last executing test programs:

49.454842695s ago: executing program 0 (id=1298):
msgget$auto(0x0, 0x5)
msgsnd$auto(0x5, &(0x7f0000000040)={0x7}, 0x80000000, 0xffffffff)

49.278595528s ago: executing program 0 (id=1300):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb0, 0x8, 0x6)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv6/conf/default/ioam6_id_wide\x00', 0x40100, 0x0)
ioctl$auto_FIFREEZE(r0, 0xc0045878, 0xd)
read$auto(r0, 0x0, 0x1ff)
write$auto(0x3, 0x0, 0xfdef)
mmap$auto(0x0, 0x20007, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000)
socket(0xa, 0x2, 0x0)
setsockopt$auto(0x400000000000003, 0x29, 0x15, 0x0, 0x56b)

48.888693952s ago: executing program 0 (id=1302):
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x34d802, 0x0) (async)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) (async)
r1 = socketcall$auto(0x8000, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x8bd04ae6c08103fe, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto(0x3, 0xae41, r0) (async)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto(0x3, 0xae41, r3)

48.526125863s ago: executing program 0 (id=1305):
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x802, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
socket(0xa, 0x1, 0x100)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xe2, 0x9b7e, 0x2, 0x8000)
read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x4d)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, 0x0)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000180)=ANY=[@ANYBLOB="00000000000000be0000004a9ca734c8bb6206decaf0f46637ba08c6d5cf000010b3025e609a68a4bc840ff85cdffbe421d40d2b8b030e23327e628a8c0f85d608515fdcdc4cad2e11", @ANYRES16=r1, @ANYBLOB="01002dbd7000fcdbdf257e000009"], 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r3 = gettid()
process_vm_writev$auto(r3, 0x0, 0x3, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x4, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/card1/oss_mixer\x00', 0x2802, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)

46.718568603s ago: executing program 0 (id=1309):
sendmsg$auto_SMC_NETLINK_REMOVE_UEID(0xffffffffffffffff, 0x0, 0x20000000)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x40, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x1, 0x0)
ioctl$auto_SNDCTL_DSP_GETODELAY(r2, 0x80045017, &(0x7f0000000c00))
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8001)
r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x20800, 0x0)
ioctl$auto(r3, 0xb21064d1, 0x20000a)
mmap$auto(0x0, 0x400008, 0x6, 0x9b72, 0x2, 0x40000008000)
sendmsg$auto_NBD_CMD_DISCONNECT(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4)
mmap$auto(0x4, 0x4020009, 0xdf, 0xeb1, r0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0xa, 0x2, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socket(0xa, 0x801, 0x84)
socket(0xa, 0x2, 0x3a)

44.304867167s ago: executing program 0 (id=1314):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2000a, 0xe6, 0xeb1, 0xffffffffffffffff, 0x8000) (async)
mmap$auto(0x6, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) (async)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vhci_hcd.2/usb14/power/wakeup\x00', 0x8002, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
move_pages$auto(0x0, 0x2000000000001, 0x0, 0x0, 0x0, 0x8000400000000000) (async)
ioctl$auto(0x3, 0x400454ca, 0x38) (async)
write$auto(0x3, 0x0, 0x3)
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080))
getdents$auto(r0, 0x0, 0xc08)
write$auto(0x3, 0x0, 0x5c8) (async)
sysfs$auto(0x2, 0x1a, 0x0) (async)
fsopen$auto(0x0, 0x1) (async)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) (async)
ioctl$auto(0x3, 0x4020565a, 0x38) (async)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder0\x00', 0x800, 0x0) (async)
socket(0xa, 0x1, 0x100) (async)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) (async)
socket(0x1e, 0x1, 0x0) (async)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x101, 0x0)
r2 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x10303f, 0x0)
ioctl$auto_SNAPSHOT_ATOMIC_RESTORE(r2, 0x3304, 0x0) (async)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x2, 0x3, 0x3739aae3, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) (async)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async)
ioctl$auto_SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000340)="1fcf69db3b6da963a5bb04e22eaa0157d0eb9a5c9fb63fe96d678914dd9e12523a7114eb42ab786d53ab535a8df679c7ce4eeae1cbbfe08cc736f6e42edad67c1a7ce7083bdd79258ff632361dd3d8d9e9825b62ffff81afd60ea5a13f7e206087f91967f41f9ccdc0f81fcc1f0fa7e65234010720fddd94bc9d8aead1efde0e935faa6cb4a64ce16d2cf3939569673d0bd68ab2d03160") (async)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x1ff, 0xd, 0x1, 0x948f, 0x1, 0x15f4da0a, 0x1, 0xffffffffd09d8d67, 0x200, 0x80000023, 0x7, 0x6d3b, 0x2a, 0x2, 0xfffffffffffffffe]}, 0x0) (async)
close_range$auto(0x2, 0xa, 0x0) (async)
socket(0x2, 0x80002, 0x73)

29.136063346s ago: executing program 32 (id=1314):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2000a, 0xe6, 0xeb1, 0xffffffffffffffff, 0x8000) (async)
mmap$auto(0x6, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) (async)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vhci_hcd.2/usb14/power/wakeup\x00', 0x8002, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
move_pages$auto(0x0, 0x2000000000001, 0x0, 0x0, 0x0, 0x8000400000000000) (async)
ioctl$auto(0x3, 0x400454ca, 0x38) (async)
write$auto(0x3, 0x0, 0x3)
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080))
getdents$auto(r0, 0x0, 0xc08)
write$auto(0x3, 0x0, 0x5c8) (async)
sysfs$auto(0x2, 0x1a, 0x0) (async)
fsopen$auto(0x0, 0x1) (async)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) (async)
ioctl$auto(0x3, 0x4020565a, 0x38) (async)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder0\x00', 0x800, 0x0) (async)
socket(0xa, 0x1, 0x100) (async)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) (async)
socket(0x1e, 0x1, 0x0) (async)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x101, 0x0)
r2 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x10303f, 0x0)
ioctl$auto_SNAPSHOT_ATOMIC_RESTORE(r2, 0x3304, 0x0) (async)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x2, 0x3, 0x3739aae3, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) (async)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async)
ioctl$auto_SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000340)="1fcf69db3b6da963a5bb04e22eaa0157d0eb9a5c9fb63fe96d678914dd9e12523a7114eb42ab786d53ab535a8df679c7ce4eeae1cbbfe08cc736f6e42edad67c1a7ce7083bdd79258ff632361dd3d8d9e9825b62ffff81afd60ea5a13f7e206087f91967f41f9ccdc0f81fcc1f0fa7e65234010720fddd94bc9d8aead1efde0e935faa6cb4a64ce16d2cf3939569673d0bd68ab2d03160") (async)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x1ff, 0xd, 0x1, 0x948f, 0x1, 0x15f4da0a, 0x1, 0xffffffffd09d8d67, 0x200, 0x80000023, 0x7, 0x6d3b, 0x2a, 0x2, 0xfffffffffffffffe]}, 0x0) (async)
close_range$auto(0x2, 0xa, 0x0) (async)
socket(0x2, 0x80002, 0x73)

9.418213332s ago: executing program 1 (id=1409):
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0) (async)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC1\x00', 0x101082, 0x0)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
ioctl$auto(r0, 0xc0045543, 0xffffffffffffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) (async)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) (async)
memfd_create$auto(0x0, 0xe)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000001180)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0)
write$auto(0x3, 0x0, 0xfdf3) (async)
pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x5) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x2, 0x1, 0x0) (async)
pwrite64$auto(0x2, 0x0, 0x0, 0x5)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/ifb0/flags\x00', 0xb02, 0x0)
sendfile$auto(r2, r2, 0x0, 0x3) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NFSD_CMD_LISTENER_SET(0xffffffffffffffff, 0x0, 0x4000) (async)
mbind$auto(0x6, 0x4, 0x0, &(0x7f00000000c0)=0x2000000000000, 0xd3, 0x4)
sendmsg$auto_NFSD_CMD_LISTENER_GET(r1, 0x0, 0x24000005)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r3 = openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x103700, 0x0)
bind$auto(r3, &(0x7f0000000040)=@tipc=@id={0x1e, 0x3, 0x1, {0x4e23, 0x4}}, 0x16e) (async)
socketpair$auto(0xffff, 0xa, 0x5, &(0x7f0000000080)=0xd1ff) (async)
unshare$auto(0x40000080) (async)
sendto$auto(0x3, 0x0, 0x100000000, 0x8, 0x0, 0x1c)

8.89227834s ago: executing program 3 (id=1412):
mmap$auto(0x0, 0xa0009, 0xf, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cec27\x00', 0x80200, 0x0)
ioctl$auto_CEC_S_MODE(r0, 0x40046109, &(0x7f0000000040)=0x31)
r1 = socket(0x200000000000011, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/netfilter/nf_log/3\x00', 0xa2202, 0x0)
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000)
mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x8)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file0\x00', 0x840, 0xc)
socket(0x1d, 0x2, 0x6)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd11\x00', 0x104500, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_setup$auto(0x7, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0)
socket(0x10, 0x2, 0x0)
io_uring_setup$auto(0x4, 0x0)
openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/events/vmalloc/free_vmap_area_noflush/enable\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f00000001c0), 0x109500, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x60c40, 0x0)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
socketpair$auto(0x4004, 0x7, 0x4, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0)
ioctl$auto_TCFLSH2(r2, 0x5408, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x89b0, &(0x7f0000000140)={'bond0\x00'})
fchdir$auto(r1)

8.24233534s ago: executing program 3 (id=1413):
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyya\x00', 0x121540, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4)
lstat$auto(&(0x7f0000000200)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0)
ioctl$auto(0x3, 0x5420, 0x38)
mmap$auto(0x0, 0x40, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x104, 0x6, 0x3}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}})
openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
socketpair$auto(0x4, 0x3, 0xb, 0x0)
r0 = openat$auto_deferred_devs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x101080, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x8011, 0xfffffffffffffffa, 0x8000)
r1 = epoll_create$auto(0x3e)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000001c0)=""/6, 0x6)
mmap$auto(0xfffffffffffffffe, 0x99, 0xdf, 0x200000000000eb2, r1, 0x8004)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0)
read$auto(r2, 0x0, 0x7)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x982, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r4 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, 0x0, 0x12100, 0x0)
read$auto_def_blk_fops_fs(r4, 0x0, 0x0)
fstatfs$auto(r3, &(0x7f0000000240)={0x1, 0x401, 0x72, 0x7fffffff, 0x4, 0x8000, 0x1, {[0x3, 0x3]}, 0xc2, 0xb23, 0x1eda, [0x10, 0x7, 0x100, 0xc]})
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/vhci_hcd.6/usb22/22-0:1.0/usb22-port3/disable\x00', 0x581002, 0x0)
writev$auto(r5, &(0x7f0000000200)={0x0, 0x3}, 0x3)
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
fsopen$auto(0x0, 0xfffffffc)

7.701936475s ago: executing program 3 (id=1416):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) (async)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7ffc)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x4)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r2 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtd0\x00', 0x48002, 0x0)
ioctl$auto_OTPLOCK(r2, 0x800c4d10, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/firmware/memmap/5/end\x00', 0x1c1540, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000640)=""/224, 0xe0)
madvise$auto(0xfff, 0x2003f0, 0x15)
madvise$auto(0x0, 0x200007, 0x19)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x14, 0x1, 0x8000)
r4 = open(&(0x7f0000000040)='./file0\x00', 0x9aa43, 0x154)
fcntl$auto(r4, 0x400, 0x1) (async)
fcntl$auto(r4, 0x400, 0x1)
unlink$auto(&(0x7f0000000380)='./file0\x00')
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
close_range$auto(r1, 0x8000, 0x37)
socket(0x2, 0x1, 0x0) (async)
socket(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r6) (async)
ioctl$auto(0x3, 0xae41, r6)
ioctl$auto_KVM_CREATE_VM(r5, 0x4018aee1, 0x0) (async)
ioctl$auto_KVM_CREATE_VM(r5, 0x4018aee1, 0x0)

7.312242344s ago: executing program 1 (id=1419):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff)
mmap$auto(0x2, 0xaa06, 0xdf, 0xeb1, 0xffffffffffffffff, 0x2)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0xfffffffffffffffe, 0x810004, 0x7ff, 0x8000000008011, r1, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
close_range$auto(0x2, 0x8, 0x0)
r2 = ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xffffffffffdffe00, &(0x7f0000000140)=';')
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), r2)
msgctl$auto_MSG_INFO(0x9, 0xc, &(0x7f0000000240)={{0x80000000, <r3=>0xee00, 0xee01, 0x9, 0x49, 0x7, 0x4}, &(0x7f00000001c0)=0x65, &(0x7f0000000200)=0xd5, 0x7, 0x3, 0x400, 0x800000000000, 0x1000, 0x598, 0x9, 0x3, @raw=0x800, @raw=0xd31a})
sendmsg$auto_TIPC_NL_NET_SET(r2, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB='4\n', @ANYRES32=r3, @ANYBLOB="0c00050001000000000000003a01e8800400a7800400848004000e8054f00542ad6c2cf5e84ae49f37ae9497dfdcac4bb3794554e6b0fe985363f12e7bb32a2e133f731ce1857fcc40d96cea58a6a04f972c725fe717d3f872757c54c74a52279a48a926646c036098d091750125fd48d0cfbba1a4b31cc7cc4c62bb1067f8f3047d31f6232b98d13b4cf4e5808fa74c34942294d7fcd228a4ed4baf98a49b0f10dd34d505eceb8ff022aa61f36d7e3f9f5108ecfa08d3d579279c466c77060dddf465986eef23baaff0e4d85e79f7cbb22f9cdb765233b2d756a04902b5ec2f11c2aea953c24eeba983e495aa4ad855234e5d7cd871ec926e32099bb95b23d804001480713c7d0400b88004006f8057b1f7c59016165998eecc397e8f9df68b2f1d444c5bc63659079973a063b935bf61fd4f2b3966ef094d21624578", @ANYRES32=r0, @ANYBLOB="4f00de085ed5146f720110b677a9cf7631e17aaf607cb887ab41b3885e2a46e1d0aa0823c6bb94ac86085eb5a9afdc06a4fd7a7049e04bd507c19d7812896614378bed3b6888ff90a0eeab47cb2fddcc6e6379276ef2cc305ff1d0c03383018eb734fb638b6316c14de360da9d368108", @ANYRES32=0x0, @ANYBLOB="04000e8004003200080045800400a480007a00000065d5e3f84b2c377fba48fd4ec8d6be71c247bf49127b0677d00ccdb16acd03de307d4c8b28ddaeb4693142c759598b21c91128d71aa755f293056d2c2b4193f621281c5715c6b892a28e606b416562fc9c8e0bbf16f0507634d034fc8645f9822cf4fd96c1840915f70aa21df3afa24c59f0a047"], 0xa34}, 0x1, 0x0, 0x0, 0x10}, 0x4000080)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x42c883, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x4000c, 0xdf, 0x9b72, r0, 0x0)
prctl$auto(0x1000000003b, 0x4, 0x0, 0x9, 0x7)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
r5 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs1\x00', 0x48080, 0x0)
fcntl$auto(0x3, 0x4, 0xa553)
close_range$auto(0x2, 0x8, 0x0)
write$auto(r5, &(0x7f0000000040)='nbd\x00', 0x4)
setresuid$auto(0x2, 0x7, 0x8080)
ioprio_get$auto(0x3, 0x2)

5.67905896s ago: executing program 1 (id=1422):
futex_wait$auto(0x0, 0x169, 0x1, 0x2, &(0x7f0000000040)={0x9, 0x10000000001}, 0x1) (async, rerun: 64)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/platform/dummy_hcd.5/usb6/ep_00/bInterval\x00', 0x101400, 0x0) (rerun: 64)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001080)=""/4096, 0x1000)

5.314260207s ago: executing program 1 (id=1425):
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0x100040)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000040))
fcntl$auto(r1, 0x402, 0x2)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0x22240, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
r2 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r2, 0x84, 0x8, 0x0, 0x0)

5.016329331s ago: executing program 4 (id=1426):
r0 = socket(0x2b, 0x1, 0x1)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x48014}, 0x20040000) (async, rerun: 64)
r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) (rerun: 64)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, 0x0) (async, rerun: 32)
unshare$auto(0x40000080) (rerun: 32)
socket(0x1e, 0x1, 0x0) (async)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) (async, rerun: 32)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async, rerun: 32)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r3, &(0x7f0000006940)={0x0, 0x0, &(0x7f0000006900)={&(0x7f0000006980)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010029bd7000ffdbdf250300000038121c8084100580801000802400048008000200070000000c00030005000000000000000400050004000500040005004700010015498343c724307734086992dc1e25a2a9103e4bf48686438120218fc18eb8d92081607cef938d982b98b2ffabb3d4697d0e992a1ea9d3b471e918ae07e413f97503f800040004800800048004000500041001001fb5becd41368ab779a0b29218e67556fc4604877ebfcbd398c11fb77c35a8bf6e74ddc9b04a9138098aecf779ea7e3d541edf3023425cada97c0dc587c6fa47716dd359907f0a162a0b886614c1a7e9546da002cc83e2ed566b0379129f985c460fbbf435e700a4b5580b8a56632571928f8f21f4d11364a0ef75b476ff3956f1c7da142f79c10a4876ffcc63f2d86a0e69b888fc4f296dee02ad8557cdbfb9f0235a183eca304867b40759629cbc72b1502c43b99766ba6d68b0c0ab3c3f028eac0d0571801e5df2a1d739c243a58bf16cfb3859743e905b7ba869f46438f8ae3034bf72d5e80c5484943de2b70c62ef38e5219cc8006f282faca545419374470f9a70397a1f81bc4623e08269594bbebf9b08b81b87ccaebf876dcaf1fa4562e3163b353cb8ff91dba36cfd929ec300388d9224fe45abcc42e157398da0642301b14d590dd9a490eeb4555c64ae48caedffd84b246834f69dfa63f173ce93ba2775a6f4aba2492fe9d62fcae89dab6719935a28c2d614d93e984df4b3a292e0e5d6754a30e52d52b951092a4df3b6abb5c8b74740d551a77c41d02f0ea667e8acb61eac844c20151dac7c08ae95aed291d11cd81365501d3fb0120e11566f94afe38fb008e05536f93364d00a43b8f486bd9aeed50d5a38947982f5f700f06aa7d6783f30abda22a3c9948a274bfae36f6a66c3229520089d65cbddde93a28dd2a72e93bc6c0d9b98f49c9d771f73b1d4dcb6c06829b15422f0c596401ba563a88ded070e2a05a79c8070085502fb3ca34fc767ff2d3b490bb9a6abc3019eefaa4bd9f345f6b94d597166754c5f95140dc5fa9ce51a7cc3257885d074c7cdfd88bb400fd6dbe2d4a830134967cacad9beaff366bf7e3b0a4fa0526473a70c1f44e343a5b9fadf9fc536113772f0f7b0bf16f9b7a7dd8eaa5f7fd9cf259565247f0e58375156005c30e25691d7f8fbd489af83a18f71a38b1996be1ca10bdcbe8d850603d9b81ba828c907753483e9ff23d1d861c36d8045acadaa640a61357fcf9aed13afdf56d13861dd74ce620e592230d3c8699e9adccf2920614ae13c1e3e88a830f36bfcd40ff7c767995044f2ba1661c5f977d9754c58a0d9dd7aad1fbfd94d36dfc61c532c5cb3093ccc0c125ee0e762469f8680500675d4404db12b7062c19c4f0c81c0de489b5eb725f1d7d4cbe7a1f4b51fe8faffb6a709c0a7a4ae7efe75bc66d6c2e705fbee29c0858d9891735c97a28aa15c16fa0444ac2caeeffae42f1fbf0f17adbc9ee40236a844add60741eb64c722811c6f9fd7d614f9620d6f07914b6e7d5eb5dc3d7d6d5f5323575a7c9f864d9d5793d4ca606ab3234930a32e44d8a08d624861a6b94c72f551e7adc8daee91594175bdba18c663ced5991c0846f1c03a96b5d8f858c10dea4886e12ee90186d2130891eb1b354abb1040dd571589b4b7884b31cff7f8b3cdef5a61bc9644883c852106d9be09e5f4d649c669a64fadd3a9b129ab1c956e33dd5ac7224439feb0ccae51aa092c36b4e8d720170d20c22a49e5919d203b312096d625e4316f141f26a9257af159b3c47e025fa40d0150b7dd969d2ec67c727b81653f679f6ebbf8b3ad9c3b0acf232d1b869982879c4a2722cc1e4f0740e9d0feb661e45c5b081ad0546761e6a025529086ca4d38a4b22193e792bbfe6ceb22be5ca954210d0f93f5e38550054b6ae80e64673158815af6cd6adc3b942b4371d33d9662ac80e3ef2eb4acd44ec66cb6d8948d67c3ba8e578f52ac30ab107723e5ce51c4e6d59b20ba7085fd8dbde58cf9a0bd3385e95db6b56a9a68e3160ad36a93e26dc8b915cd4e4767d3dbd3b74052f55e3a74b1edb1068c973a5ca70809c6aeab8ad627955a815315330c51153dcdcb6e77029b0a3712a9231f0c188659e5bb9f89b6a8fd91536a47db7e5d596fa93f0719502e442417ee11bfcb364c6ddadfc8581ce7779d107d6f7aa8739c3254ce9b1e2dbbc1e75566b6d80817e1820e02e8df220e1c9b2d98a15e9db86c5a32bf52b0f1de1be7636cb21e87d777fa1e7828be02578cac204a8e9c7ca6119aa0bdd165bbf7d0f799f0d2ae118bd9037982c1fed3e223b60cc86f21e8c1d9336cb76cb521bc9791abcd99af0bf70a198de0d678cc8bdc0f74fef28407bf09d93054d5e20f5452fad596ae036bec1109e4541d5cb9d287b5498934fad3963a53030dc2264668467716afee211f4dc8082800be3829050b2e26c447b001c076dda2e2b7f17c96612b0f594b6ef5193c5dc3affa5778896e1e40a3953e5557d39799c312b4126a6086dd85393ed3322a48ca0afb9e5dd96ac9461dc7cfc8b02a23b7a1486ea8c9bb204e39298b1017a67a8c1cf1e0582c6b8d95a611c0053eccc9592e1af600e4386680be35c29acfd9033058a4842006fe429188e6a4783a9bf5fd7d1c36c0530f6a42be785419ef2192ffe02470d376f084a4352cdc7e34b9f4891304499b1e0946832b187762d191d7e9cd9cc9112ad768e5132f804f304a9ba0572d0e1c7eac6ff606baf0f0f2e1c836d9a9f7f01fe748dd5ae7b34ed6d51f6e4c8575de14c8552026c4c82516080d919a706fa62958742cc2843ce88c04a19cb66781f2b75d9a81d3f4f2c078e35bacf3a69dc717b61c9c9557d82bdaa636fe80e37f41d63f2388da0b79555f2b3d2b7b30db6d2837aecd455814118a737d3d2845704f4b8a7156dd582477d0b9f0d2622b1f963d243c73646d35dd25547446fa94f47b63637e37b9c61ed88c97b185f9b8d09ffd768cd1c79ab31ff33e82423872f4b2642a1530a248b1dac5a776d5c5d6381e38f01fe8b23921c7b52175619bfe522c945e45ea5a0d35f35fb7c7f772f32657b8b936de258ab52fcf2bc4973c7d8da82d113bd59831b658c62b6913c9162f66a92bcdba85a33796028c8285083f65eec0168039af09f83e27d94fa22f4a595702cbd51d8f48ad8aff4a74c5fd50922b3eba0341c6718f34f3a59181722e330ccfc7d1997357fbb1c95213b082d6b6f119118bb24a98c2c53de48b8b1bdd9c51c88c89acbcd4de108fb32f4beda27743b4a04e5ebc677862da939c7dfc616e765b79b1359d8e5ae4eeae5cd38954a7b6f8693496bfd2624f1a83182440510d7de981a321ccf81b75ab23317598adcb3bff8454110a056ee64a3b088c3ed6d0cd1d2e7033f872106205e95f171e347f02d9583f59113e49386e30ad92537b577e9822f3ecfc1b1374bf2911f61168f30b8f1e3af513e8248409d25c1d3bc09e93a66fa2c4bb3caaf1f4bc28e730ffd78375136e8c32d9bc26b8958c62aa7912dcdf44bbb6668c872df81c6362a679e57860484f003506ab7e1bd7344261c761bc03a7a0167047c1c07e8e46e9af814ab2b93fbdd8536448ee939188ed5a79c6d5d962efe69afde6999a5d52d71090bcb11a1eacb07185f9f5199d44c9bb5c48a09b28cc10e3f84f04677c3052e57d5426d3f5fa852a8f4ed3c8495a4f79261bbf6d1405c9ee97fe3df651819907bf93e4bd0c0a7d2d454e7ba0e84eada5731bf373ae529a6a1f17f959c77931d2ae261b588e844e8c1deae11cf6bbc1433ecabd2715cca3c7471b6f8de376a72647f7bbe11659adb21af39f0b71ae0aaee207f1811cef018fc70717c38b14948f307302bebca0450c6d1670996a92eebe691e0f7395fc20c554a171472df72761fca5a73a242f15c39b7fe6e4c013d655cdd09e319727758beb367aaadf6e70bfef6f8fce3e7c3848279f88ebe8a10f00dfe8f4dd87f9437b8bfa4b7b1517902cc06887ec5a9b9eef923c0e72e9ff82226ae8bf7cef3b3cf91e0ff8408e62421a4d88875b9f6a9382722d42aaf8fea280198a23eda48f6ddc26411825dbfadd25301735d1f9c74f61b15d3b2181dc9d77a4115c7047b9c6520b55dd2fcf343c4f1cb7cf93c10c0e01e282f28cf54575924024819409c322dce701d88f78c94416ebf4c2275bac8c75299636f3a507b7f933c5e13d853725a5ce8f9ec33de647b87a1d0775d62dfa07fead5253cc18526b5ffd90312ff098b81dd01c59f882b0223e6cf768b2ee0d5e0e8d10a2f5c04aa3b97a3dc92e102b30d60f3f0ff5b6253e49d960bc6b8d3a5daf6f3f4c06fcaa315e8315fe71023875f318934414cfd10fd7625e084b132b1c37b1b3e10777c10a3f9c47cca710012a77bf342bd64ba5fb08e24908cbf07143a49c2acf74d0c4097b0a8c2efcb6dbda4433acd0f1e2ad24cbcb4462aa7ce3d12514d4aaaec95457ec06f197c0df614d484af7987458ed2e33552b7a1cf72a4c4b016e7a7399ef9998bd52f860d2ef0751e7e96ebc472af3e666f7778f8eedb12bbac921eac8436b31ab61d72c259a2473678d88743f0f768c1782ee4702646bf349308712ea8cbad36d90b5c770971a1ff70719cdfdeb01927a561fb67d7cb6a2feec1215bac6eeedfb930d3556b5547a7e1af3199de6929a745c5323dbc34624761bb1beff6508463a5b7cac6d1d0265c733cb609b8cdaa56042d29fb70fa58c64b1fed6028d3a2ee7d6f3046cd980bea9f9e1d82fd9beafe7d66cfcbdd49caa5ea4f43faca173cba614e02f407b5c791e460a3ee590b3780ad8cbab34ff0379cc1f947201e28d0cbfa9cc5beef86ecc7090eac13ff614bf73f24b335fcff38a57bce197f67a5816f3d11bb558f0485b4441fcddb6b33c211f19f263f35462349492e26d5fc8437e09539c06fd6b14f243e0a51cc7ed7482677c5a9e7c864b81ae890e6412b6b387e887c9a70e5470c0d17800bb4e39a971a30151c2d5717a9c1183fc5e43902b25130f5fe2d85a64b77a8e64dc59d0b1e3b022efb9c1cbdfebb071c0fbd09619577bb1e18b488091d5c239589805b8df254db031aaa7751bb0b71bffe4b307ebd8359271c2376f2c75a8bea9808725cca6254f89e211cae70dce4cefa123d29238ecb0057d28eeaaabea6e99ab64ebea4c2c62806e6a9e2bccb96a4d07e816ee378e094acee3a9f31b0d1033634310baef6bc7f5e0870a2f1f7f519861834935b1073f9a5c348a46b3be82932d3cf1823a60fb9d0b269b94e58614b5cca1bf2f47ad4e15a93fce9995e06583c41b84930fc26cfe19e9ce9028c7ed8f6f701ed97a74ff3d3affcacf957946fd675240ea08b362a4c1d15aa0722f4cec99aae7d167c49c6123b1ddc36285804044883676921d8b9feed089851e819b782c1fc4025c44874f1454e53e477838e6ff0a472331da69f8e4efb474db064a4b4325c08b4db60377a142c19512b7d1e9fdcfb599662e5448ef3fed112a62bad364467613c73a3385df9766446627c2658c87b56c069440d4e0406e1220c79c2c99116c3224a7a90fee8b6c04f3ff85cbe993c3bb4f7961a801dd893557cd0be736f17e3fa2c65ecc61b907c9d919612ac73a41f91d88733b5830d135a457b3c13fceb0bd294f412bde878315b32c91529b5d55383a1f79f949a8424865b474d784a7a89153b88fc7ec11589b01b9b1aece6585de4d6dbf329c09f35426525addf3e1aa57dddace18fdb219b5e4b32c29a24de709f180b6ff5578141158f467ee9f0cccb580e5b9929c59e47cc8ff27b8401a934769d99f26cc9a9f66ecd0879df8b5becf0cb9a41006396075455306059a7dce312f4e08c54d13bd5da696b32f2c8efbdaad768e372049a3a58bb8c6972d34f859c4ea29ec46aa7752f5d7e8bd3523a10de8b876cb1d61d143d55a1f343252f0927fd5d853b663a71dbb0fff6a7ff07f9cf1e1eb23e07009"], 0x124c}, 0x1, 0x0, 0x0, 0x20000041}, 0x800)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x8a42, 0x0) (async, rerun: 64)
syz_open_procfs$namespace(0x0, 0x0) (async, rerun: 64)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) (async)
prctl$auto(0x3f, 0x7ff, 0x0, 0x5, 0x5) (async)
tgkill$auto(0x0, 0x1, 0x1) (async)
clone$auto(0x100000000021, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4) (async, rerun: 32)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async, rerun: 32)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0)
write$auto(r5, &(0x7f0000000140)='0[.[\x00', 0xcd04) (async)
r6 = bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3)
mmap$auto(0xfffffffffffffffe, 0x9, 0x20004000010000df, 0xeb2, r6, 0x20a3) (async)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000) (async)
setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x2) (async)
setsockopt$auto(r0, 0x29, 0x36, 0x0, 0x0)

