last executing test programs:

4.02123103s ago: executing program 2 (id=823):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x80802, 0x0)
io_uring_setup$auto(0x1, 0x0)
setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x9)
bind$auto(0x3, 0x0, 0x6a)

3.704840127s ago: executing program 1 (id=824):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='./cgroup.net/net_prio.ifpriomap\x00', 0x10b142, 0x0)
r1 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000380)='/dev/psaux\x00', 0x48100, 0x0)
mmap$auto(0x0, 0x400008, 0x103, 0x9b72, 0x2, 0x8000)
close_range$auto(r1, r0, 0x0)
read$auto_usbdev_file_operations_usb(0xffffffffffffffff, &(0x7f0000000040)=""/229, 0xe5)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0)
write$auto(r3, 0x0, 0x7ef)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0xc20c0, 0x0)
ioperm$auto(0x7, 0x800, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0x642082, 0x0)
r4 = socket(0x1e, 0x1, 0x0)
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x7, 0x0, 0x0, 0x0, 0x0)
sendmsg$auto_VDPA_CMD_MGMTDEV_GET(r2, &(0x7f0000000480)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f00000004c0)=ANY=[@ANYBLOB="8c953628adfb54e181425e67f30e5bc062d625e02ef69e706947cd13764a62e8", @ANYRES16=0x0, @ANYBLOB="00082bbd7000fedbdf250200000006000c00080000001400020070696d36726567000000000000000000"], 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x4)
write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0x0, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xa, 0x100, 0x1, 0x948d, 0x6, 0x78, 0x4000000003, 0x3, 0x33c, 0x6, 0x20000007, 0x6d42, 0x9, 0x0, 0x3]}, 0x0)
ioctl$auto(r4, 0x400454cb, 0x5)
mmap$auto(0xc, 0x20009, 0x8000000000000005, 0x14, 0xffffffffffffffff, 0x0)
unshare$auto(0x5)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
msync$auto(0xe4, 0x180000000000000, 0x400000004)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd=<r6=>0xffffffffffffffff, @target_ifindex, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92)
sendfile$auto(r6, r0, 0x0, 0xffffffffffff8004)
r7 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
setns(r7, 0x0)

3.300770403s ago: executing program 2 (id=825):
capget$auto(0x0, 0x0)
utime$auto(0x0, 0xfffffffffffffffc)
r0 = ioctl$auto_NS_GET_MNTNS_ID(0xffffffffffffffff, 0x8008b705, &(0x7f0000000000)=0x1)
r1 = syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000080), 0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$auto_cifs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_CIFS_GENL_CMD_SWN_NOTIFY(r0, &(0x7f00000002c0)={&(0x7f0000000180), 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x58, r2, 0x100, 0x70bd2a, 0x25dfdbfe, {}, [@CIFS_GENL_ATTR_SWN_SHARE_NAME_NOTIFY={0x4}, @CIFS_GENL_ATTR_SWN_USER_NAME={0xc, 0x9, 'thermal\x00'}, @CIFS_GENL_ATTR_SWN_KRB_AUTH={0x4}, @CIFS_GENL_ATTR_SWN_SHARE_NAME={0x9, 0x3, '!-{%\xaa'}, @CIFS_GENL_ATTR_SWN_NET_NAME={0xc, 0x2, 'thermal\x00'}, @CIFS_GENL_ATTR_SWN_USER_NAME={0xc, 0x9, 'thermal\x00'}, @CIFS_GENL_ATTR_SWN_RESOURCE_NAME={0xc, 0xe, 'thermal\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_GET(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4140081}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x100, 0x70bd29, 0x25dfdbff, {}, [@THERMAL_GENL_ATTR_CDEV_MAX_STATE={0x8, 0x11, 0x80}]}, 0x1c}}, 0x80)

3.143756366s ago: executing program 0 (id=826):
r0 = socket(0x2, 0x80002, 0x73)
getpeername$auto(r0, 0x0, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
mmap$auto(0x0, 0x200000c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = open(0x0, 0x2240, 0x0)
r2 = bpf$auto(0x13, &(0x7f0000000780)=@link_update={<r3=>0xa, @new_map_fd, 0x4007, @old_map_fd=<r4=>0xffffffffffffffff}, 0xa3)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/psaux\x00', 0x40, 0x0)
r5 = ioctl$auto_NS_GET_PARENT(r3, 0xb702, 0x0)
r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000180), r3)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'ipvlan0\x00', <r7=>0x0})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r8=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'bridge_slave_0\x00', <r9=>0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000002c0)={'vlan0\x00', <r10=>0x0})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'geneve0\x00', <r11=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'ipvlan1\x00', <r12=>0x0})
ioctl$auto_XFS_IOC_SWAPEXT(r4, 0xc0c0586d, &(0x7f0000000380)={0x6ad6, @raw=0x6, @raw, 0x7, 0x9, '\x00', {0x6, 0x3, 0x2, <r13=>0xffffffffffffffff, 0x0, 0x16, 0x3, 0x3, {0x10, 0xb60}, {0x6, 0x8}, {0x27, 0x3}, 0xfffffffffffffffd, 0x3, 0x3, 0xfffffffd, 0x3d, 0x9, 0x3ff, 0x401, 0x5, 0x88, '\x00', 0x7, 0x7fffffff, 0x7, 0x101}})
sendmsg$auto_ETHTOOL_MSG_PRIVFLAGS_SET(r5, &(0x7f0000000700)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000200}, 0xc, &(0x7f00000006c0)={&(0x7f0000000440)=ANY=[@ANYRESOCT, @ANYRES16=r6, @ANYBLOB="10002bbd7000ffdbdf250e0000000c00018008000100", @ANYRES32=r7, @ANYBLOB="0c00018008000300020000001800018014000200736974300000000000000000000000004000018008000100", @ANYRES32=r8, @ANYRES32=r3, @ANYRES32=r9, @ANYBLOB="0800030000000080080003000100000008000100", @ANYRES32=r10, @ANYBLOB="5400018008000300faffffff1400020070696d3672656731000000000000000008000100", @ANYRES32=r11, @ANYBLOB="01000300d3bd000008000300f8ffffff140002007665746831001000000000000000000008000100ea602c080fa2ffee4aca8ea17c785e93d78807bcbdd60aa3226c9c4a8d0c1decbb7a9aaf83c401ba7a4741407dab3798", @ANYRES32=r12, @ANYBLOB="04000180680102801339b1a8726dc4217074262db68253ebc348389db07dd820517d941f713298bda91f624bc2ebb8974fcc2f69ea95072cbf4dae73d5dcfcfcf28e92fae1afd4a38549534d3c0603d1dde203b570003e800800d300", @ANYRES32, @ANYBLOB="040077801400110000000000000000000000000000000001a765039df4690c5d164b383e57e729749b288985f792d7d99885f6b64924fc472aebce5a932f14e78a9dd0ac17458493c7e831a167ae7ab80b034222c7ed214024a386500d610554bdfb3ec82673bce7ebaea41d90e1fb7100e7a3a9a2bc7d809fb901237e2f4b5c85766c8c789dbca921f486b084ed625546bb6569732319d850fcb6ae4e3fe6614f3c0e432b2587aecff9ba8844952f21db786047518a578476782a2235ecdcc41f2aabf5a41063597a67acca72e4e02961057762e7bdf861e484847f42ae65196eb66e330c445753cc07d7bb9e1696baaa0ca75b1d588faea3418ec92e7788a57c8a50c408004d00", @ANYRES32=r13, @ANYBLOB], 0x244}, 0x1, 0x0, 0x0, 0x40}, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
read$auto_fops_atomic_t_ro_(0xffffffffffffffff, 0x0, 0x0)
select$auto(0x7fffffff, 0x0, 0x0, 0x0, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
write$auto(0x800000000000c8, 0x0, 0x1a)
shutdown$auto(0x200000003, 0x2)
set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x200000007b, 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)

3.123394135s ago: executing program 2 (id=827):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/inhibited\x00', 0x20b42, 0x0)
clone$auto(0x1, 0x0, &(0x7f0000000040)=0xad, &(0x7f0000000080)=0x6, 0x8)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_frmr_depth\x00', 0x40302, 0x0)
mmap$auto(0x0, 0x1, 0x800000000df, 0x9b72, 0xffffffffffffffff, 0x8000)
read$auto(0x3, 0x0, 0x80)
write$auto(0x3, 0x0, 0x81)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'})
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
capset$auto(0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
select$auto(0x0, &(0x7f0000000040)={[0x9, 0x4, 0x34, 0x9, 0x1, 0x1, 0xa, 0x6, 0x5, 0x1, 0x0, 0xcf, 0x5, 0x213, 0x5, 0xb98]}, 0x0, 0x0, 0x0)
sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYRES16=0x0, @ANYRES16], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r1, 0x4b67, 0x1)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0)
read$auto(r2, 0x0, 0x1ff)
write$auto(0x3, 0x0, 0xfdef)

2.755876257s ago: executing program 3 (id=830):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r0, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x2000, 0x0)
r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r1, 0x0, 0x1f40)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
writev$auto(r2, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6)
msgrcv$auto(0xff, &(0x7f00000000c0)={0x6, 0xd}, 0x2400000000, 0x6, 0x6bc2cc7d)
ioctl$auto_RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, 0x0)
close_range$auto(0x2, 0x8, 0x0)

2.732216513s ago: executing program 1 (id=831):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/rose11/flags\x00', 0x1a3042, 0x0)
write$auto(r0, 0x0, 0x8)
r1 = socket(0x2, 0x80002, 0x73)
getpeername$auto(r1, 0x0, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
open(&(0x7f0000000800)='./file0\x00', 0x40ee40, 0x1d7)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x59, 0x0)
io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83)
bpf$auto(0x13, &(0x7f0000000780)=@link_update={0xa, @new_map_fd, 0x4007, @old_map_fd}, 0xa3)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
read$auto_fops_atomic_t_ro_(0xffffffffffffffff, 0x0, 0x0)
select$auto(0x7fffffff, 0x0, 0x0, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), r4)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x20, r5, 0x1, 0x70bd25, 0x25dfdbff, {}, [@HWSIM_ATTR_PERM_ADDR={0xa, 0x16, '\x00\x00\x00\x00\x00\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x4004040)
settimeofday$auto(&(0x7f0000000040)={0x9, 0x4}, &(0x7f0000000080)={0x1000, 0x4})
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
write$auto(0x800000000000c8, 0x0, 0x1a)
shutdown$auto(0x200000003, 0x2)
set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x200000007b, 0x4)
timerfd_settime$auto(r2, 0x0, &(0x7f0000000180)={{0x1, 0x7f}, {0x0, 0xffffffffffffffff}}, &(0x7f0000000200)={{0x3, 0xa}, {0x7ffe, 0x5}})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)

2.636975239s ago: executing program 3 (id=832):
unshare$auto(0x40000080)
unshare$auto(0x40000080)
socket(0x2b, 0x1, 0x1)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
close_range$auto(0x0, 0xffffffffffffffff, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0xffffffffffffffff, 0xffffeffe, 0x6)
io_uring_setup$auto(0x59, 0x0)
r0 = open(0x0, 0x64842, 0x0)
io_uring_setup$auto(0x6, 0x0)
statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0)
read$auto_uprobe_events_ops_trace_uprobe(r0, &(0x7f0000000040)=""/48, 0x30)
mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$auto(r1, 0x10e, 0xb, 0x0, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8)
socket(0x2, 0x1, 0x106)
write$auto(0x3, 0x0, 0xffd8)
r2 = getpid()
r3 = gettid()
rt_tgsigqueueinfo$auto(r2, r3, 0x16, &(0x7f0000000400)={@siginfo_0_0={0xfffeffff, 0x0, 0x2, @_sigpoll={0x8}}})
tgkill$auto_SIGCONT(r2, r2, 0x12)

2.180645854s ago: executing program 0 (id=833):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$auto_NETDEV_CMD_NAPI_GET2(r0, &(0x7f0000003f40)={0x0, 0x0, &(0x7f0000003f00)={&(0x7f0000003e80)={0x1c, r1, 0x309, 0x70bd2b, 0x25dfdbfe, {}, [@NETDEV_A_NAPI_IFINDEX={0x8, 0x1, r2}]}, 0x1c}, 0x1, 0x900, 0x0, 0x4000000}, 0x0)

2.098849157s ago: executing program 2 (id=834):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r1, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nbd2\x00', 0x4040, 0x0)
mmap$auto(0x0, 0x580f, 0x1, 0x8000000008011, 0x3, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x1300, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/tty/ptyqe/power/control\x00', 0xa0b02, 0x0)
read$auto(0xffffffffffffffff, 0x0, 0xb4d3)
write$auto(0x3, 0x0, 0x70)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0x2, 0x8000)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
write$auto(0x3, 0x0, 0x5c8)
r3 = gettid()
rt_sigqueueinfo$auto(r3, 0x1, 0x0)
arch_prctl$auto(0x5002, 0x2)
capset$auto(&(0x7f0000000000)={0xf7a, r3}, &(0x7f0000000040)={0xfffffff8, 0x8, 0x3})
mmap$auto(0x0, 0x5810, 0xffb, 0x8000000008011, 0x3, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0)

1.961518282s ago: executing program 3 (id=835):
fcntl$auto_F_OFD_GETLK(0xffffffffffffffff, 0x24, 0xb1)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
r0 = socket(0x2b, 0x1, 0x1)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
ioctl$auto(r0, 0x89a0, 0x4)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x54)
setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x4)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto(0xffffffffffffffff, 0x800454cc, 0xffffffffffffffff)
r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0)
ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0)
r3 = socket(0x29, 0x5, 0x0)
sendmmsg$auto(r3, 0x0, 0x3f800000, 0xd9)
read$auto(0xffffffffffffffff, 0x0, 0x805644)
read$auto(r2, 0x0, 0x20)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3)
lstat$auto(0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r5, 0xc004743e, 0x0)

1.790578437s ago: executing program 0 (id=836):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x182, 0x0)
write$auto(r0, 0x0, 0xd149)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/ptp/ptp0/max_adjustment\x00', 0x401, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x123000, 0x0)
mlockall$auto(0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x6, 0x2000040080000004, 0xe)
modify_ldt$auto(0x1, 0x0, 0x10)
modify_ldt$auto(0x807ff0000000000, 0x0, 0x40100000000aa)
ioctl$auto(r2, 0x5417, 0xffffffffffffffff)
read$auto(r1, &(0x7f0000000080)='\x00', 0xffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
write$auto(0xca, &(0x7f00000010c0)='\x04>\x00\x1d\xa4\xd2\xc3\xec&9\v\xbc\xdein\xe1G\xf68\x02\x18\x00\x00\xd3b\x01\xbd\x9b@\xb0\x00\x00\x00\x84\xa2\\\x15\xc4>\xa9\x82,\x95\xeeH\xf8}v\xb3\xcb(\xa90Abe\xc3\x8c\xcc\xe7\xb8\x00F\x89#\xb4\xf0F\xa1GH\xb5\x8f\x9dZ~\xea\xa3\x93\xc2\x04\xe1;b\x99\x97}Z\x7f\x0f\x90\xce\x85-e\xb6n\xbc\xc6=\xf8\xce\xe7\x1e]\x85|\xce\xd7L\x9b\xd3lb\xc5\xee\xdb\xcb\xbb\xd8\xd9\xd3\xf8 \xe9e\xe5\x80\x1c7B+]\\!\xcej}H\x03x\x83Z\x98\xb8\t\xde\xd4\xf5\xf32\xccR\xaa\xdd\x16\xab\xd8\x1d\"\xc7\xa5\xe1k\x1d\xd9k\xc6\xb2\xa7\x97\x9a\xf6\xfe\xef\x1a\xbd\xcb\xb8*\x8b9\x00R\xe9)?Em\xb2\xac\xd1\xf6\xff\xc1\xc7\xbdl\xa2+tI\xa3\xa8\xabVe\x87\xa9\xae9\x82\xd2.SCt\xcc\x8c7\x7f\xdc\xc3\xfb\x94\xfc\xdfc+\x04\xfb\xf5$\xecO1@\x99l;\xd3X\xd5\"\xec\x17hR\xc5\x99\x8b\x9f\xf3\xf48%\xfa\xf2\x1d\xc5\x10T\x83p0\xd7]\x83{\x81\xdei\xd2\xfc\xfd=3K\xc3\xfe\x12\x98\x8b\xbe\xd1+\xc4r\x7f\x8fQ\xcc\xa6\xd8>k\xcc\xee\xe0\x9bW\x0e\xc63\x84^\xde`\xd2\xe8\xfc\x02\xef\xa4\xdc\xd0A\xd5`?9D\x1c\x1b\x1b\xd5\xcb\xfb\x03I\xc9\x97\xac#\x0ee\xc8ltL\x88\x17m~aA%\xd3\xaf\xaa6hf\x9b\x83\x02A\xb0\xf6\x14\xb3\x18B\xfd\x9ai\xf8j \a\x1es\xa3U\x98sqq,\xd2A4?l\xa2\x9c\xc9\x9fa\xe8\x99qw\xf3\x18\x12R+(%x\xb6\xf8\xe9\xf2\x0e\xc8\x00\x00\x00\x00', 0x100)
r3 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x2020009, 0xffffffffffffff01, 0xeb3, r3, 0x8000)
r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r4, 0x0, 0x1f40)
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r0, &(0x7f0000000200)={0x0, 0x8}, 0x3)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000040), r3)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000140)={'wlan1\x00', <r9=>0x0})
sendmsg$auto_NL80211_CMD_GET_INTERFACE(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="010b27bd7000fda5c5a62073660008000300", @ANYRES32=r9], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4040080)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
ioctl$auto_XFS_IOC_EXCHANGE_RANGE(r3, 0x40285881, &(0x7f0000000140)={<r10=>r5, 0x0, 0x80, 0x7ff, 0x4, 0xa5720000})
syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000100), r10)
setresuid$auto(0x0, 0x0, 0x0)

1.547320213s ago: executing program 1 (id=837):
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0xffffffffffffffff, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)

