\xcfN\xe4\xf1\xe04~\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x80, 0x9, 0x0)
mq_timedsend$auto(r5, 0x0, 0x2000, 0x2, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f00000014c0)={0x3, 0x3000005, 0x1, 0xffffffff, 0xfffffffc})
mkdir$auto(&(0x7f0000000080)='./cgroup.cpu/cpuset.cpus\x00', 0x2)

2.371729852s ago: executing program 3 (id=1008):
bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_4={0x800000000012, 0x4, 0x80000001, 0x8}, 0x6f4)
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
madvise$auto(0x0, 0xffffffffffff0006, 0x17)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$dir(0xffffffffffffff9c, 0x0, 0x34d000, 0x48)
bind$auto(0x3, 0x0, 0x6a)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x1000, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0)
sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb})
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
write$auto(0x3, 0x0, 0xfffffdef)
ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x2, 0x0)
unshare$auto(0x40000080)
socket(0xa, 0x1, 0x100)
r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x60d80, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/fib_trie\x00', 0x0, 0x0)
socket(0xa, 0x3, 0x3b)

2.159253845s ago: executing program 1 (id=1009):
bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_4={0x800000000012, 0x4, 0x80000001, 0x8}, 0x6f4)
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
madvise$auto(0x0, 0xffffffffffff0006, 0x17)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$dir(0xffffffffffffff9c, 0x0, 0x34d000, 0x48)
bind$auto(0x3, 0x0, 0x6a)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x1000, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0)
sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb})
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
write$auto(0x3, 0x0, 0xfffffdef)
ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x2, 0x0)
unshare$auto(0x40000080)
socket(0xa, 0x1, 0x100)
r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x60d80, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/fib_trie\x00', 0x0, 0x0)
socket(0xa, 0x3, 0x3b)

1.240480933s ago: executing program 0 (id=1010):
ioctl$auto(0xffffffffffffffff, 0x5608, 0x7)

1.16532701s ago: executing program 3 (id=1011):
bpf$auto(0x5, &(0x7f0000001100)=@bpf_attr_7={@start_id=0x1, 0x4, 0xf}, 0x8)

934.319809ms ago: executing program 3 (id=1012):
pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9)

636.953739ms ago: executing program 3 (id=1013):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0xff, 0x2, 0x9}, 0x9, 0x0)
landlock_restrict_self$auto(r0, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x10, 0x2, 0xc)
socket(0xa, 0x801, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@generic={0xa, "ab040200ff00f7f500"}, 0x6)
mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000)
socket(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0xa, 0x2, 0x88)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bond0\x00', <r4=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x8, 0xff, r1, @relative_fd, 0xe600}, 0xf)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x1}, 0x4)
bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xb)

593.184673ms ago: executing program 0 (id=1015):
r0 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto(r1, 0x2282, r1)

445.448747ms ago: executing program 2 (id=1016):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r0, 0x5607, 0x7) (fail_nth: 1)

339.791389ms ago: executing program 3 (id=1017):
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/mm/hugepages/hugepages-1048576kB/demote_size\x00', 0x102, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty12\x00', 0x800, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x40342, 0x22)
utimensat$auto(r1, &(0x7f0000000040)='\x00', &(0x7f0000000080)={0x22, 0x8000003fffffff}, 0x1000)
r2 = inotify_init1$auto(0x7fff)
r3 = socket(0x2, 0x80002, 0x73)
connect$auto(r3, &(0x7f0000000080)=@in={0x2, 0x4, @dev={0xac, 0x14, 0x14, 0x15}}, 0x54)
readv$auto(r2, &(0x7f0000000080)={&(0x7f0000000000), 0x4}, 0xffffffffffffffff)
ioctl$auto(r0, 0x5607, 0x7)

265.45711ms ago: executing program 0 (id=1018):
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x6, 0x62, 0x80000000, 0x9, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mlockall$auto(0x5)
rt_sigprocmask$auto(0x6, &(0x7f0000000080)={0x6}, 0xffffffffffffffff, 0x8)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x2})
ioctl$auto_SNDRV_RAWMIDI_IOCTL_DROP(r2, 0x40045730, &(0x7f0000000040)=0x8)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000001780)='/dev/sda\x00', 0x22200, 0x0)
ioctl$auto_IOC_PR_RESERVE(r3, 0x401070c9, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x3ff, 0x5710, 0x4, 0xffffffffffff1abc, r0, 0x400)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x3, 0x87)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "00800000ffafff00"}, 0x55)
setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x3)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
unshare$auto(0x4)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
socket(0x11, 0xa, 0x300)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x400, 0x7)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)

0s ago: executing program 3 (id=1019):
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/irq/2/wakeup\x00', 0x80000, 0x0)
sendfile$auto(0xffffffffffffffff, r0, 0x0, 0x100000003)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x0, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r1, 0x4c06, 0x0)

kernel console output (not intermixed with test programs):

MPT(full) 
[  113.571319][ T5936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  113.571345][ T5936] Call Trace:
[  113.571356][ T5936]  <TASK>
[  113.571369][ T5936]  dump_stack_lvl+0x16c/0x1f0
[  113.571432][ T5936]  should_fail_ex+0x512/0x640
[  113.571463][ T5936]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  113.571501][ T5936]  should_failslab+0xc2/0x120
[  113.571546][ T5936]  __kmalloc_cache_noprof+0x6a/0x3e0
[  113.571579][ T5936]  ? alloc_ucounts+0x13d/0x440
[  113.571637][ T5936]  alloc_ucounts+0x13d/0x440
[  113.571679][ T5936]  ? __pfx_alloc_ucounts+0x10/0x10
[  113.571734][ T5936]  set_cred_ucounts+0xcd/0x200
[  113.571792][ T5936]  __sys_setuid+0x2b6/0x440
[  113.571831][ T5936]  do_syscall_64+0xcd/0x490
[  113.571884][ T5936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.571918][ T5936] RIP: 0033:0x7f9d8d38eb69
[  113.571945][ T5936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.571977][ T5936] RSP: 002b:00007f9d8e1bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000069
[  113.572008][ T5936] RAX: ffffffffffffffda RBX: 00007f9d8d5b5fa0 RCX: 00007f9d8d38eb69
[  113.572030][ T5936] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e
[  113.572050][ T5936] RBP: 00007f9d8d411df1 R08: 0000000000000000 R09: 0000000000000000
[  113.572070][ T5936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  113.572088][ T5936] R13: 0000000000000000 R14: 00007f9d8d5b5fa0 R15: 00007fffc3268b88
[  113.572130][ T5936]  </TASK>
[  113.766286][   T59] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.779667][   T59] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.803607][ T1166] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.811984][ T1166] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.858687][   T59] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.886827][   T59] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.991102][ T1166] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.027421][ T1166] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.066861][ T1166] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.109089][ T1166] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.254619][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.294110][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.369819][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.378246][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.599372][ T1166] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.640199][ T1166] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.959628][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  115.067814][ T5850] Bluetooth: hci1: command tx timeout
[  115.076188][ T5850] Bluetooth: hci2: command tx timeout
[  115.083267][ T5852] Bluetooth: hci0: command tx timeout
[  115.083428][ T5850] Bluetooth: hci3: command tx timeout
[  115.335306][ T5938] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6'.
[  115.359836][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  115.369970][    T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!!
[  115.389461][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  115.451187][ T5938] bond_slave_1: entered allmulticast mode
[  115.458075][ T5938] Zero length message leads to an empty skb
[  115.536021][ T5958] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7'.
[  115.666313][ T5948] sctp: failed to load transform for md5: -2
[  115.709888][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  116.218083][ T5968] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  116.386823][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  116.488837][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  116.731044][ T5979] process 'syz.0.10' launched ':,' with NULL argv: empty string added
[  117.233363][ T5984] FAULT_INJECTION: forcing a failure.
[  117.233363][ T5984] name failslab, interval 1, probability 0, space 0, times 0
[  117.309260][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  117.332004][ T5984] CPU: 1 UID: 8 PID: 5984 Comm: syz.3.11 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  117.332049][ T5984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  117.332067][ T5984] Call Trace:
[  117.332077][ T5984]  <TASK>
[  117.332089][ T5984]  dump_stack_lvl+0x16c/0x1f0
[  117.332140][ T5984]  should_fail_ex+0x512/0x640
[  117.332168][ T5984]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  117.332212][ T5984]  should_failslab+0xc2/0x120
[  117.332259][ T5984]  __kmalloc_cache_noprof+0x6a/0x3e0
[  117.332293][ T5984]  ? ip_vs_est_add_kthread+0x1d5/0x850
[  117.332351][ T5984]  ip_vs_est_add_kthread+0x1d5/0x850
[  117.332411][ T5984]  ip_vs_start_estimator+0x250/0x430
[  117.332466][ T5984]  ip_vs_control_net_init+0x158c/0x1d20
[  117.332523][ T5984]  __ip_vs_init+0x217/0x520
[  117.332565][ T5984]  ? __pfx___ip_vs_init+0x10/0x10
[  117.332598][ T5984]  ops_init+0x1e2/0x5f0
[  117.332649][ T5984]  setup_net+0x10f/0x380
[  117.332690][ T5984]  ? lockdep_init_map_type+0x5c/0x280
[  117.332734][ T5984]  ? __pfx_setup_net+0x10/0x10
[  117.332783][ T5984]  ? debug_mutex_init+0x37/0x70
[  117.332840][ T5984]  copy_net_ns+0x2a6/0x5f0
[  117.332873][ T5984]  create_new_namespaces+0x3ea/0xa90
[  117.332920][ T5984]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  117.332961][ T5984]  ksys_unshare+0x45b/0xa40
[  117.333006][ T5984]  ? __pfx_ksys_unshare+0x10/0x10
[  117.333061][ T5984]  ? syscall_user_dispatch+0x78/0x140
[  117.333120][ T5984]  __x64_sys_unshare+0x31/0x40
[  117.333163][ T5984]  do_syscall_64+0xcd/0x490
[  117.333213][ T5984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.333244][ T5984] RIP: 0033:0x7fc9a1b8eb69
[  117.333268][ T5984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.333307][ T5984] RSP: 002b:00007fc9a29e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  117.333338][ T5984] RAX: ffffffffffffffda RBX: 00007fc9a1db5fa0 RCX: 00007fc9a1b8eb69
[  117.333359][ T5984] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  117.333379][ T5984] RBP: 00007fc9a1c11df1 R08: 0000000000000000 R09: 0000000000000000
[  117.333399][ T5984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  117.333416][ T5984] R13: 0000000000000000 R14: 00007fc9a1db5fa0 R15: 00007ffd8b0dc9e8
[  117.333456][ T5984]  </TASK>
[  117.905063][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  118.229884][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  118.447063][ T5990] tty tty23: ldisc open failed (-12), clearing slot 22
[  118.493286][ T5991] ttyS ttyS2: ldisc open failed (-12), clearing slot 2
[  118.651612][ T6003] netlink: 28 bytes leftover after parsing attributes in process `syz.0.14'.
[  120.626723][ T6011] __vm_enough_memory: pid: 6011, comm: syz.1.15, bytes: 4398046511104 not enough memory for the allocation
[  121.303990][ T5850] Bluetooth: hci0: unexpected event 0x14 length: 440 > 6
[  121.680592][ T5850] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  121.688036][ T5850] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[  121.705482][ T5850] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  121.705555][ T5850] Bluetooth: hci2: adv larger than maximum supported
[  121.715515][ T5850] Bluetooth: hci2: Unknown advertising packet type: 0x7b
[  121.723211][ T5850] Bluetooth: hci2: Malformed LE Event: 0x0d
[  122.355778][ T6081] random: crng reseeded on system resumption
[  122.437019][ T6085] bcache: register_bcache() error : failed to open device
[  123.238449][ T6089] Restarting kernel threads ...
[  123.296075][ T6089] Done restarting kernel threads.
[  123.524908][ T6101] netlink: 354 bytes leftover after parsing attributes in process `syz.3.33'.
[  123.900640][ T6110] netlink: 16 bytes leftover after parsing attributes in process `syz.2.34'.
[  124.952736][ T6130] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  125.430851][ T6146] netlink: 338 bytes leftover after parsing attributes in process `syz.1.40'.
[  125.477133][ T6147] netlink: 338 bytes leftover after parsing attributes in process `syz.1.40'.
[  128.120273][ T6196] syz.3.46(6196): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  129.280078][ T6171] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  130.683332][ T6244] FAULT_INJECTION: forcing a failure.
[  130.683332][ T6244] name failslab, interval 1, probability 0, space 0, times 0
[  130.733035][ T6244] CPU: 1 UID: 0 PID: 6244 Comm: syz.2.55 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  130.733080][ T6244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  130.733099][ T6244] Call Trace:
[  130.733110][ T6244]  <TASK>
[  130.733121][ T6244]  dump_stack_lvl+0x16c/0x1f0
[  130.733178][ T6244]  should_fail_ex+0x512/0x640
[  130.733207][ T6244]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  130.733250][ T6244]  should_failslab+0xc2/0x120
[  130.733302][ T6244]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  130.733339][ T6244]  ? alloc_empty_file+0x55/0x1e0
[  130.733390][ T6244]  alloc_empty_file+0x55/0x1e0
[  130.733438][ T6244]  path_openat+0xda/0x2cb0
[  130.733470][ T6244]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.733518][ T6244]  ? __pfx_path_openat+0x10/0x10
[  130.733557][ T6244]  ? __lock_acquire+0xb8a/0x1c90
[  130.733603][ T6244]  do_filp_open+0x20b/0x470
[  130.733640][ T6244]  ? __pfx_do_filp_open+0x10/0x10
[  130.733706][ T6244]  ? alloc_fd+0x471/0x7d0
[  130.733750][ T6244]  do_sys_openat2+0x11b/0x1d0
[  130.733800][ T6244]  ? __pfx_do_sys_openat2+0x10/0x10
[  130.733865][ T6244]  __x64_sys_openat+0x174/0x210
[  130.733914][ T6244]  ? __pfx___x64_sys_openat+0x10/0x10
[  130.733981][ T6244]  do_syscall_64+0xcd/0x490
[  130.734033][ T6244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.734065][ T6244] RIP: 0033:0x7fdaee38eb69
[  130.734092][ T6244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.734121][ T6244] RSP: 002b:00007fdaef290038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  130.734149][ T6244] RAX: ffffffffffffffda RBX: 00007fdaee5b6080 RCX: 00007fdaee38eb69
[  130.734168][ T6244] RDX: 0000000000101e81 RSI: 0000200000000400 RDI: ffffffffffffff9c
[  130.734189][ T6244] RBP: 00007fdaee411df1 R08: 0000000000000000 R09: 0000000000000000
[  130.734208][ T6244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  130.734226][ T6244] R13: 0000000000000000 R14: 00007fdaee5b6080 R15: 00007ffff9a66b18
[  130.734276][ T6244]  </TASK>
[  131.425857][ T6255] random: crng reseeded on system resumption
	

