last executing test programs:

10.77792194s ago: executing program 2 (id=2752):
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x5, 0x21ea, 0x7ff, 0x3, 0x9, 0x7, 0x2e}, 0x6f4)
bpf$auto(0x800000000000001a, 0xfffffffffffffffe, 0x0)
ioctl$auto_XFS_IOC_ALLOCSP64(0xffffffffffffffff, 0x40305824, &(0x7f0000000080)={0x3, 0x3, 0xffff, 0x9, 0x8, <r0=>0x0})
waitid$auto_P_PGID(0x2, r0, &(0x7f0000001280)={@siginfo_0_0={0x100, 0x8, 0x7f, @_sigfault={&(0x7f0000000100)="4069eacf89dceedccdf05f05820e5513370f10369bf09acb5c0c56191b2c3388b95c63f7182f4af3804372fb3f91a3180ac9de6f60661e4638f7a5ffe5a5a6e110434ab238e9692059f955577df44cc4f66b2ffdce9e2de6e1eb86af5bbd7ee55da86dbca369687274d11215d4618e8dbc1076e78f452db9f8af10490c25942051cc1c9fecb2a70b692ff4be4a5b8400498be71104c29c63fed6eda777209c8d31467419205ea395a3f49adf3b003b842c4b36f21c9b3d70af79aabe26c30d00d255042cdecbd167766b5dcfb857dcfa8d449987219361b6c08a3786a1024181a3707a1f82f776cc4b4dfcf01483696a520d91bbf08318ad6409e658957875612b7443b3772a331827bf7580004ebdec9f57145b80520135343ba42493b703c63cfd1e9d73506aae4e612cb18e753630f774f4dd18996cf9e17f603ce77b805e80cdd487ed2fb394ae3d306467c2619b72e61feb2ebe813180b338c09e6a07791edf12f8425ab937a8a33d22dcf979b20672f363179d57cd9868f2aba9999f4120c1d532b405af64e4abe2b935d28d04aa502e4b20a632547f5a61cd016623ec849862adde71dfc0f22410a9cfb6025ecc5f186cfc43f0d37d99c88be15d418f51a9cf491d8b557574e3423320609f95f21286cb9702e58ad4791b39fa07ffd890b2ef04b3e0452efbe601659277ed7d172cb9ebc0991a8d388897e43d1a640b97e16db7468f914b41912914e7464e74725a5391716b36b0dd70fe0abd73a8015f08738a8e3ce663725956917eaaf0a34ca8fc8f30670a84c4a1a551231c9fda15a3dfc9644cb05872b1f0274e7c137a3734c0fef9e0a60782115c9b722248a1055cb5a9c71c9b4e21dfb9bacef37e3e892e15aee8dc261543ffbc584f1081320f6a690b926191d7110a63313c4cb2aa0afe313598d34ce75c89aac85edbb49e48f403673489c68b4ed5b2dec24d2a1958b495314c0c58c0ac78d36b664e9c5f06391cbbd664b665a48faf9ced70eafda0c8905f8e4b454d25852d4f59b581f1610eb2727e3e0d4ebac93765957e08486378c3f4c650444404e88e78862f051ec48c46da4a632fbd82d367d2e4799e9156cdd48952830041c4eb5050d7f54720c97687325d43d2ac1b3a3fb6629a6d3545f990941ef0f3a7edaae0f794bf2c9413c6c87e87a73356d1c091b9d58d86f1e8a75ecf4c7cf914615809869fc3de3eee7ae838282cf9cec6f7915de92f0ee8f81ab836fbc952cf8ac6034d72d2baba3ca7cc89fe528b74766fb04bce864079a6044782a5ff5b725672474badbcab3377de861f654c67fa248ded118bbf77268467e03225b5bb473f86955049c9c749f86bacd78b05430064e99bb065df00a2d2fa9c33592d324fcd963a58358cb10bbf75fb45653daf29f9073e6221e7b92b428f5ad219b1938da91b9739ccb86b8de0c625a265a611366815925d2f888ed17edcf8421d3b36ac564a5e48302609ef3a2616f215a8f97424071f70b1778a393350421e3543cda726367439be6172fee735fe4375631eee8def10736e813d44c0cdb28818a1356cde68a5cfd33a981ed3565fa55fdec83aa68b6cf0ccee385098420c59a35fddd63ec5014fd091316ef06ca44672e22cc529e05882f7627606633837fdf009d750151cc1d4686d61561d85cdabce5657cd23479995c7c037e36838dd80ff0b53ea0c81285f33d3617c823910a84fc004dc26f9416444c80850780e1995b4b21a86ff2141eac0e712100c3c062f94ea04435931c877a5e836bb0af0aa9418b1250cb2a3cf9d3dd585022045f78f5ce03ce1625cfa5a87f7d1c34176f771aebe66bdaf3c80f9abcbe8940a9a97cea7d4a0db3c05e74bb81b24a9b8cb86a53d5af61ef9515679253269ec48e5c3c05d429287715e9c09b8c6aad676ab29c594baa823d71c6896a2739f01d007a7fcec475eb740453b8a4971cbefeba7dfb2295f1f8d26f6dc44e5140e01c620746a9c750bf8117e7c63e93ec777678000c33666891a6f0ad8ec4124f68acd2bb7bea42360a811a7d59761ef5f49fd7b551928c86bb9262ccd3858a6ff255e507006acf8da1ae19edf128f42bb5a963b6f0c71a1908ea32a46b337fe8344f8459718e83f2690f6b06c10710160b91454beab2ef05c5bb6a07c7534511bae9a900f10e080ac4a999fb55a5db5fc096a01771c4417277c68f8ad43234e40ca2eee4e8376f2becaa64aede6d9ac6eba8ea7cdf1fbd9246e72775e1dd86a27e31eb411ebe2ed84ef2638b37860df5eab7ca3b8dc71f0d03ba3099769c123548a9c9c4e8f6ba5f11138697a971f30441edec849c53823f4b5029e8e6cb053610615029af45a23d4449446678dbc704e4251093ea9ad6a1d322f86b83bc45b3cafac65c4762755541709807d466d7f68b7577fb4d060d9903e10b677a9d1fa0d329f5d21b5f7f1031145921c992691f798686baa136589cf18dfe3edafa4c0b0acc63b81e2ee9e67ba6ffcac3e16ad05e67d30428722bf903cacb884d57ed2577d3fe1008d0286be7fa24f3544356b3483e678100e1c336ab8ccc2ffe82ebe327e427baac7dd49f44e75aa5df10c2b9fb8d8488402359178beece835aecdebbd7bf694d762db001d7e9f3aee03050f2631d3c948299c08f93692f5d5f14de6e27ff0733215bcaed233979d631f6093e69501940efd4dd262a04eb963256307c54fb87697f19ad8fe30bbe9ea4787d5fc1ad29ba7d74f5042cd96ebbf8dbf255c962814c99bec3ff28e90cc8f70026e31b35ad62a5931cf792c34711620ba0d8138beff7ca017bf91d0844c40c11b9de9f8da7f0f4b15167e290821d702ae3592beb8dcd547897182e1965c47d6ee6b38182dc6feb84878b8d6c447e9ee620d37d3", @_addr_bnd={"001fb8cb0cf2dac4", &(0x7f0000001100)="b85b26dc039e68d8084f1d4080b6a4d6f78b6fb75bab773c19c78cf32ce0babf001fea1e450d1d0e6656a94c74db9bf2f3de766158f9d489bdb691b41a5e120e75fdcb69cec1d84c660926b282a7802410dfb21b6a163e9df5cbccbc7e3f537ecce6462405cc00d12c5d444393f26dae98f026a40dcca44680b76d0ac6166ed434df5aa2a5a1716cbf8fa07b0a942258b39426842dc6554088ce", &(0x7f00000011c0)="f17998f465d90cd9e87d1031427a0ca66dc813522f1d1b9708fadfa9ed107d34e85df15d04a8a56e6a367b0236d11be7d1a3861c6e75cf395d65c2d0c1bc2271da14bae94111bce1e96ebf23027b00e8e5860278ffe23eec1d8dab9b72381e13ad336c76adbc54e88f04ad5de147360061781d92d3b8739c1cb72f2248d6d3727c8a5b51bc81afd1cfbcf0ec0ea466"}}}}, 0x6, &(0x7f0000001300)={{0x4, 0x5}, {0x100000000, 0x3}, 0xb, 0x2, 0xc8, 0xfffffffeffffffff, 0x0, 0x7, 0xf0, 0x4, 0x8, 0xffffffffffffff51, 0x5, 0x8, 0x9, 0x3})
mmap$auto(0x0, 0x400008, 0xfffffffffffffffd, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/dev/cdrom/info\x00', 0x2000, 0x0)
read$auto(r1, 0x0, 0x1ff)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f00000013c0), 0x80000, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r3)
ioctl$auto_KVM_GET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0x2})

9.881483048s ago: executing program 2 (id=2755):
r0 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
kill$auto(r0, 0x400009)
pidfd_open$auto(r0, 0x0)
r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
seccomp$auto_SECCOMP_SET_MODE_FILTER(0x1, 0x9, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioperm$auto(0x7, 0x5ad2, 0x8)
modify_ldt$auto(0xc, 0x0, 0x100000000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyd1\x00', 0x40, 0x0)
mmap$auto(0xffffffff, 0x20009, 0x5, 0xeb1, 0x405, 0x8000)
openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
mmap$auto(0xffffffffffff5ed1, 0x400008, 0xdc, 0x17, r1, 0x6)
mincore$auto(0x1000, 0x8001, 0x0)
arch_prctl$auto(0x5001, 0x2)
umount2$auto(&(0x7f0000000500)='/proc/thread-self/ns/cgroup\x00', 0x8)
fcntl$auto(0x8000000000000001, 0x7, 0x8)
read$auto(r2, &(0x7f0000000000)='\'-\'\\(%\x00', 0x2)
clone$auto(0x402, 0xa, 0xfffffffffffffffe, 0xfffffffffffffffd, 0xffffffffffffffc0)
fcntl$auto(0xffffffffffffffff, 0x1, 0x8)
close_range$auto(0x2, 0x8, 0x0)
splice$auto(0x4, 0x0, 0x2, 0x0, 0x14000000000, 0xf)
r3 = socket(0xa, 0x2, 0x0)
setsockopt$auto(r3, 0x29, 0x12, 0x0, 0x56b)
r4 = fanotify_init$auto(0x5, 0x0)
fanotify_mark$auto(r4, 0x205, 0xe, 0x4, 0x0)

8.798145346s ago: executing program 3 (id=2757):
ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, 0x0)
bind$auto(0xffffffffffffffff, &(0x7f0000000080)=@l2={0x1f, 0x8, @any, 0x800, 0x2}, 0x80)
r0 = socket(0xa, 0x801, 0x84)
r1 = getpid()
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xfffffff2}, 0x6, 0x0)
setsockopt$auto(r0, 0x10000000084, 0x9, 0x0, 0x9c)

8.745876046s ago: executing program 0 (id=2758):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
socket(0x15, 0x5, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptybd\x00', 0x6202, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x3, 0x1, 0x2, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0xffffffffffffffff, 0x4, 0xfffffffffffffffe]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2b, 0x5, 0x1)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe735f26, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x7, 0xc461, 0x80, 0x6, 0x3, 0xfffffffffffffff2, 0x3, 0x1, 0x62, 0x80000022, 0x7, 0x6d42, 0x2000000004000009, 0x2, 0x6]}, 0x0)
mmap$auto(0xf87f, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0)
read$auto(r1, 0x0, 0x5)
r2 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy3/hwflags\x00', 0x40081, 0x0)
write$auto(r2, 0x0, 0x4)
ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000040)={0x6, 0x0})
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x0, 0x0)
quotactl_fd$auto(0x0, 0x80000201, 0x0, 0xfffffffffffffffd)

8.499892706s ago: executing program 2 (id=2761):
socket(0x1a, 0x1, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2b, 0x1, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
statx$auto(r1, 0x0, 0x6d7, 0x80000008, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mlock$auto(0x112, 0x80006)
mlockall$auto(0x800000000000005)
madvise$auto(0x0, 0x200007, 0x19)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)
getsockopt$auto_SO_TXREHASH(0xffffffffffffffff, 0xced5, 0x4a, &(0x7f00000001c0)='/\a\x00\x00\\\xf0p\xb5\x82\xc8\xaf\xd3\xf9\x00\x00\x00\x00\x00\xd7\x97\xd1\xa1\xae\x15\xe0\x1b\x87Q|6\xdeM1\xe7\xe2\x05\x9e9T\xedC\xcb\xfb^\x9d\x12n\n\b8\x13\xc5J\x13&\x10\x1a\x9fe\xf0I\xf0\xbf\x1cr\xaea\x10\x0061\x92\x9d\x94uJ\xa7\xc6,\xd2\xd8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf4\xbb\x9d`\a\x8e\x18\xc4WMV/\x94\x82u](\xb4\xfd\xd9\xac\x9a\x9e[\xc0\xc3\xf7\x98Q\xf3\xd9\x15y\xcc\x84\x0f\xe4L\x00\xcb\xf9\x95\xcf=\xe2\xa7\x8ah&?\xd0\xa0\x00\x00\x00', &(0x7f0000000180)=0x7)
socket(0xa, 0x5, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mincore$auto(0x1000, 0x8001, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x602, 0x1)
r3 = open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98)
fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r3, 0x0)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45)
fanotify_mark$auto(0x0, 0x451, 0xa, r4, 0x0)
open(&(0x7f0000000100)='.\x00', 0x0, 0x408)

8.455875691s ago: executing program 3 (id=2762):
ioctl$auto_TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, &(0x7f0000000200)={0x0, &(0x7f0000000000)={0xffff, 0x5, 0x7}})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000001f80), 0xffffffffffffffff)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x2003f0, 0x15)
r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x412100, 0x0)
r3 = socket(0xa, 0x5, 0x0)
pwrite64$auto(0xffffffffffffffff, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x00\rs\x1cJ\x99\x00:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x1)
close_range$auto(r2, 0xfffffffffffff000, 0xfffffffe)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'ip6_vti0\x00'})
r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x5)
ioctl$auto_VHOST_NET_SET_BACKEND(r4, 0x4008af30, &(0x7f0000000000)={0x6})
bpf$auto(0x40000000, &(0x7f0000000100)=@iter_create={r1, 0x81}, 0x96)
bpf$auto(0x18, &(0x7f0000000040)=@raw_tracepoint={0x0, 0xffffffffffffffff, 0x0, 0x800}, 0x92)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8fg\x1b\x04\xad>\x96\xe9IG\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\x00\x00\x00\x00\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xees\xf0\xc2\xad\xae\x99\xeb\xc5\xf0\"\x92\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6', 0x4, 0x0)
getcwd$auto(0x0, 0xffffffffffffffff)
fspick$auto(0xffffffffffffffff, 0x0, 0x6)
getsockopt$auto(r3, 0x84, 0x1d, 0x0, 0x0)
read$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffffff, &(0x7f0000000100)=""/153, 0x99)
madvise$auto(0x5, 0x81, 0x5)
getpid()
r5 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
read$auto(r5, 0x0, 0xb4d3)

5.955484719s ago: executing program 3 (id=2764):
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$auto(0x0, 0x4, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/numa/demotion_enabled\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000020c0)=""/4123, 0x8f8)
io_uring_setup$auto(0x4, &(0x7f0000000340)={0x5, 0x9, 0x8, 0x0, 0x0, 0x5, <r1=>r0, [0x2f5, 0x401, 0x5], {0x0, 0x0, 0x5, 0x215, 0x8001, 0x80, 0x9, 0x1000, 0xfffffffffffffc01}, {0xfffffff7, 0x1000, 0x7, 0xffc00000, 0x5, 0x72c8, 0xd9, 0x1, 0x6}})
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x4801, 0x0)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6erspan0\x00'})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'macvlan0\x00', <r2=>0x0})
ioctl$auto(0xc8, 0x400454d0, 0x5)
r3 = socket(0x10, 0x2, 0x0)
r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x40, 0x0)
pread64$auto(r1, &(0x7f0000000440)=']\x00', 0x862d, 0xffffffff)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r4, 0xc1105511, &(0x7f0000000300)={{@raw=0x1, 0xa, 0xf8, 0x4671, "a401d243991a4dc376cc2bd4dbe3040e3cff152230323227f8d6c24be7ceeed84366bbadec197ea40209a468", @raw}, 0x1ea, 0x81, 0x8000f35, @raw=0x8f10, @reserved="b2089ab0bbaab63c40853405fb772ade9448008d2d99560232dbb586cf8f11ca82a2ba37174118952b850ad2099d3a3bc1c77e916330e96e2989bebf719430efe8c9a59c9349eac701c2bbb3122607916561a6da1cfdfc5dc83f4cc979d6dbf96beb58d1f9042592b39ceed3193960c9a37975bc0153c5fce4d94f329d47f6d4", "2bb2d72b107f03a0ef0c6760e2e1fd64b8ae4a5be70b75810dfa4cc7182ed519d3613ea5b4243440fc9595b760cee784decb284ff015aa97d8f86dd61fd4f929"})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00'})
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000140)=ANY=[@ANYRESHEX=r2, @ANYRESOCT=r0, @ANYRES64=r4, @ANYBLOB="5d91294acadb6c55536634aca3ebb445e5ffeb16c13176f9410342855e6be20200000000000000d2a25b40342903cda908b470f1f1958114637e599342eefd65fcd4a2f92d6a2e3605c54d8aac9206e87faf9a9e78e00c3b870db574309d07159dee52a526bf698aa3a04e4a750efc7642fd30dc"], 0x24}, 0x1, 0x0, 0x0, 0x4048040}, 0x20004080)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'pim6reg1\x00'})
mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0)
socket(0xa, 0x3, 0x3b)
io_uring_setup$auto(0x6, 0x0)
socketpair$auto(0xc6, 0x3, 0xfff, &(0x7f0000000000)=0x1)
close_range$auto(0x2, 0x8, 0x0)
r5 = socket(0x1d, 0x3, 0x1)
sendmmsg$auto(r5, &(0x7f0000000340)={{&(0x7f0000000100), 0x6, &(0x7f0000000000)={0x0, 0xff}, 0x8, &(0x7f00000002c0), 0x1ff, 0x7}, 0x1000}, 0x2a08, 0x0)
r6 = socket(0x11, 0x3, 0x9)
close_range$auto(0x2, r6, 0x0)
socket(0x11, 0x80003, 0x300)

5.79308921s ago: executing program 1 (id=2765):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r0, 0x0, 0x7ff, 0x400)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
ioctl$auto(r1, 0x401, r2)
r3 = socket(0x2, 0x3, 0x100)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'ipvlan0\x00'})
socket(0x23, 0x80805, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0)
read$auto_vcs_fops_vc_screen(r4, &(0x7f0000000080)=""/238, 0xffffffe9)
r5 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$auto_nvram_misc_fops_nvram(r5, &(0x7f0000000080)=""/209, 0xd1)
ioctl$auto_NVRAM_INIT(r5, 0x7040, 0x0)
membarrier$auto(0x2, 0x0, 0x9)
prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4, 0xeb2, 0x401, 0x8000)
write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0)

5.52745264s ago: executing program 3 (id=2766):
r0 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/dynamic_events\x00', 0x80301, 0x0)
write$auto_dynamic_events_ops_trace_dynevent(r0, &(0x7f0000000040), 0x0) (async)
write$auto_dynamic_events_ops_trace_dynevent(r0, &(0x7f0000000040), 0x0)
socket(0xa, 0x3, 0x5)
setsockopt$auto(0x3, 0x29, 0x46, 0x0, 0x808) (async)
setsockopt$auto(0x3, 0x29, 0x46, 0x0, 0x808)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x2000040080000004, 0xe)
pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\xfc\x00\x06\x00\x06\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\x00\xff\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r1, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
shmdt$auto(0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r2, 0x0, 0x20) (async)
read$auto(r2, 0x0, 0x20)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) (async)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0)

5.044514341s ago: executing program 0 (id=2767):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x163340, 0x9)
r2 = socket(0x25, 0xa, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket(0xa, 0x2, 0x3a)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(r3, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000000c0)={0x3c, r4, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}]}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xfffffffffffffff7}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x8880)
r5 = open(0x0, 0x40, 0x0)
socket(0xa, 0x2, 0x88)
setsockopt$auto(r2, 0x11, 0x67, 0x0, 0x8)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4, @multicast2}, 0x55)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x14, 0x0, 0x1, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x44004811}, 0x40000c0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r9=>0x0})
sendmsg$auto_NL80211_CMD_SET_CQM(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010026b29d4669aa39733d00000004005e8008000300", @ANYRES32=r9], 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x40800)
r10 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.1/usb2/2-0:1.0/usb2-port1/disable\x00', 0x102, 0x0)
sendfile$auto(r10, r10, 0x0, 0x7)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, r7, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x2}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x4}, @NL80211_ATTR_NETNS_FD={0x8, 0xdb, r5}, @NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0x7f}]}, 0x34}, 0x1, 0x0, 0x0, 0x40888}, 0x81)

4.585713609s ago: executing program 0 (id=2768):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x141201, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';')
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
socket(0xa, 0x1, 0x100)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram11\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r1, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
rseq$auto(0x0, 0xfffffff4, 0xffffffff, 0x5)
r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$auto_VHOST_SET_BACKEND_FEATURES(r2, 0x4008af25, &(0x7f0000000000)=0x7)
mmap$auto(0x0, 0xc, 0x8000, 0xe238, 0x602, 0x5)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
rseq$auto(&(0x7f0000000580)={0x5, 0x85, 0x9416, 0x1, 0x7, 0x6, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c336389cb57a05ba0582cc612c6c0be4beb4cc54d8337d40c93638ba34c4a0435c32a206e808194584d8c359d418662d18943a5e3c6234e712a096205457b56f0a1e5d4d19835696295a54f38117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b4744b8972a5e11e8a6aab89c7b85947f3901d696d459641aa7e6b89b73387ec5fa2d2af6c992213d82c5774c4bcd4187585bcf652af094e988e75002e01f607abf5e25ae0f5548fd13175b681fc059c1f9160aef893bae78cf6cf62c30fa3f0c5c60cbe383a9c0cc1289519b0c7cff81cc3b4fec739fad19c662b0f98d607b61d825d10e2dd3b27b0f7a6b1adc5a452f344c39da5f086ea7c5d99674ca69c4f5635776e67c151bad72f906cd65231da3a55d6056e23b00686723714fabd752f3e2c86dafdee9d379230c0abeabfde9cf88cae099f3ccc76ea7e64a3734ced5ffe749a8012db53ad4d6a5e347bdd83bb409c1bdb762f4aba145df74833d73ccd583797d4fb4ed3e0c7c29d502aacaef02e114d9e60ca6b0bcb28f825f5d49e94ccd2f830933c39a3ba3782505453e3de872ad8da84a6a22aaa62970428bb9a95d1817dbeeded1c53c5d508dea6cc53d80153b05f954c263278bb9c8bc02f3b1805dd9299dc8b97ebff0165d615ba7bf5ce8c490f4dd273642a18267b0a61a594cb1d608f3dffb292991ea32bb647a6f9b951f283e118dc73b45843b5aa883410e402e3bec9ba889ec237462042cedaed761cca0c3b7058d3ffc276c9a75e18b79804f4e21650d911edbedb9fedd31959a8783b1e39d7d6408554bddb2a5d67703d225fe4422bf2367ca483e77fe479495be3235f4c77b3872a9e33946d2602486b83e84e7d8d1742d369e2d00b9dbb552385502c0f597b3615bed54de65af106b58d2b6bebbdd3fe625152527af965b67e9424da7be2e2574e1492aed568d4faaa9da508e0a2e687876fa291e38b7c3ef38643e2c49e0d46d0f2d53352da2f184c4ced2305865ab0ad1435644419773ea82336ffdf62dd325a6a8b2d199d96dba8a13bb5a86ff65b80818ceb37ee8a2b2a8813b33e474e5b110e1ed13dbc4f52efabbce38935a8ada53a0ed5a1a01453a254a1dc528492159591aa192ff6cfa0b372caf236c78d1a0c94dc37916746358b4cf3cc1c0132657818ce6465e58936dbf5991dfb74ff97382c066ba0ceb06ac4f0c005e4c9166e94161bc08e1c23df7ed3419b10ae229aa6bafb19e6af003c9e319956723d839dc50a7edd8d80bce971ba504e0aac811d76e65acffdc4f7e9836396ba98b824be6cc704c59f5849642b191437a5cf902fc1ac491e8c59241586c6791b282b5cfae57eb7e6792048c4769b5b3f21987ec5097e530fd001da5d2999db4ded708225e9a53a2b48d2be3401a063da3c19168769eccaef710d7c2e06818bb05c4a9aa0ce2785a5a6d2846bac9836f1905a9b042029dcc59d918450b6affb522fbf78116941c5cef4ecb82a2134ee8e67ea6091170b67bfc3abec9e2cfc8208d4ba3bb732230fe6a9470c1152ebdc31bbce93cb742b4484bc1cef4298ce897a36c7e8b3ef8bd1b0e3d4dfa46da8bf89b06d67d8a5da465e8f68f999ec38ef8d1b7972125d2d8492680f6698419313afb74b5f715c90aa5ca0a6ea5561acd89a25d0fd066234b1752d6535251be347d8e69afea162f0ae84aa08a1a5475e6860af5956babe0530b6349e918fa97f14e6a83f7e2054c85ec37424757c49c6b76a889cde8473eebc495ac1088fda54f5c70bb17ef4873bf7b524ae892cd8267adfcd1e7054ac0c8b904855f816cbab8a6c5332d2221060b97931130187e1f07b0b9fad917c06f56d3f9fbca9d0ad93c300d88a6025359eb609e86c2b604d6834cde1351ccb0ba238715d6a77953f58b23a78db05bc38cf1e47d5336226a966af0a88fa19b4d992fc82310b7fceee45a202bfdf759dedee618361082881f91f85020e5282fd6a4ff376455f09bd1ca73b165498937eb7396525f9be44e1d5455f2fb0e9b0d79a2b05104239ddb65afabac40f256"}, 0x6, 0x3, 0xff)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x1, 0x40009, 0xdf, 0x13, r3, 0x10001)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8df41, 0x0)
msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004)
socket(0x2a, 0x800, 0x2d2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r4)
sendmsg$auto_NL80211_CMD_VENDOR(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="210b2abd7000fedbdf25670010000800c3000000008045758fc058dcee9878afa51ff9a5"], 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x4000000)