1.533874566s ago: executing program 3 (id=838):
mmap$auto(0x0, 0x8, 0xfffffffffffffffd, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4810}, 0x800)
mmap$auto(0x3, 0x20009, 0x2, 0xeb1, r0, 0x792)
io_uring_setup$auto(0x5, 0x0)
mknod$auto(&(0x7f0000000580)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x01\x00\x00\x00\x00\x00\x00\x00\xaeR\x81\r_\x0e\x19\b\x85\bvv(e\xdax)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbH\xd3^aD\x87\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x1c\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e\x00\x00\x00\x00\x00\x00\x00\xf1p\xeb\xe9(%\x89\xef\x85\xdfr\xce\x00\x00\x00\x00\xff\x00\xa2M\'d\x12\x1c\x12\xca\xa5_\x8d\xdf\xc5\x8d\x19?\xfc~\xb3X\x14\xa7\xa9M\x87\xfcTW\x1bR\xbci\x8d\x8aNEO\xb3~~\xa8\xa6\x894\x80;s\xb7\xa3V\x1b\x14|\x9e\xd4\x05\x85\x0f!\xab-E\'\x97Y\xb7\xe8fMv_\xf8\xa0S\xef\xb7\b\xe7!T.g\x92\x87\t$\x06\xa4\xfb\x83\x8c\x17^\x82\xe7\xd3\xf6q\x1a\xa0\xf82[W\x90\xdd\xe3\xde\xa9\xde\x94`-\x9a\x1e}\xebO*\xb85,v.\xfc5\xba?vlt\xda%\x06a\x15I\x1f\xe3\x05+\x810T2\xf9\x9b\xc7\xd1<w\xd3:\x835\xac\r\x06\xc9\xc1HG\x1c\xd4J\x8aZ%+\xe6/~\xd6\xe1[+Z\xb1\x8d\xc5\x9b\xcfhb\'\x80\xeb7%>\t\x03\xf2\x8d\x8a\x90\xb54\bH<9\xf1\x91 D\x85g,\xaa\xca\xcd\xd5\xcb\x9a\xb1j\xf2F\xce\x14\x92\xf9\xd7\xec\xc5\x1e\x8aq2\xce\x881f\xd7\xd4\x9e\xf6\xb6P\x01\xe8T\xb5X\xb9d-I\xd6\x91\xc3\xe2\x88S\x82l=\x02t$p\t\x8cY\x06\r\x83\xb0\x86\xc6\x84\x1c\xce\xb6\xf0\xdfC\x9fj<\xfe\xa4\x1f\x82L\xe4\x13+H\x00\x00\x00\x00\x00\x00\x00\x01M\x16\xa0\xbeB6\xfb\xa2-\x17\x93Q\x9fKusl5\xa2$M\xb4\x18\x1db\xf3\xce\x8c\xe5Rna\xd5\xbbQ\xc7\xa7+\vH\xc1l\x1bIv\xe8_', 0x1081, 0x9)
acct$auto(0x0)
r1 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x880c2, 0x95)
close_range$auto(0x2, 0x8, 0x0)
acct$auto(&(0x7f0000000280)='/sys/devices/virtual/mtd/mtd0/size\x00')
socket(0x2, 0x3, 0x100)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4044080}, 0x40090)
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4)
ioctl$auto_I2C_RDWR(r1, 0x707, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r2)
sendmsg$auto_TIPC_NL_NET_SET(r2, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002cbd7000ffdbdf250f0000000c00078008000200", @ANYRES32=0xee00, @ANYBLOB="e7fb7821abe7a4fd4a6d70030b1616cda87afe2b23b3c5e2e2c0b78d278229e30b5bb8b59e0406ccb4ea5cde5a30917002be620b0b37c9b9f86a80c460f153fb967a1104973aac8b34bcd766fd38"], 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x2)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r4, 0x10f, 0x87, 0x0, 0x14)
write$auto(0x3, 0x0, 0xfdef)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
close_range$auto(0x2, 0x8, 0x0)

1.449786444s ago: executing program 1 (id=839):
mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
setfsuid$auto(0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0)
ioctl$auto(0x3, 0x80045500, 0x38)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x1ac}}, 0x40000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
r0 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9)
recvmmsg$auto(0x4, &(0x7f0000000200)={{0x0, 0x4, &(0x7f0000000140)={0x0, 0x4da}, 0x4, 0x0, 0x8, 0x800}, 0x1000}, 0xffffffff, 0x0, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
r1 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0)
ioctl$auto(r1, 0x3b8a, 0x38)

1.37148444s ago: executing program 0 (id=840):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x0)
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace\x00', 0x601, 0x0)
socket(0x15, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000)
socket(0x11, 0x2, 0x73)
pipe2$auto(0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x149443, 0x0)
socket(0x22, 0x2, 0x3)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x105842, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_CREATE_VM(r0, 0x8400ae8e, 0x0)

1.276490787s ago: executing program 3 (id=841):
socket(0xa, 0x1, 0x100)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mkdir$auto(0x0, 0x8003)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
r0 = socket(0xa, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xfffffffffffffffd, 0x40000008000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0\x00'})
close_range$auto(0x0, r1, 0x201)
socket(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
r2 = socket(0x18, 0x5, 0x1)
connect$auto(r2, &(0x7f0000000000)=@in={0x2, 0x100, @rand_addr=0x64010100}, 0x3a)
getpeername$auto(r0, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0x6, 0x9b72, 0x2, 0x10008000)
r3 = open(&(0x7f0000000100)='./file0\x00', 0x22240, 0x154)
fcntl$auto(r3, 0x400, 0x1)
r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0)
open(&(0x7f00000000c0)='./file0\x00', 0x141000, 0x81)
settimeofday$auto(&(0x7f0000000040)={0x1000, 0x52c7}, &(0x7f0000000080)={0x748, 0x4e})
futimesat$auto(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0)
read$auto_proc_iter_file_ops_compat_inode(r4, &(0x7f0000000180)=""/250, 0xfa)
close_range$auto(0x2, 0x8, 0x0)
eventfd$auto(0x3)
select$auto(0x3, &(0x7f0000000440)={[0x5, 0x3, 0x1000, 0xdf, 0x8, 0x7, 0x10001, 0x8, 0x438c82bf, 0x4, 0x0, 0x4, 0x788, 0x6, 0x5, 0x8]}, 0x0, 0x0, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r5 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/pagemap\x00', 0x80800, 0x0)
read$auto(r5, 0x0, 0x39b8)

1.029515189s ago: executing program 0 (id=842):
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xfffffffd, 0x9, 0x3, 0x16, 0x940, 0x1ffe0, 0x3, 0x800000000000006, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x1fe, 0x81)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/default_smp_affinity\x00', 0x28402, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000002100)=""/15, 0xf)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x80000008000)
socket(0x18, 0x80000, 0x0)
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4)
mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = socket(0x15, 0x5, 0x0)
setsockopt$auto(r1, 0x114, 0x9, 0xffffffffffffffff, 0x7f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0)
mmap$auto(0x0, 0x4000005, 0xfffffffffffffe01, 0x8051, 0x3, 0x10000000008000)
clone$auto(0x7, 0x2000400000d, 0xfffffffffffffffc, 0x0, 0x3)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x149041, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x5}, 0xa)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x20000, 0x0)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
shmctl$auto(0x691, 0x3, 0x0)
setsockopt$auto(0x3, 0x0, 0x32, 0x0, 0x4)
r4 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001f00), r2)
sendmsg$auto_NBD_CMD_STATUS(r2, &(0x7f00000023c0)={0x0, 0x0, &(0x7f0000002380)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010029bd7000fcdbdf25050000000800010001800000d593f1ce94be8441a7a8c5adbabb4b3082c5341154218c160bb40ee24de74a5ba816c2871d44cef0cc466655d15fa63c9ce8a87c8e09315342460c3dc5320a5906cf62717595bd89f2c1a4a25521cf4fcfd967f96c121ebc4b99cc6ce517c25337ca76fbdf37b2675cc4d805fddc3e03d3399f2901ccb0286b"], 0x1c}, 0x1, 0x0, 0x0, 0x40004}, 0x4008050)
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0)
read$auto(r6, 0x0, 0x20)
writev$auto(r5, &(0x7f0000000200)={0x0, 0x3}, 0x3)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0)
r7 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x80202, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r7, 0xc0185500, &(0x7f00000004c0)={0x1, 0x5, 0x4, 0x8c51, 0x1, 0x4, &(0x7f0000000180)="e486bc2f60e568468a9fc93e419e2d0b96fb01c0546fb760fcdf650ac8f4994d923ad8e04029ea4e95f3f5ee7837001e2acbcbf1b9603348580b93c5a8414b565bbf"})
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x420, 0x0)

943.583053ms ago: executing program 1 (id=843):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/inhibited\x00', 0x20b42, 0x0)
arch_prctl$auto_ARCH_SET_GS(0x1001, 0x7fff)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_frmr_depth\x00', 0x40302, 0x0)
mmap$auto(0x0, 0x1, 0x800000000df, 0x9b72, 0xffffffffffffffff, 0x8000)
read$auto(0x3, 0x0, 0x80)
write$auto(0x3, 0x0, 0x81)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'})
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
capset$auto(0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
select$auto(0x0, &(0x7f0000000040)={[0x9, 0x4, 0x34, 0x9, 0x1, 0x1, 0xa, 0x6, 0x5, 0x1, 0x0, 0xcf, 0x5, 0x213, 0x5, 0xb98]}, 0x0, 0x0, 0x0)
sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYRES16=0x0, @ANYRES16], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r1, 0x4b67, 0x1)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0)
read$auto(r2, 0x0, 0x1ff)
write$auto(0x3, 0x0, 0xfdef)

308.555573ms ago: executing program 2 (id=844):
mmap$auto(0x0, 0x8, 0xfffffffffffffffd, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4810}, 0x800)
mmap$auto(0x3, 0x20009, 0x2, 0xeb1, r0, 0x792)
io_uring_setup$auto(0x5, 0x0)
mknod$auto(&(0x7f0000000580)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x01\x00\x00\x00\x00\x00\x00\x00\xaeR\x81\r_\x0e\x19\b\x85\bvv(e\xdax)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbH\xd3^aD\x87\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x1c\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e\x00\x00\x00\x00\x00\x00\x00\xf1p\xeb\xe9(%\x89\xef\x85\xdfr\xce\x00\x00\x00\x00\xff\x00\xa2M\'d\x12\x1c\x12\xca\xa5_\x8d\xdf\xc5\x8d\x19?\xfc~\xb3X\x14\xa7\xa9M\x87\xfcTW\x1bR\xbci\x8d\x8aNEO\xb3~~\xa8\xa6\x894\x80;s\xb7\xa3V\x1b\x14|\x9e\xd4\x05\x85\x0f!\xab-E\'\x97Y\xb7\xe8fMv_\xf8\xa0S\xef\xb7\b\xe7!T.g\x92\x87\t$\x06\xa4\xfb\x83\x8c\x17^\x82\xe7\xd3\xf6q\x1a\xa0\xf82[W\x90\xdd\xe3\xde\xa9\xde\x94`-\x9a\x1e}\xebO*\xb85,v.\xfc5\xba?vlt\xda%\x06a\x15I\x1f\xe3\x05+\x810T2\xf9\x9b\xc7\xd1<w\xd3:\x835\xac\r\x06\xc9\xc1HG\x1c\xd4J\x8aZ%+\xe6/~\xd6\xe1[+Z\xb1\x8d\xc5\x9b\xcfhb\'\x80\xeb7%>\t\x03\xf2\x8d\x8a\x90\xb54\bH<9\xf1\x91 D\x85g,\xaa\xca\xcd\xd5\xcb\x9a\xb1j\xf2F\xce\x14\x92\xf9\xd7\xec\xc5\x1e\x8aq2\xce\x881f\xd7\xd4\x9e\xf6\xb6P\x01\xe8T\xb5X\xb9d-I\xd6\x91\xc3\xe2\x88S\x82l=\x02t$p\t\x8cY\x06\r\x83\xb0\x86\xc6\x84\x1c\xce\xb6\xf0\xdfC\x9fj<\xfe\xa4\x1f\x82L\xe4\x13+H\x00\x00\x00\x00\x00\x00\x00\x01M\x16\xa0\xbeB6\xfb\xa2-\x17\x93Q\x9fKusl5\xa2$M\xb4\x18\x1db\xf3\xce\x8c\xe5Rna\xd5\xbbQ\xc7\xa7+\vH\xc1l\x1bIv\xe8_', 0x1081, 0x9)
acct$auto(0x0)
r1 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x880c2, 0x95)
close_range$auto(0x2, 0x8, 0x0)
acct$auto(&(0x7f0000000280)='/sys/devices/virtual/mtd/mtd0/size\x00')
socket(0x2, 0x3, 0x100)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4044080}, 0x40090)
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4)
ioctl$auto_I2C_RDWR(r1, 0x707, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r2)
sendmsg$auto_TIPC_NL_NET_SET(r2, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002cbd7000ffdbdf250f0000000c00078008000200", @ANYRES32=0xee00, @ANYBLOB="e7fb7821abe7a4fd4a6d70030b1616cda87afe2b23b3c5e2e2c0b78d278229e30b5bb8b59e0406ccb4ea5cde5a30917002be620b0b37c9b9f86a80c460f153fb967a1104973aac8b34bcd766fd38962d1a9304103f34f9b1ac1b0c"], 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x2)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r4, 0x10f, 0x87, 0x0, 0x14)
write$auto(0x3, 0x0, 0xfdef)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
close_range$auto(0x2, 0x8, 0x0)

241.457047ms ago: executing program 3 (id=845):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto(0x29, 0x17000000, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
mmap$auto(0xf5000000, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)

225.672547ms ago: executing program 0 (id=846):
mremap$auto(0x110c231000, 0x4, 0x4, 0x7, 0x100000000)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/inhibited\x00', 0x1a3343, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='./cgroup.net/net_prio.ifpriomap\x00', 0x10b142, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0)
socket(0x1a, 0x6, 0x3)
ioctl$auto_SG_GET_RESERVED_SIZE(r1, 0x4c06, 0x0)
sendfile$auto(r0, r0, 0x0, 0x4f64a1d2)

102.141046ms ago: executing program 2 (id=847):
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0x280, 0x0)
socket(0xf, 0x3, 0x2)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x1e, 0x2, 0x200)
r1 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0)
bind$auto(r1, 0x0, 0x67)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r2, 0x2, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0xffffffffffffffff, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x90, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(0x0, r3)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000640)={'wlan1\x00'})
sendmsg$auto_NL80211_CMD_DEL_PMK(r3, 0x0, 0x8000)
socket(0xa, 0x5, 0x8)
r4 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/mac80211_hwsim/hwsim13\x00', 0x92341, 0x0)
ioctl$auto_XFS_IOC_COMMIT_RANGE(r4, 0x40585883, &(0x7f0000000100)={r2, 0x0, 0x6f5, 0xfffffffffffffffc, 0xcc, 0x7, [0x3, 0x7, 0x0, 0x1, 0x80, 0x7620f4bd]})
close_range$auto(0x2, 0x8, 0x0)
openat$auto_ucma_fops_ucma(0xffffffffffffff9c, 0x0, 0xa002, 0x0)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto(r5, 0x8, 0xffffffffffffffff)
fcntl$auto(r5, 0x10, 0x2)
unshare$auto(0x40000080)

0s ago: executing program 1 (id=848):
mmap$auto(0x0, 0x400005, 0xffffffffffeffffe, 0x9b72, 0xc76, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x4008081}, 0x10004010) (async)
socket(0x2, 0x80802, 0x0)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) (async)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x10}, 0x3, 0x1) (async)
recvfrom$auto(r0, 0x0, 0x2000000000005, 0x10000001, 0x0, 0xfffffffffffffffd)

kernel console output (not intermixed with test programs):

