last executing test programs:

5m55.054179784s ago: executing program 0 (id=324):
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r0, &(0x7f0000000080)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x20000)
socket(0x1f, 0x6, 0x4000c)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r3)
ioctl$auto_KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x40000081, 0x400, 0x9}]})
mmap$auto(0x0, 0x6, 0xdf, 0xeb1, 0x401, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000680)='/dev/video15\x00', 0xe0a81, 0x0)
ioctl$auto(r5, 0xc008561b, r4)
ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae90, &(0x7f0000000300)={0x2})
set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7, 0x9)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r6, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
ioctl$auto(0x3, 0x80045438, 0x10000000000402)
sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000300)={0x28, 0x0, 0x100, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_BANDWIDTH_DOWN={0x8, 0x1c, 0x3ff}, @BATADV_ATTR_BLA_ADDRESS={0xa, 0x1f, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}]}, 0x28}, 0x1, 0x0, 0x0, 0x24004800}, 0x4)
r7 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000600)={&(0x7f0000000440)=ANY=[@ANYBLOB="98010000", @ANYRES16=r7, @ANYBLOB="000126bd7000fddbdf25030000000c0008000d000000000000000c00080001000000010000000c00020001000000000000000c00040001000000000000800c00030009000000000000000c00050006000000000000000c000400080000000000000023010780977961b957adfecbba320f9883fa449640fcdb5a6b3ada4952e6365eff9d88c197915a1e38bc657e5f45165037529c987690e10687af33d9072a4037ce179c89d92bea11bc6ad60b41e8e07c7bb82c3042d033b64e86a2b18da7e5c34276f452614792f2b4994bfdedd6dbd6c747d0d4a3909aef61d38ab1fc54b7a1d66136a0ba3931c2710007f3dfc174615c74ad2a346619e28c70829925ce1949e914a4247eca4d4b99a11f50e28b08dd5ed4120522f3bee44ceadf1bd5c660050df0ccc1e735fe038f6643f6ee559e064b92b4f1af577e60a6e4cea4f799546c838fc307e5ca1837bb2d52e54195df16ad2a7c058985555803f021b361e53239961df5211db3226abe13a27a5c4a6e5136368af9103a6dbd729de518b202ab7ccfad0d000c0008000000000000000000"], 0x198}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000000)
r8 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$auto_IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="00022bbd7000fdc9df252a000000050023007f000000"], 0x1c}, 0x1, 0x0, 0x0, 0x24004801}, 0x4004000)
sendmsg$auto_IEEE802154_ASSOCIATE_REQ(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4000044}, 0x20000004)
unshare$auto(0x8000400)

5m53.742958117s ago: executing program 0 (id=325):
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x0)
r0 = socket(0x22, 0x2, 0x808000)
openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x44040)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0x1b}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000000000)="351ff6218163cce8505bf40fca856149f185354f86f6766b73aeb066b2a65290e689cb5a9cd45a63766508ae821ea42a555887244ce3a5676c4a8f62c1dadfd6efc8b8dd0eae0c03292f536b2b5042c923", 0x51)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TCFLSH2(r1, 0x5408, 0x0)
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
madvise$auto(0x0, 0xffffffffffff0006, 0x17)
r2 = socket(0x2, 0x1, 0x106)
bind$auto(r2, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x54)
openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
bind$auto(0x3, 0x0, 0x6a)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0xf5df3883093a58f3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x2041, 0x1, 0x0, 0xffffffffffffffff, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, 0x0, 0x0)
sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff)
select$auto(0x10009, &(0x7f00000000c0)={[0x3, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4a1d, 0x4618ecd2, 0x6, 0x42ff, 0x6, 0x9a8b, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb})
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)

5m52.490327153s ago: executing program 0 (id=330):
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer\x00', 0x80091, 0x0)
write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f0000000b40)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a6e6d37d8682bbe1801337384767b4e9a4eb306d380dd08966b8a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110a33ae74c38e4643a7bc3b35a7248431450ca8901467ea6dc5d8810ee90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103003083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f7ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc0708019cc1c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58e82175de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f3d1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f85443b6e7fdac9acb79e5258a865eed633ff5356d13a3e9923bcd8e6d177c9fb8618f9397c98d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1aea8a312cbd0d77cb96c89e239bacfe656d9b0948de480ce2ba3b4dbcb180089d5eb0f8f481e02f7d4628e9134b6e52881572a398e4edd6f01f90983826d726c73dae42114f514bbc798a1aa3e591dddc7d4ba3f293288ba54f696fa25cc2f8721c3e380dd04bf05801f9001e190601fcbcea6aa6a2d7900e6823f480185ef9c3b4ed19c4f94c108067c89d79bc4e0da0112280ecd0caff8a454fb3e6655dc6a35cdd053aef882e403458754f5e84bd2210f18a61106af8c5a2c18dc48ff87cfda6d545014009a167570f0550e5121d0bdf4b20a1177b708e5515ee33db3baf29633440999ddd36eb0299a1efcd8934ab60c1a88d9db6fa0d2b3f0bf12e87630e0dc5eddca8f291ad85141391e6f9fe56ee4ddb39a1ac7a573cb69ec14f012ea0b721df3ea40747d1130a61802e859519ae1bc5a3673105fa87485f88b8981a3a208a3576848c2df152a023f5e573c867b43b10247336b110956eb28e5288d7aa19219e8324857cdf6d17530385720afd5a1ffd23aa1bd061b73caafa05afdd1441040989d081814635347f1d55669b1c38be4698e3a085e2010e35d2747b4e39ef4920f58d6b4585d737c13221a44ad5543099bb0ab228722ef9cbc0d62117801249583e659ab51984f188b6141a51f8f7ac15336bf5382978ff94561a3719a20b1f742ae43bef2bfc25d915aed745dd9c029e8882b6f425b0aea6979a0d7948ab2d8804bdf864b8e23038458c3ce505fa11c4bad6f40672b06ba0f4b1a0b5a6d2fc636dae6c365f4f35186e900cc22a6d5b494fb9b89745514d2da591296ac31a7dc81037174f80e9c2b", 0x534)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
gettimeofday$auto(&(0x7f0000000000)={0x8, 0xd0}, &(0x7f0000000040)={0xec, 0xffff7fff})
r2 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), r1)
sendmsg$auto_NL80211_CMD_SET_CQM(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, 0x0, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@NL80211_ATTR_WPA_VERSIONS={0x8, 0x4b, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x10)
sendmsg$auto_OVS_FLOW_CMD_GET(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd29, 0x25dfdc00, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x10, 0x0, 0x1, [@typed={0x6, 0x9, 0x0, 0x0, @binary="f541"}]}]}]}, 0x28}}, 0x810)
r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
ioctl$auto(r3, 0x227a, 0xffffffffffffffff)

5m51.919363321s ago: executing program 0 (id=331):
unshare$auto(0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_transactions_fops_(0xffffffffffffff9c, &(0x7f0000001100), 0x0, 0x0) (async, rerun: 64)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) (rerun: 64)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/devices/platform/i8042/serio0/softraw\x00', 0x141042, 0x0) (async)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
r1 = socket(0x2, 0x1, 0x0) (async)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x92000, 0x0) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xebd, 0x401, 0x8000) (async)
r2 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x20140, 0x0)
ioctl$auto_SNAPSHOT_S2RAM(r2, 0x330b, 0x0) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000d40), 0xffffffffffffffff) (async, rerun: 32)
sendmsg$auto_NFSD_CMD_LISTENER_GET(r1, 0x0, 0x24000005) (async, rerun: 32)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async)
r4 = openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x103700, 0x0) (async)
io_uring_register$auto_IORING_UNREGISTER_EVENTFD(r3, 0x5, &(0x7f0000000200)="2930c7030f9f0fcee754432141ae3a505920a0722819a16ad926d9108851f5d5c9aadf33d17c5fa6255ba4a6cccde4e9f96fe150a6d823d9646a65d2072a34438d5c0ff18897fbf69d9ea7eb74093399ffd25f43d55d2712430b86c743267d8ee51bc6051d5cd68974b084af81a89e2ff3811d8c129c0a83b31affbb4c26bcd774e03f0a3d1c8d557e2c1c3fe06c9fd45675e588299cdf42d27c3fe56e99ea", 0x9)
read$auto(r4, 0x0, 0x4000000081) (async)
bind$auto(r0, &(0x7f0000000100)=@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x2) (async)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x2, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000001) (async)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) (async)
r5 = syz_genetlink_get_family_id$auto_nl80211(0x0, r1)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="74b23d76d8537dd8eb31438d160d49464fbbd5c25cdcb43873e75127538dfe3a7b9bef"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x48) (async)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)

5m49.630158383s ago: executing program 0 (id=339):
symlink$auto(&(0x7f0000000180)='./file1\x00', &(0x7f0000000040)='./file1\x00')
readlink$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0xa05)

5m49.077906399s ago: executing program 0 (id=341):
r0 = socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
prctl$auto(0x3e, 0x4, 0x0, 0xfffffffffffffffd, 0x80)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x3, 0x2)
clock_gettime$auto(0x1, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00)
setresuid$auto(0x0, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x11, 0x3, 0x2)
getsockopt$auto(r1, 0x9, 0xf7dffffd, 0x0, 0x0)
setuid$auto(0x0)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x84000, 0x0)
fsconfig$auto(r0, 0x3e63064a, &(0x7f0000000000)='!-}!,]$@\x00', &(0x7f00000001c0)="b27833bd08b86f9264724d395c48c56fb7f47fff5069ea0668d17597f82d7bf283c71b2c645049a659b3a36b123744cc9c7033aa5f0dd573824f611d81133f787802292b148d47fc6c9bd08ed17ee6bf657a41f6e8cdce9cec3ff6866ba189ae1735bc2397ac90f69054b28a35695611008f478da85b9f1812b1eec042c769cdeddb39ccdec3b07741b63cb1154f700d1d5f725914a1b2a221903b411e525e72b2df0a4076335d37826eb02b", 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x240007, 0x19)
migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendto$auto(0xffffffffffffffff, 0x0, 0x4, 0x8, 0x0, 0x801)
move_pages$auto(0x0, 0xa0000000000000, 0x0, &(0x7f0000001140), 0x0, 0x2)
r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0)
pread64$auto(r2, &(0x7f0000000340)='/proc/Nes\x00'/22, 0x100000001, 0x100)

5m33.784712897s ago: executing program 32 (id=341):
r0 = socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
prctl$auto(0x3e, 0x4, 0x0, 0xfffffffffffffffd, 0x80)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x3, 0x2)
clock_gettime$auto(0x1, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00)
setresuid$auto(0x0, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x11, 0x3, 0x2)
getsockopt$auto(r1, 0x9, 0xf7dffffd, 0x0, 0x0)
setuid$auto(0x0)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x84000, 0x0)
fsconfig$auto(r0, 0x3e63064a, &(0x7f0000000000)='!-}!,]$@\x00', &(0x7f00000001c0)="b27833bd08b86f9264724d395c48c56fb7f47fff5069ea0668d17597f82d7bf283c71b2c645049a659b3a36b123744cc9c7033aa5f0dd573824f611d81133f787802292b148d47fc6c9bd08ed17ee6bf657a41f6e8cdce9cec3ff6866ba189ae1735bc2397ac90f69054b28a35695611008f478da85b9f1812b1eec042c769cdeddb39ccdec3b07741b63cb1154f700d1d5f725914a1b2a221903b411e525e72b2df0a4076335d37826eb02b", 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x240007, 0x19)
migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendto$auto(0xffffffffffffffff, 0x0, 0x4, 0x8, 0x0, 0x801)
move_pages$auto(0x0, 0xa0000000000000, 0x0, &(0x7f0000001140), 0x0, 0x2)
r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0)
pread64$auto(r2, &(0x7f0000000340)='/proc/Nes\x00'/22, 0x100000001, 0x100)

17.937413113s ago: executing program 1 (id=1303):
semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x9, 0x36ec}, 0x1, 0x0)
openat$auto_clk_summary_fops_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/clk/clk_summary\x00', 0x701, 0x0)
socket(0x2, 0x1, 0x0)
mmap$auto(0x0, 0x5, 0xfffffffffffffe01, 0x8011, 0x3, 0x8000)
mremap$auto(0x0, 0x7, 0x3fd6, 0x0, 0x1ffffffe)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffff7fffff0005, 0x8)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16, @ANYBLOB="010028bd7000ffdbdf25050000000c00010002000000000000000c00010004000000000000000c00010003000000000000000800010004000000000000000c00010009000000000000000c0001000900000000000000"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0xd0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
preadv$auto(0x3, 0x0, 0x3, 0x3, 0x10)
close_range$auto(0x2, 0xa, 0x0)

16.271721068s ago: executing program 1 (id=1309):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) (async)
mmap$auto(0x0, 0x40009, 0x8, 0x9b72, 0x7, 0x28000) (async)
r1 = socket(0x33, 0x80003, 0x300)
name_to_handle_at$auto(0xffffffffffffffff, &(0x7f0000000340)='\xff\xc4', &(0x7f00000004c0)={0xfffffffffffffeb6, 0x4, "c151d70dac52fbbdc8f4aab36a5cfd298de10d53ab1678974504c52f996ba0fa64867c1a90a4113ce3595454eb271a9358924115f5b0212c2f75dd106a6327f7cb9e1b38b25bfb4a214e9dd78eb43899b7e254246a6b8233626143288f00d488fe07d65169b94a00"/122}, 0x0, 0x6) (async)
setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4) (async)
r2 = socket(0xf, 0x0, 0x9) (async, rerun: 64)
capset$auto(0x0, &(0x7f0000000080)={0x9, 0x6, 0xeb}) (rerun: 64)
sendmmsg$auto(r2, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000480)={&(0x7f0000000240)='L\fX\x00', 0x49}, 0x4, 0x0, 0x5, 0x11}, 0x5}, 0x2, 0x100)
mmap$auto(0x2, 0xaa06, 0x0, 0xeb1, 0xffffffffffffffff, 0x2)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r3, 0x8000) (async, rerun: 32)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async, rerun: 32)
r4 = ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xffffffffffdffe00, &(0x7f0000000140)=';')
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), r4) (async)
msgctl$auto_MSG_INFO(0x9, 0xc, &(0x7f0000000240)={{0x80020000, 0xee00, 0xee01, 0x6, 0x40000000, 0xc, 0x7}, &(0x7f00000001c0)=0x61, &(0x7f0000000200)=0xff, 0x6, 0xfffffffffffff90b, 0x1fa1ac89, 0xa, 0x2, 0x594, 0xf, 0x3, @inferred=<r5=>0x0, @raw=0xffffffff}) (async, rerun: 64)
write$auto_ppp_device_fops_ppp_generic(0xffffffffffffffff, &(0x7f0000000200)="c021", 0x2) (async, rerun: 64)
connect$auto(0xffffffffffffffff, &(0x7f0000000040)=@qipcrtr={0x2a, 0x3, 0xfffffffe}, 0x2) (async)
sendmsg$auto_TIPC_NL_NET_SET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[], 0xa34}, 0x1, 0x0, 0x0, 0x10}, 0x4000080)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x42c883, 0x0) (async, rerun: 32)
r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (rerun: 32)
write$auto(r6, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x4000c, 0xdf, 0x9b72, r0, 0x0)
prctl$auto(0x1000000003b, 0x8, r5, 0x9, 0x80000000) (async)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/debug/tracing/set_event\x00', 0x280080, 0x0) (async, rerun: 32)
setresuid$auto(0x2, 0x7, 0x8080) (async, rerun: 32)
ioprio_get$auto(0x3, 0x2)

14.542009631s ago: executing program 1 (id=1316):
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) (async, rerun: 32)
r1 = socket(0x1e, 0x1, 0x0) (rerun: 32)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) (async)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x11, 0x3, 0x9)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80302, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async, rerun: 64)
select$auto(0x200e, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0x1, 0x8fd6, 0x948b, 0x3, 0x0, 0x3, 0x3, 0x5f, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) (async, rerun: 64)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) (async)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) (async, rerun: 64)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
socket(0xa, 0x2, 0x3a) (async, rerun: 32)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r4=>0x0}) (rerun: 32)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r4, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r4, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) (async, rerun: 32)
close_range$auto(r0, r1, 0x0) (rerun: 32)
socket(0x2, 0x3, 0x100) (async)
socket(0x10, 0x2, 0x0) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xebe, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32)
socket(0x2b, 0x1, 0x1) (rerun: 32)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000280), 0x400, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f00000005c0), 0xffffffffffffffff) (async)
sendmsg$auto_OVS_CT_LIMIT_CMD_GET(r5, 0x0, 0x0) (async, rerun: 32)
ioctl$auto_XFS_IOC_FSBULKSTAT_SINGLE(0xffffffffffffffff, 0xc0205866, &(0x7f0000000100)={&(0x7f00000000c0)=0xffffffffffffffff, 0x7fff, 0x0, 0x0}) (async, rerun: 32)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)

13.990026516s ago: executing program 1 (id=1319):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sr0\x00', 0x60742, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyr0\x00', 0x60540, 0x0)
socket(0x15, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x11, 0x2, 0x73)
pipe2$auto(0x0, 0x0)
r1 = io_uring_setup$auto(0x7e1b, 0x0)
socket(0x2, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f00000002c0)='ns/uts\x00')
syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/uts\x00')
ioctl$auto(0x3, 0x4421, r1)
mmap$auto(0x0, 0x10000, 0xde, 0x11, r0, 0x28000)

12.835809575s ago: executing program 1 (id=1322):
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/controlC2\x00', 0x80, 0x0)
ioctl$auto(r0, 0xc10c5541, 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0xffffffffffffffff, 0x6)
mmap$auto(0x100, 0x8, 0xdf, 0x16, r0, 0x7ffc) (async)
r1 = socket(0x2b, 0x1, 0x1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async, rerun: 64)
close_range$auto(r1, 0xfffffffffffff000, 0x5) (async, rerun: 64)
open(&(0x7f00000000c0)='./file0\x00', 0x1034c3, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) (async, rerun: 32)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) (rerun: 32)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
ioctl$auto(0x3, 0xae41, r3) (async)
ioctl$auto_KVM_CREATE_VM(r2, 0x4048aecb, 0x0)
socketpair$auto(0xe, 0x1004001, 0xf67f, 0x0)
ioctl$auto(r1, 0x89a0, 0x4) (async)
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000006900)='/sys/kernel/config/target/dbroot\x00', 0x189002, 0x0) (async)
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000) (async)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/neigh/ipvlan1/app_solicit\x00', 0x0, 0x0)
read$auto(r4, 0x0, 0x1ff) (async)
write$auto(0x3, 0x0, 0xfdef) (async)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/hdpvr/parameters/boost_audio\x00', 0x40000, 0x0)
read$auto(r5, 0x0, 0x6) (async)
r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) (async, rerun: 32)
open(0x0, 0x261c2, 0x84) (rerun: 32)

