last executing test programs:

4m28.098089388s ago: executing program 0 (id=3188):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
madvise$auto(0x0, 0x20200, 0x15)

4m25.467859678s ago: executing program 0 (id=3207):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x40009, 0x9, 0x9b72, 0x7, 0x28000)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x3a32182}, 0xed7138b}, 0x2, 0x9)
recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0)

4m25.040338033s ago: executing program 0 (id=3210):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x2001, 0x0)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200c9a1"], 0x1ac}}, 0x40000)
recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0)
write$auto(r0, 0x0, 0xfec)
write$auto(0x3, 0x0, 0xfdef)

4m23.840480802s ago: executing program 0 (id=3218):
adjtimex$auto(0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
select$auto(0x3, 0x0, &(0x7f0000000100)={[0xc0, 0xb, 0x0, 0x4, 0xfffffffffffffffc, 0x82, 0x6, 0x2, 0x9, 0xffff, 0x4000000000000002, 0xd, 0x10000000005, 0xfffffffffffffffe, 0xa, 0x1000000006]}, 0x0, 0x0)
syslog$auto(0x2, &(0x7f0000000000)='-#:\x00[\xda\xe2\xc3L\xd30{Q\xecvP\x93\x87\x1e\xdd\x95\x1b\x19qI\vv\xacO*X0V\x93\x85\xff\xb2\xdd\xd8\xd5Kh\xfa\xa3\xc7\x9b}\xec\x1e\xdc\x80\x1fR\xc30\x9a\xae\\\'\x14\x98\x98\xc3iDv\x97\xdfTMt\xe5?\xd0\xcc\xb8\xfa\a\x7f\x7f\x00\x00\x00\x00\x00\x00\x00n_\xb1\x1c\x7f\xb0y\xec\xe2\xcc\x1a/\xfa{d\xe4BN\x9c\xb9\x87.\xfe\xe7&1j\xe6]\xc3\x9anE6\x81\xe4\xec\xfa\xefE\xf7\x17h\xf4pumR\xd55Dd(\x0f(b\x1aD\xf4\x03\xc3\\\xdf\x8f\xa8\x82\xab\x102\xd1\xaf\xcaT\x86\x171\x11Q4\x94\x9d\xf5\x9c\xe3\xaa\xf3\xd26i\xf9\xb2\xd9T\xc9\xfd\xba\x91^\x19\x95\xde\xbc \xa8\x98\xc3\xed\xe9,{\xd4\xa1\xe4p\xcf\b\f\xb4\xbe_\xf2\xbe\xef\v\xf1d\xdd\x0e\xfc\xc3\xeaqt\x94\xe7\xce\xf1\xc5\x94~\xf6Cx\x0e\x98\xc7gE>*\x9c%\xa0\\\x14\t\tv.\x1c\x1a\xf1\xba\xc0>\xf4Hc\xc3\xfa\x033\x8f\xb9(\n/\xcdo\xc2', 0xcf)
clone$auto(0x1002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9)
madvise$auto(0x0, 0x2003f0, 0x15)

4m22.621985771s ago: executing program 0 (id=3228):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
r0 = socket(0x2, 0x1, 0x0)
setsockopt$auto(r0, 0x6, 0x16, 0x0, 0x40)
tkill$auto(0x1, 0x7)

4m19.183234418s ago: executing program 0 (id=3242):
mmap$auto(0x0, 0x8020009, 0xe2, 0xcb1, 0x401, 0x8040001008000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
socket(0x2, 0x80002, 0x73)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @local}, 0x6a)
sendmsg$auto_NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f000000a5c0)={0x0, 0x0, &(0x7f000000a580)={&(0x7f0000000080)={0x14, 0x0, 0x1, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000040}, 0x24008080)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x33a00, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x6, 0x0)

4m18.578906112s ago: executing program 32 (id=3242):
mmap$auto(0x0, 0x8020009, 0xe2, 0xcb1, 0x401, 0x8040001008000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
socket(0x2, 0x80002, 0x73)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @local}, 0x6a)
sendmsg$auto_NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f000000a5c0)={0x0, 0x0, &(0x7f000000a580)={&(0x7f0000000080)={0x14, 0x0, 0x1, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000040}, 0x24008080)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x33a00, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x6, 0x0)

1m55.359187694s ago: executing program 3 (id=4067):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2000000000000021, 0x2, 0x10000000000002)
socket(0x2a, 0x2, 0x0)
r0 = socket(0x2a, 0x2, 0x1)
connect$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0x4001}, 0x55)
bind$auto(0x3, &(0x7f0000000080)=@qipcrtr={0x2a, 0x1, 0x80f0}, 0x6b)
syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff)

1m53.431173684s ago: executing program 3 (id=4075):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x0, 0xfffffffffffff001, 0x2)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram5\x00', 0x680000, 0x0)
socket(0x2, 0x1, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0x4018aebd, 0x38)

1m52.484688618s ago: executing program 3 (id=4079):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x26, 0x80805, 0x0)
setresgid$auto(0x0, 0x6, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
ioctl$auto(0x3, 0xff09, 0x0)

1m52.223761112s ago: executing program 3 (id=4083):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
mkdir$auto(0x0, 0x353)

1m50.930383993s ago: executing program 3 (id=4090):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x60200, 0x0)
read$auto(r2, 0x0, 0x20)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x3}, 0x3)
sendmsg$auto_TIPC_NL_NET_GET(r0, 0x0, 0x2000000)
connect$auto(0x3, 0x0, 0x54)

1m47.274027729s ago: executing program 3 (id=4109):
syz_genetlink_get_family_id$auto_seg6(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0)
r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40602, 0x0)
read$auto(r0, 0x0, 0x7ff)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)

1m46.671583842s ago: executing program 33 (id=4109):
syz_genetlink_get_family_id$auto_seg6(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0)
r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40602, 0x0)
read$auto(r0, 0x0, 0x7ff)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)

4.479478919s ago: executing program 4 (id=4580):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x40000)
r1 = socket(0x10, 0x2, 0x9)
sendmsg$auto_NL80211_CMD_SET_COALESCE(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000004c04"], 0x5f}, 0x1, 0x0, 0x0, 0x40040094}, 0x40)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

3.529754429s ago: executing program 5 (id=4583):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0)
getdents64$auto(r0, 0x0, 0x400)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$auto_userfaultfd_dev_fops_userfaultfd(0xffffffffffffff9c, &(0x7f00000000c0), 0x81, 0x0)
ioctl$auto(0x3, 0x40a0ae49, r2)

2.916712932s ago: executing program 5 (id=4586):
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r0, &(0x7f0000000080)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7, 0x9)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
ioctl$auto(0x3, 0x80045438, 0x10000000000402)
unshare$auto(0x8000400)

2.246606159s ago: executing program 5 (id=4588):
mmap$auto(0x0, 0x40005, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
capget$auto(0x0, 0xfffffffffffffffe)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0)
r0 = socket(0x1d, 0x3, 0x1)
io_uring_setup$auto(0x40000002c55, 0x0)
setsockopt$auto(r0, 0x65, 0x1, 0x0, 0x800)
bind$auto(0x3, &(0x7f0000000040)=@can, 0x6a)

2.212536142s ago: executing program 1 (id=4589):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x6, 0x0)
open(0x0, 0x22240, 0x155)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
lsm_list_modules$auto(0x0, 0x0, 0x0)
io_uring_register$auto(0x2, 0xd, 0x0, 0x20)

2.057154815s ago: executing program 1 (id=4590):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0xdaa0, 0x1, 0x9}, 0x9, 0x0)
landlock_restrict_self$auto(r0, 0x0)
landlock_restrict_self$auto(r0, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd8\x00', 0x20000, 0x0)
ioctl$auto(r1, 0xab04, 0xffffffffffffffff)

1.901421158s ago: executing program 1 (id=4591):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x26, 0x80805, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
pidfd_getfd$auto(0x3, 0x1, 0x100000000)

1.886549767s ago: executing program 4 (id=4592):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
get_robust_list$auto(0x0, 0x0, 0x0)
io_uring_setup$auto(0x1, 0x0)
set_robust_list$auto(&(0x7f00000000c0)={{}, 0x1, &(0x7f0000000080)={&(0x7f0000000040)={&(0x7f0000000000)}}}, 0x6)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)

1.821983107s ago: executing program 1 (id=4593):
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = socket(0x2, 0x3, 0xa)
read$auto(0x3, 0x0, 0xf34)
setsockopt$auto(r0, 0x0, 0x19, 0x0, 0x9)

1.51304343s ago: executing program 5 (id=4595):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x1, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x0, @my=0x1}, 0x55)
listen$auto(0x3, 0x81)
accept$auto(0x3, 0x0, 0x0)

1.340114464s ago: executing program 1 (id=4596):
r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event1\x00', 0x102100, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xaea2, 0x10000000000402)
ioctl$auto(0x3, 0xae41, r0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0)

1.290713708s ago: executing program 2 (id=4597):
r0 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x101041, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x129800, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
socket(0xa, 0x1, 0x100)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x3, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f00000000c0)=')[\x00', 0x5)

1.200993974s ago: executing program 4 (id=4598):
mmap$auto(0x0, 0x40009, 0x7fffffff, 0x9b72, 0xffffffffffffffff, 0x100000000028000)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x203, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x7, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
r0 = getpid()
process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000040), 0xffffffff}, 0x6, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r1, 0x4b72, r2)

1.092162915s ago: executing program 2 (id=4599):
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
socket(0x28, 0x5, 0x0)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r0, &(0x7f0000000140)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7\xe6\x04\x8c\x83k', 0x10000000081)
pwritev$auto(0x3, 0x0, 0x5, 0x3, 0x9)
bpf$auto(0x12, 0x0, 0x26)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x88c00, 0x0)

915.043978ms ago: executing program 2 (id=4600):
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
r0 = socket(0xa, 0x2, 0x3a)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x1, 0x0)
socket(0xa, 0x3, 0x3b)
setsockopt$auto(r0, 0x29, 0x4e, &(0x7f0000000180)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91_\vBj\x0eQ\xce\x16\'C\x8c\x01\x80\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\x00\x00\x00\x00\xe4\xa5\xfe\xb5', 0x10000110)
bind$auto(0x3, &(0x7f0000000040)=@generic={0xa, "02d0ac0c00e435826339c7328903"}, 0x6a)

767.917544ms ago: executing program 4 (id=4601):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x2, 0x3, 0x6)
semctl$auto(0x9, 0x20000001, 0x13, 0x4)
close_range$auto(0x2, 0x8, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
open(0x0, 0x22240, 0x154)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)

681.565843ms ago: executing program 2 (id=4602):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket(0x10, 0x3, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

624.939151ms ago: executing program 1 (id=4603):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))
fcntl$auto(0xffffffffffffffff, 0x7, 0xa553)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
process_mrelease$auto(0xffffffffffffffff, 0xa)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
ioctl$auto_SNDCTL_DSP_SYNC(r0, 0x5001, 0xfffffffffffffffc)

505.702467ms ago: executing program 4 (id=4604):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2b, 0x1, 0x1)
openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000001240), 0x8000, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000001280)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/filter\x00', 0x200000, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyt5\x00', 0x40000, 0x0)
ioctl$auto(r0, 0x540a, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1ff, 0xd5b, 0x8, 0x1, 0x948a, 0x2, 0x15f4da0a, 0x1, 0x3, 0x300000000000600, 0x40080000001, 0x7, 0x6d3c, 0x5, 0x9]}, 0x0)

469.638265ms ago: executing program 5 (id=4605):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000100), 0x8a700, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0)
r1 = getpid()
select$auto(0x7, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x48, 0x15, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x0, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x1]}, 0x0, 0x0)
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f00000000c0), 0xffffffff}, 0x6, 0x0)
ioctl$auto(0x3, 0xc040563e, r0)

349.754545ms ago: executing program 2 (id=4606):
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

216.977743ms ago: executing program 4 (id=4607):
mmap$auto(0x0, 0x4b6, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0xa, 0x2, 0x73)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
socket(0x1, 0x1, 0x0)
bind$auto(0x3, 0x0, 0x6b)
r0 = socket(0x1, 0x1, 0x0)
bind$auto(r0, 0x0, 0x6b)

111.75399ms ago: executing program 5 (id=4608):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x110)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
unlink$auto(&(0x7f0000000380)='./file0\x00')
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
open(0x0, 0x163340, 0x6a)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x18, 0x5, 0x1)

0s ago: executing program 2 (id=4609):
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r1 = getpid()
pipe2$auto(&(0x7f00000000c0), 0x0)
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
ioctl$auto(r0, 0x40246f4c, 0x38)

kernel console output (not intermixed with test programs):