4.714921636s ago: executing program 2 (id=1427):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_FIOQSIZE(r0, 0x5460, 0x40)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) (async)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/overcommit_memory\x00', 0xf22437c730143eb6, 0x0)
read$auto(r2, &(0x7f00000000c0)='macsec\x00', 0x1) (async)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=ANY=[@ANYBLOB="1efeffff", @ANYRES16=r1, @ANYBLOB="036c0008000c0000020000"], 0x1c}, 0x1, 0x0, 0x0, 0x404c884}, 0x64004890) (async)
mmap$auto(0x5bb, 0x3, 0xb154, 0x17, r2, 0x8)

4.406119838s ago: executing program 4 (id=1428):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto_BTRFS_IOC_FORGET_DEV(0xffffffffffffffff, 0x50009405, &(0x7f00000001c0)={@raw=0xbe, "147f624b05a2b22a62eb108f57b62c1a128c0f4a188dab9dc484db51686adb5a70d52b7f2f66145c31facd1cbb574c587628bd4cd6107b246f8f98fc23c6a864a492955d4c9350848a1d376d48008c8245ef620306a514c0e2f4dccf4932b8161402a453d31f6a2849bd701d53c73b5c87638db257f5ee75b4b2f3050dcd85bdda18e5f6c8f07bcbafc93b528f48baacd00dff67c662817347d58f7e2540061f146deeeb8a8fbea98e59c0ed49ac5898827aaa13b42a504dc9de98747915c70a39df9e7ad1373109c541923589e6364976cd3168fe3d0f085186627bde1577bbf260387eb8ecb5ad8d705de9f1e9b3d50ce454db9cbecf236dffbd3b274b5a7a63d3be027f04c7111ed622df2830ad588ef1d8b6c480b0f0772b5e7f621f8afa59a92859c296e01a7fa3f30f0d0d4337652988adb2b9d680d2c4f9896e1139548670c3598f33ba0f43def8ca1044626e75ca4d2b886f6db26ebb438a587407e59cf70e6cedf804044a4ccbccdcdcfd3e18152f5ac92af75d4deb491679de72f1b13ad5478ed08bb7acfc503580dae5c23583d01fdfecc9207f9e276540cf2328ba7a585937fd6acbda9a3a770277729be4f41177789decd4e0854b9861c08504c89215d7e8ce3473a0ad98f25d1d9e5fe2054a4ba9d3e0a67718ac00f384b74f5c8b24097e30e63af0c374c78f21d0af94486933450a311f8194051592e9e37607542244627393d338575c5a0a51815a01bd5ecf313cadddbb3c6bd4941a5c636b0c884ea266740b25c397ff3ea626070602d43ffbbebc0bddfdc47602432ecedce3bb6b0aba196f0eb714251d210bc979b4518005e41b5b6b0fc0ba793a8e77edd81553ce3a99cf9e7f4a9a41858e1971ac4127fa9995c888259e3436b7366e1344955ec1dd8628581a07056ec537e8196f87ab570af4fb4744f874fb283f8a54cae01cb32f70543eb60b6f65cc5269171d7e5fff4cbe4cc0b76983aaba8d869d8848e496e2c5359251a39e5f9d1c0c6756456dcdd744e82594b2a6bfe3db7877c7fc123c259f8f70b36b3c48ae31875d5cf3eb6b00a32e107f419a079641e51c8233f4c304b4bf7942814ec1eb8166f0b168d76fb3c05cb1d0ccd66fd15cbb399f3730076246721f4d71f5bbcb63d2309c74878bb16ec592873f7514b66118673f808c2cb16b4a7b3be7b560b5183bb231be5829d9de866ecbf23c70779c6f9d37b7d185cdf53a328eeee8ea27931c68c68edad37f2a10fbfcffacbacb80e8c39a0504bddab3156c7c35ab417aee9c979bf14718975e59ec51a37516a71abd59ddc916de121937da400f09b85e96b554a1f5688b20e2df0f814163e46db2ef60268a6c57035008998b834560a7f9a69bcde2110f8d401321db671c7cd28fce473d9dd43d598ef1e576c93281a5a510fb48e7dbfe06451e2e9718ab0b6cd6ec02b6b62ae9d6cc7ec94af64311793125d92ef9ac91b0d99445c4dae30f46ef49f8068950a6a32661094ac22af30e313fc183ebe103e709be8bcb4e657a731ac05e55a5f3b772ec5f89074fce97e565f560d172c6975dd1edde80507a9e442b208fd57520cbbcac16ddcb26fc8ef1d19d2cfb07e80d32aab1769e628303478aff29f0143140478b50d392fb3e53e0d386ea97d901c27ae5911330f337ef7048cb7f5307fb0231066c100177c09722719372aa5dcffbfa6e84469bfa884446d5848d6af5c4a324f0805e5a1c82e97387239ba24e8406edccd92d37c0bafd97160cea312ba3ef96b6982d28e0d5e2b3bba83dcee9f5de3155d635deebc55bc030f9dadc659a0b6f5a84d539077e785ed5ed098115b576a7238c3532cea0fe9f00cfad2112908e57e66be5e86339812b5257a03e735727ea8c4cf5bcf0820dcf87a906bd962806a2767971f6079613acfb781d514111f35ba1fcdecaa15764d9ca817794c536cb4b1d4a2f60cf116520aa1cd2f7ade5d38c195ee6aaa196ceeaad0a3d642b0e4b54a5c9ffe8941e4f661aba9b9d77a0e2af0d1dd8120810f4b4f93bc56a2405b32ec460ccfae654ed07abfbfc3dab30d5e0b77538033ee73833910ecb297be29cf034a1133583e5afd7633e4a1b44c844cd34eb7d5e07d74e695b4abea1a70b5eb902385563e30134ec33ada8dc78433b4eefa2ead19df77dfc71148607e5c708f7692f1645e7a323f175849bd045f0bbed4f6a06169deceb2a4d361493ee6db8c7b0bd18b9782f48f7459c9d9033221dcf6a07464c04df0b11f99a943e12b1b0b6dc71c3bfef7128b2df83f1ee99952e4cc0a51189a21302e998fd2ed37b2ae8bfd96a47d50eb3d196fea3af714157e6a4e0630e0944de57556aa3225b485388faed23a9a9d595a5ff296e8e29452ef5541230954d4d0f916a27781041902f13cf0e962527e1a0f659a95a0c3831bb62841ba3e01c74859818283ad0725e76ed82f695405fffccd90ad1be0ad211891546a2ab3f75b9872c3ad68c2f5f4d8510cf1e087e789c5ab821ef46e197a36986434b1569499ad2717db7b200afd77b7542ba00a46192341aee8fe3bfe3d6e0c2767cafca11ce2beaf97602ef9095e815ab6eaec42399865f724ee9d96217f45a84a0def5d87375c65e0430cdc83422b8d367982f2722e793c6ba37687d34f0e2068c114fae854a3158abba5f5689a40488d095de19071a71d8d7a17f4389f2d20c4c0f9c16760d52d166acc5c201cfaecc0fc54b7143c60aaaac0ae196b36f3e1447e3e0992be2642ca8302b24514bd06cce84279ce361bb8ce245ca5152848ab4cced61c67e4579c0db21efd26efc0780cf4a04b02ddaa54335fa327d57320307e0dc3fe1f6cdb686150e2235e05ddeba10a193d49408ee47f57229a6ff30351dedf61b8789900eb15db5b0069c57984ba31710509d88da1d78b3eface0ad5b2cb7f303e248cb68abfd5a0c3ac672d1f6178fe54ef67e034d38c01e3458d9b64a97eb0cccfae7efbbbc0c8b806e75ae5dbdf641d8daa862f90cac0d460c6f70a7765169cd1e9fe305db403e4e453ce84c35a3573751a93ca7dd478ba547449254f3d7ac7b05f345bf0eec346db042b982c964c81545bf05986d033df8e41e9e19d3561250514ed703444048f44763261a860aa3cf0b539544af9a1fc4ba7f989111e00dcab0e64b538a1019467c3b43641e13c2707a4fdc78648b92302a54a0e7e3de53488e852f0fe658557ad1df2cf12a898515769bcde0f4a3386764d5b2f0eba5eee1e3257215c005b3bad612ff43b4121efc277fe9b80c69eee2c1ffdcb3ef843485d636a0025848254e22cd2f51c1f85202ae22d53969072c1ec4dbb973a157059ed523b8dad9671f6bba68a9d4521564a826b208df019ea32eeaf5b8f973263fdcab4c2519ac0d5ce4c181b12ba71bb3fc02388e72e89a24152e07b264fb00b425633ca2b2aaccd7208d5df00002b7fa4502656593a8e84e4b620bc65a60bf3d3c8b0c1d0ac93bcc711b9cf206b1037d3437e515913badbd7ce52a69b32cd5b828193dac41fe0ff1a869bf086927eff915e422be23f40a54a2384e478f74bb2a397ecd214224294d9300d921afad2f50960e9830dc1ac8ee08ea0ff474d40a23b1f7dbc7761120c889b3354281751342d2429eb2555a8a57063f61c6cb3115d99d41a040c4d9fb3c5ddec980abfef33562607b7ad6fc8ac67c8026d50f2e01d949d065a8ea488b3d0d7ba296c914352b99a6c36aad4c030d1f9bef8696cb6d9dee3835646695b2a43f8682405c118477dd6486699dcd9cb93d911dae691fabfdfcc76ae48bcdf5d5ea87fffdcaf4e14faaa36689da73c9012ff943a787ec0e83f52cf221219f3468bdc010698450a19717e4ed062ab7d682d9e18c4469581bd09cd31aeaf1d17afb02b9cd769f56830d0ad155e4898889b438edfb13fb40d46bfe082ae1cd0f287805e4f2d011f43cd070f883668f45612132b19ff2f406bf80a1e5e69c741c63bc366c102a7a7e78d92e058d1f771031e582094bc7536182ddf2b88ef13d6573d0d34183c5e4dff48654ec1d18a44f6b2c67b17eb06489523bc3e7908b612e5204985cad17ff99b41650e49e469d8d80f3a2e32e93826e02160fbf19d92ab300bee4319b333aa9e96ac46d22ed71cf8394663f62362fe145094d140588c2e6f3eadc0bc16f6f6172aeac1e9ca44d93fa1399c641729e21f97f25ce5b4163419235bb98a218fa9d50b7aaa835d122c0436352b27909dcab907e43630907b23713bb445b93b8ec840b17d3d4618dd38bf58f2a0a6c3272a00aa8704774078f565faa4195ddfc15b33b196e646ebd8ab55e74da11ab4c30d031785c7c168d30ca12d23dcfa4a5a4f883f3b887fb77d822dae0a161d6c3565037a1f36bb1cf1d8601d94e4111b4ee435a98c21577b1e647ba160921881339a00a2d04210e603dcd9dfe2c40d32e5d93d9e94a5c176ca6291d5befa75121ec0abd660e2bac1458bd5609a6d725af0895b0d559ad726f34b50a06fd45f86764508386ab65ade7c76d0ce07330bf0d342216a769c98edb854cad6f6b02e0d09e713bbb7e12c786edd9d1078f3c5d0a87d34d9326e938098d674fb2d1ab1e39e3683a3ef0e00d9b66d56582e9d5f2d61a60226ee2c9cda7d44ef0504d6109fcd7978207df3eb9ed5ac860e0172907362654efb54cd6d04f7a58578fa3853d65e9243730466085905cbf1e1b34ea7a2f9dd268495d49824045074debb4c9140dfdbfc81fc6d371ec49521ddd996fd8761ada5d427348503a57a73a3ac74a540df4c2af59a1ecf644c00ebfbffafbf2990776717a2687889da69fefd0b0cb33c8351d147bcf31f98c8909e554c7ffd2cc9f64e4eb6b9c4b232489a2d912f19f79108b73a38de79fafd4a885de47810bdc4658d6d773c97e523732997392f1e02396875eda8ff955ef0ad75145cc1819df6a53878b9f1c5964146dcd73eabed0df798aea5c533fc263bc8d2533e36cde59e2cdd2ffac12cd7e6bea69ccc14b0b22b7606a6f82e8528f8dc739cd5c0ed0795d49452f257be2068055dcfaa7589ca65820d31583a81834910d8d1327469e370339dce1d87c31a750a02270cdaef457da2d50abac6651357858c391464781009209d79cf4286045773fe247e705a14b162583cd89e850df91b7517bd0a4476ac02fdc1dbd0faa81fa1e829ad0a548236939efcdf63c15b868b8712ca05571d7c0b810cc02cba9d1ae63e987b59ec3281cd706d7571d6b69a92663f11a24a68dbc6b2436b8049986f78fbe8effcf94457d5085dbf8812abb1fd431c6b465203eb67070a936a665fb19273240ed1e3905ea27b996b74b31b1216a77734b106dd9752a5f430ac5aef718c6942379dbd342aa66537e655afa95ec78cadcfc80584045cd07d43911c4d7dc3a37a4cf3cdf6eea9904c441ec02cfe0515c6c360463237aa6b3fafebcb1a59be1bf5ebe4680819f3e78ccc1e517987db6220b45bf840fb8fc9b33757a0e258468a911f2504358981410b6daad15bb0ed81ff971ef3cc89f06dacfa45a37cb37e946f5010d0a308ff760227d439f07401839b7844bd4e5f5d1824c17797c5abfb5a326f6b4626f9789d8d7a074b7f223cc4183f68e14de037a197920a858c310e3602a3c6f319b506bc4c523af495a95b74eb88af2699cbbeecbab62811ed05a0ea5e292e72e565ccbeb3fda2f32ee05ff7bfa40bfead96ace132532026e553bc4438a65ea897d64e9cdec2baa75839f9ea4dba584b81a9b813dc648e3ac31c885ec5dcedda3efc7a3a7"})
socket(0x18, 0xa, 0x1)
r0 = socket(0x2b, 0x1, 0x1)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x59e, 0x0, 0x2, 0x9}, 0x207}, 0x40, 0x100)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200"], 0x1ac}}, 0x40000)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0)
write$auto_tty_fops_tty_io(r2, &(0x7f00000001c0)="976f09bd689a850edbe36136c8535f593331280bb0b4ba0edd7932ab185cca064833fd9b71", 0x25)
r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video63\x00', 0x80800, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x408, 0x7, 0x1ff, 0x7, 0x42, 0xfff, 0x1ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x0, 0x7, 0x2100, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x1fe, 0xd)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x0, 0xffffffffffffffff, 0x801, 0x10008, 0x400, 0x1000049, 0xffffffffffffffff, 0x20000000000804, 0x3}, 0x6f3)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
read$auto_v4l2_fops_v4l2_dev(r3, &(0x7f00000001c0)=""/191, 0x1f8)
recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x5}, 0x5, 0x0, 0x2, 0x200}, 0x7ff}, 0x10a, 0x8, 0x0)
setsockopt$auto(r0, 0x29, 0x20, 0x0, 0x23)

4.405590467s ago: executing program 2 (id=1429):
mmap$auto(0xffffffffffffffff, 0x20005, 0xa, 0x15, 0x400, 0x18002)
mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000)
r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000040)='{\x00', 0xfff)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
sendmsg$auto_NL80211_CMD_GET_MPATH(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x4c, 0x0, 0x20, 0x70bd26, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x57}, @NL80211_ATTR_SUPPORT_MESH_AUTH={0x4}, @NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x6}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x20}, @NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0xfffffffc}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_CONTROL_PORT={0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x4000)
r3 = socket(0x10, 0x2, 0x0)
write$auto_fops_x16_ro_(r2, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000)
read$auto(r3, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vivid.0/video4linux/video30/dev_debug\x00', 0x129102, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)

4.358828363s ago: executing program 3 (id=1430):
r0 = ioctl$auto_TUNGETVNETLE2(0xffffffffffffffff, 0x800454dd, &(0x7f0000000040)=0x7)
mmap$auto(0xffffffffffffffff, 0x80400009, 0xde, 0x19, r0, 0x2000000000000006)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0x8a302, 0x0)
timerfd_create$auto(0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
getcwd$auto(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x0) (async)
socket(0xa, 0x5, 0x0)
inotify_init1$auto(0x3000000000000)
inotify_add_watch$auto(0x4, 0x0, 0xe6e) (async)
inotify_add_watch$auto(0x4, 0x0, 0xe6e)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0) (async)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
ioctl$auto(r1, 0x80000541b, 0x38)
socket(0x1a, 0x1, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x2272, &(0x7f0000000080)) (async)
ioctl$auto_SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x2272, &(0x7f0000000080))
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) (async)
r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2, 0xdf, 0x1a, r3, 0x8003)
socket(0x11, 0x5, 0x0) (async)
socket(0x11, 0x5, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
times$auto(0x0)
close_range$auto(0x2, 0x8, 0x0)

3.962545834s ago: executing program 4 (id=1431):
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x72180, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/irq/13/smp_affinity_list\x00', 0x101002, 0x0)
mmap$auto(0x0, 0x400008, 0x2e0, 0x9b72, 0x2, 0x8000)
write$auto(0x3, 0x0, 0xfdef)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0)
mmap$auto(0xdf, 0xd, 0x3, 0x16, 0xfffffffffffffffa, 0x8000)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x1ffffffff, 0xfffdfffffffffffa, 0x1, 0x0, 0x6, 0x0, 0x7, 0x1224578b, 0x2, {0x100000000, 0x5}, 0x5, 0x1, 0x10000000000009, 0x1008000, 0x0, 0x8, 0x7f, 0xdfffffffffff6295, 0x400, 0x4, 0x808})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r1 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ILA_CMD_DEL(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010021bd7000fbdbd025020000000c0003000d0000ba0a9eecfd8c8a9aca0008b50100000000000c00030000000000000000", @ANYRES32=0x0, @ANYBLOB="0500"/14], 0x50}, 0x1, 0x0, 0x0, 0x4004804}, 0x10)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0xfffffffffffffffc)
madvise$auto(0x110c230000, 0x1, 0x9)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio0/force_release\x00', 0x200, 0x0)
write$auto(r3, &(0x7f00000004c0)='N\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x7ff)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
mlockall$auto(0x7)
migrate_pages$auto(0x0, 0x3, 0x0, 0x0)
mmap$auto(0x3, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
getxattr$auto(0x0, 0x0, 0x0, 0x4)
bind$auto(0x3, 0x0, 0x6a)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

3.104648116s ago: executing program 2 (id=1432):
mmap$auto(0x0, 0x400008, 0xe4, 0x9b72, 0x2, 0x800008000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/afs/addr_prefs\x00', 0xc0282, 0x0)
pread64$auto(r0, 0x0, 0x200000000008, 0x800fc)
openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x2081, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.4/usb5/5-0:1.0/usb5-port1/power/pm_qos_no_power_off\x00', 0x20a42, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_REQ_SET_REG(r2, &(0x7f000000a5c0)={0x0, 0x0, &(0x7f000000a580)={&(0x7f0000000080)={0x1c, r3, 0x1, 0x70bd2e, 0x25dfdbfd, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x24008080)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x6, 0x0, 0x7f, 0x0, 0x8000000000008000, 0x2}, 0x4}, 0x800008, 0x8)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x2, <r4=>0x4, 0x8201, 0x2, 0x8, 0xc, <r5=>0xe3, 0x4000000002, 0x3}, 0x6f4)
read$auto(r1, 0x0, 0x15)
write$auto(0x3, 0x0, 0xffd8)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
unshare$auto(0x200)
r6 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
openat$auto(r5, &(0x7f0000000280)='}[,&*}\x00', 0x200, 0x68)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x406, 0x0)
socket(0xa, 0x2, 0x0)
ioctl$auto(0x3, 0x541b, 0x38)
setns(r6, 0x0)
process_madvise$auto_MADV_COLLAPSE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000340)="5acda7999110269cb324a1e5b5dc798b77bf96ad938a51d401ace51b0c80419f1f671e70112f7c1587d8e6708a78150e7ab982998c8af10d07efd57870b8204473a3d6fc2d4ef2842ab3e1aa95d51f370a", 0xff}, 0x4, 0x19, 0x3)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
mmap$auto(0x0, 0x8, 0x1000000004, 0x8b72, 0x2, 0x8000)
ioctl$auto_BTRFS_IOC_ENCODED_WRITE(r4, 0x40809440, &(0x7f0000000480)={&(0x7f0000000440)={&(0x7f00000003c0)="d0c791ccdb489398722375f53b74b3ccf4fc6eb7af2896869eb049c644582540410737a861a836111b7d89044a46a24f497de98a2b20ef10e222a2032bd20af98e1a3d67d5d45edc1178be39dd024109c6630221", 0xffffffffffffff59}, 0x10000, 0x4, 0x8, 0x26b, 0xaeab, 0x6, 0x3, 0x1b99, "f601ad57f98bbc9a0a95fde1ec38c2e0e62316bfa60b6518a18b59892221eebd4b42687855ef227559b05edcfc3f6cdf1b8047f4feabe3be97108dcf057b070a"})
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x15)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1100af"], 0x1ac}, 0x1, 0x0, 0x0, 0x26004814}, 0x0)