	
		


	

			

	


			
		


	

	
		
	
	

	

	

	
		
		
		


	
			
	

	
				

	
		

	


	
	

		
	
		
	

	



			








	




	





	

	

	

	
	

	

	






	













	

	
	
	
















	




	




		






		
		


	
	
	
	
	
	
	




	
				
	
	

	

	

	
		
	
	

	


	


	
	
	


	
		
	

	
		


	
	

	
	

		
	

	

	



	




		


		


















			
			

	




	
	


				










	





		



	


	
	










	












	
		
	
	
		

	
	

	






	










	




		































		









	
		
		

			



			



	


	
	
	
	


	
		
	
			

			


	

	
		

	



	



	

	

	

		
		
	
			

		
	



	
	




		


		





















	
	


				



	





































		









	
		
		

			



			


	
		

	


		

		
	
		
	

	



			








	



	





	






	

	
	







	




	




		







	

	
	
	

	
	
	

	
		

	
				
	
	



				
		
	
	
	

	
		
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

	


	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

	
		

	


	
	

		
	
		
	

	



			








	




	












	


	

		

		
	


		

		
			
			
		

	
	
	
	
	

	




	

	












	

	
	
















	






	







		










	

	

	
	

	
	

	
	

	
		

	


	
	

		
	
		
	

	



			








	




	





	

	

		

	
	
	

	

	


	

	
	

	
	

	
	

	
	
	

	






	




	





		






	
		
		

	



	




	
	


	
	

	
			

	


			

	
		

	


	
	

		
	
		
	

	



			








	

	
	



	




















	


	






	


	

	
	
	
	

	





	






	




	




		












	
		

	


		

		
	
		
	

	



			








	




	

	

	



	


	




	

	
	






	


	






	




	





		





	
	

	
	
	

	
		

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	

	
	

	


		
	


				



	
	
		
		



	
		

		

		
		

	
		

	


	
	

		
	
		
	

	



			








	




	





	

	

	

	
	
	

	
	










	
	

	










	
	






	






	







		









	

	
		






					


			




			





	

	
	
					
	




	
		

	


		

		
	
		
	

	



			








	




	



	


	




	






	






	







		








	
	

	
		

	


	
	

		
	
		
	

	



			








	


	

	



	
		

		

	
		

		

		
			
			
		

	
	
	
	
	

	




	

	












	

	
	
















	






	







		









	
	

	
		
		


		
	
		
	



				
		
	


			
		
	
	
		
	
	
		
		
	
		
	

	
	
		
	

	
	
			
	
	
		





	
	
	
	
	
	
	
	

	
		
		
	
	




	
				

	
		

	


	
	

		
	
		
	

	



			








	




	










	
		

	


	

	









	



	













	




	





		







		

		
		
	
		
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	



	

	
		

	
		
	

	
		
		
		


	
			
	

	
				
		
		



	
				
	
		
	
	
		
	
			
	
			
	

	
		
	

	
		

	


	


	
	
	


	
		
	
	
	
	
	
	
	
	
	

	
		
	

	
		
	

	
		
	

	
		
	

	
	

	
	
	



	

	

	
	
	
	

	
	
	
	
	
	

	
	
	

	


		
	
	
	
	
	
	
	
	

	
	
	
	
	
	
	
	



	
	

	

	
				
	
		


	
	
	
			
	
	

	

	
		

	


	
	

		
	
		
	

	



			








	




	





	

	

	
	
		
	
	


	























	





	





		