6]  should_fail_ex+0x512/0x640
[  668.160016][T17006]  ? fs_reclaim_acquire+0xae/0x150
[  668.160044][T17006]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  668.160067][T17006]  should_failslab+0xc2/0x120
[  668.160091][T17006]  __kmalloc_noprof+0xd2/0x510
[  668.160112][T17006]  ? kasan_quarantine_put+0x10a/0x240
[  668.160141][T17006]  tomoyo_realpath_from_path+0xc2/0x6e0
[  668.160170][T17006]  tomoyo_find_next_domain+0x8d3/0x20b0
[  668.160206][T17006]  ? __pfx_tomoyo_find_next_domain+0x10/0x10
[  668.160242][T17006]  tomoyo_bprm_check_security+0x12e/0x1d0
[  668.160267][T17006]  ? tomoyo_bprm_check_security+0x120/0x1d0
[  668.160294][T17006]  security_bprm_check+0x1b9/0x1e0
[  668.160321][T17006]  bprm_execve+0x81a/0x1640
[  668.160345][T17006]  ? __pfx_bprm_execve+0x10/0x10
[  668.160363][T17006]  ? copy_string_kernel+0x460/0x520
[  668.160386][T17006]  do_execveat_common.isra.0+0x4a5/0x610
[  668.160410][T17006]  __x64_sys_execveat+0xda/0x120
[  668.160436][T17006]  do_syscall_64+0xcd/0x490
[  668.160466][T17006]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  668.160484][T17006] RIP: 0033:0x7f1b7258eb69
[  668.160499][T17006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  668.160517][T17006] RSP: 002b:00007f1b733b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  668.160535][T17006] RAX: ffffffffffffffda RBX: 00007f1b727b5fa0 RCX: 00007f1b7258eb69
[  668.160547][T17006] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  668.160558][T17006] RBP: 00007f1b72611df1 R08: 0000000000001000 R09: 0000000000000000
[  668.160569][T17006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  668.160579][T17006] R13: 0000000000000000 R14: 00007f1b727b5fa0 R15: 00007ffeac56c1a8
[  668.160602][T17006]  </TASK>
[  668.160628][T17006] ERROR: Out of memory at tomoyo_realpath_from_path.
[  668.431255][   T51] Bluetooth: hci3: command tx timeout
[  669.031229][   T30] audit: type=1804 audit(4294969797.881:18): pid=17017 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.4133" name="/newroot/1083/file0" dev="tmpfs" ino=5540 res=1 errno=0
[  669.052626][    C1] vkms_vblank_simulate: vblank timer overrun
[  670.460906][T17026] netlink: 'syz.4.4137': attribute type 20 has an invalid length.
[  670.516548][   T51] Bluetooth: hci3: command tx timeout
[  670.551224][T17026] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4137'.
[  670.637543][T17026] IPv6: NLM_F_CREATE should be specified when creating new route
[  670.679153][   T59] team0 (unregistering): Port device team_slave_0 removed
[  671.063186][T17031] input: f¬
 as /devices/virtual/input/input12
[  671.288143][   T30] audit: type=1806 audit(4294969800.163:19): xattr=2205082002 res=-22
[  671.401026][T17028] Falling back ldisc for ptm0.
[  673.299252][T17062] FAULT_INJECTION: forcing a failure.
[  673.299252][T17062] name fail_futex, interval 1, probability 0, space 0, times 0
[  673.448121][T16965] chnl_net:caif_netlink_parms(): no params data found
[  673.480439][T17062] CPU: 1 UID: 0 PID: 17062 Comm: syz.4.4149 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  673.480474][T17062] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  673.480483][T17062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  673.480494][T17062] Call Trace:
[  673.480501][T17062]  <TASK>
[  673.480509][T17062]  dump_stack_lvl+0x16c/0x1f0
[  673.480542][T17062]  should_fail_ex+0x512/0x640
[  673.480571][T17062]  get_futex_key+0x1d0/0x1560
[  673.480594][T17062]  ? find_held_lock+0x2b/0x80
[  673.480612][T17062]  ? __pfx_get_futex_key+0x10/0x10
[  673.480634][T17062]  ? do_raw_spin_unlock+0x172/0x230
[  673.480661][T17062]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  673.480689][T17062]  futex_wait_setup+0x9d/0x550
[  673.480721][T17062]  __futex_wait+0x194/0x2f0
[  673.480748][T17062]  ? __pfx___futex_wait+0x10/0x10
[  673.480772][T17062]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  673.480796][T17062]  ? lockdep_hardirqs_on+0x7c/0x110
[  673.480824][T17062]  ? __pfx_futex_wake_mark+0x10/0x10
[  673.480852][T17062]  ? futex_private_hash_put+0x176/0x300
[  673.480875][T17062]  ? futex_private_hash_put+0x18a/0x300
[  673.480897][T17062]  futex_wait+0xe8/0x380
[  673.480922][T17062]  ? __pfx_futex_wait+0x10/0x10
[  673.480952][T17062]  ? kasan_quarantine_put+0x10a/0x240
[  673.480972][T17062]  ? lockdep_hardirqs_on+0x7c/0x110
[  673.481001][T17062]  do_futex+0x229/0x350
[  673.481023][T17062]  ? __pfx_do_futex+0x10/0x10
[  673.481045][T17062]  ? __do_sys_getcwd+0x4d6/0x930
[  673.481072][T17062]  __x64_sys_futex+0x1e0/0x4c0
[  673.481095][T17062]  ? fput+0x9b/0xd0
[  673.481118][T17062]  ? __pfx___x64_sys_futex+0x10/0x10
[  673.481140][T17062]  ? xfd_validate_state+0x61/0x180
[  673.481164][T17062]  ? __pfx_ksys_write+0x10/0x10
[  673.481190][T17062]  do_syscall_64+0xcd/0x490
[  673.481217][T17062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  673.481236][T17062] RIP: 0033:0x7f8e49f8eb69
[  673.481250][T17062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  673.481268][T17062] RSP: 002b:00007f8e4ae5a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  673.481286][T17062] RAX: ffffffffffffffda RBX: 00007f8e4a1b5fa8 RCX: 00007f8e49f8eb69
[  673.481298][T17062] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f8e4a1b5fa8
[  673.481308][T17062] RBP: 00007f8e4a1b5fa0 R08: 0000000000000000 R09: 0000000000000000
[  673.481319][T17062] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e4a1b5fac
[  673.481330][T17062] R13: 0000000000000000 R14: 00007fffc4a53c10 R15: 00007fffc4a53cf8
[  673.481351][T17062]  </TASK>
[  674.827343][T16965] bridge0: port 1(bridge_slave_0) entered blocking state
[  674.841844][T16965] bridge0: port 1(bridge_slave_0) entered disabled state
[  674.870513][T16965] bridge_slave_0: entered allmulticast mode
[  674.901526][T16965] bridge_slave_0: entered promiscuous mode
[  674.920806][T16965] bridge0: port 2(bridge_slave_1) entered blocking state
[  674.970032][T16965] bridge0: port 2(bridge_slave_1) entered disabled state
[  674.999800][T16965] bridge_slave_1: entered allmulticast mode
[  675.033075][T16965] bridge_slave_1: entered promiscuous mode
[  675.271892][T16965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  675.334286][T16965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  675.651334][T16965] team0: Port device team_slave_0 added
[  675.698858][T16965] team0: Port device team_slave_1 added
[  676.086469][T16965] batman_adv: batadv0: Adding interface: batadv_slave_0
[  676.093752][T16965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  676.283099][T16965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  676.343743][T16965] batman_adv: batadv0: Adding interface: batadv_slave_1
[  676.401403][T16965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  676.427424][    C1] vkms_vblank_simulate: vblank timer overrun
[  676.570393][T16965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  677.077130][T16965] hsr_slave_0: entered promiscuous mode
[  677.121793][T17113] netlink: 'syz.2.4164': attribute type 19 has an invalid length.
[  677.140563][T16965] hsr_slave_1: entered promiscuous mode
[  677.146605][T16965] debugfs: 'hsr0' already exists in 'hsr'
[  677.170708][T17113] netlink: 334 bytes leftover after parsing attributes in process `syz.2.4164'.
[  677.202730][T16965] Cannot create hsr debugfs directory
[  677.271605][T17105] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4161'.
[  679.023015][T16965] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  679.110231][T16965] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  679.160671][T16965] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  679.251701][T17130] FAULT_INJECTION: forcing a failure.
[  679.251701][T17130] name failslab, interval 1, probability 0, space 0, times 0
[  679.317253][T16965] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  679.347294][T17130] CPU: 1 UID: 0 PID: 17130 Comm: syz.2.4171 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  679.347329][T17130] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  679.347337][T17130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  679.347348][T17130] Call Trace:
[  679.347355][T17130]  <TASK>
[  679.347363][T17130]  dump_stack_lvl+0x16c/0x1f0
[  679.347396][T17130]  should_fail_ex+0x512/0x640
[  679.347424][T17130]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  679.347448][T17130]  should_failslab+0xc2/0x120
[  679.347472][T17130]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  679.347492][T17130]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  679.347512][T17130]  ? fuse_request_alloc+0x22/0x200
[  679.347543][T17130]  fuse_request_alloc+0x22/0x200
[  679.347571][T17130]  fuse_get_req+0x748/0xfd0
[  679.347594][T17130]  ? __pfx_fuse_get_req+0x10/0x10
[  679.347621][T17130]  fuse_simple_background+0x464/0x5f0
[  679.347639][T17130]  ? kasan_save_track+0x14/0x30
[  679.347661][T17130]  cuse_channel_open+0x561/0x7f0
[  679.347683][T17130]  ? __pfx_cuse_channel_open+0x10/0x10
[  679.347706][T17130]  misc_open+0x35a/0x420
[  679.347730][T17130]  ? __pfx_misc_open+0x10/0x10
[  679.347753][T17130]  chrdev_open+0x231/0x6a0
[  679.347776][T17130]  ? __pfx_apparmor_file_open+0x10/0x10
[  679.347796][T17130]  ? __pfx_chrdev_open+0x10/0x10
[  679.347820][T17130]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  679.347845][T17130]  do_dentry_open+0x982/0x1530
[  679.347867][T17130]  ? __pfx_chrdev_open+0x10/0x10
[  679.347894][T17130]  vfs_open+0x82/0x3f0
[  679.347923][T17130]  path_openat+0x1de4/0x2cb0
[  679.347954][T17130]  ? __pfx_path_openat+0x10/0x10
[  679.347980][T17130]  do_filp_open+0x20b/0x470
[  679.348002][T17130]  ? __pfx_do_filp_open+0x10/0x10
[  679.348038][T17130]  ? alloc_fd+0x471/0x7d0
[  679.348063][T17130]  do_sys_openat2+0x11b/0x1d0
[  679.348089][T17130]  ? __pfx_do_sys_openat2+0x10/0x10
[  679.348124][T17130]  __x64_sys_openat+0x174/0x210
[  679.348151][T17130]  ? __pfx___x64_sys_openat+0x10/0x10
[  679.348186][T17130]  do_syscall_64+0xcd/0x490
[  679.348215][T17130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  679.348233][T17130] RIP: 0033:0x7f1ddcd8eb69
[  679.348248][T17130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  679.348266][T17130] RSP: 002b:00007f1dddbb8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  679.348285][T17130] RAX: ffffffffffffffda RBX: 00007f1ddcfb5fa0 RCX: 00007f1ddcd8eb69
[  679.348297][T17130] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  679.348308][T17130] RBP: 00007f1ddce11df1 R08: 0000000000000000 R09: 0000000000000000
[  679.348319][T17130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  679.348330][T17130] R13: 0000000000000000 R14: 00007f1ddcfb5fa0 R15: 00007ffc15333f98
[  679.348352][T17130]  </TASK>
[  679.641499][    C1] vkms_vblank_simulate: vblank timer overrun
[  680.207136][T17136] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4173'.
[  681.096836][T16965] 8021q: adding VLAN 0 to HW filter on device bond0
[  681.221497][T16965] 8021q: adding VLAN 0 to HW filter on device team0
[  681.298411][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  681.305820][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  681.391230][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  681.398504][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  681.611570][T16965] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  682.418303][T16965] 8021q: adding VLAN 0 to HW filter on device batadv0
[  682.473001][T17166] kvm: user requested TSC rate below hardware speed
[  683.270538][T17186] netlink: 326 bytes leftover after parsing attributes in process `syz.2.4187'.
[  683.622101][T16965] veth0_vlan: entered promiscuous mode
[  683.698335][T16965] veth1_vlan: entered promiscuous mode
[  683.852682][T16965] veth0_macvtap: entered promiscuous mode
[  683.940100][T16965] veth1_macvtap: entered promiscuous mode
[  684.048690][T16965] batman_adv: batadv0: Interface activated: batadv_slave_0
[  684.061337][T17198] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4191'.
[  684.125372][T16965] batman_adv: batadv0: Interface activated: batadv_slave_1
[  684.181994][   T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  684.233950][   T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  684.342922][   T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  684.377701][   T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  684.630683][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  684.638555][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  684.790222][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  684.835545][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  685.099944][T17207] FAULT_INJECTION: forcing a failure.
[  685.099944][T17207] name failslab, interval 1, probability 0, space 0, times 0
[  685.240045][T17207] CPU: 1 UID: 0 PID: 17207 Comm: syz.4.4194 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  685.240082][T17207] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  685.240090][T17207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  685.240102][T17207] Call Trace:
[  685.240108][T17207]  <TASK>
[  685.240116][T17207]  dump_stack_lvl+0x16c/0x1f0
[  685.240148][T17207]  should_fail_ex+0x512/0x640
[  685.240166][T17207]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  685.240189][T17207]  should_failslab+0xc2/0x120
[  685.240214][T17207]  __kmalloc_cache_noprof+0x6a/0x3e0
[  685.240232][T17207]  ? rtnl_newlink+0x11b/0x2000
[  685.240251][T17207]  ? __pfx_rtnl_newlink+0x10/0x10
[  685.240266][T17207]  rtnl_newlink+0x11b/0x2000
[  685.240289][T17207]  ? __pfx_rtnl_newlink+0x10/0x10
[  685.240304][T17207]  ? kasan_quarantine_put+0x10a/0x240
[  685.240323][T17207]  ? lockdep_hardirqs_on+0x7c/0x110
[  685.240351][T17207]  ? kmem_cache_free+0x2d1/0x4d0
[  685.240370][T17207]  ? kfree_skbmem+0x1a4/0x1f0
[  685.240395][T17207]  ? __lock_acquire+0x62e/0x1ce0
[  685.240422][T17207]  ? rcu_is_watching+0x12/0xc0
[  685.240440][T17207]  ? trace_cap_capable+0x18d/0x200
[  685.240472][T17207]  ? find_held_lock+0x2b/0x80
[  685.240487][T17207]  ? __pfx_rtnl_newlink+0x10/0x10
[  685.240502][T17207]  ? __pfx_rtnl_newlink+0x10/0x10
[  685.240517][T17207]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  685.240534][T17207]  ? __pfx_rtnl_newlink+0x10/0x10
[  685.240550][T17207]  rtnetlink_rcv_msg+0x95b/0xe90
[  685.240568][T17207]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  685.240602][T17207]  ? ref_tracker_free+0x37c/0x830
[  685.240625][T17207]  netlink_rcv_skb+0x158/0x420
[  685.240654][T17207]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  685.240672][T17207]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  685.240707][T17207]  ? netlink_deliver_tap+0x1ae/0xd30
[  685.240738][T17207]  netlink_unicast+0x5a7/0x870
[  685.240769][T17207]  ? __pfx_netlink_unicast+0x10/0x10
[  685.240797][T17207]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  685.240830][T17207]  netlink_sendmsg+0x8d1/0xdd0
[  685.240860][T17207]  ? __pfx_netlink_sendmsg+0x10/0x10
[  685.240895][T17207]  __sys_sendto+0x4a3/0x520
[  685.240919][T17207]  ? __pfx___sys_sendto+0x10/0x10
[  685.240949][T17207]  ? find_held_lock+0x2b/0x80
[  685.240980][T17207]  __x64_sys_sendto+0xe0/0x1c0
[  685.241003][T17207]  ? do_syscall_64+0x91/0x490
[  685.241029][T17207]  ? lockdep_hardirqs_on+0x7c/0x110
[  685.241058][T17207]  do_syscall_64+0xcd/0x490
[  685.241086][T17207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  685.241104][T17207] RIP: 0033:0x7f8e49f909fc
[  685.241120][T17207] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  685.241139][T17207] RSP: 002b:00007f8e4ae58ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  685.241158][T17207] RAX: ffffffffffffffda RBX: 00007f8e4ae58fc0 RCX: 00007f8e49f909fc
[  685.241170][T17207] RDX: 000000000000001c RSI: 00007f8e4ae59010 RDI: 0000000000000003
[  685.241181][T17207] RBP: 0000000000000000 R08: 00007f8e4ae58f14 R09: 000000000000000c
[  685.241191][T17207] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  685.241202][T17207] R13: 00007f8e4ae58f68 R14: 00007f8e4ae59010 R15: 0000000000000000
[  685.241224][T17207]  </TASK>
[  686.691431][T17220] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  686.725877][T17228] FAULT_INJECTION: forcing a failure.
[  686.725877][T17228] name failslab, interval 1, probability 0, space 0, times 0
[  686.775173][T17228] CPU: 1 UID: 0 PID: 17228 Comm: syz.5.4202 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  686.775210][T17228] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  686.775218][T17228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  686.775230][T17228] Call Trace:
[  686.775239][T17228]  <TASK>
[  686.775247][T17228]  dump_stack_lvl+0x16c/0x1f0
[  686.775279][T17228]  should_fail_ex+0x512/0x640
[  686.775298][T17228]  ? fs_reclaim_acquire+0xae/0x150
[  686.775326][T17228]  should_failslab+0xc2/0x120
[  686.775350][T17228]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  686.775372][T17228]  ? jbd2__journal_start+0x193/0x6a0
[  686.775410][T17228]  jbd2__journal_start+0x193/0x6a0
[  686.775441][T17228]  __ext4_journal_start_sb+0x195/0x690
[  686.775463][T17228]  ? ext4_punch_hole+0x77e/0x1080
[  686.775491][T17228]  ext4_punch_hole+0x77e/0x1080
[  686.775520][T17228]  ext4_fallocate+0x22d7/0x37a0
[  686.775555][T17228]  ? __pfx_ext4_fallocate+0x10/0x10
[  686.775580][T17228]  vfs_fallocate+0x5b1/0x10e0
[  686.775605][T17228]  ? __pfx_vfs_fallocate+0x10/0x10
[  686.775626][T17228]  ? madvise_vma_behavior+0x2881/0x2c50
[  686.775651][T17228]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  686.775681][T17228]  madvise_vma_behavior+0x2839/0x2c50
[  686.775710][T17228]  ? mas_prev_setup.constprop.0+0xb6/0x9d0
[  686.775737][T17228]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  686.775765][T17228]  ? __pfx_mas_prev+0x10/0x10
[  686.775796][T17228]  ? find_vma_prev+0xda/0x160
[  686.775819][T17228]  ? find_held_lock+0x2b/0x80
[  686.775837][T17228]  ? __pfx_find_vma_prev+0x10/0x10
[  686.775861][T17228]  ? futex_unqueue+0x133/0x2c0
[  686.775887][T17228]  ? __futex_wait+0x24c/0x2f0
[  686.775916][T17228]  madvise_walk_vmas+0x31f/0x9c0
[  686.775945][T17228]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  686.775976][T17228]  madvise_do_behavior+0x1e2/0x530
[  686.776000][T17228]  ? futex_private_hash_put+0x18a/0x300
[  686.776022][T17228]  ? __pfx_madvise_do_behavior+0x10/0x10
[  686.776048][T17228]  ? down_read+0x13d/0x480
[  686.776076][T17228]  do_madvise+0x176/0x240
[  686.776100][T17228]  ? __pfx_do_madvise+0x10/0x10
[  686.776124][T17228]  ? do_futex+0x122/0x350
[  686.776161][T17228]  ? xfd_validate_state+0x61/0x180
[  686.776192][T17228]  __x64_sys_madvise+0xa9/0x110
[  686.776216][T17228]  ? lockdep_hardirqs_on+0x7c/0x110
[  686.776242][T17228]  do_syscall_64+0xcd/0x490
[  686.776271][T17228]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  686.776289][T17228] RIP: 0033:0x7fd1e9d8eb69