ID: 7279 Comm: syz.1.347 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  171.117942][ T7279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  171.117951][ T7279] Call Trace:
[  171.117956][ T7279]  <TASK>
[  171.117962][ T7279]  dump_stack_lvl+0x16c/0x1f0
[  171.117988][ T7279]  should_fail_ex+0x512/0x640
[  171.118009][ T7279]  ? fs_reclaim_acquire+0xae/0x150
[  171.118028][ T7279]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  171.118048][ T7279]  should_failslab+0xc2/0x120
[  171.118062][ T7279]  __kmalloc_noprof+0xd2/0x510
[  171.118093][ T7279]  tomoyo_realpath_from_path+0xc2/0x6e0
[  171.118114][ T7279]  ? tomoyo_profile+0x47/0x60
[  171.118129][ T7279]  tomoyo_path_number_perm+0x245/0x580
[  171.118145][ T7279]  ? tomoyo_path_number_perm+0x237/0x580
[  171.118163][ T7279]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  171.118180][ T7279]  ? find_held_lock+0x2b/0x80
[  171.118212][ T7279]  ? find_held_lock+0x2b/0x80
[  171.118226][ T7279]  ? hook_file_ioctl_common+0x145/0x410
[  171.118247][ T7279]  ? __fget_files+0x20e/0x3c0
[  171.118274][ T7279]  security_file_ioctl+0x9b/0x240
[  171.118293][ T7279]  __x64_sys_ioctl+0xb7/0x210
[  171.118314][ T7279]  do_syscall_64+0xcd/0x490
[  171.118338][ T7279]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.118354][ T7279] RIP: 0033:0x7fb18658e929
[  171.118367][ T7279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.118381][ T7279] RSP: 002b:00007fb18742f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  171.118394][ T7279] RAX: ffffffffffffffda RBX: 00007fb1867b5fa0 RCX: 00007fb18658e929
[  171.118403][ T7279] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000004
[  171.118411][ T7279] RBP: 00007fb18742f090 R08: 0000000000000000 R09: 0000000000000000
[  171.118419][ T7279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.118426][ T7279] R13: 0000000000000000 R14: 00007fb1867b5fa0 R15: 00007ffcc680a0f8
[  171.118444][ T7279]  </TASK>
[  171.118450][ T7279] ERROR: Out of memory at tomoyo_realpath_from_path.
[  172.398165][ T7303] netlink: 28 bytes leftover after parsing attributes in process `syz.1.353'.
[  174.672491][ T7345] netlink: 28 bytes leftover after parsing attributes in process `syz.2.364'.
[  174.783909][ T7346] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  175.537165][ T7351] Invalid ELF header magic: != ELF
[  176.096306][ T7358] svc: failed to register nfsdv3 RPC service (errno 111).
[  176.242177][ T7358] svc: failed to register nfsaclv3 RPC service (errno 111).
[  179.883689][ T7388] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  180.217318][ T7393] netlink: 28 bytes leftover after parsing attributes in process `syz.2.375'.
[  180.352054][ T7398] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18
[  180.796369][ T7413] FAULT_INJECTION: forcing a failure.
[  180.796369][ T7413] name failslab, interval 1, probability 0, space 0, times 0
[  180.900180][ T7413] CPU: 0 UID: 0 PID: 7413 Comm: syz.1.378 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  180.900218][ T7413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  180.900233][ T7413] Call Trace:
[  180.900242][ T7413]  <TASK>
[  180.900252][ T7413]  dump_stack_lvl+0x16c/0x1f0
[  180.900299][ T7413]  should_fail_ex+0x512/0x640
[  180.900335][ T7413]  ? __kmalloc_noprof+0xbf/0x510
[  180.900374][ T7413]  ? lsm_blob_alloc+0x68/0x90
[  180.900396][ T7413]  should_failslab+0xc2/0x120
[  180.900421][ T7413]  __kmalloc_noprof+0xd2/0x510
[  180.900468][ T7413]  lsm_blob_alloc+0x68/0x90
[  180.900492][ T7413]  security_prepare_creds+0x30/0x270
[  180.900530][ T7413]  prepare_creds+0x56f/0x7d0
[  180.900566][ T7413]  __sys_setuid+0x9a/0x440
[  180.900594][ T7413]  do_syscall_64+0xcd/0x490
[  180.900635][ T7413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.900661][ T7413] RIP: 0033:0x7fb18658e929
[  180.900683][ T7413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  180.900709][ T7413] RSP: 002b:00007fb18742f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000069
[  180.900733][ T7413] RAX: ffffffffffffffda RBX: 00007fb1867b5fa0 RCX: 00007fb18658e929
[  180.900750][ T7413] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e
[  180.900765][ T7413] RBP: 00007fb186610b39 R08: 0000000000000000 R09: 0000000000000000
[  180.900780][ T7413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  180.900795][ T7413] R13: 0000000000000000 R14: 00007fb1867b5fa0 R15: 00007ffcc680a0f8
[  180.900827][ T7413]  </TASK>
[  181.260913][ T5859] Bluetooth: hci0: Malformed LE Event: 0x1d
[  181.953656][ T7421] syz.2.380 uses obsolete (PF_INET,SOCK_PACKET)
[  182.008829][ T7423] FAULT_INJECTION: forcing a failure.
[  182.008829][ T7423] name failslab, interval 1, probability 0, space 0, times 0
[  182.086340][ T7423] CPU: 1 UID: 0 PID: 7423 Comm: syz.1.381 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  182.086378][ T7423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  182.086397][ T7423] Call Trace:
[  182.086407][ T7423]  <TASK>
[  182.086421][ T7423]  dump_stack_lvl+0x16c/0x1f0
[  182.086466][ T7423]  should_fail_ex+0x512/0x640
[  182.086503][ T7423]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  182.086544][ T7423]  should_failslab+0xc2/0x120
[  182.086571][ T7423]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  182.086610][ T7423]  ? __d_alloc+0x31/0xaa0
[  182.086637][ T7423]  __d_alloc+0x31/0xaa0
[  182.086665][ T7423]  d_alloc_pseudo+0x1c/0xc0
[  182.086702][ T7423]  alloc_file_pseudo+0xcf/0x230
[  182.086734][ T7423]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  182.086763][ T7423]  ? alloc_fd+0x471/0x7d0
[  182.086802][ T7423]  sock_alloc_file+0x50/0x210
[  182.086829][ T7423]  __sys_socket+0x1c0/0x260
[  182.086862][ T7423]  ? __pfx___sys_socket+0x10/0x10
[  182.086890][ T7423]  ? xfd_validate_state+0x61/0x180
[  182.086919][ T7423]  ? __pfx___do_sys_prctl+0x10/0x10
[  182.086963][ T7423]  __x64_sys_socket+0x72/0xb0
[  182.086991][ T7423]  ? lockdep_hardirqs_on+0x7c/0x110
[  182.087026][ T7423]  do_syscall_64+0xcd/0x490
[  182.087066][ T7423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.087090][ T7423] RIP: 0033:0x7fb18658e929
[  182.087109][ T7423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.087130][ T7423] RSP: 002b:00007fb18742f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  182.087153][ T7423] RAX: ffffffffffffffda RBX: 00007fb1867b5fa0 RCX: 00007fb18658e929
[  182.087169][ T7423] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000002d
[  182.087184][ T7423] RBP: 00007fb186610b39 R08: 0000000000000000 R09: 0000000000000000
[  182.087198][ T7423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  182.087213][ T7423] R13: 0000000000000000 R14: 00007fb1867b5fa0 R15: 00007ffcc680a0f8
[  182.087246][ T7423]  </TASK>
[  182.973329][ T7408] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19
[  184.763122][ T7452] netlink: 28 bytes leftover after parsing attributes in process `syz.0.388'.
[  188.319633][ T7473] ubi0: attaching mtd0
[  188.355362][ T7473] ubi0: scanning is finished
[  188.801448][ T7473] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4
[  190.566668][ T7496] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  191.397996][ T7481] kexec: Could not allocate control_code_buffer
[  191.461836][ T7512] netlink: 48 bytes leftover after parsing attributes in process `syz.3.399'.
[  191.534258][ T7515] mmap: syz.3.399 (7515) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  193.209109][ T7541] FAULT_INJECTION: forcing a failure.
[  193.209109][ T7541] name failslab, interval 1, probability 0, space 0, times 0
[  193.288141][ T7541] CPU: 0 UID: 0 PID: 7541 Comm: syz.3.406 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  193.288176][ T7541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  193.288189][ T7541] Call Trace:
[  193.288197][ T7541]  <TASK>
[  193.288206][ T7541]  dump_stack_lvl+0x16c/0x1f0
[  193.288247][ T7541]  should_fail_ex+0x512/0x640
[  193.288286][ T7541]  should_failslab+0xc2/0x120
[  193.288310][ T7541]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  193.288347][ T7541]  ? skb_clone+0x190/0x3f0
[  193.288385][ T7541]  skb_clone+0x190/0x3f0
[  193.288420][ T7541]  netlink_deliver_tap+0xabd/0xd30
[  193.288453][ T7541]  netlink_unicast+0x5df/0x7f0
[  193.288498][ T7541]  ? __pfx_netlink_unicast+0x10/0x10
[  193.288539][ T7541]  netlink_sendmsg+0x8d1/0xdd0
[  193.288571][ T7541]  ? __pfx_netlink_sendmsg+0x10/0x10
[  193.288610][ T7541]  ____sys_sendmsg+0xa98/0xc70
[  193.288638][ T7541]  ? copy_msghdr_from_user+0x10a/0x160
[  193.288671][ T7541]  ? __pfx_____sys_sendmsg+0x10/0x10
[  193.288715][ T7541]  ___sys_sendmsg+0x134/0x1d0
[  193.288752][ T7541]  ? __pfx____sys_sendmsg+0x10/0x10
[  193.288783][ T7541]  ? __lock_acquire+0x622/0x1c90
[  193.288859][ T7541]  __sys_sendmsg+0x16d/0x220
[  193.288893][ T7541]  ? __pfx___sys_sendmsg+0x10/0x10
[  193.288952][ T7541]  do_syscall_64+0xcd/0x490
[  193.288990][ T7541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.289014][ T7541] RIP: 0033:0x7f27a038e929
[  193.289033][ T7541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.289055][ T7541] RSP: 002b:00007f27a1142038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  193.289077][ T7541] RAX: ffffffffffffffda RBX: 00007f27a05b5fa0 RCX: 00007f27a038e929
[  193.289092][ T7541] RDX: 0000000000000000 RSI: 0000200000003f40 RDI: 0000000000000003
[  193.289107][ T7541] RBP: 00007f27a1142090 R08: 0000000000000000 R09: 0000000000000000
[  193.289121][ T7541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.289134][ T7541] R13: 0000000000000000 R14: 00007f27a05b5fa0 R15: 00007ffcac9b0ad8
[  193.289170][ T7541]  </TASK>
[  194.090749][ T7556] FAULT_INJECTION: forcing a failure.
[  194.090749][ T7556] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  194.106740][ T7556] CPU: 0 UID: 0 PID: 7556 Comm: syz.1.412 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  194.106769][ T7556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  194.106781][ T7556] Call Trace:
[  194.106789][ T7556]  <TASK>
[  194.106797][ T7556]  dump_stack_lvl+0x16c/0x1f0
[  194.106835][ T7556]  should_fail_ex+0x512/0x640
[  194.106871][ T7556]  _copy_from_user+0x2e/0xd0
[  194.106893][ T7556]  do_sys_poll+0x1d5/0xdf0
[  194.106925][ T7556]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  194.106944][ T7556]  ? kernel_text_address+0x8d/0x100
[  194.106957][ T7556]  ? __kernel_text_address+0xd/0x40
[  194.106970][ T7556]  ? __pfx_do_sys_poll+0x10/0x10
[  194.107005][ T7556]  ? find_held_lock+0x2b/0x80
[  194.107053][ T7556]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  194.107077][ T7556]  ? set_user_sigmask+0x21b/0x2b0
[  194.107091][ T7556]  ? __pfx_set_user_sigmask+0x10/0x10
[  194.107104][ T7556]  ? __fget_files+0x20e/0x3c0
[  194.107127][ T7556]  __x64_sys_ppoll+0x254/0x2d0
[  194.107147][ T7556]  ? __pfx___x64_sys_ppoll+0x10/0x10
[  194.107165][ T7556]  ? ksys_write+0x1ac/0x250
[  194.107184][ T7556]  ? __pfx_ksys_write+0x10/0x10
[  194.107209][ T7556]  do_syscall_64+0xcd/0x490
[  194.107231][ T7556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.107245][ T7556] RIP: 0033:0x7fb18658e929
[  194.107256][ T7556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.107269][ T7556] RSP: 002b:00007fb1873cc038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  194.107282][ T7556] RAX: ffffffffffffffda RBX: 00007fb1867b6240 RCX: 00007fb18658e929
[  194.107290][ T7556] RDX: 0000000000000000 RSI: 000000000000007f RDI: 0000000000000000
[  194.107298][ T7556] RBP: 00007fb1873cc090 R08: 0000000000000008 R09: 0000000000000000
[  194.107306][ T7556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.107313][ T7556] R13: 0000000000000000 R14: 00007fb1867b6240 R15: 00007ffcc680a0f8
[  194.107331][ T7556]  </TASK>
[  194.319026][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  194.325456][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  194.340251][ T7558] FAULT_INJECTION: forcing a failure.
[  194.340251][ T7558] name failslab, interval 1, probability 0, space 0, times 0
[  194.353277][ T7558] CPU: 0 UID: 0 PID: 7558 Comm: syz.3.413 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  194.353296][ T7558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  194.353305][ T7558] Call Trace:
[  194.353310][ T7558]  <TASK>
[  194.353315][ T7558]  dump_stack_lvl+0x16c/0x1f0
[  194.353340][ T7558]  should_fail_ex+0x512/0x640
[  194.353364][ T7558]  should_failslab+0xc2/0x120
[  194.353379][ T7558]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  194.353401][ T7558]  ? __lock_acquire+0x622/0x1c90
[  194.353424][ T7558]  ? dst_alloc+0x99/0x1a0
[  194.353446][ T7558]  dst_alloc+0x99/0x1a0
[  194.353465][ T7558]  rt_dst_alloc+0x35/0x3a0
[  194.353482][ T7558]  ip_route_output_key_hash_rcu+0x87a/0x28f0
[  194.353507][ T7558]  ip_route_output_key_hash+0x137/0x2e0
[  194.353527][ T7558]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  194.353552][ T7558]  ? find_held_lock+0x2b/0x80
[  194.353568][ T7558]  ip_route_output_flow+0x27/0x150
[  194.353588][ T7558]  udp_sendmsg+0x1bdd/0x29f0
[  194.353606][ T7558]  ? __pfx_udplite_getfrag+0x10/0x10
[  194.353631][ T7558]  ? __pfx_udp_sendmsg+0x10/0x10
[  194.353655][ T7558]  ? find_held_lock+0x2b/0x80
[  194.353669][ T7558]  ? process_measurement+0x4a6/0x23e0
[  194.353690][ T7558]  ? down_write+0x14d/0x200
[  194.353706][ T7558]  ? up_write+0x1b2/0x520
[  194.353735][ T7558]  udpv6_sendmsg+0x1077/0x3050
[  194.353763][ T7558]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  194.353781][ T7558]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  194.353803][ T7558]  ? is_bpf_text_address+0x8a/0x1a0
[  194.353840][ T7558]  ? iovec_from_user+0xbb/0x140
[  194.353854][ T7558]  ? __pfx_aa_sk_perm+0x10/0x10
[  194.353869][ T7558]  ? __import_iovec+0x1dd/0x650
[  194.353881][ T7558]  ? __might_fault+0xe3/0x190
[  194.353900][ T7558]  ? __might_fault+0x13b/0x190
[  194.353919][ T7558]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  194.353940][ T7558]  ? inet6_sendmsg+0x105/0x140
[  194.353960][ T7558]  inet6_sendmsg+0x105/0x140
[  194.353981][ T7558]  ____sys_sendmsg+0x705/0xc70
[  194.353997][ T7558]  ? copy_msghdr_from_user+0x10a/0x160
[  194.354017][ T7558]  ? __pfx_____sys_sendmsg+0x10/0x10
[  194.354041][ T7558]  ___sys_sendmsg+0x134/0x1d0
[  194.354062][ T7558]  ? __pfx____sys_sendmsg+0x10/0x10
[  194.354080][ T7558]  ? __lock_acquire+0x622/0x1c90
[  194.354121][ T7558]  __sys_sendmsg+0x16d/0x220
[  194.354141][ T7558]  ? __pfx___sys_sendmsg+0x10/0x10
[  194.354173][ T7558]  do_syscall_64+0xcd/0x490
[  194.354196][ T7558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.354210][ T7558] RIP: 0033:0x7f27a038e929
[  194.354222][ T7558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.354235][ T7558] RSP: 002b:00007f27a1142038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  194.354247][ T7558] RAX: ffffffffffffffda RBX: 00007f27a05b5fa0 RCX: 00007f27a038e929
[  194.354256][ T7558] RDX: 0000000024008080 RSI: 0000000000000000 RDI: 0000000000000003
[  194.354264][ T7558] RBP: 00007f27a1142090 R08: 0000000000000000 R09: 0000000000000000
[  194.354272][ T7558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.354279][ T7558] R13: 0000000000000000 R14: 00007f27a05b5fa0 R15: 00007ffcac9b0ad8
[  194.354297][ T7558]  </TASK>
[  195.511909][ T7568] FAULT_INJECTION: forcing a failure.
[  195.511909][ T7568] name failslab, interval 1, probability 0, space 0, times 0
[  195.566675][ T7568] CPU: 1 UID: 0 PID: 7568 Comm: syz.1.416 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  195.566714][ T7568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  195.566729][ T7568] Call Trace:
[  195.566737][ T7568]  <TASK>
[  195.566747][ T7568]  dump_stack_lvl+0x16c/0x1f0
[  195.566793][ T7568]  should_fail_ex+0x512/0x640
[  195.566830][ T7568]  ? __kmalloc_noprof+0xbf/0x510
[  195.566870][ T7568]  ? ima_write_template_field_data+0x5d/0x1f0
[  195.566902][ T7568]  should_failslab+0xc2/0x120
[  195.566927][ T7568]  __kmalloc_noprof+0xd2/0x510
[  195.566965][ T7568]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.566998][ T7568]  ima_write_template_field_data+0x5d/0x1f0
[  195.567036][ T7568]  ima_eventdigest_init_common+0x154/0x430
[  195.567072][ T7568]  ? __pfx_ima_eventdigest_init_common+0x10/0x10
[  195.567129][ T7568]  ? rcu_is_watching+0x12/0xc0
[  195.567155][ T7568]  ? trace_kmalloc+0x2b/0xd0
[  195.567179][ T7568]  ? __kmalloc_noprof+0x242/0x510
[  195.567224][ T7568]  ima_alloc_init_template+0x3a0/0x720
[  195.567253][ T7568]  ? rcu_is_watching+0x12/0xc0
[  195.567277][ T7568]  ima_store_measurement+0x1eb/0x5c0
[  195.567301][ T7568]  ? __pfx_ima_store_measurement+0x10/0x10
[  195.567330][ T7568]  ? vfs_getxattr_alloc+0xec/0x340
[  195.567379][ T7568]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  195.567422][ T7568]  process_measurement+0x1ddb/0x23e0
[  195.567472][ T7568]  ? __mutex_trylock_common+0xe9/0x250
[  195.567516][ T7568]  ? __pfx_process_measurement+0x10/0x10
[  195.567559][ T7568]  ? __pfx___might_resched+0x10/0x10
[  195.567590][ T7568]  ? rcu_is_watching+0x12/0xc0
[  195.567617][ T7568]  ? find_held_lock+0x2b/0x80
[  195.567645][ T7568]  ? tracing_check_open_get_tr.part.0+0xad/0x130
[  195.567715][ T7568]  ? tracing_check_open_get_tr.part.0+0xb2/0x130
[  195.567749][ T7568]  ? inode_to_bdi+0x9e/0x160
[  195.567779][ T7568]  ima_file_check+0xc5/0x110
[  195.567817][ T7568]  ? __pfx_ima_file_check+0x10/0x10
[  195.567864][ T7568]  security_file_post_open+0x8e/0x210
[  195.567899][ T7568]  path_openat+0x1404/0x2cb0
[  195.567948][ T7568]  ? __pfx_path_openat+0x10/0x10
[  195.567987][ T7568]  ? __lock_acquire+0xb8a/0x1c90
[  195.568023][ T7568]  do_filp_open+0x20b/0x470
[  195.568059][ T7568]  ? __pfx_do_filp_open+0x10/0x10
[  195.568121][ T7568]  ? alloc_fd+0x471/0x7d0
[  195.568166][ T7568]  do_sys_openat2+0x11b/0x1d0
[  195.568195][ T7568]  ? __pfx_do_sys_openat2+0x10/0x10
[  195.568253][ T7568]  __x64_sys_openat+0x174/0x210
[  195.568287][ T7568]  ? __pfx___x64_sys_openat+0x10/0x10
[  195.568333][ T7568]  do_syscall_64+0xcd/0x490
[  195.568375][ T7568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.568401][ T7568] RIP: 0033:0x7fb18658e929
[  195.568423][ T7568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.568446][ T7568] RSP: 002b:00007fb18740e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  195.568468][ T7568] RAX: ffffffffffffffda RBX: 00007fb1867b6080 RCX: 00007fb18658e929
[  195.568484][ T7568] RDX: 0000000000000100 RSI: 0000200000000440 RDI: ffffffffffffff9c
[  195.568506][ T7568] RBP: 00007fb186610b39 R08: 0000000000000000 R09: 0000000000000000
[  195.568522][ T7568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  195.568537][ T7568] R13: 0000000000000000 R14: 00007fb1867b6080 R15: 00007ffcc680a0f8
[  195.568572][ T7568]  </TASK>
[  195.571536][   T30] audit: type=1804 audit(4294980665.192:3): pid=7568 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.1.416" name="/newroot/sys/kernel/tracing/options/blk_classic" dev="tracefs" ino=1311 res=0 errno=0
[  198.045268][ T7609] can: request_module (can-proto-0) failed.
[  200.073501][ T7631] netlink: 28 bytes leftover after parsing attributes in process `syz.1.430'.
[  200.092903][ T7636] random: crng reseeded on system resumption

	
		

	


	
	

		
	
		
	
	



			








	





	











	




	


	


	
	

	


	


		



		


	



	
	


		
	

		
	
	
	
	
	
	
	






	






	







		













	

	
	
	




	
				
	




	
				
			

	


			
	


	
		

	


	
	

		
	
		
	
	



			








	




	








	









	

		











	

	
	
















	




	






		







	

	

	
		

	


	
	

		
	
		
	
	



			








	




	





	


	


	




	

		











	

	
	
















	





	




		






	
		

	


	
	

		
	
		
	
	



			








	




	










	
		

	


	

	








	








	




	




		







	
		

	


	
	

		
	
		
	
	



			








	



	
		

	




	
		







	


		
	
	
	
	

	
		
	
		
		

	
	
	












	






	






	





		










				

		
		
	
	

	
		

	
		

	


	
	

		
	
		
	
	



			








	




	







	




	



	


		
	
	
		
	
		
		

	
	
	












	






	




	




		







	

	
		
	

	
		






	


	
		

	


	
	

		
	
		
	
	



			








	




	





	

	

		
	
	
	

	

	


	

	
	

	
	
	
	

	
	
	

	






	






	







		










	

		

		

	
		

	


	
	

		
	
		
	
	



			








	



	



	





	




	


		

		
	



	


	



		
	

	
		



		


		

	
	








	








	




	





		







	
		

	


	
	

		
	
		
	
	



			








	





	



















	

















	



	