4.563986197s ago: executing program 1 (id=2769):
pidfd_open$auto(0x1, 0x0)
sendmsg$auto_WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x80)
r0 = socket(0x27, 0x3, 0xb)
close_range$auto(0x2, 0x8, 0x0)
writev$auto(0x8, 0x0, 0xabc)
close_range$auto(r0, 0x8, 0x8)
io_uring_setup$auto(0x4, 0x0)
io_uring_register$auto(0x2, 0x16, 0x0, 0x7)
ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
r2 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad80, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000400), r0)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptye7\x00', 0x800, 0x0)
ioctl$auto_TIOCSWINSZ2(r4, 0x5414, &(0x7f0000000080)="a2")
readv$auto(r2, &(0x7f0000000680)={0x0, 0x40200}, 0x3)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), r5)
sendmsg$auto_OVS_FLOW_CMD_GET(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x1c, r6, 0x1, 0x70bd29, 0x25dfdc00, {}, [@OVS_FLOW_ATTR_ACTIONS={0x4}, @OVS_FLOW_ATTR_KEY={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x200400f0}, 0x810)
sendmsg$auto_OVS_FLOW_CMD_DEL(r3, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x144, r6, 0x10, 0x70bd29, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_KEY={0x108, 0x1, 0x0, 0x1, [@nested={0x101, 0xb4, 0x0, 0x1, [@typed={0xc, 0x65, 0x0, 0x0, @u64=0x5}, @generic="d6536642ba68bf06d0d4d944e0c5a24e0fd3107d9054b05d8cc347886da595e7c83f219802258e2cfa16aa6bce0821ed7621bf9cbf268b1a38ce1d7a4772077286c27d2383a42f8c2f41ad5422cff3f469e807628cd9bda5db60b6e9bf1e07a2908cdb494dec0a8cc19cae2415558c594bcd725af382e6f707563112032cf80995da463cd3b4cca65fc987faf2138a98d7a2f8591acdabe5db7ef956898c4a8b48540b3f4713d6246726b260b1cbfe1b8a23d89455324bd561ca4f75e9be10e4f21ec4709c7e34bd", @generic, @generic="a31933a38bdc0ae38f1a3558b54097f9d8127432824cc39f601d91a6b31b3aa3ca1c41d8c9457d713f"]}]}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x6}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0xc3}, @OVS_FLOW_ATTR_UFID={0x5}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x80}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x9}]}, 0x144}, 0x1, 0x0, 0x0, 0x4008000}, 0x14)
ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0)
r7 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aab4)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x80000, 0x0)
read$auto_mISDN_fops_timerdev(r7, &(0x7f0000000140)=""/168, 0xa8)
mmap$auto(0xfffffffffffff0d8, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto(0x3, 0x0, 0xfdef)
read$auto(0x3, 0x0, 0xf3c)
ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0xfffffffffffffffc)
close_range$auto(0x2, 0x8, 0x0)

3.871708084s ago: executing program 1 (id=2770):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
fstat$auto(0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$auto(r0, 0x10e, 0x1, 0x0, 0xe)
r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon36\x00', 0x0, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa2c0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), r2)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r2, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000a00)={0x1c, r3, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x4}, @NFSD_A_SERVER_SOCK_ADDR={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
r4 = syz_clone(0x30000000, 0x0, 0xfffffffffffffcbd, 0x0, 0x0, 0x0)
ioctl$auto_MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000080)={&(0x7f0000000000)={0x7fff, 0xc9, 0x6, 0x5, 0x65, 0x5, 0x7, 0xa, 0x40, 0x100, 0x31a, 0x5, 0x0, @setup="9fef6bd13c8f6103", 0x6, 0x7, 0x6d}, 0x0, 0x9})
pidfd_open$auto(0x1, 0x0)
ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r5 = socket(0x29, 0x2, 0x0)
r6 = openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/current_tracer\x00', 0x1, 0x0)
writev$auto(r6, &(0x7f0000000140)={0x0, 0x2}, 0x6)
r7 = getsockopt$auto(r5, 0x119, 0x1, 0x0, 0x0)
timer_create$auto_CLOCK_TAI(0xb, &(0x7f0000000200)={@sival_ptr=&(0x7f0000000100)="62f6aa15168ce0d85ff9d327d8257017e5ee6c41fa2c902e7700e0d34d7132fd12d589fb74307ef5702fd1199bad49ee0c534023c1995fc48247413e1007b371ba70353df1b56133a4be6fba1135", @raw=0xe44b, 0xf89c, @_tid=r4}, &(0x7f0000000240)=0x4)
r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/devices/virtual/block/ram12/events\x00', 0x101480, 0x0)
read$auto(r8, 0x0, 0x9)
r9 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto(r9, 0x5386, 0xffffffffffffffff)
ioctl$auto_MON_IOCX_GET(r1, 0x40189206, &(0x7f0000000180)={&(0x7f0000000040)={0x5, 0x33, 0x5, 0x1, 0xd3, 0x6, 0x3, 0x5, 0x6, 0x10000, 0x9, 0x5, 0xab, @setup="3dbaee61062d841d", 0x0, 0xbd, 0x10, 0x3}, 0x0, 0x6})
ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR64(r7, 0xc0884123, &(0x7f0000000280)={0x400, 0x0, @status={0xe, 0x0, {}, 0x0, {}, {0x100000000, 0x4}, 0x101, 0x0, {0x7, 0xdbd}}, @control={{}, 0x5, {}, {}, 0x1}})

3.792177987s ago: executing program 2 (id=2771):
r0 = socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, r0, 0x999)
write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, &(0x7f0000000440)="11000000", 0x4)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000804)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})

3.370970243s ago: executing program 0 (id=2772):
ioctl$auto_TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, &(0x7f0000000200)={0x0, &(0x7f0000000000)={0xffff, 0x5, 0x7}})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000001f80), 0xffffffffffffffff)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x2003f0, 0x15)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000280)='/dev/dri/card1\x00', 0x559901, 0x0)
r2 = socket(0xa, 0x5, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x00\rs\x1cJ\x99\x00:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x1)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'ip6_vti0\x00'})
r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_BEARER_SET(r4, &(0x7f0000002040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x28, r5, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@TIPC_NLA_UNSPEC={0x12, 0x0, "b48115f02b78e348892e0c38ece7"}]}, 0x28}, 0x1, 0x0, 0x0, 0x44}, 0x40044)
ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x5)
ioctl$auto_VHOST_NET_SET_BACKEND(r3, 0x4008af30, &(0x7f0000000000)={0x6})
bpf$auto(0x40000000, &(0x7f0000000100)=@iter_create={r1, 0x81}, 0x96)
bpf$auto(0x18, &(0x7f0000000040)=@raw_tracepoint={0x0, 0xffffffffffffffff, 0x0, 0x800}, 0x92)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
getsockopt$auto(r2, 0x84, 0x1d, 0x0, 0x0)
read$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffffff, &(0x7f0000000100)=""/153, 0x99)
madvise$auto(0x5, 0x81, 0x5)
getpid()
r6 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
read$auto(r6, 0x0, 0xb4d3)
write$auto(0x3, 0x0, 0xffd8)

2.694398382s ago: executing program 1 (id=2773):
pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00/\x00\x00\x00\xfd\xfdX\xd3\x1d\xf8\xbebZ\xddL\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x88\v\xae\xa9i8W\xe5\x00W\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfded, 0x3)
r0 = openat$auto_debug_help_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f0000000180), 0x731100, 0x0)
fcntl$auto_F_SETSIG(r0, 0xa, 0x61)
r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20400, 0x0)
seccomp$auto(0xffffffff, 0x2, &(0x7f0000000200)="b11710388cc7")
ioctl$auto_FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000080))
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x40342, 0x22)
utimensat$auto(r2, &(0x7f0000000040)='\x00', &(0x7f0000000080)={0x22, 0x8000003fffffff}, 0x1000)
mprotect$auto(0x1ffffffff000, 0x100004, 0xa)
getxattrat$auto(r2, &(0x7f0000000000)='./file0\x00', 0xc, &(0x7f0000000080)='-}\x00', &(0x7f00000000c0)={0x4, 0xef7, 0x80000000}, 0x5)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a41, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/loop3/removable\x00', 0x0, 0x0)
sendfile$auto(r3, r4, 0x0, 0x1000200)

2.327527882s ago: executing program 2 (id=2774):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r0, 0x0, 0x7ff, 0x400)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
ioctl$auto(r1, 0x401, r2)
r3 = socket(0x2, 0x3, 0x100)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'ipvlan0\x00'})
socket(0x23, 0x80805, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0)
read$auto_vcs_fops_vc_screen(r4, &(0x7f0000000080)=""/238, 0xffffffe9)
r5 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$auto_nvram_misc_fops_nvram(r5, &(0x7f0000000080)=""/209, 0xd1)
ioctl$auto_NVRAM_INIT(r5, 0x7040, 0x0)
membarrier$auto(0x2, 0x0, 0x9)
prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4, 0xeb2, 0x401, 0x8000)
write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0)

1.748033712s ago: executing program 1 (id=2775):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
fstat$auto(0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$auto(r0, 0x10e, 0x1, 0x0, 0xe)
r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon36\x00', 0x0, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa2c0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), r2)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r2, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000a00)={0x1c, r3, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x4}, @NFSD_A_SERVER_SOCK_ADDR={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
r4 = syz_clone(0x30000000, 0x0, 0xfffffffffffffcbd, 0x0, 0x0, 0x0)
ioctl$auto_MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000080)={&(0x7f0000000000)={0x7fff, 0xc9, 0x6, 0x5, 0x65, 0x5, 0x7, 0xa, 0x40, 0x100, 0x31a, 0x5, 0x0, @setup="9fef6bd13c8f6103", 0x6, 0x7, 0x6d}, 0x0, 0x9})
pidfd_open$auto(0x1, 0x0)
ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r5 = socket(0x29, 0x2, 0x0)
r6 = openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/current_tracer\x00', 0x1, 0x0)
writev$auto(r6, &(0x7f0000000140)={0x0, 0x2}, 0x6)
r7 = getsockopt$auto(r5, 0x119, 0x1, 0x0, 0x0)
timer_create$auto_CLOCK_TAI(0xb, &(0x7f0000000200)={@sival_ptr=&(0x7f0000000100)="62f6aa15168ce0d85ff9d327d8257017e5ee6c41fa2c902e7700e0d34d7132fd12d589fb74307ef5702fd1199bad49ee0c534023c1995fc48247413e1007b371ba70353df1b56133a4be6fba1135", @raw=0xe44b, 0xf89c, @_tid=r4}, &(0x7f0000000240)=0x4)
r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/devices/virtual/block/ram12/events\x00', 0x101480, 0x0)
read$auto(r8, 0x0, 0x9)
r9 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto(r9, 0x5386, 0xffffffffffffffff)
ioctl$auto_MON_IOCX_GET(r1, 0x40189206, &(0x7f0000000180)={&(0x7f0000000040)={0x5, 0x33, 0x5, 0x1, 0xd3, 0x6, 0x3, 0x5, 0x6, 0x10000, 0x9, 0x5, 0xab, @setup="3dbaee61062d841d", 0x0, 0xbd, 0x10, 0x3}, 0x0, 0x6})
ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR64(r7, 0xc0884123, &(0x7f0000000280)={0x400, 0x0, @status={0xe, 0x0, {}, 0x0, {}, {0x100000000, 0x4}, 0x101, 0x0, {0x7, 0xdbd}}, @control={{}, 0x5, {}, {}, 0x1}})

1.493464403s ago: executing program 3 (id=2776):
pidfd_open$auto(0x1, 0x0)
sendmsg$auto_WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x80)
r0 = socket(0x27, 0x3, 0xb)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(r0, 0x8, 0x8)
io_uring_setup$auto(0x4, 0x0)
io_uring_register$auto(0x2, 0x16, 0x0, 0x7)
ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
r2 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad80, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000400), r0)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptye7\x00', 0x800, 0x0)
ioctl$auto_TIOCSWINSZ2(r4, 0x5414, &(0x7f0000000080)="a2")
readv$auto(r2, &(0x7f0000000680)={0x0, 0x40200}, 0x3)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), r5)
sendmsg$auto_OVS_FLOW_CMD_GET(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x1c, r6, 0x1, 0x70bd29, 0x25dfdc00, {}, [@OVS_FLOW_ATTR_ACTIONS={0x4}, @OVS_FLOW_ATTR_KEY={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x200400f0}, 0x810)
sendmsg$auto_OVS_FLOW_CMD_DEL(r3, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x144, r6, 0x10, 0x70bd29, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_KEY={0x108, 0x1, 0x0, 0x1, [@nested={0x101, 0xb4, 0x0, 0x1, [@typed={0xc, 0x65, 0x0, 0x0, @u64=0x5}, @generic="d6536642ba68bf06d0d4d944e0c5a24e0fd3107d9054b05d8cc347886da595e7c83f219802258e2cfa16aa6bce0821ed7621bf9cbf268b1a38ce1d7a4772077286c27d2383a42f8c2f41ad5422cff3f469e807628cd9bda5db60b6e9bf1e07a2908cdb494dec0a8cc19cae2415558c594bcd725af382e6f707563112032cf80995da463cd3b4cca65fc987faf2138a98d7a2f8591acdabe5db7ef956898c4a8b48540b3f4713d6246726b260b1cbfe1b8a23d89455324bd561ca4f75e9be10e4f21ec4709c7e34bd", @generic, @generic="a31933a38bdc0ae38f1a3558b54097f9d8127432824cc39f601d91a6b31b3aa3ca1c41d8c9457d713f"]}]}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x6}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0xc3}, @OVS_FLOW_ATTR_UFID={0x5}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x80}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x9}]}, 0x144}, 0x1, 0x0, 0x0, 0x4008000}, 0x14)
ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0)
r7 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aab4)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x80000, 0x0)
read$auto_mISDN_fops_timerdev(r7, &(0x7f0000000140)=""/168, 0xa8)
mmap$auto(0xfffffffffffff0d8, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto(0x3, 0x0, 0xfdef)
read$auto(0x3, 0x0, 0xf3c)
ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0xfffffffffffffffc)
close_range$auto(0x2, 0x8, 0x0)

1.440541814s ago: executing program 0 (id=2777):
socket(0x1a, 0x1, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
socket(0x2b, 0x1, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
statx$auto(r1, 0x0, 0x6d7, 0x80000008, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mlock$auto(0x112, 0x80006)
mlockall$auto(0x800000000000005)
madvise$auto(0x0, 0x200007, 0x19)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)
getsockopt$auto_SO_TXREHASH(0xffffffffffffffff, 0xced5, 0x4a, &(0x7f00000001c0)='/\a\x00\x00\\\xf0p\xb5\x82\xc8\xaf\xd3\xf9\x00\x00\x00\x00\x00\xd7\x97\xd1\xa1\xae\x15\xe0\x1b\x87Q|6\xdeM1\xe7\xe2\x05\x9e9T\xedC\xcb\xfb^\x9d\x12n\n\b8\x13\xc5J\x13&\x10\x1a\x9fe\xf0I\xf0\xbf\x1cr\xaea\x10\x0061\x92\x9d\x94uJ\xa7\xc6,\xd2\xd8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf4\xbb\x9d`\a\x8e\x18\xc4WMV/\x94\x82u](\xb4\xfd\xd9\xac\x9a\x9e[\xc0\xc3\xf7\x98Q\xf3\xd9\x15y\xcc\x84\x0f\xe4L\x00\xcb\xf9\x95\xcf=\xe2\xa7\x8ah&?\xd0\xa0\x00\x00\x00', &(0x7f0000000180)=0x7)
socket(0xa, 0x5, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mincore$auto(0x1000, 0x8001, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x602, 0x1)
r3 = open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98)
fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r3, 0x0)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45)
fanotify_mark$auto(0x0, 0x451, 0xa, r4, 0x0)
open(&(0x7f0000000100)='.\x00', 0x0, 0x408)