[  686.776305][T17228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  686.776324][T17228] RSP: 002b:00007fd1eaba3038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  686.776342][T17228] RAX: ffffffffffffffda RBX: 00007fd1e9fb5fa0 RCX: 00007fd1e9d8eb69
[  686.776354][T17228] RDX: 0000000000000009 RSI: 00000000000031ca RDI: 000000110c230000
[  686.776365][T17228] RBP: 00007fd1e9e11df1 R08: 0000000000000000 R09: 0000000000000000
[  686.776376][T17228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  686.776393][T17228] R13: 0000000000000000 R14: 00007fd1e9fb5fa0 R15: 00007ffe422c6658
[  686.776416][T17228]  </TASK>
[  686.776428][T17228] EXT4-fs error (device sda1) in ext4_punch_hole:4467: Out of memory
[  688.035976][T17231] FAULT_INJECTION: forcing a failure.
[  688.035976][T17231] name failslab, interval 1, probability 0, space 0, times 0
[  688.155309][T17231] CPU: 1 UID: 0 PID: 17231 Comm: syz.4.4203 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  688.155344][T17231] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  688.155352][T17231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  688.155363][T17231] Call Trace:
[  688.155370][T17231]  <TASK>
[  688.155377][T17231]  dump_stack_lvl+0x16c/0x1f0
[  688.155409][T17231]  should_fail_ex+0x512/0x640
[  688.155428][T17231]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  688.155450][T17231]  should_failslab+0xc2/0x120
[  688.155474][T17231]  __kmalloc_cache_noprof+0x6a/0x3e0
[  688.155492][T17231]  ? ima_calc_file_hash_tfm+0x231/0x350
[  688.155529][T17231]  ima_calc_file_hash_tfm+0x231/0x350
[  688.155556][T17231]  ? __pfx_ima_calc_file_hash_tfm+0x10/0x10
[  688.155606][T17231]  ? stack_trace_save+0x8e/0xc0
[  688.155628][T17231]  ? ima_alloc_tfm+0x21a/0x2e0
[  688.155651][T17231]  ? generic_fillattr+0x6bf/0x940
[  688.155679][T17231]  ima_calc_file_hash+0x1ba/0x490
[  688.155708][T17231]  ima_collect_measurement+0x899/0xa40
[  688.155740][T17231]  ? __pfx_ima_collect_measurement+0x10/0x10
[  688.155779][T17231]  ? __mutex_lock+0x1c4/0x10b0
[  688.155806][T17231]  ? is_bad_inode+0xd/0x40
[  688.155821][T17231]  ? xattr_resolve_name+0x27b/0x3f0
[  688.155843][T17231]  ? vfs_getxattr_alloc+0xec/0x340
[  688.155866][T17231]  ? ima_get_hash_algo+0x27c/0x400
[  688.155887][T17231]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  688.155913][T17231]  ? process_measurement+0x11fa/0x23e0
[  688.155936][T17231]  process_measurement+0x11fa/0x23e0
[  688.155966][T17231]  ? __pfx_process_measurement+0x10/0x10
[  688.155994][T17231]  ? hugetlb_file_setup+0x4ce/0x620
[  688.156012][T17231]  ? ksys_mmap_pgoff+0x189/0x5c0
[  688.156035][T17231]  ? __x64_sys_mmap+0x125/0x190
[  688.156061][T17231]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  688.156110][T17231]  ima_file_mmap+0x1b1/0x1d0
[  688.156133][T17231]  ? __pfx_ima_file_mmap+0x10/0x10
[  688.156162][T17231]  security_mmap_file+0x88c/0x990
[  688.156184][T17231]  vm_mmap_pgoff+0xec/0x470
[  688.156211][T17231]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  688.156234][T17231]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  688.156261][T17231]  ? hugetlbfs_get_inode+0x31f/0x730
[  688.156287][T17231]  ksys_mmap_pgoff+0x1c8/0x5c0
[  688.156315][T17231]  __x64_sys_mmap+0x125/0x190
[  688.156349][T17231]  do_syscall_64+0xcd/0x490
[  688.156377][T17231]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  688.156395][T17231] RIP: 0033:0x7f8e49f8eb69
[  688.156411][T17231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  688.156430][T17231] RSP: 002b:00007f8e4ae5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  688.156448][T17231] RAX: ffffffffffffffda RBX: 00007f8e4a1b5fa0 RCX: 00007f8e49f8eb69
[  688.156465][T17231] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000
[  688.156476][T17231] RBP: 00007f8e4a011df1 R08: 0000000000000401 R09: 0000300000000000
[  688.156487][T17231] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000
[  688.156498][T17231] R13: 0000000000000000 R14: 00007f8e4a1b5fa0 R15: 00007fffc4a53cf8
[  688.156528][T17231]  </TASK>
[  688.970606][   T30] audit: type=1800 audit(4294969817.764:20): pid=17231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4203" name="anon_hugepage" dev="hugetlbfs" ino=57121 res=0 errno=0
[  689.369168][T17248] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4210'.
[  689.661121][T17248] veth0_macvtap: left promiscuous mode
[  690.170574][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  690.177989][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  691.766476][T17297] FAULT_INJECTION: forcing a failure.
[  691.766476][T17297] name failslab, interval 1, probability 0, space 0, times 0
[  691.779201][T17297] CPU: 1 UID: 0 PID: 17297 Comm: syz.1.4230 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  691.779238][T17297] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  691.779246][T17297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  691.779257][T17297] Call Trace:
[  691.779264][T17297]  <TASK>
[  691.779272][T17297]  dump_stack_lvl+0x16c/0x1f0
[  691.779306][T17297]  should_fail_ex+0x512/0x640
[  691.779328][T17297]  should_failslab+0xc2/0x120
[  691.779353][T17297]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  691.779374][T17297]  ? radix_tree_node_alloc.constprop.0+0x7c/0x350
[  691.779401][T17297]  radix_tree_node_alloc.constprop.0+0x7c/0x350
[  691.779429][T17297]  idr_get_free+0x528/0xa30
[  691.779461][T17297]  idr_alloc_u32+0x190/0x2f0
[  691.779486][T17297]  ? __pfx_idr_alloc_u32+0x10/0x10
[  691.779520][T17297]  ? lock_acquire+0x179/0x350
[  691.779547][T17297]  idr_alloc_cyclic+0x10b/0x230
[  691.779573][T17297]  ? __pfx_idr_alloc_cyclic+0x10/0x10
[  691.779596][T17297]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  691.779627][T17297]  map_create+0xae3/0x1f80
[  691.779658][T17297]  ? __pfx_map_create+0x10/0x10
[  691.779681][T17297]  ? __might_fault+0xe3/0x190
[  691.779700][T17297]  ? __might_fault+0xe3/0x190
[  691.779719][T17297]  ? __might_fault+0x13b/0x190
[  691.779746][T17297]  __sys_bpf+0x44d2/0x4de0
[  691.779774][T17297]  ? __pfx___sys_bpf+0x10/0x10
[  691.779799][T17297]  ? ksys_write+0x190/0x250
[  691.779823][T17297]  ? do_futex+0x122/0x350
[  691.779846][T17297]  ? __pfx_do_futex+0x10/0x10
[  691.779875][T17297]  ? fput+0x9b/0xd0
[  691.779899][T17297]  ? xfd_validate_state+0x61/0x180
[  691.779924][T17297]  ? __pfx_ksys_write+0x10/0x10
[  691.779947][T17297]  __x64_sys_bpf+0x78/0xc0
[  691.779973][T17297]  ? lockdep_hardirqs_on+0x7c/0x110
[  691.779998][T17297]  do_syscall_64+0xcd/0x490
[  691.780026][T17297]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  691.780044][T17297] RIP: 0033:0x7f1b7258eb69
[  691.780060][T17297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  691.780078][T17297] RSP: 002b:00007f1b733b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  691.780095][T17297] RAX: ffffffffffffffda RBX: 00007f1b727b5fa0 RCX: 00007f1b7258eb69
[  691.780107][T17297] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000000
[  691.780118][T17297] RBP: 00007f1b72611df1 R08: 0000000000000000 R09: 0000000000000000
[  691.780128][T17297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  691.780138][T17297] R13: 0000000000000000 R14: 00007f1b727b5fa0 R15: 00007ffeac56c1a8
[  691.780159][T17297]  </TASK>
[  692.044433][T17298] usb usb23: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  692.715331][T17309] ERROR: Out of memory at tomoyo_memory_ok.
[  693.324416][T17328] netlink: 146 bytes leftover after parsing attributes in process `syz.4.4244'.
[  693.708065][T17342] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  694.740874][T17363] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4255'.
[  694.864349][T17367] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  694.922607][T17358] FAULT_INJECTION: forcing a failure.
[  694.922607][T17358] name failslab, interval 1, probability 0, space 0, times 0
[  694.935803][T17358] CPU: 1 UID: 0 PID: 17358 Comm: syz.5.4253 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  694.935844][T17358] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  694.935861][T17358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  694.935872][T17358] Call Trace:
[  694.935880][T17358]  <TASK>
[  694.935888][T17358]  dump_stack_lvl+0x16c/0x1f0
[  694.935921][T17358]  should_fail_ex+0x512/0x640
[  694.935943][T17358]  should_failslab+0xc2/0x120
[  694.935966][T17358]  __kmalloc_cache_noprof+0x6a/0x3e0
[  694.935984][T17358]  ? __lock_acquire+0x62e/0x1ce0
[  694.936008][T17358]  ? tipc_nametbl_insert_publ+0x5a/0x1720
[  694.936039][T17358]  tipc_nametbl_insert_publ+0x5a/0x1720
[  694.936066][T17358]  ? do_raw_spin_lock+0x12c/0x2b0
[  694.936093][T17358]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  694.936118][T17358]  ? net_generic+0xea/0x2a0
[  694.936147][T17358]  tipc_nametbl_publish+0x137/0x280
[  694.936178][T17358]  tipc_sk_publish+0x1d8/0x430
[  694.936196][T17358]  ? __pfx_tipc_sk_publish+0x10/0x10
[  694.936219][T17358]  ? __local_bh_enable_ip+0xa4/0x120
[  694.936243][T17358]  tipc_sk_bind+0x16f/0x380
[  694.936261][T17358]  tipc_bind+0x190/0x2a0
[  694.936279][T17358]  __sys_bind+0x1a4/0x260
[  694.936302][T17358]  ? __pfx___sys_bind+0x10/0x10
[  694.936331][T17358]  ? xfd_validate_state+0x61/0x180
[  694.936361][T17358]  __x64_sys_bind+0x72/0xb0
[  694.936382][T17358]  ? lockdep_hardirqs_on+0x7c/0x110
[  694.936406][T17358]  do_syscall_64+0xcd/0x490
[  694.936434][T17358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  694.936453][T17358] RIP: 0033:0x7fd1e9d8eb69
[  694.936475][T17358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  694.936493][T17358] RSP: 002b:00007fd1eaba3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  694.936511][T17358] RAX: ffffffffffffffda RBX: 00007fd1e9fb5fa0 RCX: 00007fd1e9d8eb69
[  694.936523][T17358] RDX: 0000000000000066 RSI: 0000200000000040 RDI: 0000000000000005
[  694.936534][T17358] RBP: 00007fd1e9e11df1 R08: 0000000000000000 R09: 0000000000000000
[  694.936545][T17358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  694.936555][T17358] R13: 0000000000000000 R14: 00007fd1e9fb5fa0 R15: 00007ffe422c6658
[  694.936578][T17358]  </TASK>
[  695.169595][T17368] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  695.748648][T17373] random: crng reseeded on system resumption
[  695.899116][T17377] FAULT_INJECTION: forcing a failure.
[  695.899116][T17377] name failslab, interval 1, probability 0, space 0, times 0
[  695.999787][T17377] CPU: 1 UID: 0 PID: 17377 Comm: syz.4.4261 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  695.999824][T17377] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  695.999832][T17377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  695.999844][T17377] Call Trace:
[  695.999851][T17377]  <TASK>
[  695.999859][T17377]  dump_stack_lvl+0x16c/0x1f0
[  695.999892][T17377]  should_fail_ex+0x512/0x640
[  695.999912][T17377]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  695.999933][T17377]  should_failslab+0xc2/0x120
[  695.999957][T17377]  __kmalloc_cache_noprof+0x6a/0x3e0
[  695.999974][T17377]  ? kasan_save_stack+0x42/0x60
[  695.999993][T17377]  ? kasan_save_stack+0x33/0x60
[  696.000011][T17377]  ? snd_seq_queue_alloc+0x56/0x5a0
[  696.000038][T17377]  snd_seq_queue_alloc+0x56/0x5a0
[  696.000063][T17377]  snd_seq_ioctl_create_queue+0xa9/0x380
[  696.000093][T17377]  snd_seq_kernel_client_ctl+0x107/0x1c0
[  696.000114][T17377]  alloc_seq_queue+0xda/0x180
[  696.000133][T17377]  ? __pfx_alloc_seq_queue+0x10/0x10
[  696.000164][T17377]  ? mark_held_locks+0x49/0x80
[  696.000186][T17377]  ? _raw_spin_unlock_irq+0x23/0x50
[  696.000211][T17377]  snd_seq_oss_open+0x38c/0xa20
[  696.000245][T17377]  odev_open+0x6f/0x90
[  696.000261][T17377]  ? __pfx_odev_open+0x10/0x10
[  696.000278][T17377]  soundcore_open+0x409/0x580
[  696.000297][T17377]  ? __pfx_soundcore_open+0x10/0x10
[  696.000325][T17377]  chrdev_open+0x231/0x6a0
[  696.000352][T17377]  ? __pfx_apparmor_file_open+0x10/0x10
[  696.000372][T17377]  ? __pfx_chrdev_open+0x10/0x10
[  696.000396][T17377]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  696.000420][T17377]  do_dentry_open+0x982/0x1530
[  696.000442][T17377]  ? __pfx_chrdev_open+0x10/0x10
[  696.000478][T17377]  vfs_open+0x82/0x3f0
[  696.000506][T17377]  path_openat+0x1de4/0x2cb0
[  696.000534][T17377]  ? __pfx_path_openat+0x10/0x10
[  696.000560][T17377]  do_filp_open+0x20b/0x470
[  696.000581][T17377]  ? __pfx_do_filp_open+0x10/0x10
[  696.000620][T17377]  ? alloc_fd+0x471/0x7d0
[  696.000646][T17377]  do_sys_openat2+0x11b/0x1d0
[  696.000672][T17377]  ? __pfx_do_sys_openat2+0x10/0x10
[  696.000699][T17377]  ? do_fcntl+0x1eb/0x15a0
[  696.000728][T17377]  __x64_sys_openat+0x174/0x210
[  696.000754][T17377]  ? __pfx___x64_sys_openat+0x10/0x10
[  696.000790][T17377]  do_syscall_64+0xcd/0x490
[  696.000818][T17377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  696.000836][T17377] RIP: 0033:0x7f8e49f8eb69
[  696.000852][T17377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  696.000869][T17377] RSP: 002b:00007f8e4ae5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  696.000887][T17377] RAX: ffffffffffffffda RBX: 00007f8e4a1b5fa0 RCX: 00007f8e49f8eb69
[  696.000898][T17377] RDX: 0000000000143900 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  696.000910][T17377] RBP: 00007f8e4a011df1 R08: 0000000000000000 R09: 0000000000000000
[  696.000921][T17377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  696.000931][T17377] R13: 0000000000000000 R14: 00007f8e4a1b5fa0 R15: 00007fffc4a53cf8
[  696.000954][T17377]  </TASK>
[  697.230930][T17388] netlink: 334 bytes leftover after parsing attributes in process `syz.5.4265'.
[  699.418547][T17421] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  699.679301][T17426] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  700.254526][T17437] FAULT_INJECTION: forcing a failure.
[  700.254526][T17437] name failslab, interval 1, probability 0, space 0, times 0
[  700.323806][T17437] CPU: 1 UID: 0 PID: 17437 Comm: syz.1.4284 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  700.323848][T17437] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  700.323860][T17437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  700.323872][T17437] Call Trace:
[  700.323879][T17437]  <TASK>
[  700.323887][T17437]  dump_stack_lvl+0x16c/0x1f0
[  700.323923][T17437]  should_fail_ex+0x512/0x640
[  700.323942][T17437]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  700.323968][T17437]  should_failslab+0xc2/0x120
[  700.323992][T17437]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  700.324016][T17437]  ? kstrdup_const+0x63/0x80
[  700.324042][T17437]  kstrdup+0x53/0x100
[  700.324064][T17437]  kstrdup_const+0x63/0x80
[  700.324085][T17437]  __kernfs_new_node+0x9b/0x8e0
[  700.324112][T17437]  ? __pfx___kernfs_new_node+0x10/0x10
[  700.324140][T17437]  ? find_held_lock+0x2b/0x80
[  700.324159][T17437]  ? kernfs_root+0xee/0x2a0
[  700.324185][T17437]  kernfs_new_node+0x13c/0x1e0
[  700.324226][T17437]  kernfs_create_link+0xcc/0x240
[  700.324245][T17437]  sysfs_do_create_link_sd+0x90/0x140
[  700.324269][T17437]  sysfs_create_link+0x61/0xc0
[  700.324292][T17437]  device_add+0x62c/0x1aa0
[  700.324316][T17437]  ? __pfx_device_add+0x10/0x10
[  700.324337][T17437]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  700.324364][T17437]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  700.324394][T17437]  wiphy_register+0x1df4/0x29f0
[  700.324410][T17437]  ? netdev_run_todo+0x864/0x1320
[  700.324428][T17437]  ? __dev_printk+0x210/0x270
[  700.324461][T17437]  ? __pfx_wiphy_register+0x10/0x10
[  700.324485][T17437]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  700.324517][T17437]  ieee80211_register_hw+0x24a9/0x4060
[  700.324554][T17437]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  700.324587][T17437]  ? find_held_lock+0x2b/0x80
[  700.324605][T17437]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  700.324633][T17437]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  700.324660][T17437]  ? __hrtimer_setup+0x176/0x280
[  700.324689][T17437]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  700.324726][T17437]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  700.324756][T17437]  hwsim_new_radio_nl+0xb51/0x12c0
[  700.324780][T17437]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  700.324810][T17437]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  700.324831][T17437]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  700.324857][T17437]  genl_family_rcv_msg_doit+0x209/0x2f0
[  700.324878][T17437]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  700.324897][T17437]  ? trace_cap_capable+0x18d/0x200
[  700.324930][T17437]  ? bpf_lsm_capable+0x9/0x10
[  700.324946][T17437]  ? security_capable+0x7e/0x260
[  700.324973][T17437]  ? ns_capable+0xd7/0x110
[  700.324994][T17437]  genl_rcv_msg+0x55c/0x800
[  700.325016][T17437]  ? __pfx_genl_rcv_msg+0x10/0x10
[  700.325035][T17437]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  700.325060][T17437]  ? __lock_acquire+0x62e/0x1ce0
[  700.325086][T17437]  netlink_rcv_skb+0x158/0x420
[  700.325113][T17437]  ? __pfx_genl_rcv_msg+0x10/0x10
[  700.325133][T17437]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  700.325170][T17437]  ? netlink_deliver_tap+0x1ae/0xd30
[  700.325202][T17437]  ? is_vmalloc_addr+0x86/0xa0
[  700.325225][T17437]  genl_rcv+0x28/0x40
[  700.325243][T17437]  netlink_unicast+0x5a7/0x870
[  700.325274][T17437]  ? __pfx_netlink_unicast+0x10/0x10
[  700.325301][T17437]  ? __lock_acquire+0xb97/0x1ce0
[  700.325330][T17437]  netlink_sendmsg+0x8d1/0xdd0
[  700.325362][T17437]  ? __pfx_netlink_sendmsg+0x10/0x10
[  700.325399][T17437]  ____sys_sendmsg+0xa95/0xc70
[  700.325420][T17437]  ? copy_msghdr_from_user+0x10a/0x160
[  700.325447][T17437]  ? __pfx_____sys_sendmsg+0x10/0x10
[  700.325473][T17437]  ? __pfx_futex_wake_mark+0x10/0x10
[  700.325502][T17437]  ___sys_sendmsg+0x134/0x1d0
[  700.325530][T17437]  ? __pfx____sys_sendmsg+0x10/0x10
[  700.325586][T17437]  __sys_sendmsg+0x16d/0x220
[  700.325613][T17437]  ? __pfx___sys_sendmsg+0x10/0x10
[  700.325638][T17437]  ? __x64_sys_futex+0x1e0/0x4c0
[  700.325675][T17437]  do_syscall_64+0xcd/0x490
[  700.325704][T17437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  700.325723][T17437] RIP: 0033:0x7f1b7258eb69
[  700.325740][T17437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  700.325758][T17437] RSP: 002b:00007f1b733b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  700.325776][T17437] RAX: ffffffffffffffda RBX: 00007f1b727b5fa0 RCX: 00007f1b7258eb69
[  700.325788][T17437] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000005
[  700.325800][T17437] RBP: 00007f1b72611df1 R08: 0000000000000000 R09: 0000000000000000
[  700.325811][T17437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  700.325822][T17437] R13: 0000000000000000 R14: 00007f1b727b5fa0 R15: 00007ffeac56c1a8