	
	










syzkaller
syzkaller login: [  226.039245][   T30] audit: type=1400 audit(4294980695.647:4): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=7959 comm="syz.3.511"
[  226.119248][ T7956] zswap: compressor 000 not available
[  226.659849][ T7963] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  227.852481][ T7993] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22
[  228.371497][ T7992] FAULT_INJECTION: forcing a failure.
[  228.371497][ T7992] name failslab, interval 1, probability 0, space 0, times 0
[  228.384481][ T7992] CPU: 1 UID: 0 PID: 7992 Comm: syz.1.518 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  228.384502][ T7992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  228.384511][ T7992] Call Trace:
[  228.384518][ T7992]  <TASK>
[  228.384525][ T7992]  dump_stack_lvl+0x16c/0x1f0
[  228.384553][ T7992]  should_fail_ex+0x512/0x640
[  228.384575][ T7992]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  228.384600][ T7992]  should_failslab+0xc2/0x120
[  228.384614][ T7992]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  228.384635][ T7992]  ? vma_merge_new_range+0x37f/0xa00
[  228.384655][ T7992]  ? vm_area_alloc+0x1f/0x160
[  228.384676][ T7992]  vm_area_alloc+0x1f/0x160
[  228.384697][ T7992]  __mmap_region+0xf0a/0x25e0
[  228.384721][ T7992]  ? __pfx___mmap_region+0x10/0x10
[  228.384740][ T7992]  ? find_held_lock+0x2b/0x80
[  228.384759][ T7992]  ? finish_task_switch.isra.0+0x221/0xc10
[  228.384774][ T7992]  ? lockdep_hardirqs_on+0x7c/0x110
[  228.384793][ T7992]  ? finish_task_switch.isra.0+0x221/0xc10
[  228.384809][ T7992]  ? rcu_is_watching+0x12/0xc0
[  228.384823][ T7992]  ? trace_sched_exit_tp+0xde/0x130
[  228.384860][ T7992]  ? __schedule+0x1181/0x5de0
[  228.384916][ T7992]  ? trace_cap_capable+0x18d/0x200
[  228.384938][ T7992]  mmap_region+0x1ab/0x3f0
[  228.384951][ T7992]  ? __get_unmapped_area+0x267/0x440
[  228.384971][ T7992]  do_mmap+0xa3e/0x1210
[  228.384992][ T7992]  ? __pfx_do_mmap+0x10/0x10
[  228.385008][ T7992]  ? __pfx_down_write_killable+0x10/0x10
[  228.385021][ T7992]  ? kmem_cache_free+0x2d1/0x4d0
[  228.385044][ T7992]  vm_mmap_pgoff+0x281/0x450
[  228.385063][ T7992]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  228.385082][ T7992]  ? __x64_sys_futex+0x1e0/0x4c0
[  228.385099][ T7992]  ? __x64_sys_futex+0x1e9/0x4c0
[  228.385118][ T7992]  ksys_mmap_pgoff+0x7d/0x5c0
[  228.385133][ T7992]  ? xfd_validate_state+0x61/0x180
[  228.385155][ T7992]  __x64_sys_mmap+0x125/0x190
[  228.385177][ T7992]  do_syscall_64+0xcd/0x490
[  228.385200][ T7992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.385214][ T7992] RIP: 0033:0x7fb18658e929
[  228.385227][ T7992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.385241][ T7992] RSP: 002b:00007fb18742f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  228.385254][ T7992] RAX: ffffffffffffffda RBX: 00007fb1867b5fa0 RCX: 00007fb18658e929
[  228.385264][ T7992] RDX: 00000000000000df RSI: 0000000004020009 RDI: 0000000000000000
[  228.385271][ T7992] RBP: 00007fb186610b39 R08: 0000000000000401 R09: 0000000000008000
[  228.385280][ T7992] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  228.385287][ T7992] R13: 0000000000000000 R14: 00007fb1867b5fa0 R15: 00007ffcc680a0f8
[  228.385306][ T7992]  </TASK>
[  229.572795][ T7995] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23
[  231.000762][ T8014] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  231.364267][ T8022] ecryptfs_parse_packet_length: Five-byte packet length not supported
[  231.372746][ T8022] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22]
[  231.507492][ T8020] FAULT_INJECTION: forcing a failure.
[  231.507492][ T8020] name failslab, interval 1, probability 0, space 0, times 0
[  231.560998][ T8020] CPU: 1 UID: 0 PID: 8020 Comm: syz.1.526 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  231.561038][ T8020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  231.561053][ T8020] Call Trace:
[  231.561062][ T8020]  <TASK>
[  231.561072][ T8020]  dump_stack_lvl+0x16c/0x1f0
[  231.561118][ T8020]  should_fail_ex+0x512/0x640
[  231.561156][ T8020]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  231.561197][ T8020]  should_failslab+0xc2/0x120
[  231.561225][ T8020]  __kmalloc_cache_noprof+0x6a/0x3e0
[  231.561260][ T8020]  ? drm_atomic_state_alloc+0xb8/0x120
[  231.561298][ T8020]  drm_atomic_state_alloc+0xb8/0x120
[  231.561331][ T8020]  drm_client_modeset_commit_atomic+0xcc/0x7e0
[  231.561363][ T8020]  ? __pfx___might_resched+0x10/0x10
[  231.561394][ T8020]  ? rcu_is_watching+0x12/0xc0
[  231.561422][ T8020]  ? trace_contention_end+0xdd/0x130
[  231.561457][ T8020]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  231.561526][ T8020]  drm_client_modeset_commit_locked+0x14d/0x580
[  231.561566][ T8020]  drm_client_modeset_commit+0x4f/0x80
[  231.561594][ T8020]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[  231.561633][ T8020]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  231.561667][ T8020]  drm_fbdev_client_restore+0x2c/0x40
[  231.561700][ T8020]  drm_client_dev_restore+0x1f6/0x2a0
[  231.561736][ T8020]  drm_release+0x2c4/0x360
[  231.561772][ T8020]  ? __pfx_drm_release+0x10/0x10
[  231.561795][ T8020]  __fput+0x402/0xb70
[  231.561831][ T8020]  task_work_run+0x14d/0x240
[  231.561866][ T8020]  ? __pfx_task_work_run+0x10/0x10
[  231.561901][ T8020]  ? __pfx___do_sys_close_range+0x10/0x10
[  231.561947][ T8020]  exit_to_user_mode_loop+0xeb/0x110
[  231.561988][ T8020]  do_syscall_64+0x3f6/0x490
[  231.562029][ T8020]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.562055][ T8020] RIP: 0033:0x7fb18658e929
[  231.562076][ T8020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.562102][ T8020] RSP: 002b:00007fb18742f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  231.562127][ T8020] RAX: 0000000000000000 RBX: 00007fb1867b5fa0 RCX: 00007fb18658e929
[  231.562145][ T8020] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  231.562159][ T8020] RBP: 00007fb186610b39 R08: 0000000000000000 R09: 0000000000000000
[  231.562174][ T8020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  231.562190][ T8020] R13: 0000000000000000 R14: 00007fb1867b5fa0 R15: 00007ffcc680a0f8
[  231.562227][ T8020]  </TASK>
[  234.492611][ T8054] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  236.013393][ T8072] FAULT_INJECTION: forcing a failure.
[  236.013393][ T8072] name failslab, interval 1, probability 0, space 0, times 0
[  236.075773][ T8072] CPU: 1 UID: 0 PID: 8072 Comm: syz.1.539 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  236.075809][ T8072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  236.075823][ T8072] Call Trace:
[  236.075832][ T8072]  <TASK>
[  236.075841][ T8072]  dump_stack_lvl+0x16c/0x1f0
[  236.075882][ T8072]  should_fail_ex+0x512/0x640
[  236.075916][ T8072]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  236.075960][ T8072]  should_failslab+0xc2/0x120
[  236.075985][ T8072]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  236.076024][ T8072]  ? kstrdup_const+0x63/0x80
[  236.076065][ T8072]  kstrdup+0x53/0x100
[  236.076100][ T8072]  kstrdup_const+0x63/0x80
[  236.076135][ T8072]  __kernfs_new_node+0x9b/0x8e0
[  236.076174][ T8072]  ? __pfx___kernfs_new_node+0x10/0x10
[  236.076217][ T8072]  ? find_held_lock+0x2b/0x80
[  236.076243][ T8072]  ? kernfs_root+0xee/0x2a0
[  236.076283][ T8072]  kernfs_new_node+0x13c/0x1e0
[  236.076313][ T8072]  kernfs_create_link+0xcc/0x240
[  236.076367][ T8072]  sysfs_do_create_link_sd+0x90/0x140
[  236.076403][ T8072]  sysfs_create_link+0x61/0xc0
[  236.076435][ T8072]  device_add+0x62c/0x1a70
[  236.076466][ T8072]  ? __pfx_device_add+0x10/0x10
[  236.076492][ T8072]  ? lockdep_init_map_type+0x5c/0x280
[  236.076526][ T8072]  ? __init_waitqueue_head+0xca/0x150
[  236.076558][ T8072]  netdev_register_kobject+0x182/0x3a0
[  236.076591][ T8072]  register_netdevice+0x13dc/0x2270
[  236.076620][ T8072]  ? idr_alloc+0xdd/0x130
[  236.076651][ T8072]  ? __pfx_register_netdevice+0x10/0x10
[  236.076685][ T8072]  ppp_dev_configure+0x99b/0xc80
[  236.076725][ T8072]  ppp_ioctl+0x17e0/0x2660
[  236.076757][ T8072]  ? find_held_lock+0x2b/0x80
[  236.076781][ T8072]  ? __pfx_ppp_ioctl+0x10/0x10
[  236.076818][ T8072]  ? __fget_files+0x20e/0x3c0
[  236.076856][ T8072]  ? __pfx_ppp_ioctl+0x10/0x10
[  236.076887][ T8072]  __x64_sys_ioctl+0x18b/0x210
[  236.076919][ T8072]  do_syscall_64+0xcd/0x490
[  236.076958][ T8072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.076982][ T8072] RIP: 0033:0x7fb18658e929
[  236.077002][ T8072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.077025][ T8072] RSP: 002b:00007fb18742f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  236.077048][ T8072] RAX: ffffffffffffffda RBX: 00007fb1867b5fa0 RCX: 00007fb18658e929
[  236.077063][ T8072] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000007
[  236.077078][ T8072] RBP: 00007fb18742f090 R08: 0000000000000000 R09: 0000000000000000
[  236.077092][ T8072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  236.077105][ T8072] R13: 0000000000000000 R14: 00007fb1867b5fa0 R15: 00007ffcc680a0f8
[  236.077139][ T8072]  </TASK>
[  236.833559][ T8083] cifs: Unknown parameter 'no+ 1����`��r�sFn)��a�H��ā��h`����9k�A}���1\D@��.��Z�Cg^�'
[  237.946787][ T7510] syz.2.397 (7510) used greatest stack depth: 18696 bytes left
[  238.619241][ T8121] FAULT_INJECTION: forcing a failure.
[  238.619241][ T8121] name failslab, interval 1, probability 0, space 0, times 0
[  238.762379][ T8121] CPU: 1 UID: 0 PID: 8121 Comm: syz.1.552 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  238.762417][ T8121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  238.762434][ T8121] Call Trace:
[  238.762442][ T8121]  <TASK>
[  238.762452][ T8121]  dump_stack_lvl+0x16c/0x1f0
[  238.762498][ T8121]  should_fail_ex+0x512/0x640
[  238.762535][ T8121]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  238.762576][ T8121]  should_failslab+0xc2/0x120
[  238.762603][ T8121]  __kmalloc_cache_noprof+0x6a/0x3e0
[  238.762638][ T8121]  ? mon_bin_open+0x1a8/0x4a0
[  238.762670][ T8121]  mon_bin_open+0x1a8/0x4a0
[  238.762696][ T8121]  ? __pfx_mon_bin_open+0x10/0x10
[  238.762722][ T8121]  chrdev_open+0x231/0x6a0
[  238.762747][ T8121]  ? __pfx_apparmor_file_open+0x10/0x10
[  238.762787][ T8121]  ? __pfx_chrdev_open+0x10/0x10
[  238.762825][ T8121]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  238.762868][ T8121]  do_dentry_open+0x744/0x1c10
[  238.762908][ T8121]  ? __pfx_chrdev_open+0x10/0x10
[  238.762939][ T8121]  vfs_open+0x82/0x3f0
[  238.762973][ T8121]  path_openat+0x1de4/0x2cb0
[  238.763021][ T8121]  ? __pfx_path_openat+0x10/0x10
[  238.763058][ T8121]  ? __lock_acquire+0xb8a/0x1c90
[  238.763097][ T8121]  do_filp_open+0x20b/0x470
[  238.763135][ T8121]  ? __pfx_do_filp_open+0x10/0x10
[  238.763197][ T8121]  ? alloc_fd+0x471/0x7d0
[  238.763243][ T8121]  do_sys_openat2+0x11b/0x1d0
[  238.763273][ T8121]  ? __pfx_do_sys_openat2+0x10/0x10
[  238.763316][ T8121]  __x64_sys_openat+0x174/0x210
[  238.763348][ T8121]  ? __pfx___x64_sys_openat+0x10/0x10
[  238.763393][ T8121]  do_syscall_64+0xcd/0x490
[  238.763435][ T8121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.763461][ T8121] RIP: 0033:0x7fb18658e929
[  238.763482][ T8121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.763506][ T8121] RSP: 002b:00007fb18742f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  238.763531][ T8121] RAX: ffffffffffffffda RBX: 00007fb1867b5fa0 RCX: 00007fb18658e929
[  238.763549][ T8121] RDX: 0000000000000400 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  238.763566][ T8121] RBP: 00007fb186610b39 R08: 0000000000000000 R09: 0000000000000000
[  238.763582][ T8121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  238.763597][ T8121] R13: 0000000000000000 R14: 00007fb1867b5fa0 R15: 00007ffcc680a0f8
[  238.763632][ T8121]  </TASK>
[  239.176441][ T8136] FAULT_INJECTION: forcing a failure.
[  239.176441][ T8136] name failslab, interval 1, probability 0, space 0, times 0
[  239.232737][ T8136] CPU: 0 UID: 0 PID: 8136 Comm: syz.2.555 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  239.232781][ T8136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  239.232796][ T8136] Call Trace:
[  239.232805][ T8136]  <TASK>
[  239.232816][ T8136]  dump_stack_lvl+0x16c/0x1f0
[  239.232861][ T8136]  should_fail_ex+0x512/0x640
[  239.232899][ T8136]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  239.232943][ T8136]  should_failslab+0xc2/0x120
[  239.232970][ T8136]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  239.233005][ T8136]  ? __pfx___might_resched+0x10/0x10
[  239.233033][ T8136]  ? __anon_vma_prepare+0xae/0x5e0
[  239.233074][ T8136]  __anon_vma_prepare+0xae/0x5e0
[  239.233107][ T8136]  ? __pfx___pte_alloc+0x10/0x10
[  239.233139][ T8136]  __vmf_anon_prepare+0x11c/0x240
[  239.233171][ T8136]  __handle_mm_fault+0x27f6/0x5490
[  239.233215][ T8136]  ? __pfx___handle_mm_fault+0x10/0x10
[  239.233282][ T8136]  handle_mm_fault+0x589/0xd10
[  239.233323][ T8136]  __get_user_pages+0x589/0x3b80
[  239.233364][ T8136]  ? __pfx_mt_find+0x10/0x10
[  239.233389][ T8136]  ? __pfx___get_user_pages+0x10/0x10
[  239.233434][ T8136]  populate_vma_page_range+0x278/0x3a0
[  239.233467][ T8136]  ? __pfx_populate_vma_page_range+0x10/0x10
[  239.233498][ T8136]  ? __pfx_find_vma_intersection+0x10/0x10
[  239.233531][ T8136]  ? do_mmap+0x69c/0x1210
[  239.233564][ T8136]  __mm_populate+0x1d8/0x380
[  239.233598][ T8136]  ? __pfx___mm_populate+0x10/0x10
[  239.233633][ T8136]  ? up_write+0x1b2/0x520
[  239.233674][ T8136]  vm_mmap_pgoff+0x362/0x450
[  239.233706][ T8136]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  239.233743][ T8136]  ? __x64_sys_futex+0x1e0/0x4c0
[  239.233779][ T8136]  ? __x64_sys_futex+0x1e9/0x4c0
[  239.233817][ T8136]  ksys_mmap_pgoff+0x7d/0x5c0
[  239.233848][ T8136]  ? xfd_validate_state+0x61/0x180
[  239.233888][ T8136]  __x64_sys_mmap+0x125/0x190
[  239.233930][ T8136]  do_syscall_64+0xcd/0x490
[  239.233970][ T8136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.233995][ T8136] RIP: 0033:0x7fd506b8e929
[  239.234017][ T8136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.234043][ T8136] RSP: 002b:00007fd507a1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  239.234068][ T8136] RAX: ffffffffffffffda RBX: 00007fd506db5fa0 RCX: 00007fd506b8e929
[  239.234086][ T8136] RDX: ffffffffffeffffe RSI: 0000000000400005 RDI: 00000000f4000000
[  239.234102][ T8136] RBP: 00007fd506c10b39 R08: 0000000000000c76 R09: 0000000000008000
[  239.234119][ T8136] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  239.234136][ T8136] R13: 0000000000000000 R14: 00007fd506db5fa0 R15: 00007ffced2ac718
[  239.234171][ T8136]  </TASK>
[  241.435363][ T8157] ptrace attach of ""[8161] was attempted by "./syz-executor exec"[8157]
[  242.526187][ T8185] FAULT_INJECTION: forcing a failure.
[  242.526187][ T8185] name failslab, interval 1, probability 0, space 0, times 0
[  242.557190][ T8185] CPU: 0 UID: 0 PID: 8185 Comm: syz.3.567 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  242.557224][ T8185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  242.557238][ T8185] Call Trace:
[  242.557246][ T8185]  <TASK>
[  242.557255][ T8185]  dump_stack_lvl+0x16c/0x1f0
[  242.557293][ T8185]  should_fail_ex+0x512/0x640
[  242.557324][ T8185]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  242.557359][ T8185]  should_failslab+0xc2/0x120
[  242.557381][ T8185]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  242.557412][ T8185]  ? vm_area_dup+0x27/0x8d0
[  242.557445][ T8185]  vm_area_dup+0x27/0x8d0
[  242.557479][ T8185]  __split_vma+0x18e/0x1070
[  242.557519][ T8185]  ? __pfx___split_vma+0x10/0x10
[  242.557572][ T8185]  vms_gather_munmap_vmas+0x392/0x1310
[  242.557613][ T8185]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  242.557651][ T8185]  ? mas_walk+0x6a6/0x910
[  242.557703][ T8185]  __mmap_region+0x3c7/0x25e0
[  242.557744][ T8185]  ? __pfx___mmap_region+0x10/0x10
[  242.557790][ T8185]  ? is_bpf_text_address+0x8a/0x1a0
[  242.557823][ T8185]  ? bpf_ksym_find+0x124/0x1c0
[  242.557851][ T8185]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  242.557880][ T8185]  ? is_bpf_text_address+0x94/0x1a0
[  242.557914][ T8185]  ? kernel_text_address+0x8d/0x100
[  242.557937][ T8185]  ? __kernel_text_address+0xd/0x40
[  242.557959][ T8185]  ? unwind_get_return_address+0x59/0xa0
[  242.557996][ T8185]  ? arch_stack_walk+0xa6/0x100
[  242.558026][ T8185]  ? __lock_acquire+0x622/0x1c90
[  242.558103][ T8185]  ? trace_cap_capable+0x18d/0x200
[  242.558142][ T8185]  mmap_region+0x1ab/0x3f0
[  242.558164][ T8185]  ? __get_unmapped_area+0x267/0x440
[  242.558196][ T8185]  do_mmap+0xa3e/0x1210
[  242.558230][ T8185]  ? __pfx_do_mmap+0x10/0x10
[  242.558260][ T8185]  ? __pfx_down_write_killable+0x10/0x10
[  242.558291][ T8185]  vm_mmap_pgoff+0x281/0x450
[  242.558326][ T8185]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  242.558358][ T8185]  ? __fget_files+0x20e/0x3c0
[  242.558399][ T8185]  ksys_mmap_pgoff+0x32c/0x5c0