2.637344123s ago: executing program 4 (id=1433):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x11, 0x80003, 0x300)
r2 = socket(0xa, 0x3, 0x6)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r1, 0x7f, 0x99, 0x8, 0x1, @relative_fd=<r3=>r2, 0xd}, 0x92)
r4 = socket(0xa, 0x2, 0x3a)
setsockopt$auto(r4, 0x29, 0x4e, &(0x7f0000000040)='!\x00', 0x1ff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r5)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r7=>0x0})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001f80)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="2f212cbd7000c9edd8fa6574a16208000300", @ANYRES32=r7], 0x2c}}, 0x4000000)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="20002dbd7000fddbdf2521000000"], 0x14}, 0x1, 0x0, 0x0, 0x4008894}, 0x0)
sendmsg$auto_NL80211_CMD_ADD_TX_TS(r3, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="38030000", @ANYRES16=r6, @ANYBLOB="00042bbd7000fddbdf25690000001e009400227836c7d2241e7d250bcabb1ea1582aaf4c4f7b14fb9ce72c00000800dc000000000004009300af027a80430110800400f1808493c9f362a8bc85ed127836ccb8e8a33c6f94c6a2e8bc97c1afe55a710e6cf21f5426be87c3466a86014c7a184d58f983b4c4d4726fe79c625e87503b96e5de9a952e83e796c641c6a9ef4e772c0b283dcff16ed63d9006fe6cf77481c75e9911258be2c68d2e53d5920aa617997103a0365b627ea8fd45ce873c2dc1159fa8263620af0916cabe2b0b632fddce0231a08d4112a9493cca6d96cbba430e8f0459cd7408e0beb68a94fa61cbc6eb5c7b627f3fa5b3f83bc2a6dad8e472caac91a89d44625c9ce5fff90d5421b4e962dfd8da956f82e328cb8a5c0bedf4b4f763d9a2d0affbd22f691c5173a839a46b774441a2f3405a4bfd44ea76500d42d75dbe383f410dee66054706fadf67abbdaf2da13f0ff7011bf22fe1764671bdef1db8db9069b5eadf885d3b85cb621f621c8bb71b78e2749ad6b19852aa18d21ee1cf5a29a34579e79d3fe4461c3f79b4d1edbdd3fa9ddd1cad00bf01615954e6975a7b25802322524cf69b23083f9eb1c7f29aa0ac3c6aba2160556a78e79c2fe95f770769c1c931464a82f95209b5009f003659428d3013c0c3bc31af15bfeacab7ba7ec8c2e230907d6775fcbd9aa093cc2121096cfa5d363c41a452da208f61b715d3201235f65fd9c7ae8256f3fd3680f6167bdf00eb77d1cea17ad7bc67cfeb6d404fd69c4e4dbc44afc49ad55e3b062bfa38d59fcea75ab777d5c08a23c42b05aa23c95f0858518c5e7316178e160ec99259f48634dc6d3b88f2e40d541217d3a95afc7ae9d349d6067bcb9345a27d2c37b18883bf054b86e63f3bae42d5d7420000009fd6ca739799370c1bcf5ad7a5f50199ebc23edfdd27215c64e0f46b4602aed46c34ef54ffda44f894c13393fd81908fd948add13435dbbf5251e7a21c146836135cf587b4d75b309f6ed65080654a0008003500020010000400440006004800070000000400e20027002901f3bb4f9de3ebdf34775e8d140a43d6d4e95230eff9277c6a4fff64f5a581f291e5f8570008006100040000002f7c38fb6b8c59b1842ae23f0c270bde85b839e1eb801c17bb7e030b420d71a33429a482070cd600"/856], 0x338}, 0x1, 0x0, 0x0, 0x40010}, 0x4000001)
r8 = open(0x0, 0x261c2, 0x84)
bpf$auto(0x4, &(0x7f00000001c0)=@raw_tracepoint={0x5, r8, 0x0, 0x3}, 0xc)

2.585636706s ago: executing program 2 (id=1434):
syz_clone3(&(0x7f0000000640)={0x108000, 0x0, 0x0, 0x0, {0x15}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa})
ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0)
writev$auto(r0, &(0x7f0000000340)={&(0x7f00000002c0)}, 0x9)

2.307611143s ago: executing program 4 (id=1435):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
r0 = getpgrp(0x0)
prctl$auto(0x5, 0xfffffffffffffffb, r0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
epoll_create$auto(0x4)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x3ff, 0x0, 0x3, 0x5f, 0x0, 0x3}, 0x6f3)
r1 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/1/msr\x00', 0xf82, 0x0)
readv$auto(r1, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400)

2.091730536s ago: executing program 2 (id=1436):
unshare$auto(0x40000080)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x92000, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000d40), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_GET(r0, 0x0, 0x24000005)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0x30009, 0x4000800000df, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0)
ioctl$auto_SG_GET_PACK_ID(r2, 0x227c, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
r3 = openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x103700, 0x0)
read$auto(r3, 0x0, 0x4000000081)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video12\x00', 0x1a1983, 0x0)
r5 = open(&(0x7f00000002c0)='./file0\x00', 0x400000, 0x408)
getdents$auto(r5, 0x0, 0x400018)
ioctl$auto(r4, 0xc0485619, 0x38)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
bpf$auto(0xa, &(0x7f0000000200)=@bpf_attr_7={@btf_id=0x9, 0x0, 0x5, r3}, 0x2)
r6 = syz_genetlink_get_family_id$auto_nl80211(0x0, r0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_GET_REG(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYRES8=r1, @ANYRES32=r6, @ANYBLOB="44c601a98b82ff181a1c666a00172e8e8d64356993f446e8e085df359174378b10f6a096ea046206d3b65eac07000000be8df271d41d2991b476b9e66325b55c4d9b4794bb445e04f3383e56acf91da8be29226089ce"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x8)

1.870819776s ago: executing program 1 (id=1437):
mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0xffffffffffffffff, 0x28000)
r0 = socketpair$auto(0x1, 0x5, 0x9, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto(r1, 0x5387, r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x40, r3, 0x1b, 0x70bd26, 0x25dfdbfb, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0x9, 0x0, 0x0, @fd}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828847"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)

1.730185702s ago: executing program 3 (id=1438):
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00') (async)
mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000) (async)
r0 = open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20)
open_tree$auto(r0, 0x0, 0x1001)
pipe$auto(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fb\x00', 0x0, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x2, 0x80805, 0x0)
socket(0x2, 0x1, 0x84) (async)
socket(0x848000000015, 0x805, 0x0) (async)
io_uring_setup$auto(0x4011, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x1f00, &(0x7f00000002c0)={&(0x7f00000013c0)=ANY=[@ANYBLOB="18000000", @ANYRES8=r2, @ANYRES8=r1, @ANYRES8], 0x18}}, 0x80)
settimeofday$auto(0x0, &(0x7f00000003c0)={0x5, 0x80000001})

1.452541285s ago: executing program 3 (id=1439):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000080), r0)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, 0x0, 0x20000014)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/nr12/address\x00', 0x101800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000100)=""/36, 0x24)
r2 = openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f0000001180), 0x410000, 0x0)
socket(0x2, 0x2, 0x0)
setgroups$auto(0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000080), r3)
sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(r3, 0x0, 0x20000000)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
socket(0xa, 0x3, 0x3a)
r4 = prctl$auto(0x3e, 0x1, 0x0, 0x100, 0x3)
openat$nci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r3, 0x0, 0x1)
syz_genetlink_get_family_id$auto_batadv(0x0, r4)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, <r5=>0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}})
io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83)
ioctl$auto_IOCTL_STOP_ACCEL_DEV(r2, 0x40096101, &(0x7f00000011c0)={@padding, 0x3})
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
splice$auto(0xffffffffffffffff, &(0x7f0000000000)=0x5, r3, &(0x7f0000000040)=0x9, 0x8, 0x5)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/sg/allow_dio\x00', 0x8542, 0x0)
setresuid$auto(0x909b, 0x1, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xc)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000001200))

1.30860246s ago: executing program 1 (id=1440):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xaa102, 0x0)
r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0)
socket(0xa, 0x1, 0x100)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = socket(0xa, 0x5, 0x0)
getsockopt$auto(r1, 0x84, 0x7, 0x0, 0x0)
modify_ldt$auto(0x1, 0x0, 0x10)
r2 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0)
pread64$auto(r2, 0x0, 0x7ff, 0x400)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x7, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x1, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x90000001, 0x3, 0x1, 0x5, 0x5]}, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
ioctl$auto(0xffffffffffffffff, 0x400454cb, 0x5)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0xc, 0x20009, 0x5, 0x14, 0xffffffffffffffff, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x7, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000040), 0x244200, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x5, 0xde, 0x20400010090, r0, 0xffffffffffffffff)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0xb8, 0x10, 0x4, 0x804, 0xffffffffffffffff, 0xa, "053ce68000", <r4=>0x0, 0xffffffffffffffff, 0x5, 0x7, 0x4, 0x6}, 0xf)
bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r4, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92)

766.741162ms ago: executing program 2 (id=1441):
socket(0x5, 0x2, 0x0)
socket(0x18, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000180), r0)
sendmsg$auto_NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x24, r1, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000c00}, 0x4000000)
close_range$auto(0x2, 0xa, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x4)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
mmap$auto(0x0, 0x5, 0xffb, 0x8000000008011, 0x3, 0x2000000000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0)
socket(0xa, 0xa, 0x4c0)
ioperm$auto(0x7, 0x5ad2, 0x8)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x21, 0x3, 0x9)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x200000000009, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
mmap$auto(0x4d5, 0x802, 0x5, 0xeb1, r2, 0x800000c000)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x103840, 0x0)

0s ago: executing program 4 (id=1442):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
fanotify_init$auto(0x1000, 0x0)
socket(0x2, 0x3, 0x6)
socket(0x2, 0x1, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/gro_flush_timeout\x00', 0x88282, 0x0)
write$auto(r0, &(0x7f0000000000)='\x00', 0x4)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x200000000000404, 0x0)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x389803, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
ioctl$auto_USB_RAW_IOCTL_EP0_STALL(0xffffffffffffffff, 0x550c, 0x5f)
rt_sigaction$auto(0x7, 0x0, 0x0, 0x8)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r2 = socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
ioperm$auto(0x4000000000080, 0xfffffffffffffffb, 0x5)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x4000000)
connect$auto(r2, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
setsockopt$auto(0x3, 0x10000000084, 0x25, 0x0, 0x90)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xa00c0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x6, 0x4)
eventfd$auto(0x5d5d)
mq_timedsend$auto(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f0, 0x15)

kernel console output (not intermixed with test programs):