429.901545ms ago: executing program 1 (id=2778):
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x801, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51)
socket(0xf, 0x3, 0x2)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x6, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0x5, 0x1, 0x5, 0x3, 0x95f4da2d, 0xc, 0xffffffff, 0x62, 0x7, 0x7, 0xfffffffffffffffc, 0xfaf, 0x4, 0x5]}, 0x0)
ioperm$auto(0x7, 0x5ad2, 0x8)
ioctl$auto_USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r0 = prctl$auto(0x3e, 0x0, 0x0, 0x1, 0x3)
ioctl$auto_SIOCGIFHWADDR2(0xffffffffffffffff, 0x8927, &(0x7f0000001240)="9ab50f4ecf847be05f351e6488b61b974daa95047bb74b315eed6dca52dbdae0242fcfb571a66c97616937dd93b97753a5af8eadde84d075a946b81cdc6c72bd40aad677442d78a9994343e93dbf7822b41297f10050e625de61812235419b61ca6e1cf512102bf572750799aa3964739a05ea21d618836df2cf96ebcc6d292f0545e1eb5e66f83ca5b02974f6e1cd2acedee5d3b4ffdafe41befaaf1e517f633ea0e3d67782d4189bdf2c6a65f72859659a9ab103b7813b1630bb6f2fb4863586abb50472130ea12c4b4aba1e6bc7bac83382aa3bba6fc507788cd0b19beec49ae5b89b5a91aa0048f0d058daad9b1f0a396c35595d66e0ca73bd85830896d61370d97956eed87e06c4199bb2afa4338793b007e67835158c000971ca880dc7ee66113cf14495b0f4339cef5ac32c775d7db142f0a63d7fe953177f2ef74fbe6791a0dbbeddb2060899962e8a45a9fa8f07c39e260873330d84b00875d18b79e1c773918de40b9d457e92aa8cb305e4d88c10e8e27e7452362269216617b6688155473a8ce9850ba6627d1dc13f6b12679cb1a2c292ec5f4179b5f3b3375ad86b07e9d0ce7b00aa9ed5ca064645dc63be31d980f23257e30f76da5b7c7b9288b1f9201526113dc5a1bb6868da8c4097911a19863753cab06714d88848a93cfb183d2fc04ef62292aca7030578e9deb86077d38502dffc31e5eba12846f302793061d70cd92f6e8dcea38a4d51e9d96e20e49b70fab676aa1e69ce4ad9350001eaa3dd7f9af5aedf664876fe6fdac17799b2046f62fe5052ed5f3408fe2f1c716e9e9a1f5ba039a39db432c6dab2ec3a720a0415baca171e6e611c14bb511444af9e559223a1e9d2692ce839be9168d82477cbef48d915698ab249e58667942914a841828f4e15d5bb6d00fddbdd6b5b170f0326be5d5e2f515e7e5a8933fcacbd3d14f5d03a3b85a28462f3b22c5a0fea03f8ea21b5a0de0b1ff8ff47e2a6a7d2da26ec901d27ca5816108494e1ee2d8e9c1af62daa7e2f9437a735d504bb46dd720578ed308f70609188ce6a15d30bd9fe10e4c028f46450a7572256f84d1d59444e4a08d6f79811115506206e4d6714cb12dac45a6a85be8913ba01d71e5f19d6e90d830958a3f56923edb5a0efc8346d4d193a0abbb658f219279a5d9f5c5d524e5f000cfe9943beb70eb5994e26aadbd3f47dc18003165b39b5cf718900ab4b845a0493481ee388fccfc460859bd85fa63c0b58b775d3729db3c1cc58573e36b3bd33dd890a9d26a2a3a8b2def1a7c6eb3129cdceff29d3ec2ff52b9bd2ecb7ebc103706366c9e88c089f332d8bb380dc3afe436e490a538cd8c43ea63bd65e9486ce2c52e55d9eca84b24cc77f33e2c3096a04705dedc238779c4a497082d6d6a7dfb3b5259112546874411622e28e15c70ad98fd1e916843b06c4ee3f13c3cfdf5fc0d393391bad9d68335c0b4e32c4407c60ba070eeb6dd282b2f7ff6134e039eb011f0b4026f2ed46426fb07a335c21614dbabfb7cef26b96f29b0805642e9b0f5d9c675d5cf89111791600d330d8503efd3ee384e5e7fe02b8137f8881e8ac23eb4f4fa6a1a88a9fa8dfa9e446bb7f117a3d6687b2d2d505c461703eb5df4032b9371ebe49710c8e8244f10943a516bb84307769d12ea0d2c5244d8f41e646d162706cb35b9ac6e2e1650eddf1cca58c1a8fd2c8e6fc485ab478dd2a0913ffdce715d775f38c4b692d16cab3a24edc5fe496dc98a68451eb4776db277465525780d92bcaeebf145408a6607f86fc94043ee30683106cde9c71edd460f783e602465f32554c09376860d3d9420badf095ff9fdfb3311af5800eda2ee5741e555ea42b121d1f7001b471df869b7b2b0de36a31b443e75bc8f101884c227fab4951f0bd1b503f9d5c816afe75061648eec404c1ed0eb57e4f8a5e966f45227be127369550f5daec076d5020274a9a5bac078e700dd9b95ba961be08f97fcd543f88691e32d0aa9f8776f58c96de8cce194aee6f9010d7710b692ddfa24457a3a623b91d743521dfe43a21ecce2863356308526687c7ed1169386be11059614cd138d439725ac4b5c0a9e04f503dd1461e57935de94a12a64d18c1845500665f81bae9ef33033a4a2d04ca381da212a68e1f267f03ffb71db53ff0da93176b47ff0568a5acee10190c12c9fda1543c318229708f6985e224ce750e9ca937d6927c1de7e5fd7e7db6cd42478e0d11a97e8959ce0118d556960d4cfde1625c72220ac1988fc3c69850d00a08246bda3846b623e0c1a731d47ba3216fa91139d5f5a8af9897fb08bc53e682e669e4a20962f841e13da43b62ad6eba654f815c2ad347ae279ab134cca6a1ebd06e822cdceeb58d4329d501c216357a12fd92fa0c27de77e756cdec09698284802eb2d21ca7e1a3619da2591c1fe29d4da0744f1110594f57a20c286f78b1111814c55715e05e4c753bc0242c9abb850b508e061c1179d88fb11b33bb1f34d05cb38e99a57d1a06ea61590431db1cf22817c85f885978f08f92335e997eff96a5feb784e410d41a953a6d92eb5973c08aa728ab673c0e693f47055c112d8efc8bd84f4c85b2f160b4c47da302cfa214b822b68276fbd50933facc06956aea16f35e61e859072749a49f13d33376ec41f7dc85625e1e48fc821317f43b0be304f448eb1de7c68ba84e774a2d22b1d3f55c144f59c15fc19c6df45ac3ac6461df9aebebfc8738b7b2e0dbdd99909498a3741d9101d82540a64b5e7a149e1f98a0788704a843faece338d465826b58f3e11aef73d44efdce1739b1927c45248d32be74ea0fabbe17e7c0657cc68419d96f19119493ab5569c86aa80b6bc4b410b011a12e1ad5365c674720c2f2a4c78962affef7e63c4ca0d4235f977ae416153edef6402b95ec61cb561759217002b66a78b65819d1b649a85308943148ac025410dbe4f9f18694a1c7289118035f454f81e1d9b6ab076ddb50e8c7b8ed2fd36d4dd6c5c928041afc8936fa83244aa9dbf08676cc30580d8fee518e24ed4089b63f9930c194e048b88cec98f9190a81f1a09e80c2af63e4738d4bf6c8e4eff41a846a25f8d74ab88f9d85c9b059bab15fc1fc485e1f92fa4f41a3a275e9609ea0c7dff7c9488f482067f38f4e8f424007498ac1da9eeba9857b34dc21d552dada4aff917d37463fb054ddedf52ab3def2813fd115e3f36c3f82719a486d2605aadd9c3e708261e2acf13fa9cd81fa2f23aea49b3a42b3ad43bd140ccb5c274c099062d1148d1def0171c5b8b49ac6b462de5246523cee3bb96d6340c8992114ce7f3d0d6ef92f02bfe3142dc1cc03310ea49fe1000b6a5e2353e25b4d373830a2030f7a7f33c60d583ca9ecf9930a22fb8415364d22a1f5aa8ebd95930123e04edaa80b5bdd0473a2c95be3797d6100145d674498fea24a87009149aa27a7060ccaf0ea0675a0c498370beff8978604ac3d3aec9cf3ad53ec8a698c5e1a44d0a4be22e5a16547db9eef5577d6ecd5a2967c4d4255e8908ccb347fe7cb5a7246345035a7a8a12993f8fdc661ffd3a84736ee9a5852dcf8e3aca4afa19a598c9379dd6d3c594e9aa54c1b5f0a2add05c979c76f9d1796c2072e0a6b5348ec199aa7abb34cde352f97e61823977723500867f803371f115c3528b30442fdd828f872d7c962f21053d6fb1fea2ac4e273902edf14d1b9c362f76c67ee7ff175ddb443afd3bab63767d2a64416d50015c09ae0a0faf5b6cbd39a31b7d324d110a84800f2c541cb39836c4cc2e7de0596b78e580533c1dc1126acc7aa5e8d2c2680b511ef4160351e924411b092a94c0a6df787eea3a6960ee27c1480ffc3dd286af35183020315a00ea9dc2384edb0a9c420c12a35ef16fa73d6caf07d796416768be12fad0fd636304918b7cc7901d5db64e6d3d1f7560b859c2044f38e46eec7c2cca01492309c948880326e60fb540bec547626cb5ceb48eae7f0bdd5f38b7ca69159bf39e5a6dee36f2199bae38a2d21e3316c8debcadfb4121af4446cc9fe2a536689816f66510d8906a1f96db1b71a7ab1a9de45e67d93586db93397eae71e6eca1e84531ba50ee9ab11bc01eba40063e74b0efd6ae4ab90bb50e2312861c92b43720e83d3bad50bf66f87be98c40b275339177dba753ddab002b07827ab860e9613a1bb0c13e690dbd71f5a30578e5ab1d1426ca07cb698f30cdfe1853a10fa976822da5c1b3ab8bd6df956e74a667867b94f26b696b9379ab818eed48a13fa6a3590cc1b6e159f25d3f7f7c5178ae84974460d7880b84aa90077a0a8dce82fd6bed76df7cf1dd42b33ec26cdf374ff068db186ddf08112eabfcd7b3f25afaa765bc831a3c7e7d93d6794c2c92d1223de9b15217632aa17ee09651556d0617219d9142f155dd8b1d87cf31715113519edbfdc5d6849feb239a73b53f94430f8e7ee022cdf8cc9aeb877e4109db461e6dd68351a1522d41854ff59a91b854cab163329442c01cbc3b352c8068131c8c22f7b9220e009e3890f396d5fe69137e2f0b52b27d190705cc4dac692ebb7d9662268cc641d03804d7f5bc99437e49a3e2e6b8879d37322faaec90df4a1201bb1f58d1eedadf74df18be13e0aff304b583da98589aa22e27b1f78beaea663e3182d2b12a2f3c835c0feb3001d787b297a")
mmap$auto(0x0, 0x400000000000004, 0x24000000000de, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x4, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x8000012, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x8001)
process_madvise$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, &(0x7f0000000080)={0x0, 0x8}, 0xf, 0x8, 0x0)
r1 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0)
write$auto(r1, 0x0, 0xe)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty45\x00', 0x88702, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), r3)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f00000001c0), r3)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="010025bd7000ffdbdf2504000000a1b554d04639c915b2da813c4f14f349cc2628a39b8164238cf0cf51d08bed57a5a1abc40ae9eb5618f26e687bcbc8e99c97df6f661240e5a23d7a7dea0f"], 0x14}, 0x1, 0x0, 0x0, 0x41}, 0x4004040)
sendmsg$auto_WG_CMD_GET_DEVICE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="030727bd7000ffdbdf2500000000c321210d431cc2167de44212da0658cd428a4ca6f0665e4f54b43b4906c50f8fb45afe9a4b11e65c155f78c7ce9d7bc0848b49fb728634bd8b26071aeb2345aa4a9a5af6f5a0c1d18e5886028acd501e1901e28207bc113e58c6bcc8949054c07219234ffb45369d458da4728e4a7da4e754c38c019bdb6f0b0cef983e41bd2d2c5ae2a7ff6c19bcfb00d6d8312090ce4b315c69771286086e740d3c00a8b4267f57ae2a8bce5fdf7e42ab6b0a47"], 0x14}, 0x1, 0x0, 0x0, 0x985}, 0x4)
write$auto_tty_fops_tty_io(r2, &(0x7f0000000580)="7fd0a917413f68eb6b28d5eea7d1553f6595c094f1f855eb8d8776e6bd8f81c440da3fe3433f8243402fc2752caac5da7a03bbb5adf685740635a6bc231c6cf093b7cf0e4dd07f10b2dc12791aa3ebded3cfe2e4befc0e02d2e064b1db3adc8b2ec1c0378efff268086d6cb998b8dedfb7f20d06b7b091e974de1c1a4ce3d378d91b7639d914ba86b1f18337bb06e3619af99e68dfac380ab153fc75a2159d8efbbf7436752c964490346cf1558249979fc61ee71509560d14bdd0922e50904f3a4b2ae1bfc4f6bb9e08f16afd6baa53cf87077be5bcca2829dd4133da071a6fd072ed5568670a5d171e3deee5576bf571a016c162ca369182f202dbe49839df8d4c438dacdd6cdd67c21e2ed9be20baeff5e5019313d5e6e5a0e93eab61be5dec2c7e144cf9d73fd945c25ff11d5d5aa26bf8ab2e06098b8aeb05c1f29c1a30d268d82768b3350c3efcdac39334de0f6406a1aed635e0c55412ff73b0222d67be6bdd185478d502b492c41696ce6f88609795409aa0841dbc7cb222f0cb239b19d9499fdc45988f0290af0666c37b93f047d45b17cbe7c9332c63ad46c6aa871e4b351efa4fbfb88cfa0281f465d1a970939c2d6c45c50ade06f0bb98ed66623b887de325c0f42ab530b649ea29757af9464c18dea186a0bbc62ce209a3be8e86e8f710323cb899d806caf575cb73a419c0804afd4c8a329a2afaebb87291e9fdfd2ca0edebfc4fb7b1e281fa3e6ac387aebfc92107f4251aa8c96a4c6d7599933c2c489a7696e8e42d88b572fa46bead2c96f619030ab70026f14f91bbf0a4c1b3ed74c564d6ae3eefeef94d37e19701513ff7713a52ebfd8f251dc303455de00d1ee3ed3e204bed2901a644056193fc7e00ce10aa6463892a7881a51893af629f7bd8801ce4c44c7ff2decdb6a69d9ed48ff79661ba9ec4a84dd222d3b40e4abf56222b97db9aa646a67e5031a57d570030f41b09529298f1acddbcd1f0ff6a30cb2a2d5eaecd774bbf897477cc1e55488f3493b6aa6908d24b032cbda24f956f7f262d992838923efde7e8ed0558872451d7bd6a4769ecd47c6d0a125a6e638df6f67793901a67071c506d010930b01ce541aa43f9110d874311d18a8ea50fb1907e8d17c3932e0c12c7d6f7c145209ab81105649fc0c5266063bd8c6a16319a82ff5d236122d53e15d6a7fcb16245d7754f3ffbf659a141cbd29286176fe445deebd5dd18baae1bbdfedbe4bd3453c50fb2f6c22505ecd768ad0703624ebf7b924dc7e8e93ea94c8a6a9f0372351b5a4aaadf89a86faf5241e47be7e6790676fbf8abcc6ef89b9f6ce10600e21815ec6d2c580b5c30ada6b956a07d9964e93419856df00b06245d0743ac2b595097007165cbb17c6a492a6eb0559712e5f89ee86b7a2c46acf9b8d8b2c7a85092966aca97f114635c", 0x3f8)
modify_ldt$auto(0x11, 0xfffffffffffffffc, 0x23b94)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/029/001\x00', 0xa002, 0x0)

365.979606ms ago: executing program 3 (id=2779):
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/members\x00', 0x0, 0x0)
setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88)
r0 = socket(0x2, 0x1, 0x0)
io_uring_setup$auto(0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
syz_genetlink_get_family_id$auto_ila(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_ILA_CMD_ADD(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0xc80}, 0x40088c4)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kmsg\x00', 0x80900, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x4b8483, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1fc, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
gettimeofday$auto(&(0x7f00000000c0)={0x2, 0x100000000}, &(0x7f0000000180)={0x20, 0x3})
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
socket(0x2b, 0x1, 0x0)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0)
pread64$auto(r2, 0x0, 0x40000000f42c, 0x2)
io_uring_setup$auto(0x1, 0x0)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
open(&(0x7f0000000140)='./file0\x00', 0x3ac41, 0xe2)
r3 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r3, 0x43403d05, 0x0)
io_uring_register$auto_IORING_UNREGISTER_IOWQ_AFF(r3, 0x12, &(0x7f00000001c0)="632777723e3c5010edcbf7fde4", 0x2)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)

361.252345ms ago: executing program 2 (id=2780):
socket(0x1a, 0x1, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x80802, 0x0)
socket(0x2b, 0x1, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
statx$auto(r1, 0x0, 0x6d7, 0x80000008, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mlock$auto(0x112, 0x80006)
mlockall$auto(0x800000000000005)
madvise$auto(0x0, 0x200007, 0x19)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)
getsockopt$auto_SO_TXREHASH(0xffffffffffffffff, 0xced5, 0x4a, &(0x7f00000001c0)='/\a\x00\x00\\\xf0p\xb5\x82\xc8\xaf\xd3\xf9\x00\x00\x00\x00\x00\xd7\x97\xd1\xa1\xae\x15\xe0\x1b\x87Q|6\xdeM1\xe7\xe2\x05\x9e9T\xedC\xcb\xfb^\x9d\x12n\n\b8\x13\xc5J\x13&\x10\x1a\x9fe\xf0I\xf0\xbf\x1cr\xaea\x10\x0061\x92\x9d\x94uJ\xa7\xc6,\xd2\xd8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf4\xbb\x9d`\a\x8e\x18\xc4WMV/\x94\x82u](\xb4\xfd\xd9\xac\x9a\x9e[\xc0\xc3\xf7\x98Q\xf3\xd9\x15y\xcc\x84\x0f\xe4L\x00\xcb\xf9\x95\xcf=\xe2\xa7\x8ah&?\xd0\xa0\x00\x00\x00', &(0x7f0000000180)=0x7)
socket(0xa, 0x5, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mincore$auto(0x1000, 0x8001, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x602, 0x1)
r3 = open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98)
fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r3, 0x0)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45)
fanotify_mark$auto(0x0, 0x451, 0xa, r4, 0x0)
open(&(0x7f0000000100)='.\x00', 0x0, 0x408)

0s ago: executing program 0 (id=2781):
r0 = set_tid_address$auto(0x0)
ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, r0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, 0x0)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
rseq$auto(&(0x7f0000000300)={0x12, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
clone$auto(0x25, 0x482, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x401)
fcntl$auto(0x8000000000000001, 0x26, 0x8)
write$auto(0x3, 0x0, 0x100082)
ioctl$auto_SNDCTL_DSP_SYNC(r4, 0x5001, 0xfffffffffffffffc)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'virt_wifi0\x00', <r5=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="310000000000000000000000000000000000cbee2f70a9d8521056a8a17f88640c7c3bc2f69762e72453f0c164242ad36c442c129cb3d99b94e92dca2b3a0fe1ef28d6297c9aaf23c06d9ca650ca2315a3719f8019443e48a2d6b5cfa242ac267cc013db8753989d7b795529df8f03f1fb0df69d8df8d04be007993c662c0d5b", @ANYRES32=r5, @ANYBLOB="08000c010c8d0000"], 0x24}, 0x1, 0x0, 0x0, 0x4004080}, 0x0)
sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r2, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="6a4dfbdb2354c9bc48a41dfdbca088cb079aa8c0db9c1da9b22f41ca03370fe5dc547c929b1f6d6f3b042a8d5d162a36092a6e68c836042be795169a3667ac1d3eab6ba351f4867343d5388eb3d76270eeb00cfe7128e1fb3cbdf7207477acb2dc5dd088a9b76ab0f0eb77e3aca9aaf25c8b3a0d1f1de69fa1f48476ca51efb0f83f43574c72d3d4a9e4e21aaa70cae0979675f5b4090ffea8fccd9e701898a5dadde9b9362d370940170442c715ed17299c8fd0afc413ad6fb09826a06615b346e06e58f5f616751ea17a6a327cf2a39b23795099fe507ffacd2db6e66137", @ANYRES64=r2, @ANYBLOB="10002cbd7000fcdbdf258800000006009800010000000800690008000000"], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x40800)
madvise$auto(0x0, 0x2000040080000004, 0xe)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)

kernel console output (not intermixed with test programs):