[  246.728274][ T8432] netlink: 'syz.1.472': attribute type 29 has an invalid length.
[  246.778202][ T8432] netlink: 'syz.1.472': attribute type 30 has an invalid length.
[  246.786662][ T8432] netlink: 'syz.1.472': attribute type 31 has an invalid length.
[  246.858383][ T8432] netlink: 'syz.1.472': attribute type 32 has an invalid length.
[  246.867136][ T8432] netlink: 'syz.1.472': attribute type 33 has an invalid length.
[  247.001383][ T8432] netlink: 'syz.1.472': attribute type 35 has an invalid length.
[  247.098455][ T8432] netlink: 'syz.1.472': attribute type 37 has an invalid length.
[  247.212500][ T8432] netlink: 18 bytes leftover after parsing attributes in process `syz.1.472'.
[  248.130407][ T8445] netlink: 8 bytes leftover after parsing attributes in process `syz.1.474'.
[  248.750341][ T8450] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000)
[  250.004435][ T8468] WARNING! power/level is deprecated; use power/control instead
[  258.201973][ T8562] netlink: 4 bytes leftover after parsing attributes in process `syz.2.500'.
[  259.618765][ T8585] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.504'.
[  260.318383][ T8571] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  260.517969][ T8603] netlink: 28 bytes leftover after parsing attributes in process `syz.2.505'.
[  260.561931][ T8603] veth1_macvtap: left promiscuous mode
[  260.700080][ T5852] Bluetooth: hci2: unexpected event 0x16 length: 440 > 6
[  261.270407][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  261.284775][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  262.778944][ T8671] netlink: 'syz.3.519': attribute type 2 has an invalid length.
[  264.619028][ T8702] FAULT_INJECTION: forcing a failure.
[  264.619028][ T8702] name failslab, interval 1, probability 0, space 0, times 0
[  264.676316][ T8702] CPU: 1 UID: 0 PID: 8702 Comm: syz.2.526 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  264.676363][ T8702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  264.676382][ T8702] Call Trace:
[  264.676392][ T8702]  <TASK>
[  264.676404][ T8702]  dump_stack_lvl+0x16c/0x1f0
[  264.676456][ T8702]  should_fail_ex+0x512/0x640
[  264.676487][ T8702]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  264.676529][ T8702]  should_failslab+0xc2/0x120
[  264.676570][ T8702]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  264.676607][ T8702]  ? security_file_alloc+0x34/0x2b0
[  264.676646][ T8702]  security_file_alloc+0x34/0x2b0
[  264.676677][ T8702]  init_file+0x93/0x4c0
[  264.676727][ T8702]  alloc_empty_file+0x73/0x1e0
[  264.676773][ T8702]  path_openat+0xda/0x2cb0
[  264.676807][ T8702]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.676857][ T8702]  ? __pfx_path_openat+0x10/0x10
[  264.676897][ T8702]  ? __lock_acquire+0xb8a/0x1c90
[  264.676943][ T8702]  do_filp_open+0x20b/0x470
[  264.676980][ T8702]  ? __pfx_do_filp_open+0x10/0x10
[  264.677045][ T8702]  ? alloc_fd+0x471/0x7d0
[  264.677087][ T8702]  do_sys_openat2+0x11b/0x1d0
[  264.677134][ T8702]  ? __pfx_do_sys_openat2+0x10/0x10
[  264.677213][ T8702]  __x64_sys_openat+0x174/0x210
[  264.677262][ T8702]  ? __pfx___x64_sys_openat+0x10/0x10
[  264.677337][ T8702]  do_syscall_64+0xcd/0x490
[  264.677389][ T8702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.677423][ T8702] RIP: 0033:0x7fdaee38eb69
[  264.677448][ T8702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.677480][ T8702] RSP: 002b:00007fdaef2b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  264.677510][ T8702] RAX: ffffffffffffffda RBX: 00007fdaee5b5fa0 RCX: 00007fdaee38eb69
[  264.677531][ T8702] RDX: 0000000000129800 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  264.677551][ T8702] RBP: 00007fdaee411df1 R08: 0000000000000000 R09: 0000000000000000
[  264.677570][ T8702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  264.677588][ T8702] R13: 0000000000000000 R14: 00007fdaee5b5fa0 R15: 00007ffff9a66b18
[  264.677628][ T8702]  </TASK>
[  266.563487][ T8727] ptrace attach of "./syz-executor exec"[8735] was attempted by "./syz-executor exec"[8727]
[  266.651344][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  266.658468][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  268.403942][ T8753] ubi0: attaching mtd0
[  268.521567][ T8753] ubi0: scanning is finished
[  268.528080][ T8753] ubi0: empty MTD device detected
[  268.538362][ T8753] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record
[  268.752973][ T8753] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  269.304428][ T8767] netlink: 'syz.0.539': attribute type 2 has an invalid length.
[  271.785887][ T5852] Bluetooth: hci3: unexpected event 0x17 length: 440 > 6
[  272.548949][ T8834] netlink: 'syz.1.552': attribute type 2 has an invalid length.
[  275.065203][ T8889] netlink: 4 bytes leftover after parsing attributes in process `syz.2.563'.
[  278.088664][ T8921] FAULT_INJECTION: forcing a failure.
[  278.088664][ T8921] name failslab, interval 1, probability 0, space 0, times 0
[  278.102546][ T8921] CPU: 1 UID: 8 PID: 8921 Comm: syz.1.569 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  278.102594][ T8921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  278.102614][ T8921] Call Trace:
[  278.102625][ T8921]  <TASK>
[  278.102637][ T8921]  dump_stack_lvl+0x16c/0x1f0
[  278.102689][ T8921]  should_fail_ex+0x512/0x640
[  278.102719][ T8921]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  278.102763][ T8921]  should_failslab+0xc2/0x120
[  278.102807][ T8921]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  278.102842][ T8921]  ? __proc_create+0xc3/0x8e0
[  278.102903][ T8921]  ? __proc_create+0x2ce/0x8e0
[  278.102955][ T8921]  __proc_create+0x2ce/0x8e0
[  278.103004][ T8921]  ? __pfx___proc_create+0x10/0x10
[  278.103067][ T8921]  proc_mkdir+0x81/0x170
[  278.103112][ T8921]  ? __pfx_proc_mkdir+0x10/0x10
[  278.103159][ T8921]  ? cache_register_net+0x137/0x5e0
[  278.103214][ T8921]  cache_register_net+0x18f/0x5e0
[  278.103266][ T8921]  gss_svc_init_net+0x151/0x660
[  278.103304][ T8921]  ? __pfx_canbcm_pernet_init+0x10/0x10
[  278.103355][ T8921]  ? __pfx_rpcsec_gss_init_net+0x10/0x10
[  278.103397][ T8921]  ops_init+0x1e2/0x5f0
[  278.103452][ T8921]  setup_net+0x10f/0x380
[  278.103520][ T8921]  ? lockdep_init_map_type+0x5c/0x280
[  278.103568][ T8921]  ? __pfx_setup_net+0x10/0x10
[  278.103621][ T8921]  ? debug_mutex_init+0x37/0x70
[  278.103673][ T8921]  copy_net_ns+0x2a6/0x5f0
[  278.103710][ T8921]  create_new_namespaces+0x3ea/0xa90
[  278.103759][ T8921]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  278.103801][ T8921]  ksys_unshare+0x45b/0xa40
[  278.103847][ T8921]  ? __pfx_ksys_unshare+0x10/0x10
[  278.103905][ T8921]  ? syscall_user_dispatch+0x78/0x140
[  278.103970][ T8921]  __x64_sys_unshare+0x31/0x40
[  278.104015][ T8921]  do_syscall_64+0xcd/0x490
[  278.104067][ T8921]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.104099][ T8921] RIP: 0033:0x7f9d8d38eb69
[  278.104123][ T8921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  278.104154][ T8921] RSP: 002b:00007f9d8e1bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  278.104182][ T8921] RAX: ffffffffffffffda RBX: 00007f9d8d5b5fa0 RCX: 00007f9d8d38eb69
[  278.104201][ T8921] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  278.104217][ T8921] RBP: 00007f9d8d411df1 R08: 0000000000000000 R09: 0000000000000000
[  278.104234][ T8921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  278.104252][ T8921] R13: 0000000000000000 R14: 00007f9d8d5b5fa0 R15: 00007fffc3268b88
[  278.104293][ T8921]  </TASK>
[  279.103053][ T8928] tty tty23: ldisc open failed (-12), clearing slot 22
[  279.113892][ T8929] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  279.134289][ T8930] ttyS ttyS2: ldisc open failed (-12), clearing slot 2
[  279.150246][ T8925] ttynull ttynull: ldisc open failed (-12), clearing slot 0
[  279.338090][ T8938] random: crng reseeded on system resumption
[  281.372905][ T8971] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input8
[  281.468491][ T8979] netlink: 16 bytes leftover after parsing attributes in process `syz.0.589'.
[  282.005959][ T8994] synth uevent: /devices/virtual/tty/ttyc1: unknown uevent action string
[  282.047299][ T8994] tty ttyc1: uevent: failed to send synthetic uevent: -22
[  282.961047][ T9008] netlink: 16 bytes leftover after parsing attributes in process `syz.3.593'.
[  283.265621][ T9007] FAULT_INJECTION: forcing a failure.
[  283.265621][ T9007] name failslab, interval 1, probability 0, space 0, times 0
[  283.338012][ T9007] CPU: 0 UID: 8 PID: 9007 Comm: syz.0.585 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  283.338063][ T9007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  283.338116][ T9007] Call Trace:
[  283.338127][ T9007]  <TASK>
[  283.338139][ T9007]  dump_stack_lvl+0x16c/0x1f0
[  283.338196][ T9007]  should_fail_ex+0x512/0x640
[  283.338227][ T9007]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  283.338272][ T9007]  should_failslab+0xc2/0x120
[  283.338316][ T9007]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  283.338353][ T9007]  ? __proc_create+0xc3/0x8e0
[  283.338410][ T9007]  ? __proc_create+0x2ce/0x8e0
[  283.338491][ T9007]  __proc_create+0x2ce/0x8e0
[  283.338538][ T9007]  ? __pfx___proc_create+0x10/0x10
[  283.338603][ T9007]  proc_mkdir+0x81/0x170
[  283.338650][ T9007]  ? __pfx_proc_mkdir+0x10/0x10
[  283.338699][ T9007]  ? cache_register_net+0x137/0x5e0
[  283.338755][ T9007]  cache_register_net+0x18f/0x5e0
[  283.338806][ T9007]  gss_svc_init_net+0x151/0x660
[  283.338845][ T9007]  ? __pfx_canbcm_pernet_init+0x10/0x10
[  283.338905][ T9007]  ? __pfx_rpcsec_gss_init_net+0x10/0x10
[  283.338947][ T9007]  ops_init+0x1e2/0x5f0
[  283.339001][ T9007]  setup_net+0x10f/0x380
[  283.339048][ T9007]  ? lockdep_init_map_type+0x5c/0x280
[  283.339092][ T9007]  ? __pfx_setup_net+0x10/0x10
[  283.339143][ T9007]  ? debug_mutex_init+0x37/0x70
[  283.339203][ T9007]  copy_net_ns+0x2a6/0x5f0
[  283.339239][ T9007]  create_new_namespaces+0x3ea/0xa90
[  283.339287][ T9007]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  283.339328][ T9007]  ksys_unshare+0x45b/0xa40
[  283.339389][ T9007]  ? __pfx_ksys_unshare+0x10/0x10
[  283.339440][ T9007]  ? syscall_user_dispatch+0x78/0x140
[  283.339503][ T9007]  __x64_sys_unshare+0x31/0x40
[  283.339548][ T9007]  do_syscall_64+0xcd/0x490
[  283.339601][ T9007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.339634][ T9007] RIP: 0033:0x7f7d9098eb69
[  283.339662][ T9007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.339693][ T9007] RSP: 002b:00007f7d8e7f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  283.339725][ T9007] RAX: ffffffffffffffda RBX: 00007f7d90bb5fa0 RCX: 00007f7d9098eb69
[  283.339745][ T9007] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  283.339764][ T9007] RBP: 00007f7d90a11df1 R08: 0000000000000000 R09: 0000000000000000
[  283.339782][ T9007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  283.339800][ T9007] R13: 0000000000000000 R14: 00007f7d90bb5fa0 R15: 00007ffc69440998
[  283.339842][ T9007]  </TASK>
[  284.961685][ T9023] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input10
[  285.169855][ T9025] netlink: 28 bytes leftover after parsing attributes in process `syz.1.587'.
[  285.188245][ T9025] ipvlan0: entered allmulticast mode
[  285.261964][ T9025] veth0_vlan: entered allmulticast mode