11.027383779s ago: executing program 1 (id=1329):
mmap$auto(0x0, 0x7, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r0 = fanotify_init$auto(0x602, 0x1)
r1 = open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98)
fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r1, 0x0)
mkdir$auto(&(0x7f0000000080)='./file0\x00', 0x1)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0)
read$auto(r2, 0x0, 0x20)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0xc, 0x940, 0x1ffde, 0x7, 0x6, 0x3ff, 0x9, 0x1, 0x2, 0x7, 0x9, 0x8, 0x8, 0x407, 0x5, 0x7, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, [0x0, 0x0, 0xe65, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xe3a]}, 0x400, 0x81)
r3 = socket(0xa, 0x1, 0x84)
ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f00000000c0)="c6defff83315b9b07a4d3826ae11a8d648df1bbe6a49fd8c68d028d7ed337e7ca5734c34b1d1c3d2eabcd5e702c34d43d4336e4beeac911fc845480718")
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast1}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
getsockopt$auto(r3, 0x84, 0x7d, 0x0, &(0x7f0000000000)=0x98)
syz_clone(0x80, &(0x7f0000000380)="dc8a28244e1438b8fc0a9e370168524c3e7b3883617443f7104fe2c70824528376948dec74e2eb2ddfbe1f4b9923f77c1a92b8b6120877ef937015ab081492fb99001be77ac1538162fa6aaddff4dea22e379529db90f1cd0daff00720d92f399f840b9b6c3b09b2a47e06e2d4253961812b82c097e57fb4ae35d687f2e7850a41d810b3e05464144813c5883ee9b36c47692210f2", 0x95, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000440)="03230aef73ad38b5099cd97e34311764cd49a3a1431d5b5f5c6605bfb0e23cd2d831")
syz_clone3(&(0x7f00000004c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x3, 0x4000000000df, 0xa7c, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xffffffffffffffff, 0x8000)
setsockopt$auto_SO_TYPE(r1, 0xc23, 0x3, &(0x7f0000000480)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x3)
io_uring_setup$auto(0x1, 0x0)
ioperm$auto(0x3, 0xe, 0x2000000000000149)
r4 = gettid()
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
kill$auto(r4, 0x11)

10.763374173s ago: executing program 3 (id=1330):
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0xa, 0x5, 0x0)
setsockopt$auto(r0, 0x10000000084, 0x9, 0x0, 0x98)
r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7)
ptrace$auto_PTRACE_GETSIGMASK(0x420a, r2, 0x6e3, 0x1)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r1, 0x7ab, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptyua\x00', 0x128bc0, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
io_setup$auto(0x7ffe, 0x0)
io_setup$auto(0x7ffe, &(0x7f0000000000))
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0)
syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r4)
write$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000200)='5', 0x1)
capset$auto(&(0x7f0000000340)={0x19980330}, 0x0)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x4, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8})
open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8)
io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r1, 0xa, &(0x7f0000000180)="221aa2a2e1a47c16e9b935b36eb66fa98ca6d90b78e1fc1799ad1e15807c54f58fa1ee6c6927048cbda12b4e1ad0336a4b88db6e5c7e4fedd6852f33d0b576", 0x2f)
socket(0xa, 0x5, 0x94)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)

10.063183148s ago: executing program 4 (id=1332):
close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0xf, 0x3, 0x2)
r0 = socket(0xf, 0x3, 0x10000000000002)
socket(0x10, 0x3, 0x6)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@NFSD_A_SERVER_LEASETIME={0x8}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@NFSD_A_SERVER_LEASETIME={0x8}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
socket(0x15, 0x5, 0x0)
socket(0x10, 0x2, 0x0)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf250200000005002a0001000000080017"], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\a\x00'], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) (async)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\a\x00'], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00'], 0x1ac}}, 0x40000) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00'], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000b00), 0xffffffffffffffff) (async)
r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000b00), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000000e00)={0x0, 0x4000, &(0x7f0000000dc0)={&(0x7f0000000b40)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="01002abd7000fcdbdf25040200"], 0x14}, 0x1, 0x0, 0x97, 0x4008040}, 0x4000800)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0)
sendmsg$auto_NL80211_CMD_GET_SURVEY(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x64, r3, 0x2, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_S1G_CAPABILITY_MASK={0x45, 0x129, "437b4007ef4edb3d5cfcd17d60457fdb9bb61cfb332cddd04cddd7c4b7b57e8d37130a330a0aa1b2e1797b61577b40526cdc1a5e1ff3c02c9b6c727f8272433487"}, @NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x1}]}, 0x64}, 0x1, 0x0, 0x0, 0x50}, 0x0) (async)
sendmsg$auto_NL80211_CMD_GET_SURVEY(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x64, r3, 0x2, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_S1G_CAPABILITY_MASK={0x45, 0x129, "437b4007ef4edb3d5cfcd17d60457fdb9bb61cfb332cddd04cddd7c4b7b57e8d37130a330a0aa1b2e1797b61577b40526cdc1a5e1ff3c02c9b6c727f8272433487"}, @NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x1}]}, 0x64}, 0x1, 0x0, 0x0, 0x50}, 0x0)
socket(0x10, 0x2, 0xc)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
socket(0xa, 0x801, 0x84)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) (async)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
setsockopt$auto(0x3, 0x10000000084, 0x18, 0x0, 0x8)
bind$auto(0x3, &(0x7f0000000000)=@nl=@kern={0x10, 0x0, 0x24, 0x400000}, 0x68)

8.881977817s ago: executing program 4 (id=1333):
r0 = open(&(0x7f0000000100)='.\x00', 0x591083, 0x408) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x40, r2, 0x1b, 0x74bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x16, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@nested={0x4788, 0x33}]}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828848"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
capget$auto(0x0, 0xfffffffffffffffe) (async)
capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8})
linkat$auto(r0, 0x0, 0xffffffffffffff9c, 0x0, 0x1000) (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
swapon$auto(&(0x7f0000000040)='/sys/kernel/tracing/buffer_subbuf_size_kb\x00', 0x3) (async)
ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0)
write$auto(0x3, 0x0, 0xfdef) (async)
openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/buffer_subbuf_size_kb\x00', 0x4000, 0x0)

8.594100443s ago: executing program 4 (id=1334):
r0 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x1414, &(0x7f0000000040)={&(0x7f0000000280)={0x24, r0, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x80005}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040810}, 0x20000084)

8.557879374s ago: executing program 2 (id=1335):
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mlock$auto(0x1000, 0x6)
mlockall$auto(0x800000000000005)
clone$auto(0x100000001, 0x4, 0x0, 0x0, 0x200)
madvise$auto(0x0, 0x200007, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
syncfs$auto(r0)
lsm_get_self_attr$auto(0x64, 0x0, &(0x7f0000002440)=0x1ff, 0x1)

8.447576764s ago: executing program 4 (id=1336):
mmap$auto(0x3, 0x40000e, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
mq_notify$auto(0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
socket(0xa, 0x801, 0x106)
pipe2$auto(0x0, 0x4800)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
splice$auto(0x4, 0x0, 0x2, 0x0, 0x1000, 0xf)
socket(0xa, 0x1, 0x84)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x1, 0xdf, 0x14, 0x401, 0x8000)
mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/memory.kmem.tcp.limit_in_bytes\x00', 0x0, 0x0)
writev$auto(r0, 0x0, 0x3)
mmap$auto(0x0, 0x20009, 0x100000000df, 0xeb1, r0, 0x8000)
mmap$auto(0x0, 0x1, 0x4000000000df, 0xeb1, 0x401, 0x8002)
close_range$auto(0x2, 0x8, 0x0)
madvise$auto(0x110c234000, 0x1, 0x9)
msgget$auto(0x0, 0x5)
msgsnd$auto(0x0, &(0x7f0000000000)={0x1, 0x5}, 0x8, 0x7)
openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000040), 0x400d01, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x80f02, 0x0)
sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
msgsnd$auto(0x0, &(0x7f0000000600)={0x40000087fc, 0x7}, 0x400, 0x2)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r1, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)

8.032504085s ago: executing program 2 (id=1337):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/fs/ext4/sda1/mb_group_prealloc\x00', 0x8001, 0x0)
write$auto(r1, &(0x7f0000000000)='gJ\xdf\xd9\t\x8b7\x04\\\x00\x04x\x03\xcb\x12\xfa\b\x1c\xc7\xeb', 0x2)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x4)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f0, 0x15)
madvise$auto(0x0, 0x200007, 0x19)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x7)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r3)
ioctl$auto_KVM_CREATE_VM(r2, 0x4018aee1, 0x0)

5.957257242s ago: executing program 4 (id=1338):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/nfsd.export/flush\x00', 0x2, 0x0)
r1 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x440, 0x0)
mmap$auto(0xa2, 0x10000000009, 0xde, 0x1000000eb1, 0x401, 0x8000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/gre0/dev_port\x00', 0x0, 0x0)
read$auto(r0, &(0x7f0000000140)='\x00', 0x2)
read$auto(r2, 0x0, 0x20)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000080), 0x101, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/loginuid\x00', 0x40002, 0x0)
socket(0xa, 0x1, 0x84)
write$auto(0x3, 0x0, 0xfdef)
read$auto_tracing_cpumask_fops_trace(r1, &(0x7f0000000580)=""/4096, 0x1000)
write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000080)="d2e9", 0x2)
unshare$auto(0x40000080)
write$auto(0xca, &(0x7f0000000000)='\x04>\x01\x01\b\x1a\x18`<I}\xe8N\x94\xf2\xa2\x00\x00\f\x15\xd8a\xedW\xd3Mo\x86\x88B\xea8\xd1\xda\xcf9\x00\xd5\x15@\xeb\xcd\tB\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x11N\x17w\xe7\x0e\x9bK\xc6\xfe\xca\x92\x86U\xd3\xe3,\xdcn\xaea\x17(\xff\xfb\xe5\x0f\xef\xff=\xcfD\xd8\x8dUPw\xb1d9\xe6\xc4\xb0\'-\xf1V\xcf\t\xa49\x9f\x02\xa0\xcf\x17\xaa\xb561\x1eJ\xa5\xbc\x04\x8a\xdc\x16\xf4\xdb\xfc\xb3!\x9d\xb8O9\xf5\xe0\xd8\xca\xbb\x8aQ\x11\xb5\xe3\xfb\x00\xf2\xcc=:\xf1\x8f\xe7\xf0\x1e\x81X\x14\xfd\x15\xbd\xaa\x02A\x84V\x99V\a\x0fr\x80\xa4\x8a$\x04c-]\x1a\x7f\xddU\xd0\xfbd\xf3\xb6SE\xad\x19\x1dt\xbaI\x11\xf01h=\xe1\xc2\x9c\a\xda7W\xd4y\xef\xf7h,`\xee\x86\xc84)(\xdet\xa6x\x96\xdd9x', 0x26)
accept$auto(r3, &(0x7f0000000180)=@in={0x2, 0x4e20, @private=0xa010100}, &(0x7f00000001c0)=0x8000)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vcs\x00', 0x50000, 0x0)
r4 = set_tid_address$auto(&(0x7f0000000200)=0x6)
ptrace$auto_PTRACE_POKEDATA(0x5, r4, 0x7fffffff, 0x48)
mmap$auto(0x20000000009, 0xffffffffffffffff, 0x8, 0x10, r3, 0x0)

5.401255464s ago: executing program 2 (id=1339):
r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="f2000000", @ANYBLOB='.\x00', @ANYRES16], 0x1ac}, 0x1, 0x0, 0x0, 0x24040840}, 0x94)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x2000000, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0)
ioctl$auto_USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522, 0x0) (async)
ioctl$auto_USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/015/001\x00', 0x80000, 0x0) (async)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/015/001\x00', 0x80000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd2, 0x400000000000948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x2, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x5ae6, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7ffc)
socket(0xa, 0x2, 0x3a)
r3 = userfaultfd$auto(0x1)
statx$auto(r3, 0x0, 0x1000, 0x8, 0x0) (async)
statx$auto(r3, 0x0, 0x1000, 0x8, 0x0)
keyctl$auto(0x4, 0xffffffffffffffff, 0x0, 0x800, 0xa) (async)
keyctl$auto(0x4, 0xffffffffffffffff, 0x0, 0x800, 0xa)
keyctl$auto(0x6, 0xffffffffffffffff, 0x8, 0x803, 0x4)
write$auto(0x3, 0x0, 0xffd8)
mlock$auto(0xfffffffffffffff8, 0x1)
mmap$auto(0x80000101, 0x1000, 0x3, 0x16, r0, 0x4) (async)
mmap$auto(0x80000101, 0x1000, 0x3, 0x16, r0, 0x4)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
setresuid$auto(0x0, 0x7, 0x8080) (async)
setresuid$auto(0x0, 0x7, 0x8080)
setfsuid$auto(0x0) (async)
setfsuid$auto(0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/bond0/napi_defer_hard_irqs\x00', 0xc2481, 0x0)
write$auto(r4, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) (async)
write$auto(r4, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
setuid$auto(0xe) (async)
setuid$auto(0xe)
unshare$auto(0x40000080)

4.45389892s ago: executing program 2 (id=1340):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) (async)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) (async)
prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) (async)
syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) (async, rerun: 32)
socket(0x3, 0x3, 0x0) (async, rerun: 32)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) (async)
r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
lseek$auto(r2, 0x5, 0x0) (async)
getdents$auto(r2, &(0x7f00000004c0)={0x100, 0xa, 0x4}, 0x62d4)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sg0\x00', 0x40200, 0x0) (async, rerun: 32)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/037/001\x00', 0x630001, 0x0) (async)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x100242, 0x0) (async)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) (async, rerun: 32)
mmap$auto(0x8000000002, 0x40000a, 0x0, 0x12, 0x2, 0x80000) (async, rerun: 32)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async)
setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd) (async)
close_range$auto(0x2, 0xa, 0x0) (async)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0)

1.188439588s ago: executing program 3 (id=1341):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0xffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mbind$auto(0x0, 0x7fffffffffffffff, 0x4, 0x0, 0x5, 0xe) (async)
mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, 0xffffffffffffffff, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef) (async)
write$auto(0xffffffffffffffff, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4) (async)
socket(0xa, 0x2, 0x0) (async)
socket(0x2, 0x2, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0x6, 0x0, 0xa7, 0x0, 0x8000, 0xff}, 0x2}, 0x1, 0xb) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0xff, 0x0, 0x1, 0x3}, 0xed7138c}, 0xb, 0x0) (async)
r0 = socket(0x2b, 0x1, 0x0) (async)
io_uring_setup$auto(0x6, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_SMC_NETLINK_DISABLE_SEID(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="013b"], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810) (async)
sendmsg$auto_SMC_NETLINK_DUMP_UEID(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000040)={&(0x7f0000000200)={0x74, r2, 0x5fe21872aa7e7a04, 0x70bd2c, 0x25dfdbfd, {}, "8bae23ca84ebb86516638d5d8a5b6cf1a00f4d6d3adeb7bcb7fae4a6e400f1a7073245f3bb6cb201aa07beedb972304248270eaeda418796ffda9e23310d018985b12ca7d7d700403d3946799d457cb5c8a960fc3b2d1a490f3ef6d8ce1a0a"}, 0x74}, 0x1, 0x0, 0x0, 0x98}, 0x1) (async)
semctl$auto(0xf06f, 0x802, 0x3, 0xc)
setsockopt$auto(0x3, 0x0, 0x40, 0x0, 0x7fff0060)

1.049281445s ago: executing program 3 (id=1342):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0x2, 0x5, 0x0)
r1 = socket(0x2b, 0x1, 0x1)
setsockopt$auto(r1, 0x29, 0x13, 0x0, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/if_inet6\x00', 0x0, 0x0)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/dev_snmp6/batadv0\x00', 0x4100, 0x0)
preadv$auto(0x3, &(0x7f00000004c0)={0x0, 0x8000000}, 0x3, 0x10000, 0xc)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
io_uring_setup$auto(0x1, 0x0)
setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x3)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
socket(0x2, 0x5, 0x0) (async)
socket(0x2b, 0x1, 0x1) (async)
setsockopt$auto(r1, 0x29, 0x13, 0x0, 0x0) (async)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/if_inet6\x00', 0x0, 0x0) (async)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/dev_snmp6/batadv0\x00', 0x4100, 0x0) (async)
preadv$auto(0x3, &(0x7f00000004c0)={0x0, 0x8000000}, 0x3, 0x10000, 0xc) (async)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async)
io_uring_setup$auto(0x1, 0x0) (async)
setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x3) (async)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) (async)

858.047134ms ago: executing program 3 (id=1343):
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) (async)
mmap$auto(0x0, 0x20009, 0x4b5, 0x100000001b70, r0, 0x8001) (async)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async, rerun: 32)
close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async, rerun: 32)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x5, 0x21ea, 0x7ff, 0x3, 0x1, 0x80000001, 0x800002e}, 0x6f4)
bpf$auto(0x800000000000001a, 0xfffffffffffffffe, 0x0) (async, rerun: 64)
ioctl$auto_KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0xc0000103, 0x400, 0x9}]}) (rerun: 64)

703.042338ms ago: executing program 2 (id=1344):
r0 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x1414, &(0x7f0000000040)={&(0x7f0000000280)={0x24, r0, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x80005}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040810}, 0x20000084)

151.060384ms ago: executing program 2 (id=1345):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0)
write$auto(r0, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0)
ioperm$auto(0x7, 0x5ad2, 0xc)
modify_ldt$auto(0x1, 0x0, 0x10)
pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/kernel/kexec_load_disabled\x00', 0x202, 0x0)
sendfile$auto(r2, r2, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x6)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)={0xfc, r4, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_OURS={0xe8, 0x3, 0x0, 0x1, [@typed={0x8, 0xc2, 0x0, 0x0, @ipv4=@multicast2}, @typed={0x4, 0x2a}, @typed={0x4, 0x11}, @typed={0x8, 0x2e, 0x0, 0x0, @fd=r3}, @generic="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c", @nested={0x2c, 0x5, 0x0, 0x1, [@nested={0x28, 0x63, 0x0, 0x1, [@nested={0x24, 0x9e, 0x0, 0x1, [@typed={0x8, 0x5a, 0x0, 0x0, @str='/}!\x00'}, @nested={0x10, 0x86, 0x0, 0x1, [@typed={0xc, 0xd, 0x0, 0x0, @u64=0x6}]}, @nested={0x8, 0xc9, 0x0, 0x1, [@typed={0x4, 0x1b, 0x0, 0x0, @binary}]}]}]}]}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x40000}, 0x2404c810)
mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r5 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0)
ioctl$auto_SG_GET_PACK_ID(r5, 0x227c, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
close_range$auto(0x2, 0x8, 0x0)

150.966854ms ago: executing program 3 (id=1346):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x2, 0x3, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_nsim_psample_enable_fops_psample(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/netdevsim/netdevsim2/psample/enable\x00', 0x2000, 0x0)
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/uts\x00')
ioctl$NS_GET_PARENT(r1, 0xb701, 0x0)
socket(0x2, 0x801, 0x100)
socket(0x2, 0x1, 0x84)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
pipe$auto(0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/acpi/wakeup\x00', 0x101200, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x0, @multicast1}, 0x55)
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, 0x0, 0x4000000)

16.996164ms ago: executing program 4 (id=1347):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd10/queue/nr_requests\x00', 0x82942, 0x0)
sendfile$auto(r0, r0, 0x0, 0x200)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x3498c2, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae89, &(0x7f0000000080)={0x2, 0x0, [{0x4b564d06, 0xe3, 0x100000007f}]})
swapon$auto(&(0x7f0000000000)='/dev/loop7\x00', 0x4)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/audit\x00', 0x40, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000002e40), 0xffffffffffffffff)
sendmsg$auto_SEG6_CMD_SET_TUNSRC(r4, &(0x7f0000002f00)={0x0, 0x0, &(0x7f0000002ec0)={&(0x7f0000002e80)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="000304000000000000000000ff00"], 0x6e}, 0x1, 0x0, 0x0, 0x4048c40}, 0x4)
sendmsg$auto_SEG6_CMD_DUMPHMAC(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x2c, r5, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x7f}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x4000040)
pselect6$auto(0x5, &(0x7f0000000400)={[0x8, 0x5, 0x0, 0x5, 0x8001, 0x6, 0xac, 0x2000009, 0x3, 0xffffffff, 0x7fffffffffffffff, 0x0, 0x1000, 0x2, 0x8, 0x3ff]}, 0x0, 0x0, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(r7, 0x5, 0x0)
close_range$auto(r7, r0, 0x6)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0)
landlock_restrict_self$auto(r6, 0x0)
execve$auto(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=&(0x7f0000000080)=',{\x00', &(0x7f0000000140)=&(0x7f0000000100)='}.\x00')
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, r2, 0x8000)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
mmap$auto(0x0, 0x9, 0x800000000df, 0x9b72, 0xea8a, 0x8000)
socket(0x2c, 0x3, 0x0)
sysfs$auto(0x2, 0x10000000000048, 0x0)