72]  __walk_page_range+0x163/0x820
[ 1365.050088][T18472]  ? __lock_acquire+0xb97/0x1ce0
[ 1365.050133][T18472]  walk_page_range_vma+0x2c7/0xa20
[ 1365.050169][T18472]  ? __pfx_walk_page_range_vma+0x10/0x10
[ 1365.050208][T18472]  ? find_held_lock+0x2b/0x80
[ 1365.050244][T18472]  madvise_pageout+0x257/0x540
[ 1365.050279][T18472]  ? __pfx_madvise_pageout+0x10/0x10
[ 1365.050337][T18472]  madvise_vma_behavior+0xb22/0x2d60
[ 1365.050379][T18472]  ? mas_prev_setup.constprop.0+0xb6/0x9d0
[ 1365.050416][T18472]  ? __pfx_madvise_vma_behavior+0x10/0x10
[ 1365.050463][T18472]  ? __pfx_mas_prev+0x10/0x10
[ 1365.050504][T18472]  ? find_vma_prev+0xda/0x160
[ 1365.050547][T18472]  ? __pfx_find_vma_prev+0x10/0x10
[ 1365.050601][T18472]  madvise_walk_vmas+0x31f/0x9c0
[ 1365.050652][T18472]  ? __pfx_madvise_walk_vmas+0x10/0x10
[ 1365.050706][T18472]  madvise_do_behavior+0x1e2/0x530
[ 1365.050748][T18472]  ? __pfx_madvise_do_behavior+0x10/0x10
[ 1365.050786][T18472]  ? down_read+0x13d/0x480
[ 1365.050823][T18472]  ? find_held_lock+0x2b/0x80
[ 1365.050861][T18472]  do_madvise+0x176/0x240
[ 1365.050896][T18472]  ? __pfx_do_madvise+0x10/0x10
[ 1365.050941][T18472]  ? __fget_files+0x20e/0x3c0
[ 1365.050979][T18472]  ? syscall_user_dispatch+0x78/0x140
[ 1365.051024][T18472]  __x64_sys_madvise+0xa9/0x110
[ 1365.051061][T18472]  do_syscall_64+0xcd/0x490
[ 1365.051091][T18472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1365.051116][T18472] RIP: 0033:0x7fe892b8ebe9
[ 1365.051138][T18472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1365.051161][T18472] RSP: 002b:00007fe8939cb038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[ 1365.051184][T18472] RAX: ffffffffffffffda RBX: 00007fe892db6360 RCX: 00007fe892b8ebe9
[ 1365.051200][T18472] RDX: 0000000000000015 RSI: 00000000002003f2 RDI: 0000000000000000
[ 1365.051214][T18472] RBP: 00007fe8939cb090 R08: 0000000000000000 R09: 0000000000000000
[ 1365.051233][T18472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1365.051248][T18472] R13: 00007fe892db63f8 R14: 00007fe892db6360 R15: 00007ffe1d85ff78
[ 1365.051310][T18472]  </TASK>
[ 1367.101733][T18492] FAULT_INJECTION: forcing a failure.
[ 1367.101733][T18492] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1367.160684][T18492] CPU: 0 UID: 0 PID: 18492 Comm: syz.1.2147 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1367.160730][T18492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1367.160749][T18492] Call Trace:
[ 1367.160760][T18492]  <TASK>
[ 1367.160772][T18492]  dump_stack_lvl+0x16c/0x1f0
[ 1367.160809][T18492]  should_fail_ex+0x512/0x640
[ 1367.160850][T18492]  _copy_to_user+0x32/0xd0
[ 1367.160894][T18492]  simple_read_from_buffer+0xcb/0x170
[ 1367.160927][T18492]  proc_fail_nth_read+0x197/0x240
[ 1367.160960][T18492]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1367.160995][T18492]  ? rw_verify_area+0xcf/0x6c0
[ 1367.161025][T18492]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1367.161057][T18492]  vfs_read+0x1e4/0xc60
[ 1367.161095][T18492]  ? __pfx___mutex_lock+0x10/0x10
[ 1367.161127][T18492]  ? __pfx_vfs_read+0x10/0x10
[ 1367.161169][T18492]  ? __fget_files+0x20e/0x3c0
[ 1367.161214][T18492]  ksys_read+0x12a/0x250
[ 1367.161247][T18492]  ? __pfx_ksys_read+0x10/0x10
[ 1367.161293][T18492]  do_syscall_64+0xcd/0x490
[ 1367.161341][T18492]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1367.161372][T18492] RIP: 0033:0x7fe892b8d5fc
[ 1367.161395][T18492] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1367.161422][T18492] RSP: 002b:00007fe8939cb030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1367.161467][T18492] RAX: ffffffffffffffda RBX: 00007fe892db6360 RCX: 00007fe892b8d5fc
[ 1367.161486][T18492] RDX: 000000000000000f RSI: 00007fe8939cb0a0 RDI: 0000000000000009
[ 1367.161505][T18492] RBP: 00007fe8939cb090 R08: 0000000000000000 R09: 0000000000000000
[ 1367.161523][T18492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1367.161541][T18492] R13: 00007fe892db63f8 R14: 00007fe892db6360 R15: 00007ffe1d85ff78
[ 1367.161581][T18492]  </TASK>
[ 1367.739248][T18496] process 'syz.0.2148' launched ':,' with NULL argv: empty string added
[ 1367.754084][T18496] ERROR: Out of memory at tomoyo_memory_ok.
[ 1367.794370][T18496] ERROR: Domain '<kernel> /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /sbin/start-stop-daemon /usr/sbin/sshd /usr/libexec/sshd-session /bin/sh /root/syz-executor /root/syz-executor /newroot/535/:,' not defined.
[ 1368.065710][T18505] FAULT_INJECTION: forcing a failure.
[ 1368.065710][T18505] name failslab, interval 1, probability 0, space 0, times 0
[ 1368.097876][T18505] CPU: 1 UID: 0 PID: 18505 Comm: syz.3.2150 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1368.097923][T18505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1368.097942][T18505] Call Trace:
[ 1368.097952][T18505]  <TASK>
[ 1368.097965][T18505]  dump_stack_lvl+0x16c/0x1f0
[ 1368.098004][T18505]  should_fail_ex+0x512/0x640
[ 1368.098041][T18505]  ? fs_reclaim_acquire+0xae/0x150
[ 1368.098093][T18505]  ? tomoyo_encode2+0x100/0x3e0
[ 1368.098132][T18505]  should_failslab+0xc2/0x120
[ 1368.098174][T18505]  __kmalloc_noprof+0xd2/0x510
[ 1368.098223][T18505]  tomoyo_encode2+0x100/0x3e0
[ 1368.098277][T18505]  tomoyo_encode+0x29/0x50
[ 1368.098315][T18505]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1368.098362][T18505]  ? tomoyo_profile+0x47/0x60
[ 1368.098411][T18505]  tomoyo_path_number_perm+0x245/0x580
[ 1368.098445][T18505]  ? tomoyo_path_number_perm+0x237/0x580
[ 1368.098483][T18505]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1368.098521][T18505]  ? find_held_lock+0x2b/0x80
[ 1368.098591][T18505]  ? find_held_lock+0x2b/0x80
[ 1368.098620][T18505]  ? hook_file_ioctl_common+0x145/0x410
[ 1368.098668][T18505]  ? __fget_files+0x20e/0x3c0
[ 1368.098711][T18505]  security_file_ioctl+0x9b/0x240
[ 1368.098750][T18505]  __x64_sys_ioctl+0xb7/0x210
[ 1368.098805][T18505]  do_syscall_64+0xcd/0x490
[ 1368.098845][T18505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1368.098878][T18505] RIP: 0033:0x7fabca18ebe9
[ 1368.098908][T18505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1368.098939][T18505] RSP: 002b:00007fabcaf1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1368.098969][T18505] RAX: ffffffffffffffda RBX: 00007fabca3b5fa0 RCX: 00007fabca18ebe9
[ 1368.098991][T18505] RDX: 0000000000000000 RSI: 00000000c0686611 RDI: 0000000000000003
[ 1368.099011][T18505] RBP: 00007fabcaf1f090 R08: 0000000000000000 R09: 0000000000000000
[ 1368.099031][T18505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1368.099051][T18505] R13: 00007fabca3b6038 R14: 00007fabca3b5fa0 R15: 00007ffef0356708
[ 1368.099095][T18505]  </TASK>
[ 1368.099204][T18505] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1368.854870][T18514] FAULT_INJECTION: forcing a failure.
[ 1368.854870][T18514] name failslab, interval 1, probability 0, space 0, times 0
[ 1368.951725][T18514] CPU: 1 UID: 0 PID: 18514 Comm: syz.3.2153 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1368.951772][T18514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1368.951791][T18514] Call Trace:
[ 1368.951801][T18514]  <TASK>
[ 1368.951814][T18514]  dump_stack_lvl+0x16c/0x1f0
[ 1368.951857][T18514]  should_fail_ex+0x512/0x640
[ 1368.951896][T18514]  ? __kmalloc_noprof+0xbf/0x510
[ 1368.951939][T18514]  ? xfrm_hash_alloc+0xd1/0x100
[ 1368.951973][T18514]  should_failslab+0xc2/0x120
[ 1368.952018][T18514]  __kmalloc_noprof+0xd2/0x510
[ 1368.952055][T18514]  ? xfrm_state_init+0x377/0x630
[ 1368.952087][T18514]  ? xfrm_state_init+0x321/0x630
[ 1368.952424][T18514]  xfrm_hash_alloc+0xd1/0x100
[ 1368.952463][T18514]  xfrm_net_init+0x35f/0xcc0
[ 1368.952514][T18514]  ? __pfx_xfrm_net_init+0x10/0x10
[ 1368.952553][T18514]  ops_init+0x1df/0x5f0
[ 1368.952604][T18514]  setup_net+0x10f/0x380
[ 1368.952639][T18514]  ? lockdep_init_map_type+0x5c/0x280
[ 1368.952687][T18514]  ? __pfx_setup_net+0x10/0x10
[ 1368.952727][T18514]  ? debug_mutex_init+0x37/0x70
[ 1368.952767][T18514]  copy_net_ns+0x2a6/0x5f0
[ 1368.952814][T18514]  create_new_namespaces+0x3ea/0xa90
[ 1368.952864][T18514]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1368.952909][T18514]  ksys_unshare+0x45b/0xa40
[ 1368.952957][T18514]  ? __pfx_ksys_unshare+0x10/0x10
[ 1368.953008][T18514]  ? xfd_validate_state+0x61/0x180
[ 1368.953073][T18514]  __x64_sys_unshare+0x31/0x40
[ 1368.953133][T18514]  do_syscall_64+0xcd/0x490
[ 1368.953175][T18514]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1368.953209][T18514] RIP: 0033:0x7fabca18ebe9
[ 1368.953238][T18514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1368.953273][T18514] RSP: 002b:00007fabcaf1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1368.953307][T18514] RAX: ffffffffffffffda RBX: 00007fabca3b5fa0 RCX: 00007fabca18ebe9
[ 1368.953330][T18514] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1368.953351][T18514] RBP: 00007fabca211e19 R08: 0000000000000000 R09: 0000000000000000
[ 1368.953371][T18514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1368.953391][T18514] R13: 00007fabca3b6038 R14: 00007fabca3b5fa0 R15: 00007ffef0356708
[ 1368.953435][T18514]  </TASK>
[ 1370.086282][T18531] FAULT_INJECTION: forcing a failure.
[ 1370.086282][T18531] name failslab, interval 1, probability 0, space 0, times 0
[ 1370.114753][T18531] CPU: 1 UID: 0 PID: 18531 Comm: syz.0.2155 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1370.114804][T18531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1370.114825][T18531] Call Trace:
[ 1370.114836][T18531]  <TASK>
[ 1370.114848][T18531]  dump_stack_lvl+0x16c/0x1f0
[ 1370.114889][T18531]  should_fail_ex+0x512/0x640
[ 1370.114923][T18531]  ? fs_reclaim_acquire+0xae/0x150
[ 1370.114967][T18531]  ? tomoyo_encode2+0x100/0x3e0
[ 1370.115002][T18531]  should_failslab+0xc2/0x120
[ 1370.115044][T18531]  __kmalloc_noprof+0xd2/0x510
[ 1370.115093][T18531]  tomoyo_encode2+0x100/0x3e0
[ 1370.115164][T18531]  tomoyo_encode+0x29/0x50
[ 1370.115202][T18531]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1370.115248][T18531]  ? tomoyo_profile+0x47/0x60
[ 1370.115297][T18531]  tomoyo_path_number_perm+0x245/0x580
[ 1370.115331][T18531]  ? tomoyo_path_number_perm+0x237/0x580
[ 1370.115370][T18531]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1370.115408][T18531]  ? find_held_lock+0x2b/0x80
[ 1370.115477][T18531]  ? find_held_lock+0x2b/0x80
[ 1370.115507][T18531]  ? hook_file_ioctl_common+0x145/0x410
[ 1370.115554][T18531]  ? __fget_files+0x20e/0x3c0
[ 1370.115597][T18531]  security_file_ioctl+0x9b/0x240
[ 1370.115635][T18531]  __x64_sys_ioctl+0xb7/0x210
[ 1370.115703][T18531]  do_syscall_64+0xcd/0x490
[ 1370.115742][T18531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1370.115776][T18531] RIP: 0033:0x7ff9ee18ebe9
[ 1370.115802][T18531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1370.115836][T18531] RSP: 002b:00007ff9ef086038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1370.115868][T18531] RAX: ffffffffffffffda RBX: 00007ff9ee3b5fa0 RCX: 00007ff9ee18ebe9
[ 1370.116100][T18531] RDX: 0000000000000000 RSI: 00000000c0686611 RDI: 0000000000000005
[ 1370.116120][T18531] RBP: 00007ff9ef086090 R08: 0000000000000000 R09: 0000000000000000
[ 1370.116142][T18531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1370.116163][T18531] R13: 00007ff9ee3b6038 R14: 00007ff9ee3b5fa0 R15: 00007ffe12f98758
[ 1370.116214][T18531]  </TASK>
[ 1370.116374][T18531] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1372.387160][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1372.396782][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1372.648177][T18556] =======================================================
[ 1372.648177][T18556] WARNING: The mand mount option has been deprecated and
[ 1372.648177][T18556]          and is ignored by this kernel. Remove the mand
[ 1372.648177][T18556]          option from the mount to silence this warning.
[ 1372.648177][T18556] =======================================================
[ 1375.892696][T18605] ERROR: Out of memory at tomoyo_memory_ok.
[ 1377.375036][T18616] FAULT_INJECTION: forcing a failure.
[ 1377.375036][T18616] name failslab, interval 1, probability 0, space 0, times 0
[ 1377.452295][T18616] CPU: 0 UID: 0 PID: 18616 Comm: syz.3.2173 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1377.452346][T18616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1377.452368][T18616] Call Trace:
[ 1377.452380][T18616]  <TASK>
[ 1377.452393][T18616]  dump_stack_lvl+0x16c/0x1f0
[ 1377.452712][T18616]  should_fail_ex+0x512/0x640
[ 1377.452759][T18616]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1377.452810][T18616]  should_failslab+0xc2/0x120
[ 1377.452860][T18616]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1377.452906][T18616]  ? alloc_empty_file+0x55/0x1e0
[ 1377.452968][T18616]  alloc_empty_file+0x55/0x1e0
[ 1377.453024][T18616]  path_openat+0xda/0x2cb0
[ 1377.453075][T18616]  ? __pfx___schedule+0x10/0x10
[ 1377.453116][T18616]  ? __pfx_path_openat+0x10/0x10
[ 1377.453172][T18616]  do_filp_open+0x20b/0x470
[ 1377.453220][T18616]  ? __pfx_do_filp_open+0x10/0x10
[ 1377.453301][T18616]  ? alloc_fd+0x471/0x7d0
[ 1377.453360][T18616]  do_sys_openat2+0x11b/0x1d0
[ 1377.453638][T18616]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1377.453714][T18616]  __x64_sys_openat+0x174/0x210
[ 1377.453765][T18616]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1377.453828][T18616]  do_syscall_64+0xcd/0x490
[ 1377.453867][T18616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1377.453900][T18616] RIP: 0033:0x7fabca18ebe9
[ 1377.453926][T18616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1377.453958][T18616] RSP: 002b:00007fabcaf1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1377.453989][T18616] RAX: ffffffffffffffda RBX: 00007fabca3b5fa0 RCX: 00007fabca18ebe9
[ 1377.454009][T18616] RDX: 0000000000040001 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1377.454028][T18616] RBP: 00007fabcaf1f090 R08: 0000000000000000 R09: 0000000000000000
[ 1377.454047][T18616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1377.454065][T18616] R13: 00007fabca3b6038 R14: 00007fabca3b5fa0 R15: 00007ffef0356708
[ 1377.454105][T18616]  </TASK>
[ 1377.465497][T18620] FAULT_INJECTION: forcing a failure.
[ 1377.465497][T18620] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1377.792511][T18620] CPU: 0 UID: 0 PID: 18620 Comm: syz.2.2174 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1377.792553][T18620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1377.792568][T18620] Call Trace:
[ 1377.792576][T18620]  <TASK>
[ 1377.792589][T18620]  dump_stack_lvl+0x16c/0x1f0
[ 1377.792619][T18620]  should_fail_ex+0x512/0x640
[ 1377.792654][T18620]  _copy_to_user+0x32/0xd0
[ 1377.792694][T18620]  simple_read_from_buffer+0xcb/0x170
[ 1377.792721][T18620]  proc_fail_nth_read+0x197/0x240
[ 1377.792748][T18620]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1377.792775][T18620]  ? rw_verify_area+0xcf/0x6c0
[ 1377.792798][T18620]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1377.792824][T18620]  vfs_read+0x1e4/0xc60
[ 1377.792853][T18620]  ? __pfx___mutex_lock+0x10/0x10
[ 1377.792880][T18620]  ? __pfx_vfs_read+0x10/0x10
[ 1377.792914][T18620]  ? __fget_files+0x20e/0x3c0
[ 1377.792948][T18620]  ksys_read+0x12a/0x250
[ 1377.792974][T18620]  ? __pfx_ksys_read+0x10/0x10
[ 1377.793204][T18620]  ? fput+0x9b/0xd0
[ 1377.793305][T18620]  do_syscall_64+0xcd/0x490
[ 1377.793378][T18620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1377.793402][T18620] RIP: 0033:0x7f997c38d5fc
[ 1377.793432][T18620] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1377.793459][T18620] RSP: 002b:00007f997d2bb030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1377.793481][T18620] RAX: ffffffffffffffda RBX: 00007f997c5b5fa0 RCX: 00007f997c38d5fc
[ 1377.793496][T18620] RDX: 000000000000000f RSI: 00007f997d2bb0a0 RDI: 0000000000000004
[ 1377.793510][T18620] RBP: 00007f997d2bb090 R08: 0000000000000000 R09: 0000000000000000
[ 1377.793524][T18620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1377.793541][T18620] R13: 00007f997c5b6038 R14: 00007f997c5b5fa0 R15: 00007ffd9b72a098
[ 1377.793571][T18620]  </TASK>
[ 1380.123570][T18662] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[ 1381.449824][T18686] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1383.456117][T18709] FAULT_INJECTION: forcing a failure.
[ 1383.456117][T18709] name failslab, interval 1, probability 0, space 0, times 0
[ 1383.536668][T18709] CPU: 1 UID: 0 PID: 18709 Comm: syz.0.2198 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1383.536716][T18709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1383.536736][T18709] Call Trace:
[ 1383.536747][T18709]  <TASK>
[ 1383.536758][T18709]  dump_stack_lvl+0x16c/0x1f0
[ 1383.536797][T18709]  should_fail_ex+0x512/0x640
[ 1383.536979][T18709]  ? fs_reclaim_acquire+0xae/0x150
[ 1383.537035][T18709]  ? tomoyo_encode2+0x100/0x3e0
[ 1383.537074][T18709]  should_failslab+0xc2/0x120
[ 1383.537113][T18709]  __kmalloc_noprof+0xd2/0x510
[ 1383.537153][T18709]  ? d_absolute_path+0x136/0x1a0
[ 1383.537203][T18709]  tomoyo_encode2+0x100/0x3e0
[ 1383.537249][T18709]  tomoyo_encode+0x29/0x50
[ 1383.537289][T18709]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1383.537343][T18709]  tomoyo_path_number_perm+0x245/0x580
[ 1383.537380][T18709]  ? tomoyo_path_number_perm+0x237/0x580
[ 1383.537420][T18709]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1383.537457][T18709]  ? find_held_lock+0x2b/0x80
[ 1383.537530][T18709]  ? find_held_lock+0x2b/0x80
[ 1383.537562][T18709]  ? hook_file_ioctl_common+0x145/0x410
[ 1383.537609][T18709]  ? __fget_files+0x20e/0x3c0
[ 1383.537654][T18709]  security_file_ioctl+0x9b/0x240
[ 1383.537695][T18709]  __x64_sys_ioctl+0xb7/0x210
[ 1383.537754][T18709]  do_syscall_64+0xcd/0x490
[ 1383.537797][T18709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1383.537843][T18709] RIP: 0033:0x7ff9ee18ebe9
[ 1383.537871][T18709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1383.537903][T18709] RSP: 002b:00007ff9ef086038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1383.537935][T18709] RAX: ffffffffffffffda RBX: 00007ff9ee3b5fa0 RCX: 00007ff9ee18ebe9
[ 1383.537958][T18709] RDX: 0000200000000180 RSI: 0000000040189206 RDI: 0000000000000003
[ 1383.537978][T18709] RBP: 00007ff9ef086090 R08: 0000000000000000 R09: 0000000000000000
[ 1383.537999][T18709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1383.538019][T18709] R13: 00007ff9ee3b6038 R14: 00007ff9ee3b5fa0 R15: 00007ffe12f98758
[ 1383.538060][T18709]  </TASK>
[ 1383.538093][T18709] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1384.549899][T18733] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1385.314179][T18749] FAULT_INJECTION: forcing a failure.
[ 1385.314179][T18749] name failslab, interval 1, probability 0, space 0, times 0
[ 1385.333247][T18749] CPU: 0 UID: 0 PID: 18749 Comm: syz.3.2210 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1385.333294][T18749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1385.333313][T18749] Call Trace:
[ 1385.333323][T18749]  <TASK>
[ 1385.333335][T18749]  dump_stack_lvl+0x16c/0x1f0
[ 1385.333376][T18749]  should_fail_ex+0x512/0x640
[ 1385.333413][T18749]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1385.333457][T18749]  should_failslab+0xc2/0x120
[ 1385.333502][T18749]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1385.333541][T18749]  ? alloc_empty_file+0x55/0x1e0
[ 1385.333601][T18749]  alloc_empty_file+0x55/0x1e0
[ 1385.333649][T18749]  path_openat+0xda/0x2cb0
[ 1385.333684][T18749]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1385.333864][T18749]  ? __pfx_path_openat+0x10/0x10
[ 1385.333915][T18749]  do_filp_open+0x20b/0x470
[ 1385.333954][T18749]  ? __pfx_do_filp_open+0x10/0x10
[ 1385.334029][T18749]  ? alloc_fd+0x471/0x7d0
[ 1385.334077][T18749]  do_sys_openat2+0x11b/0x1d0
[ 1385.334127][T18749]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1385.334181][T18749]  ? __fget_files+0x20e/0x3c0
[ 1385.334225][T18749]  __x64_sys_openat+0x174/0x210
[ 1385.334278][T18749]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1385.334327][T18749]  ? ksys_write+0x1ac/0x250
[ 1385.334379][T18749]  do_syscall_64+0xcd/0x490
[ 1385.334419][T18749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1385.334453][T18749] RIP: 0033:0x7fabca18ebe9
[ 1385.334480][T18749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1385.334513][T18749] RSP: 002b:00007fabcaf1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1385.334544][T18749] RAX: ffffffffffffffda RBX: 00007fabca3b5fa0 RCX: 00007fabca18ebe9
[ 1385.334567][T18749] RDX: 0000000000101000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1385.334591][T18749] RBP: 00007fabcaf1f090 R08: 0000000000000000 R09: 0000000000000000
[ 1385.334611][T18749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1385.334631][T18749] R13: 00007fabca3b6038 R14: 00007fabca3b5fa0 R15: 00007ffef0356708
[ 1385.334674][T18749]  </TASK>
[ 1385.737673][T18746] FAULT_INJECTION: forcing a failure.
[ 1385.737673][T18746] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1385.757942][T18746] CPU: 1 UID: 0 PID: 18746 Comm: syz.0.2209 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1385.757992][T18746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1385.758012][T18746] Call Trace:
[ 1385.758023][T18746]  <TASK>
[ 1385.758036][T18746]  dump_stack_lvl+0x16c/0x1f0
[ 1385.758083][T18746]  should_fail_ex+0x512/0x640
[ 1385.758131][T18746]  should_fail_alloc_page+0xe7/0x130
[ 1385.758181][T18746]  prepare_alloc_pages+0x3c2/0x610
[ 1385.758235][T18746]  ? rcu_is_watching+0x12/0xc0
[ 1385.758273][T18746]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1385.758318][T18746]  ? __lock_acquire+0xb97/0x1ce0
[ 1385.758381][T18746]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1385.758424][T18746]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1385.758476][T18746]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1385.758530][T18746]  ? find_held_lock+0x2b/0x80
[ 1385.758581][T18746]  ? __lock_acquire+0xb97/0x1ce0
[ 1385.758626][T18746]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1385.758680][T18746]  ? policy_nodemask+0xea/0x4e0
[ 1385.758727][T18746]  alloc_pages_mpol+0x1fb/0x550
[ 1385.758773][T18746]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1385.758830][T18746]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1385.758884][T18746]  shmem_alloc_folio+0x135/0x160
[ 1385.758951][T18746]  shmem_alloc_and_add_folio+0x499/0xc20
[ 1385.759002][T18746]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1385.759048][T18746]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[ 1385.759096][T18746]  shmem_get_folio_gfp+0x67f/0x1600
[ 1385.759147][T18746]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1385.759192][T18746]  ? filemap_map_pages+0xf58/0x1670
[ 1385.759239][T18746]  shmem_fault+0x1fe/0xa30
[ 1385.759283][T18746]  ? __pfx_shmem_fault+0x10/0x10
[ 1385.759331][T18746]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1385.759385][T18746]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1385.759425][T18746]  __do_fault+0x10a/0x490
[ 1385.759468][T18746]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1385.759509][T18746]  do_pte_missing+0xf50/0x3ba0
[ 1385.759546][T18746]  ? find_held_lock+0x2b/0x80
[ 1385.759580][T18746]  ? __handle_mm_fault+0x14fd/0x2a50
[ 1385.759621][T18746]  __handle_mm_fault+0x152a/0x2a50
[ 1385.759663][T18746]  ? mt_find+0x3ef/0xa30
[ 1385.759706][T18746]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1385.759739][T18746]  ? __pfx_mt_find+0x10/0x10
[ 1385.759802][T18746]  ? find_vma+0xbf/0x140
[ 1385.759847][T18746]  ? __pfx_find_vma+0x10/0x10
[ 1385.759905][T18746]  handle_mm_fault+0x589/0xd10
[ 1385.759943][T18746]  ? __bpf_trace_exceptions+0x1/0x40
[ 1385.759998][T18746]  do_user_addr_fault+0x7a6/0x1370
[ 1385.760055][T18746]  ? rcu_is_watching+0x12/0xc0
[ 1385.760094][T18746]  exc_page_fault+0x5c/0xb0
[ 1385.760128][T18746]  asm_exc_page_fault+0x26/0x30
[ 1385.760159][T18746] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1385.760209][T18746] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[ 1385.760242][T18746] RSP: 0018:ffffc9000df9fa48 EFLAGS: 00050206
[ 1385.760271][T18746] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000001000
[ 1385.760291][T18746] RDX: 0000000000000000 RSI: 000000000000d000 RDI: ffff8880553bb000
[ 1385.760313][T18746] RBP: 000000000000d000 R08: 0000000000000001 R09: ffffed100aa777ff
[ 1385.760334][T18746] R10: ffff8880553bbfff R11: 0000000000000000 R12: ffffc9000df9fda0
[ 1385.760356][T18746] R13: 000000000000e000 R14: ffff8880553bb000 R15: 00007ffffffff000
[ 1385.760402][T18746]  _copy_from_iter+0x383/0x16f0
[ 1385.760452][T18746]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1385.760508][T18746]  ? __pfx__copy_from_iter+0x10/0x10
[ 1385.760556][T18746]  ? alloc_pages_mpol+0x25a/0x550
[ 1385.760604][T18746]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1385.760657][T18746]  copy_page_from_iter+0xde/0x180
[ 1385.760705][T18746]  anon_pipe_write+0xbe7/0x1a90
[ 1385.760751][T18746]  ? futex_private_hash_put+0x160/0x300
[ 1385.760798][T18746]  ? __pfx_anon_pipe_write+0x10/0x10
[ 1385.760841][T18746]  ? common_file_perm+0x1a9/0x340
[ 1385.760881][T18746]  ? bpf_lsm_file_permission+0x9/0x10
[ 1385.760943][T18746]  ? security_file_permission+0x71/0x210
[ 1385.760988][T18746]  ? rw_verify_area+0xcf/0x6c0
[ 1385.761029][T18746]  vfs_write+0x6c4/0x1150
[ 1385.761070][T18746]  ? __pfx_anon_pipe_write+0x10/0x10
[ 1385.761118][T18746]  ? __pfx_vfs_write+0x10/0x10
[ 1385.761153][T18746]  ? find_held_lock+0x2b/0x80
[ 1385.761214][T18746]  ksys_write+0x1f8/0x250
[ 1385.761253][T18746]  ? __pfx_ksys_write+0x10/0x10
[ 1385.761306][T18746]  do_syscall_64+0xcd/0x490
[ 1385.761347][T18746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1385.761381][T18746] RIP: 0033:0x7ff9ee18ebe9
[ 1385.761407][T18746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1385.761440][T18746] RSP: 002b:00007ff9ef086038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1385.761472][T18746] RAX: ffffffffffffffda RBX: 00007ff9ee3b5fa0 RCX: 00007ff9ee18ebe9
[ 1385.761494][T18746] RDX: 000000100000a3d9 RSI: 0000000000000000 RDI: 0000000000000000
[ 1385.761516][T18746] RBP: 00007ff9ee211e19 R08: 0000000000000000 R09: 0000000000000000
[ 1385.761536][T18746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1385.761556][T18746] R13: 00007ff9ee3b6038 R14: 00007ff9ee3b5fa0 R15: 00007ffe12f98758
[ 1385.761599][T18746]  </TASK>
[ 1387.386733][T18766] FAULT_INJECTION: forcing a failure.
[ 1387.386733][T18766] name failslab, interval 1, probability 0, space 0, times 0
[ 1387.466513][T18766] CPU: 1 UID: 0 PID: 18766 Comm: syz.3.2215 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1387.466557][T18766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1387.466575][T18766] Call Trace:
[ 1387.466599][T18766]  <TASK>
[ 1387.466611][T18766]  dump_stack_lvl+0x16c/0x1f0
[ 1387.466649][T18766]  should_fail_ex+0x512/0x640
[ 1387.466683][T18766]  ? fs_reclaim_acquire+0xae/0x150
[ 1387.466728][T18766]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1387.466763][T18766]  should_failslab+0xc2/0x120
[ 1387.466800][T18766]  __kmalloc_noprof+0xd2/0x510
[ 1387.466843][T18766]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1387.466888][T18766]  tomoyo_get_exe+0x63/0xa0
[ 1387.466932][T18766]  tomoyo_write_control+0x689/0x1430
[ 1387.466988][T18766]  ? __pfx_tomoyo_write_control+0x10/0x10
[ 1387.467038][T18766]  ? __pfx_tomoyo_write+0x10/0x10
[ 1387.467071][T18766]  vfs_write+0x29d/0x1150
[ 1387.467112][T18766]  ? __pfx_vfs_write+0x10/0x10
[ 1387.467145][T18766]  ? do_sys_openat2+0x157/0x1d0
[ 1387.467187][T18766]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1387.467231][T18766]  ? fd_install+0x244/0x750
[ 1387.467273][T18766]  ksys_write+0x12a/0x250
[ 1387.467304][T18766]  ? __pfx_ksys_write+0x10/0x10
[ 1387.467347][T18766]  do_syscall_64+0xcd/0x490
[ 1387.467380][T18766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1387.467408][T18766] RIP: 0033:0x7fabca18ebe9
[ 1387.467429][T18766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1387.467456][T18766] RSP: 002b:00007fabc83f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1387.467482][T18766] RAX: ffffffffffffffda RBX: 00007fabca3b6090 RCX: 00007fabca18ebe9
[ 1387.467501][T18766] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003
[ 1387.467517][T18766] RBP: 00007fabc83f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1387.467534][T18766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1387.467550][T18766] R13: 00007fabca3b6128 R14: 00007fabca3b6090 R15: 00007ffef0356708
[ 1387.467593][T18766]  </TASK>
[ 1387.467609][T18766] ERROR: Out of memory at tomoyo_realpath_from_path.