[  287.014412][   T30] audit: type=1800 audit(4294967321.542:5): pid=9052 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.600" name="features" dev="configfs" ino=21239 res=0 errno=0
[  288.724205][ T9093] __vm_enough_memory: pid: 9093, comm: syz.2.602, bytes: 4398046511104 not enough memory for the allocation
[  291.687255][ T9150] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  292.606702][ T9162] random: crng reseeded on system resumption
[  294.000824][ T9197] netlink: 28 bytes leftover after parsing attributes in process `syz.2.632'.
[  294.274201][ T9197] ipvlan0: entered allmulticast mode
[  294.280029][ T9197] veth0_vlan: entered allmulticast mode
[  294.895632][ T9220] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xeffffd32
[  294.928191][ T9199] __vm_enough_memory: pid: 9199, comm: syz.3.626, bytes: 4398046511104 not enough memory for the allocation
[  296.054873][ T9245] random: crng reseeded on system resumption
[  296.377202][ T9243] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007
[  296.918259][ T9247] Unable to find swap-space signature
[  297.279010][ T9265] ubi0: attaching mtd0
[  297.312037][ T9265] ubi0 error: ubi_attach_mtd_dev: bad VID header (536870975) or data offsets (536871039)
[  299.448233][ T9304] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007
[  299.815645][ T9311] Unable to find swap-space signature
[  299.932892][ T9322] netlink: 28 bytes leftover after parsing attributes in process `syz.0.663'.
[  300.050319][ T9322] ipvlan0: entered allmulticast mode
[  300.069913][ T9322] veth0_vlan: entered allmulticast mode
[  301.965479][ T9349] Invalid ELF header magic: != ELF
[  302.917292][ T9373] FAULT_INJECTION: forcing a failure.
[  302.917292][ T9373] name failslab, interval 1, probability 0, space 0, times 0
[  302.931166][ T9373] CPU: 1 UID: 0 PID: 9373 Comm: syz.2.676 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  302.931201][ T9373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  302.931215][ T9373] Call Trace:
[  302.931223][ T9373]  <TASK>
[  302.931232][ T9373]  dump_stack_lvl+0x16c/0x1f0
[  302.931282][ T9373]  should_fail_ex+0x512/0x640
[  302.931305][ T9373]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  302.931332][ T9373]  should_failslab+0xc2/0x120
[  302.931363][ T9373]  __kmalloc_cache_noprof+0x6a/0x3e0
[  302.931386][ T9373]  ? kobject_uevent_env+0x265/0x1870
[  302.931416][ T9373]  kobject_uevent_env+0x265/0x1870
[  302.931439][ T9373]  ? __pfx_dev_uevent_name+0x10/0x10
[  302.931478][ T9373]  ? bus_to_subsys+0x131/0x160
[  302.931511][ T9373]  device_add+0x10dd/0x1a70
[  302.931542][ T9373]  ? __pfx_device_add+0x10/0x10
[  302.931571][ T9373]  ? lockdep_init_map_type+0x5c/0x280
[  302.931610][ T9373]  input_register_device+0x7e8/0x1130
[  302.931636][ T9373]  ? input_ff_create+0x256/0x350
[  302.931672][ T9373]  uinput_ioctl_handler.isra.0+0x1357/0x1df0
[  302.931708][ T9373]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  302.931745][ T9373]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  302.931787][ T9373]  ? find_held_lock+0x2b/0x80
[  302.931824][ T9373]  ? __pfx_uinput_ioctl+0x10/0x10
[  302.931859][ T9373]  __x64_sys_ioctl+0x18b/0x210
[  302.931898][ T9373]  do_syscall_64+0xcd/0x490
[  302.931937][ T9373]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.931961][ T9373] RIP: 0033:0x7fdaee38eb69
[  302.931980][ T9373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.932002][ T9373] RSP: 002b:00007fdaef2b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  302.932025][ T9373] RAX: ffffffffffffffda RBX: 00007fdaee5b5fa0 RCX: 00007fdaee38eb69
[  302.932041][ T9373] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000003
[  302.932064][ T9373] RBP: 00007fdaee411df1 R08: 0000000000000000 R09: 0000000000000000
[  302.932082][ T9373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  302.932100][ T9373] R13: 0000000000000000 R14: 00007fdaee5b5fa0 R15: 00007ffff9a66b18
[  302.932136][ T9373]  </TASK>
[  303.171285][ T9373] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input11
[  303.369547][ T9382] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  303.424262][ T9382] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  303.442163][ T9382] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  303.450619][ T9382] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  303.759656][ T9386] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12
[  304.548552][ T9399] Invalid ELF header magic: != ELF
[  304.802590][ T9420] can: request_module (can-proto-0) failed.
[  305.362915][ T5852] Bluetooth: hci0: command 0x0406 tx timeout
[  305.393124][ T9436] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007
[  305.449856][ T5852] Bluetooth: hci1: command 0x0406 tx timeout
[  305.531973][ T5163] Bluetooth: hci3: command 0x0406 tx timeout
[  305.541071][ T5852] Bluetooth: hci2: command 0x0406 tx timeout
[  305.891059][ T9431] random: crng reseeded on system resumption
[  305.937532][ T9445] Unable to find swap-space signature
[  306.355644][ T9421] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  306.398924][ T9421] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  306.445514][ T9450] netlink: 12 bytes leftover after parsing attributes in process `syz.2.693'.
[  307.032426][ T9459] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  307.039659][ T9459] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  307.072487][ T9459] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  307.178592][ T9459] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  307.578016][ T9467] netlink: 346 bytes leftover after parsing attributes in process `syz.3.697'.
[  307.673834][ T9470] netlink: 326 bytes leftover after parsing attributes in process `syz.0.698'.
[  308.018189][ T9480] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078400dc0 pfn:0x78400
[  308.125193][ T9480] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  308.173962][ T9480] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  308.222457][ T9480] raw: ffff888078400dc0 0000000000000000 00000001ffffffff 0000000000000000
[  308.269583][ T9480] page dumped because: unmovable page
[  308.279310][ T9480] page_owner tracks the page as allocated
[  308.287097][ T9480] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 8550, tgid 8550 (syz.0.496), ts 257775443277, free_ts 257604506151
[  308.307558][    C0] vkms_vblank_simulate: vblank timer overrun
[  308.317738][ T9480]  post_alloc_hook+0x1c0/0x230
[  308.324465][ T9480]  get_page_from_freelist+0x132b/0x38e0
[  308.330501][ T9480]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  308.339237][ T9480]  alloc_pages_mpol+0x1fb/0x550
[  308.344922][ T9480]  alloc_pages_noprof+0x131/0x390
[  308.352801][ T9480]  __vmalloc_node_range_noprof+0x72f/0x14b0
[  308.358976][ T9480]  __vmalloc_node_noprof+0xad/0xf0
[  308.367521][ T9480]  copy_process+0x2c70/0x7690
[  308.373869][ T9480]  kernel_clone+0xfc/0x930
[  308.378597][ T9480]  __do_sys_clone3+0x212/0x290
[  308.387967][ T9480]  do_syscall_64+0xcd/0x490
[  308.392892][ T9480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.399224][ T9480] page last free pid 23 tgid 23 stack trace:
[  308.410356][ T9480]  __free_frozen_pages+0x7d5/0x10f0
[  308.415861][ T9480]  tlb_remove_table_rcu+0x116/0x1a0
[  308.421360][ T9480]  rcu_core+0x799/0x1530
[  308.429228][ T9480]  handle_softirqs+0x216/0x8e0
[  308.435736][ T9480]  run_ksoftirqd+0x3a/0x60
[  308.441458][ T9480]  smpboot_thread_fn+0x3f7/0xae0
[  308.453774][ T9480]  kthread+0x3c5/0x780
[  308.458315][ T9480]  ret_from_fork+0x5d7/0x6f0
[  308.466504][ T9480]  ret_from_fork_asm+0x1a/0x30
[  309.127778][ T5852] Bluetooth: hci1: command 0x0406 tx timeout
[  309.134528][ T5850] Bluetooth: hci0: command 0x0406 tx timeout
[  309.140791][ T5163] Bluetooth: hci3: command 0x0406 tx timeout
[  309.202428][ T5163] Bluetooth: hci2: command 0x0406 tx timeout
[  309.808246][ T9482] Invalid ELF header magic: != ELF
[  310.044421][ T9507] random: crng reseeded on system resumption
[  310.225603][ T9514] netlink: 326 bytes leftover after parsing attributes in process `syz.1.709'.
[  310.629845][ T9520] netlink: 24 bytes leftover after parsing attributes in process `syz.2.711'.
[  310.926613][ T9524] zram: Added device: zram3
[  311.371637][ T9546] FAULT_INJECTION: forcing a failure.
[  311.371637][ T9546] name failslab, interval 1, probability 0, space 0, times 0
[  311.408036][ T9546] CPU: 0 UID: 0 PID: 9546 Comm: syz.0.720 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  311.408081][ T9546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  311.408099][ T9546] Call Trace:
[  311.408109][ T9546]  <TASK>
[  311.408121][ T9546]  dump_stack_lvl+0x16c/0x1f0
[  311.408174][ T9546]  should_fail_ex+0x512/0x640
[  311.408202][ T9546]  ? fs_reclaim_acquire+0xae/0x150
[  311.408251][ T9546]  ? tomoyo_encode2+0x100/0x3e0
[  311.408285][ T9546]  should_failslab+0xc2/0x120
[  311.408325][ T9546]  __kmalloc_noprof+0xd2/0x510
[  311.408359][ T9546]  ? d_absolute_path+0x136/0x1a0
[  311.408414][ T9546]  tomoyo_encode2+0x100/0x3e0
[  311.408456][ T9546]  tomoyo_encode+0x29/0x50
[  311.408489][ T9546]  tomoyo_realpath_from_path+0x18f/0x6e0
[  311.408542][ T9546]  tomoyo_path_number_perm+0x245/0x580
[  311.408570][ T9546]  ? tomoyo_path_number_perm+0x237/0x580
[  311.408604][ T9546]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  311.408639][ T9546]  ? find_held_lock+0x2b/0x80
[  311.408704][ T9546]  ? find_held_lock+0x2b/0x80
[  311.408733][ T9546]  ? hook_file_ioctl_common+0x145/0x410
[  311.408794][ T9546]  ? __fget_files+0x20e/0x3c0
[  311.408833][ T9546]  security_file_ioctl+0x9b/0x240
[  311.408869][ T9546]  __x64_sys_ioctl+0xb7/0x210
[  311.408921][ T9546]  do_syscall_64+0xcd/0x490
[  311.408969][ T9546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.409000][ T9546] RIP: 0033:0x7f7d9098eb69
[  311.409025][ T9546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.409053][ T9546] RSP: 002b:00007f7d8e7f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  311.409081][ T9546] RAX: ffffffffffffffda RBX: 00007f7d90bb5fa0 RCX: 00007f7d9098eb69
[  311.409100][ T9546] RDX: 0000200000002c40 RSI: 0000000040046109 RDI: 0000000000000003
[  311.409118][ T9546] RBP: 00007f7d8e7f6090 R08: 0000000000000000 R09: 0000000000000000
[  311.409135][ T9546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.409151][ T9546] R13: 0000000000000000 R14: 00007f7d90bb5fa0 R15: 00007ffc69440998
[  311.409191][ T9546]  </TASK>
[  311.410229][ T9546] ERROR: Out of memory at tomoyo_realpath_from_path.
[  312.969183][ T9588] sg_write: data in/out 589824/1 bytes for SCSI command 0x7b-- guessing data in;
[  312.969183][ T9588]    program syz.1.725 not setting count and/or reply_len properly
[  313.936058][ T9577] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  314.045917][ T9577] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  314.098217][ T9577] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  314.151984][ T9577] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  314.501537][ T9610] FAULT_INJECTION: forcing a failure.
[  314.501537][ T9610] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  314.533171][ T9610] CPU: 0 UID: 0 PID: 9610 Comm: syz.2.731 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  314.533215][ T9610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  314.533232][ T9610] Call Trace:
[  314.533241][ T9610]  <TASK>
[  314.533253][ T9610]  dump_stack_lvl+0x16c/0x1f0