0s ago: executing program 3 (id=1348):
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0xa, 0x1, 0x84)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop11\x00', 0x20000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc)
open(&(0x7f0000000000)='./file0\x00', 0x40440, 0x40)
r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/v4l-subdev2\x00', 0x2000, 0x0)
openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x2, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/bonding/lp_interval\x00', 0x1e2142, 0x0)
r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r3, 0x0, 0x1f40)
close_range$auto(0x2, r2, 0x0)
socket(0x28, 0x2, 0x1000c)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r5)
ioctl$auto_KVM_GET_MSRS(r4, 0x4008ae89, &(0x7f00000000c0)={0x2, 0x0, [{0x258, 0xfffffe01, 0x35}]})
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008)
r6 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)

kernel console output (not intermixed with test programs):


	


	



	


	



	






	




	






	





	





		







	

	
	

	

	
		

	


	
	

		
	
		
	

	

	



			








	





	






	
				

				
					
			
	

			
		

			
			
			
		

		


		


















	










	




	





		








	

	
	
	

	

	
				
	
		


	

	

	
	

				
		
	
	




	
				
		
	

	
		
	

		

	
		

	


	
	

		
	
		
	

	

	



			








	




	





	

	

	

	
	
	

	

	


	

	
	

	
	
	
	


	
	
	

	






	




	





		







	

	
		
	
				
	
		

			
	

	







	
		

	


	
	

		
	
		
	

	

	



			








	





	




		

		

			

	

	


	



	



	




	






	




	





		













	
	

	

		
		

	
	

	
		
	

	
		

		

				



	
	




			

			
	


	
				
	
	



	
		

	
	

	
				
	
	



	
	
	
		

	
		




	



	


	
	
		

	
	
	




	
		
			
		