[  242.558425][ T8185]  ? __pfx_ksys_write+0x10/0x10
[  242.558465][ T8185]  __x64_sys_mmap+0x125/0x190
[  242.558503][ T8185]  do_syscall_64+0xcd/0x490
[  242.558541][ T8185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.558566][ T8185] RIP: 0033:0x7f27a038e929
[  242.558586][ T8185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  242.558609][ T8185] RSP: 002b:00007f27a1142038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  242.558632][ T8185] RAX: ffffffffffffffda RBX: 00007f27a05b5fa0 RCX: 00007f27a038e929
[  242.558649][ T8185] RDX: 0000000000000ffb RSI: 0000000000000009 RDI: 0000000000000000
[  242.558663][ T8185] RBP: 00007f27a1142090 R08: 0000000000000003 R09: 0000000000000000
[  242.558683][ T8185] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000001
[  242.558697][ T8185] R13: 0000000000000000 R14: 00007f27a05b5fa0 R15: 00007ffcac9b0ad8
[  242.558732][ T8185]  </TASK>
[  243.191732][ T5859] Bluetooth: hci1: Received unexpected HCI Event 0x00
[  244.440059][ T8214] FAULT_INJECTION: forcing a failure.
[  244.440059][ T8214] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.498275][ T8214] CPU: 1 UID: 0 PID: 8214 Comm: syz.3.575 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  244.498311][ T8214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  244.498325][ T8214] Call Trace:
[  244.498334][ T8214]  <TASK>
[  244.498343][ T8214]  dump_stack_lvl+0x16c/0x1f0
[  244.498384][ T8214]  should_fail_ex+0x512/0x640
[  244.498425][ T8214]  _copy_to_iter+0x29f/0x16f0
[  244.498451][ T8214]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  244.498488][ T8214]  ? sysfs_blk_trace_attr_show+0x156/0x4b0
[  244.498516][ T8214]  ? __pfx__copy_to_iter+0x10/0x10
[  244.498544][ T8214]  ? kernfs_seq_stop+0xcd/0x120
[  244.498576][ T8214]  ? kernfs_put_active+0x86/0xe0
[  244.498617][ T8214]  seq_read_iter+0xcf8/0x12c0
[  244.498664][ T8214]  kernfs_fop_read_iter+0x40f/0x5a0
[  244.498690][ T8214]  ? rw_verify_area+0xcf/0x680
[  244.498725][ T8214]  vfs_read+0x8bc/0xc60
[  244.498764][ T8214]  ? __pfx___mutex_lock+0x10/0x10
[  244.498798][ T8214]  ? __pfx_vfs_read+0x10/0x10
[  244.498854][ T8214]  ksys_read+0x12a/0x250
[  244.498886][ T8214]  ? __pfx_ksys_read+0x10/0x10
[  244.498931][ T8214]  do_syscall_64+0xcd/0x490
[  244.498969][ T8214]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.498993][ T8214] RIP: 0033:0x7f27a038e929
[  244.499013][ T8214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.499037][ T8214] RSP: 002b:00007f27a1142038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  244.499060][ T8214] RAX: ffffffffffffffda RBX: 00007f27a05b5fa0 RCX: 00007f27a038e929
[  244.499077][ T8214] RDX: 0000000000000028 RSI: 00002000000000c0 RDI: 0000000000000003
[  244.499091][ T8214] RBP: 00007f27a1142090 R08: 0000000000000000 R09: 0000000000000000
[  244.499106][ T8214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.499121][ T8214] R13: 0000000000000000 R14: 00007f27a05b5fa0 R15: 00007ffcac9b0ad8
[  244.499156][ T8214]  </TASK>
[  244.699570][    C1] vkms_vblank_simulate: vblank timer overrun
[  244.722281][ T8209] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  245.593914][ T8241] FAULT_INJECTION: forcing a failure.
[  245.593914][ T8241] name failslab, interval 1, probability 0, space 0, times 0
[  245.623686][ T8241] CPU: 0 UID: 0 PID: 8241 Comm: syz.1.581 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  245.623725][ T8241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  245.623740][ T8241] Call Trace:
[  245.623750][ T8241]  <TASK>
[  245.623760][ T8241]  dump_stack_lvl+0x16c/0x1f0
[  245.623806][ T8241]  should_fail_ex+0x512/0x640
[  245.623842][ T8241]  ? __kmalloc_noprof+0xbf/0x510
[  245.623882][ T8241]  ? vkms_crtc_atomic_check+0x3c5/0x880
[  245.623913][ T8241]  should_failslab+0xc2/0x120
[  245.623939][ T8241]  __kmalloc_noprof+0xd2/0x510
[  245.623976][ T8241]  ? drm_atomic_add_affected_planes+0x32b/0x3f0
[  245.624016][ T8241]  vkms_crtc_atomic_check+0x3c5/0x880
[  245.624058][ T8241]  ? __pfx_vkms_crtc_atomic_check+0x10/0x10
[  245.624088][ T8241]  drm_atomic_helper_check_planes+0x4da/0x900
[  245.624143][ T8241]  drm_atomic_helper_check+0xae/0x190
[  245.624187][ T8241]  vkms_atomic_check+0x1d9/0x250
[  245.624212][ T8241]  ? __pfx_vkms_atomic_check+0x10/0x10
[  245.624238][ T8241]  drm_atomic_check_only+0x19c7/0x3130
[  245.624284][ T8241]  drm_atomic_commit+0x136/0x300
[  245.624307][ T8241]  ? __pfx_drm_atomic_commit+0x10/0x10
[  245.624329][ T8241]  ? __pfx___drm_printfn_info+0x10/0x10
[  245.624366][ T8241]  ? drm_client_rotation+0x4da/0x6a0
[  245.624395][ T8241]  drm_client_modeset_commit_atomic+0x69d/0x7e0
[  245.624433][ T8241]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  245.624492][ T8241]  drm_client_modeset_commit_locked+0x14d/0x580
[  245.624525][ T8241]  drm_client_modeset_commit+0x4f/0x80
[  245.624554][ T8241]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[  245.624595][ T8241]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  245.624629][ T8241]  drm_fbdev_client_restore+0x2c/0x40
[  245.624661][ T8241]  drm_client_dev_restore+0x1f6/0x2a0
[  245.624700][ T8241]  drm_release+0x2c4/0x360
[  245.624731][ T8241]  ? __pfx_drm_release+0x10/0x10
[  245.624755][ T8241]  __fput+0x402/0xb70
[  245.624791][ T8241]  task_work_run+0x14d/0x240
[  245.624829][ T8241]  ? __pfx_task_work_run+0x10/0x10
[  245.624866][ T8241]  ? __pfx___do_sys_close_range+0x10/0x10
[  245.624906][ T8241]  exit_to_user_mode_loop+0xeb/0x110
[  245.624949][ T8241]  do_syscall_64+0x3f6/0x490
[  245.624989][ T8241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.625013][ T8241] RIP: 0033:0x7fb18658e929
[  245.625035][ T8241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.625061][ T8241] RSP: 002b:00007fb18742f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  245.625084][ T8241] RAX: 0000000000000000 RBX: 00007fb1867b5fa0 RCX: 00007fb18658e929
[  245.625100][ T8241] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  245.625115][ T8241] RBP: 00007fb186610b39 R08: 0000000000000000 R09: 0000000000000000
[  245.625130][ T8241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  245.625152][ T8241] R13: 0000000000000000 R14: 00007fb1867b5fa0 R15: 00007ffcc680a0f8
[  245.625187][ T8241]  </TASK>
[  246.003916][ T8244] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24
[  246.134317][ T8239] FAULT_INJECTION: forcing a failure.
[  246.134317][ T8239] name failslab, interval 1, probability 0, space 0, times 0
[  246.309187][ T8239] CPU: 0 UID: 0 PID: 8239 Comm: syz.3.582 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  246.309212][ T8239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  246.309221][ T8239] Call Trace:
[  246.309226][ T8239]  <TASK>
[  246.309232][ T8239]  dump_stack_lvl+0x16c/0x1f0
[  246.309260][ T8239]  should_fail_ex+0x512/0x640
[  246.309282][ T8239]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  246.309312][ T8239]  should_failslab+0xc2/0x120
[  246.309327][ T8239]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  246.309349][ T8239]  ? __kernfs_new_node+0xd2/0x8e0
[  246.309373][ T8239]  __kernfs_new_node+0xd2/0x8e0
[  246.309393][ T8239]  ? __pfx_stack_trace_save+0x10/0x10
[  246.309410][ T8239]  ? __pfx___kernfs_new_node+0x10/0x10
[  246.309435][ T8239]  ? find_held_lock+0x2b/0x80
[  246.309450][ T8239]  ? kernfs_root+0xee/0x2a0
[  246.309473][ T8239]  kernfs_new_node+0x13c/0x1e0
[  246.309486][ T8239]  ? device_get_ownership+0x7c/0xa0
[  246.309503][ T8239]  kernfs_create_dir_ns+0x4c/0x1a0
[  246.309519][ T8239]  sysfs_create_dir_ns+0x13a/0x2b0
[  246.309539][ T8239]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  246.309557][ T8239]  ? kobject_set_name_vargs+0xfe/0x140
[  246.309573][ T8239]  ? kobject_set_name+0xc7/0x100
[  246.309587][ T8239]  ? __pfx_kobject_set_name+0x10/0x10
[  246.309604][ T8239]  kobject_add_internal+0x2c4/0x9b0
[  246.309621][ T8239]  kset_register+0x198/0x2b0
[  246.309635][ T8239]  kset_create_and_add+0x123/0x190
[  246.309650][ T8239]  netdev_register_kobject+0x1c8/0x3a0
[  246.309668][ T8239]  register_netdevice+0x13dc/0x2270
[  246.309685][ T8239]  ? idr_alloc+0xdd/0x130
[  246.309703][ T8239]  ? __pfx_register_netdevice+0x10/0x10
[  246.309722][ T8239]  ppp_dev_configure+0x99b/0xc80
[  246.309744][ T8239]  ppp_ioctl+0x17e0/0x2660
[  246.309768][ T8239]  ? find_held_lock+0x2b/0x80
[  246.309782][ T8239]  ? __pfx_ppp_ioctl+0x10/0x10
[  246.309802][ T8239]  ? __fget_files+0x20e/0x3c0
[  246.309828][ T8239]  ? __pfx_ppp_ioctl+0x10/0x10
[  246.309847][ T8239]  __x64_sys_ioctl+0x18b/0x210
[  246.309872][ T8239]  do_syscall_64+0xcd/0x490
[  246.309896][ T8239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.309911][ T8239] RIP: 0033:0x7f27a038e929
[  246.309923][ T8239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.309941][ T8239] RSP: 002b:00007f27a1142038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  246.309956][ T8239] RAX: ffffffffffffffda RBX: 00007f27a05b5fa0 RCX: 00007f27a038e929
[  246.309966][ T8239] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 000000000000000a
[  246.309974][ T8239] RBP: 00007f27a0410b39 R08: 0000000000000000 R09: 0000000000000000
[  246.309983][ T8239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  246.309996][ T8239] R13: 0000000000000000 R14: 00007f27a05b5fa0 R15: 00007ffcac9b0ad8
[  246.310015][ T8239]  </TASK>
[  246.310023][ T8239] kobject: kobject_add_internal failed for queues (error: -12 parent: ppp0)
[  246.806610][ T8248] netlink: 8 bytes leftover after parsing attributes in process `syz.0.583'.
[  247.497259][ T8263] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  247.901493][ T8276] FAULT_INJECTION: forcing a failure.
[  247.901493][ T8276] name failslab, interval 1, probability 0, space 0, times 0
[  247.943168][ T8276] CPU: 0 UID: 0 PID: 8276 Comm: syz.1.589 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  247.943208][ T8276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  247.943223][ T8276] Call Trace:
[  247.943232][ T8276]  <TASK>
[  247.943244][ T8276]  dump_stack_lvl+0x16c/0x1f0
[  247.943290][ T8276]  should_fail_ex+0x512/0x640
[  247.943326][ T8276]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  247.943368][ T8276]  should_failslab+0xc2/0x120
[  247.943395][ T8276]  __kmalloc_cache_noprof+0x6a/0x3e0
[  247.943431][ T8276]  ? drm_atomic_state_alloc+0xb8/0x120
[  247.943468][ T8276]  drm_atomic_state_alloc+0xb8/0x120
[  247.943500][ T8276]  drm_client_modeset_commit_atomic+0xcc/0x7e0
[  247.943542][ T8276]  ? __pfx___might_resched+0x10/0x10
[  247.943575][ T8276]  ? rcu_is_watching+0x12/0xc0
[  247.943603][ T8276]  ? trace_contention_end+0xdd/0x130
[  247.943640][ T8276]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  247.943714][ T8276]  drm_client_modeset_commit_locked+0x14d/0x580
[  247.943751][ T8276]  drm_client_modeset_commit+0x4f/0x80
[  247.943782][ T8276]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[  247.943825][ T8276]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  247.943861][ T8276]  drm_fbdev_client_restore+0x2c/0x40
[  247.943895][ T8276]  drm_client_dev_restore+0x1f6/0x2a0
[  247.943937][ T8276]  drm_release+0x2c4/0x360
[  247.943967][ T8276]  ? __pfx_drm_release+0x10/0x10
[  247.943992][ T8276]  __fput+0x402/0xb70
[  247.944029][ T8276]  task_work_run+0x14d/0x240
[  247.944070][ T8276]  ? __pfx_task_work_run+0x10/0x10
[  247.944109][ T8276]  ? __pfx___do_sys_close_range+0x10/0x10
[  247.944156][ T8276]  exit_to_user_mode_loop+0xeb/0x110
[  247.944197][ T8276]  do_syscall_64+0x3f6/0x490
[  247.944239][ T8276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.944266][ T8276] RIP: 0033:0x7fb18658e929
[  247.944287][ T8276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.944313][ T8276] RSP: 002b:00007fb18740e038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  247.944337][ T8276] RAX: 0000000000000000 RBX: 00007fb1867b6080 RCX: 00007fb18658e929
[  247.944354][ T8276] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  247.944370][ T8276] RBP: 00007fb186610b39 R08: 0000000000000000 R09: 0000000000000000
[  247.944386][ T8276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  247.944401][ T8276] R13: 0000000000000000 R14: 00007fb1867b6080 R15: 00007ffcc680a0f8
[  247.944438][ T8276]  </TASK>
[  248.614294][ T8283] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25
[  249.047170][ T8277] kexec: Could not allocate control_code_buffer
[  250.006023][ T8305] FAULT_INJECTION: forcing a failure.
[  250.006023][ T8305] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  250.054615][ T8305] CPU: 0 UID: 0 PID: 8305 Comm: syz.3.596 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  250.054649][ T8305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  250.054662][ T8305] Call Trace:
[  250.054671][ T8305]  <TASK>
[  250.054680][ T8305]  dump_stack_lvl+0x16c/0x1f0
[  250.054722][ T8305]  should_fail_ex+0x512/0x640
[  250.054762][ T8305]  _copy_from_user+0x2e/0xd0
[  250.054786][ T8305]  do_sys_poll+0x1d5/0xdf0
[  250.054820][ T8305]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  250.054853][ T8305]  ? kernel_text_address+0x8d/0x100
[  250.054877][ T8305]  ? __kernel_text_address+0xd/0x40
[  250.054909][ T8305]  ? __pfx_do_sys_poll+0x10/0x10
[  250.054974][ T8305]  ? find_held_lock+0x2b/0x80
[  250.055065][ T8305]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  250.055105][ T8305]  ? set_user_sigmask+0x21b/0x2b0
[  250.055131][ T8305]  ? __pfx_set_user_sigmask+0x10/0x10
[  250.055156][ T8305]  ? __fget_files+0x20e/0x3c0
[  250.055194][ T8305]  __x64_sys_ppoll+0x254/0x2d0
[  250.055228][ T8305]  ? __pfx___x64_sys_ppoll+0x10/0x10
[  250.055259][ T8305]  ? ksys_write+0x1ac/0x250
[  250.055293][ T8305]  ? __pfx_ksys_write+0x10/0x10
[  250.055336][ T8305]  do_syscall_64+0xcd/0x490
[  250.055372][ T8305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.055396][ T8305] RIP: 0033:0x7f27a038e929
[  250.055416][ T8305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.055439][ T8305] RSP: 002b:00007f279e1d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  250.055463][ T8305] RAX: ffffffffffffffda RBX: 00007f27a05b6240 RCX: 00007f27a038e929
[  250.055480][ T8305] RDX: 0000000000000000 RSI: 000000000000007f RDI: 0000000000000000
[  250.055494][ T8305] RBP: 00007f279e1d5090 R08: 0000000000000008 R09: 0000000000000000
[  250.055509][ T8305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  250.055524][ T8305] R13: 0000000000000000 R14: 00007f27a05b6240 R15: 00007ffcac9b0ad8
[  250.055557][ T8305]  </TASK>
[  250.902715][ T8321] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  252.723848][ T8344] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26
[  253.945770][ T8374] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input27
[  253.976779][ T8374] FAULT_INJECTION: forcing a failure.
[  253.976779][ T8374] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  254.090236][ T8374] CPU: 1 UID: 0 PID: 8374 Comm: syz.2.613 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  254.090259][ T8374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  254.090267][ T8374] Call Trace:
[  254.090272][ T8374]  <TASK>
[  254.090278][ T8374]  dump_stack_lvl+0x16c/0x1f0
[  254.090305][ T8374]  should_fail_ex+0x512/0x640
[  254.090330][ T8374]  _copy_from_user+0x2e/0xd0
[  254.090344][ T8374]  input_event_from_user+0xb9/0x290
[  254.090367][ T8374]  ? __pfx_input_event_from_user+0x10/0x10
[  254.090387][ T8374]  ? __pfx___might_resched+0x10/0x10
[  254.090403][ T8374]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  254.090423][ T8374]  ? input_event+0x98/0xb0
[  254.090445][ T8374]  uinput_write+0xbe7/0xff0
[  254.090464][ T8374]  ? __pfx_uinput_write+0x10/0x10
[  254.090479][ T8374]  ? bpf_lsm_file_permission+0x9/0x10
[  254.090495][ T8374]  ? security_file_permission+0x71/0x210
[  254.090514][ T8374]  ? rw_verify_area+0xcf/0x680
[  254.090534][ T8374]  ? __pfx_uinput_write+0x10/0x10
[  254.090546][ T8374]  vfs_writev+0x5dc/0xde0
[  254.090570][ T8374]  ? __pfx_vfs_writev+0x10/0x10
[  254.090602][ T8374]  ? __fget_files+0x20e/0x3c0
[  254.090620][ T8374]  ? __fget_files+0x140/0x3c0
[  254.090643][ T8374]  ? do_writev+0x28c/0x340
[  254.090659][ T8374]  do_writev+0x28c/0x340
[  254.090678][ T8374]  ? __pfx_do_writev+0x10/0x10
[  254.090701][ T8374]  do_syscall_64+0xcd/0x490
[  254.090724][ T8374]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.090738][ T8374] RIP: 0033:0x7fd506b8e929
[  254.090750][ T8374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.090763][ T8374] RSP: 002b:00007fd507a1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  254.090776][ T8374] RAX: ffffffffffffffda RBX: 00007fd506db5fa0 RCX: 00007fd506b8e929
[  254.090786][ T8374] RDX: 0000000000000009 RSI: 0000200000000340 RDI: 0000000000000003
[  254.090794][ T8374] RBP: 00007fd507a1c090 R08: 0000000000000000 R09: 0000000000000000
[  254.090802][ T8374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  254.090810][ T8374] R13: 0000000000000000 R14: 00007fd506db5fa0 R15: 00007ffced2ac718
[  254.090828][ T8374]  </TASK>