[  314.533305][ T9610]  should_fail_ex+0x512/0x640
[  314.533351][ T9610]  _copy_from_user+0x2e/0xd0
[  314.533388][ T9610]  cec_ioctl+0x6c0/0x2970
[  314.533439][ T9610]  ? __pfx_cec_ioctl+0x10/0x10
[  314.533484][ T9610]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  314.533518][ T9610]  ? find_held_lock+0x2b/0x80
[  314.533556][ T9610]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  314.533605][ T9610]  ? do_vfs_ioctl+0x128/0x14f0
[  314.533654][ T9610]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  314.533714][ T9610]  ? find_held_lock+0x2b/0x80
[  314.533742][ T9610]  ? hook_file_ioctl_common+0x145/0x410
[  314.533803][ T9610]  ? __fget_files+0x20e/0x3c0
[  314.533843][ T9610]  ? __pfx_cec_ioctl+0x10/0x10
[  314.533889][ T9610]  __x64_sys_ioctl+0x18b/0x210
[  314.533940][ T9610]  do_syscall_64+0xcd/0x490
[  314.533990][ T9610]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.534021][ T9610] RIP: 0033:0x7fdaee38eb69
[  314.534044][ T9610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.534073][ T9610] RSP: 002b:00007fdaef2b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  314.534103][ T9610] RAX: ffffffffffffffda RBX: 00007fdaee5b5fa0 RCX: 00007fdaee38eb69
[  314.534123][ T9610] RDX: 0000200000002c40 RSI: 0000000040046109 RDI: 0000000000000003
[  314.534141][ T9610] RBP: 00007fdaef2b1090 R08: 0000000000000000 R09: 0000000000000000
[  314.534159][ T9610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.534176][ T9610] R13: 0000000000000000 R14: 00007fdaee5b5fa0 R15: 00007ffff9a66b18
[  314.534216][ T9610]  </TASK>
[  314.887499][ T5163] Bluetooth: hci0: command 0x0406 tx timeout
[  315.144623][ T9621] random: crng reseeded on system resumption
[  316.082600][ T5163] Bluetooth: hci1: command 0x0406 tx timeout
[  316.163412][ T5163] Bluetooth: hci2: command 0x0406 tx timeout
[  316.170250][ T5163] Bluetooth: hci3: command 0x0406 tx timeout
[  316.783413][ T9662] FAULT_INJECTION: forcing a failure.
[  316.783413][ T9662] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  316.820102][ T9662] CPU: 1 UID: 0 PID: 9662 Comm: syz.3.744 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  316.820284][ T9662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  316.820303][ T9662] Call Trace:
[  316.820318][ T9662]  <TASK>
[  316.820332][ T9662]  dump_stack_lvl+0x16c/0x1f0
[  316.820400][ T9662]  should_fail_ex+0x512/0x640
[  316.820442][ T9662]  _copy_to_user+0x32/0xd0
[  316.820499][ T9662]  simple_read_from_buffer+0xcb/0x170
[  316.820562][ T9662]  proc_fail_nth_read+0x197/0x240
[  316.820601][ T9662]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  316.820646][ T9662]  ? rw_verify_area+0xcf/0x6c0
[  316.820679][ T9662]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  316.820715][ T9662]  vfs_read+0x1e4/0xc60
[  316.820758][ T9662]  ? __pfx___mutex_lock+0x10/0x10
[  316.820808][ T9662]  ? __pfx_vfs_read+0x10/0x10
[  316.820859][ T9662]  ? __fget_files+0x20e/0x3c0
[  316.820908][ T9662]  ksys_read+0x12a/0x250
[  316.820944][ T9662]  ? __pfx_ksys_read+0x10/0x10
[  316.821238][ T9662]  ? fput+0x70/0xf0
[  316.821292][ T9662]  do_syscall_64+0xcd/0x490
[  316.821346][ T9662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.821446][ T9662] RIP: 0033:0x7fc9a1b8d57c
[  316.821480][ T9662] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  316.821509][ T9662] RSP: 002b:00007fc9a29e5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  316.821538][ T9662] RAX: ffffffffffffffda RBX: 00007fc9a1db5fa0 RCX: 00007fc9a1b8d57c
[  316.821558][ T9662] RDX: 000000000000000f RSI: 00007fc9a29e50a0 RDI: 0000000000000004
[  316.821576][ T9662] RBP: 00007fc9a29e5090 R08: 0000000000000000 R09: 0000000000000000
[  316.821594][ T9662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.821611][ T9662] R13: 0000000000000000 R14: 00007fc9a1db5fa0 R15: 00007ffd8b0dc9e8
[  316.821653][ T9662]  </TASK>
[  320.963101][ T9737] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078400dc0 pfn:0x78400
[  321.050550][ T9737] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  321.249532][ T9737] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  321.316553][ T9737] raw: ffff888078400dc0 0000000000000000 00000001ffffffff 0000000000000000
[  321.338552][ T9737] page dumped because: unmovable page
[  321.367437][ T9737] page_owner tracks the page as allocated
[  321.383068][ T9737] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 8550, tgid 8550 (syz.0.496), ts 257775443277, free_ts 257604506151
[  321.417133][ T9737]  post_alloc_hook+0x1c0/0x230
[  321.634689][ T9737]  get_page_from_freelist+0x132b/0x38e0
[  321.687484][ T9737]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  321.712262][ T9737]  alloc_pages_mpol+0x1fb/0x550
[  321.717779][ T9737]  alloc_pages_noprof+0x131/0x390
[  321.723548][ T9737]  __vmalloc_node_range_noprof+0x72f/0x14b0
[  321.730187][ T9737]  __vmalloc_node_noprof+0xad/0xf0
[  321.761459][ T9737]  copy_process+0x2c70/0x7690
[  321.803715][ T9737]  kernel_clone+0xfc/0x930
[  321.955853][ T9737]  __do_sys_clone3+0x212/0x290
[  321.961704][ T9737]  do_syscall_64+0xcd/0x490
[  322.016991][ T9737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.057656][ T9737] page last free pid 23 tgid 23 stack trace:
[  322.071871][ T9737]  __free_frozen_pages+0x7d5/0x10f0
[  322.081283][ T9737]  tlb_remove_table_rcu+0x116/0x1a0
[  322.095726][ T9737]  rcu_core+0x799/0x1530
[  322.110707][ T9737]  handle_softirqs+0x216/0x8e0
[  322.119519][ T9737]  run_ksoftirqd+0x3a/0x60
[  322.135177][ T9737]  smpboot_thread_fn+0x3f7/0xae0
[  322.140453][ T9737]  kthread+0x3c5/0x780
[  322.154833][ T9737]  ret_from_fork+0x5d7/0x6f0
[  322.163582][ T9737]  ret_from_fork_asm+0x1a/0x30
[  322.592534][ T9753] nbd: must specify at least one socket
[  322.726770][ T5163] Bluetooth: hci1: unexpected event 0x14 length: 440 > 6
[  324.441836][ T9777] Invalid ELF header magic: != ELF
[  324.448980][ T9776] Invalid ELF header magic: != ELF
[  325.138265][ T9762] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  325.792571][ T9791] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078400dc0 pfn:0x78400
[  325.842127][ T9791] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  325.852033][ T9791] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  325.904630][ T9791] raw: ffff888078400dc0 0000000000000000 00000001ffffffff 0000000000000000
[  325.922216][ T9791] page dumped because: unmovable page
[  325.928049][ T9791] page_owner tracks the page as allocated
[  325.942359][ T9791] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 8550, tgid 8550 (syz.0.496), ts 257775443277, free_ts 257604506151
[  325.982285][ T9791]  post_alloc_hook+0x1c0/0x230
[  325.987451][ T9791]  get_page_from_freelist+0x132b/0x38e0
[  326.102437][ T9791]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  326.112359][ T9791]  alloc_pages_mpol+0x1fb/0x550
[  326.122591][ T9791]  alloc_pages_noprof+0x131/0x390
[  326.128963][ T9791]  __vmalloc_node_range_noprof+0x72f/0x14b0
[  326.141316][ T9791]  __vmalloc_node_noprof+0xad/0xf0
[  326.146996][ T9791]  copy_process+0x2c70/0x7690
[  326.151922][ T9791]  kernel_clone+0xfc/0x930
[  326.205581][ T9791]  __do_sys_clone3+0x212/0x290
[  326.242604][ T9791]  do_syscall_64+0xcd/0x490
[  326.247247][ T9791]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.323872][ T9791] page last free pid 23 tgid 23 stack trace:
[  326.330035][ T9791]  __free_frozen_pages+0x7d5/0x10f0
[  326.494714][ T9791]  tlb_remove_table_rcu+0x116/0x1a0
[  326.500840][ T9791]  rcu_core+0x799/0x1530
[  326.512226][ T9791]  handle_softirqs+0x216/0x8e0
[  326.517465][ T9791]  run_ksoftirqd+0x3a/0x60
[  326.522564][ T9791]  smpboot_thread_fn+0x3f7/0xae0
[  326.528205][ T9791]  kthread+0x3c5/0x780
[  326.562740][ T9791]  ret_from_fork+0x5d7/0x6f0
[  326.568035][ T9791]  ret_from_fork_asm+0x1a/0x30
[  326.924798][ T9795] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  326.980675][ T9795] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  328.085964][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  328.092942][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  328.950219][ T9824] netlink: 186 bytes leftover after parsing attributes in process `syz.0.785'.
[  329.704837][ T9836] netlink: 8 bytes leftover after parsing attributes in process `syz.2.790'.
[  332.296817][ T9838] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  332.634586][ T9876] netlink: 186 bytes leftover after parsing attributes in process `syz.1.799'.
[  334.524799][ T9899] random: crng reseeded on system resumption
[  338.419507][ T9931] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  338.516358][ T9931] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  338.536103][ T9931] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  338.617830][ T9931] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  339.762511][ T5163] Bluetooth: hci0: command 0x0406 tx timeout
[  340.562395][ T5163] Bluetooth: hci3: command 0x0406 tx timeout
[  340.568757][ T5852] Bluetooth: hci1: command 0x0406 tx timeout
[  340.642259][ T5163] Bluetooth: hci2: command 0x0406 tx timeout
[  340.910996][ T9964] random: crng reseeded on system resumption
[  341.225350][ T9970] netlink: 10924 bytes leftover after parsing attributes in process `syz.1.821'.
[  341.258935][ T9970] netlink: 278 bytes leftover after parsing attributes in process `syz.1.821'.
[  341.705464][ T9947] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  342.435026][ T9985] netlink: 20 bytes leftover after parsing attributes in process `syz.3.826'.
[  344.515142][ T9990] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  344.606848][ T9990] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  344.614008][ T9990] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  344.625933][ T9990] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  344.812222][T10012] sd 0:0:1:0: PR command failed: 1026
[  344.832469][T10012] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  344.839507][T10012] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  346.325563][T10027] FAULT_INJECTION: forcing a failure.
[  346.325563][T10027] name failslab, interval 1, probability 0, space 0, times 0
[  346.426480][T10027] CPU: 0 UID: 0 PID: 10027 Comm: syz.3.835 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  346.426525][T10027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  346.426543][T10027] Call Trace:
[  346.426552][T10027]  <TASK>
[  346.426564][T10027]  dump_stack_lvl+0x16c/0x1f0
[  346.426617][T10027]  should_fail_ex+0x512/0x640
[  346.426647][T10027]  ? __kvmalloc_node_noprof+0x124/0x620
[  346.426687][T10027]  should_failslab+0xc2/0x120
[  346.426728][T10027]  __kvmalloc_node_noprof+0x137/0x620
[  346.426762][T10027]  ? __pfx___mutex_lock+0x10/0x10
[  346.426811][T10027]  ? traverse.part.0.constprop.0+0x392/0x640
[  346.426875][T10027]  ? traverse.part.0.constprop.0+0x392/0x640
[  346.426927][T10027]  traverse.part.0.constprop.0+0x392/0x640
[  346.426992][T10027]  seq_read_iter+0x932/0x12c0
[  346.427086][T10027]  proc_reg_read_iter+0x220/0x310
[  346.427133][T10027]  vfs_read+0x8bf/0xc60
[  346.427177][T10027]  ? __pfx_vfs_read+0x10/0x10
[  346.427206][T10027]  ? find_held_lock+0x2b/0x80
[  346.427265][T10027]  __x64_sys_pread64+0x1eb/0x250
[  346.427302][T10027]  ? __pfx___x64_sys_pread64+0x10/0x10
[  346.427353][T10027]  do_syscall_64+0xcd/0x490
[  346.427403][T10027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.427434][T10027] RIP: 0033:0x7fc9a1b8eb69