[  318.464450][ T9436] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.593'.
[  319.891866][ T9449] ubi: mtd0 is already attached to ubi0
[  319.898769][ T9449] ubi0: detaching mtd0
[  319.907865][ T9449] ubi0: mtd0 is detached
[  320.589001][ T9457] vivid-009: =================  START STATUS  =================
[  320.647756][ T9457] vivid-009: Enable Output Cropping: true grabbed
[  320.850054][ T9457] vivid-009: Enable Output Composing: true grabbed
[  320.944469][ T9457] vivid-009: Enable Output Scaler: true grabbed
[  321.010886][ T9457] vivid-009: Tx RGB Quantization Range: Automatic grabbed
[  321.036173][ T9463] block nbd7: not configured, cannot reconfigure
[  321.066663][ T9457] vivid-009: Transmit Mode: HDMI grabbed
[  321.072472][ T9457] vivid-009: Hotplug Present: 0x00000000
[  321.195780][ T9457] vivid-009: RxSense Present: 0x00000000
[  321.201541][ T9457] vivid-009: EDID Present: 0x00000000
[  321.301611][ T9457] vivid-009: ==================  END STATUS  ==================
[  324.028335][ T9509] netlink: 28 bytes leftover after parsing attributes in process `syz.3.608'.
[  325.018310][ T9528] mkiss: ax0: crc mode is auto.
[  326.909681][ T9552] FAULT_INJECTION: forcing a failure.
[  326.909681][ T9552] name failslab, interval 1, probability 0, space 0, times 0
[  326.954883][ T9552] CPU: 1 UID: 0 PID: 9552 Comm: syz.3.618 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  326.954944][ T9552] Tainted: [U]=USER
[  326.954956][ T9552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  326.954981][ T9552] Call Trace:
[  326.954992][ T9552]  <TASK>
[  326.955010][ T9552]  dump_stack_lvl+0x16c/0x1f0
[  326.955072][ T9552]  should_fail_ex+0x512/0x640
[  326.955122][ T9552]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  326.955179][ T9552]  should_failslab+0xc2/0x120
[  326.955221][ T9552]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  326.955271][ T9552]  ? find_held_lock+0x2b/0x80
[  326.955306][ T9552]  ? vm_area_dup+0x27/0x8d0
[  326.955356][ T9552]  ? dup_mmap+0x5cb/0x21d0
[  326.955401][ T9552]  vm_area_dup+0x27/0x8d0
[  326.955456][ T9552]  dup_mmap+0x877/0x21d0
[  326.955515][ T9552]  ? __pfx_dup_mmap+0x10/0x10
[  326.955590][ T9552]  copy_process+0x4081/0x7650
[  326.955633][ T9552]  ? preempt_schedule_thunk+0x16/0x30
[  326.955697][ T9552]  ? __pfx_copy_process+0x10/0x10
[  326.955747][ T9552]  ? find_held_lock+0x2b/0x80
[  326.955790][ T9552]  ? wake_up_q+0xb0/0x160
[  326.955821][ T9552]  ? do_raw_spin_unlock+0x172/0x230
[  326.955860][ T9552]  kernel_clone+0xfc/0x960
[  326.955905][ T9552]  ? __pfx_futex_wake+0x10/0x10
[  326.955955][ T9552]  ? __pfx_kernel_clone+0x10/0x10
[  326.956027][ T9552]  __do_sys_clone+0xce/0x120
[  326.956071][ T9552]  ? __pfx___do_sys_clone+0x10/0x10
[  326.956116][ T9552]  ? ksys_unshare+0x687/0xa40
[  326.956182][ T9552]  ? xfd_validate_state+0x61/0x180
[  326.956253][ T9552]  do_syscall_64+0xcd/0x490
[  326.956310][ T9552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.956345][ T9552] RIP: 0033:0x7fe6c758e929
[  326.956373][ T9552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.956406][ T9552] RSP: 002b:00007fe6c83c9fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  326.956437][ T9552] RAX: ffffffffffffffda RBX: 00007fe6c77b5fa0 RCX: 00007fe6c758e929
[  326.956458][ T9552] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411
[  326.956477][ T9552] RBP: 00007fe6c7610b39 R08: 0000000000000000 R09: 0000000000000000
[  326.956497][ T9552] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  326.956516][ T9552] R13: 0000000000000000 R14: 00007fe6c77b5fa0 R15: 00007ffef5d1c4c8
[  326.956559][ T9552]  </TASK>
[  327.535603][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  327.542095][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  329.005662][ T9583] FAULT_INJECTION: forcing a failure.
[  329.005662][ T9583] name failslab, interval 1, probability 0, space 0, times 0
[  329.044816][ T9583] CPU: 0 UID: 0 PID: 9583 Comm: syz.1.624 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  329.044859][ T9583] Tainted: [U]=USER
[  329.044867][ T9583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  329.044881][ T9583] Call Trace:
[  329.044888][ T9583]  <TASK>
[  329.044897][ T9583]  dump_stack_lvl+0x16c/0x1f0
[  329.044938][ T9583]  should_fail_ex+0x512/0x640
[  329.044974][ T9583]  ? __kvmalloc_node_noprof+0x124/0x620
[  329.045014][ T9583]  should_failslab+0xc2/0x120
[  329.045036][ T9583]  __kvmalloc_node_noprof+0x137/0x620
[  329.045072][ T9583]  ? lru_gen_seq_start+0x4f/0x240
[  329.045098][ T9583]  ? rcu_is_watching+0x12/0xc0
[  329.045128][ T9583]  ? lru_gen_seq_start+0x4f/0x240
[  329.045154][ T9583]  lru_gen_seq_start+0x4f/0x240
[  329.045185][ T9583]  traverse.part.0.constprop.0+0xaf/0x640
[  329.045226][ T9583]  seq_read_iter+0x932/0x12c0
[  329.045264][ T9583]  ? aa_file_perm+0x4d6/0xfb0
[  329.045306][ T9583]  seq_read+0x39e/0x4e0
[  329.045335][ T9583]  ? __pfx_seq_read+0x10/0x10
[  329.045386][ T9583]  full_proxy_read+0x13f/0x200
[  329.045410][ T9583]  ? __pfx_full_proxy_read+0x10/0x10
[  329.045433][ T9583]  vfs_read+0x1e1/0xc60
[  329.045473][ T9583]  ? __pfx_vfs_read+0x10/0x10
[  329.045504][ T9583]  ? find_held_lock+0x2b/0x80
[  329.045529][ T9583]  ? __fget_files+0x204/0x3c0
[  329.045565][ T9583]  ? __fget_files+0x20e/0x3c0
[  329.045605][ T9583]  __x64_sys_pread64+0x1eb/0x250
[  329.045642][ T9583]  ? __pfx___x64_sys_pread64+0x10/0x10
[  329.045686][ T9583]  do_syscall_64+0xcd/0x490
[  329.045725][ T9583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.045749][ T9583] RIP: 0033:0x7f6edeb8e929
[  329.045767][ T9583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  329.045790][ T9583] RSP: 002b:00007f6edf968038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  329.045811][ T9583] RAX: ffffffffffffffda RBX: 00007f6ededb5fa0 RCX: 00007f6edeb8e929
[  329.045826][ T9583] RDX: 00000000000007ff RSI: 0000000000000000 RDI: 0000000000000004
[  329.045840][ T9583] RBP: 00007f6edec10b39 R08: 0000000000000000 R09: 0000000000000000
[  329.045854][ T9583] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000000
[  329.045868][ T9583] R13: 0000000000000000 R14: 00007f6ededb5fa0 R15: 00007ffcdacd1598
[  329.045897][ T9583]  </TASK>
[  330.225255][ T9599] can: request_module (can-proto-4) failed.
[  330.392615][ T9608] netlink: 4 bytes leftover after parsing attributes in process `syz.1.632'.
[  330.432980][ T9608] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  332.057824][ T9658] vhci_hcd: invalid port number 16
[  332.063022][ T9658] vhci_hcd: invalid port number 16
[  332.374264][ T9633] netlink: 28 bytes leftover after parsing attributes in process `syz.4.636'.
[  332.544547][ T9666] : renamed from gre0 (while UP)
[  332.608692][ T9666] netlink: 8 bytes leftover after parsing attributes in process `syz.2.642'.
[  333.857717][ T9686] aoe: could not set interface list: too many interfaces
[  333.947957][ T9687] FAULT_INJECTION: forcing a failure.
[  333.947957][ T9687] name failslab, interval 1, probability 0, space 0, times 0
[  333.989714][   T30] audit: type=1807 audit(6047222445.374:8): UNKNOWN=0"�]$|�1j�0B|d���ӉO��+��/��x����WӦ��^��gq%Ḧr�O� res=0
[  334.014823][ T9687] CPU: 0 UID: 0 PID: 9687 Comm: syz.4.645 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  334.014868][ T9687] Tainted: [U]=USER
[  334.014877][ T9687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  334.014896][ T9687] Call Trace:
[  334.014906][ T9687]  <TASK>
[  334.014919][ T9687]  dump_stack_lvl+0x16c/0x1f0
[  334.014976][ T9687]  should_fail_ex+0x512/0x640
[  334.015018][ T9687]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  334.015062][ T9687]  should_failslab+0xc2/0x120
[  334.015085][ T9687]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  334.015123][ T9687]  ? find_held_lock+0x2b/0x80
[  334.015147][ T9687]  ? neigh_sysctl_register+0xb2/0x670
[  334.015188][ T9687]  kmemdup_noprof+0x29/0x60
[  334.015225][ T9687]  neigh_sysctl_register+0xb2/0x670
[  334.015263][ T9687]  ? __pfx_neigh_sysctl_register+0x10/0x10
[  334.015298][ T9687]  ? inetdev_init+0x245/0x5a0
[  334.015322][ T9687]  ? inetdev_event+0xc5f/0x18a0
[  334.015347][ T9687]  ? notifier_call_chain+0xbc/0x410
[  334.015378][ T9687]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.015410][ T9687]  devinet_sysctl_register+0xb6/0x200
[  334.015441][ T9687]  inetdev_init+0x2b8/0x5a0
[  334.015469][ T9687]  inetdev_event+0xc5f/0x18a0
[  334.015498][ T9687]  ? ib_netdevice_event+0xfc/0x330
[  334.015525][ T9687]  ? __pfx_inetdev_event+0x10/0x10
[  334.015555][ T9687]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  334.015597][ T9687]  notifier_call_chain+0xbc/0x410
[  334.015624][ T9687]  ? __pfx_inetdev_event+0x10/0x10
[  334.015657][ T9687]  call_netdevice_notifiers_info+0xbe/0x140
[  334.015687][ T9687]  register_netdevice+0x182e/0x2270
[  334.015712][ T9687]  ? idr_alloc+0xdd/0x130
[  334.015743][ T9687]  ? __pfx_register_netdevice+0x10/0x10
[  334.015774][ T9687]  ppp_dev_configure+0x99b/0xc80
[  334.015817][ T9687]  ppp_ioctl+0x17e0/0x2660
[  334.015848][ T9687]  ? find_held_lock+0x2b/0x80
[  334.015872][ T9687]  ? __pfx_ppp_ioctl+0x10/0x10
[  334.015919][ T9687]  ? __fget_files+0x20e/0x3c0
[  334.015955][ T9687]  ? __pfx_ppp_ioctl+0x10/0x10
[  334.015984][ T9687]  __x64_sys_ioctl+0x18e/0x210
[  334.016014][ T9687]  do_syscall_64+0xcd/0x490
[  334.016052][ T9687]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.016074][ T9687] RIP: 0033:0x7f4fcf18e929
[  334.016092][ T9687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.016114][ T9687] RSP: 002b:00007f4fcff65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  334.016136][ T9687] RAX: ffffffffffffffda RBX: 00007f4fcf3b5fa0 RCX: 00007f4fcf18e929
[  334.016151][ T9687] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000006
[  334.016164][ T9687] RBP: 00007f4fcf210b39 R08: 0000000000000000 R09: 0000000000000000
[  334.016178][ T9687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  334.016191][ T9687] R13: 0000000000000000 R14: 00007f4fcf3b5fa0 R15: 00007ffd5f0da668
[  334.016219][ T9687]  </TASK>
[  334.525899][   T30] audit: type=1802 audit(6047222445.394:9): pid=9686 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.646" res=0 errno=0
[  334.713596][ T9681] ima: policy update failed
[  334.718506][   T30] audit: type=1802 audit(6047222446.104:10): pid=9681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.646" res=0 errno=0
[  336.321052][ T9706] ovs_��: entered promiscuous mode
[  337.710370][ T9722] Invalid ELF header magic: != ELF
[  339.010841][ T9745] Invalid ELF header magic: != ELF
[  341.066440][ T6595] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.449343][ T6595] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.483566][ T9784] random: crng reseeded on system resumption
[  341.740424][ T9786] bond0: no command found in slaves file - use +ifname or -ifname
[  341.932593][ T6595] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  342.369593][ T6595] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  343.041118][ T9810] warn_alloc: 1 callbacks suppressed
[  343.041142][ T9810] syz.2.670: vmalloc error: size 1904640, failed to allocate pages, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null)
[  343.060450][ T9817] program syz.4.672 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  343.091698][ T9810] ,cpuset=/,mems_allowed=0-1
[  343.121536][ T9816] nbd: must specify at least one socket
[  343.145583][ T9810] CPU: 0 UID: 0 PID: 9810 Comm: syz.2.670 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  343.145637][ T9810] Tainted: [U]=USER
[  343.145649][ T9810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  343.145668][ T9810] Call Trace:
[  343.145679][ T9810]  <TASK>
[  343.145692][ T9810]  dump_stack_lvl+0x16c/0x1f0
[  343.145748][ T9810]  warn_alloc+0x248/0x3a0
[  343.145803][ T9810]  ? __pfx_warn_alloc+0x10/0x10
[  343.145857][ T9810]  ? alloc_pages_mpol+0x25a/0x550
[  343.145892][ T9810]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  343.145955][ T9810]  __vmalloc_node_range_noprof+0x11d4/0x14b0
[  343.146025][ T9810]  ? __snd_dma_alloc_pages+0x53/0x90
[  343.146078][ T9810]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  343.146130][ T9810]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  343.146188][ T9810]  ? __snd_dma_alloc_pages+0x53/0x90
[  343.146228][ T9810]  __vmalloc_node_noprof+0xad/0xf0
[  343.146270][ T9810]  ? __snd_dma_alloc_pages+0x53/0x90
[  343.146310][ T9810]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[  343.146358][ T9810]  __snd_dma_alloc_pages+0x53/0x90
[  343.146401][ T9810]  snd_dma_alloc_dir_pages+0x151/0x240
[  343.146448][ T9810]  do_alloc_pages+0x115/0x280
[  343.146491][ T9810]  snd_pcm_lib_malloc_pages+0x3df/0x980
[  343.146540][ T9810]  snd_pcm_hw_params+0x15e1/0x1b40
[  343.146590][ T9810]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[  343.146632][ T9810]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[  343.146676][ T9810]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  343.146713][ T9810]  ? __asan_memset+0x23/0x50
[  343.146761][ T9810]  snd_pcm_kernel_ioctl+0x147/0x2e0
[  343.146804][ T9810]  snd_pcm_oss_change_params_locked+0x1432/0x3a30
[  343.146863][ T9810]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  343.146903][ T9810]  ? snd_pcm_oss_sync+0x30c/0x840
[  343.146967][ T9810]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  343.147015][ T9810]  snd_pcm_oss_sync+0x32e/0x840
[  343.147055][ T9810]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  343.147091][ T9810]  snd_pcm_oss_release+0x28b/0x310
[  343.147131][ T9810]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  343.147165][ T9810]  __fput+0x402/0xb70
[  343.147208][ T9810]  task_work_run+0x150/0x240
[  343.147261][ T9810]  ? __pfx_task_work_run+0x10/0x10
[  343.147308][ T9810]  ? __pfx___do_sys_close_range+0x10/0x10
[  343.147368][ T9810]  exit_to_user_mode_loop+0xeb/0x110
[  343.147424][ T9810]  do_syscall_64+0x3f6/0x490
[  343.147478][ T9810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.147510][ T9810] RIP: 0033:0x7f043438e929
[  343.147536][ T9810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.147568][ T9810] RSP: 002b:00007f0435283038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  343.147599][ T9810] RAX: 0000000000000000 RBX: 00007f04345b5fa0 RCX: 00007f043438e929
[  343.147619][ T9810] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  343.147636][ T9810] RBP: 00007f0434410b39 R08: 0000000000000000 R09: 0000000000000000
[  343.147655][ T9810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  343.147673][ T9810] R13: 0000000000000000 R14: 00007f04345b5fa0 R15: 00007ffead4947d8
[  343.147713][ T9810]  </TASK>
[  343.147724][ T9810] Mem-Info:
[  343.563404][ T9810] active_anon:12318 inactive_anon:0 isolated_anon:0
[  343.563404][ T9810]  active_file:12456 inactive_file:46679 isolated_file:0
[  343.563404][ T9810]  unevictable:768 dirty:445 writeback:0
[  343.563404][ T9810]  slab_reclaimable:11135 slab_unreclaimable:98853
[  343.563404][ T9810]  mapped:27793 shmem:1368 pagetables:1202
[  343.563404][ T9810]  sec_pagetables:0 bounce:0
[  343.563404][ T9810]  kernel_misc_reclaimable:0
[  343.563404][ T9810]  free:1311828 free_pcp:12953 free_cma:0
[  343.608930][    C0] vkms_vblank_simulate: vblank timer overrun
[  343.656997][ T9824] netlink: 28 bytes leftover after parsing attributes in process `syz.2.670'.
[  343.670696][ T9810] Node 0 active_anon:49372kB inactive_anon:0kB active_file:50976kB inactive_file:186536kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:112880kB dirty:1780kB writeback:0kB shmem:3936kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12988kB pagetables:4772kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  343.670979][ T6595] bridge_slave_1: left allmulticast mode
[  343.704213][    C0] vkms_vblank_simulate: vblank timer overrun
[  343.781201][ T9810] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:180kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:44kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  343.812807][    C0] vkms_vblank_simulate: vblank timer overrun
[  343.895191][ T9810] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  343.905744][ T6595] bridge_slave_1: left promiscuous mode
[  343.927205][ T9810] lowmem_reserve[]: 0 2480 2482 2482 2482
[  343.935899][ T9810] Node 0 DMA32 free:1327904kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:45124kB inactive_anon:0kB active_file:54816kB inactive_file:185220kB unevictable:1536kB writepending:1780kB present:3129332kB managed:2540348kB mlocked:0kB bounce:0kB free_pcp:44124kB local_pcp:24964kB free_cma:0kB
[  343.968522][ T9810] lowmem_reserve[]: 0 0 1 1 1
[  343.973332][ T9810] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  344.088227][ T9810] lowmem_reserve[]: 0 0 0 0 0
[  344.124805][ T9810] Node 1 Normal free:3902724kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:180kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:17916kB local_pcp:9088kB free_cma:0kB
[  344.125940][ T6595] bridge0: port 2(bridge_slave_1) entered disabled state
[  344.156090][    C0] vkms_vblank_simulate: vblank timer overrun
[  344.194507][ T9810] lowmem_reserve[]: 0 0 0 0 0
[  344.199656][ T9810] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  344.215859][ T9810] Node 0 DMA32: 6391*4kB (UME) 3753*8kB (UM) 2400*16kB (UME) 1493*32kB (UME) 960*64kB (UME) 473*128kB (UM) 266*256kB (UME) 91*512kB (UME) 27*1024kB (UM) 13*2048kB (UME) 219*4096kB (UM) = 1329732kB
[  344.252695][ T6595] bridge_slave_0: left allmulticast mode
[  344.269098][ T9810] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  344.289079][ T6595] bridge_slave_0: left promiscuous mode
[  344.322233][ T9827] zswap: compressor  not available
[  344.336712][ T9833] Setting dangerous option i915.mitigations - tainting kernel
[  344.337039][ T6595] bridge0: port 1(bridge_slave_0) entered disabled state
[  344.384614][ T9810] Node 1 Normal: 205*4kB (UME) 59*8kB (UME) 46*16kB (UME) 214*32kB (UME) 73*64kB (UME) 15*128kB (UME) 3*256kB (UE) 3*512kB (UME) 0*1024kB 3*2048kB (UME) 947*4096kB (M) = 3902828kB
[  344.403498][    C0] vkms_vblank_simulate: vblank timer overrun
[  344.458257][ T9810] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  344.516473][ T9810] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  344.562948][ T9810] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  344.613238][ T9810] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  344.663709][ T9810] 61825 total pagecache pages
[  344.693207][ T9810] 0 pages in swap cache
[  344.702207][ T9810] Free swap  = 124996kB
[  344.727047][ T9810] Total swap = 124996kB
[  344.745457][ T9810] 2097051 pages RAM
[  344.749346][ T9810] 0 pages HighMem/MovableOnly
[  344.817761][ T9810] 429986 pages reserved
[  344.829766][ T9810] 0 pages cma reserved
[  345.635579][ T6595] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  345.651384][ T6595] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  345.682617][ T6595] bond0 (unregistering): Released all slaves
[  348.209014][ T9873] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  348.350893][ T6595] hsr_slave_0: left promiscuous mode
[  348.377190][ T6595] hsr_slave_1: left promiscuous mode
[  348.418937][ T6595] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  348.434835][ T6595] batman_adv: batadv0: Removing interface: batadv_slave_0
[  348.473370][ T6595] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  348.489534][ T6595] batman_adv: batadv0: Removing interface: batadv_slave_1
[  348.593380][ T6595] veth0_macvtap: left promiscuous mode
[  348.624455][ T6595] veth1_vlan: left promiscuous mode
[  348.637454][ T6595] veth0_vlan: left promiscuous mode
[  349.024552][ T9921] netlink: zone id is out of range
[  350.243296][ T6595] team0 (unregistering): Port device team_slave_1 removed
[  350.304146][ T9942] capability: warning: `syz.4.691' uses deprecated v2 capabilities in a way that may be insecure
[  350.343421][ T6595] team0 (unregistering): Port device team_slave_0 removed
[  350.932887][ T9948] FAULT_INJECTION: forcing a failure.
[  350.932887][ T9948] name failslab, interval 1, probability 0, space 0, times 0
[  350.948063][ T9948] CPU: 1 UID: 0 PID: 9948 Comm: syz.2.692 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  350.948120][ T9948] Tainted: [U]=USER
[  350.948132][ T9948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  350.948152][ T9948] Call Trace:
[  350.948163][ T9948]  <TASK>
[  350.948177][ T9948]  dump_stack_lvl+0x16c/0x1f0
[  350.948235][ T9948]  should_fail_ex+0x512/0x640
[  350.948287][ T9948]  ? fs_reclaim_acquire+0xae/0x150
[  350.948332][ T9948]  should_failslab+0xc2/0x120
[  350.948366][ T9948]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  350.948419][ T9948]  ? security_inode_alloc+0x3b/0x2b0
[  350.948465][ T9948]  security_inode_alloc+0x3b/0x2b0
[  350.948509][ T9948]  inode_init_always_gfp+0xce4/0x1030
[  350.948566][ T9948]  alloc_inode+0x86/0x240
[  350.948602][ T9948]  new_inode+0x22/0x1c0
[  350.948642][ T9948]  shmem_get_inode+0x19a/0xfb0