[  254.092697][ T8367] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  254.570548][ T8382] FAULT_INJECTION: forcing a failure.
[  254.570548][ T8382] name failslab, interval 1, probability 0, space 0, times 0
[  254.623253][ T8382] CPU: 0 UID: 0 PID: 8382 Comm: syz.2.614 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  254.623292][ T8382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  254.623306][ T8382] Call Trace:
[  254.623315][ T8382]  <TASK>
[  254.623325][ T8382]  dump_stack_lvl+0x16c/0x1f0
[  254.623371][ T8382]  should_fail_ex+0x512/0x640
[  254.623410][ T8382]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  254.623457][ T8382]  should_failslab+0xc2/0x120
[  254.623486][ T8382]  __kmalloc_cache_noprof+0x6a/0x3e0
[  254.623522][ T8382]  ? drm_atomic_state_alloc+0xb8/0x120
[  254.623559][ T8382]  drm_atomic_state_alloc+0xb8/0x120
[  254.623591][ T8382]  drm_client_modeset_commit_atomic+0xcc/0x7e0
[  254.623625][ T8382]  ? __pfx___might_resched+0x10/0x10
[  254.623656][ T8382]  ? rcu_is_watching+0x12/0xc0
[  254.623683][ T8382]  ? trace_contention_end+0xdd/0x130
[  254.623719][ T8382]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  254.623790][ T8382]  drm_client_modeset_commit_locked+0x14d/0x580
[  254.623828][ T8382]  drm_client_modeset_commit+0x4f/0x80
[  254.623858][ T8382]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[  254.623903][ T8382]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  254.623939][ T8382]  drm_fbdev_client_restore+0x2c/0x40
[  254.623974][ T8382]  drm_client_dev_restore+0x1f6/0x2a0
[  254.624011][ T8382]  drm_release+0x2c4/0x360
[  254.624041][ T8382]  ? __pfx_drm_release+0x10/0x10
[  254.624066][ T8382]  __fput+0x402/0xb70
[  254.624102][ T8382]  task_work_run+0x14d/0x240
[  254.624144][ T8382]  ? __pfx_task_work_run+0x10/0x10
[  254.624183][ T8382]  ? __pfx___do_sys_close_range+0x10/0x10
[  254.624230][ T8382]  exit_to_user_mode_loop+0xeb/0x110
[  254.624272][ T8382]  do_syscall_64+0x3f6/0x490
[  254.624315][ T8382]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.624342][ T8382] RIP: 0033:0x7fd506b8e929
[  254.624364][ T8382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.624390][ T8382] RSP: 002b:00007fd507a1c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  254.624416][ T8382] RAX: 0000000000000000 RBX: 00007fd506db5fa0 RCX: 00007fd506b8e929
[  254.624439][ T8382] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  254.624455][ T8382] RBP: 00007fd506c10b39 R08: 0000000000000000 R09: 0000000000000000
[  254.624471][ T8382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  254.624488][ T8382] R13: 0000000000000000 R14: 00007fd506db5fa0 R15: 00007ffced2ac718
[  254.624527][ T8382]  </TASK>
[  254.880953][    C0] vkms_vblank_simulate: vblank timer overrun
[  255.768509][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  255.774995][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  255.811982][ T8401] FAULT_INJECTION: forcing a failure.
[  255.811982][ T8401] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  255.812027][ T8401] CPU: 0 UID: 0 PID: 8401 Comm: syz.2.621 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  255.812060][ T8401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  255.812075][ T8401] Call Trace:
[  255.812083][ T8401]  <TASK>
[  255.812093][ T8401]  dump_stack_lvl+0x16c/0x1f0
[  255.812136][ T8401]  should_fail_ex+0x512/0x640
[  255.812179][ T8401]  _copy_to_iter+0x29f/0x16f0
[  255.812209][ T8401]  ? chacha_block_generic+0x211/0x330
[  255.812245][ T8401]  ? __pfx__copy_to_iter+0x10/0x10
[  255.812277][ T8401]  ? __pfx___might_resched+0x10/0x10
[  255.812304][ T8401]  ? crng_make_state+0x48e/0x6d0
[  255.812364][ T8401]  get_random_bytes_user+0x17f/0x3c0
[  255.812399][ T8401]  ? __pfx_get_random_bytes_user+0x10/0x10
[  255.812438][ T8401]  ? do_futex+0x122/0x350
[  255.812477][ T8401]  ? import_ubuf+0x1b6/0x220
[  255.812512][ T8401]  __x64_sys_getrandom+0x183/0x290
[  255.812546][ T8401]  ? __pfx___x64_sys_getrandom+0x10/0x10
[  255.812598][ T8401]  do_syscall_64+0xcd/0x490
[  255.812639][ T8401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.812673][ T8401] RIP: 0033:0x7fd506b8e929
[  255.812695][ T8401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.812721][ T8401] RSP: 002b:00007fd507a1c038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e
[  255.812744][ T8401] RAX: ffffffffffffffda RBX: 00007fd506db5fa0 RCX: 00007fd506b8e929
[  255.812762][ T8401] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000
[  255.812777][ T8401] RBP: 00007fd506c10b39 R08: 0000000000000000 R09: 0000000000000000
[  255.812793][ T8401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  255.812808][ T8401] R13: 0000000000000000 R14: 00007fd506db5fa0 R15: 00007ffced2ac718
[  255.812842][ T8401]  </TASK>
[  256.137581][ T8410] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28
[  256.306059][ T8397] tty tty18: ldisc open failed (-12), clearing slot 17
[  256.539309][    C0] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff8163eaa9 (__mcheck_cpu_init_clear_banks+0x109/0x1f0)
[  256.554687][    C0] Call Trace:
[  256.557976][    C0]  <IRQ>
[  256.560911][    C0]  ? __pfx_mce_cpu_restart+0x10/0x10
[  256.566221][    C0]  mce_cpu_restart+0x98/0xb0
[  256.570825][    C0]  __flush_smp_call_function_queue+0x27a/0x8c0
[  256.576987][    C0]  __sysvec_call_function_single+0x87/0x400
[  256.582891][    C0]  sysvec_call_function_single+0x9f/0xc0
[  256.588537][    C0]  </IRQ>
[  256.591466][    C0]  <TASK>
[  256.594398][    C0]  asm_sysvec_call_function_single+0x1a/0x20
[  256.600395][    C0] RIP: 0010:__rcu_read_unlock+0x0/0x580
[  256.605995][    C0] Code: c2 24 b7 a9 90 e9 60 fb ff ff e8 fb bb 7f 00 e9 6d fc ff ff 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 41 56 41 55 41 54 55 65 48 8b 2d 75 2b 2e 12 53 48 8d
[  256.625615][    C0] RSP: 0018:ffffc900040374f0 EFLAGS: 00000282
[  256.631681][    C0] RAX: 0000000000000000 RBX: ffffc900040378f0 RCX: ffffc900040374bc
[  256.639736][    C0] RDX: 0000000000000003 RSI: ffffffff8de04e18 RDI: ffffffff8c156a60
[  256.647711][    C0] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  256.655797][    C0] R10: 0000000000000000 R11: 000000000001213e R12: ffffc900040375b8
[  256.663786][    C0] R13: ffffc90004037568 R14: ffffc900040378f0 R15: ffffc9000403759c
[  256.671803][    C0]  unwind_next_frame+0x3fe/0x20a0
[  256.676854][    C0]  ? __kasan_slab_alloc+0x89/0x90
[  256.681883][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  256.688059][    C0]  arch_stack_walk+0x94/0x100
[  256.692741][    C0]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[  256.698393][    C0]  stack_trace_save+0x8e/0xc0
[  256.703076][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  256.708453][    C0]  ? anon_vma_fork+0x7a/0x620
[  256.713143][    C0]  kasan_save_stack+0x33/0x60
[  256.717838][    C0]  ? kasan_save_stack+0x33/0x60
[  256.722783][    C0]  ? kasan_save_track+0x14/0x30
[  256.727646][    C0]  ? __kasan_slab_alloc+0x89/0x90
[  256.732797][    C0]  kasan_save_track+0x14/0x30
[  256.737487][    C0]  __kasan_slab_alloc+0x89/0x90
[  256.742361][    C0]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  256.747842][    C0]  ? anon_vma_fork+0x200/0x620
[  256.752627][    C0]  anon_vma_fork+0x200/0x620
[  256.757232][    C0]  dup_mmap+0x152e/0x21d0
[  256.761581][    C0]  ? __pfx_dup_mmap+0x10/0x10
[  256.766282][    C0]  copy_process+0x4081/0x76a0
[  256.770969][    C0]  ? do_wp_page+0x1aa7/0x4f20
[  256.775662][    C0]  ? __pfx_copy_process+0x10/0x10
[  256.780709][    C0]  kernel_clone+0xfc/0x960
[  256.785133][    C0]  ? __pfx_kernel_clone+0x10/0x10
[  256.790207][    C0]  ? css_rstat_updated+0x9d/0xd30
[  256.795236][    C0]  __do_sys_clone+0xce/0x120
[  256.799833][    C0]  ? __pfx___do_sys_clone+0x10/0x10
[  256.805052][    C0]  ? handle_mm_fault+0x2ab/0xd10
[  256.810009][    C0]  ? do_user_addr_fault+0x843/0x1370
[  256.815320][    C0]  do_syscall_64+0xcd/0x490
[  256.819835][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.825734][    C0] RIP: 0033:0x7f971e385193
[  256.830154][    C0] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[  256.849787][    C0] RSP: 002b:00007fff3f5cb9d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  256.858212][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f971e385193
[  256.866274][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  256.874248][    C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
[  256.882215][    C0] R10: 000055558c96b7d0 R11: 0000000000000246 R12: 0000000000000000
[  256.890185][    C0] R13: 00000000000927c0 R14: 000000000003e94c R15: 00007fff3f5cbb70
[  256.898171][    C0]  </TASK>
[  256.902356][    C0] vkms_vblank_simulate: vblank timer overrun
[  257.318399][ T8415] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  257.324934][ T8415] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  257.356004][ T8415] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  257.363800][ T8415] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  257.700782][ T8434] FAULT_INJECTION: forcing a failure.
[  257.700782][ T8434] name failslab, interval 1, probability 0, space 0, times 0
[  257.733936][ T8434] CPU: 1 UID: 0 PID: 8434 Comm: syz.2.626 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  257.733961][ T8434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  257.733970][ T8434] Call Trace:
[  257.733975][ T8434]  <TASK>
[  257.733982][ T8434]  dump_stack_lvl+0x16c/0x1f0
[  257.734009][ T8434]  should_fail_ex+0x512/0x640
[  257.734030][ T8434]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  257.734057][ T8434]  should_failslab+0xc2/0x120
[  257.734073][ T8434]  __kmalloc_cache_noprof+0x6a/0x3e0
[  257.734100][ T8434]  ? drm_atomic_state_alloc+0xb8/0x120
[  257.734122][ T8434]  drm_atomic_state_alloc+0xb8/0x120
[  257.734140][ T8434]  drm_client_modeset_commit_atomic+0xcc/0x7e0
[  257.734158][ T8434]  ? __pfx___might_resched+0x10/0x10
[  257.734176][ T8434]  ? rcu_is_watching+0x12/0xc0
[  257.734191][ T8434]  ? trace_contention_end+0xdd/0x130
[  257.734212][ T8434]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  257.734249][ T8434]  drm_client_modeset_commit_locked+0x14d/0x580
[  257.734269][ T8434]  drm_client_modeset_commit+0x4f/0x80
[  257.734286][ T8434]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[  257.734311][ T8434]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  257.734330][ T8434]  drm_fbdev_client_restore+0x2c/0x40
[  257.734349][ T8434]  drm_client_dev_restore+0x1f6/0x2a0
[  257.734369][ T8434]  drm_release+0x2c4/0x360
[  257.734385][ T8434]  ? __pfx_drm_release+0x10/0x10
[  257.734398][ T8434]  __fput+0x402/0xb70
[  257.734418][ T8434]  task_work_run+0x14d/0x240
[  257.734440][ T8434]  ? __pfx_task_work_run+0x10/0x10
[  257.734462][ T8434]  ? __pfx___do_sys_close_range+0x10/0x10
[  257.734488][ T8434]  exit_to_user_mode_loop+0xeb/0x110
[  257.734511][ T8434]  do_syscall_64+0x3f6/0x490
[  257.734534][ T8434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.734549][ T8434] RIP: 0033:0x7fd506b8e929
[  257.734561][ T8434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.734575][ T8434] RSP: 002b:00007fd507a1c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  257.734590][ T8434] RAX: 0000000000000000 RBX: 00007fd506db5fa0 RCX: 00007fd506b8e929
[  257.734599][ T8434] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  257.734607][ T8434] RBP: 00007fd506c10b39 R08: 0000000000000000 R09: 0000000000000000
[  257.734615][ T8434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  257.734623][ T8434] R13: 0000000000000000 R14: 00007fd506db5fa0 R15: 00007ffced2ac718
[  257.734648][ T8434]  </TASK>
[  259.020041][   T30] audit: type=1400 audit(4294981755.625:5): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=8444 comm="syz.2.629"
[  259.355742][ T5849] Bluetooth: hci1: command 0x0c1a tx timeout
[  259.361872][ T5171] Bluetooth: hci0: command 0x0c1a tx timeout
[  259.438153][ T5849] Bluetooth: hci3: command 0x0c1a tx timeout
[  259.444246][ T5171] Bluetooth: hci2: command 0x0c1a tx timeout
[  259.909700][ T8459] FAULT_INJECTION: forcing a failure.
[  259.909700][ T8459] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  259.936593][ T8459] CPU: 0 UID: 0 PID: 8459 Comm: syz.1.632 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  259.936632][ T8459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  259.936647][ T8459] Call Trace:
[  259.936656][ T8459]  <TASK>
[  259.936679][ T8459]  dump_stack_lvl+0x16c/0x1f0
[  259.936723][ T8459]  should_fail_ex+0x512/0x640
[  259.936764][ T8459]  should_fail_alloc_page+0xe7/0x130
[  259.936795][ T8459]  prepare_alloc_pages+0x3c2/0x610
[  259.936827][ T8459]  ? rcu_is_watching+0x12/0xc0
[  259.936858][ T8459]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  259.936903][ T8459]  ? __lock_acquire+0x622/0x1c90
[  259.936940][ T8459]  ? xas_create+0x1d7/0x1460
[  259.936966][ T8459]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  259.937004][ T8459]  ? lock_acquire+0x179/0x350
[  259.937036][ T8459]  ? rcu_is_watching+0x12/0xc0
[  259.937073][ T8459]  ? __lock_acquire+0x622/0x1c90
[  259.937105][ T8459]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  259.937146][ T8459]  ? policy_nodemask+0xea/0x4e0
[  259.937173][ T8459]  alloc_pages_mpol+0x1fb/0x550
[  259.937200][ T8459]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  259.937225][ T8459]  ? filemap_get_entry+0x1a7/0x3b0
[  259.937255][ T8459]  folio_alloc_noprof+0x20/0x2d0
[  259.937285][ T8459]  filemap_alloc_folio_noprof+0x3a1/0x470
[  259.937322][ T8459]  ? __pfx_filemap_alloc_folio_noprof+0x10/0x10
[  259.937362][ T8459]  __filemap_get_folio+0x5e1/0xc30
[  259.937394][ T8459]  ioctx_alloc+0x761/0x2120
[  259.937440][ T8459]  ? __pfx_ioctx_alloc+0x10/0x10
[  259.937469][ T8459]  ? __might_fault+0x13b/0x190
[  259.937511][ T8459]  __x64_sys_io_setup+0xc9/0x210
[  259.937544][ T8459]  do_syscall_64+0xcd/0x490
[  259.937579][ T8459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.937603][ T8459] RIP: 0033:0x7fb18658e929
[  259.937622][ T8459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.937646][ T8459] RSP: 002b:00007fb18740e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  259.937681][ T8459] RAX: ffffffffffffffda RBX: 00007fb1867b6080 RCX: 00007fb18658e929
[  259.937700][ T8459] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000007ffe
[  259.937716][ T8459] RBP: 00007fb186610b39 R08: 0000000000000000 R09: 0000000000000000
[  259.937732][ T8459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  259.937749][ T8459] R13: 0000000000000000 R14: 00007fb1867b6080 R15: 00007ffcc680a0f8
[  259.937784][ T8459]  </TASK>
[  260.187476][    C0] vkms_vblank_simulate: vblank timer overrun
[  260.391452][ T8467] kAFS: unparsable volume name
[  260.697611][ T8474] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29
[  260.877237][ T5859] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  261.190989][ T8477] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30
[  261.771099][ T8499] netlink: 350 bytes leftover after parsing attributes in process `syz.0.644'.
[  262.255004][ T8505] FAULT_INJECTION: forcing a failure.
[  262.255004][ T8505] name failslab, interval 1, probability 0, space 0, times 0
[  262.343126][ T8505] CPU: 1 UID: 0 PID: 8505 Comm: syz.3.646 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  262.343161][ T8505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  262.343175][ T8505] Call Trace:
[  262.343183][ T8505]  <TASK>
[  262.343192][ T8505]  dump_stack_lvl+0x16c/0x1f0
[  262.343232][ T8505]  should_fail_ex+0x512/0x640
[  262.343273][ T8505]  should_failslab+0xc2/0x120
[  262.343298][ T8505]  __kmalloc_cache_noprof+0x6a/0x3e0
[  262.343332][ T8505]  ? __hw_addr_add_ex+0x3c9/0x7c0
[  262.343365][ T8505]  __hw_addr_add_ex+0x3c9/0x7c0
[  262.343398][ T8505]  ? __pfx___hw_addr_add_ex+0x10/0x10
[  262.343425][ T8505]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  262.343474][ T8505]  ? __pfx_ppp_setup+0x10/0x10
[  262.343498][ T8505]  dev_addr_init+0x161/0x250
[  262.343526][ T8505]  ? __pfx_dev_addr_init+0x10/0x10
[  262.343569][ T8505]  alloc_netdev_mqs+0x3d2/0x1570
[  262.343613][ T8505]  ppp_ioctl+0x1761/0x2660
[  262.343646][ T8505]  ? find_held_lock+0x2b/0x80
[  262.343671][ T8505]  ? __pfx_ppp_ioctl+0x10/0x10
[  262.343707][ T8505]  ? __fget_files+0x20e/0x3c0
[  262.343745][ T8505]  ? __pfx_ppp_ioctl+0x10/0x10
[  262.343775][ T8505]  __x64_sys_ioctl+0x18b/0x210
[  262.343808][ T8505]  do_syscall_64+0xcd/0x490
[  262.343846][ T8505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.343870][ T8505] RIP: 0033:0x7f27a038e929
[  262.343890][ T8505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.343913][ T8505] RSP: 002b:00007f27a1142038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  262.343936][ T8505] RAX: ffffffffffffffda RBX: 00007f27a05b5fa0 RCX: 00007f27a038e929
[  262.343952][ T8505] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000004
[  262.343967][ T8505] RBP: 00007f27a1142090 R08: 0000000000000000 R09: 0000000000000000