[  346.427458][T10027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.427488][T10027] RSP: 002b:00007fc9a29e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  346.427517][T10027] RAX: ffffffffffffffda RBX: 00007fc9a1db5fa0 RCX: 00007fc9a1b8eb69
[  346.427538][T10027] RDX: 0000000100000001 RSI: 0000200000000040 RDI: 0000000000000003
[  346.427557][T10027] RBP: 00007fc9a29e5090 R08: 0000000000000000 R09: 0000000000000000
[  346.427576][T10027] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001
[  346.427594][T10027] R13: 0000000000000000 R14: 00007fc9a1db5fa0 R15: 00007ffd8b0dc9e8
[  346.427633][T10027]  </TASK>
[  346.652438][ T5163] Bluetooth: hci1: command 0x0406 tx timeout
[  346.655687][ T5852] Bluetooth: hci0: command 0x0406 tx timeout
[  346.658932][ T5163] Bluetooth: hci2: command 0x0406 tx timeout
[  346.665187][ T5850] Bluetooth: hci3: command 0x0406 tx timeout
[  348.391181][T10052] 
[  348.412641][T10054] netlink: 8 bytes leftover after parsing attributes in process `syz.3.839'.
[  349.406162][T10065] sd 0:0:1:0: PR command failed: 1026
[  349.413541][T10065] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  349.422788][T10065] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  349.990893][T10024] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  351.556479][T10088] FAULT_INJECTION: forcing a failure.
[  351.556479][T10088] name failslab, interval 1, probability 0, space 0, times 0
[  351.600184][T10088] CPU: 0 UID: 0 PID: 10088 Comm: syz.1.849 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  351.600234][T10088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  351.600255][T10088] Call Trace:
[  351.600266][T10088]  <TASK>
[  351.600279][T10088]  dump_stack_lvl+0x16c/0x1f0
[  351.600336][T10088]  should_fail_ex+0x512/0x640
[  351.600366][T10088]  ? __kvmalloc_node_noprof+0x124/0x620
[  351.600405][T10088]  should_failslab+0xc2/0x120
[  351.600450][T10088]  __kvmalloc_node_noprof+0x137/0x620
[  351.600499][T10088]  ? lockdep_init_map_type+0x5c/0x280
[  351.600542][T10088]  ? alloc_netdev_mqs+0xae5/0x1500
[  351.600601][T10088]  ? alloc_netdev_mqs+0xae5/0x1500
[  351.600646][T10088]  alloc_netdev_mqs+0xae5/0x1500
[  351.600704][T10088]  __ip_tunnel_create+0x3ad/0x6e0
[  351.600758][T10088]  ? __pfx___ip_tunnel_create+0x10/0x10
[  351.600825][T10088]  ip_tunnel_init_net+0x22f/0x7d0
[  351.600858][T10088]  ? __pfx_ip_tunnel_init_net+0x10/0x10
[  351.600895][T10088]  ? trace_kmalloc+0x2b/0xd0
[  351.600933][T10088]  ? __kmalloc_noprof+0x242/0x510
[  351.600962][T10088]  ? lockdep_init_map_type+0x5c/0x280
[  351.601005][T10088]  ? __pfx_ipgre_tap_init_net+0x10/0x10
[  351.601051][T10088]  ops_init+0x1e2/0x5f0
[  351.601102][T10088]  setup_net+0x10f/0x380
[  351.601152][T10088]  ? lockdep_init_map_type+0x5c/0x280
[  351.601195][T10088]  ? __pfx_setup_net+0x10/0x10
[  351.601248][T10088]  ? debug_mutex_init+0x37/0x70
[  351.601305][T10088]  copy_net_ns+0x2a6/0x5f0
[  351.601341][T10088]  create_new_namespaces+0x3ea/0xa90
[  351.601385][T10088]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  351.601425][T10088]  ksys_unshare+0x45b/0xa40
[  351.601477][T10088]  ? __pfx_ksys_unshare+0x10/0x10
[  351.601517][T10088]  ? xfd_validate_state+0x61/0x180
[  351.601569][T10088]  __x64_sys_unshare+0x31/0x40
[  351.601606][T10088]  do_syscall_64+0xcd/0x490
[  351.601650][T10088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.601679][T10088] RIP: 0033:0x7f9d8d38eb69
[  351.601701][T10088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.601741][T10088] RSP: 002b:00007f9d8e1bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  351.601771][T10088] RAX: ffffffffffffffda RBX: 00007f9d8d5b5fa0 RCX: 00007f9d8d38eb69
[  351.601792][T10088] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  351.601810][T10088] RBP: 00007f9d8d411df1 R08: 0000000000000000 R09: 0000000000000000
[  351.601828][T10088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  351.601846][T10088] R13: 0000000000000000 R14: 00007f9d8d5b5fa0 R15: 00007fffc3268b88
[  351.601884][T10088]  </TASK>
[  355.502717][T10153] __vm_enough_memory: pid: 10153, comm: syz.2.863, bytes: 4398046511104 not enough memory for the allocation
[  355.620989][T10156] FAULT_INJECTION: forcing a failure.
[  355.620989][T10156] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  355.666460][T10156] CPU: 0 UID: 0 PID: 10156 Comm: syz.1.864 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  355.666505][T10156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  355.666524][T10156] Call Trace:
[  355.666535][T10156]  <TASK>
[  355.666547][T10156]  dump_stack_lvl+0x16c/0x1f0
[  355.666599][T10156]  should_fail_ex+0x512/0x640
[  355.666634][T10156]  _copy_to_iter+0x29f/0x16f0
[  355.666673][T10156]  ? kfree+0x2b4/0x4d0
[  355.666697][T10156]  ? seq_put_decimal_ull_width+0x1db/0x3a0
[  355.666726][T10156]  ? vmstat_stop+0x33/0x70
[  355.666776][T10156]  ? __pfx__copy_to_iter+0x10/0x10
[  355.666815][T10156]  ? vmstat_stop+0x33/0x70
[  355.666860][T10156]  ? traverse.part.0.constprop.0+0x2c5/0x640
[  355.666924][T10156]  seq_read_iter+0x719/0x12c0
[  355.666994][T10156]  proc_reg_read_iter+0x220/0x310
[  355.667038][T10156]  vfs_read+0x8bf/0xc60
[  355.667082][T10156]  ? __pfx_vfs_read+0x10/0x10
[  355.667113][T10156]  ? find_held_lock+0x2b/0x80
[  355.667184][T10156]  __x64_sys_pread64+0x1eb/0x250
[  355.667223][T10156]  ? __pfx___x64_sys_pread64+0x10/0x10
[  355.667273][T10156]  do_syscall_64+0xcd/0x490
[  355.667324][T10156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.667356][T10156] RIP: 0033:0x7f9d8d38eb69
[  355.667380][T10156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.667411][T10156] RSP: 002b:00007f9d8e1bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  355.667440][T10156] RAX: ffffffffffffffda RBX: 00007f9d8d5b5fa0 RCX: 00007f9d8d38eb69
[  355.667459][T10156] RDX: 0000000100000001 RSI: 0000200000000040 RDI: 0000000000000003
[  355.667477][T10156] RBP: 00007f9d8e1bb090 R08: 0000000000000000 R09: 0000000000000000
[  355.667494][T10156] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001
[  355.667512][T10156] R13: 0000000000000000 R14: 00007f9d8d5b5fa0 R15: 00007fffc3268b88
[  355.667551][T10156]  </TASK>
[  356.292741][T10159] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed.
[  357.022800][T10179] sysfs_service_op_show: Client not running :-5:
[  357.462763][ T5850] Bluetooth: hci2: unexpected event 0x23 length: 127 > 13
[  358.420734][T10205] [U] 
[  358.431751][T10205] [U] 
[  358.434821][T10205] [U] 
[  358.438206][T10205] [U] 
[  358.464028][T10205] [U] 
[  358.467536][T10205] [U] 
[  358.470700][T10205] [U] 
[  358.474422][T10205] [U] 
[  358.484193][T10205] [U] 
[  358.487983][T10205] [U] 
[  358.491169][T10205] [U] 
[  358.494459][T10205] [U] 
[  358.500649][T10205] [U] 
[  358.503556][T10205] [U] 
[  358.506520][T10205] [U] 
[  358.509484][T10205] [U] 
[  358.517345][T10205] [U] 
[  358.520219][T10205] [U] 
[  358.523455][T10205] [U] 
[  358.526655][T10205] [U] 
[  358.534963][T10205] [U] 
[  358.537973][T10205] [U] 
[  358.541001][T10205] [U] 
[  358.543862][T10205] [U] 
[  358.551884][T10205] [U] 
[  358.555365][T10205] [U] 
[  358.558487][T10205] [U] 
[  358.562037][T10205] [U] 
[  358.581534][T10205] [U] 
[  358.584714][T10205] [U] 
[  358.587775][T10205] [U] 
[  358.590744][T10205] [U] 
[  358.600184][T10205] [U] 
[  358.603628][T10205] [U] 
[  358.607183][T10205] [U] 
[  358.610842][T10205] [U] 
[  358.616313][T10205] [U] 
[  358.619936][T10205] [U] 
[  358.623000][T10205] [U] 
[  358.625968][T10205] [U] 
[  358.630589][T10205] [U] 
[  358.633855][T10205] [U] 
[  358.636805][T10205] [U] 
[  358.640135][T10205] [U] 
[  358.644347][T10205] [U] 
[  358.647343][T10205] [U] 
[  358.650469][T10205] [U] 
[  358.653513][T10205] [U] 
[  358.657740][T10205] [U] 
[  358.661073][T10205] [U] 
[  358.664259][T10205] [U] 
[  358.667441][T10205] [U] 
[  358.670653][T10205] [U] 
[  358.673618][T10205] [U] 
[  358.678221][T10205] [U] 
[  358.681312][T10205] [U] 
[  358.685223][T10205] [U] 
[  358.688573][T10205] [U] 
[  358.692480][T10205] [U] 
[  358.695717][T10205] [U] 
[  358.699613][T10205] [U] 
[  358.702772][T10205] [U] 
[  358.705636][T10205] [U] 
[  358.708741][T10205] [U] 
[  358.712528][T10205] [U] 
[  358.715447][T10205] [U] 
[  358.718360][T10205] [U] 
[  358.721493][T10205] [U] 
[  358.761942][T10205] [U] 
[  358.764888][T10205] [U] 
[  358.767859][T10205] [U] 
[  358.770634][T10205] [U] 
[  358.799202][T10205] [U] 
[  358.802015][T10205] [U] 
[  358.804807][T10205] [U] 
[  358.808131][T10205] [U] 
[  358.837167][T10205] [U] 
[  358.840170][T10205] [U] 
[  358.843009][T10205] [U] 
[  358.845972][T10205] [U] 
[  358.855009][T10205] [U] 
[  358.857831][T10205] [U] 
[  358.860694][T10205] [U] 
[  358.863650][T10205] [U] 
[  358.879041][T10205] [U] 
[  358.882492][T10205] [U] 
[  358.885537][T10205] [U] 
[  358.889034][T10205] [U] 
[  358.906978][T10205] [U] 
[  358.910236][T10205] [U] 
[  358.913567][T10205] [U] 
[  358.916787][T10205] [U] 
[  358.922237][T10205] [U] 
[  361.394203][ T5850] Bluetooth: hci0: unexpected event 0x17 length: 440 > 6
[  362.687124][T10282] FAULT_INJECTION: forcing a failure.
[  362.687124][T10282] name failslab, interval 1, probability 0, space 0, times 0
[  362.761880][T10282] CPU: 1 UID: 0 PID: 10282 Comm: syz.2.895 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  362.761926][T10282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  362.761946][T10282] Call Trace:
[  362.761956][T10282]  <TASK>
[  362.761969][T10282]  dump_stack_lvl+0x16c/0x1f0
[  362.762022][T10282]  should_fail_ex+0x512/0x640
[  362.762053][T10282]  ? fs_reclaim_acquire+0xae/0x150
[  362.762103][T10282]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  362.762142][T10282]  should_failslab+0xc2/0x120
[  362.762191][T10282]  __kmalloc_noprof+0xd2/0x510
[  362.762238][T10282]  tomoyo_realpath_from_path+0xc2/0x6e0
[  362.762280][T10282]  ? tomoyo_profile+0x47/0x60
[  362.762327][T10282]  tomoyo_path_number_perm+0x245/0x580
[  362.762357][T10282]  ? tomoyo_path_number_perm+0x237/0x580
[  362.762560][T10282]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  362.762603][T10282]  ? find_held_lock+0x2b/0x80
[  362.762668][T10282]  ? hook_file_ioctl_common+0x145/0x410
[  362.762739][T10282]  security_file_ioctl+0x9b/0x240
[  362.762777][T10282]  __x64_sys_ioctl+0xb7/0x210
[  362.762832][T10282]  do_syscall_64+0xcd/0x490
[  362.762885][T10282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.762918][T10282] RIP: 0033:0x7fdaee38eb69
[  362.762945][T10282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  362.762976][T10282] RSP: 002b:00007fdaef2b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  362.763007][T10282] RAX: ffffffffffffffda RBX: 00007fdaee5b5fa0 RCX: 00007fdaee38eb69
[  362.763028][T10282] RDX: 0000000000000000 RSI: 0000000000004c00 RDI: 0000000000000001
[  362.763045][T10282] RBP: 00007fdaef2b1090 R08: 0000000000000000 R09: 0000000000000000
[  362.763063][T10282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  362.763080][T10282] R13: 0000000000000000 R14: 00007fdaee5b5fa0 R15: 00007ffff9a66b18
[  362.763120][T10282]  </TASK>
[  362.763150][T10282] ERROR: Out of memory at tomoyo_realpath_from_path.
[  363.266348][T10290] netlink: 28 bytes leftover after parsing attributes in process `syz.2.897'.
[  364.084064][ T5850] Bluetooth: hci2: unexpected event 0x16 length: 440 > 6
[  364.698924][T10319] FAULT_INJECTION: forcing a failure.