syzkaller
syzkaller login: [ 1389.305022][T18803] FAULT_INJECTION: forcing a failure.
[ 1389.305022][T18803] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1389.322862][T18803] CPU: 1 UID: 0 PID: 18803 Comm: syz.2.2216 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1389.322906][T18803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1389.322923][T18803] Call Trace:
[ 1389.322933][T18803]  <TASK>
[ 1389.322944][T18803]  dump_stack_lvl+0x16c/0x1f0
[ 1389.322981][T18803]  should_fail_ex+0x512/0x640
[ 1389.323024][T18803]  should_fail_alloc_page+0xe7/0x130
[ 1389.323067][T18803]  prepare_alloc_pages+0x3c2/0x610
[ 1389.323107][T18803]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1389.323139][T18803]  ? rcu_is_watching+0x12/0xc0
[ 1389.323162][T18803]  ? trace_kmem_cache_alloc+0x28/0xc0
[ 1389.323196][T18803]  ? kmem_cache_alloc_noprof+0x21e/0x3b0
[ 1389.323223][T18803]  ? mas_alloc_nodes+0x18b/0x8b0
[ 1389.323262][T18803]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1389.323290][T18803]  ? mas_destroy+0x5de/0xa20
[ 1389.323319][T18803]  ? perf_event_mmap+0xbb/0xd40
[ 1389.323377][T18803]  ? __pfx_perf_event_mmap+0x10/0x10
[ 1389.323414][T18803]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1389.323452][T18803]  ? policy_nodemask+0xea/0x4e0
[ 1389.323485][T18803]  alloc_pages_mpol+0x1fb/0x550
[ 1389.323518][T18803]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1389.323557][T18803]  alloc_pages_noprof+0x131/0x390
[ 1389.323590][T18803]  __pmd_alloc+0x3b/0x930
[ 1389.323624][T18803]  ? find_held_lock+0x2b/0x80
[ 1389.323649][T18803]  __handle_mm_fault+0xa06/0x2a50
[ 1389.323682][T18803]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1389.323731][T18803]  handle_mm_fault+0x589/0xd10
[ 1389.323762][T18803]  __get_user_pages+0x551/0x34a0
[ 1389.323811][T18803]  ? __pfx___get_user_pages+0x10/0x10
[ 1389.323854][T18803]  populate_vma_page_range+0x267/0x3f0
[ 1389.323893][T18803]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1389.323941][T18803]  ? __pfx_find_vma_intersection+0x10/0x10
[ 1389.323977][T18803]  ? do_mmap+0x69c/0x1210
[ 1389.324014][T18803]  __mm_populate+0x1d8/0x380
[ 1389.324052][T18803]  ? __pfx___mm_populate+0x10/0x10
[ 1389.324092][T18803]  ? up_write+0x1b2/0x520
[ 1389.324129][T18803]  vm_mmap_pgoff+0x37f/0x470
[ 1389.324166][T18803]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1389.324221][T18803]  ? __fget_files+0x20e/0x3c0
[ 1389.324255][T18803]  ksys_mmap_pgoff+0x7d/0x5c0
[ 1389.324287][T18803]  ? __pfx_ksys_write+0x10/0x10
[ 1389.324319][T18803]  __x64_sys_mmap+0x125/0x190
[ 1389.324369][T18803]  do_syscall_64+0xcd/0x490
[ 1389.324401][T18803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1389.324425][T18803] RIP: 0033:0x7f997c38ebe9
[ 1389.324444][T18803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1389.324466][T18803] RSP: 002b:00007f997d29a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1389.324487][T18803] RAX: ffffffffffffffda RBX: 00007f997c5b6090 RCX: 00007f997c38ebe9
[ 1389.324502][T18803] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[ 1389.324516][T18803] RBP: 00007f997d29a090 R08: 0000000000000002 R09: 0000000000008000
[ 1389.324530][T18803] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000001
[ 1389.324545][T18803] R13: 00007f997c5b6128 R14: 00007f997c5b6090 R15: 00007ffd9b72a098
[ 1389.324573][T18803]  </TASK>
[ 1393.123905][T18872] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2228'.
[ 1393.278651][T18872] team0: entered promiscuous mode
[ 1393.352997][T18872] team_slave_0: entered promiscuous mode
[ 1393.421577][T18872] team_slave_1: entered promiscuous mode
[ 1393.505044][T18872] team0: entered allmulticast mode
[ 1393.529134][T18872] team_slave_0: entered allmulticast mode
[ 1393.548436][T18872] team_slave_1: entered allmulticast mode
[ 1395.640193][T18906] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1396.556555][T18918] FAULT_INJECTION: forcing a failure.
[ 1396.556555][T18918] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1396.618740][T18918] CPU: 0 UID: 0 PID: 18918 Comm: syz.0.2238 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1396.618792][T18918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1396.618812][T18918] Call Trace:
[ 1396.618822][T18918]  <TASK>
[ 1396.618834][T18918]  dump_stack_lvl+0x16c/0x1f0
[ 1396.618875][T18918]  should_fail_ex+0x512/0x640
[ 1396.618918][T18918]  _copy_from_user+0x2e/0xd0
[ 1396.618975][T18918]  evdev_do_ioctl+0x1d5/0x1b30
[ 1396.619040][T18918]  ? __pfx_evdev_do_ioctl+0x10/0x10
[ 1396.619121][T18918]  evdev_ioctl+0x16f/0x1a0
[ 1396.619168][T18918]  ? __pfx_evdev_ioctl+0x10/0x10
[ 1396.619219][T18918]  __x64_sys_ioctl+0x18e/0x210
[ 1396.619282][T18918]  do_syscall_64+0xcd/0x490
[ 1396.619321][T18918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1396.619355][T18918] RIP: 0033:0x7ff9ee18ebe9
[ 1396.619380][T18918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1396.619411][T18918] RSP: 002b:00007ff9ef086038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1396.619443][T18918] RAX: ffffffffffffffda RBX: 00007ff9ee3b5fa0 RCX: 00007ff9ee18ebe9
[ 1396.619465][T18918] RDX: 0000000000000000 RSI: 0000000040104593 RDI: 0000000000000003
[ 1396.619485][T18918] RBP: 00007ff9ef086090 R08: 0000000000000000 R09: 0000000000000000
[ 1396.619505][T18918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1396.619531][T18918] R13: 00007ff9ee3b6038 R14: 00007ff9ee3b5fa0 R15: 00007ffe12f98758
[ 1396.619574][T18918]  </TASK>
[ 1397.037152][T18916] netlink: zone id is out of range
[ 1397.064327][T18916] netlink: zone id is out of range
[ 1397.101937][T18916] netlink: zone id is out of range
[ 1397.167379][T18916] netlink: zone id is out of range
[ 1397.229064][T18916] netlink: zone id is out of range
[ 1397.428209][T18916] netlink: zone id is out of range
[ 1397.485127][T18916] netlink: zone id is out of range
[ 1397.491985][T18916] netlink: zone id is out of range
[ 1397.519786][T18916] netlink: zone id is out of range
[ 1400.272175][T18964] FAULT_INJECTION: forcing a failure.
[ 1400.272175][T18964] name failslab, interval 1, probability 0, space 0, times 0
[ 1400.287689][T18964] CPU: 1 UID: 0 PID: 18964 Comm: syz.0.2247 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1400.287726][T18964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1400.287742][T18964] Call Trace:
[ 1400.287750][T18964]  <TASK>
[ 1400.287759][T18964]  dump_stack_lvl+0x16c/0x1f0
[ 1400.287792][T18964]  should_fail_ex+0x512/0x640
[ 1400.287821][T18964]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1400.287855][T18964]  should_failslab+0xc2/0x120
[ 1400.287888][T18964]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1400.287918][T18964]  ? sk_prot_alloc+0x60/0x2a0
[ 1400.287953][T18964]  sk_prot_alloc+0x60/0x2a0
[ 1400.287987][T18964]  sk_alloc+0x36/0xc20
[ 1400.288010][T18964]  unix_create1+0xa6/0x700
[ 1400.288043][T18964]  unix_create+0x110/0x270
[ 1400.288068][T18964]  __sock_create+0x338/0x8d0
[ 1400.288108][T18964]  __sys_socketpair+0x25c/0x5a0
[ 1400.288145][T18964]  ? __pfx___sys_socketpair+0x10/0x10
[ 1400.288184][T18964]  ? xfd_validate_state+0x61/0x180
[ 1400.288222][T18964]  ? __pfx_ksys_read+0x10/0x10
[ 1400.288284][T18964]  __x64_sys_socketpair+0x96/0x100
[ 1400.288321][T18964]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1400.288346][T18964]  do_syscall_64+0xcd/0x490
[ 1400.288375][T18964]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1400.288408][T18964] RIP: 0033:0x7ff9ee18ebe9
[ 1400.288428][T18964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1400.288452][T18964] RSP: 002b:00007ff9ef086038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[ 1400.288475][T18964] RAX: ffffffffffffffda RBX: 00007ff9ee3b5fa0 RCX: 00007ff9ee18ebe9
[ 1400.288490][T18964] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[ 1400.288506][T18964] RBP: 00007ff9ee211e19 R08: 0000000000000000 R09: 0000000000000000
[ 1400.288520][T18964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1400.288534][T18964] R13: 00007ff9ee3b6038 R14: 00007ff9ee3b5fa0 R15: 00007ffe12f98758
[ 1400.288564][T18964]  </TASK>
[ 1406.959734][T19043] net_ratelimit: 21 callbacks suppressed
[ 1406.959789][T19043] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1411.221623][T19113] FAULT_INJECTION: forcing a failure.
[ 1411.221623][T19113] name failslab, interval 1, probability 0, space 0, times 0
[ 1411.330775][T19113] CPU: 0 UID: 0 PID: 19113 Comm: syz.0.2276 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1411.330821][T19113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1411.330840][T19113] Call Trace:
[ 1411.330851][T19113]  <TASK>
[ 1411.330863][T19113]  dump_stack_lvl+0x16c/0x1f0
[ 1411.330905][T19113]  should_fail_ex+0x512/0x640
[ 1411.330944][T19113]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1411.330988][T19113]  should_failslab+0xc2/0x120
[ 1411.331030][T19113]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1411.331071][T19113]  ? security_file_alloc+0x34/0x2b0
[ 1411.331117][T19113]  security_file_alloc+0x34/0x2b0
[ 1411.331157][T19113]  init_file+0x93/0x4c0
[ 1411.331204][T19113]  alloc_empty_file+0x73/0x1e0
[ 1411.331254][T19113]  path_openat+0xda/0x2cb0
[ 1411.331290][T19113]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1411.331337][T19113]  ? __pfx_path_openat+0x10/0x10
[ 1411.331398][T19113]  do_filp_open+0x20b/0x470
[ 1411.331439][T19113]  ? __pfx_do_filp_open+0x10/0x10
[ 1411.331516][T19113]  ? alloc_fd+0x471/0x7d0
[ 1411.331562][T19113]  do_sys_openat2+0x11b/0x1d0
[ 1411.331613][T19113]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1411.331666][T19113]  ? __fget_files+0x20e/0x3c0
[ 1411.331709][T19113]  __x64_sys_openat+0x174/0x210
[ 1411.331762][T19113]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1411.331811][T19113]  ? ksys_write+0x1ac/0x250
[ 1411.331862][T19113]  do_syscall_64+0xcd/0x490
[ 1411.331901][T19113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1411.331934][T19113] RIP: 0033:0x7ff9ee18ebe9
[ 1411.331960][T19113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1411.331992][T19113] RSP: 002b:00007ff9ef086038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1411.332022][T19113] RAX: ffffffffffffffda RBX: 00007ff9ee3b5fa0 RCX: 00007ff9ee18ebe9
[ 1411.332044][T19113] RDX: 0000000000040001 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1411.332065][T19113] RBP: 00007ff9ef086090 R08: 0000000000000000 R09: 0000000000000000
[ 1411.332085][T19113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1411.332105][T19113] R13: 00007ff9ee3b6038 R14: 00007ff9ee3b5fa0 R15: 00007ffe12f98758
[ 1411.332147][T19113]  </TASK>
[ 1415.541858][T19186] FAULT_INJECTION: forcing a failure.
[ 1415.541858][T19186] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1415.617805][T19186] CPU: 0 UID: 0 PID: 19186 Comm: syz.3.2293 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1415.617858][T19186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1415.617879][T19186] Call Trace:
[ 1415.617890][T19186]  <TASK>
[ 1415.617905][T19186]  dump_stack_lvl+0x16c/0x1f0
[ 1415.617949][T19186]  should_fail_ex+0x512/0x640
[ 1415.618002][T19186]  _copy_from_iter+0x29f/0x16f0
[ 1415.618059][T19186]  ? __alloc_skb+0x200/0x380
[ 1415.618107][T19186]  ? __pfx__copy_from_iter+0x10/0x10
[ 1415.618160][T19186]  ? __pfx___might_resched+0x10/0x10
[ 1415.618197][T19186]  ? __lock_acquire+0xb97/0x1ce0
[ 1415.618259][T19186]  netlink_sendmsg+0x829/0xdd0
[ 1415.618310][T19186]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1415.618359][T19186]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1415.618426][T19186]  ____sys_sendmsg+0xa98/0xc70
[ 1415.618476][T19186]  ? copy_msghdr_from_user+0x10a/0x160
[ 1415.618515][T19186]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1415.618587][T19186]  ___sys_sendmsg+0x134/0x1d0
[ 1415.618628][T19186]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1415.618707][T19186]  ? __mutex_unlock_slowpath+0x140/0x800
[ 1415.618767][T19186]  __sys_sendmsg+0x16d/0x220
[ 1415.618805][T19186]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1415.618875][T19186]  do_syscall_64+0xcd/0x490
[ 1415.618919][T19186]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1415.618956][T19186] RIP: 0033:0x7fabca18ebe9
[ 1415.618983][T19186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1415.619019][T19186] RSP: 002b:00007fabcaf1f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1415.619054][T19186] RAX: ffffffffffffffda RBX: 00007fabca3b5fa0 RCX: 00007fabca18ebe9
[ 1415.619078][T19186] RDX: 0000000004000000 RSI: 00002000000002c0 RDI: 0000000000000003
[ 1415.619108][T19186] RBP: 00007fabcaf1f090 R08: 0000000000000000 R09: 0000000000000000
[ 1415.619132][T19186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1415.619154][T19186] R13: 00007fabca3b6038 R14: 00007fabca3b5fa0 R15: 00007ffef0356708
[ 1415.619202][T19186]  </TASK>
[ 1416.215919][T19184] FAULT_INJECTION: forcing a failure.
[ 1416.215919][T19184] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1416.215971][T19184] CPU: 1 UID: 0 PID: 19184 Comm: syz.2.2291 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1416.216013][T19184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1416.216129][T19184] Call Trace:
[ 1416.216142][T19184]  <TASK>
[ 1416.216152][T19184]  dump_stack_lvl+0x16c/0x1f0
[ 1416.216198][T19184]  should_fail_ex+0x512/0x640
[ 1416.216246][T19184]  should_fail_alloc_page+0xe7/0x130
[ 1416.216302][T19184]  prepare_alloc_pages+0x3c2/0x610
[ 1416.216358][T19184]  ? rcu_is_watching+0x12/0xc0
[ 1416.216397][T19184]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1416.216447][T19184]  ? rcu_is_watching+0x12/0xc0
[ 1416.216483][T19184]  ? trace_mm_page_alloc+0x11f/0x1a0
[ 1416.216539][T19184]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[ 1416.216581][T19184]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1416.216636][T19184]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1416.216674][T19184]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1416.216717][T19184]  ? stack_depot_save_flags+0x3de/0x9c0
[ 1416.216775][T19184]  ? alloc_vmap_area+0x645/0x29c0
[ 1416.216830][T19184]  ? __vmalloc_node_range_noprof+0x271/0x14b0
[ 1416.216864][T19184]  ? __do_sys_listmount+0x1c2/0xf80
[ 1416.216896][T19184]  ? do_syscall_64+0xcd/0x490
[ 1416.216932][T19184]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1416.216988][T19184]  alloc_pages_bulk_noprof+0x71c/0x1410
[ 1416.217032][T19184]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1416.217088][T19184]  ? policy_nodemask+0xea/0x4e0
[ 1416.217151][T19184]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[ 1416.217197][T19184]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1416.217264][T19184]  kasan_populate_vmalloc+0xf1/0x1f0
[ 1416.217313][T19184]  alloc_vmap_area+0x959/0x29c0
[ 1416.217384][T19184]  ? __pfx_alloc_vmap_area+0x10/0x10
[ 1416.217445][T19184]  __get_vm_area_node+0x1ca/0x330
[ 1416.217508][T19184]  __vmalloc_node_range_noprof+0x271/0x14b0
[ 1416.217543][T19184]  ? __do_sys_listmount+0x1c2/0xf80
[ 1416.217577][T19184]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1416.217630][T19184]  ? policy_nodemask+0xea/0x4e0
[ 1416.217678][T19184]  ? __do_sys_listmount+0x1c2/0xf80
[ 1416.217724][T19184]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1416.217764][T19184]  ? ___kmalloc_large_node+0xed/0x160
[ 1416.217824][T19184]  __kvmalloc_node_noprof+0x30a/0x620
[ 1416.217862][T19184]  ? __do_sys_listmount+0x1c2/0xf80
[ 1416.217898][T19184]  ? __do_sys_listmount+0x1c2/0xf80
[ 1416.217939][T19184]  ? __do_sys_listmount+0x1c2/0xf80
[ 1416.217969][T19184]  __do_sys_listmount+0x1c2/0xf80
[ 1416.218004][T19184]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1416.218043][T19184]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1416.218086][T19184]  ? __pfx___do_sys_listmount+0x10/0x10
[ 1416.218147][T19184]  do_syscall_64+0xcd/0x490
[ 1416.218187][T19184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1416.218222][T19184] RIP: 0033:0x7f997c38ebe9
[ 1416.218255][T19184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1416.218287][T19184] RSP: 002b:00007f997d258038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[ 1416.218318][T19184] RAX: ffffffffffffffda RBX: 00007f997c5b6270 RCX: 00007f997c38ebe9
[ 1416.218339][T19184] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[ 1416.218359][T19184] RBP: 00007f997c411e19 R08: 0000000000000000 R09: 0000000000000000
[ 1416.218376][T19184] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 1416.218395][T19184] R13: 00007f997c5b6308 R14: 00007f997c5b6270 R15: 00007ffd9b72a098
[ 1416.218436][T19184]  </TASK>
[ 1416.220021][T19184] syz.2.2291: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1416.220405][T19184] CPU: 1 UID: 0 PID: 19184 Comm: syz.2.2291 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1416.220449][T19184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1416.220469][T19184] Call Trace:
[ 1416.220487][T19184]  <TASK>
[ 1416.220499][T19184]  dump_stack_lvl+0x16c/0x1f0
[ 1416.220540][T19184]  warn_alloc+0x248/0x3a0
[ 1416.220582][T19184]  ? __pfx_warn_alloc+0x10/0x10
[ 1416.220625][T19184]  ? kfree+0x2b4/0x4d0
[ 1416.220666][T19184]  ? __get_vm_area_node+0x208/0x330
[ 1416.220725][T19184]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[ 1416.220760][T19184]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1416.220813][T19184]  ? policy_nodemask+0xea/0x4e0
[ 1416.220860][T19184]  ? __do_sys_listmount+0x1c2/0xf80
[ 1416.220902][T19184]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1416.220941][T19184]  ? ___kmalloc_large_node+0xed/0x160
[ 1416.221001][T19184]  __kvmalloc_node_noprof+0x30a/0x620
[ 1416.221039][T19184]  ? __do_sys_listmount+0x1c2/0xf80
[ 1416.221087][T19184]  ? __do_sys_listmount+0x1c2/0xf80
[ 1416.221130][T19184]  ? __do_sys_listmount+0x1c2/0xf80
[ 1416.221162][T19184]  __do_sys_listmount+0x1c2/0xf80
[ 1416.221205][T19184]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1416.221247][T19184]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1416.221293][T19184]  ? __pfx___do_sys_listmount+0x10/0x10
[ 1416.221347][T19184]  do_syscall_64+0xcd/0x490
[ 1416.221385][T19184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1416.221419][T19184] RIP: 0033:0x7f997c38ebe9
[ 1416.221446][T19184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1416.221480][T19184] RSP: 002b:00007f997d258038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[ 1416.221512][T19184] RAX: ffffffffffffffda RBX: 00007f997c5b6270 RCX: 00007f997c38ebe9
[ 1416.221535][T19184] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[ 1416.221558][T19184] RBP: 00007f997c411e19 R08: 0000000000000000 R09: 0000000000000000
[ 1416.221578][T19184] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 1416.221598][T19184] R13: 00007f997c5b6308 R14: 00007f997c5b6270 R15: 00007ffd9b72a098
[ 1416.221640][T19184]  </TASK>
[ 1416.221652][T19184] Mem-Info:
[ 1416.221676][T19184] active_anon:17604 inactive_anon:1189 isolated_anon:0
[ 1416.221676][T19184]  active_file:16989 inactive_file:39526 isolated_file:0
[ 1416.221676][T19184]  unevictable:768 dirty:1003 writeback:0
[ 1416.221676][T19184]  slab_reclaimable:14272 slab_unreclaimable:113463
[ 1416.221676][T19184]  mapped:27763 shmem:7558 pagetables:1066
[ 1416.221676][T19184]  sec_pagetables:0 bounce:0
[ 1416.221676][T19184]  kernel_misc_reclaimable:0
[ 1416.221676][T19184]  free:1295407 free_pcp:10945 free_cma:0
[ 1416.221768][T19184] Node 0 active_anon:70416kB inactive_anon:4756kB active_file:67940kB inactive_file:157924kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111052kB dirty:4008kB writeback:0kB shmem:28696kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11336kB pagetables:4116kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1416.221859][T19184] Node 1 active_anon:0kB inactive_anon:0kB active_file:16kB inactive_file:180kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1416.221942][T19184] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1416.222036][T19184] lowmem_reserve[]: 0 2480 2481 2481 2481
[ 1416.222115][T19184] Node 0 DMA32 free:1258484kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:70372kB inactive_anon:4756kB active_file:66688kB inactive_file:157848kB unevictable:1536kB writepending:4008kB present:3129332kB managed:2539676kB mlocked:0kB bounce:0kB free_pcp:42288kB local_pcp:21488kB free_cma:0kB
[ 1416.286824][T19184] lowmem_reserve[]: 0 0 1 1 1
[ 1416.286929][T19184] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:1252kB inactive_file:76kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[ 1416.287033][T19184] lowmem_reserve[]: 0 0 0 0 0
[ 1416.287114][T19184] Node 1 Normal free:3907776kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:16kB inactive_file:180kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:1468kB local_pcp:248kB free_cma:0kB
[ 1416.287210][T19184] lowmem_reserve[]: 0 0 0 0 0
[ 1416.287273][T19184] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1416.287484][T19184] Node 0 DMA32: 1563*4kB (UM) 1008*8kB (UME) 1084*16kB (UME) 584*32kB (U) 318*64kB (UME) 139*128kB (UME) 48*256kB (UME) 21*512kB (UME) 16*1024kB (UM) 4*2048kB (UME) 274*4096kB (UM) = 1258412kB
[ 1416.287777][T19184] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[ 1416.287965][T19184] Node 1 Normal: 134*4kB (UME) 57*8kB (UME) 46*16kB (UME) 238*32kB (UME) 99*64kB (UME) 39*128kB (UME) 10*256kB (UM) 3*512kB (UM) 4*1024kB (UME) 2*2048kB (UE) 946*4096kB (M) = 3907776kB
[ 1416.288271][T19184] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1416.288300][T19184] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1416.288329][T19184] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1416.288357][T19184] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1416.288385][T19184] 63994 total pagecache pages
[ 1416.288397][T19184] 0 pages in swap cache
[ 1416.288408][T19184] Free swap  = 124988kB
[ 1416.288420][T19184] Total swap = 124996kB
[ 1416.288433][T19184] 2097051 pages RAM
[ 1416.288444][T19184] 0 pages HighMem/MovableOnly
[ 1416.288457][T19184] 430170 pages reserved
[ 1416.288468][T19184] 0 pages cma reserved
[ 1416.314534][T19191] ERROR: Out of memory at tomoyo_memory_ok.
[ 1419.294966][T19228] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet.
[ 1419.691427][   T30] audit: type=1800 audit(6049471996.412:4): pid=19240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2306" name="members" dev="configfs" ino=49047 res=0 errno=0
[ 1421.431782][T19266] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1427.362485][T19324] FAULT_INJECTION: forcing a failure.
[ 1427.362485][T19324] name failslab, interval 1, probability 0, space 0, times 0
[ 1427.470835][T19324] CPU: 0 UID: 0 PID: 19324 Comm: syz.2.2322 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1427.470884][T19324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1427.470905][T19324] Call Trace:
[ 1427.470915][T19324]  <TASK>
[ 1427.470928][T19324]  dump_stack_lvl+0x16c/0x1f0
[ 1427.470970][T19324]  should_fail_ex+0x512/0x640
[ 1427.471011][T19324]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1427.471069][T19324]  should_failslab+0xc2/0x120
[ 1427.471116][T19324]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1427.471156][T19324]  ? d_instantiate+0x77/0x90
[ 1427.471197][T19324]  ? alloc_empty_file+0x55/0x1e0
[ 1427.471254][T19324]  alloc_empty_file+0x55/0x1e0
[ 1427.471324][T19324]  alloc_file_pseudo+0x13a/0x230
[ 1427.471385][T19324]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1427.471450][T19324]  __shmem_file_setup+0x1a3/0x330
[ 1427.471490][T19324]  shmem_zero_setup+0x93/0x1a0
[ 1427.471539][T19324]  __mmap_region+0x2081/0x27b0
[ 1427.471582][T19324]  ? lock_acquire+0x179/0x350
[ 1427.471628][T19324]  ? __pfx___mmap_region+0x10/0x10
[ 1427.471682][T19324]  ? finish_task_switch.isra.0+0x2fa/0xc10
[ 1427.471720][T19324]  ? rcu_is_watching+0x12/0xc0
[ 1427.471753][T19324]  ? trace_sched_exit_tp+0xd1/0x120
[ 1427.471804][T19324]  ? __schedule+0x11a3/0x5de0
[ 1427.471905][T19324]  ? trace_cap_capable+0x18d/0x200
[ 1427.471971][T19324]  mmap_region+0x1ab/0x3f0
[ 1427.472012][T19324]  ? __get_unmapped_area+0x267/0x440
[ 1427.472071][T19324]  do_mmap+0xa3e/0x1210
[ 1427.472129][T19324]  ? __pfx_do_mmap+0x10/0x10
[ 1427.472179][T19324]  ? __pfx_down_write_killable+0x10/0x10
[ 1427.472219][T19324]  ? kmem_cache_free+0x2d1/0x4d0
[ 1427.472264][T19324]  vm_mmap_pgoff+0x29e/0x470
[ 1427.472320][T19324]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1427.472380][T19324]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1427.472422][T19324]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1427.472471][T19324]  ksys_mmap_pgoff+0x7d/0x5c0
[ 1427.472519][T19324]  ? xfd_validate_state+0x61/0x180
[ 1427.472575][T19324]  __x64_sys_mmap+0x125/0x190
[ 1427.472641][T19324]  do_syscall_64+0xcd/0x490
[ 1427.472683][T19324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1427.472860][T19324] RIP: 0033:0x7f997c38ebe9
[ 1427.472897][T19324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1427.472931][T19324] RSP: 002b:00007f997d2bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1427.472963][T19324] RAX: ffffffffffffffda RBX: 00007f997c5b5fa0 RCX: 00007f997c38ebe9
[ 1427.472989][T19324] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000