[  262.343981][ T8505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  262.343995][ T8505] R13: 0000000000000000 R14: 00007f27a05b5fa0 R15: 00007ffcac9b0ad8
[  262.344029][ T8505]  </TASK>
[  262.694222][ T8513] FAULT_INJECTION: forcing a failure.
[  262.694222][ T8513] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  262.792413][ T8513] CPU: 0 UID: 0 PID: 8513 Comm: syz.2.650 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  262.792450][ T8513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  262.792465][ T8513] Call Trace:
[  262.792473][ T8513]  <TASK>
[  262.792482][ T8513]  dump_stack_lvl+0x16c/0x1f0
[  262.792524][ T8513]  should_fail_ex+0x512/0x640
[  262.792564][ T8513]  strncpy_from_user+0x3b/0x2e0
[  262.792601][ T8513]  getname_flags.part.0+0x8f/0x550
[  262.792634][ T8513]  getname_flags+0x93/0xf0
[  262.792666][ T8513]  do_sys_openat2+0xb8/0x1d0
[  262.792693][ T8513]  ? __pfx_do_sys_openat2+0x10/0x10
[  262.792725][ T8513]  ? __fget_files+0x20e/0x3c0
[  262.792763][ T8513]  __x64_sys_openat+0x174/0x210
[  262.792791][ T8513]  ? __pfx___x64_sys_openat+0x10/0x10
[  262.792816][ T8513]  ? ksys_write+0x1ac/0x250
[  262.792861][ T8513]  do_syscall_64+0xcd/0x490
[  262.792899][ T8513]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.792924][ T8513] RIP: 0033:0x7fd506b8e929
[  262.792943][ T8513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.792966][ T8513] RSP: 002b:00007fd507a1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  262.792989][ T8513] RAX: ffffffffffffffda RBX: 00007fd506db5fa0 RCX: 00007fd506b8e929
[  262.793005][ T8513] RDX: 0000000000000201 RSI: 0000200000000640 RDI: ffffffffffffff9c
[  262.793021][ T8513] RBP: 00007fd507a1c090 R08: 0000000000000000 R09: 0000000000000000
[  262.793035][ T8513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  262.793049][ T8513] R13: 0000000000000000 R14: 00007fd506db5fa0 R15: 00007ffced2ac718
[  262.793081][ T8513]  </TASK>
[  264.275260][ T8551] FAULT_INJECTION: forcing a failure.
[  264.275260][ T8551] name failslab, interval 1, probability 0, space 0, times 0
[  264.288113][ T8551] CPU: 0 UID: 0 PID: 8551 Comm: syz.3.661 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  264.288147][ T8551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  264.288160][ T8551] Call Trace:
[  264.288167][ T8551]  <TASK>
[  264.288175][ T8551]  dump_stack_lvl+0x16c/0x1f0
[  264.288213][ T8551]  should_fail_ex+0x512/0x640
[  264.288245][ T8551]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  264.288284][ T8551]  should_failslab+0xc2/0x120
[  264.288308][ T8551]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  264.288342][ T8551]  ? __kernfs_new_node+0xd2/0x8e0
[  264.288379][ T8551]  __kernfs_new_node+0xd2/0x8e0
[  264.288415][ T8551]  ? __pfx___kernfs_new_node+0x10/0x10
[  264.288464][ T8551]  ? find_held_lock+0x2b/0x80
[  264.288489][ T8551]  ? kernfs_root+0xee/0x2a0
[  264.288525][ T8551]  kernfs_new_node+0x13c/0x1e0
[  264.288552][ T8551]  __kernfs_create_file+0x53/0x350
[  264.288585][ T8551]  sysfs_add_file_mode_ns+0x207/0x3c0
[  264.288623][ T8551]  internal_create_group+0x578/0xf30
[  264.288677][ T8551]  ? __pfx_internal_create_group+0x10/0x10
[  264.288726][ T8551]  ? kernfs_create_link+0x1bd/0x240
[  264.288767][ T8551]  internal_create_groups+0x9d/0x150
[  264.288805][ T8551]  device_add+0x6d1/0x1a70
[  264.288836][ T8551]  ? __pfx_device_add+0x10/0x10
[  264.288862][ T8551]  ? lockdep_init_map_type+0x5c/0x280
[  264.288897][ T8551]  ? __init_waitqueue_head+0xca/0x150
[  264.288933][ T8551]  netdev_register_kobject+0x182/0x3a0
[  264.288975][ T8551]  register_netdevice+0x13dc/0x2270
[  264.289007][ T8551]  ? idr_alloc+0xdd/0x130
[  264.289037][ T8551]  ? __pfx_register_netdevice+0x10/0x10
[  264.289073][ T8551]  ppp_dev_configure+0x99b/0xc80
[  264.289107][ T8551]  ppp_ioctl+0x17e0/0x2660
[  264.289135][ T8551]  ? find_held_lock+0x2b/0x80
[  264.289158][ T8551]  ? __pfx_ppp_ioctl+0x10/0x10
[  264.289188][ T8551]  ? __fget_files+0x20e/0x3c0
[  264.289223][ T8551]  ? __pfx_ppp_ioctl+0x10/0x10
[  264.289252][ T8551]  __x64_sys_ioctl+0x18b/0x210
[  264.289286][ T8551]  do_syscall_64+0xcd/0x490
[  264.289323][ T8551]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.289348][ T8551] RIP: 0033:0x7f27a038e929
[  264.289368][ T8551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.289391][ T8551] RSP: 002b:00007f27a1142038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  264.289414][ T8551] RAX: ffffffffffffffda RBX: 00007f27a05b5fa0 RCX: 00007f27a038e929
[  264.289436][ T8551] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000007
[  264.289450][ T8551] RBP: 00007f27a1142090 R08: 0000000000000000 R09: 0000000000000000
[  264.289464][ T8551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  264.289478][ T8551] R13: 0000000000000000 R14: 00007f27a05b5fa0 R15: 00007ffcac9b0ad8
[  264.289512][ T8551]  </TASK>
[  269.081461][ T8603] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  270.040501][ T5859] Bluetooth: hci2: SCO packet too small
[  270.449857][ T8639] random: crng reseeded on system resumption
[  270.756256][   T30] audit: type=1326 audit(4294981767.349:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8646 comm="syz.0.690" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f971e38e929 code=0x0
[  271.284943][ T8659] kAFS: unparsable volume name
[  271.841068][ T8667] FAULT_INJECTION: forcing a failure.
[  271.841068][ T8667] name failslab, interval 1, probability 0, space 0, times 0
[  271.869909][ T8666] netlink: 'syz.1.697': attribute type 10 has an invalid length.
[  271.881874][ T8667] CPU: 1 UID: 0 PID: 8667 Comm: syz.0.696 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  271.881911][ T8667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  271.881926][ T8667] Call Trace:
[  271.881935][ T8667]  <TASK>
[  271.881945][ T8667]  dump_stack_lvl+0x16c/0x1f0
[  271.881989][ T8667]  should_fail_ex+0x512/0x640
[  271.882027][ T8667]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  271.882070][ T8667]  should_failslab+0xc2/0x120
[  271.882097][ T8667]  __kmalloc_cache_noprof+0x6a/0x3e0
[  271.882138][ T8667]  ? ww_mutex_lock+0x37/0x160
[  271.882177][ T8667]  ? vkms_plane_duplicate_state+0x45/0x130
[  271.882207][ T8667]  ? modeset_lock+0x114/0x6e0
[  271.882250][ T8667]  vkms_plane_duplicate_state+0x45/0x130
[  271.882281][ T8667]  drm_atomic_get_plane_state+0x20b/0x590
[  271.882314][ T8667]  drm_client_modeset_commit_atomic+0x237/0x7e0
[  271.882346][ T8667]  ? __pfx___might_resched+0x10/0x10
[  271.882384][ T8667]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  271.882447][ T8667]  drm_client_modeset_commit_locked+0x14d/0x580
[  271.882484][ T8667]  drm_client_modeset_commit+0x4f/0x80
[  271.882515][ T8667]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[  271.882559][ T8667]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  271.882595][ T8667]  drm_fbdev_client_restore+0x2c/0x40
[  271.882629][ T8667]  drm_client_dev_restore+0x1f6/0x2a0
[  271.882675][ T8667]  drm_release+0x2c4/0x360
[  271.882706][ T8667]  ? __pfx_drm_release+0x10/0x10
[  271.882732][ T8667]  __fput+0x402/0xb70
[  271.882769][ T8667]  task_work_run+0x14d/0x240
[  271.882810][ T8667]  ? __pfx_task_work_run+0x10/0x10
[  271.882849][ T8667]  ? __pfx___do_sys_close_range+0x10/0x10
[  271.882895][ T8667]  exit_to_user_mode_loop+0xeb/0x110
[  271.882938][ T8667]  do_syscall_64+0x3f6/0x490
[  271.882978][ T8667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.883002][ T8667] RIP: 0033:0x7f971e38e929
[  271.883023][ T8667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.883049][ T8667] RSP: 002b:00007f971f1d0038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  271.883076][ T8667] RAX: 0000000000000000 RBX: 00007f971e5b5fa0 RCX: 00007f971e38e929
[  271.883095][ T8667] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  271.883112][ T8667] RBP: 00007f971e410b39 R08: 0000000000000000 R09: 0000000000000000
[  271.883129][ T8667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  271.883144][ T8667] R13: 0000000000000000 R14: 00007f971e5b5fa0 R15: 00007fff3f5cb758
[  271.883182][ T8667]  </TASK>
[  272.144738][    C1] vkms_vblank_simulate: vblank timer overrun
[  272.597449][ T8678] openvswitch: netlink: IP tunnel dst address not specified
[  273.953770][ T8700] FAULT_INJECTION: forcing a failure.
[  273.953770][ T8700] name failslab, interval 1, probability 0, space 0, times 0
[  273.984273][ T8700] CPU: 1 UID: 0 PID: 8700 Comm: syz.3.706 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  273.984311][ T8700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  273.984327][ T8700] Call Trace:
[  273.984336][ T8700]  <TASK>
[  273.984346][ T8700]  dump_stack_lvl+0x16c/0x1f0
[  273.984393][ T8700]  should_fail_ex+0x512/0x640
[  273.984429][ T8700]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  273.984481][ T8700]  should_failslab+0xc2/0x120
[  273.984509][ T8700]  __kmalloc_cache_noprof+0x6a/0x3e0
[  273.984545][ T8700]  ? vkms_plane_duplicate_state+0x87/0x130
[  273.984575][ T8700]  ? kasan_save_track+0x14/0x30
[  273.984616][ T8700]  vkms_plane_duplicate_state+0x87/0x130
[  273.984647][ T8700]  drm_atomic_get_plane_state+0x20b/0x590
[  273.984680][ T8700]  drm_client_modeset_commit_atomic+0x237/0x7e0
[  273.984712][ T8700]  ? __pfx___might_resched+0x10/0x10
[  273.984749][ T8700]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  273.984820][ T8700]  drm_client_modeset_commit_locked+0x14d/0x580
[  273.984857][ T8700]  drm_client_modeset_commit+0x4f/0x80
[  273.984889][ T8700]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[  273.984934][ T8700]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  273.984968][ T8700]  drm_fbdev_client_restore+0x2c/0x40
[  273.985002][ T8700]  drm_client_dev_restore+0x1f6/0x2a0
[  273.985038][ T8700]  drm_release+0x2c4/0x360
[  273.985067][ T8700]  ? __pfx_drm_release+0x10/0x10
[  273.985091][ T8700]  __fput+0x402/0xb70
[  273.985127][ T8700]  task_work_run+0x14d/0x240
[  273.985162][ T8700]  ? __pfx_task_work_run+0x10/0x10
[  273.985199][ T8700]  ? __pfx___do_sys_close_range+0x10/0x10
[  273.985243][ T8700]  exit_to_user_mode_loop+0xeb/0x110
[  273.985284][ T8700]  do_syscall_64+0x3f6/0x490
[  273.985325][ T8700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.985351][ T8700] RIP: 0033:0x7f27a038e929
[  273.985371][ T8700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  273.985397][ T8700] RSP: 002b:00007f27a1142038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  273.985423][ T8700] RAX: 0000000000000000 RBX: 00007f27a05b5fa0 RCX: 00007f27a038e929
[  273.985440][ T8700] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  273.985462][ T8700] RBP: 00007f27a0410b39 R08: 0000000000000000 R09: 0000000000000000
[  273.985478][ T8700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  273.985493][ T8700] R13: 0000000000000000 R14: 00007f27a05b5fa0 R15: 00007ffcac9b0ad8
[  273.985530][ T8700]  </TASK>
[  274.240932][    C1] vkms_vblank_simulate: vblank timer overrun
[  275.707794][ T8736] FAULT_INJECTION: forcing a failure.
[  275.707794][ T8736] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  275.738909][ T8736] CPU: 1 UID: 0 PID: 8736 Comm: syz.1.716 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  275.738931][ T8736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  275.738940][ T8736] Call Trace:
[  275.738945][ T8736]  <TASK>
[  275.738951][ T8736]  dump_stack_lvl+0x16c/0x1f0
[  275.738977][ T8736]  should_fail_ex+0x512/0x640
[  275.739002][ T8736]  _copy_from_iter+0x29f/0x16f0
[  275.739027][ T8736]  ? __alloc_skb+0x200/0x380
[  275.739047][ T8736]  ? __pfx__copy_from_iter+0x10/0x10
[  275.739078][ T8736]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  275.739099][ T8736]  netlink_sendmsg+0x829/0xdd0
[  275.739117][ T8736]  ? __pfx_netlink_sendmsg+0x10/0x10
[  275.739138][ T8736]  ____sys_sendmsg+0xa98/0xc70
[  275.739155][ T8736]  ? copy_msghdr_from_user+0x10a/0x160
[  275.739175][ T8736]  ? __pfx_____sys_sendmsg+0x10/0x10
[  275.739202][ T8736]  ___sys_sendmsg+0x134/0x1d0
[  275.739223][ T8736]  ? __pfx____sys_sendmsg+0x10/0x10
[  275.739241][ T8736]  ? __lock_acquire+0x622/0x1c90
[  275.739282][ T8736]  __sys_sendmsg+0x16d/0x220
[  275.739302][ T8736]  ? __pfx___sys_sendmsg+0x10/0x10
[  275.739339][ T8736]  do_syscall_64+0xcd/0x490
[  275.739362][ T8736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.739376][ T8736] RIP: 0033:0x7fb18658e929
[  275.739388][ T8736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.739401][ T8736] RSP: 002b:00007fb18740e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  275.739415][ T8736] RAX: ffffffffffffffda RBX: 00007fb1867b6080 RCX: 00007fb18658e929
[  275.739424][ T8736] RDX: 0000000000064810 RSI: 0000200000000180 RDI: 0000000000000003
[  275.739432][ T8736] RBP: 00007fb18740e090 R08: 0000000000000000 R09: 0000000000000000
[  275.739441][ T8736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  275.739448][ T8736] R13: 0000000000000000 R14: 00007fb1867b6080 R15: 00007ffcc680a0f8
[  275.739466][ T8736]  </TASK>
[  275.937191][    C1] vkms_vblank_simulate: vblank timer overrun
[  277.020431][ T8744] FAULT_INJECTION: forcing a failure.
[  277.020431][ T8744] name failslab, interval 1, probability 0, space 0, times 0
[  277.044397][ T8744] CPU: 1 UID: 0 PID: 8744 Comm: syz.1.718 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  277.044430][ T8744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  277.044444][ T8744] Call Trace:
[  277.044452][ T8744]  <TASK>
[  277.044462][ T8744]  dump_stack_lvl+0x16c/0x1f0
[  277.044502][ T8744]  should_fail_ex+0x512/0x640
[  277.044535][ T8744]  ? fs_reclaim_acquire+0xae/0x150
[  277.044567][ T8744]  ? tomoyo_encode2+0x100/0x3e0
[  277.044599][ T8744]  should_failslab+0xc2/0x120
[  277.044624][ T8744]  __kmalloc_noprof+0xd2/0x510
[  277.044659][ T8744]  ? d_absolute_path+0x136/0x1a0
[  277.044691][ T8744]  tomoyo_encode2+0x100/0x3e0
[  277.044729][ T8744]  tomoyo_encode+0x29/0x50
[  277.044761][ T8744]  tomoyo_realpath_from_path+0x18f/0x6e0
[  277.044805][ T8744]  tomoyo_check_open_permission+0x2ab/0x3c0
[  277.044837][ T8744]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  277.044980][ T8744]  ? do_raw_spin_lock+0x12c/0x2b0
[  277.045033][ T8744]  tomoyo_file_open+0x6b/0x90
[  277.045060][ T8744]  security_file_open+0x84/0x1e0
[  277.045094][ T8744]  do_dentry_open+0x596/0x1c10
[  277.045174][ T8744]  vfs_open+0x82/0x3f0
[  277.045207][ T8744]  path_openat+0x1de4/0x2cb0
[  277.045255][ T8744]  ? __pfx_path_openat+0x10/0x10
[  277.045292][ T8744]  ? __lock_acquire+0xb8a/0x1c90
[  277.045328][ T8744]  do_filp_open+0x20b/0x470
[  277.045363][ T8744]  ? __pfx_do_filp_open+0x10/0x10
[  277.045424][ T8744]  ? alloc_fd+0x471/0x7d0
[  277.045469][ T8744]  do_sys_openat2+0x11b/0x1d0
[  277.045498][ T8744]  ? __pfx_do_sys_openat2+0x10/0x10
[  277.045527][ T8744]  ? __fget_files+0x20e/0x3c0
[  277.045566][ T8744]  __x64_sys_openat+0x174/0x210
[  277.045596][ T8744]  ? __pfx___x64_sys_openat+0x10/0x10
[  277.045623][ T8744]  ? ksys_write+0x1ac/0x250
[  277.045670][ T8744]  do_syscall_64+0xcd/0x490
[  277.045708][ T8744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.045730][ T8744] RIP: 0033:0x7fb18658e929
[  277.045749][ T8744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  277.045769][ T8744] RSP: 002b:00007fb1873ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  277.045787][ T8744] RAX: ffffffffffffffda RBX: 00007fb1867b6160 RCX: 00007fb18658e929
[  277.045802][ T8744] RDX: 0000000000020081 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  277.045816][ T8744] RBP: 00007fb1873ed090 R08: 0000000000000000 R09: 0000000000000000
[  277.045828][ T8744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  277.045841][ T8744] R13: 0000000000000000 R14: 00007fb1867b6160 R15: 00007ffcc680a0f8
[  277.045861][ T8744]  </TASK>
[  277.048110][ T8744] ERROR: Out of memory at tomoyo_realpath_from_path.
[  277.751614][ T8755] netlink: 12 bytes leftover after parsing attributes in process `syz.3.722'.
[  280.392577][ T5859] Bluetooth: hci2: unexpected event 0x01 length: 5 > 1
[  281.755246][ T8832] netlink: 4 bytes leftover after parsing attributes in process `syz.1.739'.
[  286.452431][ T8890] sp0: Synchronizing with TNC
[  291.119546][ T8975] FAULT_INJECTION: forcing a failure.
[  291.119546][ T8975] name fail_futex, interval 1, probability 0, space 0, times 0
[  291.182345][ T8975] CPU: 0 UID: 0 PID: 8975 Comm: syz.1.777 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  291.182386][ T8975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  291.182402][ T8975] Call Trace:
[  291.182411][ T8975]  <TASK>
[  291.182422][ T8975]  dump_stack_lvl+0x16c/0x1f0
[  291.182466][ T8975]  should_fail_ex+0x512/0x640
[  291.182509][ T8975]  get_futex_key+0x1d0/0x1540
[  291.182545][ T8975]  ? __pfx_get_futex_key+0x10/0x10
[  291.182588][ T8975]  futex_wake+0xea/0x530
[  291.182634][ T8975]  ? __pfx_futex_wake+0x10/0x10
[  291.182670][ T8975]  ? rcu_is_watching+0x12/0xc0
[  291.182713][ T8975]  do_futex+0x1e3/0x350