[  350.948692][ T9948]  shmem_symlink+0xf8/0x9f0
[  350.948749][ T9948]  ? __pfx_shmem_symlink+0x10/0x10
[  350.948800][ T9948]  ? bpf_lsm_inode_permission+0x9/0x10
[  350.948833][ T9948]  ? security_inode_permission+0xbf/0x260
[  350.948877][ T9948]  ? inode_permission+0x156/0x630
[  350.948921][ T9948]  vfs_symlink+0x403/0x680
[  350.948967][ T9948]  do_symlinkat+0x261/0x310
[  350.949024][ T9948]  ? __pfx_do_symlinkat+0x10/0x10
[  350.949086][ T9948]  ? getname_flags.part.0+0x1c5/0x550
[  350.949136][ T9948]  __x64_sys_symlink+0x75/0x90
[  350.949192][ T9948]  do_syscall_64+0xcd/0x490
[  350.949248][ T9948]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.949284][ T9948] RIP: 0033:0x7f043438e929
[  350.949311][ T9948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  350.949344][ T9948] RSP: 002b:00007f0435283038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[  350.949376][ T9948] RAX: ffffffffffffffda RBX: 00007f04345b5fa0 RCX: 00007f043438e929
[  350.949397][ T9948] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[  350.949418][ T9948] RBP: 00007f0434410b39 R08: 0000000000000000 R09: 0000000000000000
[  350.949438][ T9948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  350.949458][ T9948] R13: 0000000000000000 R14: 00007f04345b5fa0 R15: 00007ffead4947d8
[  350.949504][ T9948]  </TASK>
[  355.397960][ T9995] FAULT_INJECTION: forcing a failure.
[  355.397960][ T9995] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  355.557427][ T9995] CPU: 1 UID: 0 PID: 9995 Comm: syz.1.698 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  355.557482][ T9995] Tainted: [U]=USER
[  355.557492][ T9995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  355.557510][ T9995] Call Trace:
[  355.557520][ T9995]  <TASK>
[  355.557531][ T9995]  dump_stack_lvl+0x16c/0x1f0
[  355.557586][ T9995]  should_fail_ex+0x512/0x640
[  355.557672][ T9995]  strncpy_from_user+0x3b/0x2e0
[  355.557722][ T9995]  getname_flags.part.0+0x8f/0x550
[  355.557766][ T9995]  getname_flags+0x93/0xf0
[  355.557812][ T9995]  do_sys_openat2+0xb8/0x1d0
[  355.557849][ T9995]  ? __pfx_do_sys_openat2+0x10/0x10
[  355.557904][ T9995]  __x64_sys_openat+0x174/0x210
[  355.557942][ T9995]  ? __pfx___x64_sys_openat+0x10/0x10
[  355.557998][ T9995]  do_syscall_64+0xcd/0x490
[  355.558051][ T9995]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.558084][ T9995] RIP: 0033:0x7f6edeb8e929
[  355.558109][ T9995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.558142][ T9995] RSP: 002b:00007f6edf968038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  355.558172][ T9995] RAX: ffffffffffffffda RBX: 00007f6ededb5fa0 RCX: 00007f6edeb8e929
[  355.558194][ T9995] RDX: 000000000010b142 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  355.558215][ T9995] RBP: 00007f6edec10b39 R08: 0000000000000000 R09: 0000000000000000
[  355.558235][ T9995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  355.558254][ T9995] R13: 0000000000000000 R14: 00007f6ededb5fa0 R15: 00007ffcdacd1598
[  355.558308][ T9995]  </TASK>
[  357.582039][T10029] netlink: 28 bytes leftover after parsing attributes in process `syz.2.701'.
[  357.754899][T10029] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  357.762403][T10029] batman_adv: batadv0: Removing interface: batadv_slave_0
[  357.856962][T10029] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  357.887139][T10029] batman_adv: batadv0: Removing interface: batadv_slave_1
[  360.722273][T10084] FAULT_INJECTION: forcing a failure.
[  360.722273][T10084] name failslab, interval 1, probability 0, space 0, times 0
[  360.848066][T10084] CPU: 0 UID: 0 PID: 10084 Comm: syz.1.709 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  360.848123][T10084] Tainted: [U]=USER
[  360.848135][T10084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  360.848154][T10084] Call Trace:
[  360.848164][T10084]  <TASK>
[  360.848176][T10084]  dump_stack_lvl+0x16c/0x1f0
[  360.848231][T10084]  should_fail_ex+0x512/0x640
[  360.848278][T10084]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  360.848333][T10084]  should_failslab+0xc2/0x120
[  360.848364][T10084]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  360.848425][T10084]  ? tracefs_alloc_inode+0x2c/0x140
[  360.848464][T10084]  ? eventfs_root_lookup+0xee/0xa50
[  360.848531][T10084]  ? __pfx_tracefs_alloc_inode+0x10/0x10
[  360.848576][T10084]  tracefs_alloc_inode+0x2c/0x140
[  360.848608][T10084]  ? __pfx_tracefs_alloc_inode+0x10/0x10
[  360.848642][T10084]  alloc_inode+0x61/0x240
[  360.848669][T10084]  new_inode+0x22/0x1c0
[  360.848698][T10084]  tracefs_get_inode+0x19/0x80
[  360.848730][T10084]  eventfs_get_inode+0x53/0x520
[  360.848768][T10084]  eventfs_root_lookup+0x23c/0xa50
[  360.848805][T10084]  ? __pfx_eventfs_root_lookup+0x10/0x10
[  360.848844][T10084]  ? lockdep_init_map_type+0x5c/0x280
[  360.848884][T10084]  ? lockdep_init_map_type+0x5c/0x280
[  360.848926][T10084]  __lookup_slow+0x24e/0x460
[  360.848956][T10084]  ? __pfx___lookup_slow+0x10/0x10
[  360.849005][T10084]  ? lookup_fast+0x156/0x610
[  360.849041][T10084]  walk_component+0x353/0x5b0
[  360.849076][T10084]  link_path_walk+0x627/0xe20
[  360.849121][T10084]  path_lookupat+0x15a/0x6d0
[  360.849159][T10084]  path_openat+0x16f1/0x2cb0
[  360.849194][T10084]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.849232][T10084]  ? __pfx_path_openat+0x10/0x10
[  360.849272][T10084]  ? __lock_acquire+0xb8a/0x1c90
[  360.849311][T10084]  do_filp_open+0x20b/0x470
[  360.849348][T10084]  ? __pfx_do_filp_open+0x10/0x10
[  360.849409][T10084]  ? alloc_fd+0x471/0x7d0
[  360.849452][T10084]  do_sys_openat2+0x11b/0x1d0
[  360.849487][T10084]  ? __pfx_do_sys_openat2+0x10/0x10
[  360.849530][T10084]  __x64_sys_openat+0x174/0x210
[  360.849560][T10084]  ? __pfx___x64_sys_openat+0x10/0x10
[  360.849604][T10084]  do_syscall_64+0xcd/0x490
[  360.849645][T10084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.849670][T10084] RIP: 0033:0x7f6edeb8e929
[  360.849690][T10084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  360.849715][T10084] RSP: 002b:00007f6edf968038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  360.849739][T10084] RAX: ffffffffffffffda RBX: 00007f6ededb5fa0 RCX: 00007f6edeb8e929
[  360.849757][T10084] RDX: 0000000000600900 RSI: 0000200000000180 RDI: ffffffffffffff9c
[  360.849774][T10084] RBP: 00007f6edec10b39 R08: 0000000000000000 R09: 0000000000000000
[  360.849790][T10084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  360.849806][T10084] R13: 0000000000000000 R14: 00007f6ededb5fa0 R15: 00007ffcdacd1598
[  360.849839][T10084]  </TASK>
[  362.573582][T10095] random: crng reseeded on system resumption
[  363.174946][T10097] Unrecognized hibernate image header format!
[  363.218649][T10097] PM: hibernation: Image mismatch: architecture specific data
[  368.334344][T10218] FAULT_INJECTION: forcing a failure.
[  368.334344][T10218] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  368.354881][T10218] CPU: 0 UID: 0 PID: 10218 Comm: syz.3.723 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  368.354941][T10218] Tainted: [U]=USER
[  368.354954][T10218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  368.354974][T10218] Call Trace:
[  368.354984][T10218]  <TASK>
[  368.354995][T10218]  dump_stack_lvl+0x16c/0x1f0
[  368.355049][T10218]  should_fail_ex+0x512/0x640
[  368.355097][T10218]  should_fail_alloc_page+0xe7/0x130
[  368.355128][T10218]  prepare_alloc_pages+0x3c2/0x610
[  368.355162][T10218]  ? rcu_is_watching+0x12/0xc0
[  368.355198][T10218]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  368.355245][T10218]  ? __lock_acquire+0xb8a/0x1c90
[  368.355298][T10218]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  368.355343][T10218]  ? do_raw_spin_lock+0x12c/0x2b0
[  368.355388][T10218]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  368.355434][T10218]  ? find_held_lock+0x2b/0x80
[  368.355475][T10218]  ? __lock_acquire+0xb8a/0x1c90
[  368.355513][T10218]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  368.355560][T10218]  ? policy_nodemask+0xea/0x4e0
[  368.355590][T10218]  alloc_pages_mpol+0x1fb/0x550
[  368.355618][T10218]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  368.355656][T10218]  folio_alloc_mpol_noprof+0x36/0x2f0
[  368.355691][T10218]  shmem_alloc_folio+0x135/0x160
[  368.355735][T10218]  shmem_alloc_and_add_folio+0x499/0xc20
[  368.355786][T10218]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  368.355832][T10218]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  368.355881][T10218]  shmem_get_folio_gfp+0x67f/0x1600
[  368.355932][T10218]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  368.355988][T10218]  ? __lock_acquire+0x622/0x1c90
[  368.356029][T10218]  shmem_fault+0x1fe/0xa30
[  368.356071][T10218]  ? __pfx_shmem_fault+0x10/0x10
[  368.356117][T10218]  ? __lock_acquire+0xb8a/0x1c90
[  368.356163][T10218]  __do_fault+0x10d/0x490
[  368.356205][T10218]  ? __pfx_filemap_map_pages+0x10/0x10
[  368.356248][T10218]  __handle_mm_fault+0x374c/0x5490
[  368.356294][T10218]  ? __pfx___handle_mm_fault+0x10/0x10
[  368.356332][T10218]  ? __pte_offset_map_lock+0x174/0x310
[  368.356360][T10218]  ? find_held_lock+0x2b/0x80
[  368.356386][T10218]  ? find_held_lock+0x2b/0x80
[  368.356423][T10218]  ? follow_page_pte+0x3af/0x14c0
[  368.356478][T10218]  handle_mm_fault+0x589/0xd10
[  368.356543][T10218]  __get_user_pages+0x589/0x3b80
[  368.356591][T10218]  ? __pfx___get_user_pages+0x10/0x10
[  368.356625][T10218]  ? __pfx_down_read_killable+0x10/0x10
[  368.356654][T10218]  ? __lock_acquire+0xb8a/0x1c90
[  368.356700][T10218]  faultin_page_range+0x249/0x980
[  368.356748][T10218]  madvise_do_behavior+0x268/0x3f0
[  368.356784][T10218]  ? __pfx_madvise_do_behavior+0x10/0x10
[  368.356836][T10218]  do_madvise+0x161/0x230
[  368.356866][T10218]  ? __pfx_do_madvise+0x10/0x10
[  368.356914][T10218]  ? xfd_validate_state+0x61/0x180
[  368.356951][T10218]  ? __pfx_do_writev+0x10/0x10
[  368.356995][T10218]  __x64_sys_madvise+0xa9/0x110
[  368.357025][T10218]  ? lockdep_hardirqs_on+0x7c/0x110
[  368.357066][T10218]  do_syscall_64+0xcd/0x490
[  368.357111][T10218]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.357139][T10218] RIP: 0033:0x7fe6c758e929
[  368.357162][T10218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.357190][T10218] RSP: 002b:00007fe6c83ca038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  368.357216][T10218] RAX: ffffffffffffffda RBX: 00007fe6c77b5fa0 RCX: 00007fe6c758e929
[  368.357235][T10218] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000
[  368.357252][T10218] RBP: 00007fe6c7610b39 R08: 0000000000000000 R09: 0000000000000000
[  368.357270][T10218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  368.357286][T10218] R13: 0000000000000000 R14: 00007fe6c77b5fa0 R15: 00007ffef5d1c4c8
[  368.357323][T10218]  </TASK>
[  371.820286][T10288] netlink: 28 bytes leftover after parsing attributes in process `syz.2.734'.
[  374.599789][T10338] netlink: 8 bytes leftover after parsing attributes in process `syz.1.741'.
[  374.888026][T10336] zswap: compressor  not available
[  376.369719][T10363] WARNING! power/level is deprecated; use power/control instead
[  376.534219][T10369] can: request_module (can-proto-4) failed.
[  377.086211][T10391] FAULT_INJECTION: forcing a failure.
[  377.086211][T10391] name failslab, interval 1, probability 0, space 0, times 0
[  377.113235][T10391] CPU: 1 UID: 0 PID: 10391 Comm: syz.2.748 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  377.113305][T10391] Tainted: [U]=USER
[  377.113316][T10391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  377.113336][T10391] Call Trace:
[  377.113345][T10391]  <TASK>
[  377.113357][T10391]  dump_stack_lvl+0x16c/0x1f0
[  377.113412][T10391]  should_fail_ex+0x512/0x640
[  377.113459][T10391]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  377.113514][T10391]  should_failslab+0xc2/0x120
[  377.113545][T10391]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  377.113596][T10391]  ? __d_alloc+0x31/0xaa0
[  377.113653][T10391]  __d_alloc+0x31/0xaa0
[  377.113711][T10391]  d_alloc_pseudo+0x1c/0xc0
[  377.113747][T10391]  alloc_file_pseudo+0xcf/0x230
[  377.113785][T10391]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  377.113821][T10391]  ? alloc_fd+0x471/0x7d0
[  377.113863][T10391]  sock_alloc_file+0x50/0x210
[  377.113909][T10391]  __sys_socket+0x1c0/0x260
[  377.113948][T10391]  ? __pfx___sys_socket+0x10/0x10
[  377.113980][T10391]  ? xfd_validate_state+0x61/0x180
[  377.114018][T10391]  ? __task_pid_nr_ns+0x17c/0x500
[  377.114063][T10391]  __x64_sys_socket+0x72/0xb0
[  377.114093][T10391]  ? lockdep_hardirqs_on+0x7c/0x110
[  377.114132][T10391]  do_syscall_64+0xcd/0x490
[  377.114176][T10391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.114203][T10391] RIP: 0033:0x7f043438e929
[  377.114225][T10391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  377.114253][T10391] RSP: 002b:00007f0435283038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  377.114278][T10391] RAX: ffffffffffffffda RBX: 00007f04345b5fa0 RCX: 00007f043438e929
[  377.114296][T10391] RDX: 0010000000000002 RSI: 0000000000000002 RDI: 2000000000000021
[  377.114313][T10391] RBP: 00007f0434410b39 R08: 0000000000000000 R09: 0000000000000000
[  377.114329][T10391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  377.114345][T10391] R13: 0000000000000000 R14: 00007f04345b5fa0 R15: 00007ffead4947d8
[  377.114380][T10391]  </TASK>
[  377.328716][    C1] vkms_vblank_simulate: vblank timer overrun
[  378.025125][T10407] netlink: 28 bytes leftover after parsing attributes in process `syz.2.751'.
[  378.205207][T10401] can: request_module (can-proto-5) failed.
[  378.787205][T10407] team0: Port device team_slave_0 removed
[  379.357633][T10427] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23
[  379.865558][T10441] random: crng reseeded on system resumption
[  382.105769][T10478] FAULT_INJECTION: forcing a failure.
[  382.105769][T10478] name failslab, interval 1, probability 0, space 0, times 0
[  382.147367][T10478] CPU: 0 UID: 0 PID: 10478 Comm: syz.1.762 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  382.147426][T10478] Tainted: [U]=USER
[  382.147439][T10478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  382.147460][T10478] Call Trace:
[  382.147470][T10478]  <TASK>
[  382.147485][T10478]  dump_stack_lvl+0x16c/0x1f0
[  382.147545][T10478]  should_fail_ex+0x512/0x640
[  382.147593][T10478]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  382.147654][T10478]  should_failslab+0xc2/0x120
[  382.147688][T10478]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  382.147744][T10478]  ? __d_alloc+0x31/0xaa0
[  382.147803][T10478]  __d_alloc+0x31/0xaa0
[  382.147863][T10478]  d_alloc_pseudo+0x1c/0xc0
[  382.147902][T10478]  alloc_file_pseudo+0xcf/0x230
[  382.147943][T10478]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  382.147995][T10478]  __shmem_file_setup+0x1a3/0x330
[  382.148046][T10478]  shmem_zero_setup+0x93/0x1a0
[  382.148100][T10478]  __mmap_region+0x1ece/0x25e0
[  382.148159][T10478]  ? __pfx___mmap_region+0x10/0x10
[  382.148211][T10478]  ? rcu_is_watching+0x12/0xc0
[  382.148267][T10478]  ? rcu_is_watching+0x12/0xc0
[  382.148305][T10478]  ? trace_sched_exit_tp+0xde/0x130
[  382.148350][T10478]  ? __schedule+0x1181/0x5de0
[  382.148392][T10478]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  382.148442][T10478]  ? __lock_acquire+0xb71/0x1c90
[  382.148507][T10478]  ? __pfx___schedule+0x10/0x10
[  382.148606][T10478]  ? trace_cap_capable+0x18d/0x200
[  382.148656][T10478]  mmap_region+0x1ab/0x3f0
[  382.148709][T10478]  ? __get_unmapped_area+0x267/0x440
[  382.148754][T10478]  do_mmap+0xa3e/0x1210
[  382.148802][T10478]  ? __pfx_do_mmap+0x10/0x10
[  382.148842][T10478]  ? __pfx_down_write_killable+0x10/0x10
[  382.148886][T10478]  vm_mmap_pgoff+0x281/0x450
[  382.148930][T10478]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  382.148977][T10478]  ? __x64_sys_futex+0x1e0/0x4c0
[  382.149019][T10478]  ? __x64_sys_futex+0x1e9/0x4c0
[  382.149069][T10478]  ksys_mmap_pgoff+0x7d/0x5c0
[  382.149106][T10478]  ? xfd_validate_state+0x61/0x180
[  382.149151][T10478]  ? __pfx_ksys_write+0x10/0x10
[  382.149206][T10478]  __x64_sys_mmap+0x125/0x190
[  382.149272][T10478]  do_syscall_64+0xcd/0x490
[  382.149329][T10478]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.149365][T10478] RIP: 0033:0x7f6edeb8e929
[  382.149392][T10478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.149426][T10478] RSP: 002b:00007f6edf968038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  382.149458][T10478] RAX: ffffffffffffffda RBX: 00007f6ededb5fa0 RCX: 00007f6edeb8e929
[  382.149482][T10478] RDX: 00000000000000df RSI: 000000000000e983 RDI: 0000000000000000
[  382.149502][T10478] RBP: 00007f6edec10b39 R08: 0000000000000401 R09: 0000000000008000
[  382.149523][T10478] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  382.149544][T10478] R13: 0000000000000000 R14: 00007f6ededb5fa0 R15: 00007ffcdacd1598
[  382.149587][T10478]  </TASK>
[  385.275066][T10524] netlink: 342 bytes leftover after parsing attributes in process `syz.1.775'.
[  385.300801][T10524] netlink: 102 bytes leftover after parsing attributes in process `syz.1.775'.
[  386.520855][T10547] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  388.148134][T10566] netlink: 28 bytes leftover after parsing attributes in process `syz.1.772'.
[  388.204370][T10567] netlink: 4 bytes leftover after parsing attributes in process `syz.1.772'.
[  388.843692][T10585] : Can't lookup blockdev
[  388.849342][T10588] : Can't lookup blockdev
[  388.959435][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  388.967076][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  390.068316][T10601] netlink: 28 bytes leftover after parsing attributes in process `syz.1.778'.
[  390.093441][T10601] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  390.118595][T10601] batman_adv: batadv0: Removing interface: batadv_slave_0
[  390.252458][T10601] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  390.288417][T10601] batman_adv: batadv0: Removing interface: batadv_slave_1
[  390.579221][T10607] snd_aloop snd_aloop.0: control 1:6:-2147483647:���_�he�R��:6 is already present
[  393.948726][T10675] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24
[  396.314499][T10706] netlink: 2468 bytes leftover after parsing attributes in process `syz.4.788'.
[  400.265177][T10784] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [2147479552].
[  400.636897][T10788] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff8163ece9 (__mcheck_cpu_init_clear_banks+0x109/0x1f0)
[  400.652587][T10788] Call Trace:
[  400.655914][T10788]  <TASK>
[  400.658882][T10788]  ? __pfx_mce_cpu_restart+0x10/0x10
[  400.664223][T10788]  mce_cpu_restart+0x98/0xb0
[  400.668875][T10788]  smp_call_function_many_cond+0xef9/0x1510
[  400.674807][T10788]  ? __pfx_mce_cpu_restart+0x10/0x10
[  400.680158][T10788]  ? lockdep_hardirqs_on+0x7c/0x110
[  400.685499][T10788]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  400.691357][T10788]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  400.697742][T10788]  ? __pfx___try_to_del_timer_sync+0x10/0x10
[  400.703791][T10788]  ? __pfx_mce_cpu_restart+0x10/0x10
[  400.709158][T10788]  on_each_cpu_cond_mask+0x40/0x90
[  400.714315][T10788]  set_bank+0x240/0x3a0
[  400.718521][T10788]  ? __pfx_set_bank+0x10/0x10
[  400.723248][T10788]  ? find_held_lock+0x2b/0x80
[  400.727969][T10788]  ? __pfx_set_bank+0x10/0x10
[  400.732695][T10788]  dev_attr_store+0x58/0x80
[  400.737235][T10788]  ? __pfx_dev_attr_store+0x10/0x10
[  400.742471][T10788]  sysfs_kf_write+0xef/0x150
[  400.747103][T10788]  kernfs_fop_write_iter+0x354/0x510
[  400.752429][T10788]  ? __pfx_sysfs_kf_write+0x10/0x10
[  400.757679][T10788]  vfs_write+0x6c4/0x1150
[  400.762063][T10788]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  400.767919][T10788]  ? __pfx___mutex_lock+0x10/0x10
[  400.773012][T10788]  ? __pfx_vfs_write+0x10/0x10
[  400.777859][T10788]  ksys_write+0x12a/0x250
[  400.782238][T10788]  ? __pfx_ksys_write+0x10/0x10
[  400.787146][T10788]  do_syscall_64+0xcd/0x490
[  400.791701][T10788]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.797627][T10788] RIP: 0033:0x7f6edeb8e929
[  400.802159][T10788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.821812][T10788] RSP: 002b:00007f6edf968038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  400.830266][T10788] RAX: ffffffffffffffda RBX: 00007f6ededb5fa0 RCX: 00007f6edeb8e929
[  400.838275][T10788] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000003
[  400.846287][T10788] RBP: 00007f6edec10b39 R08: 0000000000000000 R09: 0000000000000000
[  400.854302][T10788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  400.862314][T10788] R13: 0000000000000000 R14: 00007f6ededb5fa0 R15: 00007ffcdacd1598
[  400.870337][T10788]  </TASK>
[  401.400473][T10804] netlink: 'syz.3.803': attribute type 1 has an invalid length.
[  401.580977][T10813] FAULT_INJECTION: forcing a failure.
[  401.580977][T10813] name fail_futex, interval 1, probability 0, space 0, times 0