000000000
[  300.446435][ T9390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  300.446451][ T9390] R13: 0000000000000000 R14: 00007fdadabb6080 R15: 00007ffd8720c3c8
[  300.446490][ T9390]  </TASK>
[  300.468373][   T30] audit: type=1804 audit(4294967314.827:10): pid=9390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.661" name="/newroot/sys/kernel/debug/tracing/dynamic_events" dev="tracefs" ino=1073 res=1 errno=0
[  301.417512][   T30] audit: type=1804 audit(4294967315.777:11): pid=9419 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.667" name="/newroot/sys/kernel/debug/tracing/dynamic_events" dev="tracefs" ino=1073 res=1 errno=0
[  301.690077][ T9424] binder: 9421:9424 ioctl c0306201 0 returned -14
[  302.891469][ T5167] Bluetooth: hci1: unexpected event 0x06 length: 11 > 3
[  303.278566][ T9462] can0: slcan on pty238.
[  303.447790][ T9466] can0 (unregistered): slcan off pty238.
[  303.548572][ T9476] netlink: 4 bytes leftover after parsing attributes in process `syz.3.682'.
[  303.696991][ T9478] usbcore.quirks: string doesn't fit in 127 chars.
[  303.900470][ T9487] i2c i2c-0: delete_device: Can't parse I2C address
[  305.029822][ T9504] zswap: compressor  not available
[  306.491531][ T9529] delete_channel: no stack
[  306.499679][ T9529] delete_channel: no stack
[  307.242386][ T9542] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  307.322864][ T9542] FAULT_INJECTION: forcing a failure.
[  307.322864][ T9542] name failslab, interval 1, probability 0, space 0, times 0
[  307.379093][ T9542] CPU: 0 UID: 0 PID: 9542 Comm: syz.1.692 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  307.379136][ T9542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  307.379153][ T9542] Call Trace:
[  307.379163][ T9542]  <TASK>
[  307.379180][ T9542]  dump_stack_lvl+0x16c/0x1f0
[  307.379232][ T9542]  should_fail_ex+0x512/0x640
[  307.379271][ T9542]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  307.379330][ T9542]  should_failslab+0xc2/0x120
[  307.379357][ T9542]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  307.379403][ T9542]  ? sock_alloc_inode+0x25/0x1c0
[  307.379438][ T9542]  ? __pfx_sock_alloc_inode+0x10/0x10
[  307.379465][ T9542]  sock_alloc_inode+0x25/0x1c0
[  307.379494][ T9542]  alloc_inode+0x61/0x240
[  307.379525][ T9542]  sock_alloc+0x40/0x280
[  307.379553][ T9542]  sock_create_lite+0x82/0x120
[  307.379586][ T9542]  __netlink_kernel_create+0xbd/0x750
[  307.379620][ T9542]  ? __pfx___netlink_kernel_create+0x10/0x10
[  307.379664][ T9542]  uevent_net_init+0xf8/0x350
[  307.379695][ T9542]  ? __pfx_uevent_net_init+0x10/0x10
[  307.379727][ T9542]  ? __pfx_uevent_net_rcv+0x10/0x10
[  307.379771][ T9542]  ? __pfx_uevent_net_init+0x10/0x10
[  307.379799][ T9542]  ops_init+0x1df/0x5f0
[  307.379849][ T9542]  setup_net+0x1ff/0x510
[  307.379893][ T9542]  ? lockdep_init_map_type+0x5c/0x280
[  307.379937][ T9542]  ? __pfx_setup_net+0x10/0x10
[  307.379986][ T9542]  ? debug_mutex_init+0x37/0x70
[  307.380022][ T9542]  copy_net_ns+0x2a6/0x5f0
[  307.380056][ T9542]  create_new_namespaces+0x3ea/0xa90
[  307.380100][ T9542]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  307.380141][ T9542]  ksys_unshare+0x45b/0xa40
[  307.380182][ T9542]  ? __pfx_ksys_unshare+0x10/0x10
[  307.380225][ T9542]  ? xfd_validate_state+0x61/0x180
[  307.380279][ T9542]  __x64_sys_unshare+0x31/0x40
[  307.380329][ T9542]  do_syscall_64+0xcd/0x490
[  307.380378][ T9542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.380409][ T9542] RIP: 0033:0x7fdada98e929
[  307.380435][ T9542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.380464][ T9542] RSP: 002b:00007fdadb780038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  307.380494][ T9542] RAX: ffffffffffffffda RBX: 00007fdadabb5fa0 RCX: 00007fdada98e929
[  307.380515][ T9542] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  307.380533][ T9542] RBP: 00007fdadaa10b39 R08: 0000000000000000 R09: 0000000000000000
[  307.380552][ T9542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  307.380569][ T9542] R13: 0000000000000000 R14: 00007fdadabb5fa0 R15: 00007ffd8720c3c8
[  307.380611][ T9542]  </TASK>
[  307.817398][ T9542] kobject_uevent: unable to create netlink socket!
[  308.807438][   T30] audit: type=1800 audit(4294967323.171:12): pid=9572 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.701" name="dbroot" dev="configfs" ino=25461 res=0 errno=0
[  308.898458][ T9575] netlink: 334 bytes leftover after parsing attributes in process `syz.2.701'.
[  309.251756][ T9579] random: crng reseeded on system resumption
[  310.185699][ T9599] netlink: 68 bytes leftover after parsing attributes in process `syz.2.706'.
[  311.666975][ T9603] FAULT_INJECTION: forcing a failure.
[  311.666975][ T9603] name failslab, interval 1, probability 0, space 0, times 0
[  311.900953][ T9603] CPU: 0 UID: 0 PID: 9603 Comm: syz.0.708 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  311.900998][ T9603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  311.901015][ T9603] Call Trace:
[  311.901026][ T9603]  <TASK>
[  311.901038][ T9603]  dump_stack_lvl+0x16c/0x1f0
[  311.901088][ T9603]  should_fail_ex+0x512/0x640
[  311.901130][ T9603]  ? fs_reclaim_acquire+0xae/0x150
[  311.901168][ T9603]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  311.901216][ T9603]  should_failslab+0xc2/0x120
[  311.901245][ T9603]  __kmalloc_noprof+0xd2/0x510
[  311.901299][ T9603]  tomoyo_realpath_from_path+0xc2/0x6e0
[  311.901353][ T9603]  tomoyo_check_open_permission+0x2ab/0x3c0
[  311.901389][ T9603]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  311.901465][ T9603]  ? do_raw_spin_lock+0x12c/0x2b0
[  311.901524][ T9603]  tomoyo_file_open+0x6b/0x90
[  311.901572][ T9603]  security_file_open+0x84/0x1e0
[  311.901612][ T9603]  do_dentry_open+0x596/0x1c10
[  311.901669][ T9603]  vfs_open+0x82/0x3f0
[  311.901707][ T9603]  path_openat+0x1de4/0x2cb0
[  311.901766][ T9603]  ? __pfx_path_openat+0x10/0x10
[  311.901810][ T9603]  ? __lock_acquire+0xb8a/0x1c90
[  311.901856][ T9603]  do_filp_open+0x20b/0x470
[  311.901897][ T9603]  ? __pfx_do_filp_open+0x10/0x10
[  311.901975][ T9603]  ? alloc_fd+0x471/0x7d0
[  311.902026][ T9603]  do_sys_openat2+0x11b/0x1d0
[  311.902057][ T9603]  ? __pfx_do_sys_openat2+0x10/0x10
[  311.902108][ T9603]  __x64_sys_openat+0x174/0x210
[  311.902141][ T9603]  ? __pfx___x64_sys_openat+0x10/0x10
[  311.902193][ T9603]  do_syscall_64+0xcd/0x490
[  311.902249][ T9603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.902278][ T9603] RIP: 0033:0x7f9f9c38e929
[  311.902304][ T9603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.902332][ T9603] RSP: 002b:00007f9f9d1fc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  311.902361][ T9603] RAX: ffffffffffffffda RBX: 00007f9f9c5b5fa0 RCX: 00007f9f9c38e929
[  311.902380][ T9603] RDX: 0000000000002001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  311.902399][ T9603] RBP: 00007f9f9c410b39 R08: 0000000000000000 R09: 0000000000000000
[  311.902417][ T9603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  311.902434][ T9603] R13: 0000000000000000 R14: 00007f9f9c5b5fa0 R15: 00007ffdff739c58
[  311.902474][ T9603]  </TASK>
[  312.295728][ T9603] ERROR: Out of memory at tomoyo_realpath_from_path.
[  312.447208][ T9603] random: crng reseeded on system resumption
[  313.964095][ T5167] Bluetooth: hci1: unexpected event 0x06 length: 11 > 3
[  319.699469][ T9734] netlink: 28 bytes leftover after parsing attributes in process `syz.0.736'.
[  319.810821][ T9740] netlink: 28 bytes leftover after parsing attributes in process `syz.0.736'.
[  320.885360][ T9763] netlink: 4 bytes leftover after parsing attributes in process `syz.0.741'.
[  320.896032][ T9763] netlink: 354 bytes leftover after parsing attributes in process `syz.0.741'.
[  322.421300][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  322.428663][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  322.872180][ T9799] random: crng reseeded on system resumption
[  323.935795][ T9813] ovs_��: entered promiscuous mode
[  323.955008][ T9798] Invalid ELF header magic: != ELF
[  324.465697][ T9790] kexec: Could not allocate control_code_buffer
[  325.166772][ T9831] netlink: 28 bytes leftover after parsing attributes in process `syz.1.758'.
[  325.551614][ T9824] Process accounting resumed
[  325.676162][ T9839] FAULT_INJECTION: forcing a failure.
[  325.676162][ T9839] name failslab, interval 1, probability 0, space 0, times 0
[  325.716545][ T9839] CPU: 1 UID: 0 PID: 9839 Comm: syz.0.759 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  325.716589][ T9839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  325.716607][ T9839] Call Trace:
[  325.716617][ T9839]  <TASK>
[  325.716629][ T9839]  dump_stack_lvl+0x16c/0x1f0
[  325.716679][ T9839]  should_fail_ex+0x512/0x640
[  325.716722][ T9839]  ? __kvmalloc_node_noprof+0x124/0x620
[  325.716770][ T9839]  should_failslab+0xc2/0x120
[  325.716800][ T9839]  __kvmalloc_node_noprof+0x137/0x620
[  325.716846][ T9839]  ? fib4_semantics_init+0x25/0x100
[  325.716897][ T9839]  ? fib4_semantics_init+0x25/0x100
[  325.716937][ T9839]  fib4_semantics_init+0x25/0x100
[  325.716980][ T9839]  fib_net_init+0x1fc/0x3f0
[  325.717011][ T9839]  ? __pfx___register_sysctl_table+0x10/0x10
[  325.717059][ T9839]  ? __pfx_fib_net_init+0x10/0x10
[  325.717090][ T9839]  ? lockdep_init_map_type+0x5c/0x280
[  325.717148][ T9839]  ? do_init_timer+0xc9/0x110
[  325.717188][ T9839]  ? devinet_init_net+0x5c2/0x910
[  325.717229][ T9839]  ? __pfx_fib_net_init+0x10/0x10
[  325.717258][ T9839]  ops_init+0x1df/0x5f0
[  325.717311][ T9839]  setup_net+0x1ff/0x510
[  325.717355][ T9839]  ? lockdep_init_map_type+0x5c/0x280
[  325.717398][ T9839]  ? __pfx_setup_net+0x10/0x10
[  325.717448][ T9839]  ? debug_mutex_init+0x37/0x70
[  325.717485][ T9839]  copy_net_ns+0x2a6/0x5f0
[  325.717520][ T9839]  create_new_namespaces+0x3ea/0xa90
[  325.717566][ T9839]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  325.717602][ T9839]  ksys_unshare+0x45b/0xa40
[  325.717639][ T9839]  ? __pfx_ksys_unshare+0x10/0x10
[  325.717679][ T9839]  ? xfd_validate_state+0x61/0x180
[  325.717733][ T9839]  __x64_sys_unshare+0x31/0x40
[  325.717773][ T9839]  do_syscall_64+0xcd/0x490
[  325.717821][ T9839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  325.717851][ T9839] RIP: 0033:0x7f9f9c38e929
[  325.717875][ T9839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  325.717903][ T9839] RSP: 002b:00007f9f9d1fc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  325.717932][ T9839] RAX: ffffffffffffffda RBX: 00007f9f9c5b5fa0 RCX: 00007f9f9c38e929
[  325.717952][ T9839] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  325.717971][ T9839] RBP: 00007f9f9c410b39 R08: 0000000000000000 R09: 0000000000000000
[  325.717989][ T9839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  325.718007][ T9839] R13: 0000000000000000 R14: 00007f9f9c5b5fa0 R15: 00007ffdff739c58
[  325.718048][ T9839]  </TASK>
[  327.255111][   T30] audit: type=1800 audit(4294967341.620:13): pid=9867 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.764" name="version" dev="configfs" ino=27176 res=0 errno=0
[  330.083752][ T9929] netlink: 4 bytes leftover after parsing attributes in process `syz.2.773'.
[  331.186425][   T49] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  331.702491][   T49] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.174340][   T49] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.196657][ T5853] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  332.214189][ T5853] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  332.223394][ T5853] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  332.232778][ T5853] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  332.248503][ T5853] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  332.332147][   T49] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.863500][   T49] batadv0: left allmulticast mode
[  332.870185][   T49] batadv0: left promiscuous mode
[  332.877558][   T49] bridge0: port 3(batadv0) entered disabled state
[  332.950055][   T49] bridge_slave_1: left allmulticast mode
[  332.955883][   T49] bridge_slave_1: left promiscuous mode
[  332.961891][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.016658][   T49] bridge_slave_0: left allmulticast mode
[  333.022395][   T49] bridge_slave_0: left promiscuous mode
[  333.125561][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.675627][ T9986] ubi0: attaching mtd0
[  333.682127][ T9986] ubi0: scanning is finished
[  333.708209][ T9986] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  333.882745][ T9986] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  333.957619][ T9986] ubi0: attaching mtd0
[  334.049368][ T9986] ubi0: scanning is finished
[  334.054301][ T9986] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  334.242297][T10005] random: crng reseeded on system resumption
[  334.325435][ T5853] Bluetooth: hci1: command tx timeout
[  334.445554][ T9986] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  334.925568][T10012] netlink: 8 bytes leftover after parsing attributes in process `syz.0.782'.
[  334.940887][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  334.958354][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  334.980533][   T49] bond0 (unregistering): Released all slaves
[  335.636725][ T9967] chnl_net:caif_netlink_parms(): no params data found
[  336.371365][ T9967] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.392422][ T9967] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.397458][T10041] FAULT_INJECTION: forcing a failure.
[  336.397458][T10041] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  336.406651][ T5853] Bluetooth: hci1: command tx timeout
[  336.431100][ T9967] bridge_slave_0: entered allmulticast mode
[  336.448358][ T9967] bridge_slave_0: entered promiscuous mode
[  336.471630][ T9967] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.479102][ T9967] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.487396][ T9967] bridge_slave_1: entered allmulticast mode
[  336.496168][ T9967] bridge_slave_1: entered promiscuous mode
[  336.527166][T10041] CPU: 0 UID: 0 PID: 10041 Comm: syz.0.784 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  336.527218][T10041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  336.527237][T10041] Call Trace:
[  336.527248][T10041]  <TASK>
[  336.527259][T10041]  dump_stack_lvl+0x16c/0x1f0
[  336.527311][T10041]  should_fail_ex+0x512/0x640
[  336.527360][T10041]  _copy_from_iter+0x463/0x16f0
[  336.527417][T10041]  ? __pfx__copy_from_iter+0x10/0x10
[  336.527465][T10041]  ? rcu_is_watching+0x12/0xc0
[  336.527497][T10041]  ? trace_kmalloc+0x2b/0xd0
[  336.527527][T10041]  ? __kmalloc_noprof+0x242/0x510
[  336.527581][T10041]  kernfs_fop_write_iter+0x19a/0x510
[  336.527620][T10041]  do_iter_readv_writev+0x654/0x950
[  336.527664][T10041]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  336.527725][T10041]  vfs_writev+0x35f/0xde0
[  336.527776][T10041]  ? __pfx_vfs_writev+0x10/0x10
[  336.527847][T10041]  ? __fget_files+0x20e/0x3c0
[  336.527899][T10041]  ? do_pwritev+0x1a6/0x270
[  336.527938][T10041]  do_pwritev+0x1a6/0x270
[  336.527981][T10041]  ? __pfx_do_pwritev+0x10/0x10
[  336.528035][T10041]  do_syscall_64+0xcd/0x490
[  336.528094][T10041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.528124][T10041] RIP: 0033:0x7f9f9c38e929
[  336.528149][T10041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.528177][T10041] RSP: 002b:00007f9f9d1db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[  336.528205][T10041] RAX: ffffffffffffffda RBX: 00007f9f9c5b6080 RCX: 00007f9f9c38e929
[  336.528225][T10041] RDX: 0000000000000005 RSI: 0000200000001000 RDI: 0000000000000003
[  336.528242][T10041] RBP: 00007f9f9c410b39 R08: 0000000000000009 R09: 0000000000000000
[  336.528259][T10041] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[  336.528277][T10041] R13: 0000000000000000 R14: 00007f9f9c5b6080 R15: 00007ffdff739c58
[  336.528318][T10041]  </TASK>
[  337.345406][ T9967] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  337.427415][ T9967] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  337.435167][T10058] netlink: 342 bytes leftover after parsing attributes in process `syz.3.787'.
[  337.663753][   T49] hsr_slave_0: left promiscuous mode
[  337.689288][   T49] hsr_slave_1: left promiscuous mode
[  337.705905][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  337.751195][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  337.787595][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  337.812933][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  337.897082][   T49] veth1_macvtap: left allmulticast mode
[  337.916948][   T49] veth1_macvtap: left promiscuous mode
[  337.934518][   T49] veth0_macvtap: left promiscuous mode
[  337.956959][   T49] veth1_vlan: left promiscuous mode
[  337.979276][   T49] veth0_vlan: left promiscuous mode
[  338.483707][ T5853] Bluetooth: hci1: command tx timeout
[  339.276069][   T49] team0 (unregistering): Port device team_slave_1 removed
[  339.324847][   T49] team0 (unregistering): Port device team_slave_0 removed
[  339.821988][ T9967] team0: Port device team_slave_0 added
[  339.906538][ T9967] team0: Port device team_slave_1 added
[  340.150586][ T9967] batman_adv: batadv0: Adding interface: batadv_slave_0
[  340.174875][ T9967] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  340.208595][ T9967] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  340.322893][ T9967] batman_adv: batadv0: Adding interface: batadv_slave_1
[  340.338523][ T9967] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  340.377569][ T9967] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  340.564129][ T5853] Bluetooth: hci1: command tx timeout
[  340.665588][ T9967] hsr_slave_0: entered promiscuous mode
[  340.679804][ T9967] hsr_slave_1: entered promiscuous mode
[  340.689624][ T9967] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  340.698868][ T9967] Cannot create hsr debugfs directory
[  340.714403][T10097] netlink: 338 bytes leftover after parsing attributes in process `syz.2.794'.
[  340.742732][T10097] netlink: 342 bytes leftover after parsing attributes in process `syz.2.794'.
[  343.037313][ T9967] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  343.083898][ T9967] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  343.246380][ T9967] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  343.264366][ T5853] Bluetooth: hci3: Malformed Event: 0x02
[  343.270405][ T5853] Bluetooth: hci3: Malformed Event: 0x02
[  343.282117][ T9967] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  344.286716][T10183] qrtr: Invalid version 0
[  344.556310][ T9967] 8021q: adding VLAN 0 to HW filter on device bond0
[  344.808452][ T9967] 8021q: adding VLAN 0 to HW filter on device team0
[  344.864255][ T1534] bridge0: port 1(bridge_slave_0) entered blocking state
[  344.871504][ T1534] bridge0: port 1(bridge_slave_0) entered forwarding state
[  344.944835][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  344.952100][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  345.032454][T10198] netlink: 'syz.2.812': attribute type 27 has an invalid length.
[  345.061414][T10198] netlink: 334 bytes leftover after parsing attributes in process `syz.2.812'.
[  346.011427][ T9967] 8021q: adding VLAN 0 to HW filter on device batadv0
[  346.292062][ T9967] veth0_vlan: entered promiscuous mode
[  346.341016][ T9967] veth1_vlan: entered promiscuous mode
[  346.441657][T10234] netlink: 338 bytes leftover after parsing attributes in process `syz.3.817'.
[  346.482865][T10234] netlink: 338 bytes leftover after parsing attributes in process `syz.3.817'.
[  346.524492][ T9967] veth0_macvtap: entered promiscuous mode
[  346.556909][T10234] netlink: 290 bytes leftover after parsing attributes in process `syz.3.817'.
[  346.590942][T10234] veth0_macvtap: left promiscuous mode
[  346.667198][ T9967] veth1_macvtap: entered promiscuous mode
[  346.899583][ T9967] batman_adv: batadv0: Interface activated: batadv_slave_0
[  347.535490][ T9967] batman_adv: batadv0: Interface activated: batadv_slave_1
[  347.593541][ T9967] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  347.750136][ T9967] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  347.817987][ T9967] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  347.844184][ T9967] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  348.673130][ T2998] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  348.723637][ T2998] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  349.185346][ T2998] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  349.194826][ T2998] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  354.233688][T10353] could not allocate digest TFM handle 
[  355.996351][T10404] sd 0:0:1:0: PR command failed: 1026
[  356.058063][T10404] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  356.141255][T10404] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  356.875168][T10422] netlink: 4 bytes leftover after parsing attributes in process `syz.1.838'.
[  357.571643][T10436] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23
[  358.088626][T10450] zram0: detected capacity change from 8 to 0
[  359.525506][ T5853] Bluetooth: hci0: unexpected event 0x06 length: 11 > 3
[  362.749370][T10533] netlink: 226 bytes leftover after parsing attributes in process `syz.3.858'.
[  362.924224][T10533] netlink: 4 bytes leftover after parsing attributes in process `syz.3.858'.
[  362.971379][T10533] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  364.116262][T10551] netlink: 28 bytes leftover after parsing attributes in process `syz.3.862'.
[  364.133770][T10551] hsr_slave_0: left promiscuous mode
[  364.150089][T10551] hsr_slave_1: left promiscuous mode
[  365.447917][T10554] ptrace attach of "./syz-executor exec"[5845] was attempted by "./syz-executor exec"[10554]
[  368.281817][T10607] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  369.343804][T10637] netlink: 4 bytes leftover after parsing attributes in process `syz.1.877'.
[  369.399122][T10640] FAULT_INJECTION: forcing a failure.
[  369.399122][T10640] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  369.399229][T10640] CPU: 1 UID: 0 PID: 10640 Comm: syz.0.875 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  369.399267][T10640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  369.399285][T10640] Call Trace:
[  369.399294][T10640]  <TASK>
[  369.399306][T10640]  dump_stack_lvl+0x16c/0x1f0
[  369.399357][T10640]  should_fail_ex+0x512/0x640
[  369.399407][T10640]  should_fail_alloc_page+0xe7/0x130
[  369.399440][T10640]  prepare_alloc_pages+0x3c2/0x610
[  369.399474][T10640]  ? rcu_is_watching+0x12/0xc0
[  369.399511][T10640]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  369.399561][T10640]  ? rcu_is_watching+0x12/0xc0
[  369.399592][T10640]  ? trace_mm_page_alloc+0x11f/0x1a0
[  369.399627][T10640]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  369.399675][T10640]  ? __pfx_stack_trace_save+0x10/0x10
[  369.399710][T10640]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  369.399780][T10640]  ? alloc_vmap_area+0x645/0x29c0
[  369.399810][T10640]  ? __vmalloc_node_range_noprof+0x271/0x14b0
[  369.399848][T10640]  ? __do_sys_listmount+0x1c2/0xec0
[  369.399883][T10640]  ? do_syscall_64+0xcd/0x490
[  369.399926][T10640]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.399974][T10640]  alloc_pages_bulk_noprof+0x71c/0x1410
[  369.400017][T10640]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  369.400065][T10640]  ? policy_nodemask+0xea/0x4e0
[  369.400098][T10640]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  369.400147][T10640]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  369.400194][T10640]  kasan_populate_vmalloc+0xf1/0x1f0
[  369.400246][T10640]  alloc_vmap_area+0x959/0x29c0
[  369.400295][T10640]  ? __pfx_alloc_vmap_area+0x10/0x10
[  369.400335][T10640]  __get_vm_area_node+0x1ca/0x330
[  369.400372][T10640]  __vmalloc_node_range_noprof+0x271/0x14b0
[  369.400405][T10640]  ? __do_sys_listmount+0x1c2/0xec0
[  369.400445][T10640]  ? __lock_acquire+0xb8a/0x1c90
[  369.400479][T10640]  ? __do_sys_listmount+0x1c2/0xec0
[  369.400520][T10640]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  369.400555][T10640]  ? __alloc_pages_noprof+0xb/0x1b0
[  369.400592][T10640]  ? ___kmalloc_large_node+0x84/0x1e0
[  369.400620][T10640]  ? find_held_lock+0x2b/0x80
[  369.400655][T10640]  __kvmalloc_node_noprof+0x30a/0x620
[  369.400691][T10640]  ? __do_sys_listmount+0x1c2/0xec0
[  369.400733][T10640]  ? __do_sys_listmount+0x1c2/0xec0
[  369.400771][T10640]  ? __do_sys_listmount+0x1c2/0xec0
[  369.400801][T10640]  __do_sys_listmount+0x1c2/0xec0
[  369.400840][T10640]  ? __x64_sys_futex+0x1e0/0x4c0
[  369.400871][T10640]  ? __x64_sys_futex+0x1e9/0x4c0
[  369.400903][T10640]  ? __pfx___do_sys_listmount+0x10/0x10
[  369.400954][T10640]  do_syscall_64+0xcd/0x490
[  369.400994][T10640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.401021][T10640] RIP: 0033:0x7f9f9c38e929
[  369.401044][T10640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  369.401069][T10640] RSP: 002b:00007f9f9d1ba038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  369.401096][T10640] RAX: ffffffffffffffda RBX: 00007f9f9c5b6160 RCX: 00007f9f9c38e929
[  369.401114][T10640] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[  369.401130][T10640] RBP: 00007f9f9c410b39 R08: 0000000000000000 R09: 0000000000000000
[  369.401146][T10640] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  369.401162][T10640] R13: 0000000000000000 R14: 00007f9f9c5b6160 R15: 00007ffdff739c58
[  369.401202][T10640]  </TASK>
[  369.402521][T10640] syz.0.875: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null)