[ 1427.473015][T19324] RBP: 00007f997c411e19 R08: 0000000000000401 R09: 0000000000008000
[ 1427.473037][T19324] R10: 0040000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[ 1427.473058][T19324] R13: 00007f997c5b6038 R14: 00007f997c5b5fa0 R15: 00007ffd9b72a098
[ 1427.473469][T19324]  </TASK>
[ 1429.595524][T19341] FAULT_INJECTION: forcing a failure.
[ 1429.595524][T19341] name failslab, interval 1, probability 0, space 0, times 0
[ 1429.715299][T19341] CPU: 1 UID: 0 PID: 19341 Comm: syz.2.2325 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1429.715345][T19341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1429.715375][T19341] Call Trace:
[ 1429.715394][T19341]  <TASK>
[ 1429.715407][T19341]  dump_stack_lvl+0x16c/0x1f0
[ 1429.715446][T19341]  should_fail_ex+0x512/0x640
[ 1429.715484][T19341]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1429.715527][T19341]  should_failslab+0xc2/0x120
[ 1429.715570][T19341]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1429.715610][T19341]  ? security_file_alloc+0x34/0x2b0
[ 1429.715656][T19341]  security_file_alloc+0x34/0x2b0
[ 1429.715700][T19341]  init_file+0x93/0x4c0
[ 1429.715748][T19341]  alloc_empty_file+0x73/0x1e0
[ 1429.715797][T19341]  path_openat+0xda/0x2cb0
[ 1429.715841][T19341]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1429.715903][T19341]  ? __pfx_path_openat+0x10/0x10
[ 1429.715951][T19341]  do_filp_open+0x20b/0x470
[ 1429.715990][T19341]  ? __pfx_do_filp_open+0x10/0x10
[ 1429.716056][T19341]  ? alloc_fd+0x471/0x7d0
[ 1429.716102][T19341]  do_sys_openat2+0x11b/0x1d0
[ 1429.716152][T19341]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1429.716443][T19341]  ? __fget_files+0x20e/0x3c0
[ 1429.716487][T19341]  __x64_sys_openat+0x174/0x210
[ 1429.716537][T19341]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1429.716586][T19341]  ? ksys_write+0x1ac/0x250
[ 1429.716635][T19341]  do_syscall_64+0xcd/0x490
[ 1429.716673][T19341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1429.716708][T19341] RIP: 0033:0x7f997c38ebe9
[ 1429.716735][T19341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1429.716768][T19341] RSP: 002b:00007f997d2bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1429.716798][T19341] RAX: ffffffffffffffda RBX: 00007f997c5b5fa0 RCX: 00007f997c38ebe9
[ 1429.716820][T19341] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1429.716840][T19341] RBP: 00007f997d2bb090 R08: 0000000000000000 R09: 0000000000000000
[ 1429.716860][T19341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1429.716877][T19341] R13: 00007f997c5b6038 R14: 00007f997c5b5fa0 R15: 00007ffd9b72a098
[ 1429.716912][T19341]  </TASK>
[ 1430.556971][T19353] ptp ptp0: new virtual clock ptp1
[ 1430.572336][T19353] ptp ptp0: new virtual clock ptp2
[ 1430.630490][T19353] ptp ptp0: new virtual clock ptp3
[ 1430.647952][T19353] ptp ptp0: guarantee physical clock free running
[ 1431.584909][T19371] FAULT_INJECTION: forcing a failure.
[ 1431.584909][T19371] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1431.688094][T19371] CPU: 0 UID: 0 PID: 19371 Comm: syz.3.2332 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1431.688148][T19371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1431.688167][T19371] Call Trace:
[ 1431.688177][T19371]  <TASK>
[ 1431.688189][T19371]  dump_stack_lvl+0x16c/0x1f0
[ 1431.688227][T19371]  should_fail_ex+0x512/0x640
[ 1431.688277][T19371]  _copy_to_user+0x32/0xd0
[ 1431.688312][T19371]  simple_read_from_buffer+0xcb/0x170
[ 1431.688340][T19371]  proc_fail_nth_read+0x197/0x240
[ 1431.688366][T19371]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1431.688394][T19371]  ? rw_verify_area+0xcf/0x6c0
[ 1431.688417][T19371]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1431.688442][T19371]  vfs_read+0x1e4/0xc60
[ 1431.688472][T19371]  ? __pfx___mutex_lock+0x10/0x10
[ 1431.688499][T19371]  ? __pfx_vfs_read+0x10/0x10
[ 1431.688532][T19371]  ? __fget_files+0x20e/0x3c0
[ 1431.688567][T19371]  ksys_read+0x12a/0x250
[ 1431.688593][T19371]  ? __pfx_ksys_read+0x10/0x10
[ 1431.688620][T19371]  ? fput+0x9b/0xd0
[ 1431.688657][T19371]  do_syscall_64+0xcd/0x490
[ 1431.688686][T19371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1431.688722][T19371] RIP: 0033:0x7fabca18d5fc
[ 1431.688743][T19371] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1431.688769][T19371] RSP: 002b:00007fabcaf1f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1431.688838][T19371] RAX: ffffffffffffffda RBX: 00007fabca3b5fa0 RCX: 00007fabca18d5fc
[ 1431.690385][T19371] RDX: 000000000000000f RSI: 00007fabcaf1f0a0 RDI: 0000000000000004
[ 1431.690405][T19371] RBP: 00007fabcaf1f090 R08: 0000000000000000 R09: 0000000000000000
[ 1431.690423][T19371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1431.690440][T19371] R13: 00007fabca3b6038 R14: 00007fabca3b5fa0 R15: 00007ffef0356708
[ 1431.690480][T19371]  </TASK>
[ 1433.520823][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1433.531510][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1435.076211][T19400] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1435.090225][T19400] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1435.105621][T19400] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1435.120075][T19400] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1435.132967][T19400] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1437.310468][T16265] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1437.333158][T19400] Bluetooth: hci4: command tx timeout
[ 1437.559020][T19398] chnl_net:caif_netlink_parms(): no params data found
[ 1437.917633][T16265] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1438.242238][T16265] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1438.371543][T16265] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1438.492273][T19398] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1438.548352][T19398] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1438.566458][T19398] bridge_slave_0: entered allmulticast mode
[ 1438.596117][T19398] bridge_slave_0: entered promiscuous mode
[ 1438.665125][T19398] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1438.676009][T19398] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1438.687322][T19398] bridge_slave_1: entered allmulticast mode
[ 1438.699752][T19398] bridge_slave_1: entered promiscuous mode
[ 1438.793644][T19450] ptp ptp0: guarantee physical clock free running
[ 1438.830425][T19398] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1438.878268][T19398] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1439.281871][T19398] team0: Port device team_slave_0 added
[ 1439.354479][T19398] team0: Port device team_slave_1 added
[ 1439.389216][T16265] bridge_slave_1: left allmulticast mode
[ 1439.406886][T19400] Bluetooth: hci4: command tx timeout
[ 1439.426433][T16265] bridge_slave_1: left promiscuous mode
[ 1439.445762][T16265] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1439.465844][T16265] bridge_slave_0: left allmulticast mode
[ 1439.481747][T16265] bridge_slave_0: left promiscuous mode
[ 1439.491061][T16265] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1441.462399][T19400] Bluetooth: hci4: command tx timeout
[ 1441.710094][T16265] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1441.726662][T16265] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1441.775492][T16265] bond0 (unregistering): Released all slaves
[ 1441.962878][T19398] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1442.000179][T19398] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1442.045922][T19398] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1442.224497][T19398] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1442.250667][T19398] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1442.290213][T19398] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1442.954269][T19398] hsr_slave_0: entered promiscuous mode
[ 1443.025490][T19398] hsr_slave_1: entered promiscuous mode
[ 1443.036611][T19398] debugfs: 'hsr0' already exists in 'hsr'
[ 1443.093274][T19398] Cannot create hsr debugfs directory
[ 1443.540816][T19400] Bluetooth: hci4: command tx timeout
[ 1443.913019][T19498] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1446.414468][T19398] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1446.504279][T19398] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1446.647892][T19398] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1446.682154][T19398] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1447.979885][T19541] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1447.986825][T19541] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1448.088623][T19541] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1448.156740][T19541] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1448.236538][T19541] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1448.243103][T19541] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1448.316808][T19541] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1448.323682][T19541] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1448.395013][T19541] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1449.356645][T19398] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1449.498258][T19398] 8021q: adding VLAN 0 to HW filter on device team0
[ 1449.648955][T19576] ERROR: Out of memory at tomoyo_memory_ok.
[ 1449.686414][ T3591] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1449.694010][ T3591] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1449.740572][ T3591] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1449.748759][ T3591] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1449.897417][ T5869] Bluetooth: hci0: command 0x0406 tx timeout
[ 1450.136610][ T5869] Bluetooth: hci1: command 0x0406 tx timeout
[ 1450.305078][ T5869] Bluetooth: hci2: command 0x0406 tx timeout
[ 1450.374971][ T5869] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1451.413007][T16265] hsr_slave_0: left promiscuous mode
[ 1451.488219][T16265] hsr_slave_1: left promiscuous mode
[ 1451.518427][T16265] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1451.569284][T16265] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1451.614862][T16265] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1451.636406][T16265] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1451.765734][T16265] veth1_macvtap: left promiscuous mode
[ 1451.780247][T16265] veth0_macvtap: left promiscuous mode
[ 1451.795472][T16265] veth1_vlan: left promiscuous mode
[ 1451.801828][T16265] veth0_vlan: left promiscuous mode
[ 1451.966838][ T5869] Bluetooth: hci0: command 0x0406 tx timeout
[ 1452.211911][ T5869] Bluetooth: hci1: command 0x0406 tx timeout
[ 1452.365794][ T5869] Bluetooth: hci2: command 0x0406 tx timeout
[ 1452.444330][ T5869] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1454.513353][ T5869] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1454.555246][T16265] team0 (unregistering): Port device team_slave_1 removed
[ 1454.605701][T16265] team0 (unregistering): Port device team_slave_0 removed
[ 1455.872264][T19398] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1455.993852][T19398] veth0_vlan: entered promiscuous mode
[ 1456.014694][T19398] veth1_vlan: entered promiscuous mode
[ 1456.062717][T19398] veth0_macvtap: entered promiscuous mode
[ 1456.102106][T19398] veth1_macvtap: entered promiscuous mode
[ 1456.189713][T19398] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1456.486403][T19660] netlink: 'syz.1.2373': attribute type 1 has an invalid length.
[ 1456.556614][T19398] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1456.628376][T19658] can: request_module (can-proto-0) failed.
[ 1456.714045][   T59] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1456.747679][   T59] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1456.797753][   T59] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1456.850777][   T59] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1457.546506][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1457.642070][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1457.833540][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1457.882051][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1458.084891][T19678] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1458.520720][T19674] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1459.567293][T19700] ERROR: Out of memory at tomoyo_memory_ok.
[ 1460.628404][T19691] random: crng reseeded on system resumption
[ 1463.489512][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1464.193579][T19749] ptp ptp0: guarantee physical clock free running
[ 1465.896216][T19792] ERROR: Out of memory at tomoyo_memory_ok.
[ 1467.182337][T19804] ptp ptp0: guarantee physical clock free running
[ 1467.516230][T19811] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[ 1467.548230][T19400] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1467.574168][T19400] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1467.588189][T19400] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1467.603971][T19400] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1467.615802][T19400] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1469.025573][T18476] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1469.370797][T18476] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1469.563883][T19812] chnl_net:caif_netlink_parms(): no params data found
[ 1469.714278][T19400] Bluetooth: hci2: command tx timeout
[ 1469.835700][T19830] FAULT_INJECTION: forcing a failure.
[ 1469.835700][T19830] name failslab, interval 1, probability 0, space 0, times 0
[ 1469.850762][T19830] CPU: 0 UID: 0 PID: 19830 Comm: syz.0.2408 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1469.850809][T19830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1469.850828][T19830] Call Trace:
[ 1469.850840][T19830]  <TASK>
[ 1469.850852][T19830]  dump_stack_lvl+0x16c/0x1f0
[ 1469.850895][T19830]  should_fail_ex+0x512/0x640
[ 1469.850934][T19830]  ? fs_reclaim_acquire+0xae/0x150
[ 1469.850988][T19830]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1469.851030][T19830]  should_failslab+0xc2/0x120
[ 1469.851074][T19830]  __kmalloc_noprof+0xd2/0x510
[ 1469.851125][T19830]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1469.851182][T19830]  tomoyo_check_open_permission+0x2ab/0x3c0
[ 1469.851233][T19830]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1469.851312][T19830]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1469.851370][T19830]  tomoyo_file_open+0x6b/0x90
[ 1469.851424][T19830]  security_file_open+0x84/0x1e0
[ 1469.851458][T19830]  do_dentry_open+0x596/0x1530
[ 1469.851504][T19830]  vfs_open+0x82/0x3f0
[ 1469.851549][T19830]  path_openat+0x1de4/0x2cb0
[ 1469.851594][T19830]  ? __pfx_path_openat+0x10/0x10
[ 1469.851636][T19830]  do_filp_open+0x20b/0x470
[ 1469.851671][T19830]  ? __pfx_do_filp_open+0x10/0x10
[ 1469.851729][T19830]  ? alloc_fd+0x471/0x7d0
[ 1469.851767][T19830]  do_sys_openat2+0x11b/0x1d0
[ 1469.851810][T19830]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1469.851856][T19830]  ? __fget_files+0x20e/0x3c0
[ 1469.851892][T19830]  __x64_sys_openat+0x174/0x210
[ 1469.851936][T19830]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1469.851979][T19830]  ? ksys_write+0x1ac/0x250
[ 1469.852023][T19830]  do_syscall_64+0xcd/0x490
[ 1469.852057][T19830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1469.852086][T19830] RIP: 0033:0x7ff9ee18ebe9
[ 1469.852108][T19830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1469.852136][T19830] RSP: 002b:00007ff9ef086038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1469.852161][T19830] RAX: ffffffffffffffda RBX: 00007ff9ee3b5fa0 RCX: 00007ff9ee18ebe9
[ 1469.852179][T19830] RDX: 0000000000101000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1469.852197][T19830] RBP: 00007ff9ef086090 R08: 0000000000000000 R09: 0000000000000000
[ 1469.852214][T19830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1469.852230][T19830] R13: 00007ff9ee3b6038 R14: 00007ff9ee3b5fa0 R15: 00007ffe12f98758
[ 1469.852264][T19830]  </TASK>
[ 1469.852280][T19830] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1469.985990][T18476] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1470.212003][T19833] ERROR: Out of memory at tomoyo_memory_ok.
[ 1470.624383][T18476] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1471.347140][T19812] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1471.358480][T19812] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1471.405002][T19812] bridge_slave_0: entered allmulticast mode
[ 1471.415151][T19812] bridge_slave_0: entered promiscuous mode
[ 1471.451046][T19812] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1471.474452][T19812] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1471.484207][T19812] bridge_slave_1: entered allmulticast mode
[ 1471.499078][T19812] bridge_slave_1: entered promiscuous mode
[ 1471.648047][T19857] netlink: 'syz.1.2415': attribute type 1 has an invalid length.
[ 1471.708862][T19812] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1471.784182][T19400] Bluetooth: hci2: command tx timeout
[ 1471.800483][T19812] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1472.186307][T19812] team0: Port device team_slave_0 added
[ 1472.287576][T18476] bridge_slave_1: left allmulticast mode
[ 1472.320049][T18476] bridge_slave_1: left promiscuous mode
[ 1472.482140][T18476] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1472.588826][T19854] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1472.687416][T18476] bridge_slave_0: left allmulticast mode
[ 1472.728992][T18476] bridge_slave_0: left promiscuous mode
[ 1472.738440][T18476] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1473.856167][T19400] Bluetooth: hci2: command tx timeout
[ 1475.151171][T18476] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1475.239487][T18476] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1475.388878][T18476] bond0 (unregistering): Released all slaves
[ 1475.626760][T19812] team0: Port device team_slave_1 added
[ 1475.921933][T19400] Bluetooth: hci2: command tx timeout
[ 1476.279369][T19812] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1476.325537][T19812] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1476.429893][T19812] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1476.668922][T19812] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1476.722075][T19812] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1476.793983][T19812] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1477.566548][T19812] hsr_slave_0: entered promiscuous mode
[ 1477.585434][T19812] hsr_slave_1: entered promiscuous mode
[ 1477.612390][T19812] debugfs: 'hsr0' already exists in 'hsr'
[ 1477.643021][T19812] Cannot create hsr debugfs directory
[ 1479.826519][T19926] netlink: 'syz.3.2425': attribute type 1 has an invalid length.
[ 1482.042353][T19812] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1482.367305][T19812] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1482.629212][T19812] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1482.985269][T19812] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1483.742859][T19975] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1484.138656][T19812] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1484.493668][T19812] 8021q: adding VLAN 0 to HW filter on device team0
[ 1484.582886][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1484.591647][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1484.709520][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1484.717959][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1484.864028][T19812] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1484.898064][T19812] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1485.881160][T19812] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1486.500965][T19812] veth0_vlan: entered promiscuous mode
[ 1486.630335][T19812] veth1_vlan: entered promiscuous mode
[ 1487.110584][T18476] hsr_slave_0: left promiscuous mode
[ 1487.173294][T18476] hsr_slave_1: left promiscuous mode
[ 1487.180137][T18476] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1487.213150][T18476] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1487.255528][T18476] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1487.280473][T18476] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1487.378459][T18476] veth1_macvtap: left promiscuous mode
[ 1487.452883][T18476] veth0_macvtap: left promiscuous mode
[ 1487.493295][T18476] veth1_vlan: left promiscuous mode
[ 1487.501500][T18476] veth0_vlan: left promiscuous mode
[ 1488.256434][   T30] audit: type=1800 audit(6049472065.369:5): pid=20012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2436" name="members" dev="configfs" ino=54698 res=0 errno=0
[ 1489.715641][T18476] team_slave_1 (unregistering): left promiscuous mode
[ 1489.726104][T18476] team_slave_1 (unregistering): left allmulticast mode
[ 1489.737475][T18476] team0 (unregistering): Port device team_slave_1 removed
[ 1489.846756][T18476] team_slave_0 (unregistering): left promiscuous mode
[ 1489.857392][T18476] team_slave_0 (unregistering): left allmulticast mode
[ 1489.892770][T18476] team0 (unregistering): Port device team_slave_0 removed
[ 1491.233518][T19812] veth0_macvtap: entered promiscuous mode
[ 1491.335270][T19812] veth1_macvtap: entered promiscuous mode
[ 1491.549821][T19812] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1491.566287][T19812] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1491.707775][T16265] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1491.735057][T16265] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1491.777247][T16265] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1491.823925][T16265] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1491.896685][T20030] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1492.453344][T13579] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1492.472070][T13579] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1492.678846][T16265] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1492.745332][T16265] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1494.216195][ T5869] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1494.246250][ T5869] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1494.277840][ T5869] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1494.304124][ T5869] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1494.315924][ T5869] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1494.630185][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1494.645000][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1495.124221][T13579] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1495.223588][T20078] ERROR: Out of memory at tomoyo_memory_ok.
[ 1495.350068][T13579] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1495.710262][T13579] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1495.932983][T13579] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1496.386065][T19400] Bluetooth: hci3: command tx timeout
[ 1496.812031][T20104] netlink: 'syz.0.2455': attribute type 1 has an invalid length.
[ 1496.977344][T20060] chnl_net:caif_netlink_parms(): no params data found
[ 1497.513243][T20112] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1497.779730][T13579] bridge_slave_1: left allmulticast mode
[ 1497.785926][T13579] bridge_slave_1: left promiscuous mode
[ 1497.830299][T13579] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1497.881883][T13579] bridge_slave_0: left allmulticast mode
[ 1497.912027][T13579] bridge_slave_0: left promiscuous mode
[ 1497.938126][T13579] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1498.133889][T20121] FAULT_INJECTION: forcing a failure.
[ 1498.133889][T20121] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1498.162532][T20121] CPU: 0 UID: 0 PID: 20121 Comm: syz.2.2457 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1498.162581][T20121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1498.162602][T20121] Call Trace:
[ 1498.162613][T20121]  <TASK>
[ 1498.162626][T20121]  dump_stack_lvl+0x16c/0x1f0
[ 1498.162674][T20121]  should_fail_ex+0x512/0x640
[ 1498.162721][T20121]  get_futex_key+0x1d0/0x1560
[ 1498.162775][T20121]  ? __pfx_get_futex_key+0x10/0x10
[ 1498.162814][T20121]  ? futex_private_hash_put+0x176/0x300
[ 1498.162866][T20121]  futex_wake+0xea/0x530
[ 1498.162919][T20121]  ? futex_wait+0x120/0x380
[ 1498.163168][T20121]  ? __pfx_futex_wait+0x10/0x10
[ 1498.163306][T20121]  ? __pfx_futex_wake+0x10/0x10
[ 1498.163370][T20121]  ? kmem_cache_free+0x2d1/0x4d0
[ 1498.163408][T20121]  ? find_held_lock+0x2b/0x80
[ 1498.163438][T20121]  ? putname+0x154/0x1a0
[ 1498.163482][T20121]  ? do_sys_openat2+0x1b0/0x1d0
[ 1498.163537][T20121]  do_futex+0x1e3/0x350
[ 1498.163593][T20121]  ? __pfx_do_futex+0x10/0x10
[ 1498.163634][T20121]  ? fdget+0x187/0x210
[ 1498.163673][T20121]  ? __sys_connect+0xe0/0x160
[ 1498.163730][T20121]  __x64_sys_futex+0x1e0/0x4c0
[ 1498.163777][T20121]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1498.163822][T20121]  ? xfd_validate_state+0x61/0x180
[ 1498.163894][T20121]  do_syscall_64+0xcd/0x490
[ 1498.163933][T20121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1498.163975][T20121] RIP: 0033:0x7f780b58ebe9