[  401.601065][T10813] CPU: 1 UID: 0 PID: 10813 Comm: syz.1.804 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  401.601119][T10813] Tainted: [U]=USER
[  401.601126][T10813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  401.601140][T10813] Call Trace:
[  401.601147][T10813]  <TASK>
[  401.601155][T10813]  dump_stack_lvl+0x16c/0x1f0
[  401.601195][T10813]  should_fail_ex+0x512/0x640
[  401.601233][T10813]  get_futex_key+0x1d0/0x1540
[  401.601264][T10813]  ? __pfx_get_futex_key+0x10/0x10
[  401.601288][T10813]  ? stack_depot_save_flags+0x28/0xa40
[  401.601333][T10813]  futex_wait_setup+0x84/0x510
[  401.601373][T10813]  __futex_wait+0x194/0x2f0
[  401.601407][T10813]  ? __pfx___futex_wait+0x10/0x10
[  401.601445][T10813]  ? __pfx_futex_wake_mark+0x10/0x10
[  401.601489][T10813]  ? __futex_hash.constprop.0+0x1e9/0x440
[  401.601518][T10813]  futex_wait+0xe8/0x380
[  401.601583][T10813]  ? __pfx_futex_wait+0x10/0x10
[  401.601617][T10813]  ? rcu_is_watching+0x12/0xc0
[  401.601649][T10813]  ? lockdep_init_map_type+0x5c/0x280
[  401.601691][T10813]  do_futex+0x229/0x350
[  401.601721][T10813]  ? __pfx_do_futex+0x10/0x10
[  401.601759][T10813]  __x64_sys_futex+0x1e0/0x4c0
[  401.601792][T10813]  ? __pfx___x64_sys_futex+0x10/0x10
[  401.601823][T10813]  ? fd_install+0x244/0x750
[  401.601863][T10813]  do_syscall_64+0xcd/0x490
[  401.601902][T10813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.601926][T10813] RIP: 0033:0x7f6edeb8e929
[  401.601944][T10813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.601967][T10813] RSP: 002b:00007f6edf9680e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  401.601990][T10813] RAX: ffffffffffffffda RBX: 00007f6ededb5fa8 RCX: 00007f6edeb8e929
[  401.602006][T10813] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6ededb5fa8
[  401.602020][T10813] RBP: 00007f6ededb5fa0 R08: 0000000000000000 R09: 0000000000000000
[  401.602035][T10813] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6ededb5fac
[  401.602049][T10813] R13: 0000000000000000 R14: 00007ffcdacd14b0 R15: 00007ffcdacd1598
[  401.602078][T10813]  </TASK>
[  401.963929][T10813] Process accounting resumed
[  402.753351][T10827] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.806'.
[  405.475056][T10907] FAULT_INJECTION: forcing a failure.
[  405.475056][T10907] name failslab, interval 1, probability 0, space 0, times 0
[  405.547304][T10907] CPU: 1 UID: 0 PID: 10907 Comm: syz.3.820 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  405.547370][T10907] Tainted: [U]=USER
[  405.547382][T10907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  405.547409][T10907] Call Trace:
[  405.547420][T10907]  <TASK>
[  405.547432][T10907]  dump_stack_lvl+0x16c/0x1f0
[  405.547490][T10907]  should_fail_ex+0x512/0x640
[  405.547539][T10907]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  405.547591][T10907]  should_failslab+0xc2/0x120
[  405.547633][T10907]  __kmalloc_cache_noprof+0x6a/0x3e0
[  405.547681][T10907]  ? alloc_tty_struct+0x96/0x8c0
[  405.547722][T10907]  alloc_tty_struct+0x96/0x8c0
[  405.547757][T10907]  ? __pfx_alloc_tty_struct+0x10/0x10
[  405.547806][T10907]  tty_init_dev.part.0+0x1e/0x500
[  405.547841][T10907]  tty_open+0xa50/0xf90
[  405.547883][T10907]  ? __pfx_tty_open+0x10/0x10
[  405.547921][T10907]  ? chrdev_open+0x10b/0x6a0
[  405.547981][T10907]  ? __pfx_tty_open+0x10/0x10
[  405.548013][T10907]  chrdev_open+0x234/0x6a0
[  405.548065][T10907]  ? __pfx_apparmor_file_open+0x10/0x10
[  405.548109][T10907]  ? __pfx_chrdev_open+0x10/0x10
[  405.548167][T10907]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  405.548222][T10907]  do_dentry_open+0x741/0x1c10
[  405.548281][T10907]  ? __pfx_chrdev_open+0x10/0x10
[  405.548344][T10907]  vfs_open+0x82/0x3f0
[  405.548391][T10907]  path_openat+0x1de4/0x2cb0
[  405.548464][T10907]  ? __pfx_path_openat+0x10/0x10
[  405.548518][T10907]  ? __lock_acquire+0xb8a/0x1c90
[  405.548573][T10907]  do_filp_open+0x20b/0x470
[  405.548624][T10907]  ? __pfx_do_filp_open+0x10/0x10
[  405.548709][T10907]  ? alloc_fd+0x471/0x7d0
[  405.548768][T10907]  do_sys_openat2+0x11b/0x1d0
[  405.548807][T10907]  ? __pfx_do_sys_openat2+0x10/0x10
[  405.548864][T10907]  __x64_sys_openat+0x174/0x210
[  405.548905][T10907]  ? __pfx___x64_sys_openat+0x10/0x10
[  405.548964][T10907]  do_syscall_64+0xcd/0x490
[  405.549019][T10907]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.549053][T10907] RIP: 0033:0x7fe6c758e929
[  405.549080][T10907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  405.549114][T10907] RSP: 002b:00007fe6c83a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  405.549153][T10907] RAX: ffffffffffffffda RBX: 00007fe6c77b6080 RCX: 00007fe6c758e929
[  405.549176][T10907] RDX: 0000000000020000 RSI: 0000200000000840 RDI: ffffffffffffff9c
[  405.549199][T10907] RBP: 00007fe6c7610b39 R08: 0000000000000000 R09: 0000000000000000
[  405.549221][T10907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  405.549241][T10907] R13: 0000000000000000 R14: 00007fe6c77b6080 R15: 00007ffef5d1c4c8
[  405.549286][T10907]  </TASK>
[  406.150418][   T30] audit: type=1800 audit(6047222517.534:11): pid=10919 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.821" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0
[  407.288202][T10947] netlink: 206 bytes leftover after parsing attributes in process `syz.2.827'.
[  408.463174][T10979] netlink: 338 bytes leftover after parsing attributes in process `syz.3.831'.
[  408.495343][T10979] netlink: 338 bytes leftover after parsing attributes in process `syz.3.831'.
[  409.373810][   T51] Bluetooth: hci2: unexpected subevent 0x01 length: 122 > 18
[  412.024367][T11046] can: request_module (can-proto-5) failed.
[  412.598168][T11052] Invalid ELF header magic: != ELF
[  415.220955][T11082] Invalid ELF header magic: != ELF
[  415.381928][T11124] netlink: 20 bytes leftover after parsing attributes in process `syz.4.849'.
[  417.737035][   T30] audit: type=1800 audit(6047222529.104:12): pid=11194 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.862" name="members" dev="configfs" ino=34109 res=0 errno=0
[  418.122649][T11199] netlink: 342 bytes leftover after parsing attributes in process `syz.3.863'.
[  418.637341][T11221] can: request_module (can-proto-5) failed.
[  418.882281][T11235] netlink: 326 bytes leftover after parsing attributes in process `syz.2.873'.
[  418.943057][T11225] program syz.1.869 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  422.381705][T11297] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26
[  422.828824][T11298] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27
[  423.099503][T11297] netlink: 500 bytes leftover after parsing attributes in process `syz.1.885'.
[  424.074857][T11332] can: request_module (can-proto-5) failed.
[  424.814702][   T30] audit: type=1804 audit(6047222536.164:13): pid=11343 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.893" name="/newroot/228/file0" dev="tmpfs" ino=1221 res=1 errno=0
[  424.878457][   T30] audit: type=1800 audit(6047222536.164:14): pid=11343 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.893" name="file0" dev="tmpfs" ino=1221 res=0 errno=0
[  426.593063][T11372] netlink: 330 bytes leftover after parsing attributes in process `syz.3.900'.
[  426.824904][T11377] netlink: 2468 bytes leftover after parsing attributes in process `syz.4.902'.
[  427.068038][T11381] openvswitch: netlink: nsh attribute has 14 unknown bytes.
[  429.405513][T11419] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.912'.
[  432.102342][T11476] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.925'.
[  432.960191][T11476] Process accounting paused
[  435.539543][T11542] netlink: 98 bytes leftover after parsing attributes in process `syz.3.936'.
[  435.920942][T11538] FAULT_INJECTION: forcing a failure.
[  435.920942][T11538] name failslab, interval 1, probability 0, space 0, times 0
[  435.945734][T11538] CPU: 1 UID: 0 PID: 11538 Comm: syz.1.935 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  435.945775][T11538] Tainted: [U]=USER
[  435.945782][T11538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  435.945796][T11538] Call Trace:
[  435.945804][T11538]  <TASK>
[  435.945813][T11538]  dump_stack_lvl+0x16c/0x1f0
[  435.945854][T11538]  should_fail_ex+0x512/0x640
[  435.945888][T11538]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  435.945928][T11538]  should_failslab+0xc2/0x120
[  435.945951][T11538]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  435.945987][T11538]  ? __pfx___might_resched+0x10/0x10
[  435.946013][T11538]  ? __anon_vma_prepare+0xae/0x5e0
[  435.946052][T11538]  __anon_vma_prepare+0xae/0x5e0
[  435.946089][T11538]  __vmf_anon_prepare+0x11c/0x240
[  435.946118][T11538]  __handle_mm_fault+0x27f6/0x5490
[  435.946158][T11538]  ? __pfx___handle_mm_fault+0x10/0x10
[  435.946191][T11538]  ? __pte_offset_map_lock+0x174/0x310
[  435.946216][T11538]  ? find_held_lock+0x2b/0x80
[  435.946240][T11538]  ? find_held_lock+0x2b/0x80
[  435.946271][T11538]  ? follow_page_pte+0x3af/0x14c0
[  435.946305][T11538]  handle_mm_fault+0x589/0xd10
[  435.946343][T11538]  __get_user_pages+0x589/0x3b80
[  435.946379][T11538]  ? __pfx_mt_find+0x10/0x10
[  435.946408][T11538]  ? __pfx___get_user_pages+0x10/0x10
[  435.946447][T11538]  populate_vma_page_range+0x278/0x3a0
[  435.946479][T11538]  ? __pfx_populate_vma_page_range+0x10/0x10
[  435.946507][T11538]  ? __pfx_find_vma_intersection+0x10/0x10
[  435.946537][T11538]  ? do_mmap+0x69c/0x1210
[  435.946566][T11538]  __mm_populate+0x1d8/0x380
[  435.946605][T11538]  ? __pfx___mm_populate+0x10/0x10
[  435.946649][T11538]  ? up_write+0x1b2/0x520
[  435.946708][T11538]  vm_mmap_pgoff+0x362/0x450
[  435.946741][T11538]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  435.946772][T11538]  ? __x64_sys_futex+0x1e0/0x4c0
[  435.946800][T11538]  ? __x64_sys_futex+0x1e9/0x4c0
[  435.946833][T11538]  ksys_mmap_pgoff+0x7d/0x5c0
[  435.946859][T11538]  ? xfd_validate_state+0x61/0x180
[  435.946891][T11538]  ? __pfx_ksys_write+0x10/0x10
[  435.946929][T11538]  __x64_sys_mmap+0x125/0x190
[  435.946966][T11538]  do_syscall_64+0xcd/0x490
[  435.947005][T11538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.947029][T11538] RIP: 0033:0x7f6edeb8e929
[  435.947048][T11538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  435.947071][T11538] RSP: 002b:00007f6edf968038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  435.947093][T11538] RAX: ffffffffffffffda RBX: 00007f6ededb5fa0 RCX: 00007f6edeb8e929
[  435.947109][T11538] RDX: 00000000000000df RSI: 0000000000000003 RDI: 0000000000000000
[  435.947123][T11538] RBP: 00007f6edec10b39 R08: 0000000000000002 R09: 0000000000008000
[  435.947138][T11538] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  435.947152][T11538] R13: 0000000000000000 R14: 00007f6ededb5fa0 R15: 00007ffcdacd1598
[  435.947181][T11538]  </TASK>
[  435.954478][T11547] can: request_module (can-proto-5) failed.
[  436.895834][T11557] netlink: 'syz.3.940': attribute type 11 has an invalid length.
[  436.914847][T11557] netlink: 'syz.3.940': attribute type 11 has an invalid length.
[  436.922624][T11557] netlink: 'syz.3.940': attribute type 11 has an invalid length.
[  438.451707][T11584] netlink: 28 bytes leftover after parsing attributes in process `syz.4.944'.
[  438.461565][T11591] netlink: 28 bytes leftover after parsing attributes in process `syz.4.944'.
[  438.885635][T11605] can: request_module (can-proto-5) failed.
[  438.974912][T11002] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  438.974959][T11002] Bluetooth: hci2: unexpected subevent 0x0e length: 725 > 15
[  438.990159][T11002] Bluetooth: hci2: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f
[  439.194776][   T30] audit: type=1804 audit(6047222550.574:15): pid=11610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.950" name="/newroot/246/file0" dev="tmpfs" ino=1302 res=1 errno=0
[  439.456538][T11618] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.951'.
[  441.466131][T11656] IPVS: length: 131 != 320
[  441.619552][T11649] sd 0:0:1:0: PR command failed: 1026
[  441.635227][T11649] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  441.656612][T11649] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  443.915998][T11696] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28
[  444.597350][T11702] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29
[  445.204497][T11727] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30
[  445.870593][T11728] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input31
[  446.645112][T11737] ima: policy update failed
[  446.655740][   T30] audit: type=1802 audit(6047222558.034:16): pid=11737 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.974" res=0 errno=0
[  446.688655][T11748] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input32
[  447.933617][T11772] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  448.547706][T11788] FAULT_INJECTION: forcing a failure.
[  448.547706][T11788] name failslab, interval 1, probability 0, space 0, times 0
[  448.667962][T11788] CPU: 0 UID: 0 PID: 11788 Comm: syz.3.985 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  448.668020][T11788] Tainted: [U]=USER
[  448.668031][T11788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  448.668052][T11788] Call Trace:
[  448.668063][T11788]  <TASK>
[  448.668075][T11788]  dump_stack_lvl+0x16c/0x1f0
[  448.668132][T11788]  should_fail_ex+0x512/0x640
[  448.668181][T11788]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  448.668221][T11788]  should_failslab+0xc2/0x120
[  448.668245][T11788]  __kmalloc_cache_noprof+0x6a/0x3e0
[  448.668278][T11788]  ? nci_allocate_device+0x105/0x430
[  448.668318][T11788]  nci_allocate_device+0x105/0x430
[  448.668351][T11788]  virtual_ncidev_open+0x6f/0x220
[  448.668382][T11788]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  448.668412][T11788]  misc_open+0x35d/0x420
[  448.668442][T11788]  ? __pfx_misc_open+0x10/0x10
[  448.668471][T11788]  chrdev_open+0x234/0x6a0
[  448.668508][T11788]  ? __pfx_apparmor_file_open+0x10/0x10
[  448.668539][T11788]  ? __pfx_chrdev_open+0x10/0x10
[  448.668594][T11788]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  448.668630][T11788]  do_dentry_open+0x741/0x1c10
[  448.668666][T11788]  ? __pfx_chrdev_open+0x10/0x10
[  448.668708][T11788]  vfs_open+0x82/0x3f0
[  448.668735][T11788]  path_openat+0x1de4/0x2cb0
[  448.668778][T11788]  ? __pfx_path_openat+0x10/0x10
[  448.668813][T11788]  ? __lock_acquire+0xb8a/0x1c90
[  448.668849][T11788]  do_filp_open+0x20b/0x470
[  448.668883][T11788]  ? __pfx_do_filp_open+0x10/0x10
[  448.668937][T11788]  ? alloc_fd+0x471/0x7d0
[  448.668975][T11788]  do_sys_openat2+0x11b/0x1d0
[  448.669000][T11788]  ? __pfx_do_sys_openat2+0x10/0x10
[  448.669037][T11788]  __x64_sys_openat+0x174/0x210
[  448.669064][T11788]  ? __pfx___x64_sys_openat+0x10/0x10
[  448.669116][T11788]  do_syscall_64+0xcd/0x490
[  448.669170][T11788]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.669204][T11788] RIP: 0033:0x7fe6c758e929
[  448.669230][T11788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  448.669293][T11788] RSP: 002b:00007fe6c83ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  448.669332][T11788] RAX: ffffffffffffffda RBX: 00007fe6c77b5fa0 RCX: 00007fe6c758e929
[  448.669355][T11788] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  448.669377][T11788] RBP: 00007fe6c7610b39 R08: 0000000000000000 R09: 0000000000000000
[  448.669399][T11788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  448.669419][T11788] R13: 0000000000000000 R14: 00007fe6c77b5fa0 R15: 00007ffef5d1c4c8
[  448.669464][T11788]  </TASK>
[  450.398492][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  450.405347][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  450.924155][T11823] can: request_module (can-proto-0) failed.
[  451.514932][T11799] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[  451.521330][T11002] Bluetooth: hci1: command 0x0c1a tx timeout
[  451.651088][T11799] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  451.658838][T11799] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  451.665129][T11799] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  451.678151][T11799] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  451.685878][T11799] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  451.939079][T11844] can: request_module (can-proto-5) failed.
[  453.247120][T11890] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  453.295406][T11890] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  453.336436][   T30] audit: type=1804 audit(6047222564.704:17): pid=11889 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1002" name="/newroot/259/file0" dev="tmpfs" ino=1385 res=1 errno=0
[  453.539586][T11887] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.1003'.
[  453.594703][T11002] Bluetooth: hci3: command 0x0c1a tx timeout
[  453.675063][T11002] Bluetooth: hci2: command 0x0c1a tx timeout
[  453.759741][T11002] Bluetooth: hci4: command 0x0c1a tx timeout
[  453.760057][T11898] can: request_module (can-proto-5) failed.
[  453.898438][T11910] FAULT_INJECTION: forcing a failure.
[  453.898438][T11910] name fail_futex, interval 1, probability 0, space 0, times 0
[  453.945031][T11910] CPU: 1 UID: 0 PID: 11910 Comm: syz.3.1008 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  453.945086][T11910] Tainted: [U]=USER
[  453.945098][T11910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  453.945118][T11910] Call Trace:
[  453.945128][T11910]  <TASK>
[  453.945141][T11910]  dump_stack_lvl+0x16c/0x1f0
[  453.945198][T11910]  should_fail_ex+0x512/0x640
[  453.945255][T11910]  get_futex_key+0x1d0/0x1540
[  453.945299][T11910]  ? kernfs_put_active+0x86/0xe0
[  453.945353][T11910]  ? __pfx_get_futex_key+0x10/0x10
[  453.945394][T11910]  ? seq_read_iter+0x6b/0x12c0
[  453.945449][T11910]  futex_wake+0xe7/0x4e0
[  453.945501][T11910]  ? __pfx_futex_wake+0x10/0x10
[  453.945560][T11910]  ? ksys_read+0x190/0x250
[  453.945616][T11910]  do_futex+0x1e3/0x350
[  453.945661][T11910]  ? __pfx_do_futex+0x10/0x10
[  453.945715][T11910]  __x64_sys_futex+0x1e0/0x4c0
[  453.945762][T11910]  ? fput+0x70/0xf0
[  453.945793][T11910]  ? __pfx___x64_sys_futex+0x10/0x10
[  453.945834][T11910]  ? ksys_read+0x1ac/0x250
[  453.945880][T11910]  ? __pfx_ksys_read+0x10/0x10
[  453.945943][T11910]  do_syscall_64+0xcd/0x490
[  453.945997][T11910]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.946040][T11910] RIP: 0033:0x7fe6c758e929
[  453.946067][T11910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  453.946102][T11910] RSP: 002b:00007fe6c83ca0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  453.946134][T11910] RAX: ffffffffffffffda RBX: 00007fe6c77b5fa8 RCX: 00007fe6c758e929
[  453.946157][T11910] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe6c77b5fac
[  453.946178][T11910] RBP: 00007fe6c77b5fa0 R08: 00007fe6c83cb000 R09: 0000000000000000
[  453.946199][T11910] R10: 0000000000000002 R11: 0000000000000246 R12: 00007fe6c77b5fac
[  453.946220][T11910] R13: 0000000000000000 R14: 00007ffef5d1c3e0 R15: 00007ffef5d1c4c8
[  453.946261][T11910]  </TASK>
[  453.981715][T11899] mkiss: ax0: crc mode is auto.
[  454.095897][T11915] FAULT_INJECTION: forcing a failure.
[  454.095897][T11915] name failslab, interval 1, probability 0, space 0, times 0
[  454.189408][T11915] CPU: 1 UID: 0 PID: 11915 Comm: syz.1.1009 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  454.189465][T11915] Tainted: [U]=USER
[  454.189476][T11915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  454.189495][T11915] Call Trace:
[  454.189506][T11915]  <TASK>
[  454.189517][T11915]  dump_stack_lvl+0x16c/0x1f0
[  454.189573][T11915]  should_fail_ex+0x512/0x640
[  454.189619][T11915]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  454.189672][T11915]  should_failslab+0xc2/0x120
[  454.189703][T11915]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  454.189754][T11915]  ? new_userfaultfd+0x79/0x3d0
[  454.189809][T11915]  new_userfaultfd+0x79/0x3d0
[  454.189844][T11915]  __x64_sys_userfaultfd+0x4b/0xb0
[  454.189883][T11915]  do_syscall_64+0xcd/0x490
[  454.189939][T11915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  454.189975][T11915] RIP: 0033:0x7f6edeb8e929
[  454.190002][T11915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  454.190036][T11915] RSP: 002b:00007f6edf968038 EFLAGS: 00000246 ORIG_RAX: 0000000000000143
[  454.190068][T11915] RAX: ffffffffffffffda RBX: 00007f6ededb5fa0 RCX: 00007f6edeb8e929
[  454.190088][T11915] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  454.190106][T11915] RBP: 00007f6edec10b39 R08: 0000000000000000 R09: 0000000000000000
[  454.190124][T11915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  454.190143][T11915] R13: 0000000000000000 R14: 00007f6ededb5fa0 R15: 00007ffcdacd1598
[  454.190182][T11915]  </TASK>
[  455.766354][T11002] Bluetooth: hci2: command 0x0c1a tx timeout
[  455.835391][T11002] Bluetooth: hci4: command 0x0c1a tx timeout
[  457.460078][T11969] GUP no longer grows the stack in syz.1.1016 (11969): 14000-401000 (4000)