[  364.698924][T10319] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  364.735946][T10319] CPU: 0 UID: 0 PID: 10319 Comm: syz.3.907 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  364.735993][T10319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  364.736012][T10319] Call Trace:
[  364.736022][T10319]  <TASK>
[  364.736034][T10319]  dump_stack_lvl+0x16c/0x1f0
[  364.736086][T10319]  should_fail_ex+0x512/0x640
[  364.736122][T10319]  _copy_to_iter+0x29f/0x16f0
[  364.736167][T10319]  ? kasan_quarantine_put+0x10a/0x240
[  364.736202][T10319]  ? __pfx__copy_to_iter+0x10/0x10
[  364.736235][T10319]  ? kfree+0x2b4/0x4d0
[  364.736257][T10319]  ? vmstat_stop+0x33/0x70
[  364.736307][T10319]  seq_read_iter+0xcf8/0x12c0
[  364.736377][T10319]  proc_reg_read_iter+0x220/0x310
[  364.736430][T10319]  vfs_read+0x8bf/0xc60
[  364.736594][T10319]  ? __pfx_vfs_read+0x10/0x10
[  364.736626][T10319]  ? find_held_lock+0x2b/0x80
[  364.736735][T10319]  __x64_sys_pread64+0x1eb/0x250
[  364.736773][T10319]  ? __pfx___x64_sys_pread64+0x10/0x10
[  364.736820][T10319]  do_syscall_64+0xcd/0x490
[  364.736872][T10319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.736903][T10319] RIP: 0033:0x7fc9a1b8eb69
[  364.736930][T10319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  364.736960][T10319] RSP: 002b:00007fc9a29e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  364.736990][T10319] RAX: ffffffffffffffda RBX: 00007fc9a1db5fa0 RCX: 00007fc9a1b8eb69
[  364.737009][T10319] RDX: 0000000100000001 RSI: 0000200000000040 RDI: 0000000000000003
[  364.737026][T10319] RBP: 00007fc9a29e5090 R08: 0000000000000000 R09: 0000000000000000
[  364.737043][T10319] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001
[  364.737060][T10319] R13: 0000000000000000 R14: 00007fc9a1db5fa0 R15: 00007ffd8b0dc9e8
[  364.737099][T10319]  </TASK>
[  366.286787][ T5850] Bluetooth: hci0: unexpected event 0x16 length: 440 > 6
[  367.267647][T10356] netlink: 28 bytes leftover after parsing attributes in process `syz.1.915'.
[  367.325361][T10356] veth0_macvtap: left promiscuous mode
[  368.227548][T10378] vivid-003: =================  START STATUS  =================
[  368.274142][T10378] vivid-003: Radio HW Seek Mode: Bounded
[  368.376459][T10378] vivid-003: Radio Programmable HW Seek: false
[  368.442988][T10378] vivid-003: RDS Rx I/O Mode: Block I/O
[  368.450436][T10378] vivid-003: Generate RBDS Instead of RDS: false
[  368.462292][T10378] vivid-003: RDS Reception: true
[  368.468242][T10378] vivid-003: RDS Program Type: 0 inactive
[  368.496061][T10378] vivid-003: RDS PS Name:  inactive
[  368.513166][T10378] vivid-003: RDS Radio Text:  inactive
[  368.526579][T10378] vivid-003: RDS Traffic Announcement: false inactive
[  368.536437][T10378] vivid-003: RDS Traffic Program: false inactive
[  368.543237][T10378] vivid-003: RDS Music: false inactive
[  368.549529][T10378] vivid-003: ==================  END STATUS  ==================
[  368.639595][T10386] FAULT_INJECTION: forcing a failure.
[  368.639595][T10386] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  368.654181][T10386] CPU: 0 UID: 0 PID: 10386 Comm: syz.1.921 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  368.654226][T10386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  368.654245][T10386] Call Trace:
[  368.654255][T10386]  <TASK>
[  368.654267][T10386]  dump_stack_lvl+0x16c/0x1f0
[  368.654319][T10386]  should_fail_ex+0x512/0x640
[  368.654355][T10386]  _copy_to_user+0x32/0xd0
[  368.654395][T10386]  simple_read_from_buffer+0xcb/0x170
[  368.654452][T10386]  proc_fail_nth_read+0x197/0x240
[  368.654485][T10386]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  368.654523][T10386]  ? rw_verify_area+0xcf/0x6c0
[  368.654553][T10386]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  368.654585][T10386]  vfs_read+0x1e4/0xc60
[  368.654623][T10386]  ? __pfx___mutex_lock+0x10/0x10
[  368.654673][T10386]  ? __pfx_vfs_read+0x10/0x10
[  368.654717][T10386]  ? __fget_files+0x20e/0x3c0
[  368.654762][T10386]  ksys_read+0x12a/0x250
[  368.654797][T10386]  ? __pfx_ksys_read+0x10/0x10
[  368.654838][T10386]  do_syscall_64+0xcd/0x490
[  368.654881][T10386]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.654913][T10386] RIP: 0033:0x7f9d8d38d57c
[  368.654939][T10386] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  368.654967][T10386] RSP: 002b:00007f9d8e1bb030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  368.654995][T10386] RAX: ffffffffffffffda RBX: 00007f9d8d5b5fa0 RCX: 00007f9d8d38d57c
[  368.655014][T10386] RDX: 000000000000000f RSI: 00007f9d8e1bb0a0 RDI: 0000000000000004
[  368.655032][T10386] RBP: 00007f9d8e1bb090 R08: 0000000000000000 R09: 0000000000000000
[  368.655049][T10386] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001
[  368.655066][T10386] R13: 0000000000000000 R14: 00007f9d8d5b5fa0 R15: 00007fffc3268b88
[  368.655120][T10386]  </TASK>
[  370.360851][T10404] sysfs_service_op_show: Client not running :-5:
[  371.591308][T10429] FAULT_INJECTION: forcing a failure.
[  371.591308][T10429] name failslab, interval 1, probability 0, space 0, times 0
[  371.606503][T10429] CPU: 1 UID: 0 PID: 10429 Comm: syz.0.935 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  371.606548][T10429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  371.606567][T10429] Call Trace:
[  371.606590][T10429]  <TASK>
[  371.606602][T10429]  dump_stack_lvl+0x16c/0x1f0
[  371.606654][T10429]  should_fail_ex+0x512/0x640
[  371.606684][T10429]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  371.606726][T10429]  should_failslab+0xc2/0x120
[  371.606766][T10429]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  371.606804][T10429]  ? security_file_alloc+0x34/0x2b0
[  371.606844][T10429]  security_file_alloc+0x34/0x2b0
[  371.606879][T10429]  init_file+0x93/0x4c0
[  371.606923][T10429]  alloc_empty_file+0x73/0x1e0
[  371.606971][T10429]  alloc_file_pseudo+0x13a/0x230
[  371.607017][T10429]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  371.607076][T10429]  __shmem_file_setup+0x1a3/0x330
[  371.607135][T10429]  shmem_zero_setup+0x93/0x1a0
[  371.607176][T10429]  __mmap_region+0x2081/0x27b0
[  371.607220][T10429]  ? __pfx___mmap_region+0x10/0x10
[  371.607255][T10429]  ? find_held_lock+0x2b/0x80
[  371.607295][T10429]  ? finish_task_switch.isra.0+0x221/0xc10
[  371.607329][T10429]  ? lockdep_hardirqs_on+0x7c/0x110
[  371.607375][T10429]  ? finish_task_switch.isra.0+0x221/0xc10
[  371.607411][T10429]  ? rcu_is_watching+0x12/0xc0
[  371.607443][T10429]  ? trace_sched_exit_tp+0xd1/0x120
[  371.607478][T10429]  ? __schedule+0x11a3/0x5df0
[  371.607599][T10429]  ? trace_cap_capable+0x18d/0x200
[  371.607661][T10429]  mmap_region+0x1ab/0x3f0
[  371.607697][T10429]  ? __get_unmapped_area+0x267/0x440
[  371.607748][T10429]  do_mmap+0xa3e/0x1210
[  371.607800][T10429]  ? __pfx_do_mmap+0x10/0x10
[  371.607847][T10429]  ? __pfx_down_write_killable+0x10/0x10
[  371.607909][T10429]  vm_mmap_pgoff+0x29e/0x470
[  371.607962][T10429]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  371.608016][T10429]  ? __x64_sys_futex+0x1e0/0x4c0
[  371.608055][T10429]  ? __x64_sys_futex+0x1e9/0x4c0
[  371.608102][T10429]  ksys_mmap_pgoff+0x7d/0x5c0
[  371.608145][T10429]  ? xfd_validate_state+0x61/0x180
[  371.608199][T10429]  __x64_sys_mmap+0x125/0x190
[  371.608256][T10429]  do_syscall_64+0xcd/0x490
[  371.608305][T10429]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.608335][T10429] RIP: 0033:0x7f7d9098eb69
[  371.608358][T10429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  371.608391][T10429] RSP: 002b:00007f7d8e7f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  371.608421][T10429] RAX: ffffffffffffffda RBX: 00007f7d90bb5fa0 RCX: 00007f7d9098eb69
[  371.608440][T10429] RDX: 00004000000000df RSI: 0000000000020007 RDI: 0000000000000000
[  371.608459][T10429] RBP: 00007f7d90a11df1 R08: 0000000000000401 R09: 0000000000008000
[  371.608479][T10429] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  371.608497][T10429] R13: 0000000000000000 R14: 00007f7d90bb5fa0 R15: 00007ffc69440998
[  371.608538][T10429]  </TASK>
[  372.038532][T10436] FAULT_INJECTION: forcing a failure.
[  372.038532][T10436] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  372.069757][T10436] CPU: 0 UID: 0 PID: 10436 Comm: syz.0.937 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  372.069802][T10436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  372.069821][T10436] Call Trace:
[  372.069831][T10436]  <TASK>
[  372.069843][T10436]  dump_stack_lvl+0x16c/0x1f0
[  372.069896][T10436]  should_fail_ex+0x512/0x640
[  372.069930][T10436]  _copy_to_user+0x32/0xd0
[  372.069966][T10436]  simple_read_from_buffer+0xcb/0x170
[  372.070022][T10436]  proc_fail_nth_read+0x197/0x240
[  372.070054][T10436]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  372.070088][T10436]  ? rw_verify_area+0xcf/0x6c0
[  372.070118][T10436]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  372.070151][T10436]  vfs_read+0x1e4/0xc60
[  372.070191][T10436]  ? __pfx_vfs_read+0x10/0x10
[  372.070240][T10436]  ? __pfx_lo_ioctl+0x10/0x10
[  372.070287][T10436]  ? blkdev_ioctl+0x110/0x6d0
[  372.070334][T10436]  ksys_read+0x12a/0x250
[  372.070367][T10436]  ? __pfx_ksys_read+0x10/0x10
[  372.070399][T10436]  ? __pfx_blkdev_ioctl+0x10/0x10
[  372.070450][T10436]  do_syscall_64+0xcd/0x490
[  372.070514][T10436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.070548][T10436] RIP: 0033:0x7f7d9098d57c
[  372.070574][T10436] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  372.070604][T10436] RSP: 002b:00007f7d8e7f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  372.070634][T10436] RAX: ffffffffffffffda RBX: 00007f7d90bb5fa0 RCX: 00007f7d9098d57c
[  372.070654][T10436] RDX: 000000000000000f RSI: 00007f7d8e7f60a0 RDI: 0000000000000002
[  372.070672][T10436] RBP: 00007f7d8e7f6090 R08: 0000000000000000 R09: 0000000000000000
[  372.070690][T10436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  372.070708][T10436] R13: 0000000000000000 R14: 00007f7d90bb5fa0 R15: 00007ffc69440998
[  372.070748][T10436]  </TASK>
[  372.829577][ T5850] Bluetooth: hci2: unexpected event 0x16 length: 440 > 6
[  374.249097][T10466] FAULT_INJECTION: forcing a failure.
[  374.249097][T10466] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  374.285403][T10466] CPU: 1 UID: 0 PID: 10466 Comm: syz.3.944 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  374.285451][T10466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  374.285470][T10466] Call Trace:
[  374.285482][T10466]  <TASK>
[  374.285494][T10466]  dump_stack_lvl+0x16c/0x1f0
[  374.285549][T10466]  should_fail_ex+0x512/0x640
[  374.285588][T10466]  _copy_from_user+0x2e/0xd0
[  374.285627][T10466]  move_addr_to_kernel+0x65/0x170
[  374.285668][T10466]  __copy_msghdr+0x386/0x470
[  374.285717][T10466]  copy_msghdr_from_user+0xc1/0x160
[  374.285765][T10466]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  374.285825][T10466]  ? __pfx_futex_wake_mark+0x10/0x10
[  374.285880][T10466]  ___sys_sendmsg+0xfe/0x1d0
[  374.285924][T10466]  ? futex_private_hash_put+0x176/0x300
[  374.285966][T10466]  ? __pfx____sys_sendmsg+0x10/0x10
[  374.286010][T10466]  ? __lock_acquire+0x622/0x1c90
[  374.286105][T10466]  __sys_sendmsg+0x16d/0x220
[  374.286154][T10466]  ? __pfx___sys_sendmsg+0x10/0x10
[  374.286202][T10466]  ? __x64_sys_futex+0x1e0/0x4c0
[  374.286269][T10466]  do_syscall_64+0xcd/0x490