[  700.325845][T17437]  </TASK>
[  702.400680][T17455] netlink: 146 bytes leftover after parsing attributes in process `syz.4.4291'.
[  703.202856][T17469] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4295'.
[  703.268223][T17469] netlink: 354 bytes leftover after parsing attributes in process `syz.2.4295'.
[  703.566670][T17473] netlink: 330 bytes leftover after parsing attributes in process `syz.2.4296'.
[  704.129160][T17489] [U] 
[  704.132091][T17489] [U] 
[  704.134787][T17489] [U] 
[  704.137566][T17489] [U] 
[  704.190784][T17491] [U] 
[  705.148888][T17509] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4311'.
[  705.249847][T17509] bridge0: port 2(bridge_slave_1) entered disabled state
[  705.472486][T17513] netlink: 'syz.5.4313': attribute type 4 has an invalid length.
[  705.715079][T17509] bridge_slave_1 (unregistering): left allmulticast mode
[  705.789492][T17509] bridge_slave_1 (unregistering): left promiscuous mode
[  705.831240][T17509] bridge0: port 2(bridge_slave_1) entered disabled state
[  708.277169][T17539] size and base must be multiples of 4 kiB
[  708.304058][T17539] CPU: 1 UID: 0 PID: 17539 Comm: syz.2.4323 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  708.304095][T17539] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  708.304102][T17539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  708.304114][T17539] Call Trace:
[  708.304120][T17539]  <TASK>
[  708.304128][T17539]  dump_stack_lvl+0x16c/0x1f0
[  708.304160][T17539]  mtrr_add+0xdf/0x110
[  708.304187][T17539]  mtrr_ioctl+0x7ef/0xcf0
[  708.304213][T17539]  ? __pfx_mtrr_ioctl+0x10/0x10
[  708.304243][T17539]  ? find_held_lock+0x2b/0x80
[  708.304265][T17539]  ? __fget_files+0x20e/0x3c0
[  708.304285][T17539]  ? __pfx_mtrr_ioctl+0x10/0x10
[  708.304309][T17539]  proc_reg_unlocked_ioctl+0x229/0x320
[  708.304334][T17539]  ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10
[  708.304360][T17539]  __x64_sys_ioctl+0x18b/0x210
[  708.304387][T17539]  do_syscall_64+0xcd/0x490
[  708.304415][T17539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  708.304433][T17539] RIP: 0033:0x7f1ddcd8eb69
[  708.304448][T17539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  708.304466][T17539] RSP: 002b:00007f1dddbb8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  708.304484][T17539] RAX: ffffffffffffffda RBX: 00007f1ddcfb5fa0 RCX: 00007f1ddcd8eb69
[  708.304496][T17539] RDX: 0000000000000005 RSI: 00000000400c4d01 RDI: 0000000000000005
[  708.304506][T17539] RBP: 00007f1ddce11df1 R08: 0000000000000000 R09: 0000000000000000
[  708.304517][T17539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  708.304527][T17539] R13: 0000000000000000 R14: 00007f1ddcfb5fa0 R15: 00007ffc15333f98
[  708.304549][T17539]  </TASK>
[  709.334686][T17578] netlink: 146 bytes leftover after parsing attributes in process `syz.1.4334'.
[  710.085389][T17594] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4343'.
[  710.149041][T17594] bridge0: port 2(bridge_slave_1) entered disabled state
[  710.308174][T17594] bridge_slave_1 (unregistering): left allmulticast mode
[  710.332842][T17594] bridge_slave_1 (unregistering): left promiscuous mode
[  710.384407][T17594] bridge0: port 2(bridge_slave_1) entered disabled state
[  710.768880][T17593] FAULT_INJECTION: forcing a failure.
[  710.768880][T17593] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  710.844933][T17593] CPU: 1 UID: 0 PID: 17593 Comm: syz.5.4342 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  710.844968][T17593] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  710.844975][T17593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  710.844986][T17593] Call Trace:
[  710.845008][T17593]  <TASK>
[  710.845017][T17593]  dump_stack_lvl+0x16c/0x1f0
[  710.845049][T17593]  should_fail_ex+0x512/0x640
[  710.845071][T17593]  should_fail_alloc_page+0xe7/0x130
[  710.845097][T17593]  prepare_alloc_pages+0x3c2/0x610
[  710.845122][T17593]  ? rcu_is_watching+0x12/0xc0
[  710.845144][T17593]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  710.845167][T17593]  ? __lock_acquire+0xb97/0x1ce0
[  710.845199][T17593]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  710.845221][T17593]  ? do_raw_spin_lock+0x12c/0x2b0
[  710.845252][T17593]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  710.845286][T17593]  ? find_held_lock+0x2b/0x80
[  710.845309][T17593]  ? __lock_acquire+0xb97/0x1ce0
[  710.845332][T17593]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  710.845359][T17593]  ? policy_nodemask+0xea/0x4e0
[  710.845384][T17593]  alloc_pages_mpol+0x1fb/0x550
[  710.845408][T17593]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  710.845437][T17593]  folio_alloc_mpol_noprof+0x36/0x2f0
[  710.845465][T17593]  shmem_alloc_folio+0x135/0x160
[  710.845494][T17593]  shmem_alloc_and_add_folio+0x499/0xc20
[  710.845518][T17593]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  710.845541][T17593]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  710.845566][T17593]  shmem_get_folio_gfp+0x67f/0x1600
[  710.845591][T17593]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  710.845612][T17593]  ? __pfx___might_resched+0x10/0x10
[  710.845634][T17593]  shmem_fallocate+0x795/0xf50
[  710.845664][T17593]  ? __pfx_shmem_fallocate+0x10/0x10
[  710.845683][T17593]  ? aa_file_perm+0x495/0xf70
[  710.845710][T17593]  ? __lock_acquire+0xb97/0x1ce0
[  710.845734][T17593]  ? __lock_acquire+0x62e/0x1ce0
[  710.845769][T17593]  ? __pfx_shmem_fallocate+0x10/0x10
[  710.845790][T17593]  vfs_fallocate+0x5b1/0x10e0
[  710.845813][T17593]  ? __pfx_vfs_fallocate+0x10/0x10
[  710.845840][T17593]  __x64_sys_fallocate+0xd5/0x150
[  710.845865][T17593]  do_syscall_64+0xcd/0x490
[  710.845893][T17593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  710.845911][T17593] RIP: 0033:0x7fd1e9d8eb69
[  710.845927][T17593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  710.845945][T17593] RSP: 002b:00007fd1eaba3038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  710.845963][T17593] RAX: ffffffffffffffda RBX: 00007fd1e9fb5fa0 RCX: 00007fd1e9d8eb69
[  710.845974][T17593] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 8000000000000003
[  710.845985][T17593] RBP: 00007fd1e9e11df1 R08: 0000000000000000 R09: 0000000000000000
[  710.846136][T17593] R10: 00000000004cbd5d R11: 0000000000000246 R12: 0000000000000000
[  710.846148][T17593] R13: 0000000000000000 R14: 00007fd1e9fb5fa0 R15: 00007ffe422c6658
[  710.846175][T17593]  </TASK>
[  711.144711][    C1] vkms_vblank_simulate: vblank timer overrun
[  713.219864][T17635] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4356'.
[  713.708576][T17640] FAULT_INJECTION: forcing a failure.
[  713.708576][T17640] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  713.757851][T17622] size and base must be multiples of 4 kiB
[  713.779798][T17622] CPU: 1 UID: 0 PID: 17622 Comm: syz.4.4353 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  713.779833][T17622] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  713.779841][T17622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  713.779851][T17622] Call Trace:
[  713.779859][T17622]  <TASK>
[  713.779867][T17622]  dump_stack_lvl+0x16c/0x1f0
[  713.779898][T17622]  mtrr_add+0xdf/0x110
[  713.779923][T17622]  mtrr_ioctl+0x7ef/0xcf0
[  713.779949][T17622]  ? __pfx_mtrr_ioctl+0x10/0x10
[  713.779978][T17622]  ? find_held_lock+0x2b/0x80
[  713.780001][T17622]  ? __fget_files+0x20e/0x3c0
[  713.780021][T17622]  ? __pfx_mtrr_ioctl+0x10/0x10
[  713.780046][T17622]  proc_reg_unlocked_ioctl+0x229/0x320
[  713.780069][T17622]  ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10
[  713.780095][T17622]  __x64_sys_ioctl+0x18b/0x210
[  713.780123][T17622]  do_syscall_64+0xcd/0x490
[  713.780151][T17622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  713.780169][T17622] RIP: 0033:0x7f8e49f8eb69
[  713.780184][T17622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  713.780209][T17622] RSP: 002b:00007f8e4ae5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  713.780227][T17622] RAX: ffffffffffffffda RBX: 00007f8e4a1b5fa0 RCX: 00007f8e49f8eb69
[  713.780239][T17622] RDX: 0000000000000005 RSI: 00000000400c4d01 RDI: 0000000000000005
[  713.780250][T17622] RBP: 00007f8e4a011df1 R08: 0000000000000000 R09: 0000000000000000
[  713.780261][T17622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  713.780271][T17622] R13: 0000000000000000 R14: 00007f8e4a1b5fa0 R15: 00007fffc4a53cf8
[  713.780293][T17622]  </TASK>
[  713.957286][    C1] vkms_vblank_simulate: vblank timer overrun
[  714.000926][T17640] CPU: 1 UID: 0 PID: 17640 Comm: syz.2.4358 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  714.000963][T17640] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  714.000971][T17640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  714.000982][T17640] Call Trace:
[  714.000988][T17640]  <TASK>
[  714.000996][T17640]  dump_stack_lvl+0x16c/0x1f0
[  714.001027][T17640]  should_fail_ex+0x512/0x640
[  714.001050][T17640]  _copy_from_iter+0x463/0x16f0
[  714.001077][T17640]  ? __pfx__copy_from_iter+0x10/0x10
[  714.001097][T17640]  ? do_raw_spin_lock+0x12c/0x2b0
[  714.001124][T17640]  ? find_held_lock+0x2b/0x80
[  714.001143][T17640]  ? rcu_is_watching+0x12/0xc0
[  714.001162][T17640]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  714.001189][T17640]  write_pool_user+0xe8/0x2f0
[  714.001211][T17640]  ? __pfx_write_pool_user+0x10/0x10
[  714.001235][T17640]  ? __futex_wait+0x24c/0x2f0
[  714.001268][T17640]  ? copy_iovec_from_user+0x131/0x170
[  714.001290][T17640]  do_iter_readv_writev+0x654/0x950
[  714.001311][T17640]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  714.001333][T17640]  ? bpf_lsm_file_permission+0x9/0x10
[  714.001358][T17640]  ? security_file_permission+0x71/0x210
[  714.001379][T17640]  ? rw_verify_area+0xcf/0x6c0
[  714.001399][T17640]  vfs_writev+0x35f/0xde0
[  714.001419][T17640]  ? __lock_acquire+0x62e/0x1ce0
[  714.001444][T17640]  ? __pfx_vfs_writev+0x10/0x10
[  714.001463][T17640]  ? kmem_cache_free+0x2d1/0x4d0
[  714.001495][T17640]  ? __fget_files+0x20e/0x3c0
[  714.001519][T17640]  ? do_writev+0x132/0x340
[  714.001535][T17640]  do_writev+0x132/0x340
[  714.001553][T17640]  ? __pfx_do_writev+0x10/0x10
[  714.001577][T17640]  do_syscall_64+0xcd/0x490
[  714.001606][T17640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  714.001624][T17640] RIP: 0033:0x7f1ddcd8eb69
[  714.001639][T17640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  714.001656][T17640] RSP: 002b:00007f1dddbb8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  714.001674][T17640] RAX: ffffffffffffffda RBX: 00007f1ddcfb5fa0 RCX: 00007f1ddcd8eb69
[  714.001687][T17640] RDX: 0000000000000003 RSI: 00002000000003c0 RDI: 0000000000000005
[  714.001698][T17640] RBP: 00007f1ddce11df1 R08: 0000000000000000 R09: 0000000000000000
[  714.001709][T17640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  714.001719][T17640] R13: 0000000000000000 R14: 00007f1ddcfb5fa0 R15: 00007ffc15333f98
[  714.001741][T17640]  </TASK>
[  714.251602][    C1] vkms_vblank_simulate: vblank timer overrun
[  715.091579][T17659] netlink: 146 bytes leftover after parsing attributes in process `syz.1.4364'.
[  715.691749][T17666] [U] 
[  715.694569][T17666] [U] 
[  715.697266][T17666] [U] 
[  715.699964][T17666] [U] 
[  715.773173][T17666] [U] 
[  715.775933][T17666] [U] 
[  715.778636][T17666] [U] 
[  715.781446][T17666] [U] 
[  715.841915][T17673] [U] 
[  717.096851][T17695] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4377'.
[  717.181208][T17695] bridge0: port 2(bridge_slave_1) entered disabled state
[  717.306469][T17695] bridge_slave_1 (unregistering): left allmulticast mode
[  717.354090][T17695] bridge0: port 2(bridge_slave_1) entered disabled state
[  718.112141][T17708] [U] 
[  718.115053][T17708] [U] 
[  718.117775][T17708] [U] 
[  718.120478][T17708] [U] 
[  718.171668][T17708] [U] 
[  718.174399][T17708] [U] 
[  718.177143][T17708] [U] 
[  718.179863][T17708] [U] 
[  718.229379][T17711] [U] 
[  719.622894][T17734] random: crng reseeded on system resumption
[  720.407928][T17738] i2c i2c-0: Invalid 7-bit I2C address 0x00
[  720.415450][T17740] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4391'.
[  720.490423][T17740] bridge0: port 2(bridge_slave_1) entered disabled state
[  720.647334][T17740] bridge_slave_1 (unregistering): left allmulticast mode
[  720.661047][T17740] bridge_slave_1 (unregistering): left promiscuous mode
[  720.707226][T17740] bridge0: port 2(bridge_slave_1) entered disabled state
[  721.126717][T17741] size and base must be multiples of 4 kiB
[  721.196010][T17741] CPU: 1 UID: 0 PID: 17741 Comm: syz.1.4392 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  721.196045][T17741] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  721.196052][T17741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  721.196063][T17741] Call Trace:
[  721.196070][T17741]  <TASK>
[  721.196077][T17741]  dump_stack_lvl+0x16c/0x1f0
[  721.196119][T17741]  mtrr_add+0xdf/0x110
[  721.196151][T17741]  mtrr_ioctl+0x7ef/0xcf0
[  721.196176][T17741]  ? __pfx_mtrr_ioctl+0x10/0x10
[  721.196206][T17741]  ? find_held_lock+0x2b/0x80
[  721.196229][T17741]  ? __fget_files+0x20e/0x3c0
[  721.196250][T17741]  ? __pfx_mtrr_ioctl+0x10/0x10
[  721.196276][T17741]  proc_reg_unlocked_ioctl+0x229/0x320
[  721.196301][T17741]  ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10
[  721.196327][T17741]  __x64_sys_ioctl+0x18b/0x210
[  721.196355][T17741]  do_syscall_64+0xcd/0x490
[  721.196384][T17741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  721.196402][T17741] RIP: 0033:0x7f1b7258eb69
[  721.196417][T17741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  721.196435][T17741] RSP: 002b:00007f1b73393038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  721.196453][T17741] RAX: ffffffffffffffda RBX: 00007f1b727b6080 RCX: 00007f1b7258eb69
[  721.196465][T17741] RDX: 0000000000000005 RSI: 00000000400c4d01 RDI: 0000000000000005
[  721.196476][T17741] RBP: 00007f1b72611df1 R08: 0000000000000000 R09: 0000000000000000
[  721.196487][T17741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  721.196498][T17741] R13: 0000000000000000 R14: 00007f1b727b6080 R15: 00007ffeac56c1a8
[  721.196519][T17741]  </TASK>
[  721.375537][    C1] vkms_vblank_simulate: vblank timer overrun
[  721.962548][T17753] Loading of unsigned module is rejected
[  722.931820][T17760] FAULT_INJECTION: forcing a failure.
[  722.931820][T17760] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  723.021159][T17760] CPU: 1 UID: 0 PID: 17760 Comm: syz.4.4400 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  723.021194][T17760] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  723.021202][T17760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  723.021213][T17760] Call Trace:
[  723.021220][T17760]  <TASK>
[  723.021228][T17760]  dump_stack_lvl+0x16c/0x1f0
[  723.021261][T17760]  should_fail_ex+0x512/0x640
[  723.021284][T17760]  should_fail_alloc_page+0xe7/0x130
[  723.021310][T17760]  prepare_alloc_pages+0x3c2/0x610
[  723.021336][T17760]  ? rcu_is_watching+0x12/0xc0
[  723.021357][T17760]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  723.021380][T17760]  ? __lock_acquire+0xb97/0x1ce0
[  723.021412][T17760]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  723.021434][T17760]  ? do_raw_spin_lock+0x12c/0x2b0
[  723.021461][T17760]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  723.021487][T17760]  ? find_held_lock+0x2b/0x80
[  723.021510][T17760]  ? __lock_acquire+0xb97/0x1ce0
[  723.021532][T17760]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  723.021560][T17760]  ? policy_nodemask+0xea/0x4e0
[  723.021585][T17760]  alloc_pages_mpol+0x1fb/0x550
[  723.021609][T17760]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  723.021638][T17760]  folio_alloc_mpol_noprof+0x36/0x2f0
[  723.021666][T17760]  shmem_alloc_folio+0x135/0x160
[  723.021695][T17760]  shmem_alloc_and_add_folio+0x499/0xc20
[  723.021721][T17760]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  723.021743][T17760]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  723.021768][T17760]  shmem_get_folio_gfp+0x67f/0x1600
[  723.021794][T17760]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  723.021816][T17760]  ? __pfx___might_resched+0x10/0x10
[  723.021838][T17760]  shmem_fallocate+0x795/0xf50
[  723.021867][T17760]  ? __pfx_shmem_fallocate+0x10/0x10
[  723.021887][T17760]  ? aa_file_perm+0x495/0xf70
[  723.021914][T17760]  ? __lock_acquire+0xb97/0x1ce0
[  723.021938][T17760]  ? __lock_acquire+0x62e/0x1ce0
[  723.021973][T17760]  ? __pfx_shmem_fallocate+0x10/0x10
[  723.021994][T17760]  vfs_fallocate+0x5b1/0x10e0
[  723.022018][T17760]  ? __pfx_vfs_fallocate+0x10/0x10
[  723.022045][T17760]  __x64_sys_fallocate+0xd5/0x150
[  723.022069][T17760]  do_syscall_64+0xcd/0x490
[  723.022105][T17760]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  723.022123][T17760] RIP: 0033:0x7f8e49f8eb69
[  723.022139][T17760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  723.022156][T17760] RSP: 002b:00007f8e4ae5a038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  723.022175][T17760] RAX: ffffffffffffffda RBX: 00007f8e4a1b5fa0 RCX: 00007f8e49f8eb69
[  723.022187][T17760] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 8000000000000003
[  723.022198][T17760] RBP: 00007f8e4a011df1 R08: 0000000000000000 R09: 0000000000000000
[  723.022209][T17760] R10: 00000000004cbd5d R11: 0000000000000246 R12: 0000000000000000
[  723.022220][T17760] R13: 0000000000000000 R14: 00007f8e4a1b5fa0 R15: 00007fffc4a53cf8
[  723.022244][T17760]  </TASK>
[  724.044126][T17773] random: crng reseeded on system resumption
[  724.193374][T17771] FAULT_INJECTION: forcing a failure.
[  724.193374][T17771] name fail_futex, interval 1, probability 0, space 0, times 0
[  724.351030][T17771] CPU: 1 UID: 0 PID: 17771 Comm: syz.2.4415 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  724.351085][T17771] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  724.351094][T17771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  724.351105][T17771] Call Trace:
[  724.351112][T17771]  <TASK>
[  724.351120][T17771]  dump_stack_lvl+0x16c/0x1f0
[  724.351153][T17771]  should_fail_ex+0x512/0x640
[  724.351175][T17771]  get_futex_key+0x1d0/0x1560
[  724.351199][T17771]  ? __pfx_get_futex_key+0x10/0x10
[  724.351221][T17771]  ? __lock_acquire+0xb97/0x1ce0
[  724.351249][T17771]  futex_wait_setup+0x9d/0x550
[  724.351280][T17771]  __futex_wait+0x194/0x2f0
[  724.351307][T17771]  ? __pfx___futex_wait+0x10/0x10
[  724.351331][T17771]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  724.351357][T17771]  ? lockdep_hardirqs_on+0x7c/0x110
[  724.351385][T17771]  ? __pfx_futex_wake_mark+0x10/0x10
[  724.351414][T17771]  ? futex_private_hash_put+0x176/0x300
[  724.351437][T17771]  ? futex_private_hash_put+0x18a/0x300
[  724.351459][T17771]  futex_wait+0xe8/0x380