[  457.501536][T11969] CPU: 0 UID: 0 PID: 11969 Comm: syz.1.1016 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  457.501590][T11969] Tainted: [U]=USER
[  457.501602][T11969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  457.501621][T11969] Call Trace:
[  457.501631][T11969]  <TASK>
[  457.501644][T11969]  dump_stack_lvl+0x16c/0x1f0
[  457.501699][T11969]  gup_vma_lookup+0x1d2/0x220
[  457.501737][T11969]  __get_user_pages+0x271/0x3b80
[  457.501788][T11969]  ? __pfx___schedule+0x10/0x10
[  457.501835][T11969]  ? __pfx___get_user_pages+0x10/0x10
[  457.501891][T11969]  __gup_longterm_locked+0x20d/0x1840
[  457.501945][T11969]  ? __pfx___gup_longterm_locked+0x10/0x10
[  457.501983][T11969]  ? __pfx_rwsem_down_read_slowpath+0x10/0x10
[  457.502038][T11969]  pin_user_pages_remote+0xed/0x140
[  457.502081][T11969]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  457.502120][T11969]  ? mm_access+0x22d/0x2e0
[  457.502177][T11969]  process_vm_rw_core.constprop.0+0x41b/0x9a0
[  457.502255][T11969]  ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[  457.502315][T11969]  ? iovec_from_user+0xbb/0x140
[  457.502366][T11969]  ? iovec_from_user+0xbb/0x140
[  457.502401][T11969]  process_vm_rw+0x216/0x2c0
[  457.502435][T11969]  ? __pfx_process_vm_rw+0x10/0x10
[  457.502531][T11969]  ? __pfx___x64_sys_futex+0x10/0x10
[  457.502594][T11969]  ? __task_pid_nr_ns+0x17c/0x500
[  457.502648][T11969]  __x64_sys_process_vm_readv+0xe2/0x1c0
[  457.502683][T11969]  ? do_syscall_64+0x91/0x490
[  457.502734][T11969]  ? lockdep_hardirqs_on+0x7c/0x110
[  457.502784][T11969]  do_syscall_64+0xcd/0x490
[  457.502840][T11969]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  457.502875][T11969] RIP: 0033:0x7f6edeb8e929
[  457.502901][T11969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  457.502935][T11969] RSP: 002b:00007f6edf926038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  457.502967][T11969] RAX: ffffffffffffffda RBX: 00007f6ededb6160 RCX: 00007f6edeb8e929
[  457.502990][T11969] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 00000000000004dd
[  457.503010][T11969] RBP: 00007f6edec10b39 R08: 0000000000000003 R09: 0000000000000000
[  457.503031][T11969] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000
[  457.503052][T11969] R13: 0000000000000000 R14: 00007f6ededb6160 R15: 00007ffcdacd1598
[  457.503097][T11969]  </TASK>
[  459.632761][T12002] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1025'.
[  460.507868][T12017] can: request_module (can-proto-5) failed.
[  461.333176][T12035] can: request_module (can-proto-3) failed.
[  462.007459][T12046] binder: 12036:12046 ioctl c00c620f 200000000340 returned -22
[  463.071160][T12072] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33
[  465.017885][T12096] can: request_module (can-proto-5) failed.
[  469.952643][T12178] FAULT_INJECTION: forcing a failure.
[  469.952643][T12178] name failslab, interval 1, probability 0, space 0, times 0
[  470.052030][T12178] CPU: 1 UID: 0 PID: 12178 Comm: syz.4.1054 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  470.052086][T12178] Tainted: [U]=USER
[  470.052097][T12178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  470.052116][T12178] Call Trace:
[  470.052127][T12178]  <TASK>
[  470.052140][T12178]  dump_stack_lvl+0x16c/0x1f0
[  470.052197][T12178]  should_fail_ex+0x512/0x640
[  470.052245][T12178]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  470.052305][T12178]  should_failslab+0xc2/0x120
[  470.052335][T12178]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  470.052402][T12178]  ? proc_create_reg+0xe3/0x180
[  470.052435][T12178]  ? fib_notifier_ops_register+0x32/0x270
[  470.052496][T12178]  ? __pfx_ipmr_net_init+0x10/0x10
[  470.052533][T12178]  kmemdup_noprof+0x29/0x60
[  470.052586][T12178]  fib_notifier_ops_register+0x32/0x270
[  470.052643][T12178]  ? __pfx_ipmr_net_init+0x10/0x10
[  470.052678][T12178]  ipmr_net_init+0x57/0x4e0
[  470.052713][T12178]  ? __pfx_ipmr_net_init+0x10/0x10
[  470.052748][T12178]  ops_init+0x1e2/0x5f0
[  470.052807][T12178]  setup_net+0x1ff/0x510
[  470.052859][T12178]  ? lockdep_init_map_type+0x5c/0x280
[  470.052910][T12178]  ? __pfx_setup_net+0x10/0x10
[  470.052965][T12178]  ? debug_mutex_init+0x37/0x70
[  470.053003][T12178]  copy_net_ns+0x2a6/0x5f0
[  470.053041][T12178]  create_new_namespaces+0x3ea/0xa90
[  470.053088][T12178]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  470.053134][T12178]  ksys_unshare+0x45b/0xa40
[  470.053181][T12178]  ? __pfx_ksys_unshare+0x10/0x10
[  470.053233][T12178]  ? xfd_validate_state+0x61/0x180
[  470.053294][T12178]  __x64_sys_unshare+0x31/0x40
[  470.053343][T12178]  do_syscall_64+0xcd/0x490
[  470.053447][T12178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.053481][T12178] RIP: 0033:0x7f4fcf18e929
[  470.053510][T12178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  470.053544][T12178] RSP: 002b:00007f4fccbf4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  470.053577][T12178] RAX: ffffffffffffffda RBX: 00007f4fcf3b6240 RCX: 00007f4fcf18e929
[  470.053600][T12178] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  470.053620][T12178] RBP: 00007f4fcf210b39 R08: 0000000000000000 R09: 0000000000000000
[  470.053640][T12178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  470.053660][T12178] R13: 0000000000000000 R14: 00007f4fcf3b6240 R15: 00007ffd5f0da668
[  470.053704][T12178]  </TASK>
[  470.468094][T12183] FAULT_INJECTION: forcing a failure.
[  470.468094][T12183] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  470.468135][T12183] CPU: 0 UID: 0 PID: 12183 Comm: syz.3.1057 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  470.468173][T12183] Tainted: [U]=USER
[  470.468181][T12183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  470.468196][T12183] Call Trace:
[  470.468203][T12183]  <TASK>
[  470.468212][T12183]  dump_stack_lvl+0x16c/0x1f0
[  470.468252][T12183]  should_fail_ex+0x512/0x640
[  470.468291][T12183]  should_fail_alloc_page+0xe7/0x130
[  470.468317][T12183]  prepare_alloc_pages+0x3c2/0x610
[  470.468346][T12183]  ? rcu_is_watching+0x12/0xc0
[  470.468374][T12183]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  470.468416][T12183]  ? rcu_is_watching+0x12/0xc0
[  470.468442][T12183]  ? trace_mm_page_alloc+0x11f/0x1a0
[  470.468469][T12183]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  470.468507][T12183]  ? __pfx_stack_trace_save+0x10/0x10
[  470.468556][T12183]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  470.468602][T12183]  ? alloc_vmap_area+0xdc8/0x29c0
[  470.468626][T12183]  ? __vmalloc_node_range_noprof+0x271/0x14b0
[  470.468657][T12183]  ? __do_sys_listmount+0x1c2/0xec0
[  470.468685][T12183]  ? do_syscall_64+0xcd/0x490
[  470.468718][T12183]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.468754][T12183]  alloc_pages_bulk_noprof+0x71c/0x1410
[  470.468789][T12183]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  470.468826][T12183]  ? policy_nodemask+0xea/0x4e0
[  470.468850][T12183]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  470.468887][T12183]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  470.468921][T12183]  kasan_populate_vmalloc+0xf1/0x1f0
[  470.468960][T12183]  alloc_vmap_area+0x959/0x29c0
[  470.468996][T12183]  ? __pfx_alloc_vmap_area+0x10/0x10
[  470.469048][T12183]  __get_vm_area_node+0x1ca/0x330
[  470.469082][T12183]  __vmalloc_node_range_noprof+0x271/0x14b0
[  470.469114][T12183]  ? __do_sys_listmount+0x1c2/0xec0
[  470.469150][T12183]  ? __lock_acquire+0xb8a/0x1c90
[  470.469182][T12183]  ? __do_sys_listmount+0x1c2/0xec0
[  470.469219][T12183]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  470.469251][T12183]  ? __alloc_pages_noprof+0xb/0x1b0
[  470.469286][T12183]  ? ___kmalloc_large_node+0x84/0x1e0
[  470.469312][T12183]  ? find_held_lock+0x2b/0x80
[  470.469342][T12183]  __kvmalloc_node_noprof+0x30a/0x620
[  470.469376][T12183]  ? __do_sys_listmount+0x1c2/0xec0
[  470.469407][T12183]  ? __do_sys_listmount+0x1c2/0xec0
[  470.469442][T12183]  ? __do_sys_listmount+0x1c2/0xec0
[  470.469470][T12183]  __do_sys_listmount+0x1c2/0xec0
[  470.469506][T12183]  ? __x64_sys_futex+0x1e0/0x4c0
[  470.469540][T12183]  ? __x64_sys_futex+0x1e9/0x4c0
[  470.469570][T12183]  ? __pfx___do_sys_listmount+0x10/0x10
[  470.469615][T12183]  do_syscall_64+0xcd/0x490
[  470.469655][T12183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.469679][T12183] RIP: 0033:0x7fe6c758e929
[  470.469702][T12183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  470.469726][T12183] RSP: 002b:00007fe6c83a9038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  470.469748][T12183] RAX: ffffffffffffffda RBX: 00007fe6c77b6080 RCX: 00007fe6c758e929
[  470.469764][T12183] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[  470.469779][T12183] RBP: 00007fe6c7610b39 R08: 0000000000000000 R09: 0000000000000000
[  470.469794][T12183] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  470.469809][T12183] R13: 0000000000000000 R14: 00007fe6c77b6080 R15: 00007ffef5d1c4c8
[  470.469838][T12183]  </TASK>
[  470.470805][T12183] syz.3.1057: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  470.470890][T12183] CPU: 0 UID: 0 PID: 12183 Comm: syz.3.1057 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  470.470924][T12183] Tainted: [U]=USER
[  470.470931][T12183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  470.470945][T12183] Call Trace:
[  470.470951][T12183]  <TASK>
[  470.470963][T12183]  dump_stack_lvl+0x16c/0x1f0
[  470.470998][T12183]  warn_alloc+0x248/0x3a0
[  470.471033][T12183]  ? __pfx_warn_alloc+0x10/0x10
[  470.471069][T12183]  ? kfree+0x2b4/0x4d0
[  470.471103][T12183]  ? __get_vm_area_node+0x208/0x330
[  470.471136][T12183]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[  470.471173][T12183]  ? __lock_acquire+0xb8a/0x1c90
[  470.471205][T12183]  ? __do_sys_listmount+0x1c2/0xec0
[  470.471241][T12183]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  470.471272][T12183]  ? __alloc_pages_noprof+0xb/0x1b0
[  470.471306][T12183]  ? ___kmalloc_large_node+0x84/0x1e0
[  470.471336][T12183]  ? find_held_lock+0x2b/0x80
[  470.471365][T12183]  __kvmalloc_node_noprof+0x30a/0x620
[  470.471399][T12183]  ? __do_sys_listmount+0x1c2/0xec0
[  470.471429][T12183]  ? __do_sys_listmount+0x1c2/0xec0
[  470.471463][T12183]  ? __do_sys_listmount+0x1c2/0xec0
[  470.471490][T12183]  __do_sys_listmount+0x1c2/0xec0
[  470.471524][T12183]  ? __x64_sys_futex+0x1e0/0x4c0
[  470.471557][T12183]  ? __x64_sys_futex+0x1e9/0x4c0
[  470.471587][T12183]  ? __pfx___do_sys_listmount+0x10/0x10
[  470.471631][T12183]  do_syscall_64+0xcd/0x490
[  470.471668][T12183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.471691][T12183] RIP: 0033:0x7fe6c758e929
[  470.471707][T12183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  470.471730][T12183] RSP: 002b:00007fe6c83a9038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  470.471750][T12183] RAX: ffffffffffffffda RBX: 00007fe6c77b6080 RCX: 00007fe6c758e929
[  470.471765][T12183] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[  470.471779][T12183] RBP: 00007fe6c7610b39 R08: 0000000000000000 R09: 0000000000000000
[  470.471793][T12183] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  470.471806][T12183] R13: 0000000000000000 R14: 00007fe6c77b6080 R15: 00007ffef5d1c4c8
[  470.471834][T12183]  </TASK>
[  470.471913][T12183] Mem-Info:
[  470.471929][T12183] active_anon:15662 inactive_anon:0 isolated_anon:0
[  470.471929][T12183]  active_file:8980 inactive_file:50032 isolated_file:0
[  470.471929][T12183]  unevictable:768 dirty:613 writeback:0
[  470.471929][T12183]  slab_reclaimable:11110 slab_unreclaimable:97214
[  470.471929][T12183]  mapped:29157 shmem:2410 pagetables:1298
[  470.471929][T12183]  sec_pagetables:0 bounce:0
[  470.471929][T12183]  kernel_misc_reclaimable:0
[  470.471929][T12183]  free:1315372 free_pcp:10361 free_cma:0
[  470.471991][T12183] Node 0 active_anon:62648kB inactive_anon:0kB active_file:35920kB inactive_file:199948kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:116584kB dirty:2452kB writeback:0kB shmem:8104kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12764kB pagetables:5056kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  470.472055][T12183] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:180kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:44kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  470.472118][T12183] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  470.472183][T12183] lowmem_reserve[]: 0 0 0 0 0
[  470.472224][T12183] Node 0 DMA32 free:1325356kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:62600kB inactive_anon:0kB active_file:35920kB inactive_file:198632kB unevictable:1536kB writepending:2452kB present:3129332kB managed:2540348kB mlocked:0kB bounce:0kB free_pcp:41432kB local_pcp:13760kB free_cma:0kB
[  470.472292][T12183] lowmem_reserve[]: 0 0 1 1 1
[  470.472333][T12183] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB
[  470.472398][T12183] lowmem_reserve[]: 0 0 0 0 0
[  470.472438][T12183] Node 1 Normal free:3920760kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:180kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  470.472504][T12183] lowmem_reserve[]: 0 0 0 0 0
[  470.472556][T12183] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  470.472695][T12183] Node 0 DMA32: 4785*4kB (UME) 2992*8kB (UME) 1428*16kB (UME) 1077*32kB (UME) 962*64kB (UME) 597*128kB (UME) 302*256kB (UME) 128*512kB (UME) 42*1024kB (UM) 12*2048kB (UME) 214*4096kB (UME) = 1325348kB
[  470.472888][T12183] Node 0 Normal: 3*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB
[  470.473011][T12183] Node 1 Normal: 206*4kB (UME) 58*8kB (UME) 47*16kB (UME) 214*32kB (UME) 103*64kB (UME) 30*128kB (UME) 14*256kB (UME) 7*512kB (UME) 1*1024kB (M) 3*2048kB (UE) 949*4096kB (M) = 3920760kB
[  470.473237][T12183] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  470.473257][T12183] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  470.473275][T12183] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  470.473293][T12183] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  470.473312][T12183] 61418 total pagecache pages
[  470.473320][T12183] 0 pages in swap cache
[  470.473328][T12183] Free swap  = 124996kB
[  470.473336][T12183] Total swap = 124996kB
[  470.473345][T12183] 2097051 pages RAM
[  470.473353][T12183] 0 pages HighMem/MovableOnly
[  470.473361][T12183] 429986 pages reserved
[  470.473369][T12183] 0 pages cma reserved
[  471.435563][   T30] audit: type=1804 audit(6047222582.804:18): pid=12202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1059" name="/newroot/268/file0" dev="tmpfs" ino=1417 res=1 errno=0
[  471.435642][   T30] audit: type=1800 audit(6047222582.804:19): pid=12202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1059" name="file0" dev="tmpfs" ino=1417 res=0 errno=0
[  471.761529][    C1] vkms_vblank_simulate: vblank timer overrun
[  472.243397][    C1] vkms_vblank_simulate: vblank timer overrun
[  472.301422][T12217] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1061'.
[  472.320998][    C1] vkms_vblank_simulate: vblank timer overrun
[  472.537667][T12223] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1061'.
[  472.561559][    C1] vkms_vblank_simulate: vblank timer overrun
[  472.677977][    C1] vkms_vblank_simulate: vblank timer overrun
[  473.160346][T12227] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1064'.
[  473.934193][T12231] netlink: 2468 bytes leftover after parsing attributes in process `syz.4.1065'.
[  474.619438][T12250] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34
[  475.908837][T12283] program syz.3.1075 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  477.752448][T12318] Invalid ELF header magic: != ELF
[  482.698363][T12426] openvswitch: netlink: Key type 266 is out of range max 32
[  483.626068][T12450] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  483.632193][T12450] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  483.641573][T12450] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  483.656173][T12450] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  484.442522][T12471] can: request_module (can-proto-3) failed.
[  484.931196][T12474] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.1109'.
[  485.674870][ T5847] Bluetooth: hci3: command 0x0c1a tx timeout
[  485.674888][T11002] Bluetooth: hci1: command 0x0c1a tx timeout
[  485.674947][T11002] Bluetooth: hci4: command 0x0c1a tx timeout
[  485.680970][ T5847] Bluetooth: hci2: command 0x0c1a tx timeout
[  486.003484][T12492] can: request_module (can-proto-3) failed.
[  486.793847][T12503] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1113'.
[  486.833693][T12503] HfR: entered promiscuous mode
[  487.491775][T12525] FAULT_INJECTION: forcing a failure.
[  487.491775][T12525] name failslab, interval 1, probability 0, space 0, times 0
[  487.536840][T12525] CPU: 1 UID: 0 PID: 12525 Comm: syz.4.1118 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  487.536882][T12525] Tainted: [U]=USER
[  487.536890][T12525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  487.536905][T12525] Call Trace:
[  487.536912][T12525]  <TASK>
[  487.536921][T12525]  dump_stack_lvl+0x16c/0x1f0
[  487.536966][T12525]  should_fail_ex+0x512/0x640
[  487.537001][T12525]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  487.537048][T12525]  should_failslab+0xc2/0x120
[  487.537070][T12525]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  487.537106][T12525]  ? copy_process+0x4b6/0x7650
[  487.537136][T12525]  ? _raw_spin_unlock_irq+0x23/0x50
[  487.537169][T12525]  copy_process+0x4b6/0x7650
[  487.537198][T12525]  ? __pfx___futex_wait+0x10/0x10
[  487.537243][T12525]  ? __pfx_copy_process+0x10/0x10
[  487.537275][T12525]  ? bpf_check_uarg_tail_zero+0x127/0x1b0
[  487.537309][T12525]  ? __futex_hash.constprop.0+0x1e9/0x440
[  487.537341][T12525]  kernel_clone+0xfc/0x960
[  487.537372][T12525]  ? __pfx_kernel_clone+0x10/0x10
[  487.537418][T12525]  __do_sys_clone+0xce/0x120
[  487.537447][T12525]  ? __pfx___do_sys_clone+0x10/0x10
[  487.537489][T12525]  ? xfd_validate_state+0x61/0x180
[  487.537530][T12525]  do_syscall_64+0xcd/0x490
[  487.537566][T12525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.537589][T12525] RIP: 0033:0x7f4fcf18e929
[  487.537608][T12525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  487.537631][T12525] RSP: 002b:00007f4fcff65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  487.537652][T12525] RAX: ffffffffffffffda RBX: 00007f4fcf3b5fa0 RCX: 00007f4fcf18e929
[  487.537667][T12525] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001
[  487.537681][T12525] RBP: 00007f4fcf210b39 R08: 0000000000000000 R09: 0000000000000000
[  487.537695][T12525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  487.537708][T12525] R13: 0000000000000000 R14: 00007f4fcf3b5fa0 R15: 00007ffd5f0da668
[  487.537736][T12525]  </TASK>
[  488.217030][T12528] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.1119'.
[  488.526024][T12550] qrtr: Invalid version 0
[  489.313684][T12569] QAT: failed to copy from user.
[  489.893138][T12576] FAULT_INJECTION: forcing a failure.
[  489.893138][T12576] name failslab, interval 1, probability 0, space 0, times 0
[  489.929003][T12576] CPU: 0 UID: 0 PID: 12576 Comm: syz.3.1128 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  489.929043][T12576] Tainted: [U]=USER
[  489.929051][T12576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  489.929064][T12576] Call Trace:
[  489.929072][T12576]  <TASK>
[  489.929080][T12576]  dump_stack_lvl+0x16c/0x1f0
[  489.929120][T12576]  should_fail_ex+0x512/0x640
[  489.929154][T12576]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  489.929196][T12576]  should_failslab+0xc2/0x120
[  489.929218][T12576]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  489.929257][T12576]  ? kvasprintf_const+0x66/0x1a0
[  489.929284][T12576]  kvasprintf+0xbc/0x160
[  489.929304][T12576]  ? __pfx_kvasprintf+0x10/0x10
[  489.929337][T12576]  ? mark_held_locks+0x49/0x80
[  489.929373][T12576]  kvasprintf_const+0x66/0x1a0
[  489.929396][T12576]  kobject_set_name_vargs+0x5a/0x140
[  489.929420][T12576]  kobject_init_and_add+0xe7/0x190
[  489.929444][T12576]  ? __pfx_kobject_init_and_add+0x10/0x10
[  489.929466][T12576]  ? __x64_sys_ioctl+0x18e/0x210
[  489.929501][T12576]  ? internal_create_groups+0x11a/0x150
[  489.929545][T12576]  netdev_queue_update_kobjects+0x32d/0x720
[  489.929580][T12576]  netdev_register_kobject+0x28c/0x3a0
[  489.929607][T12576]  register_netdevice+0x13dc/0x2270
[  489.929633][T12576]  ? idr_alloc+0xdd/0x130
[  489.929663][T12576]  ? __pfx_register_netdevice+0x10/0x10
[  489.929693][T12576]  ppp_dev_configure+0x99b/0xc80
[  489.929727][T12576]  ppp_ioctl+0x17e0/0x2660
[  489.929757][T12576]  ? find_held_lock+0x2b/0x80
[  489.929780][T12576]  ? __pfx_ppp_ioctl+0x10/0x10
[  489.929813][T12576]  ? __fget_files+0x20e/0x3c0
[  489.929849][T12576]  ? __pfx_ppp_ioctl+0x10/0x10
[  489.929877][T12576]  __x64_sys_ioctl+0x18e/0x210
[  489.929907][T12576]  do_syscall_64+0xcd/0x490