[ 1498.164002][T20121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1498.164035][T20121] RSP: 002b:00007f78097d50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1498.164066][T20121] RAX: ffffffffffffffda RBX: 00007f780b7b6098 RCX: 00007f780b58ebe9
[ 1498.164088][T20121] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f780b7b609c
[ 1498.164110][T20121] RBP: 00007f780b7b6090 R08: 00007f780c2ee000 R09: 0000000000000000
[ 1498.164132][T20121] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 1498.164151][T20121] R13: 00007f780b7b6128 R14: 00007fff938e5bc0 R15: 00007fff938e5ca8
[ 1498.164192][T20121]  </TASK>
[ 1498.446574][T19400] Bluetooth: hci3: command tx timeout
[ 1499.580448][T13579] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1499.676351][T13579] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1499.754375][T13579] bond0 (unregistering): Released all slaves
[ 1500.341481][T20060] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1500.396198][T20060] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1500.409704][T20060] bridge_slave_0: entered allmulticast mode
[ 1500.431824][T20060] bridge_slave_0: entered promiscuous mode
[ 1500.442641][T20060] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1500.460654][T20060] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1500.474466][T20060] bridge_slave_1: entered allmulticast mode
[ 1500.514570][T19400] Bluetooth: hci3: command tx timeout
[ 1500.520406][T20060] bridge_slave_1: entered promiscuous mode
[ 1500.597894][T20157] ptp ptp0: guarantee physical clock free running
[ 1500.894210][T20060] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1500.916123][T20060] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1500.940879][T20160] netlink: 'syz.3.2465': attribute type 1 has an invalid length.
[ 1501.631725][T20060] team0: Port device team_slave_0 added
[ 1501.930585][T20060] team0: Port device team_slave_1 added
[ 1502.238008][T20060] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1502.247035][T20060] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1502.324687][T20060] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1502.350002][T20060] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1502.358857][T20060] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1502.402344][T20060] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1502.593589][T19400] Bluetooth: hci3: command tx timeout
[ 1503.054610][T20060] hsr_slave_0: entered promiscuous mode
[ 1503.064432][T20060] hsr_slave_1: entered promiscuous mode
[ 1503.072572][T20060] debugfs: 'hsr0' already exists in 'hsr'
[ 1503.080272][T20060] Cannot create hsr debugfs directory
[ 1507.629571][T20235] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1507.672498][T20236] ERROR: Out of memory at tomoyo_memory_ok.
[ 1507.752141][T20237] ERROR: Out of memory at tomoyo_memory_ok.
[ 1508.362249][T20060] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1508.570522][T20060] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1508.667016][T20060] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1508.714291][T20060] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1508.824578][T20251] ERROR: Out of memory at tomoyo_memory_ok.
[ 1509.640731][T20060] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1509.762348][   T30] audit: type=1800 audit(6049472086.991:6): pid=20272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2478" name="members" dev="configfs" ino=55799 res=0 errno=0
[ 1510.174961][T20060] 8021q: adding VLAN 0 to HW filter on device team0
[ 1510.266105][   T76] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1510.273808][   T76] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1510.778885][T18476] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1510.786245][T18476] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1512.720763][T20321] netlink: 'syz.0.2486': attribute type 1 has an invalid length.
[ 1512.820473][T13579] hsr_slave_0: left promiscuous mode
[ 1512.855671][T13579] hsr_slave_1: left promiscuous mode
[ 1512.875956][T13579] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1512.924434][T13579] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1513.021048][T13579] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1513.072106][T13579] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1513.244931][T13579] veth1_macvtap: left promiscuous mode
[ 1513.266624][T13579] veth0_macvtap: left promiscuous mode
[ 1513.287954][T13579] veth1_vlan: left promiscuous mode
[ 1513.337690][T13579] veth0_vlan: left promiscuous mode
[ 1516.719194][T13579] team0 (unregistering): Port device team_slave_1 removed
[ 1516.939242][T13579] team0 (unregistering): Port device team_slave_0 removed
[ 1518.408053][T20396] netlink: 'syz.3.2495': attribute type 1 has an invalid length.
[ 1519.474753][T20060] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1519.987625][T20060] veth0_vlan: entered promiscuous mode
[ 1520.043888][T20060] veth1_vlan: entered promiscuous mode
[ 1520.204979][T20060] veth0_macvtap: entered promiscuous mode
[ 1520.283954][T20060] veth1_macvtap: entered promiscuous mode
[ 1520.379293][T20060] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1520.713453][T20060] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1521.069770][T19630] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1521.100850][T16265] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1521.156397][T16265] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1521.170813][T16265] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1522.007252][T19630] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1522.063087][T19630] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1522.276065][ T1318] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1522.287968][ T1318] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1524.076972][T20463] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1526.117470][ T5869] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1526.128850][ T5869] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1526.138960][ T5869] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1526.154517][ T5869] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1526.164159][ T5869] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1527.198940][ T3591] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1527.349908][ T3591] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1527.623256][ T3591] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1527.975462][T20495] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1528.210163][ T5869] Bluetooth: hci1: command tx timeout
[ 1528.555502][ T3591] netdevsim netdevsim15 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1529.150089][T20474] chnl_net:caif_netlink_parms(): no params data found
[ 1529.715008][ T3591] bridge_slave_1: left allmulticast mode
[ 1529.735592][ T3591] bridge_slave_1: left promiscuous mode
[ 1529.745755][ T3591] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1529.801162][ T3591] bridge_slave_0: left allmulticast mode
[ 1529.816134][T20515] syz.2.2513 uses obsolete (PF_INET,SOCK_PACKET)
[ 1529.828833][ T3591] bridge_slave_0: left promiscuous mode
[ 1529.872150][ T3591] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1529.948188][T20521] random: crng reseeded on system resumption
[ 1530.286702][ T5869] Bluetooth: hci1: command tx timeout
[ 1531.686543][ T3591] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1531.729859][ T3591] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1531.745340][ T3591] bond0 (unregistering): Released all slaves
[ 1531.962737][T20474] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1531.987479][T20474] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1532.004806][T20474] bridge_slave_0: entered allmulticast mode
[ 1532.015925][T20474] bridge_slave_0: entered promiscuous mode
[ 1532.044623][T20474] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1532.148449][T20474] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1532.164199][T20474] bridge_slave_1: entered allmulticast mode
[ 1532.193308][T20474] bridge_slave_1: entered promiscuous mode
[ 1532.348976][ T5869] Bluetooth: hci1: command tx timeout
[ 1532.856523][T20474] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1532.876933][T20474] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1533.139900][T20474] team0: Port device team_slave_0 added
[ 1533.286126][T20562] netlink: 'syz.3.2520': attribute type 1 has an invalid length.
[ 1533.301425][T20474] team0: Port device team_slave_1 added
[ 1533.773841][T20474] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1533.805116][T20474] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1533.853944][T20474] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1534.064634][T20474] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1534.149173][T20474] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1534.251578][T20474] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1534.419432][ T5869] Bluetooth: hci1: command tx timeout
[ 1534.943227][T20474] hsr_slave_0: entered promiscuous mode
[ 1534.966860][T20474] hsr_slave_1: entered promiscuous mode
[ 1534.998917][T20474] debugfs: 'hsr0' already exists in 'hsr'
[ 1535.047699][T20474] Cannot create hsr debugfs directory
[ 1535.077492][T20590] ERROR: Out of memory at tomoyo_memory_ok.
[ 1536.573348][T20606] ERROR: Out of memory at tomoyo_memory_ok.
[ 1536.615763][T20608] ERROR: Out of memory at tomoyo_memory_ok.
[ 1537.894028][T20625] ERROR: Out of memory at tomoyo_memory_ok.
[ 1539.087293][T20474] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1539.218049][T20474] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1539.365584][T20474] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1539.529186][T20474] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1539.916838][T20655] ERROR: Out of memory at tomoyo_memory_ok.
[ 1540.082988][T20657] ERROR: Out of memory at tomoyo_memory_ok.
[ 1540.923466][T20474] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1541.172184][T20474] 8021q: adding VLAN 0 to HW filter on device team0
[ 1541.399823][T16265] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1541.408960][T16265] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1541.793535][ T1318] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1541.803109][ T1318] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1542.350345][T20474] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1543.135013][T20704] ERROR: Out of memory at tomoyo_memory_ok.
[ 1544.461227][T20474] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1546.042096][ T3591] hsr_slave_0: left promiscuous mode
[ 1546.094032][ T3591] hsr_slave_1: left promiscuous mode
[ 1546.124752][ T3591] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1546.191532][ T3591] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1546.227130][ T3591] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1546.246320][ T3591] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1546.382774][ T3591] veth1_macvtap: left promiscuous mode
[ 1546.391836][ T3591] veth0_macvtap: left promiscuous mode
[ 1546.407086][ T3591] veth1_vlan: left promiscuous mode
[ 1546.414778][ T3591] veth0_vlan: left promiscuous mode
[ 1548.743840][ T3591] team0 (unregistering): Port device team_slave_1 removed
[ 1548.889002][ T3591] team0 (unregistering): Port device team_slave_0 removed
[ 1549.962115][T20474] veth0_vlan: entered promiscuous mode
[ 1550.116069][T20474] veth1_vlan: entered promiscuous mode
[ 1550.644964][T20474] veth0_macvtap: entered promiscuous mode
[ 1550.726843][T20474] veth1_macvtap: entered promiscuous mode
[ 1550.874774][T20474] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1550.984143][T20474] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1551.049926][T13579] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1551.100025][T13579] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1551.177985][T13579] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1551.249645][T13579] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1552.591763][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1552.649828][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1552.678792][T20810] ptp ptp0: guarantee physical clock free running
[ 1552.824945][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1552.862686][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1553.442452][T20820] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1553.476428][T20821] netlink: 'syz.0.2504': attribute type 1 has an invalid length.
[ 1554.747776][T20839] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1554.935550][T20841] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2555'.
[ 1555.652095][T20862] ptp ptp0: guarantee physical clock free running
[ 1555.764129][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1555.774304][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1555.956665][   T30] audit: type=1800 audit(6049472133.431:7): pid=20868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2559" name="members" dev="configfs" ino=58298 res=0 errno=0
[ 1556.375712][T20876] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1557.927847][T20900] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1558.325967][T20915] netlink: 'syz.2.2567': attribute type 1 has an invalid length.
[ 1560.654801][T20951] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1560.899487][T20948] FAULT_INJECTION: forcing a failure.
[ 1560.899487][T20948] name failslab, interval 1, probability 0, space 0, times 0
[ 1561.004419][T20948] CPU: 1 UID: 0 PID: 20948 Comm: syz.0.2573 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1561.004453][T20948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1561.004468][T20948] Call Trace:
[ 1561.004475][T20948]  <TASK>
[ 1561.004485][T20948]  dump_stack_lvl+0x16c/0x1f0
[ 1561.004514][T20948]  should_fail_ex+0x512/0x640
[ 1561.004544][T20948]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[ 1561.004578][T20948]  should_failslab+0xc2/0x120
[ 1561.004612][T20948]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[ 1561.004645][T20948]  ? shmem_alloc_inode+0x25/0x50
[ 1561.004683][T20948]  ? __pfx_shmem_alloc_inode+0x10/0x10
[ 1561.004715][T20948]  shmem_alloc_inode+0x25/0x50
[ 1561.004748][T20948]  alloc_inode+0x61/0x240
[ 1561.004783][T20948]  new_inode+0x22/0x1c0
[ 1561.004815][T20948]  ? trace_cap_capable+0x18d/0x200
[ 1561.004855][T20948]  shmem_get_inode+0x19a/0xfb0
[ 1561.005019][T20948]  ? __vm_enough_memory+0x184/0x3f0
[ 1561.005058][T20948]  __shmem_file_setup+0x279/0x330
[ 1561.005086][T20948]  shmem_zero_setup+0x93/0x1a0
[ 1561.005118][T20948]  __mmap_region+0x2081/0x27b0
[ 1561.005150][T20948]  ? lock_acquire+0x179/0x350
[ 1561.005183][T20948]  ? __pfx___mmap_region+0x10/0x10
[ 1561.005220][T20948]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1561.005246][T20948]  ? finish_task_switch.isra.0+0x221/0xc10
[ 1561.005286][T20948]  ? rcu_is_watching+0x12/0xc0
[ 1561.005312][T20948]  ? trace_sched_exit_tp+0xd1/0x120
[ 1561.005353][T20948]  ? __schedule+0x11a3/0x5de0
[ 1561.005424][T20948]  ? trace_cap_capable+0x18d/0x200
[ 1561.005473][T20948]  mmap_region+0x1ab/0x3f0
[ 1561.005503][T20948]  ? __get_unmapped_area+0x267/0x440
[ 1561.005543][T20948]  do_mmap+0xa3e/0x1210
[ 1561.005588][T20948]  ? __pfx_do_mmap+0x10/0x10
[ 1561.005624][T20948]  ? __pfx_down_write_killable+0x10/0x10
[ 1561.005663][T20948]  vm_mmap_pgoff+0x29e/0x470
[ 1561.005708][T20948]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1561.005751][T20948]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1561.005794][T20948]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1561.005844][T20948]  ksys_mmap_pgoff+0x7d/0x5c0
[ 1561.005881][T20948]  ? xfd_validate_state+0x61/0x180
[ 1561.005920][T20948]  ? __pfx_ksys_write+0x10/0x10
[ 1561.005952][T20948]  __x64_sys_mmap+0x125/0x190
[ 1561.005996][T20948]  do_syscall_64+0xcd/0x490
[ 1561.006026][T20948]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1561.006052][T20948] RIP: 0033:0x7f067bf8ebe9
[ 1561.006073][T20948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1561.006099][T20948] RSP: 002b:00007f067cecc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1561.006121][T20948] RAX: ffffffffffffffda RBX: 00007f067c1b5fa0 RCX: 00007f067bf8ebe9
[ 1561.006137][T20948] RDX: 00000000000000df RSI: 0000000000020009 RDI: 0000000000000000
[ 1561.006152][T20948] RBP: 00007f067c011e19 R08: 0000000000000401 R09: 0000000000008000
[ 1561.006168][T20948] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[ 1561.006183][T20948] R13: 00007f067c1b6038 R14: 00007f067c1b5fa0 R15: 00007ffe5324e728
[ 1561.006214][T20948]  </TASK>
[ 1562.310291][T20965] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1562.828494][   T30] audit: type=1800 audit(6049472140.327:8): pid=20984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2578" name="members" dev="configfs" ino=60607 res=0 errno=0
[ 1565.061728][T21015] netlink: 'syz.3.2583': attribute type 1 has an invalid length.
[ 1565.761541][T21027] netlink: 'syz.2.2585': attribute type 1 has an invalid length.
[ 1565.916778][T21031] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1566.676524][T21045] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1567.707503][T21061] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1568.706458][T21079] ptp ptp0: guarantee physical clock free running
[ 1570.545303][T21103] netlink: 'syz.2.2597': attribute type 1 has an invalid length.
[ 1570.786526][T21107] ERROR: Out of memory at tomoyo_memory_ok.
[ 1571.754653][T21125] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet.
[ 1572.545393][T21131] netlink: 'syz.0.2602': attribute type 1 has an invalid length.
[ 1573.039326][T21139] netlink: 'syz.1.2604': attribute type 1 has an invalid length.
[ 1574.115060][T21149] ERROR: Out of memory at tomoyo_memory_ok.
€[ 1576.463656][   T30] audit: type=1804 audit(6049472154.008:9): pid=21183 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2612" name="/newroot/34/file0" dev="tmpfs" ino=203 res=1 errno=0
[ 1576.814958][T21193] netlink: 'syz.0.2614': attribute type 1 has an invalid length.
[ 1577.321260][   T30] audit: type=1800 audit(6049472154.902:10): pid=21203 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2616" name="members" dev="configfs" ino=61081 res=0 errno=0
[ 1578.284918][T21214] ptp ptp0: guarantee physical clock free running
[ 1578.456974][T21220] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1579.753895][T21248] netlink: 'syz.0.2624': attribute type 1 has an invalid length.
[ 1589.382396][T21379] ERROR: Out of memory at tomoyo_memory_ok.
[ 1592.178153][T21409] netlink: 'syz.3.2650': attribute type 1 has an invalid length.
[ 1593.361574][T21419] FAULT_INJECTION: forcing a failure.
[ 1593.361574][T21419] name failslab, interval 1, probability 0, space 0, times 0
[ 1593.377834][T21419] CPU: 0 UID: 0 PID: 21419 Comm: syz.1.2652 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1593.377966][T21419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1593.377985][T21419] Call Trace:
[ 1593.377997][T21419]  <TASK>
[ 1593.378009][T21419]  dump_stack_lvl+0x16c/0x1f0
[ 1593.378050][T21419]  should_fail_ex+0x512/0x640
[ 1593.378089][T21419]  ? __kmalloc_noprof+0xbf/0x510
[ 1593.378315][T21419]  ? vhost_dev_set_owner+0x287/0xa50
[ 1593.378371][T21419]  should_failslab+0xc2/0x120
[ 1593.378420][T21419]  __kmalloc_noprof+0xd2/0x510
[ 1593.378460][T21419]  ? rcu_is_watching+0x12/0xc0
[ 1593.378500][T21419]  vhost_dev_set_owner+0x287/0xa50
[ 1593.378561][T21419]  vhost_net_ioctl+0xe1a/0x1840
[ 1593.378600][T21419]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1593.378658][T21419]  ? __pfx_vhost_net_ioctl+0x10/0x10
[ 1593.378704][T21419]  ? find_held_lock+0x2b/0x80
[ 1593.378737][T21419]  ? hook_file_ioctl_common+0x145/0x410
[ 1593.378788][T21419]  ? __fget_files+0x20e/0x3c0
[ 1593.378845][T21419]  ? __pfx_vhost_net_ioctl+0x10/0x10
[ 1593.378888][T21419]  __x64_sys_ioctl+0x18e/0x210
[ 1593.378947][T21419]  do_syscall_64+0xcd/0x490
[ 1593.378988][T21419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1593.379023][T21419] RIP: 0033:0x7f7097b8ebe9
[ 1593.379051][T21419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1593.379485][T21419] RSP: 002b:00007f7098952038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1593.379515][T21419] RAX: ffffffffffffffda RBX: 00007f7097db6270 RCX: 00007f7097b8ebe9
[ 1593.379540][T21419] RDX: 0000000000000005 RSI: 000000000000af01 RDI: 0000000000000008
[ 1593.379558][T21419] RBP: 00007f7098952090 R08: 0000000000000000 R09: 0000000000000000
[ 1593.379577][T21419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1593.379595][T21419] R13: 00007f7097db6308 R14: 00007f7097db6270 R15: 00007fff3e068818
[ 1593.379637][T21419]  </TASK>
[ 1593.799183][ T5869] Bluetooth: hci2: command 0x0406 tx timeout
[ 1595.528152][T21450] ERROR: Out of memory at tomoyo_memory_ok.
[ 1596.958938][T21464] ERROR: Out of memory at tomoyo_memory_ok.
[ 1597.206579][   T30] audit: type=1800 audit(6049472174.896:11): pid=21468 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2661" name="members" dev="configfs" ino=62543 res=0 errno=0
[ 1598.372748][T21476] netlink: 'syz.3.2663': attribute type 1 has an invalid length.
[ 1599.583938][T21497] netlink: 'syz.0.2667': attribute type 1 has an invalid length.
[ 1600.727855][T21510] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1600.898658][T21516] FAULT_INJECTION: forcing a failure.
[ 1600.898658][T21516] name failslab, interval 1, probability 0, space 0, times 0
[ 1600.925391][T21516] CPU: 0 UID: 0 PID: 21516 Comm: syz.2.2672 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1600.925435][T21516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1600.925455][T21516] Call Trace:
[ 1600.925465][T21516]  <TASK>
[ 1600.925477][T21516]  dump_stack_lvl+0x16c/0x1f0
[ 1600.925515][T21516]  should_fail_ex+0x512/0x640
[ 1600.925554][T21516]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1600.925592][T21516]  should_failslab+0xc2/0x120
[ 1600.925635][T21516]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1600.925670][T21516]  ? tty_open+0x13e/0xf90
[ 1600.925711][T21516]  ? __pfx_tty_open+0x10/0x10
[ 1600.925752][T21516]  tty_open+0x13e/0xf90
[ 1600.925800][T21516]  ? __pfx_tty_open+0x10/0x10
[ 1600.925841][T21516]  ? chrdev_open+0x10b/0x6a0
[ 1600.925888][T21516]  ? __pfx_tty_open+0x10/0x10
[ 1600.925928][T21516]  chrdev_open+0x231/0x6a0
[ 1600.925968][T21516]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1600.926022][T21516]  ? __pfx_chrdev_open+0x10/0x10
[ 1600.926066][T21516]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[ 1600.926112][T21516]  do_dentry_open+0x97f/0x1530
[ 1600.926152][T21516]  ? __pfx_chrdev_open+0x10/0x10
[ 1600.926212][T21516]  vfs_open+0x82/0x3f0
[ 1600.926265][T21516]  path_openat+0x1de4/0x2cb0
[ 1600.926317][T21516]  ? __pfx_path_openat+0x10/0x10
[ 1600.926368][T21516]  do_filp_open+0x20b/0x470
[ 1600.926408][T21516]  ? __pfx_do_filp_open+0x10/0x10
[ 1600.926477][T21516]  ? alloc_fd+0x471/0x7d0
[ 1600.926524][T21516]  do_sys_openat2+0x11b/0x1d0
[ 1600.926574][T21516]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1600.926629][T21516]  ? __fget_files+0x20e/0x3c0
[ 1600.926673][T21516]  __x64_sys_openat+0x174/0x210
[ 1600.926724][T21516]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1600.926775][T21516]  ? ksys_write+0x1ac/0x250
[ 1600.926828][T21516]  do_syscall_64+0xcd/0x490
[ 1600.926867][T21516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1600.926900][T21516] RIP: 0033:0x7f780b58ebe9
[ 1600.926925][T21516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1600.926955][T21516] RSP: 002b:00007f78097f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1600.926986][T21516] RAX: ffffffffffffffda RBX: 00007f780b7b5fa0 RCX: 00007f780b58ebe9
[ 1600.927007][T21516] RDX: 0000000000040001 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1600.927028][T21516] RBP: 00007f78097f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1600.927048][T21516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1600.927068][T21516] R13: 00007f780b7b6038 R14: 00007f780b7b5fa0 R15: 00007fff938e5ca8
[ 1600.927109][T21516]  </TASK>
[ 1602.129409][T21536] ERROR: Out of memory at tomoyo_memory_ok.
[ 1602.328369][T21535] ptp ptp0: guarantee physical clock free running
[ 1603.270130][T21549] netlink: 'syz.3.2678': attribute type 1 has an invalid length.
[ 1603.637746][T21556] ERROR: Out of memory at tomoyo_memory_ok.
[ 1604.546434][T21575] ptp ptp0: guarantee physical clock free running
[ 1604.755255][T21570] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„
[ 1605.038557][T21582] synth uevent: /module/l2tp_ip6: unknown uevent action string
[ 1605.280548][T21579] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2686'.
[ 1605.429573][T21598] FAULT_INJECTION: forcing a failure.
[ 1605.429573][T21598] name failslab, interval 1, probability 0, space 0, times 0
[ 1605.443256][T21598] CPU: 1 UID: 0 PID: 21598 Comm: syz.0.2691 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1605.443301][T21598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1605.443320][T21598] Call Trace:
[ 1605.443331][T21598]  <TASK>
[ 1605.443342][T21598]  dump_stack_lvl+0x16c/0x1f0