[  369.772870][T10637] netlink: 4 bytes leftover after parsing attributes in process `syz.1.877'.
[  369.921800][T10651] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24
[  369.940153][T10640] ,cpuset=/,mems_allowed=0-1
[  369.940243][T10640] CPU: 0 UID: 0 PID: 10640 Comm: syz.0.875 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  369.940281][T10640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  369.940299][T10640] Call Trace:
[  369.940310][T10640]  <TASK>
[  369.940322][T10640]  dump_stack_lvl+0x16c/0x1f0
[  369.940372][T10640]  warn_alloc+0x248/0x3a0
[  369.940420][T10640]  ? __pfx_warn_alloc+0x10/0x10
[  369.940547][T10640]  ? kfree+0x2b4/0x4d0
[  369.940597][T10640]  ? __get_vm_area_node+0x208/0x330
[  369.940642][T10640]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[  369.940693][T10640]  ? __lock_acquire+0xb8a/0x1c90
[  369.940736][T10640]  ? __do_sys_listmount+0x1c2/0xec0
[  369.940785][T10640]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  369.940827][T10640]  ? __alloc_pages_noprof+0xb/0x1b0
[  369.940872][T10640]  ? ___kmalloc_large_node+0x84/0x1e0
[  369.940905][T10640]  ? find_held_lock+0x2b/0x80
[  369.940945][T10640]  __kvmalloc_node_noprof+0x30a/0x620
[  369.940990][T10640]  ? __do_sys_listmount+0x1c2/0xec0
[  369.941030][T10640]  ? __do_sys_listmount+0x1c2/0xec0
[  369.941074][T10640]  ? __do_sys_listmount+0x1c2/0xec0
[  369.941108][T10640]  __do_sys_listmount+0x1c2/0xec0
[  369.941154][T10640]  ? __x64_sys_futex+0x1e0/0x4c0
[  369.941189][T10640]  ? __x64_sys_futex+0x1e9/0x4c0
[  369.941225][T10640]  ? __pfx___do_sys_listmount+0x10/0x10
[  369.941284][T10640]  do_syscall_64+0xcd/0x490
[  369.941333][T10640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.941362][T10640] RIP: 0033:0x7f9f9c38e929
[  369.941384][T10640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  369.941412][T10640] RSP: 002b:00007f9f9d1ba038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  369.941439][T10640] RAX: ffffffffffffffda RBX: 00007f9f9c5b6160 RCX: 00007f9f9c38e929
[  369.941470][T10640] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[  369.941489][T10640] RBP: 00007f9f9c410b39 R08: 0000000000000000 R09: 0000000000000000
[  369.941507][T10640] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  369.941525][T10640] R13: 0000000000000000 R14: 00007f9f9c5b6160 R15: 00007ffdff739c58
[  369.941564][T10640]  </TASK>
[  369.941575][T10640] Mem-Info:
[  369.941586][T10640] active_anon:30687 inactive_anon:0 isolated_anon:0
[  369.941586][T10640]  active_file:11188 inactive_file:48606 isolated_file:0
[  369.941586][T10640]  unevictable:768 dirty:1957 writeback:0
[  369.941586][T10640]  slab_reclaimable:11105 slab_unreclaimable:95573
[  369.941586][T10640]  mapped:37932 shmem:19531 pagetables:1306
[  369.941586][T10640]  sec_pagetables:0 bounce:0
[  369.941586][T10640]  kernel_misc_reclaimable:0
[  369.941586][T10640]  free:1283442 free_pcp:25059 free_cma:0
[  369.941658][T10640] Node 0 active_anon:122748kB inactive_anon:0kB active_file:44652kB inactive_file:194292kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:151628kB dirty:7824kB writeback:0kB shmem:76588kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11948kB pagetables:5084kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  369.941733][T10640] Node 1 active_anon:0kB inactive_anon:0kB active_file:100kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:100kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  369.941805][T10640] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  369.941886][T10640] lowmem_reserve[]: 0 2480 2482 2482 2482
[  369.941947][T10640] Node 0 DMA32 free:1239020kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:122700kB inactive_anon:0kB active_file:44652kB inactive_file:192980kB unevictable:1536kB writepending:7824kB present:3129332kB managed:2540356kB mlocked:0kB bounce:0kB free_pcp:61592kB local_pcp:17956kB free_cma:0kB
[  369.942034][T10640] lowmem_reserve[]: 0 0 1 1 1
[  369.942092][T10640] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1312kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:20kB local_pcp:8kB free_cma:0kB
[  369.942173][T10640] lowmem_reserve[]: 0 0 0 0 0
[  369.942231][T10640] Node 1 Normal free:3879380kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:100kB inactive_file:132kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:38624kB local_pcp:24592kB free_cma:0kB
[  369.942320][T10640] lowmem_reserve[]: 0 0 0 0 0
[  369.942376][T10640] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  369.942581][T10640] Node 0 DMA32: 22*4kB (UME) 9*8kB (UME) 54*16kB (UE) 619*32kB (UME) 833*64kB (UME) 326*128kB (UME) 243*256kB (UME) 144*512kB (UM) 90*1024kB (UME) 29*2048kB (UME) 204*4096kB (UM) = 1238944kB
[  369.942850][T10640] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  369.943020][T10640] Node 1 Normal: 159*4kB (UME) 89*8kB (UME) 63*16kB (UME) 133*32kB (UME) 48*64kB (UME) 24*128kB (UME) 16*256kB (UME) 6*512kB (M) 9*1024kB (ME) 6*2048kB (ME) 937*4096kB (M) = 3879380kB
[  369.943288][T10640] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  369.943312][T10640] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  369.943336][T10640] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  369.943360][T10640] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  369.943384][T10640] 79321 total pagecache pages
[  369.943397][T10640] 0 pages in swap cache
[  369.943407][T10640] Free swap  = 124928kB
[  369.943419][T10640] Total swap = 124996kB
[  369.943432][T10640] 2097051 pages RAM
[  369.943454][T10640] 0 pages HighMem/MovableOnly
[  369.943465][T10640] 429984 pages reserved
[  369.943476][T10640] 0 pages cma reserved
[  370.660990][T10653] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25
[  371.710991][T10655] tty tty12: ldisc open failed (-12), clearing slot 11
[  371.736671][T10657] ttyS ttyS1: ldisc open failed (-12), clearing slot 1
[  372.156345][T10663] GUP no longer grows the stack in syz.2.882 (10663): 14000-401000 (4000)
[  372.177876][T10663] CPU: 0 UID: 0 PID: 10663 Comm: syz.2.882 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  372.177918][T10663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  372.177935][T10663] Call Trace:
[  372.177946][T10663]  <TASK>
[  372.177957][T10663]  dump_stack_lvl+0x16c/0x1f0
[  372.178005][T10663]  gup_vma_lookup+0x1d2/0x220
[  372.178039][T10663]  __get_user_pages+0x271/0x3b80
[  372.178086][T10663]  ? process_vm_rw_core.constprop.0+0x1d8/0x9a0
[  372.178134][T10663]  ? kasan_save_stack+0x42/0x60
[  372.178177][T10663]  ? __pfx___get_user_pages+0x10/0x10
[  372.178209][T10663]  ? register_lock_class+0x41/0x4c0
[  372.178248][T10663]  ? __x64_sys_process_vm_readv+0xe2/0x1c0
[  372.178274][T10663]  ? do_syscall_64+0xcd/0x490
[  372.178324][T10663]  __gup_longterm_locked+0x20d/0x1840
[  372.178366][T10663]  ? __lock_acquire+0xb8a/0x1c90
[  372.178411][T10663]  ? __pfx___gup_longterm_locked+0x10/0x10
[  372.178476][T10663]  pin_user_pages_remote+0xed/0x140
[  372.178517][T10663]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  372.178551][T10663]  ? mm_access+0x22d/0x2e0
[  372.178605][T10663]  process_vm_rw_core.constprop.0+0x41b/0x9a0
[  372.178675][T10663]  ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[  372.178727][T10663]  ? iovec_from_user+0xbb/0x140
[  372.178797][T10663]  ? iovec_from_user+0xbb/0x140
[  372.178849][T10663]  process_vm_rw+0x216/0x2c0
[  372.178900][T10663]  ? __pfx_process_vm_rw+0x10/0x10
[  372.178945][T10663]  ? __pfx_futex_wake+0x10/0x10
[  372.178996][T10663]  ? task_mm_cid_work+0x37b/0x910
[  372.179072][T10663]  ? xfd_validate_state+0x61/0x180
[  372.179121][T10663]  ? __task_pid_nr_ns+0x17c/0x500
[  372.179170][T10663]  __x64_sys_process_vm_readv+0xe2/0x1c0
[  372.179200][T10663]  ? do_syscall_64+0x91/0x490
[  372.179243][T10663]  ? lockdep_hardirqs_on+0x7c/0x110
[  372.179284][T10663]  do_syscall_64+0xcd/0x490
[  372.179330][T10663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.179360][T10663] RIP: 0033:0x7fcb3758e929
[  372.179386][T10663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  372.179415][T10663] RSP: 002b:00007fcb353f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  372.179452][T10663] RAX: ffffffffffffffda RBX: 00007fcb377b5fa0 RCX: 00007fcb3758e929
[  372.179473][T10663] RDX: 0000000000000004 RSI: 0000200000000100 RDI: 0000000000000436
[  372.179491][T10663] RBP: 00007fcb37610b39 R08: 0000000000000003 R09: 0000000000000000
[  372.179510][T10663] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000
[  372.179528][T10663] R13: 0000000000000000 R14: 00007fcb377b5fa0 R15: 00007ffcdc6d5c58
[  372.179570][T10663]  </TASK>
[  373.432121][ T5167] Bluetooth: hci0: unexpected event 0x06 length: 11 > 3
[  373.529116][ T5853] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  373.774626][T10690] ptrace attach of "./syz-executor exec"[10700] was attempted by "./syz-executor exec"[10690]
[  374.457909][T10716] binder: 10712:10716 ioctl c0306201 2000000003c0 returned -14
[  378.792249][ T5853] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[  378.792298][ T5853] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260
[  378.807474][ T5853] Bluetooth: hci3: Unknown advertising packet type: 0x7f
[  378.807513][ T5853] Bluetooth: hci3: adv larger than maximum supported
[  378.814688][ T5853] Bluetooth: hci3: Unknown advertising packet type: 0x7f
[  378.821905][ T5853] Bluetooth: hci3: Malformed LE Event: 0x0d
[  380.370160][ T5853] Bluetooth: hci1: unexpected event 0x05 length: 11 > 4
[  380.568699][T10829] netlink: 12 bytes leftover after parsing attributes in process `syz.3.920'.
[  380.682311][T10829] HfR: entered promiscuous mode
[  381.152806][ T5853] Bluetooth: hci0: unexpected event 0x05 length: 11 > 4
[  382.821241][T10873] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27
[  383.040791][T10877] netlink: 8 bytes leftover after parsing attributes in process `syz.0.929'.
[  383.530273][ T5853] Bluetooth: hci1: unexpected event 0x06 length: 11 > 3
[  383.601382][T10887] random: crng reseeded on system resumption
[  383.865829][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  383.884268][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  384.207421][T10902] netlink: 8 bytes leftover after parsing attributes in process `syz.0.934'.
[  384.486174][T10905] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28
[  384.826631][T10916] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff8163e669 (__mcheck_cpu_init_clear_banks+0x109/0x1f0)
[  384.842279][T10916] Call Trace:
[  384.845591][T10916]  <TASK>
[  384.848544][T10916]  ? __pfx_mce_cpu_restart+0x10/0x10
[  384.853883][T10916]  mce_cpu_restart+0x98/0xb0
[  384.858635][T10916]  smp_call_function_many_cond+0xef9/0x1510
[  384.864553][T10916]  ? __pfx_mce_cpu_restart+0x10/0x10
[  384.869882][T10916]  ? lockdep_hardirqs_on+0x7c/0x110
[  384.875118][T10916]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  384.880958][T10916]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  384.887311][T10916]  ? __pfx___try_to_del_timer_sync+0x10/0x10
[  384.893348][T10916]  ? __pfx_mce_cpu_restart+0x10/0x10
[  384.898672][T10916]  on_each_cpu_cond_mask+0x40/0x90
[  384.903895][T10916]  set_bank+0x240/0x3a0
[  384.908084][T10916]  ? __pfx_set_bank+0x10/0x10
[  384.912820][T10916]  ? find_held_lock+0x2b/0x80
[  384.917554][T10916]  ? __pfx_set_bank+0x10/0x10
[  384.922302][T10916]  dev_attr_store+0x58/0x80
[  384.926836][T10916]  ? __pfx_dev_attr_store+0x10/0x10
[  384.932145][T10916]  sysfs_kf_write+0xf2/0x150
[  384.936859][T10916]  kernfs_fop_write_iter+0x354/0x510
[  384.942171][T10916]  ? __pfx_sysfs_kf_write+0x10/0x10
[  384.947406][T10916]  vfs_write+0x6c4/0x1150
[  384.951778][T10916]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  384.957625][T10916]  ? __pfx___mutex_lock+0x10/0x10
[  384.962689][T10916]  ? __pfx_vfs_write+0x10/0x10
[  384.967512][T10916]  ksys_write+0x12a/0x250
[  384.971965][T10916]  ? __pfx_ksys_write+0x10/0x10
[  384.976858][T10916]  do_syscall_64+0xcd/0x490
[  384.981407][T10916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.987330][T10916] RIP: 0033:0x7f5ddd98e929
[  384.991771][T10916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  385.011408][T10916] RSP: 002b:00007f5dde847038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  385.019944][T10916] RAX: ffffffffffffffda RBX: 00007f5dddbb5fa0 RCX: 00007f5ddd98e929
[  385.027936][T10916] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000003
[  385.035931][T10916] RBP: 00007f5ddda10b39 R08: 0000000000000000 R09: 0000000000000000
[  385.043940][T10916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  385.052019][T10916] R13: 0000000000000000 R14: 00007f5dddbb5fa0 R15: 00007ffe326205d8
[  385.060029][T10916]  </TASK>
[  385.462569][T10916] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  385.495646][T10916] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  385.501700][T10916] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  385.518455][T10916] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  385.524989][T10916] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  385.983840][T10916] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  386.003273][T10916] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  386.032491][T10916] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  387.326536][ T5853] Bluetooth: hci3: unexpected event 0x06 length: 11 > 3
[  387.456933][ T5853] Bluetooth: hci0: command 0x0c1a tx timeout
[  387.536483][ T5853] Bluetooth: hci2: command 0x0c1a tx timeout
[  387.542624][ T5853] Bluetooth: hci3: command 0x0c1a tx timeout
[  387.835597][T10970] netlink: 20 bytes leftover after parsing attributes in process `syz.0.945'.
[  388.028232][ T5853] Bluetooth: hci1: command 0x0c1a tx timeout
[  389.617693][ T5853] Bluetooth: hci3: command 0x0c1a tx timeout
[  389.617701][ T5167] Bluetooth: hci2: command 0x0c1a tx timeout
[  390.097737][ T5167] Bluetooth: hci1: command 0x0c1a tx timeout
[  390.468392][T11006] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(1)
[  391.338529][T11017] zswap: compressor  not available
[  391.464732][T11027] netlink: 25 bytes leftover after parsing attributes in process `syz.2.960'.
[  391.475706][T11026] ima: policy update failed
[  391.499397][   T30] audit: type=1802 audit(4294968436.853:14): pid=11026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.960" res=0 errno=0
[  391.526593][T11030] vhci_hcd: invalid port number 16
[  391.558251][T11030] vhci_hcd: invalid port number 16
[  391.940953][T11036] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  392.178633][ T5167] Bluetooth: hci1: command 0x0c1a tx timeout
[  392.693720][ T5167] Bluetooth: hci3: unexpected event 0x06 length: 11 > 3
[  394.171725][T11075] can: request_module (can-proto-3) failed.
[  394.644197][T11085] netlink: 'syz.3.972': attribute type 1 has an invalid length.
[  394.821367][T11093] FAULT_INJECTION: forcing a failure.
[  394.821367][T11093] name fail_futex, interval 1, probability 0, space 0, times 0
[  394.834934][T11093] CPU: 0 UID: 0 PID: 11093 Comm: syz.1.973 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  394.834976][T11093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  394.834995][T11093] Call Trace:
[  394.835006][T11093]  <TASK>
[  394.835018][T11093]  dump_stack_lvl+0x16c/0x1f0
[  394.835066][T11093]  should_fail_ex+0x512/0x640
[  394.835111][T11093]  ? get_pid_task+0xfc/0x250
[  394.835158][T11093]  get_futex_key+0x1d0/0x1540
[  394.835196][T11093]  ? oom_adj_read+0x211/0x2f0
[  394.835231][T11093]  ? __pfx_get_futex_key+0x10/0x10
[  394.835277][T11093]  ? kfree+0x24f/0x4d0
[  394.835330][T11093]  futex_wake+0xe7/0x4e0
[  394.835378][T11093]  ? __pfx_futex_wake+0x10/0x10
[  394.835421][T11093]  ? __pfx_vfs_readv+0x10/0x10
[  394.835469][T11093]  ? do_readv+0x218/0x340
[  394.835517][T11093]  do_futex+0x1e3/0x350
[  394.835554][T11093]  ? __pfx_do_futex+0x10/0x10
[  394.835587][T11093]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  394.835648][T11093]  __x64_sys_futex+0x1e0/0x4c0
[  394.835688][T11093]  ? fput+0x70/0xf0
[  394.835718][T11093]  ? __pfx___x64_sys_futex+0x10/0x10
[  394.835757][T11093]  ? __pfx_do_readv+0x10/0x10
[  394.835811][T11093]  do_syscall_64+0xcd/0x490
[  394.835860][T11093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.835891][T11093] RIP: 0033:0x7f5ddd98e929
[  394.835914][T11093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  394.835943][T11093] RSP: 002b:00007f5dde8470e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  394.835971][T11093] RAX: ffffffffffffffda RBX: 00007f5dddbb5fa8 RCX: 00007f5ddd98e929
[  394.835990][T11093] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5dddbb5fac
[  394.836007][T11093] RBP: 00007f5dddbb5fa0 R08: 00007f5dde848000 R09: 0000000000000000
[  394.836025][T11093] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dddbb5fac
[  394.836043][T11093] R13: 0000000000000000 R14: 00007ffe326204f0 R15: 00007ffe326205d8
[  394.836082][T11093]  </TASK>
[  396.711632][T11127] FAULT_INJECTION: forcing a failure.
[  396.711632][T11127] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  396.945256][T11127] CPU: 1 UID: 0 PID: 11127 Comm: syz.3.979 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  396.945308][T11127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  396.945325][T11127] Call Trace:
[  396.945335][T11127]  <TASK>
[  396.945345][T11127]  dump_stack_lvl+0x16c/0x1f0
[  396.945392][T11127]  should_fail_ex+0x512/0x640
[  396.945438][T11127]  should_fail_alloc_page+0xe7/0x130
[  396.945470][T11127]  prepare_alloc_pages+0x3c2/0x610
[  396.945511][T11127]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  396.945553][T11127]  ? lockdep_hardirqs_on+0x7c/0x110
[  396.945593][T11127]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  396.945632][T11127]  ? stack_depot_save_flags+0x3e0/0xa40
[  396.945684][T11127]  ? kasan_save_stack+0x42/0x60
[  396.945723][T11127]  ? kasan_save_stack+0x33/0x60
[  396.945763][T11127]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  396.945805][T11127]  ? alloc_vmap_area+0xdc8/0x29c0
[  396.945834][T11127]  ? __vmalloc_node_range_noprof+0x271/0x14b0
[  396.945869][T11127]  ? stack_map_alloc+0x290/0x650
[  396.945896][T11127]  ? map_create+0x58f/0x1db0
[  396.945934][T11127]  ? __sys_bpf+0x47cc/0x4d80
[  396.945956][T11127]  ? __x64_sys_bpf+0x78/0xc0
[  396.945979][T11127]  ? do_syscall_64+0xcd/0x490
[  396.946019][T11127]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.946065][T11127]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  396.946110][T11127]  ? policy_nodemask+0xea/0x4e0
[  396.946141][T11127]  alloc_pages_mpol+0x1fb/0x550
[  396.946171][T11127]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  396.946211][T11127]  alloc_pages_noprof+0x131/0x390
[  396.946241][T11127]  get_free_pages_noprof+0x10/0xb0
[  396.946280][T11127]  kasan_populate_vmalloc+0x89/0x1f0
[  396.946329][T11127]  alloc_vmap_area+0x959/0x29c0
[  396.946378][T11127]  ? __pfx_alloc_vmap_area+0x10/0x10
[  396.946419][T11127]  __get_vm_area_node+0x1ca/0x330
[  396.946461][T11127]  __vmalloc_node_range_noprof+0x271/0x14b0
[  396.946499][T11127]  ? stack_map_alloc+0x290/0x650
[  396.946539][T11127]  ? stack_map_alloc+0x290/0x650
[  396.946576][T11127]  ? aa_get_newest_label+0x375/0x680
[  396.946605][T11127]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  396.946642][T11127]  ? __pfx_aa_get_newest_label+0x10/0x10
[  396.946672][T11127]  ? rcu_is_watching+0x12/0xc0
[  396.946702][T11127]  ? trace_cap_capable+0x18d/0x200
[  396.946734][T11127]  ? stack_map_alloc+0x290/0x650
[  396.946759][T11127]  __bpf_map_area_alloc+0x12e/0x200
[  396.946788][T11127]  ? stack_map_alloc+0x290/0x650
[  396.946821][T11127]  stack_map_alloc+0x290/0x650
[  396.946856][T11127]  map_create+0x58f/0x1db0
[  396.946911][T11127]  ? __pfx_map_create+0x10/0x10
[  396.946949][T11127]  ? __might_fault+0xe3/0x190
[  396.946989][T11127]  ? __might_fault+0xe3/0x190
[  396.947026][T11127]  ? __might_fault+0x13b/0x190
[  396.947082][T11127]  __sys_bpf+0x47cc/0x4d80
[  396.947115][T11127]  ? __pfx___sys_bpf+0x10/0x10
[  396.947142][T11127]  ? ksys_write+0x190/0x250
[  396.947188][T11127]  ? do_futex+0x122/0x350
[  396.947224][T11127]  ? __pfx_do_futex+0x10/0x10
[  396.947283][T11127]  ? fput+0x70/0xf0
[  396.947312][T11127]  ? xfd_validate_state+0x61/0x180
[  396.947348][T11127]  ? __pfx_ksys_write+0x10/0x10
[  396.947396][T11127]  __x64_sys_bpf+0x78/0xc0
[  396.947421][T11127]  ? lockdep_hardirqs_on+0x7c/0x110
[  396.947460][T11127]  do_syscall_64+0xcd/0x490
[  396.947504][T11127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.947531][T11127] RIP: 0033:0x7fad9798e929
[  396.947554][T11127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  396.947581][T11127] RSP: 002b:00007fad98734038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  396.947608][T11127] RAX: ffffffffffffffda RBX: 00007fad97bb5fa0 RCX: 00007fad9798e929
[  396.947627][T11127] RDX: 00000000000006f4 RSI: 0000200000000100 RDI: 0000000000000000
[  396.947644][T11127] RBP: 00007fad97a10b39 R08: 0000000000000000 R09: 0000000000000000
[  396.947661][T11127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  396.947677][T11127] R13: 0000000000000000 R14: 00007fad97bb5fa0 R15: 00007fff1e576ab8
[  396.947713][T11127]  </TASK>
[  398.001024][T11138] ecryptfs_parse_packet_length: Error parsing packet length
[  398.110704][T11144] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29
[  398.127535][T11138] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22]
[  398.201033][ T5167] Bluetooth: hci1: unexpected event 0x06 length: 11 > 3
[  399.081618][T11161] FAULT_INJECTION: forcing a failure.
[  399.081618][T11161] name failslab, interval 1, probability 0, space 0, times 0
[  399.102255][T11161] CPU: 0 UID: 0 PID: 11161 Comm: syz.0.982 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  399.102298][T11161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  399.102316][T11161] Call Trace:
[  399.102326][T11161]  <TASK>
[  399.102338][T11161]  dump_stack_lvl+0x16c/0x1f0
[  399.102388][T11161]  should_fail_ex+0x512/0x640
[  399.102431][T11161]  ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0
[  399.102492][T11161]  should_failslab+0xc2/0x120
[  399.102521][T11161]  kmem_cache_alloc_bulk_noprof+0x85/0xbc0
[  399.102574][T11161]  ? trace_kmem_cache_alloc+0x28/0xc0
[  399.102604][T11161]  ? kmem_cache_alloc_noprof+0x21e/0x3b0
[  399.102651][T11161]  ? mas_alloc_nodes+0x18b/0x8b0
[  399.102696][T11161]  ? mas_alloc_nodes+0x2f1/0x8b0
[  399.102734][T11161]  mas_alloc_nodes+0x2f1/0x8b0
[  399.102784][T11161]  mas_node_count_gfp+0x105/0x130
[  399.102827][T11161]  mas_preallocate+0x7e0/0xde0
[  399.102865][T11161]  ? __pfx_mas_preallocate+0x10/0x10
[  399.102906][T11161]  ? rcu_read_unlock+0x17/0x60
[  399.102946][T11161]  vma_link+0x135/0x6a0
[  399.102995][T11161]  ? __pfx_vma_link+0x10/0x10
[  399.103038][T11161]  ? rcu_is_watching+0x12/0xc0
[  399.103078][T11161]  ? anon_vma_clone+0x405/0x5c0
[  399.103119][T11161]  ? anon_vma_name+0x75/0x100
[  399.103158][T11161]  copy_vma+0x6c2/0xaa0
[  399.103209][T11161]  ? __pfx_copy_vma+0x10/0x10
[  399.103249][T11161]  ? lockdep_hardirqs_on+0x7c/0x110
[  399.103302][T11161]  ? register_lock_class+0x41/0x4c0
[  399.103342][T11161]  ? __schedule+0x1181/0x5de0
[  399.103397][T11161]  ? __lock_acquire+0x622/0x1c90
[  399.103447][T11161]  copy_vma_and_data+0x1cf/0x750
[  399.103507][T11161]  ? __pfx_copy_vma_and_data+0x10/0x10
[  399.103565][T11161]  ? __vma_enter_locked+0x163/0x3f0
[  399.103611][T11161]  ? find_held_lock+0x2b/0x80
[  399.103644][T11161]  ? move_vma+0x536/0x1740
[  399.103699][T11161]  move_vma+0x548/0x1740
[  399.103753][T11161]  ? __pfx_move_vma+0x10/0x10
[  399.103794][T11161]  ? mm_get_unmapped_area+0x95/0xe0
[  399.103833][T11161]  ? shmem_get_unmapped_area+0x170/0xa00
[  399.103873][T11161]  ? cap_mmap_addr+0x4b/0x120
[  399.103901][T11161]  ? bpf_lsm_mmap_addr+0x9/0x10
[  399.103932][T11161]  ? security_mmap_addr+0x6c/0x1e0
[  399.103971][T11161]  ? __get_unmapped_area+0x267/0x440
[  399.104011][T11161]  ? vrm_set_new_addr+0x208/0x290
[  399.104060][T11161]  __do_sys_mremap+0xe07/0x1590
[  399.104112][T11161]  ? __pfx___do_sys_mremap+0x10/0x10
[  399.104172][T11161]  ? __fget_files+0x204/0x3c0
[  399.104222][T11161]  ? __x64_sys_futex+0x1e0/0x4c0
[  399.104287][T11161]  do_syscall_64+0xcd/0x490
[  399.104336][T11161]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.104366][T11161] RIP: 0033:0x7f9f9c38e929
[  399.104390][T11161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  399.104420][T11161] RSP: 002b:00007f9f9d199038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  399.104449][T11161] RAX: ffffffffffffffda RBX: 00007f9f9c5b6240 RCX: 00007f9f9c38e929
[  399.104492][T11161] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000
[  399.104510][T11161] RBP: 00007f9f9c410b39 R08: 00007effffffb000 R09: 0000000000000000
[  399.104529][T11161] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[  399.104548][T11161] R13: 0000000000000000 R14: 00007f9f9c5b6240 R15: 00007ffdff739c58
[  399.104590][T11161]  </TASK>
[  399.441521][    C0] vkms_vblank_simulate: vblank timer overrun
[  399.479751][T11146] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30
[  400.045859][T11172] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input31
[  401.826386][T11211] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input32
[  402.981770][T11224] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  403.723525][T11243] .RRo�\�&p�: entered promiscuous mode
[  407.594315][T11324] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1008'.
[  407.643612][T11324] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1008'.
[  407.717249][T11324] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1008'.