[  374.286334][T10466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.286369][T10466] RIP: 0033:0x7fc9a1b8eb69
[  374.286395][T10466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  374.286428][T10466] RSP: 002b:00007fc9a29c4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  374.286461][T10466] RAX: ffffffffffffffda RBX: 00007fc9a1db6080 RCX: 00007fc9a1b8eb69
[  374.286482][T10466] RDX: 0000000000004050 RSI: 0000200000000100 RDI: 000000000000000a
[  374.286502][T10466] RBP: 00007fc9a1c11df1 R08: 0000000000000000 R09: 0000000000000000
[  374.286522][T10466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  374.286541][T10466] R13: 0000000000000000 R14: 00007fc9a1db6080 R15: 00007ffd8b0dc9e8
[  374.286584][T10466]  </TASK>
[  375.313338][ T5850] Bluetooth: hci2: unexpected event 0x16 length: 440 > 6
[  376.942359][T10516] netlink: 20 bytes leftover after parsing attributes in process `syz.0.957'.
[  379.699909][T10559] sd 0:0:1:0: PR command failed: 1026
[  379.769497][T10559] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  379.827208][T10559] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  389.549830][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  389.557288][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  394.868533][T10753] FAULT_INJECTION: forcing a failure.
[  394.868533][T10753] name failslab, interval 1, probability 0, space 0, times 0
[  394.966024][T10753] CPU: 1 UID: 0 PID: 10753 Comm: syz.2.1016 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  394.966060][T10753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  394.966075][T10753] Call Trace:
[  394.966082][T10753]  <TASK>
[  394.966091][T10753]  dump_stack_lvl+0x16c/0x1f0
[  394.966132][T10753]  should_fail_ex+0x512/0x640
[  394.966153][T10753]  ? fs_reclaim_acquire+0xae/0x150
[  394.966188][T10753]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  394.966216][T10753]  should_failslab+0xc2/0x120
[  394.966244][T10753]  __kmalloc_noprof+0xd2/0x510
[  394.966276][T10753]  tomoyo_realpath_from_path+0xc2/0x6e0
[  394.966306][T10753]  ? tomoyo_profile+0x47/0x60
[  394.966342][T10753]  tomoyo_path_number_perm+0x245/0x580
[  394.966363][T10753]  ? tomoyo_path_number_perm+0x237/0x580
[  394.966388][T10753]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  394.966412][T10753]  ? find_held_lock+0x2b/0x80
[  394.966459][T10753]  ? find_held_lock+0x2b/0x80
[  394.966478][T10753]  ? hook_file_ioctl_common+0x145/0x410
[  394.966521][T10753]  ? __fget_files+0x20e/0x3c0
[  394.966550][T10753]  security_file_ioctl+0x9b/0x240
[  394.966583][T10753]  __x64_sys_ioctl+0xb7/0x210
[  394.966622][T10753]  do_syscall_64+0xcd/0x490
[  394.966659][T10753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.966684][T10753] RIP: 0033:0x7fdaee38eb69
[  394.966704][T10753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  394.966727][T10753] RSP: 002b:00007fdaef290038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  394.966748][T10753] RAX: ffffffffffffffda RBX: 00007fdaee5b6080 RCX: 00007fdaee38eb69
[  394.966764][T10753] RDX: 0000000000000007 RSI: 0000000000005607 RDI: 0000000000000003
[  394.966778][T10753] RBP: 00007fdaef290090 R08: 0000000000000000 R09: 0000000000000000
[  394.966793][T10753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  394.966807][T10753] R13: 0000000000000000 R14: 00007fdaee5b6080 R15: 00007ffff9a66b18
[  394.966836][T10753]  </TASK>
[  394.966846][T10753] ERROR: Out of memory at tomoyo_realpath_from_path.
[  395.447830][T10759] 
[  395.450258][T10759] ======================================================
[  395.457306][T10759] WARNING: possible circular locking dependency detected
[  395.464957][T10759] 6.16.0-syzkaller-10499-g89748acdf226 #0 Not tainted
[  395.472278][T10759] ------------------------------------------------------
[  395.479560][T10759] syz.3.1019/10759 is trying to acquire lock:
[  395.485939][T10759] ffff88801c6ffa20 (&root->kernfs_iattr_rwsem){++++}-{4:4}, at: kernfs_iop_getattr+0x9c/0xf0
[  395.496975][T10759] 
[  395.496975][T10759] but task is already holding lock:
[  395.504463][T10759] ffff888025cbd8f8 (&q->q_usage_counter(io)#23){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  395.516936][T10759] 
[  395.516936][T10759] which lock already depends on the new lock.
[  395.516936][T10759] 
[  395.527467][T10759] 
[  395.527467][T10759] the existing dependency chain (in reverse order) is:
[  395.537661][T10759] 
[  395.537661][T10759] -> #2 (&q->q_usage_counter(io)#23){++++}-{0:0}:
[  395.546698][T10759]        blk_alloc_queue+0x619/0x760
[  395.552373][T10759]        blk_mq_alloc_queue+0x172/0x280
[  395.558274][T10759]        __blk_mq_alloc_disk+0x29/0x120
[  395.564299][T10759]        loop_add+0x490/0xb70
[  395.569344][T10759]        loop_init+0x164/0x270
[  395.574476][T10759]        do_one_initcall+0x120/0x6e0
[  395.580253][T10759]        kernel_init_freeable+0x5c2/0x900
[  395.586333][T10759]        kernel_init+0x1c/0x2b0
[  395.591427][T10759]        ret_from_fork+0x5d7/0x6f0
[  395.597146][T10759]        ret_from_fork_asm+0x1a/0x30
[  395.603464][T10759] 
[  395.603464][T10759] -> #1 (fs_reclaim){+.+.}-{0:0}:
[  395.611175][T10759]        fs_reclaim_acquire+0x102/0x150
[  395.617117][T10759]        kmem_cache_alloc_noprof+0x53/0x3b0
[  395.623223][T10759]        __kernfs_iattrs+0x124/0x3e0
[  395.628983][T10759]        __kernfs_setattr+0x4d/0x3c0
[  395.635911][T10759]        kernfs_iop_setattr+0xda/0x120
[  395.642176][T10759]        notify_change+0x6a6/0x1230
[  395.647752][T10759]        do_truncate+0x1d7/0x230
[  395.652844][T10759]        path_openat+0x2678/0x2cb0
[  395.658281][T10759]        do_filp_open+0x20b/0x470
[  395.663601][T10759]        do_sys_openat2+0x11b/0x1d0
[  395.669503][T10759]        __x64_sys_openat+0x174/0x210
[  395.675566][T10759]        do_syscall_64+0xcd/0x490
[  395.681156][T10759]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.688313][T10759] 
[  395.688313][T10759] -> #0 (&root->kernfs_iattr_rwsem){++++}-{4:4}:
[  395.698233][T10759]        __lock_acquire+0x126f/0x1c90
[  395.704189][T10759]        lock_acquire+0x179/0x350
[  395.710412][T10759]        down_read+0x9b/0x480
[  395.716536][T10759]        kernfs_iop_getattr+0x9c/0xf0
[  395.722762][T10759]        vfs_getattr_nosec+0x2a9/0x430
[  395.729848][T10759]        vfs_getattr+0x4a/0x60
[  395.734873][T10759]        loop_query_min_dio_size.isra.0+0x117/0x250
[  395.742355][T10759]        lo_ioctl+0x179b/0x20b0
[  395.747444][T10759]        blkdev_ioctl+0x277/0x6d0
[  395.752727][T10759]        __x64_sys_ioctl+0x18b/0x210
[  395.758467][T10759]        do_syscall_64+0xcd/0x490
[  395.763702][T10759]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.771064][T10759] 
[  395.771064][T10759] other info that might help us debug this:
[  395.771064][T10759] 
[  395.783076][T10759] Chain exists of:
[  395.783076][T10759]   &root->kernfs_iattr_rwsem --> fs_reclaim --> &q->q_usage_counter(io)#23
[  395.783076][T10759] 
[  395.799452][T10759]  Possible unsafe locking scenario:
[  395.799452][T10759] 
[  395.807762][T10759]        CPU0                    CPU1
[  395.813717][T10759]        ----                    ----
[  395.819583][T10759]   lock(&q->q_usage_counter(io)#23);
[  395.825317][T10759]                                lock(fs_reclaim);
[  395.832366][T10759]                                lock(&q->q_usage_counter(io)#23);
[  395.841438][T10759]   rlock(&root->kernfs_iattr_rwsem);
[  395.847842][T10759] 
[  395.847842][T10759]  *** DEADLOCK ***
[  395.847842][T10759] 
[  395.856238][T10759] 3 locks held by syz.3.1019/10759:
[  395.862762][T10759]  #0: ffff888025db6400 (&lo->lo_mutex){+.+.}-{4:4}, at: loop_global_lock_killable+0x30/0xb0
[  395.874002][T10759]  #1: ffff888025cbd8f8 (&q->q_usage_counter(io)#23){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  395.888798][T10759]  #2: ffff888025cbd930 (&q->q_usage_counter(queue)#21){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  395.904469][T10759] 
[  395.904469][T10759] stack backtrace:
[  395.910955][T10759] CPU: 1 UID: 0 PID: 10759 Comm: syz.3.1019 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) 
[  395.911001][T10759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  395.911019][T10759] Call Trace:
[  395.911031][T10759]  <TASK>
[  395.911042][T10759]  dump_stack_lvl+0x116/0x1f0
[  395.911088][T10759]  print_circular_bug+0x275/0x350
[  395.911124][T10759]  check_noncircular+0x14c/0x170
[  395.911162][T10759]  __lock_acquire+0x126f/0x1c90
[  395.911202][T10759]  lock_acquire+0x179/0x350
[  395.911323][T10759]  ? kernfs_iop_getattr+0x9c/0xf0
[  395.911354][T10759]  ? __pfx___might_resched+0x10/0x10
[  395.911384][T10759]  down_read+0x9b/0x480
[  395.911406][T10759]  ? kernfs_iop_getattr+0x9c/0xf0
[  395.911434][T10759]  ? find_held_lock+0x2b/0x80
[  395.911459][T10759]  ? __pfx_down_read+0x10/0x10
[  395.911482][T10759]  ? kernfs_root+0xee/0x2a0
[  395.911513][T10759]  kernfs_iop_getattr+0x9c/0xf0
[  395.911543][T10759]  vfs_getattr_nosec+0x2a9/0x430
[  395.911579][T10759]  ? __pfx_kernfs_iop_getattr+0x10/0x10
[  395.911611][T10759]  vfs_getattr+0x4a/0x60
[  395.911646][T10759]  loop_query_min_dio_size.isra.0+0x117/0x250
[  395.911683][T10759]  ? __pfx_loop_query_min_dio_size.isra.0+0x10/0x10
[  395.911719][T10759]  ? mark_held_locks+0x49/0x80
[  395.911764][T10759]  ? blk_freeze_queue_start+0xec/0x140
[  395.911802][T10759]  lo_ioctl+0x179b/0x20b0
[  395.911841][T10759]  ? __pfx_lo_ioctl+0x10/0x10
[  395.911876][T10759]  ? kasan_quarantine_put+0x10a/0x240
[  395.911905][T10759]  ? lockdep_hardirqs_on+0x7c/0x110
[  395.911945][T10759]  ? blk_get_meta_cap+0x482/0x700
[  395.911981][T10759]  ? __pfx_blk_get_meta_cap+0x10/0x10
[  395.912022][T10759]  ? blkdev_common_ioctl+0x1d6/0x2470
[  395.912058][T10759]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  395.912084][T10759]  ? futex_wake+0x1ad/0x530
[  395.912123][T10759]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  395.912162][T10759]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  395.912203][T10759]  ? do_vfs_ioctl+0x128/0x14f0
[  395.912253][T10759]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  395.912300][T10759]  ? __pfx_lo_ioctl+0x10/0x10
[  395.912335][T10759]  blkdev_ioctl+0x277/0x6d0
[  395.912370][T10759]  ? __pfx_blkdev_ioctl+0x10/0x10
[  395.912406][T10759]  ? __pfx_blkdev_ioctl+0x10/0x10
[  395.912442][T10759]  __x64_sys_ioctl+0x18b/0x210
[  395.912492][T10759]  do_syscall_64+0xcd/0x490
[  395.912534][T10759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.912565][T10759] RIP: 0033:0x7fc9a1b8eb69
[  395.912590][T10759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  395.912616][T10759] RSP: 002b:00007fc9a29e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  395.912643][T10759] RAX: ffffffffffffffda RBX: 00007fc9a1db5fa0 RCX: 00007fc9a1b8eb69
[  395.912661][T10759] RDX: 0000000000000000 RSI: 0000000000004c06 RDI: 0000000000000001
[  395.912677][T10759] RBP: 00007fc9a1c11df1 R08: 0000000000000000 R09: 0000000000000000
[  395.912693][T10759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  395.912710][T10759] R13: 0000000000000000 R14: 00007fc9a1db5fa0 R15: 00007ffd8b0dc9e8
[  395.912735][T10759]  </TASK>
[  396.939688][T10761] sd 0:0:1:0: PR command failed: 1026
[  396.949642][T10761] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  396.973433][T10761] sd 0:0:1:0: Add. Sense: Invalid command operation code