[  291.182745][ T8975]  ? __pfx_do_futex+0x10/0x10
[  291.182781][ T8975]  ? __pfx___might_resched+0x10/0x10
[  291.182813][ T8975]  __x64_sys_futex+0x1e0/0x4c0
[  291.182846][ T8975]  ? __pfx_blkcg_maybe_throttle_current+0x10/0x10
[  291.182881][ T8975]  ? __pfx___x64_sys_futex+0x10/0x10
[  291.182914][ T8975]  ? __pfx___do_sys_close_range+0x10/0x10
[  291.182964][ T8975]  do_syscall_64+0xcd/0x490
[  291.183003][ T8975]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.183025][ T8975] RIP: 0033:0x7fb18658e929
[  291.183048][ T8975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.183075][ T8975] RSP: 002b:00007fb18740e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  291.183097][ T8975] RAX: ffffffffffffffda RBX: 00007fb1867b6088 RCX: 00007fb18658e929
[  291.183115][ T8975] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb1867b608c
[  291.183131][ T8975] RBP: 00007fb1867b6080 R08: 00007fb187430000 R09: 0000000000000000
[  291.183148][ T8975] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1867b608c
[  291.183164][ T8975] R13: 0000000000000000 R14: 00007ffcc680a010 R15: 00007ffcc680a0f8
[  291.183198][ T8975]  </TASK>
[  293.171409][ T9003] openvswitch: netlink: IP tunnel dst address not specified
[  293.884319][ T5849] Bluetooth: hci3: Malformed LE Event: 0x1d
[  293.888736][ T9016] FAULT_INJECTION: forcing a failure.
[  293.888736][ T9016] name failslab, interval 1, probability 0, space 0, times 0
[  293.947651][ T9016] CPU: 0 UID: 0 PID: 9016 Comm: syz.0.788 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  293.947691][ T9016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  293.947706][ T9016] Call Trace:
[  293.947714][ T9016]  <TASK>
[  293.947724][ T9016]  dump_stack_lvl+0x16c/0x1f0
[  293.947767][ T9016]  should_fail_ex+0x512/0x640
[  293.947803][ T9016]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  293.947845][ T9016]  should_failslab+0xc2/0x120
[  293.947869][ T9016]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  293.947904][ T9016]  ? find_held_lock+0x2b/0x80
[  293.947927][ T9016]  ? __alloc_skb+0x2b2/0x380
[  293.947966][ T9016]  __alloc_skb+0x2b2/0x380
[  293.948000][ T9016]  ? __pfx___alloc_skb+0x10/0x10
[  293.948036][ T9016]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  293.948068][ T9016]  netlink_alloc_large_skb+0x69/0x130
[  293.948097][ T9016]  netlink_sendmsg+0x6a1/0xdd0
[  293.948138][ T9016]  ? __pfx_netlink_sendmsg+0x10/0x10
[  293.948180][ T9016]  __sys_sendto+0x4a3/0x520
[  293.948216][ T9016]  ? __pfx___sys_sendto+0x10/0x10
[  293.948265][ T9016]  ? fd_install+0x225/0x750
[  293.948315][ T9016]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x230
[  293.948350][ T9016]  ? syscall_user_dispatch+0x78/0x140
[  293.948378][ T9016]  __x64_sys_sendto+0xe0/0x1c0
[  293.948411][ T9016]  ? syscall_trace_enter+0x5e/0x260
[  293.948451][ T9016]  do_syscall_64+0xcd/0x490
[  293.948493][ T9016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.948518][ T9016] RIP: 0033:0x7f971e3907bc
[  293.948540][ T9016] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  293.948566][ T9016] RSP: 002b:00007f971f1ceec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  293.948591][ T9016] RAX: ffffffffffffffda RBX: 00007f971f1cefc0 RCX: 00007f971e3907bc
[  293.948609][ T9016] RDX: 0000000000000028 RSI: 00007f971f1cf010 RDI: 0000000000000006
[  293.948625][ T9016] RBP: 0000000000000000 R08: 00007f971f1cef14 R09: 000000000000000c
[  293.948641][ T9016] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000006
[  293.948657][ T9016] R13: 00007f971f1cef68 R14: 00007f971f1cf010 R15: 0000000000000000
[  293.948691][ T9016]  </TASK>
[  298.492779][ T9096] FAULT_INJECTION: forcing a failure.
[  298.492779][ T9096] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  298.506345][ T9096] CPU: 0 UID: 0 PID: 9096 Comm: syz.0.805 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  298.506377][ T9096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  298.506390][ T9096] Call Trace:
[  298.506397][ T9096]  <TASK>
[  298.506405][ T9096]  dump_stack_lvl+0x16c/0x1f0
[  298.506442][ T9096]  should_fail_ex+0x512/0x640
[  298.506475][ T9096]  strncpy_from_user+0x3b/0x2e0
[  298.506505][ T9096]  getname_flags.part.0+0x8f/0x550
[  298.506533][ T9096]  getname_flags+0x93/0xf0
[  298.506562][ T9096]  do_sys_openat2+0xb8/0x1d0
[  298.506585][ T9096]  ? __pfx_do_sys_openat2+0x10/0x10
[  298.506630][ T9096]  __x64_sys_openat+0x174/0x210
[  298.506655][ T9096]  ? __pfx___x64_sys_openat+0x10/0x10
[  298.506691][ T9096]  do_syscall_64+0xcd/0x490
[  298.506725][ T9096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.506745][ T9096] RIP: 0033:0x7f971e38e929
[  298.506762][ T9096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  298.506781][ T9096] RSP: 002b:00007f971f1af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  298.506800][ T9096] RAX: ffffffffffffffda RBX: 00007f971e5b6080 RCX: 00007f971e38e929
[  298.506813][ T9096] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffffffffffff9c
[  298.506825][ T9096] RBP: 00007f971e410b39 R08: 0000000000000000 R09: 0000000000000000
[  298.506837][ T9096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  298.506849][ T9096] R13: 0000000000000000 R14: 00007f971e5b6080 R15: 00007fff3f5cb758
[  298.506875][ T9096]  </TASK>
[  303.839723][ T5849] Bluetooth: hci3: Malformed LE Event: 0x1d
[  304.527847][ T9212] FAULT_INJECTION: forcing a failure.
[  304.527847][ T9212] name failslab, interval 1, probability 0, space 0, times 0
[  304.598612][ T9212] CPU: 0 UID: 0 PID: 9212 Comm: syz.0.842 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  304.598649][ T9212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  304.598664][ T9212] Call Trace:
[  304.598673][ T9212]  <TASK>
[  304.598683][ T9212]  dump_stack_lvl+0x16c/0x1f0
[  304.598730][ T9212]  should_fail_ex+0x512/0x640
[  304.598765][ T9212]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  304.598802][ T9212]  should_failslab+0xc2/0x120
[  304.598824][ T9212]  __kmalloc_cache_noprof+0x6a/0x3e0
[  304.598857][ T9212]  ? mon_bin_open+0x1a8/0x4a0
[  304.598888][ T9212]  mon_bin_open+0x1a8/0x4a0
[  304.598913][ T9212]  ? __pfx_mon_bin_open+0x10/0x10
[  304.598942][ T9212]  chrdev_open+0x231/0x6a0
[  304.598964][ T9212]  ? __pfx_apparmor_file_open+0x10/0x10
[  304.598994][ T9212]  ? __pfx_chrdev_open+0x10/0x10
[  304.599017][ T9212]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  304.599052][ T9212]  do_dentry_open+0x744/0x1c10
[  304.599100][ T9212]  ? __pfx_chrdev_open+0x10/0x10
[  304.599129][ T9212]  vfs_open+0x82/0x3f0
[  304.599162][ T9212]  path_openat+0x1de4/0x2cb0
[  304.599207][ T9212]  ? __pfx_path_openat+0x10/0x10
[  304.599242][ T9212]  ? __lock_acquire+0xb8a/0x1c90
[  304.599278][ T9212]  do_filp_open+0x20b/0x470
[  304.599315][ T9212]  ? __pfx_do_filp_open+0x10/0x10
[  304.599375][ T9212]  ? alloc_fd+0x471/0x7d0
[  304.599414][ T9212]  do_sys_openat2+0x11b/0x1d0
[  304.599442][ T9212]  ? __pfx_do_sys_openat2+0x10/0x10
[  304.599482][ T9212]  __x64_sys_openat+0x174/0x210
[  304.599510][ T9212]  ? __pfx___x64_sys_openat+0x10/0x10
[  304.599535][ T9212]  do_syscall_64+0xcd/0x490
[  304.599559][ T9212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.599573][ T9212] RIP: 0033:0x7f971e38e929
[  304.599585][ T9212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  304.599599][ T9212] RSP: 002b:00007f971f1d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  304.599613][ T9212] RAX: ffffffffffffffda RBX: 00007f971e5b5fa0 RCX: 00007f971e38e929
[  304.599623][ T9212] RDX: 0000000000000400 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  304.599632][ T9212] RBP: 00007f971e410b39 R08: 0000000000000000 R09: 0000000000000000
[  304.599641][ T9212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  304.599650][ T9212] R13: 0000000000000000 R14: 00007f971e5b5fa0 R15: 00007fff3f5cb758
[  304.599668][ T9212]  </TASK>
[  305.389769][ T9228] 
[  305.392144][ T9228] ======================================================
[  305.399186][ T9228] WARNING: possible circular locking dependency detected
[  305.406218][ T9228] 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 Not tainted
[  305.413313][ T9228] ------------------------------------------------------
[  305.420323][ T9228] syz.0.846/9228 is trying to acquire lock:
[  305.426198][ T9228] ffff888078ea4220 (&root->kernfs_iattr_rwsem){++++}-{4:4}, at: kernfs_iop_getattr+0x9c/0xf0
[  305.436371][ T9228] 
[  305.436371][ T9228] but task is already holding lock:
[  305.443730][ T9228] ffff8880261558b0 (&q->q_usage_counter(io)#23){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  305.454986][ T9228] 
[  305.454986][ T9228] which lock already depends on the new lock.
[  305.454986][ T9228] 
[  305.465380][ T9228] 
[  305.465380][ T9228] the existing dependency chain (in reverse order) is:
[  305.474379][ T9228] 
[  305.474379][ T9228] -> #3 (&q->q_usage_counter(io)#23){++++}-{0:0}:
[  305.482979][ T9228]        blk_alloc_queue+0x619/0x760
[  305.488260][ T9228]        blk_mq_alloc_queue+0x175/0x290
[  305.493800][ T9228]        __blk_mq_alloc_disk+0x29/0x120
[  305.499392][ T9228]        loop_add+0x49e/0xb70
[  305.504060][ T9228]        loop_init+0x164/0x270
[  305.508821][ T9228]        do_one_initcall+0x120/0x6e0
[  305.514097][ T9228]        kernel_init_freeable+0x5c2/0x900
[  305.520348][ T9228]        kernel_init+0x1c/0x2b0
[  305.525230][ T9228]        ret_from_fork+0x5d4/0x6f0
[  305.530344][ T9228]        ret_from_fork_asm+0x1a/0x30
[  305.535622][ T9228] 
[  305.535622][ T9228] -> #2 (fs_reclaim){+.+.}-{0:0}:
[  305.542831][ T9228]        fs_reclaim_acquire+0x102/0x150
[  305.548459][ T9228]        kmem_cache_alloc_noprof+0x53/0x3b0
[  305.554347][ T9228]        __kernfs_iattrs+0xbc/0x3f0
[  305.559543][ T9228]        __kernfs_setattr+0x4d/0x3c0
[  305.564827][ T9228]        kernfs_iop_setattr+0xda/0x120
[  305.570369][ T9228]        notify_change+0x6a9/0x1230
[  305.575560][ T9228]        do_truncate+0x1d7/0x230
[  305.580510][ T9228]        path_openat+0x2678/0x2cb0
[  305.585615][ T9228]        do_filp_open+0x20b/0x470
[  305.590635][ T9228]        do_sys_openat2+0x11b/0x1d0
[  305.595827][ T9228]        __x64_sys_openat+0x174/0x210
[  305.601202][ T9228]        do_syscall_64+0xcd/0x490
[  305.606218][ T9228]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.612622][ T9228] 
[  305.612622][ T9228] -> #1 (iattr_mutex){+.+.}-{4:4}:
[  305.619909][ T9228]        __mutex_lock+0x199/0xb90
[  305.624971][ T9228]        __kernfs_iattrs+0x2b/0x3f0
[  305.630161][ T9228]        __kernfs_setattr+0x4d/0x3c0
[  305.635436][ T9228]        kernfs_iop_setattr+0xda/0x120
[  305.640941][ T9228]        notify_change+0x6a9/0x1230
[  305.646131][ T9228]        do_truncate+0x1d7/0x230
[  305.651067][ T9228]        path_openat+0x2678/0x2cb0
[  305.656270][ T9228]        do_filp_open+0x20b/0x470
[  305.661316][ T9228]        do_sys_openat2+0x11b/0x1d0
[  305.666523][ T9228]        __x64_sys_openat+0x174/0x210
[  305.671903][ T9228]        do_syscall_64+0xcd/0x490
[  305.676941][ T9228]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.683357][ T9228] 
[  305.683357][ T9228] -> #0 (&root->kernfs_iattr_rwsem){++++}-{4:4}:
[  305.691875][ T9228]        __lock_acquire+0x126f/0x1c90
[  305.697294][ T9228]        lock_acquire+0x179/0x350
[  305.702321][ T9228]        down_read+0x9b/0x480
[  305.706989][ T9228]        kernfs_iop_getattr+0x9c/0xf0
[  305.712377][ T9228]        vfs_getattr_nosec+0x2a9/0x430
[  305.717844][ T9228]        vfs_getattr+0x4a/0x60
[  305.722611][ T9228]        loop_query_min_dio_size.isra.0+0x117/0x250
[  305.729206][ T9228]        lo_ioctl+0x1d2e/0x2760
[  305.734055][ T9228]        blkdev_ioctl+0x277/0x6d0
[  305.739092][ T9228]        __x64_sys_ioctl+0x18b/0x210
[  305.744453][ T9228]        do_syscall_64+0xcd/0x490
[  305.749489][ T9228]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.755914][ T9228] 
[  305.755914][ T9228] other info that might help us debug this:
[  305.755914][ T9228] 
[  305.766140][ T9228] Chain exists of:
[  305.766140][ T9228]   &root->kernfs_iattr_rwsem --> fs_reclaim --> &q->q_usage_counter(io)#23
[  305.766140][ T9228] 
[  305.780596][ T9228]  Possible unsafe locking scenario:
[  305.780596][ T9228] 
[  305.788040][ T9228]        CPU0                    CPU1
[  305.793408][ T9228]        ----                    ----
[  305.798774][ T9228]   lock(&q->q_usage_counter(io)#23);
[  305.804164][ T9228]                                lock(fs_reclaim);
[  305.810669][ T9228]                                lock(&q->q_usage_counter(io)#23);
[  305.818579][ T9228]   rlock(&root->kernfs_iattr_rwsem);
[  305.823957][ T9228] 
[  305.823957][ T9228]  *** DEADLOCK ***
[  305.823957][ T9228] 
[  305.832094][ T9228] 3 locks held by syz.0.846/9228:
[  305.837207][ T9228]  #0: ffff888142f50400 (&lo->lo_mutex){+.+.}-{4:4}, at: loop_global_lock_killable+0x30/0xb0
[  305.847409][ T9228]  #1: ffff8880261558b0 (&q->q_usage_counter(io)#23){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  305.859176][ T9228]  #2: ffff8880261558e8 (&q->q_usage_counter(queue)#21){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  305.871122][ T9228] 
[  305.871122][ T9228] stack backtrace:
[  305.877000][ T9228] CPU: 0 UID: 0 PID: 9228 Comm: syz.0.846 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[  305.877024][ T9228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  305.877036][ T9228] Call Trace:
[  305.877044][ T9228]  <TASK>
[  305.877052][ T9228]  dump_stack_lvl+0x116/0x1f0
[  305.877083][ T9228]  print_circular_bug+0x275/0x350
[  305.877109][ T9228]  check_noncircular+0x14c/0x170
[  305.877135][ T9228]  __lock_acquire+0x126f/0x1c90
[  305.877164][ T9228]  lock_acquire+0x179/0x350
[  305.877187][ T9228]  ? kernfs_iop_getattr+0x9c/0xf0
[  305.877220][ T9228]  ? __pfx___might_resched+0x10/0x10
[  305.877242][ T9228]  down_read+0x9b/0x480
[  305.877259][ T9228]  ? kernfs_iop_getattr+0x9c/0xf0
[  305.877281][ T9228]  ? find_held_lock+0x2b/0x80
[  305.877299][ T9228]  ? __pfx_down_read+0x10/0x10
[  305.877316][ T9228]  ? kernfs_root+0xee/0x2a0
[  305.877341][ T9228]  kernfs_iop_getattr+0x9c/0xf0
[  305.877365][ T9228]  vfs_getattr_nosec+0x2a9/0x430
[  305.877384][ T9228]  ? __pfx_kernfs_iop_getattr+0x10/0x10
[  305.877409][ T9228]  vfs_getattr+0x4a/0x60
[  305.877426][ T9228]  loop_query_min_dio_size.isra.0+0x117/0x250
[  305.877451][ T9228]  ? __pfx_loop_query_min_dio_size.isra.0+0x10/0x10
[  305.877473][ T9228]  ? mark_held_locks+0x49/0x80
[  305.877504][ T9228]  ? blk_freeze_queue_start+0xec/0x140
[  305.877527][ T9228]  lo_ioctl+0x1d2e/0x2760
[  305.877552][ T9228]  ? kasan_save_stack+0x42/0x60
[  305.877578][ T9228]  ? kasan_save_stack+0x33/0x60
[  305.877603][ T9228]  ? kasan_save_track+0x14/0x30
[  305.877628][ T9228]  ? kasan_save_free_info+0x3b/0x60
[  305.877650][ T9228]  ? __kasan_slab_free+0x51/0x70
[  305.877665][ T9228]  ? kfree+0x2b4/0x4d0
[  305.877687][ T9228]  ? tomoyo_path_number_perm+0x470/0x580
[  305.877709][ T9228]  ? security_file_ioctl+0x9b/0x240
[  305.877731][ T9228]  ? __x64_sys_ioctl+0xb7/0x210
[  305.877752][ T9228]  ? do_syscall_64+0xcd/0x490
[  305.877778][ T9228]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.877800][ T9228]  ? __pfx_lo_ioctl+0x10/0x10
[  305.877831][ T9228]  ? kasan_quarantine_put+0x10a/0x240
[  305.877857][ T9228]  ? lockdep_hardirqs_on+0x7c/0x110
[  305.877884][ T9228]  ? find_held_lock+0x2b/0x80
[  305.877902][ T9228]  ? tomoyo_path_number_perm+0x295/0x580
[  305.877925][ T9228]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  305.877955][ T9228]  ? blkdev_common_ioctl+0x1dd/0x2480
[  305.877976][ T9228]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  305.877997][ T9228]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  305.878028][ T9228]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  305.878050][ T9228]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  305.878072][ T9228]  ? iput+0x519/0x880
[  305.878094][ T9228]  ? __sock_release+0x20b/0x270
[  305.878113][ T9228]  ? __pfx_lo_ioctl+0x10/0x10
[  305.878135][ T9228]  blkdev_ioctl+0x277/0x6d0
[  305.878156][ T9228]  ? __pfx_blkdev_ioctl+0x10/0x10
[  305.878179][ T9228]  ? __pfx_blkdev_ioctl+0x10/0x10
[  305.878206][ T9228]  __x64_sys_ioctl+0x18b/0x210
[  305.878228][ T9228]  do_syscall_64+0xcd/0x490
[  305.878255][ T9228]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.878274][ T9228] RIP: 0033:0x7f971e38e929
[  305.878290][ T9228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  305.878308][ T9228] RSP: 002b:00007f971f1af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  305.878326][ T9228] RAX: ffffffffffffffda RBX: 00007f971e5b6080 RCX: 00007f971e38e929
[  305.878340][ T9228] RDX: 0000000000000000 RSI: 0000000000004c06 RDI: 0000000000000001
[  305.878351][ T9228] RBP: 00007f971e410b39 R08: 0000000000000000 R09: 0000000000000000
[  305.878362][ T9228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  305.878373][ T9228] R13: 0000000000000000 R14: 00007f971e5b6080 R15: 00007fff3f5cb758
[  305.878391][ T9228]  </TASK>