[  407.749015][T11328] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1008'.
[  408.307186][T11341] netlink: 266 bytes leftover after parsing attributes in process `syz.2.1012'.
[  408.338162][T11341] IPv6: NLM_F_CREATE should be specified when creating new route
[  408.613159][T11351] FAULT_INJECTION: forcing a failure.
[  408.613159][T11351] name failslab, interval 1, probability 0, space 0, times 0
[  408.682612][T11351] CPU: 0 UID: 0 PID: 11351 Comm: syz.1.1011 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  408.682659][T11351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  408.682678][T11351] Call Trace:
[  408.682688][T11351]  <TASK>
[  408.682700][T11351]  dump_stack_lvl+0x16c/0x1f0
[  408.682753][T11351]  should_fail_ex+0x512/0x640
[  408.682795][T11351]  ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0
[  408.682852][T11351]  should_failslab+0xc2/0x120
[  408.682883][T11351]  kmem_cache_alloc_bulk_noprof+0x85/0xbc0
[  408.682936][T11351]  ? trace_kmem_cache_alloc+0x28/0xc0
[  408.682967][T11351]  ? kmem_cache_alloc_noprof+0x21e/0x3b0
[  408.683013][T11351]  ? mas_alloc_nodes+0x18b/0x8b0
[  408.683058][T11351]  ? mas_alloc_nodes+0x2f1/0x8b0
[  408.683092][T11351]  mas_alloc_nodes+0x2f1/0x8b0
[  408.683138][T11351]  mas_node_count_gfp+0x105/0x130
[  408.683179][T11351]  mas_preallocate+0x7e0/0xde0
[  408.683214][T11351]  ? __pfx_mas_preallocate+0x10/0x10
[  408.683255][T11351]  ? rcu_read_unlock+0x17/0x60
[  408.683296][T11351]  vma_link+0x135/0x6a0
[  408.683341][T11351]  ? __pfx_vma_link+0x10/0x10
[  408.683385][T11351]  ? rcu_is_watching+0x12/0xc0
[  408.683420][T11351]  ? anon_vma_clone+0x405/0x5c0
[  408.683471][T11351]  ? anon_vma_name+0x75/0x100
[  408.683514][T11351]  copy_vma+0x6c2/0xaa0
[  408.683562][T11351]  ? __pfx_copy_vma+0x10/0x10
[  408.683602][T11351]  ? lockdep_hardirqs_on+0x7c/0x110
[  408.683654][T11351]  ? register_lock_class+0x41/0x4c0
[  408.683692][T11351]  ? __schedule+0x1181/0x5de0
[  408.683748][T11351]  ? __lock_acquire+0x622/0x1c90
[  408.683796][T11351]  copy_vma_and_data+0x1cf/0x750
[  408.683844][T11351]  ? __pfx_copy_vma_and_data+0x10/0x10
[  408.683898][T11351]  ? __vma_enter_locked+0x163/0x3f0
[  408.683942][T11351]  ? find_held_lock+0x2b/0x80
[  408.683973][T11351]  ? move_vma+0x536/0x1740
[  408.684026][T11351]  move_vma+0x548/0x1740
[  408.684077][T11351]  ? __pfx_move_vma+0x10/0x10
[  408.684118][T11351]  ? mm_get_unmapped_area+0x95/0xe0
[  408.684155][T11351]  ? shmem_get_unmapped_area+0x170/0xa00
[  408.684192][T11351]  ? cap_mmap_addr+0x4b/0x120
[  408.684219][T11351]  ? bpf_lsm_mmap_addr+0x9/0x10
[  408.684250][T11351]  ? security_mmap_addr+0x6c/0x1e0
[  408.684288][T11351]  ? __get_unmapped_area+0x267/0x440
[  408.684327][T11351]  ? vrm_set_new_addr+0x208/0x290
[  408.684374][T11351]  __do_sys_mremap+0xe07/0x1590
[  408.684424][T11351]  ? __pfx___do_sys_mremap+0x10/0x10
[  408.684491][T11351]  ? __fget_files+0x204/0x3c0
[  408.684541][T11351]  ? __x64_sys_futex+0x1e0/0x4c0
[  408.684606][T11351]  do_syscall_64+0xcd/0x490
[  408.684655][T11351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.684686][T11351] RIP: 0033:0x7f5ddd98e929
[  408.684713][T11351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  408.684742][T11351] RSP: 002b:00007f5dde7e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  408.684773][T11351] RAX: ffffffffffffffda RBX: 00007f5dddbb6240 RCX: 00007f5ddd98e929
[  408.684793][T11351] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000
[  408.684810][T11351] RBP: 00007f5ddda10b39 R08: 00007effffffb000 R09: 0000000000000000
[  408.684830][T11351] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[  408.684847][T11351] R13: 0000000000000000 R14: 00007f5dddbb6240 R15: 00007ffe326205d8
[  408.684887][T11351]  </TASK>
[  411.998563][T11421] nbd: socks must be embedded in a SOCK_ITEM attr
[  412.009212][T11421] block nbd0: shutting down sockets
[  412.030898][T11425] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  415.315910][T11474] random: crng reseeded on system resumption
[  415.806247][T11487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  415.822515][T11487] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  415.864098][T11487] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  415.946667][T11487] page_type: f5(slab)
[  415.988292][T11487] raw: 00fff00000000040 ffff88801ce958c0 dead000000000122 0000000000000000
[  416.051906][T11487] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000
[  416.125765][T11487] head: 00fff00000000040 ffff88801ce958c0 dead000000000122 0000000000000000
[  416.130502][T11495] ecryptfs_miscdev_write: Error while inspecting packet size
[  416.162865][T11487] head: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000
[  416.290491][T11487] head: 00fff00000000002 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  416.299402][T11487] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  416.373798][T11487] page dumped because: unmovable page
[  416.379259][T11487] page_owner tracks the page as allocated
[  416.502777][T11487] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5231, tgid 5231 (udevadm), ts 41655234414, free_ts 33391305684
[  416.603799][T11487]  post_alloc_hook+0x1c0/0x230
[  416.608694][T11487]  get_page_from_freelist+0x1321/0x3890
[  416.617524][T11487]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  416.624158][T11487]  alloc_pages_mpol+0x1fb/0x550
[  416.629171][T11487]  new_slab+0x23b/0x330
[  416.636584][T11487]  ___slab_alloc+0xd9c/0x1940
[  416.788608][T11487]  __slab_alloc.constprop.0+0x56/0xb0
[  416.794664][T11487]  kmem_cache_alloc_lru_noprof+0xf4/0x3b0
[  416.800707][T11487]  alloc_inode+0xc3/0x240
[  416.805108][T11487]  iget_locked+0x2e4/0x830
[  416.809585][T11487]  kernfs_get_inode+0x48/0x460
[  416.814665][T11487]  kernfs_iop_lookup+0x1a7/0x2d0
[  416.819675][T11487]  lookup_open.isra.0+0x4da/0x1580
[  416.825064][T11487]  path_openat+0x893/0x2cb0
[  416.829679][T11487]  do_filp_open+0x20b/0x470
[  416.834715][T11487]  do_sys_openat2+0x11b/0x1d0
[  416.839595][T11487] page last free pid 1 tgid 1 stack trace:
[  416.845550][T11487]  __free_frozen_pages+0x7fe/0x1180
[  416.851044][T11487]  free_contig_range+0x183/0x4b0
[  416.856158][T11487]  destroy_args+0x7f6/0xa60
[  416.861246][T11487]  debug_vm_pgtable+0x13b8/0x2d00
[  416.866465][T11487]  do_one_initcall+0x120/0x6e0
[  416.871498][T11487]  kernel_init_freeable+0x5c2/0x900
[  416.876857][T11487]  kernel_init+0x1c/0x2b0
[  416.881322][T11487]  ret_from_fork+0x5d4/0x6f0
[  416.887585][T11487]  ret_from_fork_asm+0x1a/0x30
[  418.767867][T11540] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34
[  419.841114][T11554] netlink: 74 bytes leftover after parsing attributes in process `syz.1.1051'.
[  420.266147][T11561] netlink: 'syz.0.1054': attribute type 1 has an invalid length.
[  420.292569][T11561] netlink: 33 bytes leftover after parsing attributes in process `syz.0.1054'.
[  420.440074][   T30] audit: type=1804 audit(4294968465.789:15): pid=11563 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1053" name="/newroot/53/file0" dev="tmpfs" ino=304 res=1 errno=0
[  421.879797][T11603] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1062'.
[  421.900632][T11603] WARNING! power/level is deprecated; use power/control instead
[  421.910172][T11603] ICMPv6: process `syz.2.1062' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead
[  422.020774][T11595] netlink: 74 bytes leftover after parsing attributes in process `syz.3.1060'.
[  422.608239][T11609] Invalid ELF header magic: != ELF
[  423.480373][T11645] ima: policy update failed
[  423.511205][   T30] audit: type=1802 audit(4294972564.848:16): pid=11645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1070" res=0 errno=0
[  423.604340][T11651] zram: Removed device: zram0
[  427.223235][T11722] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1088'.
[  427.223235][T11721] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1088'.
[  427.288271][T11721] mac80211_hwsim hwsim3 wlan0: entered promiscuous mode
[  428.654386][T11744] FAULT_INJECTION: forcing a failure.
[  428.654386][T11744] name failslab, interval 1, probability 0, space 0, times 0
[  428.683365][T11744] CPU: 1 UID: 0 PID: 11744 Comm: syz.2.1094 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  428.683409][T11744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  428.683428][T11744] Call Trace:
[  428.683444][T11744]  <TASK>
[  428.683455][T11744]  dump_stack_lvl+0x16c/0x1f0
[  428.683506][T11744]  should_fail_ex+0x512/0x640
[  428.683548][T11744]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  428.683601][T11744]  should_failslab+0xc2/0x120
[  428.683630][T11744]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  428.683678][T11744]  ? __d_alloc+0x31/0xaa0
[  428.683730][T11744]  __d_alloc+0x31/0xaa0
[  428.683781][T11744]  d_alloc_pseudo+0x1c/0xc0
[  428.683814][T11744]  alloc_file_pseudo+0xcf/0x230
[  428.683849][T11744]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  428.683896][T11744]  __shmem_file_setup+0x1a3/0x330
[  428.683940][T11744]  shmem_zero_setup+0x93/0x1a0
[  428.683988][T11744]  __mmap_region+0x1ece/0x25e0
[  428.684050][T11744]  ? __pfx___mmap_region+0x10/0x10
[  428.684107][T11744]  ? finish_task_switch.isra.0+0x22a/0xc10
[  428.684146][T11744]  ? rcu_is_watching+0x12/0xc0
[  428.684178][T11744]  ? trace_sched_exit_tp+0xde/0x130
[  428.684216][T11744]  ? __schedule+0x1181/0x5de0
[  428.684327][T11744]  ? trace_cap_capable+0x18d/0x200
[  428.684372][T11744]  mmap_region+0x1ab/0x3f0
[  428.684417][T11744]  ? __get_unmapped_area+0x267/0x440
[  428.684456][T11744]  do_mmap+0xa3e/0x1210
[  428.684498][T11744]  ? __pfx_do_mmap+0x10/0x10
[  428.684532][T11744]  ? __pfx_down_write_killable+0x10/0x10
[  428.684571][T11744]  vm_mmap_pgoff+0x281/0x450
[  428.684610][T11744]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  428.684651][T11744]  ? __x64_sys_futex+0x1e0/0x4c0
[  428.684686][T11744]  ? __x64_sys_futex+0x1e9/0x4c0
[  428.684730][T11744]  ksys_mmap_pgoff+0x7d/0x5c0
[  428.684761][T11744]  ? xfd_validate_state+0x61/0x180
[  428.684800][T11744]  ? __pfx_ksys_write+0x10/0x10
[  428.684848][T11744]  __x64_sys_mmap+0x125/0x190
[  428.684897][T11744]  do_syscall_64+0xcd/0x490
[  428.684945][T11744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.684975][T11744] RIP: 0033:0x7fcb3758e929
[  428.685000][T11744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  428.685037][T11744] RSP: 002b:00007fcb353f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  428.685066][T11744] RAX: ffffffffffffffda RBX: 00007fcb377b5fa0 RCX: 00007fcb3758e929
[  428.685085][T11744] RDX: 00004000004000df RSI: 0000000000020009 RDI: 0000000000000000
[  428.685104][T11744] RBP: 00007fcb37610b39 R08: 0000000000000005 R09: 0000000000008000
[  428.685122][T11744] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  428.685139][T11744] R13: 0000000000000000 R14: 00007fcb377b5fa0 R15: 00007ffcdc6d5c58
[  428.685180][T11744]  </TASK>
[  428.962725][    C1] vkms_vblank_simulate: vblank timer overrun
[  429.373108][ T5167] Bluetooth: hci2: unexpected subevent 0x19 length: 252 > 28
[  429.380580][ T5167] Bluetooth: hci2: Unable to find connection with handle 0xc3d2
[  429.461251][T11749] FAULT_INJECTION: forcing a failure.
[  429.461251][T11749] name failslab, interval 1, probability 0, space 0, times 0
[  429.474473][T11749] CPU: 1 UID: 0 PID: 11749 Comm: syz.2.1095 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  429.474510][T11749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  429.474522][T11749] Call Trace:
[  429.474528][T11749]  <TASK>
[  429.474535][T11749]  dump_stack_lvl+0x16c/0x1f0
[  429.474566][T11749]  should_fail_ex+0x512/0x640
[  429.474592][T11749]  ? __kmalloc_noprof+0xbf/0x510
[  429.474620][T11749]  ? ima_write_template_field_data+0x5d/0x1f0
[  429.474642][T11749]  should_failslab+0xc2/0x120
[  429.474659][T11749]  __kmalloc_noprof+0xd2/0x510
[  429.474690][T11749]  ima_write_template_field_data+0x5d/0x1f0
[  429.474715][T11749]  ima_eventname_init_common+0x1b8/0x260
[  429.474740][T11749]  ? __pfx_ima_eventname_init_common+0x10/0x10
[  429.474767][T11749]  ? trace_kmalloc+0x2b/0xd0
[  429.474784][T11749]  ? __kmalloc_noprof+0x242/0x510
[  429.474810][T11749]  ? __print_lock_name+0x91/0xe0
[  429.474832][T11749]  ima_alloc_init_template+0x39d/0x720
[  429.474855][T11749]  ima_store_measurement+0x1eb/0x5c0
[  429.474875][T11749]  ? __pfx_ima_store_measurement+0x10/0x10
[  429.474894][T11749]  ? vfs_getxattr_alloc+0xec/0x340
[  429.474925][T11749]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  429.474954][T11749]  process_measurement+0x1ddb/0x23e0
[  429.474989][T11749]  ? __pfx_process_measurement+0x10/0x10
[  429.475019][T11749]  ? alloc_empty_file+0x73/0x1e0
[  429.475037][T11749]  ? hugetlb_file_setup+0x4cd/0x620
[  429.475055][T11749]  ? ksys_mmap_pgoff+0x189/0x5c0
[  429.475073][T11749]  ? __x64_sys_mmap+0x125/0x190
[  429.475129][T11749]  ima_file_mmap+0x1b1/0x1d0
[  429.475155][T11749]  ? __pfx_ima_file_mmap+0x10/0x10
[  429.475187][T11749]  security_mmap_file+0x88c/0x990
[  429.475212][T11749]  vm_mmap_pgoff+0xec/0x450
[  429.475241][T11749]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  429.475257][T11749]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  429.475278][T11749]  ? hugetlbfs_get_inode+0x31f/0x730
[  429.475302][T11749]  ksys_mmap_pgoff+0x1c8/0x5c0
[  429.475325][T11749]  __x64_sys_mmap+0x125/0x190
[  429.475355][T11749]  do_syscall_64+0xcd/0x490
[  429.475383][T11749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  429.475401][T11749] RIP: 0033:0x7fcb3758e929
[  429.475416][T11749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  429.475433][T11749] RSP: 002b:00007fcb353d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  429.475451][T11749] RAX: ffffffffffffffda RBX: 00007fcb377b6080 RCX: 00007fcb3758e929
[  429.475462][T11749] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000
[  429.475473][T11749] RBP: 00007fcb37610b39 R08: 0000000000000401 R09: 0000300000000000
[  429.475483][T11749] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000
[  429.475494][T11749] R13: 0000000000000000 R14: 00007fcb377b6080 R15: 00007ffcdc6d5c58
[  429.475520][T11749]  </TASK>
[  429.577099][   T30] audit: type=1804 audit(4294972570.828:17): pid=11749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.1095" name="anon_hugepage" dev="hugetlbfs" ino=36459 res=0 errno=0
[  429.582292][    C1] vkms_vblank_simulate: vblank timer overrun
[  429.787224][    C1] vkms_vblank_simulate: vblank timer overrun
[  429.793332][    C1] hrtimer: interrupt took 310712972 ns
[  429.893353][    C1] vkms_vblank_simulate: vblank timer overrun
[  430.737766][T11777] FAULT_INJECTION: forcing a failure.
[  430.737766][T11777] name failslab, interval 1, probability 0, space 0, times 0
[  430.808011][T11777] CPU: 0 UID: 0 PID: 11777 Comm: syz.2.1100 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  430.808059][T11777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  430.808078][T11777] Call Trace:
[  430.808089][T11777]  <TASK>
[  430.808100][T11777]  dump_stack_lvl+0x16c/0x1f0
[  430.808151][T11777]  should_fail_ex+0x512/0x640
[  430.808195][T11777]  ? fs_reclaim_acquire+0xae/0x150
[  430.808233][T11777]  ? tomoyo_encode2+0x100/0x3e0
[  430.808272][T11777]  should_failslab+0xc2/0x120
[  430.808302][T11777]  __kmalloc_noprof+0xd2/0x510
[  430.808346][T11777]  ? d_absolute_path+0x136/0x1a0
[  430.808386][T11777]  tomoyo_encode2+0x100/0x3e0
[  430.808433][T11777]  tomoyo_encode+0x29/0x50
[  430.808473][T11777]  tomoyo_realpath_from_path+0x18f/0x6e0
[  430.808529][T11777]  tomoyo_check_open_permission+0x2ab/0x3c0
[  430.808569][T11777]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  430.808651][T11777]  ? do_raw_spin_lock+0x12c/0x2b0
[  430.808713][T11777]  tomoyo_file_open+0x6b/0x90
[  430.808762][T11777]  security_file_open+0x84/0x1e0
[  430.808803][T11777]  do_dentry_open+0x596/0x1c10
[  430.808862][T11777]  vfs_open+0x82/0x3f0
[  430.808901][T11777]  path_openat+0x1de4/0x2cb0
[  430.808971][T11777]  ? __pfx_path_openat+0x10/0x10
[  430.809020][T11777]  ? __lock_acquire+0xb8a/0x1c90
[  430.809067][T11777]  do_filp_open+0x20b/0x470
[  430.809113][T11777]  ? __pfx_do_filp_open+0x10/0x10
[  430.809191][T11777]  ? alloc_fd+0x471/0x7d0
[  430.809243][T11777]  do_sys_openat2+0x11b/0x1d0
[  430.809278][T11777]  ? __pfx_do_sys_openat2+0x10/0x10
[  430.809330][T11777]  __x64_sys_openat+0x174/0x210
[  430.809367][T11777]  ? __pfx___x64_sys_openat+0x10/0x10
[  430.809419][T11777]  do_syscall_64+0xcd/0x490
[  430.809467][T11777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  430.809497][T11777] RIP: 0033:0x7fcb3758e929
[  430.809523][T11777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  430.809553][T11777] RSP: 002b:00007fcb353d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  430.809583][T11777] RAX: ffffffffffffffda RBX: 00007fcb377b6080 RCX: 00007fcb3758e929
[  430.809603][T11777] RDX: 0000000000020000 RSI: 0000200000000840 RDI: ffffffffffffff9c
[  430.809623][T11777] RBP: 00007fcb37610b39 R08: 0000000000000000 R09: 0000000000000000
[  430.809641][T11777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  430.809659][T11777] R13: 0000000000000000 R14: 00007fcb377b6080 R15: 00007ffcdc6d5c58
[  430.809700][T11777]  </TASK>
[  430.809735][T11777] ERROR: Out of memory at tomoyo_realpath_from_path.
[  431.587276][ T5167] Bluetooth: hci1: unexpected event 0x06 length: 11 > 3
[  432.048693][T11795] blktrace: Concurrent blktraces are not allowed on loop2
[  434.390670][T11851] zswap: compressor  not available
[  434.771954][T11851] zswap: compressor  not available
[  435.215465][T11851] zswap: compressor  not available
[  435.845057][T11879] FAULT_INJECTION: forcing a failure.
[  435.845057][T11879] name failslab, interval 1, probability 0, space 0, times 0
[  435.869073][T11879] CPU: 1 UID: 0 PID: 11879 Comm: syz.0.1112 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  435.869103][T11879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  435.869113][T11879] Call Trace:
[  435.869120][T11879]  <TASK>
[  435.869127][T11879]  dump_stack_lvl+0x16c/0x1f0
[  435.869161][T11879]  should_fail_ex+0x512/0x640
[  435.869187][T11879]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  435.869218][T11879]  should_failslab+0xc2/0x120
[  435.869243][T11879]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  435.869271][T11879]  ? __d_alloc+0x31/0xaa0
[  435.869303][T11879]  __d_alloc+0x31/0xaa0
[  435.869329][T11879]  ? do_raw_spin_lock+0x12c/0x2b0
[  435.869360][T11879]  d_alloc+0x4a/0x1e0
[  435.869390][T11879]  d_alloc_name+0x83/0xb0
[  435.869418][T11879]  ? __pfx_d_alloc_name+0x10/0x10
[  435.869451][T11879]  simple_fill_super+0x2eb/0x720
[  435.869480][T11879]  ? __pfx_nfsd_fill_super+0x10/0x10
[  435.869500][T11879]  nfsd_fill_super+0x90/0x530
[  435.869518][T11879]  ? __pfx_set_anon_super_fc+0x10/0x10
[  435.869542][T11879]  ? __pfx_nfsd_fill_super+0x10/0x10
[  435.869561][T11879]  get_tree_keyed+0x10e/0x1d0
[  435.869588][T11879]  vfs_get_tree+0x8e/0x340
[  435.869609][T11879]  path_mount+0x1414/0x2020
[  435.869638][T11879]  ? kmem_cache_free+0x2d1/0x4d0
[  435.869663][T11879]  ? __pfx_path_mount+0x10/0x10
[  435.869694][T11879]  ? putname+0x154/0x1a0
[  435.869714][T11879]  __x64_sys_mount+0x28d/0x310
[  435.869743][T11879]  ? __pfx___x64_sys_mount+0x10/0x10
[  435.869778][T11879]  do_syscall_64+0xcd/0x490
[  435.869807][T11879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.869825][T11879] RIP: 0033:0x7f9f9c38e929
[  435.869841][T11879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  435.869859][T11879] RSP: 002b:00007f9f9d1fc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  435.869877][T11879] RAX: ffffffffffffffda RBX: 00007f9f9c5b5fa0 RCX: 00007f9f9c38e929
[  435.869889][T11879] RDX: 0000200000000140 RSI: 0000200000000100 RDI: 0000000000000000
[  435.869900][T11879] RBP: 00007f9f9c410b39 R08: 0000000000000000 R09: 0000000000000000
[  435.869910][T11879] R10: 0000000000010001 R11: 0000000000000246 R12: 0000000000000000
[  435.869921][T11879] R13: 0000000000000000 R14: 00007f9f9c5b5fa0 R15: 00007ffdff739c58
[  435.869943][T11879]  </TASK>
[  436.100379][    C1] vkms_vblank_simulate: vblank timer overrun
[  436.214787][T11881] netlink: 2336 bytes leftover after parsing attributes in process `syz.3.1113'.
[  436.293396][T11881] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1113'.
[  437.424154][T11911] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1118'.
[  438.038556][ T5167] Bluetooth: hci3: unexpected event 0x06 length: 11 > 3
[  438.655850][T11948] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1124'.
[  438.707568][T11948] netlink: 120 bytes leftover after parsing attributes in process `syz.2.1124'.
[  439.849835][T11980] hub 1-0:1.0: USB hub found
[  439.915309][T11980] hub 1-0:1.0: 1 port detected
[  440.684799][T12001] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4294967293.4294967295.4294967293), cmd(2)
[  441.043382][ T5167] Bluetooth: hci3: unexpected event 0x06 length: 11 > 3
[  441.408024][T12027] FAULT_INJECTION: forcing a failure.
[  441.408024][T12027] name failslab, interval 1, probability 0, space 0, times 0
[  441.533332][T12027] CPU: 1 UID: 0 PID: 12027 Comm: syz.0.1137 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  441.533374][T12027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  441.533392][T12027] Call Trace:
[  441.533401][T12027]  <TASK>
[  441.533413][T12027]  dump_stack_lvl+0x16c/0x1f0
[  441.533460][T12027]  should_fail_ex+0x512/0x640
[  441.533501][T12027]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  441.533544][T12027]  should_failslab+0xc2/0x120
[  441.533573][T12027]  __kmalloc_cache_noprof+0x6a/0x3e0
[  441.533612][T12027]  ? x509_cert_parse+0x162/0x900
[  441.533648][T12027]  ? kasan_save_track+0x14/0x30
[  441.533695][T12027]  x509_cert_parse+0x162/0x900
[  441.533729][T12027]  ? kasan_save_stack+0x42/0x60
[  441.533769][T12027]  ? kasan_save_stack+0x33/0x60
[  441.533808][T12027]  ? kasan_save_track+0x14/0x30
[  441.533853][T12027]  pkcs7_extract_cert+0xa4/0x320
[  441.533909][T12027]  asn1_ber_decoder+0xc5f/0x1df0
[  441.533974][T12027]  ? __pfx_asn1_ber_decoder+0x10/0x10
[  441.534053][T12027]  pkcs7_parse_message+0x288/0x720
[  441.534100][T12027]  verify_pkcs7_signature+0x30/0xa0
[  441.534137][T12027]  valid_regdb+0x215/0x590
[  441.534168][T12027]  ? __pfx___mutex_lock+0x10/0x10
[  441.534212][T12027]  ? __pfx_valid_regdb+0x10/0x10
[  441.534252][T12027]  reg_reload_regdb+0x11e/0x460
[  441.534287][T12027]  ? __pfx_reg_reload_regdb+0x10/0x10
[  441.534323][T12027]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  441.534362][T12027]  ? nl80211_pre_doit+0x1b0/0xb10
[  441.534410][T12027]  genl_family_rcv_msg_doit+0x206/0x2f0
[  441.534450][T12027]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  441.534484][T12027]  ? rcu_is_watching+0x12/0xc0
[  441.534531][T12027]  ? bpf_lsm_capable+0x9/0x10
[  441.534567][T12027]  ? security_capable+0x7e/0x260
[  441.534605][T12027]  genl_rcv_msg+0x55c/0x800
[  441.534645][T12027]  ? __pfx_genl_rcv_msg+0x10/0x10
[  441.534680][T12027]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  441.534719][T12027]  ? __pfx_nl80211_reload_regdb+0x10/0x10
[  441.534749][T12027]  ? __pfx_nl80211_post_doit+0x10/0x10
[  441.534806][T12027]  netlink_rcv_skb+0x155/0x420
[  441.534837][T12027]  ? __pfx_genl_rcv_msg+0x10/0x10
[  441.534872][T12027]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  441.534931][T12027]  ? netlink_deliver_tap+0x1ae/0xd30
[  441.534985][T12027]  genl_rcv+0x28/0x40
[  441.535015][T12027]  netlink_unicast+0x53a/0x7f0
[  441.535050][T12027]  ? __pfx_netlink_unicast+0x10/0x10
[  441.535093][T12027]  netlink_sendmsg+0x8d1/0xdd0
[  441.535131][T12027]  ? __pfx_netlink_sendmsg+0x10/0x10
[  441.535178][T12027]  ____sys_sendmsg+0xa98/0xc70
[  441.535212][T12027]  ? copy_msghdr_from_user+0x10a/0x160
[  441.535254][T12027]  ? __pfx_____sys_sendmsg+0x10/0x10
[  441.535295][T12027]  ? try_to_wake_up+0xa2f/0x1680
[  441.535332][T12027]  ___sys_sendmsg+0x134/0x1d0
[  441.535379][T12027]  ? __pfx____sys_sendmsg+0x10/0x10
[  441.535417][T12027]  ? __lock_acquire+0x622/0x1c90
[  441.535510][T12027]  __sys_sendmsg+0x16d/0x220
[  441.535554][T12027]  ? __pfx___sys_sendmsg+0x10/0x10
[  441.535596][T12027]  ? __x64_sys_futex+0x1e0/0x4c0
[  441.535659][T12027]  do_syscall_64+0xcd/0x490
[  441.535705][T12027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  441.535735][T12027] RIP: 0033:0x7f9f9c38e929
[  441.535759][T12027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  441.535788][T12027] RSP: 002b:00007f9f9d1fc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  441.535817][T12027] RAX: ffffffffffffffda RBX: 00007f9f9c5b5fa0 RCX: 00007f9f9c38e929
[  441.535836][T12027] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000007
[  441.535859][T12027] RBP: 00007f9f9c410b39 R08: 0000000000000000 R09: 0000000000000000
[  441.535877][T12027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  441.535902][T12027] R13: 0000000000000000 R14: 00007f9f9c5b5fa0 R15: 00007ffdff739c58
[  441.535944][T12027]  </TASK>
[  442.145470][T12039] ubi0: attaching mtd0
[  442.149636][T12039] ubi0 error: ubi_attach_mtd_dev: bad VID header (3969) or data offsets (4033)
[  443.581263][ T5167] Bluetooth: hci0: unexpected event 0x06 length: 11 > 3
[  443.931995][T12087] CIFS mount error: No usable UNC path provided in device string!
[  443.931995][T12087] 
[  443.969536][T12087] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  444.605246][T12098] FAULT_INJECTION: forcing a failure.
[  444.605246][T12098] name failslab, interval 1, probability 0, space 0, times 0