[ 1605.443382][T21598]  should_fail_ex+0x512/0x640
[ 1605.443420][T21598]  ? __kmalloc_noprof+0xbf/0x510
[ 1605.443468][T21598]  ? ethnl_default_set_doit+0x170/0x9d0
[ 1605.443502][T21598]  should_failslab+0xc2/0x120
[ 1605.443546][T21598]  __kmalloc_noprof+0xd2/0x510
[ 1605.443584][T21598]  ? __nla_parse+0x40/0x60
[ 1605.443638][T21598]  ethnl_default_set_doit+0x170/0x9d0
[ 1605.443681][T21598]  genl_family_rcv_msg_doit+0x209/0x2f0
[ 1605.443725][T21598]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1605.443784][T21598]  ? bpf_lsm_capable+0x9/0x10
[ 1605.443814][T21598]  ? security_capable+0x7e/0x260
[ 1605.443866][T21598]  ? ns_capable+0xd7/0x110
[ 1605.443906][T21598]  genl_rcv_msg+0x55c/0x800
[ 1605.443952][T21598]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1605.444006][T21598]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[ 1605.444057][T21598]  netlink_rcv_skb+0x158/0x420
[ 1605.444094][T21598]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1605.444137][T21598]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1605.444192][T21598]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1605.444234][T21598]  genl_rcv+0x28/0x40
[ 1605.444270][T21598]  netlink_unicast+0x5a7/0x870
[ 1605.444313][T21598]  ? __pfx_netlink_unicast+0x10/0x10
[ 1605.444350][T21598]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1605.444383][T21598]  ? __lock_acquire+0xb97/0x1ce0
[ 1605.444434][T21598]  netlink_sendmsg+0x8d1/0xdd0
[ 1605.444482][T21598]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1605.444523][T21598]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1605.444583][T21598]  ____sys_sendmsg+0xa98/0xc70
[ 1605.444636][T21598]  ? copy_msghdr_from_user+0x10a/0x160
[ 1605.444671][T21598]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1605.444737][T21598]  ___sys_sendmsg+0x134/0x1d0
[ 1605.444783][T21598]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1605.444856][T21598]  ? __mutex_unlock_slowpath+0x140/0x800
[ 1605.444905][T21598]  __sys_sendmsg+0x16d/0x220
[ 1605.444945][T21598]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1605.445014][T21598]  do_syscall_64+0xcd/0x490
[ 1605.445054][T21598]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1605.445085][T21598] RIP: 0033:0x7f067bf8ebe9
[ 1605.445108][T21598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1605.445138][T21598] RSP: 002b:00007f067cecc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1605.445168][T21598] RAX: ffffffffffffffda RBX: 00007f067c1b5fa0 RCX: 00007f067bf8ebe9
[ 1605.445188][T21598] RDX: 0000000004040000 RSI: 00002000000002c0 RDI: 0000000000000003
[ 1605.445208][T21598] RBP: 00007f067cecc090 R08: 0000000000000000 R09: 0000000000000000
[ 1605.445228][T21598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1605.445246][T21598] R13: 00007f067c1b6038 R14: 00007f067c1b5fa0 R15: 00007ffe5324e728
[ 1605.445288][T21598]  </TASK>
[ 1605.994156][T21603] netlink: 'syz.0.2692': attribute type 1 has an invalid length.
[ 1607.384275][   T30] audit: type=1800 audit(6049472185.119:12): pid=21620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2695" name="members" dev="configfs" ino=62165 res=0 errno=0
[ 1609.947355][T21649] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1610.222783][T21655] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[ 1611.298531][T21664] random: crng reseeded on system resumption
[ 1611.326543][T21666] ptp ptp0: guarantee physical clock free running
[ 1612.408336][T21678] kafs: addr_prefs: Invalid Command
[ 1614.755165][T21705] FAULT_INJECTION: forcing a failure.
[ 1614.755165][T21705] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1614.809879][T21705] CPU: 0 UID: 0 PID: 21705 Comm: syz.0.2714 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1614.809914][T21705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1614.809929][T21705] Call Trace:
[ 1614.809937][T21705]  <TASK>
[ 1614.809945][T21705]  dump_stack_lvl+0x16c/0x1f0
[ 1614.809975][T21705]  should_fail_ex+0x512/0x640
[ 1614.810281][T21705]  _copy_from_user+0x2e/0xd0
[ 1614.810322][T21705]  do_sock_getsockopt+0x3ca/0x440
[ 1614.810356][T21705]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1614.810385][T21705]  ? __fget_files+0x204/0x3c0
[ 1614.810424][T21705]  __sys_getsockopt+0x123/0x1b0
[ 1614.810454][T21705]  __x64_sys_getsockopt+0xbd/0x160
[ 1614.810476][T21705]  ? do_syscall_64+0x91/0x490
[ 1614.810501][T21705]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1614.810525][T21705]  do_syscall_64+0xcd/0x490
[ 1614.810552][T21705]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1614.810589][T21705] RIP: 0033:0x7f067bf8ebe9
[ 1614.810608][T21705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1614.810715][T21705] RSP: 002b:00007f067cecc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 1614.810748][T21705] RAX: ffffffffffffffda RBX: 00007f067c1b5fa0 RCX: 00007f067bf8ebe9
[ 1614.810764][T21705] RDX: 000000000000006d RSI: 0000000000000084 RDI: 0000000000000003
[ 1614.810778][T21705] RBP: 00007f067cecc090 R08: 0000200000000280 R09: 0000000000000000
[ 1614.810792][T21705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1614.810809][T21705] R13: 00007f067c1b6038 R14: 00007f067c1b5fa0 R15: 00007ffe5324e728
[ 1614.810848][T21705]  </TASK>
[ 1616.875959][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1616.882948][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1618.304549][T21737] ERROR: Out of memory at tomoyo_memory_ok.
[ 1618.940782][ T5869] Bluetooth: hci3: command 0x0406 tx timeout
[ 1619.627756][   T30] audit: type=1804 audit(6049472197.432:13): pid=21748 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2722" name="/newroot/95/file0" dev="tmpfs" ino=540 res=1 errno=0
[ 1623.187767][T21795] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1624.271591][T21801] ERROR: Out of memory at tomoyo_memory_ok.
[ 1624.626246][T21810] netlink: 29 bytes leftover after parsing attributes in process `syz.1.2736'.
[ 1624.796554][T21810] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[ 1626.927939][T21831] kvm: kvm [21830]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x9
[ 1627.894752][   T30] audit: type=1800 audit(6049472205.745:14): pid=21849 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2746" name="members" dev="configfs" ino=63748 res=0 errno=0
[ 1629.240504][   T30] audit: type=1800 audit(6049472207.082:15): pid=21869 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2750" name="members" dev="configfs" ino=65008 res=0 errno=0
[ 1630.588961][T21879] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2754'.
[ 1631.808186][T21900] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1633.107450][T21920] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1633.145947][T21920] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1633.185234][T21920] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1633.245883][T21920] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1633.255267][T21920] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1633.281625][T21920] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1633.389476][T21920] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1633.500997][T21920] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1633.925395][T21931] FAULT_INJECTION: forcing a failure.
[ 1633.925395][T21931] name failslab, interval 1, probability 0, space 0, times 0
[ 1633.988331][T21931] CPU: 0 UID: 0 PID: 21931 Comm: syz.1.2763 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1633.988377][T21931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1633.988395][T21931] Call Trace:
[ 1633.988406][T21931]  <TASK>
[ 1633.988417][T21931]  dump_stack_lvl+0x16c/0x1f0
[ 1633.988447][T21931]  should_fail_ex+0x512/0x640
[ 1633.988476][T21931]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1633.988504][T21931]  should_failslab+0xc2/0x120
[ 1633.988549][T21931]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1633.988576][T21931]  ? snd_seq_timer_new+0x44/0x1b0
[ 1633.988601][T21931]  ? lockdep_init_map_type+0x5c/0x280
[ 1633.988637][T21931]  snd_seq_timer_new+0x44/0x1b0
[ 1633.988662][T21931]  snd_seq_queue_alloc+0x177/0x5a0
[ 1633.988703][T21931]  snd_seq_ioctl_create_queue+0xa9/0x380
[ 1633.988732][T21931]  snd_seq_kernel_client_ctl+0x107/0x1c0
[ 1633.988766][T21931]  alloc_seq_queue+0xda/0x180
[ 1633.988807][T21931]  ? __pfx_alloc_seq_queue+0x10/0x10
[ 1633.988855][T21931]  ? mark_held_locks+0x49/0x80
[ 1633.988885][T21931]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1633.988926][T21931]  snd_seq_oss_open+0x38c/0xa20
[ 1633.988962][T21931]  odev_open+0x6f/0x90
[ 1633.988988][T21931]  ? __pfx_odev_open+0x10/0x10
[ 1633.989014][T21931]  soundcore_open+0x40c/0x580
[ 1633.989043][T21931]  ? __pfx_soundcore_open+0x10/0x10
[ 1633.989070][T21931]  chrdev_open+0x231/0x6a0
[ 1633.989100][T21931]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1633.989139][T21931]  ? __pfx_chrdev_open+0x10/0x10
[ 1633.989171][T21931]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[ 1633.989204][T21931]  do_dentry_open+0x97f/0x1530
[ 1633.989234][T21931]  ? __pfx_chrdev_open+0x10/0x10
[ 1633.989270][T21931]  vfs_open+0x82/0x3f0
[ 1633.989316][T21931]  path_openat+0x1de4/0x2cb0
[ 1633.989373][T21931]  ? __pfx_path_openat+0x10/0x10
[ 1633.989411][T21931]  do_filp_open+0x20b/0x470
[ 1633.989440][T21931]  ? __pfx_do_filp_open+0x10/0x10
[ 1633.989489][T21931]  ? alloc_fd+0x471/0x7d0
[ 1633.989529][T21931]  do_sys_openat2+0x11b/0x1d0
[ 1633.989566][T21931]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1633.989604][T21931]  ? do_fcntl+0x1eb/0x15a0
[ 1633.989644][T21931]  __x64_sys_openat+0x174/0x210
[ 1633.989688][T21931]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1633.989751][T21931]  do_syscall_64+0xcd/0x490
[ 1633.989791][T21931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1633.989824][T21931] RIP: 0033:0x7f7097b8ebe9
[ 1633.989849][T21931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1633.989882][T21931] RSP: 002b:00007f70989b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1633.989914][T21931] RAX: ffffffffffffffda RBX: 00007f7097db5fa0 RCX: 00007f7097b8ebe9
[ 1633.989934][T21931] RDX: 0000000000143900 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1633.989956][T21931] RBP: 00007f7097c11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1633.989976][T21931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1633.989996][T21931] R13: 00007f7097db6038 R14: 00007f7097db5fa0 R15: 00007fff3e068818
[ 1633.990027][T21931]  </TASK>
[ 1635.173878][T19400] Bluetooth: hci2: command 0x0406 tx timeout
[ 1635.173921][ T5869] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1635.263466][ T5869] Bluetooth: hci3: command 0x0406 tx timeout
[ 1635.332879][ T5869] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1636.005316][T21943] FAULT_INJECTION: forcing a failure.
[ 1636.005316][T21943] name failslab, interval 1, probability 0, space 0, times 0
[ 1636.079209][T21943] CPU: 0 UID: 0 PID: 21943 Comm: syz.3.2766 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1636.079255][T21943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1636.079274][T21943] Call Trace:
[ 1636.079284][T21943]  <TASK>
[ 1636.079297][T21943]  dump_stack_lvl+0x16c/0x1f0
[ 1636.079336][T21943]  should_fail_ex+0x512/0x640
[ 1636.079375][T21943]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1636.079418][T21943]  should_failslab+0xc2/0x120
[ 1636.079462][T21943]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1636.079500][T21943]  ? trace_cap_capable+0x18d/0x200
[ 1636.079550][T21943]  ? vm_area_dup+0x27/0x8d0
[ 1636.079590][T21943]  vm_area_dup+0x27/0x8d0
[ 1636.079628][T21943]  dup_mmap+0x877/0x21d0
[ 1636.079694][T21943]  ? __pfx_dup_mmap+0x10/0x10
[ 1636.079773][T21943]  copy_process+0x4081/0x7690
[ 1636.079814][T21943]  ? __pfx___futex_wait+0x10/0x10
[ 1636.079879][T21943]  ? __pfx_copy_process+0x10/0x10
[ 1636.079920][T21943]  ? futex_private_hash_put+0x176/0x300
[ 1636.079964][T21943]  ? futex_private_hash_put+0x18a/0x300
[ 1636.080011][T21943]  kernel_clone+0xfc/0x930
[ 1636.080057][T21943]  ? __pfx_kernel_clone+0x10/0x10
[ 1636.080133][T21943]  __do_sys_clone+0xce/0x120
[ 1636.080175][T21943]  ? __pfx___do_sys_clone+0x10/0x10
[ 1636.080239][T21943]  ? xfd_validate_state+0x61/0x180
[ 1636.080284][T21943]  ? __pfx_do_writev+0x10/0x10
[ 1636.080332][T21943]  do_syscall_64+0xcd/0x490
[ 1636.080372][T21943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1636.080405][T21943] RIP: 0033:0x7f5a6358ebe9
[ 1636.080431][T21943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1636.080461][T21943] RSP: 002b:00007f5a64496fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1636.080492][T21943] RAX: ffffffffffffffda RBX: 00007f5a637b6180 RCX: 00007f5a6358ebe9
[ 1636.080514][T21943] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411
[ 1636.080533][T21943] RBP: 00007f5a63611e19 R08: 0000000000000000 R09: 0000000000000000
[ 1636.080553][T21943] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1636.080572][T21943] R13: 00007f5a637b6218 R14: 00007f5a637b6180 R15: 00007ffedd2fba48
[ 1636.080615][T21943]  </TASK>
[ 1636.368675][T21950] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1637.247671][T19400] Bluetooth: hci2: command 0x0406 tx timeout
[ 1637.322599][T19400] Bluetooth: hci3: command 0x0406 tx timeout
[ 1637.402213][T19400] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1639.241207][T21987] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1639.471541][T19400] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1640.156893][   T30] audit: type=1800 audit(6049472218.059:16): pid=21996 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2779" name="members" dev="configfs" ino=64150 res=0 errno=0
[ 1640.585360][T22002] ==================================================================
[ 1640.593483][T22002] BUG: KASAN: slab-use-after-free in force_devcd_write+0x312/0x340
[ 1640.601440][T22002] Read of size 8 at addr ffff888026b47000 by task syz.1.2778/22002
[ 1640.609525][T22002] 
[ 1640.611978][T22002] CPU: 0 UID: 0 PID: 22002 Comm: syz.1.2778 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1640.612014][T22002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1640.612029][T22002] Call Trace:
[ 1640.612039][T22002]  <TASK>
[ 1640.612048][T22002]  dump_stack_lvl+0x116/0x1f0
[ 1640.612080][T22002]  print_report+0xcd/0x630
[ 1640.612111][T22002]  ? __virt_addr_valid+0x81/0x610
[ 1640.612141][T22002]  ? __phys_addr+0xe8/0x180
[ 1640.612171][T22002]  ? force_devcd_write+0x312/0x340
[ 1640.612204][T22002]  kasan_report+0xe0/0x110
[ 1640.612235][T22002]  ? force_devcd_write+0x312/0x340
[ 1640.612265][T22002]  force_devcd_write+0x312/0x340
[ 1640.612291][T22002]  ? __pfx_force_devcd_write+0x10/0x10
[ 1640.612317][T22002]  ? __debugfs_file_get+0x1fe/0x840
[ 1640.612350][T22002]  ? __pfx___debugfs_file_get+0x10/0x10
[ 1640.612386][T22002]  full_proxy_write+0x12e/0x1a0
[ 1640.612419][T22002]  ? __pfx_full_proxy_write+0x10/0x10
[ 1640.612451][T22002]  vfs_write+0x29d/0x1150
[ 1640.612480][T22002]  ? __pfx___mutex_lock+0x10/0x10
[ 1640.612506][T22002]  ? __pfx_vfs_write+0x10/0x10
[ 1640.612537][T22002]  ? __fget_files+0x20e/0x3c0
[ 1640.612567][T22002]  ksys_write+0x12a/0x250
[ 1640.612593][T22002]  ? __pfx_ksys_write+0x10/0x10
[ 1640.612625][T22002]  do_syscall_64+0xcd/0x490
[ 1640.612651][T22002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1640.612676][T22002] RIP: 0033:0x7f7097b8ebe9
[ 1640.612695][T22002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1640.612733][T22002] RSP: 002b:00007f7098994038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1640.612755][T22002] RAX: ffffffffffffffda RBX: 00007f7097db6090 RCX: 00007f7097b8ebe9
[ 1640.612772][T22002] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000007
[ 1640.612786][T22002] RBP: 00007f7097c11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1640.612801][T22002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1640.612815][T22002] R13: 00007f7097db6128 R14: 00007f7097db6090 R15: 00007fff3e068818
[ 1640.612838][T22002]  </TASK>
[ 1640.612846][T22002] 
[ 1640.826857][T22002] Allocated by task 16265:
[ 1640.831545][T22002]  kasan_save_stack+0x33/0x60
[ 1640.836338][T22002]  kasan_save_track+0x14/0x30
[ 1640.841240][T22002]  __kasan_kmalloc+0xaa/0xb0
[ 1640.845947][T22002]  __kmalloc_noprof+0x223/0x510
[ 1640.850847][T22002]  ieee802_11_parse_elems_full+0x1db/0x3780
[ 1640.856971][T22002]  ieee80211_inform_bss+0x10b/0x1140
[ 1640.862392][T22002]  cfg80211_inform_single_bss_data+0x8ea/0x1df0
[ 1640.869035][T22002]  cfg80211_inform_bss_data+0x224/0x3bd0
[ 1640.874894][T22002]  cfg80211_inform_bss_frame_data+0x26f/0x750
[ 1640.881116][T22002]  ieee80211_bss_info_update+0x310/0xab0
[ 1640.886880][T22002]  ieee80211_scan_rx+0x4cf/0xb30
[ 1640.892215][T22002]  ieee80211_rx_list+0x1bdb/0x2980
[ 1640.897395][T22002]  ieee80211_rx_napi+0xdc/0x410
[ 1640.902392][T22002]  ieee80211_handle_queued_frames+0xd5/0x130
[ 1640.908584][T22002]  tasklet_action_common+0x284/0x400
[ 1640.914011][T22002]  handle_softirqs+0x219/0x8e0
[ 1640.918877][T22002]  do_softirq+0xb2/0xf0
[ 1640.923169][T22002]  __local_bh_enable_ip+0x100/0x120
[ 1640.928425][T22002]  cfg80211_inform_single_bss_data+0x9ae/0x1df0
[ 1640.934829][T22002]  cfg80211_inform_bss_data+0x224/0x3bd0
[ 1640.940713][T22002]  cfg80211_inform_bss_frame_data+0x26f/0x750
[ 1640.946925][T22002]  ieee80211_bss_info_update+0x310/0xab0
[ 1640.952613][T22002]  ieee80211_ibss_rx_queued_mgmt+0x1905/0x2fd0
[ 1640.958836][T22002]  ieee80211_iface_work+0xe2e/0x1360
[ 1640.964209][T22002]  cfg80211_wiphy_work+0x2c7/0x580
[ 1640.969358][T22002]  process_one_work+0x9cc/0x1b70
[ 1640.974442][T22002]  worker_thread+0x6c8/0xf10
[ 1640.979064][T22002]  kthread+0x3c5/0x780
[ 1640.983265][T22002]  ret_from_fork+0x5d7/0x6f0
[ 1640.987902][T22002]  ret_from_fork_asm+0x1a/0x30
[ 1640.992713][T22002] 
[ 1640.995145][T22002] Freed by task 16265:
[ 1640.999226][T22002]  kasan_save_stack+0x33/0x60
[ 1641.004077][T22002]  kasan_save_track+0x14/0x30
[ 1641.008842][T22002]  kasan_save_free_info+0x3b/0x60
[ 1641.013900][T22002]  __kasan_slab_free+0x60/0x70
[ 1641.018707][T22002]  kfree+0x2b4/0x4d0
[ 1641.022724][T22002]  ieee80211_inform_bss+0x77c/0x1140
[ 1641.028227][T22002]  cfg80211_inform_single_bss_data+0x8ea/0x1df0
[ 1641.034538][T22002]  cfg80211_inform_bss_data+0x224/0x3bd0
[ 1641.040223][T22002]  cfg80211_inform_bss_frame_data+0x26f/0x750
[ 1641.046428][T22002]  ieee80211_bss_info_update+0x310/0xab0
[ 1641.052199][T22002]  ieee80211_scan_rx+0x4cf/0xb30
[ 1641.057443][T22002]  ieee80211_rx_list+0x1bdb/0x2980
[ 1641.062643][T22002]  ieee80211_rx_napi+0xdc/0x410
[ 1641.067586][T22002]  ieee80211_handle_queued_frames+0xd5/0x130
[ 1641.073699][T22002]  tasklet_action_common+0x284/0x400
[ 1641.079036][T22002]  handle_softirqs+0x219/0x8e0
[ 1641.084022][T22002]  do_softirq+0xb2/0xf0
[ 1641.088388][T22002]  __local_bh_enable_ip+0x100/0x120
[ 1641.093817][T22002]  cfg80211_inform_single_bss_data+0x9ae/0x1df0
[ 1641.100276][T22002]  cfg80211_inform_bss_data+0x224/0x3bd0
[ 1641.105953][T22002]  cfg80211_inform_bss_frame_data+0x26f/0x750
[ 1641.112264][T22002]  ieee80211_bss_info_update+0x310/0xab0
[ 1641.117953][T22002]  ieee80211_ibss_rx_queued_mgmt+0x1905/0x2fd0
[ 1641.124176][T22002]  ieee80211_iface_work+0xe2e/0x1360
[ 1641.129510][T22002]  cfg80211_wiphy_work+0x2c7/0x580
[ 1641.134908][T22002]  process_one_work+0x9cc/0x1b70
[ 1641.140262][T22002]  worker_thread+0x6c8/0xf10
[ 1641.145070][T22002]  kthread+0x3c5/0x780
[ 1641.149177][T22002]  ret_from_fork+0x5d7/0x6f0
[ 1641.153989][T22002]  ret_from_fork_asm+0x1a/0x30
[ 1641.158870][T22002] 
[ 1641.161210][T22002] The buggy address belongs to the object at ffff888026b47000
[ 1641.161210][T22002]  which belongs to the cache kmalloc-1k of size 1024
[ 1641.175467][T22002] The buggy address is located 0 bytes inside of
[ 1641.175467][T22002]  freed 1024-byte region [ffff888026b47000, ffff888026b47400)
[ 1641.189226][T22002] 
[ 1641.191731][T22002] The buggy address belongs to the physical page:
[ 1641.198180][T22002] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x26b40
[ 1641.207272][T22002] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1641.216017][T22002] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1641.223896][T22002] page_type: f5(slab)
[ 1641.228015][T22002] raw: 00fff00000000040 ffff88801b841dc0 ffffea000163f400 dead000000000002
[ 1641.236899][T22002] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1641.245755][T22002] head: 00fff00000000040 ffff88801b841dc0 ffffea000163f400 dead000000000002
[ 1641.254550][T22002] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1641.263732][T22002] head: 00fff00000000003 ffffea00009ad001 00000000ffffffff 00000000ffffffff
[ 1641.272795][T22002] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 1641.281585][T22002] page dumped because: kasan: bad access detected
[ 1641.288132][T22002] page_owner tracks the page as allocated
[ 1641.293881][T22002] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 16987829587, free_ts 0
[ 1641.314179][T22002]  post_alloc_hook+0x1c0/0x230
[ 1641.319113][T22002]  get_page_from_freelist+0x132b/0x38e0
[ 1641.324979][T22002]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1641.331616][T22002]  alloc_pages_mpol+0x1fb/0x550
[ 1641.336572][T22002]  new_slab+0x247/0x330
[ 1641.341108][T22002]  ___slab_alloc+0xcf2/0x1740
[ 1641.345814][T22002]  __slab_alloc.constprop.0+0x56/0xb0
[ 1641.351322][T22002]  __kmalloc_cache_noprof+0xfb/0x3e0
[ 1641.356725][T22002]  class_register+0xb5/0x460
[ 1641.361570][T22002]  spi_transport_init+0x164/0x210
[ 1641.366655][T22002]  do_one_initcall+0x120/0x6e0
[ 1641.371857][T22002]  kernel_init_freeable+0x5c2/0x910
[ 1641.377539][T22002]  kernel_init+0x1c/0x2b0
[ 1641.382110][T22002]  ret_from_fork+0x5d7/0x6f0
[ 1641.386828][T22002]  ret_from_fork_asm+0x1a/0x30
[ 1641.391795][T22002] page_owner free stack trace missing
[ 1641.397488][T22002] 
[ 1641.399999][T22002] Memory state around the buggy address:
[ 1641.405823][T22002]  ffff888026b46f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1641.414084][T22002]  ffff888026b46f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1641.422435][T22002] >ffff888026b47000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1641.430724][T22002]                    ^
[ 1641.435194][T22002]  ffff888026b47080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1641.443533][T22002]  ffff888026b47100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1641.451806][T22002] ==================================================================
[ 1641.460155][    C0] vkms_vblank_simulate: vblank timer overrun
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1641.603764][T22002] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1641.611394][T22002] CPU: 1 UID: 0 PID: 22002 Comm: syz.1.2778 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) 
[ 1641.623676][T22002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1641.634024][T22002] Call Trace:
[ 1641.637324][T22002]  <TASK>
[ 1641.640657][T22002]  dump_stack_lvl+0x3d/0x1f0
[ 1641.645279][T22002]  vpanic+0x6e8/0x7a0
[ 1641.649378][T22002]  ? __pfx_vpanic+0x10/0x10
[ 1641.653917][T22002]  ? __pfx_vprintk_emit+0x10/0x10
[ 1641.659185][T22002]  ? force_devcd_write+0x312/0x340
[ 1641.664336][T22002]  panic+0xca/0xd0
[ 1641.668108][T22002]  ? __pfx_panic+0x10/0x10
[ 1641.672721][T22002]  ? force_devcd_write+0x312/0x340
[ 1641.677890][T22002]  ? preempt_schedule_common+0x44/0xc0
[ 1641.683485][T22002]  ? preempt_schedule_thunk+0x16/0x30
[ 1641.689344][T22002]  check_panic_on_warn+0xab/0xb0
[ 1641.694423][T22002]  end_report+0x107/0x170
[ 1641.698901][T22002]  kasan_report+0xee/0x110
[ 1641.703474][T22002]  ? force_devcd_write+0x312/0x340
[ 1641.708737][T22002]  force_devcd_write+0x312/0x340
[ 1641.713886][T22002]  ? __pfx_force_devcd_write+0x10/0x10
[ 1641.719379][T22002]  ? __debugfs_file_get+0x1fe/0x840
[ 1641.724613][T22002]  ? __pfx___debugfs_file_get+0x10/0x10
[ 1641.730272][T22002]  full_proxy_write+0x12e/0x1a0
[ 1641.735735][T22002]  ? __pfx_full_proxy_write+0x10/0x10
[ 1641.741347][T22002]  vfs_write+0x29d/0x1150
[ 1641.745705][T22002]  ? __pfx___mutex_lock+0x10/0x10
[ 1641.750755][T22002]  ? __pfx_vfs_write+0x10/0x10
[ 1641.755554][T22002]  ? __fget_files+0x20e/0x3c0
[ 1641.760353][T22002]  ksys_write+0x12a/0x250
[ 1641.765152][T22002]  ? __pfx_ksys_write+0x10/0x10
[ 1641.770313][T22002]  do_syscall_64+0xcd/0x490
[ 1641.775033][T22002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1641.780996][T22002] RIP: 0033:0x7f7097b8ebe9
[ 1641.785597][T22002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1641.805923][T22002] RSP: 002b:00007f7098994038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1641.814449][T22002] RAX: ffffffffffffffda RBX: 00007f7097db6090 RCX: 00007f7097b8ebe9
[ 1641.822675][T22002] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000007
[ 1641.831221][T22002] RBP: 00007f7097c11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1641.839640][T22002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1641.847900][T22002] R13: 00007f7097db6128 R14: 00007f7097db6090 R15: 00007fff3e068818
[ 1641.856193][T22002]  </TASK>
[ 1641.859821][T22002] Kernel Offset: disabled
[ 1641.864196][T22002] Rebooting in 86400 seconds..