[  724.351484][T17771]  ? __pfx_futex_wait+0x10/0x10
[  724.351521][T17771]  do_futex+0x229/0x350
[  724.351543][T17771]  ? __pfx_do_futex+0x10/0x10
[  724.351564][T17771]  ? fput+0x9b/0xd0
[  724.351588][T17771]  ? __sys_sendmsg+0x18c/0x220
[  724.351616][T17771]  __x64_sys_futex+0x1e0/0x4c0
[  724.351641][T17771]  ? __pfx___x64_sys_futex+0x10/0x10
[  724.351663][T17771]  ? xfd_validate_state+0x61/0x180
[  724.351695][T17771]  do_syscall_64+0xcd/0x490
[  724.351723][T17771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  724.351741][T17771] RIP: 0033:0x7f1ddcd8eb69
[  724.351759][T17771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  724.351779][T17771] RSP: 002b:00007f1dddbb80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  724.351797][T17771] RAX: ffffffffffffffda RBX: 00007f1ddcfb5fa8 RCX: 00007f1ddcd8eb69
[  724.351809][T17771] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1ddcfb5fa8
[  724.351819][T17771] RBP: 00007f1ddcfb5fa0 R08: 0000000000000000 R09: 0000000000000000
[  724.351830][T17771] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1ddcfb5fac
[  724.351840][T17771] R13: 0000000000000000 R14: 00007ffc15333eb0 R15: 00007ffc15333f98
[  724.351862][T17771]  </TASK>
[  724.853809][T17777] netlink: 326 bytes leftover after parsing attributes in process `syz.1.4407'.
[  726.227225][   T51] Bluetooth: hci1: unexpected event 0x05 length: 440 > 4
[  726.286424][T17798] netlink: 326 bytes leftover after parsing attributes in process `syz.5.4412'.
[  726.507084][T17800] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  726.593181][T17803] FAULT_INJECTION: forcing a failure.
[  726.593181][T17803] name failslab, interval 1, probability 0, space 0, times 0
[  726.676433][T17803] CPU: 1 UID: 0 PID: 17803 Comm: syz.4.4426 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  726.676469][T17803] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  726.676477][T17803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  726.676488][T17803] Call Trace:
[  726.676495][T17803]  <TASK>
[  726.676503][T17803]  dump_stack_lvl+0x16c/0x1f0
[  726.676536][T17803]  should_fail_ex+0x512/0x640
[  726.676555][T17803]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  726.676577][T17803]  should_failslab+0xc2/0x120
[  726.676600][T17803]  __kmalloc_cache_noprof+0x6a/0x3e0
[  726.676617][T17803]  ? __lock_acquire+0xb97/0x1ce0
[  726.676640][T17803]  ? snd_timer_instance_new+0x47/0x2e0
[  726.676663][T17803]  snd_timer_instance_new+0x47/0x2e0
[  726.676682][T17803]  snd_seq_timer_open+0x1cc/0x600
[  726.676710][T17803]  ? __pfx_snd_seq_timer_open+0x10/0x10
[  726.676737][T17803]  ? find_held_lock+0x2b/0x80
[  726.676758][T17803]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  726.676789][T17803]  ? lockdep_hardirqs_on+0x7c/0x110
[  726.676815][T17803]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  726.676842][T17803]  queue_use+0xe3/0x250
[  726.676863][T17803]  snd_seq_queue_alloc+0x2e5/0x5a0
[  726.676889][T17803]  snd_seq_ioctl_create_queue+0xa9/0x380
[  726.676919][T17803]  snd_seq_kernel_client_ctl+0x107/0x1c0
[  726.676940][T17803]  alloc_seq_queue+0xda/0x180
[  726.676958][T17803]  ? __pfx_alloc_seq_queue+0x10/0x10
[  726.676989][T17803]  ? mark_held_locks+0x49/0x80
[  726.677011][T17803]  ? _raw_spin_unlock_irq+0x23/0x50
[  726.677036][T17803]  snd_seq_oss_open+0x38c/0xa20
[  726.677059][T17803]  odev_open+0x6f/0x90
[  726.677074][T17803]  ? __pfx_odev_open+0x10/0x10
[  726.677090][T17803]  soundcore_open+0x409/0x580
[  726.677109][T17803]  ? __pfx_soundcore_open+0x10/0x10
[  726.677136][T17803]  chrdev_open+0x231/0x6a0
[  726.677158][T17803]  ? __pfx_apparmor_file_open+0x10/0x10
[  726.677179][T17803]  ? __pfx_chrdev_open+0x10/0x10
[  726.677202][T17803]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  726.677226][T17803]  do_dentry_open+0x982/0x1530
[  726.677248][T17803]  ? __pfx_chrdev_open+0x10/0x10
[  726.677274][T17803]  vfs_open+0x82/0x3f0
[  726.677302][T17803]  path_openat+0x1de4/0x2cb0
[  726.677330][T17803]  ? __pfx_path_openat+0x10/0x10
[  726.677356][T17803]  do_filp_open+0x20b/0x470
[  726.677377][T17803]  ? __pfx_do_filp_open+0x10/0x10
[  726.677413][T17803]  ? alloc_fd+0x471/0x7d0
[  726.677437][T17803]  do_sys_openat2+0x11b/0x1d0
[  726.677463][T17803]  ? __pfx_do_sys_openat2+0x10/0x10
[  726.677497][T17803]  __x64_sys_openat+0x174/0x210
[  726.677524][T17803]  ? __pfx___x64_sys_openat+0x10/0x10
[  726.677559][T17803]  do_syscall_64+0xcd/0x490
[  726.677588][T17803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  726.677606][T17803] RIP: 0033:0x7f8e49f8eb69
[  726.677623][T17803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  726.677642][T17803] RSP: 002b:00007f8e4ae5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  726.677660][T17803] RAX: ffffffffffffffda RBX: 00007f8e4a1b5fa0 RCX: 00007f8e49f8eb69
[  726.677672][T17803] RDX: 0000000000000042 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  726.677684][T17803] RBP: 00007f8e4a011df1 R08: 0000000000000000 R09: 0000000000000000
[  726.677695][T17803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  726.677705][T17803] R13: 0000000000000000 R14: 00007f8e4a1b5fa0 R15: 00007fffc4a53cf8
[  726.677727][T17803]  </TASK>
[  727.819076][T17806] size and base must be multiples of 4 kiB
[  727.841012][T17806] CPU: 1 UID: 0 PID: 17806 Comm: syz.5.4416 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  727.841049][T17806] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  727.841056][T17806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  727.841067][T17806] Call Trace:
[  727.841074][T17806]  <TASK>
[  727.841081][T17806]  dump_stack_lvl+0x16c/0x1f0
[  727.841113][T17806]  mtrr_add+0xdf/0x110
[  727.841139][T17806]  mtrr_ioctl+0x7ef/0xcf0
[  727.841165][T17806]  ? __pfx_mtrr_ioctl+0x10/0x10
[  727.841194][T17806]  ? find_held_lock+0x2b/0x80
[  727.841218][T17806]  ? __fget_files+0x20e/0x3c0
[  727.841238][T17806]  ? __pfx_mtrr_ioctl+0x10/0x10
[  727.841263][T17806]  proc_reg_unlocked_ioctl+0x229/0x320
[  727.841287][T17806]  ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10
[  727.841312][T17806]  __x64_sys_ioctl+0x18b/0x210
[  727.841340][T17806]  do_syscall_64+0xcd/0x490
[  727.841367][T17806]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  727.841388][T17806] RIP: 0033:0x7fd1e9d8eb69
[  727.841405][T17806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  727.841422][T17806] RSP: 002b:00007fd1eab82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  727.841440][T17806] RAX: ffffffffffffffda RBX: 00007fd1e9fb6080 RCX: 00007fd1e9d8eb69
[  727.841451][T17806] RDX: 0000000000000005 RSI: 00000000400c4d01 RDI: 0000000000000005
[  727.841462][T17806] RBP: 00007fd1e9e11df1 R08: 0000000000000000 R09: 0000000000000000
[  727.841473][T17806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  727.841484][T17806] R13: 0000000000000000 R14: 00007fd1e9fb6080 R15: 00007ffe422c6658
[  727.841506][T17806]  </TASK>
[  728.278613][T17814] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  728.318621][T17814] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  730.136584][T17823] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4423'.
[  730.620862][T17828] FAULT_INJECTION: forcing a failure.
[  730.620862][T17828] name failslab, interval 1, probability 0, space 0, times 0
[  730.634319][T17828] CPU: 1 UID: 0 PID: 17828 Comm: syz.4.4424 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  730.634354][T17828] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  730.634362][T17828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  730.634373][T17828] Call Trace:
[  730.634382][T17828]  <TASK>
[  730.634391][T17828]  dump_stack_lvl+0x16c/0x1f0
[  730.634426][T17828]  should_fail_ex+0x512/0x640
[  730.634448][T17828]  should_failslab+0xc2/0x120
[  730.634472][T17828]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  730.634494][T17828]  ? radix_tree_node_alloc.constprop.0+0x7c/0x350
[  730.634522][T17828]  radix_tree_node_alloc.constprop.0+0x7c/0x350
[  730.634550][T17828]  idr_get_free+0x528/0xa30
[  730.634583][T17828]  idr_alloc_u32+0x190/0x2f0
[  730.634609][T17828]  ? __pfx_idr_alloc_u32+0x10/0x10
[  730.634636][T17828]  ? lock_acquire+0x179/0x350
[  730.634662][T17828]  idr_alloc_cyclic+0x10b/0x230
[  730.634688][T17828]  ? __pfx_idr_alloc_cyclic+0x10/0x10
[  730.634711][T17828]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  730.634743][T17828]  map_create+0xae3/0x1f80
[  730.634835][T17828]  ? __pfx_map_create+0x10/0x10
[  730.634858][T17828]  ? __might_fault+0xe3/0x190
[  730.634877][T17828]  ? __might_fault+0xe3/0x190
[  730.634896][T17828]  ? __might_fault+0x13b/0x190
[  730.634923][T17828]  __sys_bpf+0x44d2/0x4de0
[  730.634951][T17828]  ? __pfx___sys_bpf+0x10/0x10
[  730.634977][T17828]  ? ksys_write+0x190/0x250
[  730.635002][T17828]  ? do_futex+0x122/0x350
[  730.635024][T17828]  ? __pfx_do_futex+0x10/0x10
[  730.635052][T17828]  ? fput+0x9b/0xd0
[  730.635077][T17828]  ? xfd_validate_state+0x61/0x180
[  730.635101][T17828]  ? __pfx_ksys_write+0x10/0x10
[  730.635125][T17828]  __x64_sys_bpf+0x78/0xc0
[  730.635150][T17828]  ? lockdep_hardirqs_on+0x7c/0x110
[  730.635175][T17828]  do_syscall_64+0xcd/0x490
[  730.635203][T17828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  730.635221][T17828] RIP: 0033:0x7f8e49f8eb69
[  730.635237][T17828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  730.635257][T17828] RSP: 002b:00007f8e4ae5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  730.635275][T17828] RAX: ffffffffffffffda RBX: 00007f8e4a1b5fa0 RCX: 00007f8e49f8eb69
[  730.635287][T17828] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000000
[  730.635298][T17828] RBP: 00007f8e4a011df1 R08: 0000000000000000 R09: 0000000000000000
[  730.635309][T17828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  730.635320][T17828] R13: 0000000000000000 R14: 00007f8e4a1b5fa0 R15: 00007fffc4a53cf8
[  730.635342][T17828]  </TASK>
[  731.615267][T17836] FAULT_INJECTION: forcing a failure.
[  731.615267][T17836] name failslab, interval 1, probability 0, space 0, times 0
[  731.687676][T17839] FAULT_INJECTION: forcing a failure.
[  731.687676][T17839] name failslab, interval 1, probability 0, space 0, times 0
[  731.711924][T17836] CPU: 1 UID: 0 PID: 17836 Comm: syz.1.4428 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  731.711961][T17836] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  731.711976][T17836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  731.711987][T17836] Call Trace:
[  731.711994][T17836]  <TASK>
[  731.712003][T17836]  dump_stack_lvl+0x16c/0x1f0
[  731.712036][T17836]  should_fail_ex+0x512/0x640
[  731.712055][T17836]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  731.712076][T17836]  should_failslab+0xc2/0x120
[  731.712100][T17836]  __kmalloc_cache_noprof+0x6a/0x3e0
[  731.712116][T17836]  ? __lock_acquire+0xb97/0x1ce0
[  731.712140][T17836]  ? snd_timer_instance_new+0x47/0x2e0
[  731.712163][T17836]  snd_timer_instance_new+0x47/0x2e0
[  731.712181][T17836]  snd_seq_timer_open+0x1cc/0x600
[  731.712208][T17836]  ? __pfx_snd_seq_timer_open+0x10/0x10
[  731.712236][T17836]  ? find_held_lock+0x2b/0x80
[  731.712256][T17836]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  731.712280][T17836]  ? lockdep_hardirqs_on+0x7c/0x110
[  731.712305][T17836]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  731.712332][T17836]  queue_use+0xe3/0x250
[  731.712353][T17836]  snd_seq_queue_alloc+0x2e5/0x5a0
[  731.712379][T17836]  snd_seq_ioctl_create_queue+0xa9/0x380
[  731.712409][T17836]  snd_seq_kernel_client_ctl+0x107/0x1c0
[  731.712431][T17836]  alloc_seq_queue+0xda/0x180
[  731.712449][T17836]  ? __pfx_alloc_seq_queue+0x10/0x10
[  731.712480][T17836]  ? mark_held_locks+0x49/0x80
[  731.712502][T17836]  ? _raw_spin_unlock_irq+0x23/0x50
[  731.712527][T17836]  snd_seq_oss_open+0x38c/0xa20
[  731.712550][T17836]  odev_open+0x6f/0x90
[  731.712565][T17836]  ? __pfx_odev_open+0x10/0x10
[  731.712581][T17836]  soundcore_open+0x409/0x580
[  731.712600][T17836]  ? __pfx_soundcore_open+0x10/0x10
[  731.712627][T17836]  chrdev_open+0x231/0x6a0
[  731.712649][T17836]  ? __pfx_apparmor_file_open+0x10/0x10
[  731.712669][T17836]  ? __pfx_chrdev_open+0x10/0x10
[  731.712692][T17836]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  731.712716][T17836]  do_dentry_open+0x982/0x1530
[  731.712737][T17836]  ? __pfx_chrdev_open+0x10/0x10
[  731.712763][T17836]  vfs_open+0x82/0x3f0
[  731.712791][T17836]  path_openat+0x1de4/0x2cb0
[  731.712820][T17836]  ? __pfx_path_openat+0x10/0x10
[  731.712846][T17836]  do_filp_open+0x20b/0x470
[  731.712866][T17836]  ? __pfx_do_filp_open+0x10/0x10
[  731.712902][T17836]  ? alloc_fd+0x471/0x7d0
[  731.712926][T17836]  do_sys_openat2+0x11b/0x1d0
[  731.712957][T17836]  ? __pfx_do_sys_openat2+0x10/0x10
[  731.712998][T17836]  __x64_sys_openat+0x174/0x210
[  731.713025][T17836]  ? __pfx___x64_sys_openat+0x10/0x10
[  731.713061][T17836]  do_syscall_64+0xcd/0x490
[  731.713089][T17836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  731.713108][T17836] RIP: 0033:0x7f1b7258eb69
[  731.713125][T17836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  731.713142][T17836] RSP: 002b:00007f1b733b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  731.713160][T17836] RAX: ffffffffffffffda RBX: 00007f1b727b5fa0 RCX: 00007f1b7258eb69
[  731.713172][T17836] RDX: 0000000000000042 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  731.713183][T17836] RBP: 00007f1b72611df1 R08: 0000000000000000 R09: 0000000000000000
[  731.713194][T17836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  731.713205][T17836] R13: 0000000000000000 R14: 00007f1b727b5fa0 R15: 00007ffeac56c1a8
[  731.713228][T17836]  </TASK>
[  732.418756][T17839] CPU: 1 UID: 0 PID: 17839 Comm: syz.5.4429 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  732.418792][T17839] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  732.418801][T17839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  732.418811][T17839] Call Trace:
[  732.418818][T17839]  <TASK>
[  732.418825][T17839]  dump_stack_lvl+0x16c/0x1f0
[  732.418869][T17839]  should_fail_ex+0x512/0x640
[  732.418887][T17839]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  732.418909][T17839]  should_failslab+0xc2/0x120
[  732.418932][T17839]  __kmalloc_cache_noprof+0x6a/0x3e0
[  732.418949][T17839]  ? lockdep_hardirqs_on+0x7c/0x110
[  732.418982][T17839]  ? snd_seq_fifo_new+0x42/0x260
[  732.419006][T17839]  ? seq_create_client1+0x420/0x5e0
[  732.419023][T17839]  ? __pfx_snd_seq_open+0x10/0x10
[  732.419041][T17839]  snd_seq_fifo_new+0x42/0x260
[  732.419065][T17839]  snd_seq_open+0x15c/0x550
[  732.419083][T17839]  ? __pfx_snd_seq_open+0x10/0x10
[  732.419099][T17839]  snd_open+0x22a/0x4c0
[  732.419118][T17839]  ? __pfx_snd_open+0x10/0x10
[  732.419134][T17839]  chrdev_open+0x231/0x6a0
[  732.419156][T17839]  ? __pfx_apparmor_file_open+0x10/0x10
[  732.419177][T17839]  ? __pfx_chrdev_open+0x10/0x10
[  732.419200][T17839]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  732.419224][T17839]  do_dentry_open+0x982/0x1530
[  732.419250][T17839]  ? __pfx_chrdev_open+0x10/0x10
[  732.419277][T17839]  vfs_open+0x82/0x3f0
[  732.419305][T17839]  path_openat+0x1de4/0x2cb0
[  732.419332][T17839]  ? __pfx_path_openat+0x10/0x10
[  732.419358][T17839]  do_filp_open+0x20b/0x470
[  732.419379][T17839]  ? __pfx_do_filp_open+0x10/0x10
[  732.419415][T17839]  ? alloc_fd+0x471/0x7d0
[  732.419440][T17839]  do_sys_openat2+0x11b/0x1d0
[  732.419465][T17839]  ? __pfx_do_sys_openat2+0x10/0x10
[  732.419500][T17839]  __x64_sys_openat+0x174/0x210
[  732.419527][T17839]  ? __pfx___x64_sys_openat+0x10/0x10
[  732.419562][T17839]  do_syscall_64+0xcd/0x490
[  732.419590][T17839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  732.419608][T17839] RIP: 0033:0x7fd1e9d8eb69
[  732.419623][T17839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  732.419642][T17839] RSP: 002b:00007fd1eaba3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  732.419661][T17839] RAX: ffffffffffffffda RBX: 00007fd1e9fb5fa0 RCX: 00007fd1e9d8eb69
[  732.419673][T17839] RDX: 0000000000000100 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  732.419684][T17839] RBP: 00007fd1e9e11df1 R08: 0000000000000000 R09: 0000000000000000
[  732.419695][T17839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  732.419706][T17839] R13: 0000000000000000 R14: 00007fd1e9fb5fa0 R15: 00007ffe422c6658
[  732.419728][T17839]  </TASK>
[  733.690245][T17843] netlink: 146 bytes leftover after parsing attributes in process `syz.5.4432'.
[  734.359945][T17855] FAULT_INJECTION: forcing a failure.
[  734.359945][T17855] name failslab, interval 1, probability 0, space 0, times 0
[  734.372770][T17855] CPU: 1 UID: 0 PID: 17855 Comm: syz.5.4437 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  734.372804][T17855] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  734.372812][T17855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  734.372824][T17855] Call Trace:
[  734.372832][T17855]  <TASK>
[  734.372841][T17855]  dump_stack_lvl+0x16c/0x1f0
[  734.372872][T17855]  should_fail_ex+0x512/0x640
[  734.372895][T17855]  should_failslab+0xc2/0x120
[  734.372919][T17855]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  734.372941][T17855]  ? radix_tree_node_alloc.constprop.0+0x7c/0x350
[  734.372979][T17855]  radix_tree_node_alloc.constprop.0+0x7c/0x350
[  734.373006][T17855]  idr_get_free+0x528/0xa30
[  734.373038][T17855]  idr_alloc_u32+0x190/0x2f0
[  734.373065][T17855]  ? __pfx_idr_alloc_u32+0x10/0x10
[  734.373091][T17855]  ? lock_acquire+0x179/0x350
[  734.373119][T17855]  idr_alloc_cyclic+0x10b/0x230
[  734.373145][T17855]  ? __pfx_idr_alloc_cyclic+0x10/0x10
[  734.373168][T17855]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  734.373199][T17855]  map_create+0xae3/0x1f80
[  734.373230][T17855]  ? __pfx_map_create+0x10/0x10
[  734.373252][T17855]  ? __might_fault+0xe3/0x190
[  734.373271][T17855]  ? __might_fault+0xe3/0x190
[  734.373288][T17855]  ? __might_fault+0x13b/0x190
[  734.373315][T17855]  __sys_bpf+0x44d2/0x4de0
[  734.373343][T17855]  ? __pfx___sys_bpf+0x10/0x10
[  734.373368][T17855]  ? ksys_write+0x190/0x250
[  734.373392][T17855]  ? do_futex+0x122/0x350
[  734.373414][T17855]  ? __pfx_do_futex+0x10/0x10
[  734.373444][T17855]  ? fput+0x9b/0xd0
[  734.373467][T17855]  ? xfd_validate_state+0x61/0x180
[  734.373492][T17855]  ? __pfx_ksys_write+0x10/0x10
[  734.373515][T17855]  __x64_sys_bpf+0x78/0xc0
[  734.373559][T17855]  ? lockdep_hardirqs_on+0x7c/0x110
[  734.373590][T17855]  do_syscall_64+0xcd/0x490
[  734.373619][T17855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  734.373638][T17855] RIP: 0033:0x7fd1e9d8eb69
[  734.373662][T17855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  734.373680][T17855] RSP: 002b:00007fd1eaba3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  734.373698][T17855] RAX: ffffffffffffffda RBX: 00007fd1e9fb5fa0 RCX: 00007fd1e9d8eb69