[  444.637747][T12098] CPU: 1 UID: 0 PID: 12098 Comm: syz.2.1150 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  444.637795][T12098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  444.637813][T12098] Call Trace:
[  444.637823][T12098]  <TASK>
[  444.637835][T12098]  dump_stack_lvl+0x16c/0x1f0
[  444.637887][T12098]  should_fail_ex+0x512/0x640
[  444.637938][T12098]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  444.637989][T12098]  should_failslab+0xc2/0x120
[  444.638017][T12098]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  444.638064][T12098]  ? radix_tree_node_alloc.constprop.0+0x7c/0x350
[  444.638110][T12098]  radix_tree_node_alloc.constprop.0+0x7c/0x350
[  444.638157][T12098]  idr_get_free+0x528/0xa30
[  444.638214][T12098]  idr_alloc_u32+0x190/0x2f0
[  444.638259][T12098]  ? __pfx_idr_alloc_u32+0x10/0x10
[  444.638305][T12098]  ? __pfx___mutex_lock+0x10/0x10
[  444.638358][T12098]  idr_alloc+0xc0/0x130
[  444.638396][T12098]  ? __pfx_idr_alloc+0x10/0x10
[  444.638436][T12098]  ? __radix_tree_lookup+0x21f/0x2c0
[  444.638485][T12098]  ppp_dev_configure+0x905/0xc80
[  444.638531][T12098]  ppp_ioctl+0x17e0/0x2660
[  444.638570][T12098]  ? find_held_lock+0x2b/0x80
[  444.638601][T12098]  ? __pfx_ppp_ioctl+0x10/0x10
[  444.638645][T12098]  ? __fget_files+0x20e/0x3c0
[  444.638693][T12098]  ? __pfx_ppp_ioctl+0x10/0x10
[  444.638729][T12098]  __x64_sys_ioctl+0x18e/0x210
[  444.638773][T12098]  do_syscall_64+0xcd/0x490
[  444.638821][T12098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.638851][T12098] RIP: 0033:0x7fcb3758e929
[  444.638875][T12098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  444.638912][T12098] RSP: 002b:00007fcb353d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  444.638942][T12098] RAX: ffffffffffffffda RBX: 00007fcb377b6080 RCX: 00007fcb3758e929
[  444.638962][T12098] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000003
[  444.638981][T12098] RBP: 00007fcb37610b39 R08: 0000000000000000 R09: 0000000000000000
[  444.638999][T12098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  444.639016][T12098] R13: 0000000000000000 R14: 00007fcb377b6080 R15: 00007ffcdc6d5c58
[  444.639057][T12098]  </TASK>
[  444.858984][    C1] vkms_vblank_simulate: vblank timer overrun
[  445.330077][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  445.339525][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  446.190864][T12126] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1155'.
[  447.170610][T12145] [U] 
[  447.173405][T12145] [U] 
[  447.176152][T12145] [U] 
[  447.178898][T12145] [U] 
[  447.255682][T12145] [U] 
[  447.258473][T12145] [U] 
[  447.261226][T12145] [U] 
[  447.263972][T12145] [U] 
[  447.275009][T12145] [U] 
[  447.278059][T12145] [U] 
[  447.280810][T12145] [U] 
[  447.283555][T12145] [U] 
[  447.297808][T12145] [U] 
[  447.300582][T12145] [U] 
[  447.303340][T12145] [U] 
[  447.306271][T12145] [U] 
[  447.310288][T12145] [U] 
[  447.313053][T12145] [U] 
[  447.315812][T12145] [U] 
[  447.318567][T12145] [U] 
[  447.334369][T12145] [U] 
[  447.337160][T12145] [U] 
[  447.339909][T12145] [U] 
[  447.342656][T12145] [U] 
[  447.348264][T12145] [U] 
[  447.351023][T12145] [U] 
[  447.353763][T12145] [U] 
[  447.356506][T12145] [U] 
[  447.378043][T12145] [U] 
[  447.380924][T12145] [U] 
[  447.383668][T12145] [U] 
[  447.386412][T12145] [U] 
[  447.398911][T12145] [U] 
[  447.401696][T12145] [U] 
[  447.404464][T12145] [U] 
[  447.407203][T12145] [U] 
[  447.410179][T12145] [U] 
[  447.412929][T12145] [U] 
[  447.415660][T12145] [U] 
[  447.418381][T12145] [U] 
[  447.422376][T12145] [U] 
[  447.425142][T12145] [U] 
[  447.427934][T12145] [U] 
[  447.430683][T12145] [U] 
[  447.499156][T12145] [U] 
[  447.501951][T12145] [U] 
[  447.504704][T12145] [U] 
[  447.507539][T12145] [U] 
[  447.520126][T12152] syz.0.1162: vmalloc error: size 16384, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  447.537136][T12152] CPU: 0 UID: 0 PID: 12152 Comm: syz.0.1162 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  447.537164][T12152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  447.537175][T12152] Call Trace:
[  447.537181][T12152]  <TASK>
[  447.537188][T12152]  dump_stack_lvl+0x16c/0x1f0
[  447.537220][T12152]  warn_alloc+0x248/0x3a0
[  447.537250][T12152]  ? __pfx_warn_alloc+0x10/0x10
[  447.537279][T12152]  ? alloc_pages_mpol+0x25a/0x550
[  447.537298][T12152]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  447.537324][T12152]  __vmalloc_node_range_noprof+0x11d4/0x14b0
[  447.537355][T12152]  ? kernel_clone+0xfc/0x960
[  447.537384][T12152]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  447.537416][T12152]  ? kernel_clone+0xfc/0x960
[  447.537438][T12152]  __vmalloc_node_noprof+0xad/0xf0
[  447.537460][T12152]  ? kernel_clone+0xfc/0x960
[  447.537484][T12152]  copy_process+0x2c70/0x7650
[  447.537507][T12152]  ? preempt_schedule_thunk+0x16/0x30
[  447.537539][T12152]  ? __pfx_copy_process+0x10/0x10
[  447.537562][T12152]  ? find_held_lock+0x2b/0x80
[  447.537584][T12152]  ? wake_up_q+0xb0/0x160
[  447.537605][T12152]  ? do_raw_spin_unlock+0x172/0x230
[  447.537644][T12152]  kernel_clone+0xfc/0x960
[  447.537667][T12152]  ? __pfx_futex_wake+0x10/0x10
[  447.537693][T12152]  ? __pfx_kernel_clone+0x10/0x10
[  447.537727][T12152]  __do_sys_clone+0xce/0x120
[  447.537750][T12152]  ? __pfx___do_sys_clone+0x10/0x10
[  447.537783][T12152]  ? xfd_validate_state+0x61/0x180
[  447.537815][T12152]  do_syscall_64+0xcd/0x490
[  447.537852][T12152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  447.537870][T12152] RIP: 0033:0x7f9f9c38e929
[  447.537886][T12152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  447.537904][T12152] RSP: 002b:00007f9f9d1db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  447.537922][T12152] RAX: ffffffffffffffda RBX: 00007f9f9c5b6080 RCX: 00007f9f9c38e929
[  447.537934][T12152] RDX: 0000200000000340 RSI: 4080000000000001 RDI: 0000000000000001
[  447.537946][T12152] RBP: 00007f9f9c410b39 R08: ffffffffffffffff R09: 0000000000000000
[  447.537957][T12152] R10: 00002000000003c0 R11: 0000000000000246 R12: 0000000000000000
[  447.537968][T12152] R13: 0000000000000000 R14: 00007f9f9c5b6080 R15: 00007ffdff739c58
[  447.537990][T12152]  </TASK>
[  447.537997][T12152] Mem-Info:
[  447.772585][T12145] [U] 
[  447.775360][T12145] [U] 
[  447.778110][T12145] [U] 
[  447.779406][T12152] active_anon:9855 inactive_anon:3225 isolated_anon:0
[  447.779406][T12152]  active_file:15376 inactive_file:42338 isolated_file:0
[  447.779406][T12152]  unevictable:768 dirty:514 writeback:0
[  447.779406][T12152]  slab_reclaimable:11096 slab_unreclaimable:96433
[  447.779406][T12152]  mapped:25143 shmem:1829 pagetables:1171
[  447.779406][T12152]  sec_pagetables:0 bounce:0
[  447.779406][T12152]  kernel_misc_reclaimable:0
[  447.779406][T12152]  free:1306152 free_pcp:18712 free_cma:0
[  447.780833][T12145] [U] 
[  447.826387][    C1] vkms_vblank_simulate: vblank timer overrun
[  447.839431][T12145] [U] 
[  447.842202][T12145] [U] 
[  447.844945][T12145] [U] 
[  447.847683][T12145] [U] 
[  447.887124][T12145] [U] 
[  447.889906][T12145] [U] 
[  447.892673][T12145] [U] 
[  447.895422][T12145] [U] 
[  447.952004][T12145] [U] 
[  447.954790][T12145] [U] 
[  447.957531][T12145] [U] 
[  447.960267][T12145] [U] 
[  447.992991][T12152] Node 0 active_anon:39420kB inactive_anon:8800kB active_file:61504kB inactive_file:169120kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:100472kB dirty:2052kB writeback:0kB shmem:5652kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11184kB pagetables:4544kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  448.026745][    C1] vkms_vblank_simulate: vblank timer overrun
[  448.035287][T12152] Node 1 active_anon:0kB inactive_anon:0kB active_file:100kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:100kB dirty:4kB writeback:0kB shmem:1664kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  448.052166][T12145] [U] 
[  448.067154][    C1] vkms_vblank_simulate: vblank timer overrun
[  448.069773][T12145] [U] 
[  448.078509][T12145] [U] 
[  448.081253][T12145] [U] 
[  448.142767][T12152] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  448.163048][T12145] [U] 
[  448.171651][    C1] vkms_vblank_simulate: vblank timer overrun
[  448.174352][T12145] [U] 
[  448.183104][T12145] [U] 
[  448.185873][T12145] [U] 
[  448.224654][T12152] lowmem_reserve[]: 0 2480 2482 2482 2482
[  448.239067][T12152] Node 0 DMA32 free:1341268kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:39328kB inactive_anon:10296kB active_file:60268kB inactive_file:169044kB unevictable:1536kB writepending:2052kB present:3129332kB managed:2540356kB mlocked:0kB bounce:0kB free_pcp:38600kB local_pcp:13808kB free_cma:0kB
[  448.271873][    C1] vkms_vblank_simulate: vblank timer overrun
[  448.321582][T12143] [U] 
[  448.370558][T12152] lowmem_reserve[]: 0 0 1 1 1
[  448.385220][T12152] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:1240kB inactive_file:72kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:20kB local_pcp:8kB free_cma:0kB
[  448.438573][T12152] lowmem_reserve[]: 0 0 0 0 0
[  448.445803][T12152] Node 1 Normal free:3875272kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:100kB inactive_file:132kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:42692kB local_pcp:28132kB free_cma:0kB
[  448.507194][T12152] lowmem_reserve[]: 0 0 0 0 0
[  448.525849][T12152] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  448.617231][T12152] Node 0 DMA32: 1992*4kB (UME) 1265*8kB (UME) 1202*16kB (UME) 1371*32kB (UME) 830*64kB (UME) 420*128kB (UME) 275*256kB (UME) 182*512kB (UM) 96*1024kB (UME) 25*2048kB (UME) 206*4096kB (UM) = 1344936kB
[  448.722996][T12152] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  448.765349][T12152] Node 1 Normal: 223*4kB (UME) 90*8kB (UME) 43*16kB (UM) 148*32kB (UME) 52*64kB (UM) 23*128kB (UME) 14*256kB (UM) 8*512kB (M) 6*1024kB (M) 9*2048kB (UME) 935*4096kB (UM) = 3875324kB
[  448.844141][T12152] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  448.958537][T12152] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  448.992902][T12152] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  449.012269][T12174] could not allocate digest TFM handle 
[  449.037375][T12152] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  449.125943][T12152] 59086 total pagecache pages
[  449.146683][T12152] 3 pages in swap cache
[  449.150997][T12152] Free swap  = 122952kB
[  449.168066][T12152] Total swap = 124996kB
[  449.181281][T12152] 2097051 pages RAM
[  449.223219][T12152] 0 pages HighMem/MovableOnly
[  449.239826][T12152] 429984 pages reserved
[  449.259238][T12152] 0 pages cma reserved
[  449.326612][T12190] FAULT_INJECTION: forcing a failure.
[  449.326612][T12190] name failslab, interval 1, probability 0, space 0, times 0
[  449.360716][T12190] CPU: 1 UID: 0 PID: 12190 Comm: syz.2.1167 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  449.360761][T12190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  449.360780][T12190] Call Trace:
[  449.360790][T12190]  <TASK>
[  449.360800][T12190]  dump_stack_lvl+0x16c/0x1f0
[  449.360913][T12190]  should_fail_ex+0x512/0x640
[  449.360967][T12190]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  449.361018][T12190]  should_failslab+0xc2/0x120
[  449.361046][T12190]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  449.361091][T12190]  ? __d_alloc+0x31/0xaa0
[  449.361132][T12190]  ? stack_trace_save+0x8e/0xc0
[  449.361170][T12190]  __d_alloc+0x31/0xaa0
[  449.361219][T12190]  d_alloc+0x4a/0x1e0
[  449.361264][T12190]  d_alloc_parallel+0xe3/0x12e0
[  449.361310][T12190]  ? find_held_lock+0x2b/0x80
[  449.361344][T12190]  ? __pfx_d_alloc_parallel+0x10/0x10
[  449.361383][T12190]  ? __d_lookup+0x266/0x4a0
[  449.361434][T12190]  lookup_open.isra.0+0x665/0x1580
[  449.361482][T12190]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  449.361544][T12190]  ? mnt_get_write_access+0x20c/0x300
[  449.361584][T12190]  path_openat+0x893/0x2cb0
[  449.361642][T12190]  ? __pfx_path_openat+0x10/0x10
[  449.361688][T12190]  ? __lock_acquire+0xb8a/0x1c90
[  449.361730][T12190]  do_filp_open+0x20b/0x470
[  449.361773][T12190]  ? __pfx_do_filp_open+0x10/0x10
[  449.361887][T12190]  ? alloc_fd+0x471/0x7d0
[  449.361943][T12190]  do_sys_openat2+0x11b/0x1d0
[  449.361978][T12190]  ? __pfx_do_sys_openat2+0x10/0x10
[  449.362030][T12190]  __x64_sys_openat+0x174/0x210
[  449.362065][T12190]  ? __pfx___x64_sys_openat+0x10/0x10
[  449.362117][T12190]  do_syscall_64+0xcd/0x490
[  449.362165][T12190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  449.362196][T12190] RIP: 0033:0x7fcb3758e929
[  449.362222][T12190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  449.362250][T12190] RSP: 002b:00007fcb353f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  449.362281][T12190] RAX: ffffffffffffffda RBX: 00007fcb377b5fa0 RCX: 00007fcb3758e929
[  449.362300][T12190] RDX: 00000000001ab101 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  449.362319][T12190] RBP: 00007fcb37610b39 R08: 0000000000000000 R09: 0000000000000000
[  449.362337][T12190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  449.362355][T12190] R13: 0000000000000000 R14: 00007fcb377b5fa0 R15: 00007ffcdc6d5c58
[  449.362395][T12190]  </TASK>
[  449.601934][    C1] vkms_vblank_simulate: vblank timer overrun
[  450.918320][T12224] warning: `syz.3.1173' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  452.410092][T12258] openvswitch: HfR: Dropping previously announced user features
[  452.485923][T12258] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1179'.
[  452.510888][T12258] HfR: left promiscuous mode
[  452.584307][T12263] FAULT_INJECTION: forcing a failure.
[  452.584307][T12263] name failslab, interval 1, probability 0, space 0, times 0
[  452.599306][T12263] CPU: 1 UID: 0 PID: 12263 Comm: syz.2.1179 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  452.599359][T12263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  452.599378][T12263] Call Trace:
[  452.599388][T12263]  <TASK>
[  452.599400][T12263]  dump_stack_lvl+0x16c/0x1f0
[  452.599451][T12263]  should_fail_ex+0x512/0x640
[  452.599494][T12263]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  452.599545][T12263]  should_failslab+0xc2/0x120
[  452.599575][T12263]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  452.599622][T12263]  ? do_epoll_ctl+0x220e/0x2ff0
[  452.599668][T12263]  do_epoll_ctl+0x220e/0x2ff0
[  452.599723][T12263]  ? __pfx_do_epoll_ctl+0x10/0x10
[  452.599758][T12263]  ? find_held_lock+0x2b/0x80
[  452.599789][T12263]  ? __might_fault+0xe3/0x190
[  452.599840][T12263]  ? __might_fault+0xe3/0x190
[  452.599900][T12263]  ? __x64_sys_epoll_ctl+0x15c/0x1e0
[  452.599937][T12263]  __x64_sys_epoll_ctl+0x15c/0x1e0
[  452.599977][T12263]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  452.600031][T12263]  do_syscall_64+0xcd/0x490
[  452.600078][T12263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.600109][T12263] RIP: 0033:0x7fcb3758e929
[  452.600133][T12263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  452.600162][T12263] RSP: 002b:00007fcb353d5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  452.600193][T12263] RAX: ffffffffffffffda RBX: 00007fcb377b6080 RCX: 00007fcb3758e929
[  452.600212][T12263] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000005
[  452.600230][T12263] RBP: 00007fcb37610b39 R08: 0000000000000000 R09: 0000000000000000
[  452.600249][T12263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  452.600267][T12263] R13: 0000000000000000 R14: 00007fcb377b6080 R15: 00007ffcdc6d5c58
[  452.600308][T12263]  </TASK>
[  452.784595][    C1] vkms_vblank_simulate: vblank timer overrun
[  452.945482][ T5167] Bluetooth: hci0: unexpected event 0x06 length: 11 > 3
[  453.039204][T12247] Process accounting resumed
[  454.167343][ T5847] udevd[5847]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory
[  454.393953][T12301] random: crng reseeded on system resumption
[  455.453312][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  455.460986][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  455.789666][T12331] tipc: Started in network mode
[  455.815588][T12331] tipc: Node identity ee00, cluster identity 4711
[  455.831366][T12331] tipc: Node number set to 60928
[  455.881130][T12333] input: 00
[  455.881130][T12333]  as /devices/virtual/input/input35
[  455.910322][T12333] FAULT_INJECTION: forcing a failure.
[  455.910322][T12333] name failslab, interval 1, probability 0, space 0, times 0
[  455.954646][T12333] CPU: 1 UID: 0 PID: 12333 Comm: syz.2.1196 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  455.954691][T12333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  455.954710][T12333] Call Trace:
[  455.954720][T12333]  <TASK>
[  455.954733][T12333]  dump_stack_lvl+0x16c/0x1f0
[  455.954796][T12333]  should_fail_ex+0x512/0x640
[  455.954839][T12333]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  455.954894][T12333]  should_failslab+0xc2/0x120
[  455.954924][T12333]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  455.954977][T12333]  ? kstrdup_const+0x63/0x80
[  455.955031][T12333]  kstrdup+0x53/0x100
[  455.955075][T12333]  kstrdup_const+0x63/0x80
[  455.955118][T12333]  __kernfs_new_node+0x9b/0x8e0
[  455.955165][T12333]  ? __pfx___kernfs_new_node+0x10/0x10
[  455.955217][T12333]  ? find_held_lock+0x2b/0x80
[  455.955251][T12333]  ? kernfs_root+0xee/0x2a0
[  455.955301][T12333]  kernfs_new_node+0x13c/0x1e0
[  455.955356][T12333]  kernfs_create_dir_ns+0x4c/0x1a0
[  455.955409][T12333]  sysfs_create_dir_ns+0x13a/0x2b0
[  455.955449][T12333]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  455.955485][T12333]  ? find_held_lock+0x2b/0x80
[  455.955524][T12333]  ? do_raw_spin_unlock+0x172/0x230
[  455.955575][T12333]  kobject_add_internal+0x2c4/0x9b0
[  455.955612][T12333]  kobject_add+0x16e/0x240
[  455.955640][T12333]  ? __pfx_kobject_add+0x10/0x10
[  455.955672][T12333]  ? do_raw_spin_unlock+0x172/0x230
[  455.955719][T12333]  ? kobject_put+0xab/0x5a0
[  455.955778][T12333]  device_add+0x288/0x1a70
[  455.955823][T12333]  ? __pfx_device_add+0x10/0x10
[  455.955853][T12333]  ? __pfx_exact_lock+0x10/0x10
[  455.955906][T12333]  ? kobject_get+0xbb/0x150
[  455.955956][T12333]  cdev_device_add+0xc2/0x1e0
[  455.956005][T12333]  evdev_connect+0x3a4/0x4c0
[  455.956052][T12333]  input_attach_handler.isra.0+0x181/0x260
[  455.956099][T12333]  input_register_device+0xa84/0x1130
[  455.956148][T12333]  uinput_ioctl_handler.isra.0+0x1357/0x1df0
[  455.956187][T12333]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  455.956230][T12333]  ? find_held_lock+0x2b/0x80
[  455.956282][T12333]  ? __pfx_uinput_ioctl+0x10/0x10
[  455.956316][T12333]  __x64_sys_ioctl+0x18e/0x210
[  455.956356][T12333]  do_syscall_64+0xcd/0x490
[  455.956403][T12333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  455.956434][T12333] RIP: 0033:0x7fcb3758e929
[  455.956459][T12333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  455.956488][T12333] RSP: 002b:00007fcb353f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  455.956517][T12333] RAX: ffffffffffffffda RBX: 00007fcb377b5fa0 RCX: 00007fcb3758e929
[  455.956537][T12333] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000005
[  455.956554][T12333] RBP: 00007fcb37610b39 R08: 0000000000000000 R09: 0000000000000000
[  455.956572][T12333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  455.956590][T12333] R13: 0000000000000000 R14: 00007fcb377b5fa0 R15: 00007ffcdc6d5c58
[  455.956633][T12333]  </TASK>
[  455.956647][T12333] kobject: kobject_add_internal failed for event2 (error: -12 parent: input35)
[  456.334260][T12333] input: failed to attach handler evdev to device input35, error: -12
[  459.292170][T12399] bridge0: port 3(macvlan0) entered blocking state
[  459.338284][T12399] bridge0: port 3(macvlan0) entered disabled state
[  459.345275][T12399] macvlan0: entered allmulticast mode
[  459.350854][T12399] veth1_vlan: entered allmulticast mode
[  459.377659][T12399] macvlan0: entered promiscuous mode
[  459.398523][T12399] bridge0: port 3(macvlan0) entered blocking state
[  459.405306][T12399] bridge0: port 3(macvlan0) entered forwarding state
[  461.712935][   T30] audit: type=1804 audit(4294972603.068:18): pid=12479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1225" name="/newroot/sys/kernel/debug/tracing/set_event_notrace_pid" dev="tracefs" ino=1081 res=1 errno=0
[  462.384545][T12493] vhci_hcd: invalid port number 16
[  462.390705][T12493] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub
[  463.030285][T12509] serio: Serial port ttyS0
[  464.007701][T12532] sd 0:0:1:0: PR command failed: 1026
[  464.015240][T12532] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  464.094525][T12532] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  469.359199][T12627] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1254'.
[  469.998242][T12622] can: request_module (can-proto-0) failed.
[  470.844776][T12652] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1259'.
[  470.948681][T12655] FAULT_INJECTION: forcing a failure.
[  470.948681][T12655] name failslab, interval 1, probability 0, space 0, times 0
[  470.948770][T12655] CPU: 0 UID: 0 PID: 12655 Comm: syz.3.1260 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  470.948803][T12655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  470.948817][T12655] Call Trace:
[  470.948824][T12655]  <TASK>
[  470.948831][T12655]  dump_stack_lvl+0x16c/0x1f0
[  470.948861][T12655]  should_fail_ex+0x512/0x640
[  470.948896][T12655]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  470.948926][T12655]  should_failslab+0xc2/0x120
[  470.948944][T12655]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  470.948972][T12655]  ? alloc_inode+0x61/0x240
[  470.948994][T12655]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  470.949017][T12655]  alloc_inode+0x61/0x240
[  470.949035][T12655]  new_inode+0x22/0x1c0
[  470.949056][T12655]  __debugfs_create_file+0x11c/0x6b0
[  470.949082][T12655]  debugfs_create_file_unsafe+0x3c/0x50
[  470.949109][T12655]  ptp_open+0x3c2/0x520
[  470.949140][T12655]  ? __pfx_ptp_open+0x10/0x10
[  470.949169][T12655]  ? __pfx_ptp_open+0x10/0x10
[  470.949189][T12655]  posix_clock_open+0x17b/0x290
[  470.949212][T12655]  ? __pfx_posix_clock_open+0x10/0x10
[  470.949232][T12655]  chrdev_open+0x234/0x6a0
[  470.949259][T12655]  ? __pfx_apparmor_file_open+0x10/0x10
[  470.949282][T12655]  ? __pfx_chrdev_open+0x10/0x10
[  470.949312][T12655]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  470.949340][T12655]  do_dentry_open+0x741/0x1c10
[  470.949368][T12655]  ? __pfx_chrdev_open+0x10/0x10
[  470.949400][T12655]  vfs_open+0x82/0x3f0
[  470.949422][T12655]  path_openat+0x1de4/0x2cb0
[  470.949456][T12655]  ? __pfx_path_openat+0x10/0x10
[  470.949483][T12655]  ? __lock_acquire+0xb8a/0x1c90
[  470.949511][T12655]  do_filp_open+0x20b/0x470
[  470.949538][T12655]  ? __pfx_do_filp_open+0x10/0x10
[  470.949581][T12655]  ? alloc_fd+0x471/0x7d0
[  470.949611][T12655]  do_sys_openat2+0x11b/0x1d0
[  470.949631][T12655]  ? __pfx_do_sys_openat2+0x10/0x10
[  470.949664][T12655]  __x64_sys_openat+0x174/0x210
[  470.949684][T12655]  ? __pfx___x64_sys_openat+0x10/0x10
[  470.949715][T12655]  do_syscall_64+0xcd/0x490
[  470.949743][T12655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.949766][T12655] RIP: 0033:0x7fad9798e929
[  470.949788][T12655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  470.949817][T12655] RSP: 002b:00007fad98734038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  470.949845][T12655] RAX: ffffffffffffffda RBX: 00007fad97bb5fa0 RCX: 00007fad9798e929
[  470.949864][T12655] RDX: 00000000000c0402 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  470.949883][T12655] RBP: 00007fad97a10b39 R08: 0000000000000000 R09: 0000000000000000
[  470.949912][T12655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  470.949928][T12655] R13: 0000000000000000 R14: 00007fad97bb5fa0 R15: 00007fff1e576ab8
[  470.949952][T12655]  </TASK>
[  470.950428][T12655] debugfs: out of free dentries, can not create file 'mask'
[  472.978512][ T5167] Bluetooth: hci3: unexpected event 0x1d length: 10 > 5
[  473.092935][T12706] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input36
[  473.566932][T12718] ecryptfs_miscdev_write: Error while inspecting packet size
[  473.904796][T12707] CIFS mount error: No usable UNC path provided in device string!
[  473.904796][T12707] 
[  473.916128][T12707] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  474.716956][T12759] binder: 12741:12759 ioctl c018620c 0 returned -22
[  474.817079][ T5167] Bluetooth: hci2: unexpected event for opcode 0x7c89
[  476.957184][T12792] ALUA lu_gp_id: 393216 exceeds maximum: 0x0000ffff
[  476.961478][   T30] audit: type=1800 audit(4294972618.308:19): pid=12792 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1284" name="lu_gp_id" dev="configfs" ino=40990 res=0 errno=0
[  477.431308][T12799] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1285'.
[  479.980310][T12860] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input37
[  481.490856][T12905] FAULT_INJECTION: forcing a failure.
[  481.490856][T12905] name fail_futex, interval 1, probability 0, space 0, times 0
[  481.721789][T12905] CPU: 1 UID: 0 PID: 12905 Comm: syz.3.1303 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  481.721836][T12905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  481.721864][T12905] Call Trace:
[  481.721874][T12905]  <TASK>
[  481.721886][T12905]  dump_stack_lvl+0x16c/0x1f0
[  481.721939][T12905]  should_fail_ex+0x512/0x640
[  481.721991][T12905]  get_futex_key+0x1d0/0x1540
[  481.722033][T12905]  ? __pfx_get_futex_key+0x10/0x10
[  481.722086][T12905]  futex_wake+0xe7/0x4e0
[  481.722133][T12905]  ? __pfx_futex_wake+0x10/0x10
[  481.722178][T12905]  ? rcu_is_watching+0x12/0xc0