[  734.373710][T17855] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000000
[  734.373721][T17855] RBP: 00007fd1e9e11df1 R08: 0000000000000000 R09: 0000000000000000
[  734.373732][T17855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  734.373743][T17855] R13: 0000000000000000 R14: 00007fd1e9fb5fa0 R15: 00007ffe422c6658
[  734.373768][T17855]  </TASK>
[  735.232774][T17863] FAULT_INJECTION: forcing a failure.
[  735.232774][T17863] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  735.344995][T17863] CPU: 1 UID: 0 PID: 17863 Comm: syz.4.4438 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  735.345032][T17863] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  735.345040][T17863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  735.345050][T17863] Call Trace:
[  735.345057][T17863]  <TASK>
[  735.345065][T17863]  dump_stack_lvl+0x16c/0x1f0
[  735.345096][T17863]  should_fail_ex+0x512/0x640
[  735.345118][T17863]  should_fail_alloc_page+0xe7/0x130
[  735.345143][T17863]  prepare_alloc_pages+0x3c2/0x610
[  735.345173][T17863]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  735.345195][T17863]  ? copy_splice_read+0x1a8/0xba0
[  735.345212][T17863]  ? stack_trace_save+0x8e/0xc0
[  735.345232][T17863]  ? __pfx_stack_trace_save+0x10/0x10
[  735.345252][T17863]  ? stack_depot_save_flags+0x28/0xa40
[  735.345278][T17863]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  735.345299][T17863]  ? kasan_save_stack+0x33/0x60
[  735.345319][T17863]  ? __kasan_kmalloc+0xaa/0xb0
[  735.345337][T17863]  ? copy_splice_read+0x1a8/0xba0
[  735.345353][T17863]  ? do_splice_read+0x285/0x370
[  735.345368][T17863]  ? splice_direct_to_actor+0x2a1/0xa30
[  735.345385][T17863]  ? do_splice_direct+0x174/0x240
[  735.345401][T17863]  ? do_sendfile+0xb06/0xe50
[  735.345418][T17863]  ? __x64_sys_sendfile64+0x1d8/0x220
[  735.345442][T17863]  ? do_syscall_64+0xcd/0x490
[  735.345483][T17863]  alloc_pages_bulk_noprof+0x71c/0x1410
[  735.345511][T17863]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  735.345537][T17863]  ? trace_kmalloc+0x2b/0xd0
[  735.345560][T17863]  ? __kmalloc_noprof+0x242/0x510
[  735.345585][T17863]  copy_splice_read+0x1e1/0xba0
[  735.345602][T17863]  ? __pfx_pipe_to_null+0x10/0x10
[  735.345622][T17863]  ? __pfx_copy_splice_read+0x10/0x10
[  735.345638][T17863]  ? pipe_unlock+0x4a/0x70
[  735.345659][T17863]  ? __pfx_splice_from_pipe+0x10/0x10
[  735.345683][T17863]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  735.345704][T17863]  ? __pfx_copy_splice_read+0x10/0x10
[  735.345721][T17863]  do_splice_read+0x285/0x370
[  735.345741][T17863]  splice_direct_to_actor+0x2a1/0xa30
[  735.345760][T17863]  ? __pfx_direct_splice_actor+0x10/0x10
[  735.345782][T17863]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  735.345806][T17863]  do_splice_direct+0x174/0x240
[  735.345825][T17863]  ? __pfx_do_splice_direct+0x10/0x10
[  735.345843][T17863]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  735.345872][T17863]  ? bpf_lsm_file_permission+0x9/0x10
[  735.345897][T17863]  ? security_file_permission+0x71/0x210
[  735.345919][T17863]  ? rw_verify_area+0xcf/0x6c0
[  735.345938][T17863]  do_sendfile+0xb06/0xe50
[  735.345967][T17863]  ? __pfx_do_sendfile+0x10/0x10
[  735.345990][T17863]  ? __x64_sys_futex+0x1e0/0x4c0
[  735.346011][T17863]  ? __x64_sys_futex+0x1e9/0x4c0
[  735.346040][T17863]  __x64_sys_sendfile64+0x1d8/0x220
[  735.346066][T17863]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  735.346098][T17863]  do_syscall_64+0xcd/0x490
[  735.346127][T17863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  735.346146][T17863] RIP: 0033:0x7f8e49f8eb69
[  735.346161][T17863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  735.346179][T17863] RSP: 002b:00007f8e4ae5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  735.346197][T17863] RAX: ffffffffffffffda RBX: 00007f8e4a1b5fa0 RCX: 00007f8e49f8eb69
[  735.346209][T17863] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[  735.346219][T17863] RBP: 00007f8e4a011df1 R08: 0000000000000000 R09: 0000000000000000
[  735.346230][T17863] R10: 0010000800000003 R11: 0000000000000246 R12: 0000000000000000
[  735.346241][T17863] R13: 0000000000000000 R14: 00007f8e4a1b5fa0 R15: 00007fffc4a53cf8
[  735.346263][T17863]  </TASK>
[  735.728200][T17868] FAULT_INJECTION: forcing a failure.
[  735.728200][T17868] name failslab, interval 1, probability 0, space 0, times 0
[  735.741090][T17868] CPU: 1 UID: 0 PID: 17868 Comm: syz.2.4441 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  735.741125][T17868] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  735.741132][T17868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  735.741143][T17868] Call Trace:
[  735.741151][T17868]  <TASK>
[  735.741160][T17868]  dump_stack_lvl+0x16c/0x1f0
[  735.741191][T17868]  should_fail_ex+0x512/0x640
[  735.741210][T17868]  ? fs_reclaim_acquire+0xae/0x150
[  735.741239][T17868]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  735.741260][T17868]  should_failslab+0xc2/0x120
[  735.741283][T17868]  __kmalloc_noprof+0xd2/0x510
[  735.741305][T17868]  ? kasan_quarantine_put+0x10a/0x240
[  735.741329][T17868]  tomoyo_realpath_from_path+0xc2/0x6e0
[  735.741357][T17868]  tomoyo_find_next_domain+0x8d3/0x20b0
[  735.741392][T17868]  ? __pfx_tomoyo_find_next_domain+0x10/0x10
[  735.741429][T17868]  tomoyo_bprm_check_security+0x12e/0x1d0
[  735.741454][T17868]  ? tomoyo_bprm_check_security+0x120/0x1d0
[  735.741480][T17868]  security_bprm_check+0x1b9/0x1e0
[  735.741506][T17868]  bprm_execve+0x81a/0x1640
[  735.741529][T17868]  ? __pfx_bprm_execve+0x10/0x10
[  735.741547][T17868]  ? copy_string_kernel+0x460/0x520
[  735.741570][T17868]  do_execveat_common.isra.0+0x4a5/0x610
[  735.741594][T17868]  __x64_sys_execveat+0xda/0x120
[  735.741616][T17868]  do_syscall_64+0xcd/0x490
[  735.741644][T17868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  735.741692][T17868] RIP: 0033:0x7f1ddcd8eb69
[  735.741708][T17868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  735.741727][T17868] RSP: 002b:00007f1dddbb8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  735.741745][T17868] RAX: ffffffffffffffda RBX: 00007f1ddcfb5fa0 RCX: 00007f1ddcd8eb69
[  735.741757][T17868] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  735.741768][T17868] RBP: 00007f1ddce11df1 R08: 0000000000001000 R09: 0000000000000000
[  735.741779][T17868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  735.741790][T17868] R13: 0000000000000000 R14: 00007f1ddcfb5fa0 R15: 00007ffc15333f98
[  735.741812][T17868]  </TASK>
[  735.741820][T17868] ERROR: Out of memory at tomoyo_realpath_from_path.
[  737.394874][T17881] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4443'.
[  738.105415][   T30] audit: type=1800 audit(4294970890.304:21): pid=17889 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4447" name="dbroot" dev="configfs" ino=59975 res=0 errno=0
[  738.332123][T17894] FAULT_INJECTION: forcing a failure.
[  738.332123][T17894] name failslab, interval 1, probability 0, space 0, times 0
[  738.421649][T17894] CPU: 1 UID: 0 PID: 17894 Comm: syz.5.4450 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  738.421685][T17894] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  738.421692][T17894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  738.421710][T17894] Call Trace:
[  738.421717][T17894]  <TASK>
[  738.421725][T17894]  dump_stack_lvl+0x16c/0x1f0
[  738.421759][T17894]  should_fail_ex+0x512/0x640
[  738.421777][T17894]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  738.421799][T17894]  should_failslab+0xc2/0x120
[  738.421823][T17894]  __kmalloc_cache_noprof+0x6a/0x3e0
[  738.421840][T17894]  ? __lock_acquire+0xb97/0x1ce0
[  738.421863][T17894]  ? snd_timer_instance_new+0x47/0x2e0
[  738.421885][T17894]  snd_timer_instance_new+0x47/0x2e0
[  738.421905][T17894]  snd_seq_timer_open+0x1cc/0x600
[  738.421932][T17894]  ? __pfx_snd_seq_timer_open+0x10/0x10
[  738.421960][T17894]  ? find_held_lock+0x2b/0x80
[  738.421981][T17894]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  738.422005][T17894]  ? lockdep_hardirqs_on+0x7c/0x110
[  738.422030][T17894]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  738.422057][T17894]  queue_use+0xe3/0x250
[  738.422078][T17894]  snd_seq_queue_alloc+0x2e5/0x5a0
[  738.422104][T17894]  snd_seq_ioctl_create_queue+0xa9/0x380
[  738.422134][T17894]  snd_seq_kernel_client_ctl+0x107/0x1c0
[  738.422155][T17894]  alloc_seq_queue+0xda/0x180
[  738.422173][T17894]  ? __pfx_alloc_seq_queue+0x10/0x10
[  738.422205][T17894]  ? mark_held_locks+0x49/0x80
[  738.422226][T17894]  ? _raw_spin_unlock_irq+0x23/0x50
[  738.422252][T17894]  snd_seq_oss_open+0x38c/0xa20
[  738.422274][T17894]  odev_open+0x6f/0x90
[  738.422290][T17894]  ? __pfx_odev_open+0x10/0x10
[  738.422306][T17894]  soundcore_open+0x409/0x580
[  738.422325][T17894]  ? __pfx_soundcore_open+0x10/0x10
[  738.422352][T17894]  chrdev_open+0x231/0x6a0
[  738.422374][T17894]  ? __pfx_apparmor_file_open+0x10/0x10
[  738.422394][T17894]  ? __pfx_chrdev_open+0x10/0x10
[  738.422417][T17894]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  738.422442][T17894]  do_dentry_open+0x982/0x1530
[  738.422483][T17894]  ? __pfx_chrdev_open+0x10/0x10
[  738.422510][T17894]  vfs_open+0x82/0x3f0
[  738.422539][T17894]  path_openat+0x1de4/0x2cb0
[  738.422568][T17894]  ? __pfx_path_openat+0x10/0x10
[  738.422595][T17894]  do_filp_open+0x20b/0x470
[  738.422617][T17894]  ? __pfx_do_filp_open+0x10/0x10
[  738.422654][T17894]  ? alloc_fd+0x471/0x7d0
[  738.422680][T17894]  do_sys_openat2+0x11b/0x1d0
[  738.422713][T17894]  ? __pfx_do_sys_openat2+0x10/0x10
[  738.422748][T17894]  __x64_sys_openat+0x174/0x210
[  738.422775][T17894]  ? __pfx___x64_sys_openat+0x10/0x10
[  738.422811][T17894]  do_syscall_64+0xcd/0x490
[  738.422840][T17894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.422859][T17894] RIP: 0033:0x7fd1e9d8eb69
[  738.422875][T17894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  738.422893][T17894] RSP: 002b:00007fd1eaba3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  738.422913][T17894] RAX: ffffffffffffffda RBX: 00007fd1e9fb5fa0 RCX: 00007fd1e9d8eb69
[  738.422925][T17894] RDX: 0000000000000042 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  738.422936][T17894] RBP: 00007fd1e9e11df1 R08: 0000000000000000 R09: 0000000000000000
[  738.422946][T17894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  738.422957][T17894] R13: 0000000000000000 R14: 00007fd1e9fb5fa0 R15: 00007ffe422c6658
[  738.422979][T17894]  </TASK>
[  739.666375][T17909] FAULT_INJECTION: forcing a failure.
[  739.666375][T17909] name failslab, interval 1, probability 0, space 0, times 0
[  739.766344][T17909] CPU: 1 UID: 0 PID: 17909 Comm: syz.4.4465 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  739.766380][T17909] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  739.766388][T17909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  739.766399][T17909] Call Trace:
[  739.766406][T17909]  <TASK>
[  739.766413][T17909]  dump_stack_lvl+0x16c/0x1f0
[  739.766445][T17909]  should_fail_ex+0x512/0x640
[  739.766473][T17909]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  739.766495][T17909]  should_failslab+0xc2/0x120
[  739.766518][T17909]  __kmalloc_cache_noprof+0x6a/0x3e0
[  739.766536][T17909]  ? __lock_acquire+0xb97/0x1ce0
[  739.766560][T17909]  ? snd_timer_instance_new+0x47/0x2e0
[  739.766583][T17909]  snd_timer_instance_new+0x47/0x2e0
[  739.766604][T17909]  snd_seq_timer_open+0x1cc/0x600
[  739.766631][T17909]  ? __pfx_snd_seq_timer_open+0x10/0x10
[  739.766670][T17909]  ? find_held_lock+0x2b/0x80
[  739.766691][T17909]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  739.766716][T17909]  ? lockdep_hardirqs_on+0x7c/0x110
[  739.766742][T17909]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  739.766770][T17909]  queue_use+0xe3/0x250
[  739.766791][T17909]  snd_seq_queue_alloc+0x2e5/0x5a0
[  739.766818][T17909]  snd_seq_ioctl_create_queue+0xa9/0x380
[  739.766849][T17909]  snd_seq_kernel_client_ctl+0x107/0x1c0
[  739.766871][T17909]  alloc_seq_queue+0xda/0x180
[  739.766889][T17909]  ? __pfx_alloc_seq_queue+0x10/0x10
[  739.766920][T17909]  ? mark_held_locks+0x49/0x80
[  739.766942][T17909]  ? _raw_spin_unlock_irq+0x23/0x50
[  739.766966][T17909]  snd_seq_oss_open+0x38c/0xa20
[  739.766989][T17909]  odev_open+0x6f/0x90
[  739.767004][T17909]  ? __pfx_odev_open+0x10/0x10
[  739.767020][T17909]  soundcore_open+0x409/0x580
[  739.767039][T17909]  ? __pfx_soundcore_open+0x10/0x10
[  739.767066][T17909]  chrdev_open+0x231/0x6a0
[  739.767088][T17909]  ? __pfx_apparmor_file_open+0x10/0x10
[  739.767108][T17909]  ? __pfx_chrdev_open+0x10/0x10
[  739.767131][T17909]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  739.767155][T17909]  do_dentry_open+0x982/0x1530
[  739.767177][T17909]  ? __pfx_chrdev_open+0x10/0x10
[  739.767203][T17909]  vfs_open+0x82/0x3f0
[  739.767231][T17909]  path_openat+0x1de4/0x2cb0
[  739.767259][T17909]  ? __pfx_path_openat+0x10/0x10
[  739.767285][T17909]  do_filp_open+0x20b/0x470
[  739.767306][T17909]  ? __pfx_do_filp_open+0x10/0x10
[  739.767342][T17909]  ? alloc_fd+0x471/0x7d0
[  739.767371][T17909]  do_sys_openat2+0x11b/0x1d0
[  739.767397][T17909]  ? __pfx_do_sys_openat2+0x10/0x10
[  739.767432][T17909]  __x64_sys_openat+0x174/0x210
[  739.767459][T17909]  ? __pfx___x64_sys_openat+0x10/0x10
[  739.767495][T17909]  do_syscall_64+0xcd/0x490
[  739.767523][T17909]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  739.767542][T17909] RIP: 0033:0x7f8e49f8eb69
[  739.767557][T17909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  739.767575][T17909] RSP: 002b:00007f8e4ae5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  739.767593][T17909] RAX: ffffffffffffffda RBX: 00007f8e4a1b5fa0 RCX: 00007f8e49f8eb69
[  739.767604][T17909] RDX: 0000000000000042 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  739.767615][T17909] RBP: 00007f8e4a011df1 R08: 0000000000000000 R09: 0000000000000000
[  739.767626][T17909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  739.767643][T17909] R13: 0000000000000000 R14: 00007f8e4a1b5fa0 R15: 00007fffc4a53cf8
[  739.767666][T17909]  </TASK>
[  743.236988][T17946] FAULT_INJECTION: forcing a failure.
[  743.236988][T17946] name failslab, interval 1, probability 0, space 0, times 0
[  743.300320][T17946] CPU: 1 UID: 0 PID: 17946 Comm: syz.4.4471 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  743.300356][T17946] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  743.300364][T17946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  743.300374][T17946] Call Trace:
[  743.300381][T17946]  <TASK>
[  743.300388][T17946]  dump_stack_lvl+0x16c/0x1f0
[  743.300420][T17946]  should_fail_ex+0x512/0x640
[  743.300438][T17946]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  743.300462][T17946]  should_failslab+0xc2/0x120
[  743.300485][T17946]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  743.300506][T17946]  ? copy_net_ns+0xe8/0x5f0
[  743.300528][T17946]  copy_net_ns+0xe8/0x5f0
[  743.300544][T17946]  ? copy_cgroup_ns+0x71/0x700
[  743.300573][T17946]  create_new_namespaces+0x3ea/0xa90
[  743.300599][T17946]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  743.300621][T17946]  ksys_unshare+0x45b/0xa40
[  743.300646][T17946]  ? __pfx_ksys_unshare+0x10/0x10
[  743.300671][T17946]  ? xfd_validate_state+0x61/0x180
[  743.300704][T17946]  __x64_sys_unshare+0x31/0x40
[  743.300728][T17946]  do_syscall_64+0xcd/0x490
[  743.300756][T17946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  743.300774][T17946] RIP: 0033:0x7f8e49f8eb69
[  743.300790][T17946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  743.300808][T17946] RSP: 002b:00007f8e4ae5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  743.300827][T17946] RAX: ffffffffffffffda RBX: 00007f8e4a1b5fa0 RCX: 00007f8e49f8eb69
[  743.300838][T17946] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  743.300849][T17946] RBP: 00007f8e4a011df1 R08: 0000000000000000 R09: 0000000000000000
[  743.300860][T17946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  743.300870][T17946] R13: 0000000000000000 R14: 00007f8e4a1b5fa0 R15: 00007fffc4a53cf8
[  743.300892][T17946]  </TASK>
[  743.933418][T17949] sp0: Synchronizing with TNC
[  745.514444][T17969] FAULT_INJECTION: forcing a failure.
[  745.514444][T17969] name failslab, interval 1, probability 0, space 0, times 0
[  745.554533][T17971] FAULT_INJECTION: forcing a failure.
[  745.554533][T17971] name failslab, interval 1, probability 0, space 0, times 0
[  745.589378][T17969] CPU: 1 UID: 0 PID: 17969 Comm: syz.1.4482 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  745.589415][T17969] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  745.589423][T17969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  745.589434][T17969] Call Trace:
[  745.589441][T17969]  <TASK>
[  745.589450][T17969]  dump_stack_lvl+0x16c/0x1f0
[  745.589482][T17969]  should_fail_ex+0x512/0x640
[  745.589501][T17969]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  745.589533][T17969]  should_failslab+0xc2/0x120
[  745.589557][T17969]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  745.589577][T17969]  ? __lock_acquire+0xb97/0x1ce0
[  745.589599][T17969]  ? __alloc_skb+0x2b2/0x380
[  745.589627][T17969]  __alloc_skb+0x2b2/0x380
[  745.589652][T17969]  ? __pfx___alloc_skb+0x10/0x10
[  745.589679][T17969]  ? do_raw_spin_lock+0x12c/0x2b0
[  745.589708][T17969]  ? find_held_lock+0x2b/0x80
[  745.589728][T17969]  inet6_netconf_notify_devconf+0x87/0x180
[  745.589752][T17969]  ip6_mroute_setsockopt+0x1253/0x20d0
[  745.589770][T17969]  ? rcu_is_watching+0x12/0xc0
[  745.589787][T17969]  ? finish_task_switch.isra.0+0x221/0xc10
[  745.589805][T17969]  ? lockdep_hardirqs_on+0x7c/0x110
[  745.589833][T17969]  ? __pfx_ip6_mroute_setsockopt+0x10/0x10
[  745.589850][T17969]  ? trace_sched_exit_tp+0xd1/0x120
[  745.589877][T17969]  ? __lock_acquire+0x62e/0x1ce0
[  745.589922][T17969]  ? do_ipv6_setsockopt+0x7ba/0x4350
[  745.589944][T17969]  do_ipv6_setsockopt+0x7ba/0x4350
[  745.589971][T17969]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  745.589994][T17969]  ? __futex_wait+0x24c/0x2f0
[  745.590020][T17969]  ? __pfx___futex_wait+0x10/0x10
[  745.590045][T17969]  ? aa_label_sk_perm+0x19b/0x5a0
[  745.590065][T17969]  ? __pfx_futex_wake_mark+0x10/0x10
[  745.590090][T17969]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  745.590110][T17969]  ? futex_private_hash_put+0x176/0x300
[  745.590134][T17969]  ? futex_private_hash_put+0x18a/0x300
[  745.590163][T17969]  ? __pfx___might_resched+0x10/0x10
[  745.590185][T17969]  ? ipv6_setsockopt+0xcb/0x170
[  745.590207][T17969]  ? aa_sk_perm+0x2f4/0xb10
[  745.590222][T17969]  ipv6_setsockopt+0xcb/0x170
[  745.590247][T17969]  rawv6_setsockopt+0xc2/0x510
[  745.590269][T17969]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  745.590291][T17969]  ? sock_common_setsockopt+0x2e/0xf0
[  745.590311][T17969]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  745.590331][T17969]  do_sock_setsockopt+0xf3/0x1d0
[  745.590355][T17969]  __sys_setsockopt+0x120/0x1a0
[  745.590385][T17969]  __x64_sys_setsockopt+0xbd/0x160
[  745.590409][T17969]  ? do_syscall_64+0x91/0x490
[  745.590435][T17969]  ? lockdep_hardirqs_on+0x7c/0x110
[  745.590460][T17969]  do_syscall_64+0xcd/0x490
[  745.590488][T17969]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  745.590506][T17969] RIP: 0033:0x7f1b7258eb69
[  745.590529][T17969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  745.590548][T17969] RSP: 002b:00007f1b733b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  745.590567][T17969] RAX: ffffffffffffffda RBX: 00007f1b727b5fa0 RCX: 00007f1b7258eb69
[  745.590579][T17969] RDX: 00000000000000c8 RSI: 0000000000000029 RDI: 0400000000000003
[  745.590591][T17969] RBP: 00007f1b72611df1 R08: 0000000000000567 R09: 0000000000000000
[  745.590603][T17969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  745.590614][T17969] R13: 0000000000000000 R14: 00007f1b727b5fa0 R15: 00007ffeac56c1a8
[  745.590637][T17969]  </TASK>
[  746.306816][T17971] CPU: 1 UID: 0 PID: 17971 Comm: syz.4.4480 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  746.306853][T17971] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  746.306861][T17971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  746.306872][T17971] Call Trace:
[  746.306879][T17971]  <TASK>
[  746.306887][T17971]  dump_stack_lvl+0x16c/0x1f0
[  746.306921][T17971]  should_fail_ex+0x512/0x640
[  746.306939][T17971]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  746.306961][T17971]  should_failslab+0xc2/0x120
[  746.306985][T17971]  __kmalloc_cache_noprof+0x6a/0x3e0
[  746.307004][T17971]  ? snd_ctl_get_preferred_subdevice+0x184/0x200
[  746.307030][T17971]  ? snd_pcm_attach_substream+0x441/0xd60
[  746.307058][T17971]  snd_pcm_attach_substream+0x441/0xd60
[  746.307088][T17971]  snd_pcm_open_substream+0x8d/0x17f0
[  746.307115][T17971]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  746.307146][T17971]  snd_pcm_oss_open+0x735/0x1400
[  746.307174][T17971]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[  746.307196][T17971]  ? __lock_acquire+0xb97/0x1ce0
[  746.307220][T17971]  ? __pfx_default_wake_function+0x10/0x10
[  746.307240][T17971]  ? __lock_acquire+0xb97/0x1ce0
[  746.307275][T17971]  ? do_raw_spin_lock+0x12c/0x2b0
[  746.307303][T17971]  ? soundcore_open+0x35a/0x580
[  746.307320][T17971]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[  746.307342][T17971]  soundcore_open+0x409/0x580
[  746.307360][T17971]  ? __pfx_soundcore_open+0x10/0x10
[  746.307387][T17971]  chrdev_open+0x231/0x6a0
[  746.307411][T17971]  ? __pfx_apparmor_file_open+0x10/0x10
[  746.307432][T17971]  ? __pfx_chrdev_open+0x10/0x10
[  746.307456][T17971]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  746.307481][T17971]  do_dentry_open+0x982/0x1530
[  746.307503][T17971]  ? __pfx_chrdev_open+0x10/0x10
[  746.307539][T17971]  vfs_open+0x82/0x3f0
[  746.307568][T17971]  path_openat+0x1de4/0x2cb0
[  746.307598][T17971]  ? __pfx_path_openat+0x10/0x10
[  746.307625][T17971]  do_filp_open+0x20b/0x470
[  746.307647][T17971]  ? __pfx_do_filp_open+0x10/0x10
[  746.307685][T17971]  ? alloc_fd+0x471/0x7d0
[  746.307711][T17971]  do_sys_openat2+0x11b/0x1d0
[  746.307737][T17971]  ? __pfx_do_sys_openat2+0x10/0x10
[  746.307773][T17971]  __x64_sys_openat+0x174/0x210
[  746.307800][T17971]  ? __pfx___x64_sys_openat+0x10/0x10
[  746.307840][T17971]  do_syscall_64+0xcd/0x490
[  746.307873][T17971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  746.307892][T17971] RIP: 0033:0x7f8e49f8eb69
[  746.307908][T17971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  746.307925][T17971] RSP: 002b:00007f8e4ae5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  746.307944][T17971] RAX: ffffffffffffffda RBX: 00007f8e4a1b5fa0 RCX: 00007f8e49f8eb69
[  746.307956][T17971] RDX: 0000000000020342 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  746.307968][T17971] RBP: 00007f8e4a011df1 R08: 0000000000000000 R09: 0000000000000000
[  746.307979][T17971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  746.307989][T17971] R13: 0000000000000000 R14: 00007f8e4a1b5fa0 R15: 00007fffc4a53cf8
[  746.308012][T17971]  </TASK>
[  746.795636][T17974] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4)
[  746.897335][T17982] netlink: 330 bytes leftover after parsing attributes in process `syz.2.4487'.
[  746.908238][   T30] audit: type=1806 audit(4294970898.995:22): xattr=2205082002 res=-22
[  747.287370][T17990] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4497'.
[  748.973388][T18016] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4498'.
[  749.049091][T18016] team0: entered promiscuous mode
[  749.072705][T18016] team_slave_0: entered promiscuous mode
[  749.103517][T18016] team_slave_1: entered promiscuous mode
[  749.148287][T18016] team0: entered allmulticast mode
[  749.192508][T18016] team_slave_0: entered allmulticast mode
[  749.216243][T18016] team_slave_1: entered allmulticast mode
[  750.276817][T18027] FAULT_INJECTION: forcing a failure.
[  750.276817][T18027] name failslab, interval 1, probability 0, space 0, times 0
[  750.330862][T18027] CPU: 1 UID: 0 PID: 18027 Comm: syz.4.4502 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  750.330898][T18027] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  750.330906][T18027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  750.330917][T18027] Call Trace:
[  750.330924][T18027]  <TASK>
[  750.330932][T18027]  dump_stack_lvl+0x16c/0x1f0
[  750.330965][T18027]  should_fail_ex+0x512/0x640
[  750.330984][T18027]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  750.331009][T18027]  should_failslab+0xc2/0x120
[  750.331032][T18027]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  750.331051][T18027]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  750.331071][T18027]  ? fuse_request_alloc+0x22/0x200
[  750.331101][T18027]  fuse_request_alloc+0x22/0x200
[  750.331128][T18027]  fuse_get_req+0x748/0xfd0
[  750.331150][T18027]  ? __pfx_fuse_get_req+0x10/0x10
[  750.331177][T18027]  fuse_simple_background+0x464/0x5f0
[  750.331194][T18027]  ? kasan_save_track+0x14/0x30
[  750.331216][T18027]  cuse_channel_open+0x561/0x7f0
[  750.331237][T18027]  ? __pfx_cuse_channel_open+0x10/0x10
[  750.331259][T18027]  misc_open+0x35a/0x420
[  750.331283][T18027]  ? __pfx_misc_open+0x10/0x10
[  750.331305][T18027]  chrdev_open+0x231/0x6a0
[  750.331327][T18027]  ? __pfx_apparmor_file_open+0x10/0x10
[  750.331347][T18027]  ? __pfx_chrdev_open+0x10/0x10
[  750.331370][T18027]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  750.331394][T18027]  do_dentry_open+0x982/0x1530
[  750.331416][T18027]  ? __pfx_chrdev_open+0x10/0x10
[  750.331442][T18027]  vfs_open+0x82/0x3f0
[  750.331469][T18027]  path_openat+0x1de4/0x2cb0
[  750.331496][T18027]  ? __pfx_path_openat+0x10/0x10
[  750.331532][T18027]  do_filp_open+0x20b/0x470
[  750.331553][T18027]  ? __pfx_do_filp_open+0x10/0x10
[  750.331594][T18027]  ? alloc_fd+0x471/0x7d0
[  750.331619][T18027]  do_sys_openat2+0x11b/0x1d0
[  750.331645][T18027]  ? __pfx_do_sys_openat2+0x10/0x10
[  750.331679][T18027]  __x64_sys_openat+0x174/0x210
[  750.331706][T18027]  ? __pfx___x64_sys_openat+0x10/0x10
[  750.331741][T18027]  do_syscall_64+0xcd/0x490
[  750.331770][T18027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  750.331788][T18027] RIP: 0033:0x7f8e49f8eb69
[  750.331804][T18027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  750.331822][T18027] RSP: 002b:00007f8e4ae5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  750.331840][T18027] RAX: ffffffffffffffda RBX: 00007f8e4a1b5fa0 RCX: 00007f8e49f8eb69
[  750.331852][T18027] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  750.331864][T18027] RBP: 00007f8e4a011df1 R08: 0000000000000000 R09: 0000000000000000
[  750.331875][T18027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  750.331885][T18027] R13: 0000000000000000 R14: 00007f8e4a1b5fa0 R15: 00007fffc4a53cf8
[  750.331907][T18027]  </TASK>
[  750.667451][T18037] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4504'.
[  751.373471][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  751.388552][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  752.353917][T18071] netlink: 326 bytes leftover after parsing attributes in process `syz.1.4517'.
[  753.335804][T18094] kvm: user requested TSC rate below hardware speed
[  753.554617][T18099] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4528'.
[  753.610470][T18099] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4528'.
[  753.853699][T18103] FAULT_INJECTION: forcing a failure.
[  753.853699][T18103] name failslab, interval 1, probability 0, space 0, times 0
[  753.884764][T18105] FAULT_INJECTION: forcing a failure.
[  753.884764][T18105] name failslab, interval 1, probability 0, space 0, times 0
[  753.928138][T18103] CPU: 1 UID: 0 PID: 18103 Comm: syz.5.4530 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  753.928174][T18103] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  753.928182][T18103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  753.928193][T18103] Call Trace:
[  753.928199][T18103]  <TASK>
[  753.928207][T18103]  dump_stack_lvl+0x16c/0x1f0
[  753.928238][T18103]  should_fail_ex+0x512/0x640
[  753.928257][T18103]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  753.928278][T18103]  should_failslab+0xc2/0x120
[  753.928302][T18103]  __kmalloc_cache_noprof+0x6a/0x3e0
[  753.928320][T18103]  ? rtnl_newlink+0x11b/0x2000
[  753.928340][T18103]  ? __pfx_rtnl_newlink+0x10/0x10
[  753.928355][T18103]  rtnl_newlink+0x11b/0x2000
[  753.928377][T18103]  ? __pfx_rtnl_newlink+0x10/0x10
[  753.928393][T18103]  ? kasan_quarantine_put+0x10a/0x240
[  753.928412][T18103]  ? lockdep_hardirqs_on+0x7c/0x110
[  753.928440][T18103]  ? kmem_cache_free+0x2d1/0x4d0
[  753.928459][T18103]  ? kfree_skbmem+0x1a4/0x1f0
[  753.928485][T18103]  ? __lock_acquire+0x62e/0x1ce0
[  753.928510][T18103]  ? rcu_is_watching+0x12/0xc0
[  753.928527][T18103]  ? trace_cap_capable+0x18d/0x200
[  753.928559][T18103]  ? find_held_lock+0x2b/0x80
[  753.928575][T18103]  ? __pfx_rtnl_newlink+0x10/0x10
[  753.928590][T18103]  ? __pfx_rtnl_newlink+0x10/0x10
[  753.928605][T18103]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  753.928622][T18103]  ? __pfx_rtnl_newlink+0x10/0x10
[  753.928639][T18103]  rtnetlink_rcv_msg+0x95b/0xe90
[  753.928657][T18103]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  753.928688][T18103]  ? ref_tracker_free+0x37c/0x830
[  753.928709][T18103]  netlink_rcv_skb+0x158/0x420
[  753.928736][T18103]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  753.928755][T18103]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  753.928789][T18103]  ? netlink_deliver_tap+0x1ae/0xd30
[  753.928819][T18103]  netlink_unicast+0x5a7/0x870
[  753.928849][T18103]  ? __pfx_netlink_unicast+0x10/0x10
[  753.928877][T18103]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  753.928910][T18103]  netlink_sendmsg+0x8d1/0xdd0
[  753.928942][T18103]  ? __pfx_netlink_sendmsg+0x10/0x10
[  753.928978][T18103]  __sys_sendto+0x4a3/0x520
[  753.929002][T18103]  ? __pfx___sys_sendto+0x10/0x10
[  753.929032][T18103]  ? find_held_lock+0x2b/0x80
[  753.929064][T18103]  __x64_sys_sendto+0xe0/0x1c0
[  753.929087][T18103]  ? do_syscall_64+0x91/0x490
[  753.929112][T18103]  ? lockdep_hardirqs_on+0x7c/0x110
[  753.929137][T18103]  do_syscall_64+0xcd/0x490
[  753.929166][T18103]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  753.929184][T18103] RIP: 0033:0x7fd1e9d909fc
[  753.929199][T18103] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  753.929217][T18103] RSP: 002b:00007fd1eaba1ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  753.929236][T18103] RAX: ffffffffffffffda RBX: 00007fd1eaba1fc0 RCX: 00007fd1e9d909fc
[  753.929247][T18103] RDX: 000000000000001c RSI: 00007fd1eaba2010 RDI: 0000000000000003
[  753.929258][T18103] RBP: 0000000000000000 R08: 00007fd1eaba1f14 R09: 000000000000000c
[  753.929269][T18103] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  753.929279][T18103] R13: 00007fd1eaba1f68 R14: 00007fd1eaba2010 R15: 0000000000000000
[  753.929300][T18103]  </TASK>
[  754.591318][T18105] CPU: 1 UID: 0 PID: 18105 Comm: syz.1.4531 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  754.591354][T18105] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  754.591363][T18105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  754.591373][T18105] Call Trace:
[  754.591380][T18105]  <TASK>
[  754.591388][T18105]  dump_stack_lvl+0x16c/0x1f0
[  754.591420][T18105]  should_fail_ex+0x512/0x640
[  754.591438][T18105]  ? fs_reclaim_acquire+0xae/0x150
[  754.591474][T18105]  should_failslab+0xc2/0x120
[  754.591498][T18105]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  754.591520][T18105]  ? jbd2__journal_start+0x193/0x6a0
[  754.591552][T18105]  jbd2__journal_start+0x193/0x6a0
[  754.591583][T18105]  __ext4_journal_start_sb+0x195/0x690
[  754.591606][T18105]  ? ext4_punch_hole+0x77e/0x1080
[  754.591632][T18105]  ext4_punch_hole+0x77e/0x1080
[  754.591662][T18105]  ext4_fallocate+0x22d7/0x37a0
[  754.591695][T18105]  ? __pfx_ext4_fallocate+0x10/0x10
[  754.591720][T18105]  vfs_fallocate+0x5b1/0x10e0
[  754.591744][T18105]  ? __pfx_vfs_fallocate+0x10/0x10
[  754.591765][T18105]  ? madvise_vma_behavior+0x2881/0x2c50
[  754.591790][T18105]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  754.591819][T18105]  madvise_vma_behavior+0x2839/0x2c50
[  754.591847][T18105]  ? mas_prev_setup.constprop.0+0xb6/0x9d0
[  754.591874][T18105]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  754.591901][T18105]  ? __pfx_mas_prev+0x10/0x10
[  754.591932][T18105]  ? find_vma_prev+0xda/0x160
[  754.591956][T18105]  ? find_held_lock+0x2b/0x80
[  754.591973][T18105]  ? __pfx_find_vma_prev+0x10/0x10
[  754.591997][T18105]  ? futex_unqueue+0x133/0x2c0
[  754.592024][T18105]  ? __futex_wait+0x24c/0x2f0
[  754.592053][T18105]  madvise_walk_vmas+0x31f/0x9c0
[  754.592081][T18105]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  754.592113][T18105]  madvise_do_behavior+0x1e2/0x530
[  754.592137][T18105]  ? futex_private_hash_put+0x18a/0x300
[  754.592158][T18105]  ? __pfx_madvise_do_behavior+0x10/0x10
[  754.592185][T18105]  ? down_read+0x13d/0x480
[  754.592212][T18105]  do_madvise+0x176/0x240
[  754.592236][T18105]  ? __pfx_do_madvise+0x10/0x10
[  754.592259][T18105]  ? do_futex+0x122/0x350
[  754.592296][T18105]  ? xfd_validate_state+0x61/0x180
[  754.592327][T18105]  __x64_sys_madvise+0xa9/0x110
[  754.592351][T18105]  ? lockdep_hardirqs_on+0x7c/0x110
[  754.592376][T18105]  do_syscall_64+0xcd/0x490
[  754.592405][T18105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  754.592423][T18105] RIP: 0033:0x7f1b7258eb69
[  754.592439][T18105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  754.592464][T18105] RSP: 002b:00007f1b733b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  754.592482][T18105] RAX: ffffffffffffffda RBX: 00007f1b727b5fa0 RCX: 00007f1b7258eb69
[  754.592494][T18105] RDX: 0000000000000009 RSI: 00000000000031ca RDI: 000000110c230000
[  754.592505][T18105] RBP: 00007f1b72611df1 R08: 0000000000000000 R09: 0000000000000000
[  754.592516][T18105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  754.592527][T18105] R13: 0000000000000000 R14: 00007f1b727b5fa0 R15: 00007ffeac56c1a8
[  754.592550][T18105]  </TASK>
[  754.592560][T18105] EXT4-fs error (device sda1) in ext4_punch_hole:4467: Out of memory
[  755.065028][T18109] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4532'.
[  755.086169][T18108] FAULT_INJECTION: forcing a failure.
[  755.086169][T18108] name failslab, interval 1, probability 0, space 0, times 0
[  755.160067][T18108] CPU: 1 UID: 0 PID: 18108 Comm: syz.4.4533 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  755.160104][T18108] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  755.160111][T18108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  755.160122][T18108] Call Trace:
[  755.160129][T18108]  <TASK>
[  755.160136][T18108]  dump_stack_lvl+0x16c/0x1f0
[  755.160167][T18108]  should_fail_ex+0x512/0x640
[  755.160185][T18108]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  755.160210][T18108]  should_failslab+0xc2/0x120
[  755.160233][T18108]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  755.160254][T18108]  ? __kernfs_new_node+0xd2/0x8e0
[  755.160279][T18108]  __kernfs_new_node+0xd2/0x8e0
[  755.160304][T18108]  ? __pfx___kernfs_new_node+0x10/0x10
[  755.160332][T18108]  ? find_held_lock+0x2b/0x80
[  755.160350][T18108]  ? kernfs_root+0xee/0x2a0
[  755.160376][T18108]  kernfs_new_node+0x13c/0x1e0
[  755.160403][T18108]  ? current_in_userns+0x190/0x190
[  755.160431][T18108]  __kernfs_create_file+0x53/0x350
[  755.160452][T18108]  sysfs_add_file_mode_ns+0x207/0x3c0
[  755.160479][T18108]  internal_create_group+0x578/0xf30
[  755.160505][T18108]  ? kobject_init_and_add+0x123/0x190
[  755.160524][T18108]  ? __pfx_internal_create_group+0x10/0x10
[  755.160545][T18108]  ? __pfx_kobject_init_and_add+0x10/0x10
[  755.160563][T18108]  ? __x64_sys_ioctl+0x18b/0x210
[  755.160597][T18108]  internal_create_groups+0x9d/0x150
[  755.160622][T18108]  netdev_queue_update_kobjects+0x115/0x720
[  755.160657][T18108]  netdev_register_kobject+0x2b3/0x3d0
[  755.160679][T18108]  register_netdevice+0x13dc/0x2270
[  755.160701][T18108]  ? __pfx_register_netdevice+0x10/0x10
[  755.160726][T18108]  ppp_dev_configure+0xa1e/0xd40
[  755.160760][T18108]  ppp_ioctl+0x17e0/0x2660
[  755.160780][T18108]  ? find_held_lock+0x2b/0x80
[  755.160797][T18108]  ? __pfx_ppp_ioctl+0x10/0x10
[  755.160818][T18108]  ? __fget_files+0x20e/0x3c0
[  755.160840][T18108]  ? __pfx_ppp_ioctl+0x10/0x10
[  755.160859][T18108]  __x64_sys_ioctl+0x18b/0x210
[  755.160887][T18108]  do_syscall_64+0xcd/0x490
[  755.160915][T18108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  755.160934][T18108] RIP: 0033:0x7f8e49f8eb69
[  755.160950][T18108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  755.160967][T18108] RSP: 002b:00007f8e4ae5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  755.160985][T18108] RAX: ffffffffffffffda RBX: 00007f8e4a1b5fa0 RCX: 00007f8e49f8eb69
[  755.160997][T18108] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000005
[  755.161008][T18108] RBP: 00007f8e4a011df1 R08: 0000000000000000 R09: 0000000000000000
[  755.161018][T18108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  755.161029][T18108] R13: 0000000000000000 R14: 00007f8e4a1b5fa0 R15: 00007fffc4a53cf8
[  755.161051][T18108]  </TASK>
[  757.799850][T18143] FAULT_INJECTION: forcing a failure.
[  757.799850][T18143] name failslab, interval 1, probability 0, space 0, times 0