[  481.722229][T12905]  do_futex+0x1e3/0x350
[  481.722268][T12905]  ? __pfx_do_futex+0x10/0x10
[  481.722311][T12905]  ? __pfx___might_resched+0x10/0x10
[  481.722351][T12905]  __x64_sys_futex+0x1e0/0x4c0
[  481.722394][T12905]  ? __pfx_blkcg_maybe_throttle_current+0x10/0x10
[  481.722436][T12905]  ? __pfx___x64_sys_futex+0x10/0x10
[  481.722473][T12905]  ? ksys_mmap_pgoff+0x85/0x5c0
[  481.722505][T12905]  ? xfd_validate_state+0x61/0x180
[  481.722545][T12905]  ? __pfx_do_writev+0x10/0x10
[  481.722602][T12905]  do_syscall_64+0xcd/0x490
[  481.722649][T12905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.722679][T12905] RIP: 0033:0x7fad9798e929
[  481.722705][T12905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  481.722734][T12905] RSP: 002b:00007fad953d30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  481.722764][T12905] RAX: ffffffffffffffda RBX: 00007fad97bb6248 RCX: 00007fad9798e929
[  481.722783][T12905] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fad97bb624c
[  481.722802][T12905] RBP: 00007fad97bb6240 R08: 00007fad98735000 R09: 0000000000000000
[  481.722820][T12905] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fad97bb624c
[  481.722837][T12905] R13: 0000000000000000 R14: 00007fff1e5769d0 R15: 00007fff1e576ab8
[  481.722890][T12905]  </TASK>
[  482.864379][T12943] svc: failed to register nfsdv3 RPC service (errno 111).
[  482.953695][T12943] svc: failed to register nfsaclv3 RPC service (errno 111).
[  483.114182][T12946] Process accounting paused
[  483.694245][T12964] FAULT_INJECTION: forcing a failure.
[  483.694245][T12964] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  483.762703][T12964] CPU: 0 UID: 0 PID: 12964 Comm: syz.1.1310 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  483.762746][T12964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  483.762764][T12964] Call Trace:
[  483.762773][T12964]  <TASK>
[  483.762784][T12964]  dump_stack_lvl+0x16c/0x1f0
[  483.762844][T12964]  should_fail_ex+0x512/0x640
[  483.762896][T12964]  should_fail_alloc_page+0xe7/0x130
[  483.762928][T12964]  prepare_alloc_pages+0x3c2/0x610
[  483.762967][T12964]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  483.763020][T12964]  ? __lock_acquire+0x622/0x1c90
[  483.763064][T12964]  ? __vmf_anon_prepare+0x11c/0x240
[  483.763096][T12964]  ? __handle_mm_fault+0x27f6/0x5490
[  483.763133][T12964]  ? handle_mm_fault+0x589/0xd10
[  483.763169][T12964]  ? __get_user_pages+0x589/0x3b80
[  483.763200][T12964]  ? populate_vma_page_range+0x278/0x3a0
[  483.763238][T12964]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  483.763285][T12964]  ? register_lock_class+0x41/0x4c0
[  483.763338][T12964]  ? __lock_acquire+0xb8a/0x1c90
[  483.763389][T12964]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  483.763438][T12964]  ? policy_nodemask+0xea/0x4e0
[  483.763471][T12964]  alloc_pages_mpol+0x1fb/0x550
[  483.763503][T12964]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  483.763537][T12964]  ? __anon_vma_prepare+0x2db/0x5e0
[  483.763583][T12964]  folio_alloc_mpol_noprof+0x36/0x2f0
[  483.763621][T12964]  vma_alloc_folio_noprof+0xed/0x1e0
[  483.763657][T12964]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  483.763690][T12964]  ? __anon_vma_prepare+0x2e2/0x5e0
[  483.763744][T12964]  __handle_mm_fault+0x2f21/0x5490
[  483.763805][T12964]  ? __pfx___handle_mm_fault+0x10/0x10
[  483.763847][T12964]  ? __pte_offset_map_lock+0x174/0x310
[  483.763880][T12964]  ? find_held_lock+0x2b/0x80
[  483.763909][T12964]  ? find_held_lock+0x2b/0x80
[  483.763952][T12964]  ? follow_page_pte+0x3af/0x14c0
[  483.763997][T12964]  handle_mm_fault+0x589/0xd10
[  483.764047][T12964]  __get_user_pages+0x589/0x3b80
[  483.764095][T12964]  ? __pfx_mt_find+0x10/0x10
[  483.764144][T12964]  ? __pfx___get_user_pages+0x10/0x10
[  483.764197][T12964]  populate_vma_page_range+0x278/0x3a0
[  483.764237][T12964]  ? __pfx_populate_vma_page_range+0x10/0x10
[  483.764274][T12964]  ? __pfx_find_vma_intersection+0x10/0x10
[  483.764311][T12964]  ? do_mmap+0x69c/0x1210
[  483.764350][T12964]  __mm_populate+0x1d8/0x380
[  483.764390][T12964]  ? __pfx___mm_populate+0x10/0x10
[  483.764431][T12964]  ? up_write+0x1b2/0x520
[  483.764481][T12964]  vm_mmap_pgoff+0x362/0x450
[  483.764519][T12964]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  483.764560][T12964]  ? __x64_sys_futex+0x1e0/0x4c0
[  483.764592][T12964]  ? __x64_sys_futex+0x1e9/0x4c0
[  483.764636][T12964]  ksys_mmap_pgoff+0x7d/0x5c0
[  483.764666][T12964]  ? xfd_validate_state+0x61/0x180
[  483.764709][T12964]  __x64_sys_mmap+0x125/0x190
[  483.764759][T12964]  do_syscall_64+0xcd/0x490
[  483.764815][T12964]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  483.764844][T12964] RIP: 0033:0x7f5ddd98e929
[  483.764870][T12964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  483.764900][T12964] RSP: 002b:00007f5dde847038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  483.764928][T12964] RAX: ffffffffffffffda RBX: 00007f5dddbb5fa0 RCX: 00007f5ddd98e929
[  483.764948][T12964] RDX: 0000000000000002 RSI: 0000000000000008 RDI: 0000000000000000
[  483.764966][T12964] RBP: 00007f5ddda10b39 R08: 0000000000000005 R09: 0000000000000000
[  483.764985][T12964] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  483.765002][T12964] R13: 0000000000000000 R14: 00007f5dddbb5fa0 R15: 00007ffe326205d8
[  483.765042][T12964]  </TASK>
[  485.412572][T12971] could not allocate digest TFM handle binfmt_misc
[  485.805006][T12994] random: crng reseeded on system resumption
[  485.938047][T13003] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1316'.
[  488.534120][T13028] mkiss: ax0: crc mode is auto.
[  495.239666][T13125] zram: Added device: zram0
[  500.235212][T13194] zswap: compressor  not available
[  500.283172][T13197] Setting dangerous option i915.mitigations - tainting kernel
[  501.074978][T13210] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1350'.
[  501.084172][T13210] bond_slave_1: entered allmulticast mode
[  501.397271][T13214] deleting an unspecified loop device is not supported.
[  502.493114][T13228] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  502.503510][T13228] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  502.511708][T13228] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  502.520825][T13228] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  502.530840][T13228] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  502.646648][T13230] hub 1-0:1.0: USB hub found
[  502.683160][T13230] hub 1-0:1.0: 1 port detected
[  504.019684][T13227] chnl_net:caif_netlink_parms(): no params data found
[  504.592993][ T5167] Bluetooth: hci4: command tx timeout
[  504.694040][T13227] bridge0: port 1(bridge_slave_0) entered blocking state
[  504.712878][T13227] bridge0: port 1(bridge_slave_0) entered disabled state
[  504.733378][T13227] bridge_slave_0: entered allmulticast mode
[  504.761793][T13227] bridge_slave_0: entered promiscuous mode
[  504.789019][T13227] bridge0: port 2(bridge_slave_1) entered blocking state
[  504.835583][T13227] bridge0: port 2(bridge_slave_1) entered disabled state
[  504.872494][T13227] bridge_slave_1: entered allmulticast mode
[  504.892563][T13227] bridge_slave_1: entered promiscuous mode
[  504.968132][T13263] FAULT_INJECTION: forcing a failure.
[  504.968132][T13263] name fail_futex, interval 1, probability 0, space 0, times 0
[  505.023467][T13263] CPU: 0 UID: 0 PID: 13263 Comm: syz.2.1364 Tainted: G     U              6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  505.023518][T13263] Tainted: [U]=USER
[  505.023528][T13263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  505.023546][T13263] Call Trace:
[  505.023557][T13263]  <TASK>
[  505.023568][T13263]  dump_stack_lvl+0x16c/0x1f0
[  505.023615][T13263]  should_fail_ex+0x512/0x640
[  505.023676][T13263]  get_futex_key+0x1d0/0x1540
[  505.023718][T13263]  ? __pfx_get_futex_key+0x10/0x10
[  505.023769][T13263]  futex_wake+0xe7/0x4e0
[  505.023815][T13263]  ? __pfx_futex_wake+0x10/0x10
[  505.023856][T13263]  ? rcu_is_watching+0x12/0xc0
[  505.023901][T13263]  do_futex+0x1e3/0x350
[  505.023939][T13263]  ? __pfx_do_futex+0x10/0x10
[  505.023979][T13263]  ? __pfx___might_resched+0x10/0x10
[  505.024018][T13263]  __x64_sys_futex+0x1e0/0x4c0
[  505.024057][T13263]  ? __pfx_blkcg_maybe_throttle_current+0x10/0x10
[  505.024096][T13263]  ? __pfx___x64_sys_futex+0x10/0x10
[  505.024149][T13263]  do_syscall_64+0xcd/0x490
[  505.024196][T13263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.024225][T13263] RIP: 0033:0x7fcb3758e929
[  505.024249][T13263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  505.024277][T13263] RSP: 002b:00007fcb353d50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  505.024307][T13263] RAX: ffffffffffffffda RBX: 00007fcb377b6088 RCX: 00007fcb3758e929
[  505.024327][T13263] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fcb377b608c
[  505.024346][T13263] RBP: 00007fcb377b6080 R08: 00007fcb382fa000 R09: 0000000000000000
[  505.024364][T13263] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fcb377b608c
[  505.024382][T13263] R13: 0000000000000000 R14: 00007ffcdc6d5b70 R15: 00007ffcdc6d5c58
[  505.024419][T13263]  </TASK>
[  505.270719][   T30] audit: type=1326 audit(4294967301.960:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13255 comm="syz.1.1363" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5ddd98e929 code=0x0
[  505.429964][T13227] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  505.469328][T13227] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  505.768051][T13227] team0: Port device team_slave_0 added
[  505.777186][T13278] netlink: 'syz.3.1366': attribute type 10 has an invalid length.
[  505.802354][T13227] team0: Port device team_slave_1 added
[  506.046807][T13227] batman_adv: batadv0: Adding interface: batadv_slave_0
[  506.059778][T13227] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  506.142752][T13227] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  506.177210][T13227] batman_adv: batadv0: Adding interface: batadv_slave_1
[  506.184407][T13227] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  506.239773][T13227] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  506.683227][ T5167] Bluetooth: hci4: command tx timeout
[  506.729965][T13227] hsr_slave_0: entered promiscuous mode
[  506.758574][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  506.764986][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  506.843851][T13227] hsr_slave_1: entered promiscuous mode
[  506.862371][T13227] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  506.933309][T13227] Cannot create hsr debugfs directory
[  507.356239][T13286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  507.437795][T13286] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  507.471977][T13286] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  507.503753][T13286] page_type: f5(slab)
[  507.529307][T13286] raw: 00fff00000000040 ffff88801ce958c0 dead000000000122 0000000000000000
[  507.578092][T13286] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000
[  507.630798][T13286] head: 00fff00000000040 ffff88801ce958c0 dead000000000122 0000000000000000
[  507.772975][T13286] head: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000
[  507.808308][T13286] head: 00fff00000000002 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  507.878769][T13286] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  507.953554][T13286] page dumped because: unmovable page
[  507.976388][T13286] page_owner tracks the page as allocated
[  507.982466][T13286] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5231, tgid 5231 (udevadm), ts 41655234414, free_ts 33391305684
[  508.034260][T13286]  post_alloc_hook+0x1c0/0x230
[  508.039555][T13286]  get_page_from_freelist+0x1321/0x3890
[  508.045747][T13286]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  508.051844][T13286]  alloc_pages_mpol+0x1fb/0x550
[  508.057095][T13286]  new_slab+0x23b/0x330
[  508.061339][T13286]  ___slab_alloc+0xd9c/0x1940
[  508.066654][T13286]  __slab_alloc.constprop.0+0x56/0xb0
[  508.072949][T13286]  kmem_cache_alloc_lru_noprof+0xf4/0x3b0
[  508.082876][T13286]  alloc_inode+0xc3/0x240
[  508.087323][T13286]  iget_locked+0x2e4/0x830
[  508.097018][T13286]  kernfs_get_inode+0x48/0x460
[  508.102214][T13286]  kernfs_iop_lookup+0x1a7/0x2d0
[  508.111428][T13286]  lookup_open.isra.0+0x4da/0x1580
[  508.119573][T13286]  path_openat+0x893/0x2cb0
[  508.174551][T13286]  do_filp_open+0x20b/0x470
[  508.179288][T13286]  do_sys_openat2+0x11b/0x1d0
[  508.209259][T13227] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  508.222943][T13286] page last free pid 1 tgid 1 stack trace:
[  508.250236][T13286]  __free_frozen_pages+0x7fe/0x1180
[  508.273513][T13286]  free_contig_range+0x183/0x4b0
[  508.278508][T13286]  destroy_args+0x7f6/0xa60
[  508.382261][T13286]  debug_vm_pgtable+0x13b8/0x2d00
[  508.395983][T13286]  do_one_initcall+0x120/0x6e0
[  508.428251][T13286]  kernel_init_freeable+0x5c2/0x900
[  508.454063][T13286]  kernel_init+0x1c/0x2b0
[  508.482824][T13286]  ret_from_fork+0x5d4/0x6f0
[  508.506131][T13286]  ret_from_fork_asm+0x1a/0x30
[  508.552897][T13227] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  508.586420][T13227] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  508.734601][T13227] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  508.752866][ T5167] Bluetooth: hci4: command tx timeout
[  509.458826][T13227] 8021q: adding VLAN 0 to HW filter on device bond0
[  509.783695][T13227] 8021q: adding VLAN 0 to HW filter on device team0
[  509.865289][ T2998] bridge0: port 1(bridge_slave_0) entered blocking state
[  509.872488][ T2998] bridge0: port 1(bridge_slave_0) entered forwarding state
[  510.009268][T12939] bridge0: port 2(bridge_slave_1) entered blocking state
[  510.016451][T12939] bridge0: port 2(bridge_slave_1) entered forwarding state
[  510.832928][ T5167] Bluetooth: hci4: command tx timeout
[  512.186481][T13227] 8021q: adding VLAN 0 to HW filter on device batadv0
[  513.157366][T13360] Process accounting resumed
[  513.524621][T13227] veth0_vlan: entered promiscuous mode
[  513.567062][T13227] veth1_vlan: entered promiscuous mode
[  513.619638][T13227] veth0_macvtap: entered promiscuous mode
[  513.640672][T13227] veth1_macvtap: entered promiscuous mode
[  513.661723][T13227] batman_adv: batadv0: Interface activated: batadv_slave_0
[  513.857157][T13227] batman_adv: batadv0: Interface activated: batadv_slave_1
[  513.962047][T13227] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  514.011535][T13227] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  514.058523][T13227] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  514.075068][T13227] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  514.902249][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  514.937991][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  515.439122][T12930] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  515.472849][T12930] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  516.456855][T13428] ptrace attach of "./syz-executor exec"[5845] was attempted by "./syz-executor exec"[13428]
[  517.455542][T13445] netlink: 504 bytes leftover after parsing attributes in process `syz.4.1394'.
[  518.692531][ T5167] Bluetooth: hci4: Unable to find connection for big 0xd2
[  518.951347][T13473] Invalid ELF header magic: != ELF
[  519.735580][T13489] batman_adv: Routing algorithm '' is not supported
[  519.957003][T13479] ima: policy update failed
[  520.023695][   T30] audit: type=1802 audit(4294967316.720:21): pid=13479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1404" res=0 errno=0
[  523.493673][    C1] vcan0: j1939_xtp_rx_dat: no tx connection found
[  523.500346][    C1] vcan0: j1939_xtp_rx_dat: no tx connection found
[  524.256956][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805ac78c00: rx timeout, send abort
[  524.765310][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805ac78c00: abort rx timeout. Force session deactivation
[  526.393406][T13590] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1431'.
[  527.458934][T13601] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1433'.
[  527.470940][T13604] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input39
[  530.791609][T12993] ------------[ cut here ]------------
[  530.797269][T12993] ODEBUG: free active (active state 0) object: ffff888033309318 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0
[  530.860910][T12993] WARNING: CPU: 1 PID: 12993 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0
[  530.871225][T12993] Modules linked in:
[  530.875479][T12993] CPU: 1 UID: 0 PID: 12993 Comm: syz.0.1314 Tainted: G     U              6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  530.887469][T12993] Tainted: [U]=USER
[  530.891392][T12993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  530.901544][T12993] RIP: 0010:debug_print_object+0x1a2/0x2b0
[  530.907425][T12993] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd 40 81 15 8c 4c 89 e6 48 c7 c7 c0 75 15 8c e8 bf 68 9c fc 90 <0f> 0b 90 90 58 83 05 56 89 cb 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d
[  530.927333][T12993] RSP: 0018:ffffc90003cef768 EFLAGS: 00010286
[  530.933812][T12993] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817aa128
[  530.941940][T12993] RDX: ffff888030d20000 RSI: ffffffff817aa135 RDI: 0000000000000001
[  530.950148][T12993] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  530.958173][T12993] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c157c60
[  530.966214][T12993] R13: ffffffff8bafe840 R14: ffffffff8a8f9f70 R15: ffffc90003cef868
[  530.974466][T12993] FS:  0000000000000000(0000) GS:ffff888124823000(0000) knlGS:0000000000000000
[  530.983563][T12993] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  530.990201][T12993] CR2: 00007fa88ddaed58 CR3: 000000003cfbe000 CR4: 00000000003526f0
[  530.998238][T12993] Call Trace:
[  531.001519][T12993]  <TASK>
[  531.004541][T12993]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  531.010031][T12993]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  531.015887][T12993]  debug_check_no_obj_freed+0x4b7/0x600
[  531.021454][T12993]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  531.027562][T12993]  ? rcu_is_watching+0x12/0xc0
[  531.032340][T12993]  ? kmem_cache_free+0x2d1/0x4d0
[  531.037525][T12993]  kfree+0x28f/0x4d0
[  531.041595][T12993]  ? hci_release_dev+0x4d8/0x600
[  531.046702][T12993]  hci_release_dev+0x4d8/0x600
[  531.051486][T12993]  ? __pfx_hci_release_dev+0x10/0x10
[  531.057012][T12993]  ? rcu_is_watching+0x12/0xc0
[  531.061830][T12993]  ? kfree+0x24f/0x4d0
[  531.066008][T12993]  bt_host_release+0x6a/0xb0
[  531.070645][T12993]  ? __pfx_bt_host_release+0x10/0x10
[  531.076283][T12993]  device_release+0xa4/0x240
[  531.080920][T12993]  kobject_put+0x1e7/0x5a0
[  531.085558][T12993]  ? __pfx_vhci_release+0x10/0x10
[  531.090610][T12993]  put_device+0x1f/0x30
[  531.094825][T12993]  vhci_release+0x81/0xf0
[  531.099173][T12993]  __fput+0x402/0xb70
[  531.103249][T12993]  task_work_run+0x14d/0x240
[  531.107888][T12993]  ? __pfx_task_work_run+0x10/0x10
[  531.113048][T12993]  do_exit+0x86c/0x2bd0
[  531.117243][T12993]  ? __pfx___might_resched+0x10/0x10
[  531.122543][T12993]  ? __pfx_do_exit+0x10/0x10
[  531.127207][T12993]  ? do_raw_spin_lock+0x12c/0x2b0
[  531.132247][T12993]  ? find_held_lock+0x2b/0x80
[  531.136975][T12993]  do_group_exit+0xd3/0x2a0
[  531.141812][T12993]  get_signal+0x2673/0x26d0
[  531.146479][T12993]  ? kernel_move_pages+0xd06/0x13b0
[  531.151699][T12993]  ? __pfx_get_signal+0x10/0x10
[  531.156932][T12993]  ? do_futex+0x122/0x350
[  531.161297][T12993]  ? __pfx_do_futex+0x10/0x10
[  531.166022][T12993]  arch_do_signal_or_restart+0x8f/0x790
[  531.171597][T12993]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  531.178035][T12993]  ? xfd_validate_state+0x61/0x180
[  531.183309][T12993]  exit_to_user_mode_loop+0x84/0x110
[  531.188619][T12993]  do_syscall_64+0x3f6/0x490
[  531.193261][T12993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.199178][T12993] RIP: 0033:0x7f9f9c38e929
[  531.203649][T12993] Code: Unable to access opcode bytes at 0x7f9f9c38e8ff.
[  531.210796][T12993] RSP: 002b:00007f9f9d1fc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[  531.219399][T12993] RAX: fffffffffffffff2 RBX: 00007f9f9c5b5fa0 RCX: 00007f9f9c38e929
[  531.227419][T12993] RDX: 0000000000000000 RSI: 0002000000000001 RDI: 0000000000000000
[  531.235428][T12993] RBP: 00007f9f9c410b39 R08: 0000000000000000 R09: 8000400000000000
[  531.243908][T12993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  531.251884][T12993] R13: 0000000000000000 R14: 00007f9f9c5b5fa0 R15: 00007ffdff739c58
[  531.260013][T12993]  </TASK>
[  531.263156][T12993] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  531.270445][T12993] CPU: 1 UID: 0 PID: 12993 Comm: syz.0.1314 Tainted: G     U              6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  531.282347][T12993] Tainted: [U]=USER
[  531.286151][T12993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  531.296225][T12993] Call Trace:
[  531.299504][T12993]  <TASK>
[  531.302437][T12993]  dump_stack_lvl+0x3d/0x1f0
[  531.307060][T12993]  panic+0x71c/0x800
[  531.310993][T12993]  ? __pfx_panic+0x10/0x10
[  531.315426][T12993]  ? show_trace_log_lvl+0x29b/0x3e0
[  531.320642][T12993]  ? check_panic_on_warn+0x1f/0xb0
[  531.325772][T12993]  ? debug_print_object+0x1a2/0x2b0
[  531.330974][T12993]  check_panic_on_warn+0xab/0xb0
[  531.335927][T12993]  __warn+0xf6/0x3c0
[  531.339834][T12993]  ? debug_print_object+0x1a2/0x2b0
[  531.345039][T12993]  report_bug+0x3c3/0x580
[  531.349398][T12993]  ? debug_print_object+0x1a2/0x2b0
[  531.354624][T12993]  handle_bug+0x184/0x210
[  531.358999][T12993]  exc_invalid_op+0x17/0x50
[  531.363520][T12993]  asm_exc_invalid_op+0x1a/0x20
[  531.368380][T12993] RIP: 0010:debug_print_object+0x1a2/0x2b0
[  531.374205][T12993] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd 40 81 15 8c 4c 89 e6 48 c7 c7 c0 75 15 8c e8 bf 68 9c fc 90 <0f> 0b 90 90 58 83 05 56 89 cb 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d
[  531.393922][T12993] RSP: 0018:ffffc90003cef768 EFLAGS: 00010286
[  531.400015][T12993] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817aa128
[  531.408613][T12993] RDX: ffff888030d20000 RSI: ffffffff817aa135 RDI: 0000000000000001
[  531.416608][T12993] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  531.424601][T12993] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c157c60
[  531.432610][T12993] R13: ffffffff8bafe840 R14: ffffffff8a8f9f70 R15: ffffc90003cef868
[  531.440640][T12993]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  531.446146][T12993]  ? __warn_printk+0x198/0x350
[  531.450949][T12993]  ? __warn_printk+0x1a5/0x350
[  531.455749][T12993]  ? debug_print_object+0x1a1/0x2b0
[  531.460969][T12993]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  531.466459][T12993]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  531.472303][T12993]  debug_check_no_obj_freed+0x4b7/0x600
[  531.477884][T12993]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  531.483978][T12993]  ? rcu_is_watching+0x12/0xc0
[  531.488780][T12993]  ? kmem_cache_free+0x2d1/0x4d0
[  531.493757][T12993]  kfree+0x28f/0x4d0
[  531.497768][T12993]  ? hci_release_dev+0x4d8/0x600
[  531.502746][T12993]  hci_release_dev+0x4d8/0x600
[  531.507546][T12993]  ? __pfx_hci_release_dev+0x10/0x10
[  531.512948][T12993]  ? rcu_is_watching+0x12/0xc0
[  531.517732][T12993]  ? kfree+0x24f/0x4d0
[  531.521831][T12993]  bt_host_release+0x6a/0xb0
[  531.526563][T12993]  ? __pfx_bt_host_release+0x10/0x10
[  531.531927][T12993]  device_release+0xa4/0x240
[  531.536675][T12993]  kobject_put+0x1e7/0x5a0
[  531.541155][T12993]  ? __pfx_vhci_release+0x10/0x10
[  531.546223][T12993]  put_device+0x1f/0x30
[  531.550413][T12993]  vhci_release+0x81/0xf0
[  531.554781][T12993]  __fput+0x402/0xb70
[  531.558806][T12993]  task_work_run+0x14d/0x240
[  531.563441][T12993]  ? __pfx_task_work_run+0x10/0x10
[  531.568597][T12993]  do_exit+0x86c/0x2bd0
[  531.572786][T12993]  ? __pfx___might_resched+0x10/0x10
[  531.578111][T12993]  ? __pfx_do_exit+0x10/0x10
[  531.582758][T12993]  ? do_raw_spin_lock+0x12c/0x2b0
[  531.587824][T12993]  ? find_held_lock+0x2b/0x80
[  531.592554][T12993]  do_group_exit+0xd3/0x2a0
[  531.597118][T12993]  get_signal+0x2673/0x26d0
[  531.601684][T12993]  ? kernel_move_pages+0xd06/0x13b0
[  531.606919][T12993]  ? __pfx_get_signal+0x10/0x10
[  531.611803][T12993]  ? do_futex+0x122/0x350
[  531.616172][T12993]  ? __pfx_do_futex+0x10/0x10
[  531.620937][T12993]  arch_do_signal_or_restart+0x8f/0x790
[  531.626534][T12993]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  531.632733][T12993]  ? xfd_validate_state+0x61/0x180
[  531.637885][T12993]  exit_to_user_mode_loop+0x84/0x110
[  531.643388][T12993]  do_syscall_64+0x3f6/0x490
[  531.648014][T12993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.653933][T12993] RIP: 0033:0x7f9f9c38e929
[  531.658378][T12993] Code: Unable to access opcode bytes at 0x7f9f9c38e8ff.
[  531.665426][T12993] RSP: 002b:00007f9f9d1fc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[  531.673879][T12993] RAX: fffffffffffffff2 RBX: 00007f9f9c5b5fa0 RCX: 00007f9f9c38e929
[  531.681914][T12993] RDX: 0000000000000000 RSI: 0002000000000001 RDI: 0000000000000000
[  531.690000][T12993] RBP: 00007f9f9c410b39 R08: 0000000000000000 R09: 8000400000000000
[  531.698102][T12993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  531.706298][T12993] R13: 0000000000000000 R14: 00007f9f9c5b5fa0 R15: 00007ffdff739c58
[  531.714305][T12993]  </TASK>
[  531.717597][T12993] Kernel Offset: disabled
[  531.721943][T12993] Rebooting in 86400 seconds..