[  757.880058][T18143] CPU: 1 UID: 0 PID: 18143 Comm: syz.5.4545 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  757.880093][T18143] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  757.880101][T18143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  757.880114][T18143] Call Trace:
[  757.880121][T18143]  <TASK>
[  757.880129][T18143]  dump_stack_lvl+0x16c/0x1f0
[  757.880162][T18143]  should_fail_ex+0x512/0x640
[  757.880180][T18143]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  757.880202][T18143]  should_failslab+0xc2/0x120
[  757.880225][T18143]  __kmalloc_cache_noprof+0x6a/0x3e0
[  757.880244][T18143]  ? do_kimage_alloc_init+0x40/0x350
[  757.880276][T18143]  do_kimage_alloc_init+0x40/0x350
[  757.880304][T18143]  do_kexec_load+0x1fd/0x8d0
[  757.880323][T18143]  ? __pfx_do_kexec_load+0x10/0x10
[  757.880344][T18143]  ? _copy_from_user+0x59/0xd0
[  757.880368][T18143]  __x64_sys_kexec_load+0x1bf/0x230
[  757.880388][T18143]  do_syscall_64+0xcd/0x490
[  757.880416][T18143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  757.880434][T18143] RIP: 0033:0x7fd1e9d8eb69
[  757.880449][T18143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  757.880467][T18143] RSP: 002b:00007fd1eaba3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  757.880485][T18143] RAX: ffffffffffffffda RBX: 00007fd1e9fb5fa0 RCX: 00007fd1e9d8eb69
[  757.880497][T18143] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000005
[  757.880508][T18143] RBP: 00007fd1e9e11df1 R08: 0000000000000000 R09: 0000000000000000
[  757.880519][T18143] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  757.880529][T18143] R13: 0000000000000000 R14: 00007fd1e9fb5fa0 R15: 00007ffe422c6658
[  757.880552][T18143]  </TASK>
[  758.836393][T18154] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4551'.
[  762.681875][T18226] netlink: 342 bytes leftover after parsing attributes in process `syz.4.4574'.
[  762.745733][T18226] netlink: 'syz.4.4574': attribute type 3 has an invalid length.
[  762.795772][T18226] netlink: 154 bytes leftover after parsing attributes in process `syz.4.4574'.
[  762.932699][T18233] FAULT_INJECTION: forcing a failure.
[  762.932699][T18233] name failslab, interval 1, probability 0, space 0, times 0
[  763.011772][T18233] CPU: 1 UID: 0 PID: 18233 Comm: syz.2.4577 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  763.011807][T18233] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  763.011815][T18233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  763.011825][T18233] Call Trace:
[  763.011832][T18233]  <TASK>
[  763.011839][T18233]  dump_stack_lvl+0x16c/0x1f0
[  763.011870][T18233]  should_fail_ex+0x512/0x640
[  763.011888][T18233]  ? __kvmalloc_node_noprof+0x124/0x620
[  763.011911][T18233]  should_failslab+0xc2/0x120
[  763.011935][T18233]  __kvmalloc_node_noprof+0x137/0x620
[  763.011954][T18233]  ? __pfx___debug_object_init+0x10/0x10
[  763.011978][T18233]  ? bucket_table_alloc.isra.0+0x83/0x460
[  763.012001][T18233]  ? bucket_table_alloc.isra.0+0x83/0x460
[  763.012019][T18233]  bucket_table_alloc.isra.0+0x83/0x460
[  763.012041][T18233]  rhashtable_init_noprof+0x41a/0x7e0
[  763.012058][T18233]  ? __init_waitqueue_head+0xca/0x150
[  763.012089][T18233]  rhltable_init_noprof+0x20/0x60
[  763.012107][T18233]  sta_info_init+0x27/0x160
[  763.012132][T18233]  ieee80211_alloc_hw_nm+0x840/0x2260
[  763.012159][T18233]  ? __local_bh_enable_ip+0xa4/0x120
[  763.012183][T18233]  mac80211_hwsim_new_radio+0x1d4/0x54d0
[  763.012217][T18233]  ? __asan_memset+0x23/0x50
[  763.012235][T18233]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  763.012264][T18233]  hwsim_new_radio_nl+0xb51/0x12c0
[  763.012289][T18233]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  763.012318][T18233]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  763.012339][T18233]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  763.012364][T18233]  genl_family_rcv_msg_doit+0x209/0x2f0
[  763.012385][T18233]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  763.012405][T18233]  ? trace_cap_capable+0x18d/0x200
[  763.012437][T18233]  ? bpf_lsm_capable+0x9/0x10
[  763.012453][T18233]  ? security_capable+0x7e/0x260
[  763.012479][T18233]  ? ns_capable+0xd7/0x110
[  763.012500][T18233]  genl_rcv_msg+0x55c/0x800
[  763.012521][T18233]  ? __pfx_genl_rcv_msg+0x10/0x10
[  763.012541][T18233]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  763.012574][T18233]  ? __lock_acquire+0x62e/0x1ce0
[  763.012601][T18233]  netlink_rcv_skb+0x158/0x420
[  763.012630][T18233]  ? __pfx_genl_rcv_msg+0x10/0x10
[  763.012650][T18233]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  763.012688][T18233]  ? netlink_deliver_tap+0x1ae/0xd30
[  763.012714][T18233]  ? is_vmalloc_addr+0x86/0xa0
[  763.012736][T18233]  genl_rcv+0x28/0x40
[  763.012752][T18233]  netlink_unicast+0x5a7/0x870
[  763.012783][T18233]  ? __pfx_netlink_unicast+0x10/0x10
[  763.012816][T18233]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  763.012841][T18233]  ? __lock_acquire+0xb97/0x1ce0
[  763.012870][T18233]  netlink_sendmsg+0x8d1/0xdd0
[  763.012901][T18233]  ? __pfx_netlink_sendmsg+0x10/0x10
[  763.012938][T18233]  ____sys_sendmsg+0xa95/0xc70
[  763.012959][T18233]  ? copy_msghdr_from_user+0x10a/0x160
[  763.012986][T18233]  ? __pfx_____sys_sendmsg+0x10/0x10
[  763.013016][T18233]  ___sys_sendmsg+0x134/0x1d0
[  763.013045][T18233]  ? __pfx____sys_sendmsg+0x10/0x10
[  763.013101][T18233]  __sys_sendmsg+0x16d/0x220
[  763.013128][T18233]  ? __pfx___sys_sendmsg+0x10/0x10
[  763.013155][T18233]  ? __x64_sys_futex+0x1e0/0x4c0
[  763.013194][T18233]  do_syscall_64+0xcd/0x490
[  763.013222][T18233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  763.013241][T18233] RIP: 0033:0x7f1ddcd8eb69
[  763.013256][T18233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  763.013275][T18233] RSP: 002b:00007f1dddbb8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  763.013293][T18233] RAX: ffffffffffffffda RBX: 00007f1ddcfb5fa0 RCX: 00007f1ddcd8eb69
[  763.013305][T18233] RDX: 0000000004048000 RSI: 0000200000004240 RDI: 0000000000000003
[  763.013316][T18233] RBP: 00007f1ddce11df1 R08: 0000000000000000 R09: 0000000000000000
[  763.013327][T18233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  763.013337][T18233] R13: 0000000000000000 R14: 00007f1ddcfb5fa0 R15: 00007ffc15333f98
[  763.013360][T18233]  </TASK>
[  764.597728][T18254] FAULT_INJECTION: forcing a failure.
[  764.597728][T18254] name failslab, interval 1, probability 0, space 0, times 0
[  764.658971][T18254] CPU: 1 UID: 0 PID: 18254 Comm: syz.5.4586 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  764.659008][T18254] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  764.659016][T18254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  764.659026][T18254] Call Trace:
[  764.659033][T18254]  <TASK>
[  764.659040][T18254]  dump_stack_lvl+0x16c/0x1f0
[  764.659072][T18254]  should_fail_ex+0x512/0x640
[  764.659091][T18254]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  764.659116][T18254]  should_failslab+0xc2/0x120
[  764.659140][T18254]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  764.659161][T18254]  ? dup_fd+0x4e/0xb90
[  764.659183][T18254]  ? do_futex+0x122/0x350
[  764.659212][T18254]  dup_fd+0x4e/0xb90
[  764.659230][T18254]  ? _raw_spin_unlock+0x28/0x50
[  764.659252][T18254]  ? do_set_mempolicy+0x220/0x480
[  764.659281][T18254]  __do_sys_close_range+0x4ca/0x730
[  764.659304][T18254]  ? __pfx___do_sys_close_range+0x10/0x10
[  764.659332][T18254]  do_syscall_64+0xcd/0x490
[  764.659360][T18254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  764.659378][T18254] RIP: 0033:0x7fd1e9d8eb69
[  764.659394][T18254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  764.659412][T18254] RSP: 002b:00007fd1eaba3038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  764.659430][T18254] RAX: ffffffffffffffda RBX: 00007fd1e9fb5fa0 RCX: 00007fd1e9d8eb69
[  764.659443][T18254] RDX: 0000000000000002 RSI: fffffffffffff000 RDI: 0000000000000000
[  764.659455][T18254] RBP: 00007fd1e9e11df1 R08: 0000000000000000 R09: 0000000000000000
[  764.659466][T18254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  764.659477][T18254] R13: 0000000000000000 R14: 00007fd1e9fb5fa0 R15: 00007ffe422c6658
[  764.659500][T18254]  </TASK>
[  766.441731][T18289] kvm: user requested TSC rate below hardware speed
[  766.917733][T18299] netlink: 350 bytes leftover after parsing attributes in process `syz.2.4602'.
[  767.284994][T18309] netlink: 302 bytes leftover after parsing attributes in process `syz.2.4606'.
[  767.565053][T18316] ==================================================================
[  767.573219][T18316] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0
[  767.581246][T18316] Read of size 8 at addr ffff8881432f1818 by task syz.2.4609/18316
[  767.589242][T18316] 
[  767.591843][T18316] CPU: 1 UID: 0 PID: 18316 Comm: syz.2.4609 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  767.591879][T18316] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  767.591888][T18316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  767.591900][T18316] Call Trace:
[  767.591909][T18316]  <TASK>
[  767.591918][T18316]  dump_stack_lvl+0x116/0x1f0
[  767.591950][T18316]  print_report+0xcd/0x630
[  767.591972][T18316]  ? __virt_addr_valid+0x81/0x610
[  767.591994][T18316]  ? __phys_addr+0xe8/0x180
[  767.592016][T18316]  ? dvb_device_open+0x36a/0x3b0
[  767.592033][T18316]  kasan_report+0xe0/0x110
[  767.592056][T18316]  ? dvb_device_open+0x36a/0x3b0
[  767.592073][T18316]  ? __pfx_dvb_device_open+0x10/0x10
[  767.592090][T18316]  dvb_device_open+0x36a/0x3b0
[  767.592107][T18316]  ? __pfx_dvb_device_open+0x10/0x10
[  767.592123][T18316]  chrdev_open+0x231/0x6a0
[  767.592145][T18316]  ? __pfx_apparmor_file_open+0x10/0x10
[  767.592165][T18316]  ? __pfx_chrdev_open+0x10/0x10
[  767.592187][T18316]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  767.592210][T18316]  do_dentry_open+0x982/0x1530
[  767.592231][T18316]  ? __pfx_chrdev_open+0x10/0x10
[  767.592265][T18316]  vfs_open+0x82/0x3f0
[  767.592290][T18316]  path_openat+0x1de4/0x2cb0
[  767.592313][T18316]  ? __pfx_path_openat+0x10/0x10
[  767.592335][T18316]  do_filp_open+0x20b/0x470
[  767.592355][T18316]  ? __pfx_do_filp_open+0x10/0x10
[  767.592382][T18316]  ? alloc_fd+0x471/0x7d0
[  767.592403][T18316]  do_sys_openat2+0x11b/0x1d0
[  767.592428][T18316]  ? __pfx_do_sys_openat2+0x10/0x10
[  767.592458][T18316]  __x64_sys_openat+0x174/0x210
[  767.592484][T18316]  ? __pfx___x64_sys_openat+0x10/0x10
[  767.592514][T18316]  do_syscall_64+0xcd/0x490
[  767.592541][T18316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  767.592559][T18316] RIP: 0033:0x7f1ddcd8eb69
[  767.592576][T18316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  767.592594][T18316] RSP: 002b:00007f1dddbb8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  767.592611][T18316] RAX: ffffffffffffffda RBX: 00007f1ddcfb5fa0 RCX: 00007f1ddcd8eb69
[  767.592623][T18316] RDX: 0000000000000001 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  767.592635][T18316] RBP: 00007f1ddce11df1 R08: 0000000000000000 R09: 0000000000000000
[  767.592645][T18316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  767.592656][T18316] R13: 0000000000000000 R14: 00007f1ddcfb5fa0 R15: 00007ffc15333f98
[  767.592672][T18316]  </TASK>
[  767.592678][T18316] 
[  767.845305][T18316] Allocated by task 18264:
[  767.849720][T18316]  kasan_save_stack+0x33/0x60
[  767.854401][T18316]  kasan_save_track+0x14/0x30
[  767.859268][T18316]  __kasan_kmalloc+0xaa/0xb0
[  767.863858][T18316]  __kvmalloc_node_noprof+0x27b/0x620
[  767.869339][T18316]  io_alloc_cache_init+0x33/0x170
[  767.874484][T18316]  io_uring_setup+0x5e1/0x2080
[  767.879388][T18316]  __x64_sys_io_uring_setup+0xc2/0x170
[  767.885047][T18316]  do_syscall_64+0xcd/0x490
[  767.889579][T18316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  767.895499][T18316] 
[  767.897817][T18316] Freed by task 772:
[  767.901702][T18316]  kasan_save_stack+0x33/0x60
[  767.906481][T18316]  kasan_save_track+0x14/0x30
[  767.911263][T18316]  kasan_save_free_info+0x3b/0x60
[  767.916318][T18316]  __kasan_slab_free+0x51/0x70
[  767.921116][T18316]  kfree+0x2b4/0x4d0
[  767.925030][T18316]  io_alloc_cache_free+0x1eb/0x2e0
[  767.930159][T18316]  io_free_alloc_caches+0x1c/0x80
[  767.935201][T18316]  io_ring_exit_work+0x7d8/0x10a0
[  767.940229][T18316]  process_one_work+0x9cf/0x1b70
[  767.945280][T18316]  worker_thread+0x6c8/0xf10
[  767.949904][T18316]  kthread+0x3c2/0x780
[  767.953997][T18316]  ret_from_fork+0x5d4/0x6f0
[  767.958686][T18316]  ret_from_fork_asm+0x1a/0x30
[  767.963466][T18316] 
[  767.965900][T18316] The buggy address belongs to the object at ffff8881432f1800
[  767.965900][T18316]  which belongs to the cache kmalloc-256 of size 256
[  767.980154][T18316] The buggy address is located 24 bytes inside of
[  767.980154][T18316]  freed 256-byte region [ffff8881432f1800, ffff8881432f1900)
[  767.993886][T18316] 
[  767.996215][T18316] The buggy address belongs to the physical page:
[  768.002814][T18316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1432f0
[  768.011903][T18316] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  768.020966][T18316] ksm flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[  768.028954][T18316] page_type: f5(slab)
[  768.033161][T18316] raw: 057ff00000000040 ffff88801b841b40 ffffea0001f9a500 0000000000000003
[  768.041831][T18316] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  768.050421][T18316] head: 057ff00000000040 ffff88801b841b40 ffffea0001f9a500 0000000000000003
[  768.059087][T18316] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  768.067941][T18316] head: 057ff00000000001 ffffea00050cbc01 00000000ffffffff 00000000ffffffff
[  768.076719][T18316] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  768.085479][T18316] page dumped because: kasan: bad access detected
[  768.092085][T18316] page_owner tracks the page as allocated
[  768.098066][T18316] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 23487928810, free_ts 0
[  768.118363][T18316]  post_alloc_hook+0x1c0/0x230
[  768.123144][T18316]  get_page_from_freelist+0x132b/0x38e0
[  768.128704][T18316]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  768.134633][T18316]  alloc_pages_mpol+0x1fb/0x550
[  768.139544][T18316]  new_slab+0x247/0x330
[  768.143715][T18316]  ___slab_alloc+0xcf2/0x1740
[  768.148691][T18316]  __slab_alloc.constprop.0+0x56/0xb0
[  768.154084][T18316]  __kmalloc_cache_noprof+0xfb/0x3e0
[  768.159570][T18316]  bus_add_driver+0x92/0x690
[  768.164438][T18316]  driver_register+0x15c/0x4b0
[  768.169209][T18316]  usb_register_driver+0x216/0x4d0
[  768.174437][T18316]  do_one_initcall+0x120/0x6e0
[  768.179446][T18316]  kernel_init_freeable+0x5c2/0x900
[  768.184659][T18316]  kernel_init+0x1c/0x2b0
[  768.189102][T18316]  ret_from_fork+0x5d4/0x6f0
[  768.193799][T18316]  ret_from_fork_asm+0x1a/0x30
[  768.198615][T18316] page_owner free stack trace missing
[  768.204084][T18316] 
[  768.206410][T18316] Memory state around the buggy address:
[  768.212031][T18316]  ffff8881432f1700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  768.220089][T18316]  ffff8881432f1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  768.228254][T18316] >ffff8881432f1800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  768.236318][T18316]                             ^
[  768.241166][T18316]  ffff8881432f1880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  768.249397][T18316]  ffff8881432f1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  768.257447][T18316] ==================================================================
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  770.961767][   T36] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  771.108992][   T36] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  771.128045][T18316] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  771.135375][T18316] CPU: 1 UID: 0 PID: 18316 Comm: syz.2.4609 Tainted: G     U    I         6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  771.148684][T18316] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  771.154665][T18316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  771.164925][T18316] Call Trace:
[  771.168291][T18316]  <TASK>
[  771.171314][T18316]  dump_stack_lvl+0x3d/0x1f0
[  771.175940][T18316]  vpanic+0x6a3/0x780
[  771.179951][T18316]  ? __pfx_vpanic+0x10/0x10
[  771.184558][T18316]  ? __pfx_vprintk_emit+0x10/0x10
[  771.189702][T18316]  ? dvb_device_open+0x36a/0x3b0
[  771.194792][T18316]  panic+0xca/0xd0
[  771.198551][T18316]  ? __pfx_panic+0x10/0x10
[  771.203313][T18316]  ? dvb_device_open+0x36a/0x3b0
[  771.208266][T18316]  ? preempt_schedule_common+0x44/0xc0
[  771.213959][T18316]  ? preempt_schedule_thunk+0x16/0x30
[  771.219378][T18316]  check_panic_on_warn+0xab/0xb0
[  771.224366][T18316]  end_report+0x107/0x170
[  771.228733][T18316]  kasan_report+0xee/0x110
[  771.233189][T18316]  ? dvb_device_open+0x36a/0x3b0
[  771.238270][T18316]  ? __pfx_dvb_device_open+0x10/0x10
[  771.243560][T18316]  dvb_device_open+0x36a/0x3b0
[  771.248477][T18316]  ? __pfx_dvb_device_open+0x10/0x10
[  771.253773][T18316]  chrdev_open+0x231/0x6a0
[  771.258284][T18316]  ? __pfx_apparmor_file_open+0x10/0x10
[  771.263828][T18316]  ? __pfx_chrdev_open+0x10/0x10
[  771.268858][T18316]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  771.275417][T18316]  do_dentry_open+0x982/0x1530
[  771.280209][T18316]  ? __pfx_chrdev_open+0x10/0x10
[  771.285153][T18316]  vfs_open+0x82/0x3f0
[  771.289261][T18316]  path_openat+0x1de4/0x2cb0
[  771.294029][T18316]  ? __pfx_path_openat+0x10/0x10
[  771.298989][T18316]  do_filp_open+0x20b/0x470
[  771.303713][T18316]  ? __pfx_do_filp_open+0x10/0x10
[  771.308957][T18316]  ? alloc_fd+0x471/0x7d0
[  771.313349][T18316]  do_sys_openat2+0x11b/0x1d0
[  771.318068][T18316]  ? __pfx_do_sys_openat2+0x10/0x10
[  771.323292][T18316]  __x64_sys_openat+0x174/0x210
[  771.328225][T18316]  ? __pfx___x64_sys_openat+0x10/0x10
[  771.333632][T18316]  do_syscall_64+0xcd/0x490
[  771.338341][T18316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  771.344276][T18316] RIP: 0033:0x7f1ddcd8eb69
[  771.349088][T18316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  771.368990][T18316] RSP: 002b:00007f1dddbb8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  771.377597][T18316] RAX: ffffffffffffffda RBX: 00007f1ddcfb5fa0 RCX: 00007f1ddcd8eb69
[  771.385585][T18316] RDX: 0000000000000001 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  771.393565][T18316] RBP: 00007f1ddce11df1 R08: 0000000000000000 R09: 0000000000000000
[  771.401541][T18316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  771.409697][T18316] R13: 0000000000000000 R14: 00007f1ddcfb5fa0 R15: 00007ffc15333f98
[  771.417778][T18316]  </TASK>
[  771.420863][T18316] Kernel Offset: disabled
[  771.425300][T18316] Rebooting in 86400 seconds..