[  489.929943][T12576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  489.929967][T12576] RIP: 0033:0x7fe6c758e929
[  489.929985][T12576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  489.930008][T12576] RSP: 002b:00007fe6c83a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  489.930035][T12576] RAX: ffffffffffffffda RBX: 00007fe6c77b6080 RCX: 00007fe6c758e929
[  489.930050][T12576] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000009
[  489.930064][T12576] RBP: 00007fe6c7610b39 R08: 0000000000000000 R09: 0000000000000000
[  489.930077][T12576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  489.930091][T12576] R13: 0000000000000000 R14: 00007fe6c77b6080 R15: 00007ffef5d1c4c8
[  489.930120][T12576]  </TASK>
[  489.930185][T12576] kobject: can not set name properly!
[  490.649368][T12587] random: crng reseeded on system resumption
[  490.781105][T12591] netlink: 93 bytes leftover after parsing attributes in process `syz.4.1130'.
[  491.718473][T12610] ubi0: attaching mtd0
[  491.729323][T12610] ubi0: scanning is finished
[  491.946017][T12610] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  491.964108][T12610] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  492.093374][T12610] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  492.101730][T12610] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  492.119128][T12610] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  492.152564][T12610] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  492.164887][T12610] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 2777482211
[  492.197225][T12610] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  492.207729][T12613] ubi0: detaching mtd0
[  492.311826][T12613] ubi0: mtd0 is detached
[  494.776160][T12649] QAT: Stopping all acceleration devices.
[  495.598992][T12665] FAULT_INJECTION: forcing a failure.
[  495.598992][T12665] name fail_futex, interval 1, probability 0, space 0, times 0
[  495.642680][T12665] CPU: 0 UID: 0 PID: 12665 Comm: syz.3.1147 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  495.642734][T12665] Tainted: [U]=USER
[  495.642745][T12665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  495.642764][T12665] Call Trace:
[  495.642776][T12665]  <TASK>
[  495.642789][T12665]  dump_stack_lvl+0x16c/0x1f0
[  495.642845][T12665]  should_fail_ex+0x512/0x640
[  495.642902][T12665]  get_futex_key+0x1d0/0x1540
[  495.642950][T12665]  ? __pfx_get_futex_key+0x10/0x10
[  495.642991][T12665]  ? kasan_save_stack+0x42/0x60
[  495.643089][T12665]  ? kasan_save_stack+0x33/0x60
[  495.643137][T12665]  ? kasan_save_track+0x14/0x30
[  495.643187][T12665]  ? kasan_save_free_info+0x3b/0x60
[  495.643228][T12665]  ? __kasan_slab_free+0x51/0x70
[  495.643278][T12665]  ? kfree+0x2b4/0x4d0
[  495.643314][T12665]  ? __do_sys_memfd_create+0x3a0/0x8a0
[  495.643360][T12665]  futex_wake+0xe7/0x4e0
[  495.643413][T12665]  ? __pfx_futex_wake+0x10/0x10
[  495.643482][T12665]  do_futex+0x1e3/0x350
[  495.643524][T12665]  ? __pfx_do_futex+0x10/0x10
[  495.643578][T12665]  __x64_sys_futex+0x1e0/0x4c0
[  495.643627][T12665]  ? __pfx___x64_sys_futex+0x10/0x10
[  495.643690][T12665]  do_syscall_64+0xcd/0x490
[  495.643746][T12665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.643779][T12665] RIP: 0033:0x7fe6c758e929
[  495.643806][T12665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  495.643839][T12665] RSP: 002b:00007fe6c83ca0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  495.643871][T12665] RAX: ffffffffffffffda RBX: 00007fe6c77b5fa8 RCX: 00007fe6c758e929
[  495.643892][T12665] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe6c77b5fac
[  495.643913][T12665] RBP: 00007fe6c77b5fa0 R08: 00007fe6c83cb000 R09: 0000000000000000
[  495.643933][T12665] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fe6c77b5fac
[  495.643954][T12665] R13: 0000000000000000 R14: 00007ffef5d1c3e0 R15: 00007ffef5d1c4c8
[  495.644005][T12665]  </TASK>
[  496.072584][T12672] netlink: 'syz.2.1148': attribute type 4 has an invalid length.
[  496.127067][T12672] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1148'.
[  496.376296][T12677] can: request_module (can-proto-5) failed.
[  496.580674][T12686] netlink: 194 bytes leftover after parsing attributes in process `syz.3.1150'.
[  499.136852][T12739] can: request_module (can-proto-5) failed.
[  500.295745][T12764] FAULT_INJECTION: forcing a failure.
[  500.295745][T12764] name failslab, interval 1, probability 0, space 0, times 0
[  500.351536][T12764] CPU: 0 UID: 0 PID: 12764 Comm: syz.1.1166 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  500.351592][T12764] Tainted: [U]=USER
[  500.351602][T12764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  500.351621][T12764] Call Trace:
[  500.351631][T12764]  <TASK>
[  500.351653][T12764]  dump_stack_lvl+0x16c/0x1f0
[  500.351711][T12764]  should_fail_ex+0x512/0x640
[  500.351756][T12764]  ? __kmalloc_noprof+0xbf/0x510
[  500.351809][T12764]  ? __register_sysctl_table+0xea2/0x1900
[  500.351860][T12764]  should_failslab+0xc2/0x120
[  500.351890][T12764]  __kmalloc_noprof+0xd2/0x510
[  500.351935][T12764]  ? __register_sysctl_table+0xe8e/0x1900
[  500.351998][T12764]  __register_sysctl_table+0xea2/0x1900
[  500.352061][T12764]  ? __pfx___register_sysctl_table+0x10/0x10
[  500.352113][T12764]  ? is_module_address+0x69/0xf0
[  500.352161][T12764]  ? register_net_sysctl_sz+0x228/0x3e0
[  500.352195][T12764]  ? __asan_memcpy+0x3c/0x60
[  500.352243][T12764]  mptcp_net_init+0x499/0x620
[  500.352290][T12764]  ? __pfx_mptcp_net_init+0x10/0x10
[  500.352328][T12764]  ops_init+0x1e2/0x5f0
[  500.352383][T12764]  setup_net+0x1ff/0x510
[  500.352434][T12764]  ? lockdep_init_map_type+0x5c/0x280
[  500.352484][T12764]  ? __pfx_setup_net+0x10/0x10
[  500.352539][T12764]  ? debug_mutex_init+0x37/0x70
[  500.352579][T12764]  copy_net_ns+0x2a6/0x5f0
[  500.352617][T12764]  create_new_namespaces+0x3ea/0xa90
[  500.352675][T12764]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  500.352720][T12764]  ksys_unshare+0x45b/0xa40
[  500.352768][T12764]  ? __pfx_ksys_unshare+0x10/0x10
[  500.352816][T12764]  ? xfd_validate_state+0x61/0x180
[  500.352875][T12764]  __x64_sys_unshare+0x31/0x40
[  500.352921][T12764]  do_syscall_64+0xcd/0x490
[  500.352976][T12764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.353010][T12764] RIP: 0033:0x7f6edeb8e929
[  500.353037][T12764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  500.353070][T12764] RSP: 002b:00007f6edc5f4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  500.353102][T12764] RAX: ffffffffffffffda RBX: 00007f6ededb6240 RCX: 00007f6edeb8e929
[  500.353124][T12764] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  500.353143][T12764] RBP: 00007f6edec10b39 R08: 0000000000000000 R09: 0000000000000000
[  500.353164][T12764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  500.353183][T12764] R13: 0000000000000000 R14: 00007f6ededb6240 R15: 00007ffcdacd1598
[  500.353226][T12764]  </TASK>
[  500.353239][T12764] sysctl could not get directory: /net/mptcp -12
[  501.974599][T12781] can: request_module (can-proto-5) failed.
[  503.605840][T12822] ubi0: attaching mtd0
[  503.658117][T12822] ubi0: scanning is finished
[  503.981110][T12822] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  503.988724][T12822] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  504.119342][T12822] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  504.128030][T12822] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  504.135830][T12822] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  504.142667][T12822] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  504.150969][T12822] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 2777482211
[  504.161994][T12822] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  504.172129][T12823] ubi0: detaching mtd0
[  504.201466][T12823] ubi0: mtd0 is detached
[  504.849507][T12839] FAULT_INJECTION: forcing a failure.
[  504.849507][T12839] name fail_futex, interval 1, probability 0, space 0, times 0
[  504.931003][T12839] CPU: 0 UID: 0 PID: 12839 Comm: syz.4.1180 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  504.931044][T12839] Tainted: [U]=USER
[  504.931052][T12839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  504.931066][T12839] Call Trace:
[  504.931073][T12839]  <TASK>
[  504.931082][T12839]  dump_stack_lvl+0x16c/0x1f0
[  504.931123][T12839]  should_fail_ex+0x512/0x640
[  504.931162][T12839]  get_futex_key+0x1d0/0x1540
[  504.931193][T12839]  ? __pfx_get_futex_key+0x10/0x10
[  504.931218][T12839]  ? plist_check_head+0xa3/0x150
[  504.931244][T12839]  ? find_held_lock+0x2b/0x80
[  504.931283][T12839]  futex_wake+0xe7/0x4e0
[  504.931319][T12839]  ? __pfx_futex_wake+0x10/0x10
[  504.931356][T12839]  ? iput+0x519/0x880
[  504.931385][T12839]  do_futex+0x1e3/0x350
[  504.931414][T12839]  ? __pfx_do_futex+0x10/0x10
[  504.931442][T12839]  ? __sock_release+0x20b/0x270
[  504.931486][T12839]  __x64_sys_futex+0x1e0/0x4c0
[  504.931516][T12839]  ? __sys_socket+0xac/0x260
[  504.931545][T12839]  ? __pfx___x64_sys_futex+0x10/0x10
[  504.931574][T12839]  ? __sys_setsockopt+0x140/0x1a0
[  504.931613][T12839]  do_syscall_64+0xcd/0x490
[  504.931650][T12839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.931673][T12839] RIP: 0033:0x7f4fcf18e929
[  504.931690][T12839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  504.931712][T12839] RSP: 002b:00007f4fcff650e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  504.931733][T12839] RAX: ffffffffffffffda RBX: 00007f4fcf3b5fa8 RCX: 00007f4fcf18e929
[  504.931749][T12839] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f4fcf3b5fac
[  504.931762][T12839] RBP: 00007f4fcf3b5fa0 R08: 00007f4fcff66000 R09: 0000000000000000
[  504.931777][T12839] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f4fcf3b5fac
[  504.931791][T12839] R13: 0000000000000000 R14: 00007ffd5f0da580 R15: 00007ffd5f0da668
[  504.931819][T12839]  </TASK>
[  505.135589][T12847] tipc: Started in network mode
[  505.141193][T12847] tipc: Node identity ee00, cluster identity 4711
[  505.159221][T12847] tipc: Node number set to 60928
[  505.717626][T12841] Process accounting resumed
[  508.444277][T12907] ptrace attach of "./syz-executor exec"[8117] was attempted by ""[12907]
[  509.087470][T12910] netlink: 30 bytes leftover after parsing attributes in process `syz.4.1195'.
[  509.313494][T12920] Setting dangerous option i915.mitigations - tainting kernel
[  509.331213][T12920] Bad "i915.mitigations=!h��@�S�", 'h��@�S�' is unknown
[  510.640239][T12939] FAULT_INJECTION: forcing a failure.
[  510.640239][T12939] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  510.676388][T12939] CPU: 1 UID: 0 PID: 12939 Comm: syz.2.1201 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  510.676445][T12939] Tainted: [U]=USER
[  510.676455][T12939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  510.676475][T12939] Call Trace:
[  510.676485][T12939]  <TASK>
[  510.676497][T12939]  dump_stack_lvl+0x16c/0x1f0
[  510.676551][T12939]  should_fail_ex+0x512/0x640
[  510.676606][T12939]  strncpy_from_user+0x3b/0x2e0
[  510.676656][T12939]  getname_flags.part.0+0x8f/0x550
[  510.676711][T12939]  getname_flags+0x93/0xf0
[  510.676755][T12939]  __x64_sys_acct+0x75/0x230
[  510.676798][T12939]  ? lockdep_hardirqs_on+0x7c/0x110
[  510.676843][T12939]  do_syscall_64+0xcd/0x490
[  510.676893][T12939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.676924][T12939] RIP: 0033:0x7f043438e929
[  510.676953][T12939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  510.676984][T12939] RSP: 002b:00007f0435262038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3
[  510.677012][T12939] RAX: ffffffffffffffda RBX: 00007f04345b6080 RCX: 00007f043438e929
[  510.677033][T12939] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000280
[  510.677052][T12939] RBP: 00007f0434410b39 R08: 0000000000000000 R09: 0000000000000000
[  510.677070][T12939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  510.677088][T12939] R13: 0000000000000000 R14: 00007f04345b6080 R15: 00007ffead4947d8
[  510.677147][T12939]  </TASK>
[  511.113887][T12934] Process accounting resumed
[  511.715854][T12965] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1206'.
[  511.842378][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  511.850230][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  511.889687][T12961] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1206'.
[  511.958576][T12967] can: request_module (can-proto-5) failed.
[  513.173224][T13013] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1213'.
[  515.081571][T13061] ubi0: attaching mtd0
[  515.123331][T13061] ubi0: scanning is finished
[  515.642616][T13061] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  515.660396][T13061] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  515.668143][T13061] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  515.679621][T13061] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  515.688813][T13061] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  515.716972][T13061] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  515.778697][T13061] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 2777482211
[  515.804677][T13061] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  515.816238][T13076] ubi0: background thread "ubi_bgt0d" started, PID 13076
[  516.080085][T13080] FAULT_INJECTION: forcing a failure.
[  516.080085][T13080] name failslab, interval 1, probability 0, space 0, times 0
[  516.232611][T13080] CPU: 1 UID: 0 PID: 13080 Comm: syz.1.1224 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  516.232670][T13080] Tainted: [U]=USER
[  516.232681][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  516.232701][T13080] Call Trace:
[  516.232712][T13080]  <TASK>
[  516.232725][T13080]  dump_stack_lvl+0x16c/0x1f0
[  516.232783][T13080]  should_fail_ex+0x512/0x640
[  516.232833][T13080]  ? __kmalloc_noprof+0xbf/0x510
[  516.232887][T13080]  ? snd_pcm_plugin_build+0x64/0x650
[  516.232928][T13080]  should_failslab+0xc2/0x120
[  516.232961][T13080]  __kmalloc_noprof+0xd2/0x510
[  516.233023][T13080]  snd_pcm_plugin_build+0x64/0x650
[  516.233070][T13080]  snd_pcm_plugin_build_io+0x207/0x5f0
[  516.233114][T13080]  ? __pfx_snd_pcm_plugin_build_io+0x10/0x10
[  516.233161][T13080]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  516.233213][T13080]  snd_pcm_oss_change_params_locked+0x2e62/0x3a30
[  516.233282][T13080]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  516.233361][T13080]  snd_pcm_oss_get_active_substream+0x168/0x1d0
[  516.233409][T13080]  snd_pcm_oss_ioctl+0x21e9/0x37a0
[  516.233452][T13080]  ? hook_file_ioctl_common+0x145/0x410
[  516.233491][T13080]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  516.233535][T13080]  ? __fget_files+0x20e/0x3c0
[  516.233591][T13080]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  516.233633][T13080]  __x64_sys_ioctl+0x18e/0x210
[  516.233678][T13080]  do_syscall_64+0xcd/0x490
[  516.233734][T13080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.233769][T13080] RIP: 0033:0x7f6edeb8e929
[  516.233796][T13080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  516.233830][T13080] RSP: 002b:00007f6edf947038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  516.233862][T13080] RAX: ffffffffffffffda RBX: 00007f6ededb6080 RCX: 00007f6edeb8e929
[  516.233885][T13080] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 000000000000000a
[  516.233906][T13080] RBP: 00007f6edec10b39 R08: 0000000000000000 R09: 0000000000000000
[  516.233926][T13080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  516.233946][T13080] R13: 0000000000000000 R14: 00007f6ededb6080 R15: 00007ffcdacd1598
[  516.233991][T13080]  </TASK>
[  517.477626][T13100] binder: 13098:13100 unknown command 4294967282
[  517.484002][T13100] binder: 13098:13100 ioctl c0306201 2000000000c0 returned -22
[  519.265230][T13126] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input35
[  519.289188][T13116] can: request_module (can-proto-0) failed.
[  519.974328][T13116] can: request_module (can-proto-0) failed.
[  520.538246][T13133] random: crng reseeded on system resumption
[  521.568020][T13141] netlink: 2468 bytes leftover after parsing attributes in process `syz.2.1236'.
[  522.072530][T13167] random: crng reseeded on system resumption
[  522.226992][T13168] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE�r��҄y�*�"�l-���y–��
[  523.981032][T13191] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1244'.
[  524.100362][T13169] Invalid ELF header magic: != ELF
[  526.796154][T13235] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.1250'.
[  527.176047][T13244] can: request_module (can-proto-5) failed.
[  530.695009][T13319] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input36
[  531.218978][T13332] can: request_module (can-proto-5) failed.
[  536.758401][T13377] Process accounting paused
[  537.250407][T13412] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.1269'.
[  540.622709][T13452] netlink: 2468 bytes leftover after parsing attributes in process `syz.4.1280'.
[  541.121406][T13439] Process accounting paused
[  541.403147][T13465] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input38
[  544.521836][T13503] netlink: 2468 bytes leftover after parsing attributes in process `syz.4.1289'.
[  546.241326][T13543] Invalid ELF header magic: != ELF
[  546.280837][T13546] dyndbg: bad flag-op �, at start of �
[  546.296754][T13546] dyndbg: flags parse failed
[  546.503797][   T30] audit: type=1800 audit(62492.110:20): pid=13548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1298" name="file0" dev="tmpfs" ino=1761 res=0 errno=0
[  546.551564][   T30] audit: type=1800 audit(62492.110:21): pid=13551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1298" name="file0" dev="tmpfs" ino=1761 res=0 errno=0
[  547.173239][T13564] lo: entered allmulticast mode
[  547.349837][T13564] lo: left allmulticast mode
[  547.505868][T13563] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.1302'.
[  551.252608][T13650] can: request_module (can-proto-5) failed.
[  551.956330][T13662] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1321'.
[  552.682402][   T30] audit: type=1800 audit(62498.280:22): pid=13672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1322" name="dbroot" dev="configfs" ino=43596 res=0 errno=0
[  553.505826][T13675] cgroup: fork rejected by pids controller in /syz1
[  554.051203][T13711] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.1326'.
[  555.197033][T13744] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1332'.
[  559.258244][T12490] Bluetooth: hci4: unexpected subevent 0x01 length: 34 > 18
[  560.469568][T13778] netlink: 206 bytes leftover after parsing attributes in process `syz.2.1339'.
[  564.303040][T13822] FAULT_INJECTION: forcing a failure.
[  564.303040][T13822] name fail_futex, interval 1, probability 0, space 0, times 0
[  564.385690][T13822] CPU: 0 UID: 0 PID: 13822 Comm: syz.3.1343 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  564.385743][T13822] Tainted: [U]=USER
[  564.385754][T13822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  564.385773][T13822] Call Trace:
[  564.385783][T13822]  <TASK>
[  564.385795][T13822]  dump_stack_lvl+0x16c/0x1f0
[  564.385851][T13822]  should_fail_ex+0x512/0x640
[  564.385905][T13822]  get_futex_key+0x1d0/0x1540
[  564.385948][T13822]  ? __pfx_get_futex_key+0x10/0x10
[  564.385987][T13822]  ? __mutex_trylock_common+0xe9/0x250
[  564.386044][T13822]  futex_wake+0xe7/0x4e0
[  564.386123][T13822]  ? __pfx_futex_wake+0x10/0x10
[  564.386173][T13822]  ? __lock_acquire+0xb8a/0x1c90
[  564.386238][T13822]  do_futex+0x1e3/0x350
[  564.386281][T13822]  ? __pfx_do_futex+0x10/0x10
[  564.386319][T13822]  ? __might_fault+0xe3/0x190
[  564.386381][T13822]  mm_release+0x24e/0x300
[  564.386420][T13822]  do_exit+0x68b/0x2bd0
[  564.386475][T13822]  ? __pfx_do_exit+0x10/0x10
[  564.386522][T13822]  ? do_raw_spin_lock+0x20e/0x2b0
[  564.386574][T13822]  ? find_held_lock+0x2b/0x80
[  564.386616][T13822]  do_group_exit+0xd3/0x2a0
[  564.386667][T13822]  get_signal+0x2673/0x26d0
[  564.386723][T13822]  ? __pfx_get_signal+0x10/0x10
[  564.386761][T13822]  ? do_futex+0x122/0x350
[  564.386802][T13822]  ? __pfx_do_futex+0x10/0x10
[  564.386847][T13822]  arch_do_signal_or_restart+0x8f/0x790
[  564.386890][T13822]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  564.386943][T13822]  ? __pfx___do_sys_close_range+0x10/0x10
[  564.387004][T13822]  exit_to_user_mode_loop+0x84/0x110
[  564.387068][T13822]  do_syscall_64+0x3f6/0x490
[  564.387123][T13822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  564.387162][T13822] RIP: 0033:0x7fe6c758e929
[  564.387188][T13822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  564.387222][T13822] RSP: 002b:00007fe6c83ca0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  564.387252][T13822] RAX: fffffffffffffe00 RBX: 00007fe6c77b5fa8 RCX: 00007fe6c758e929
[  564.387273][T13822] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe6c77b5fa8
[  564.387292][T13822] RBP: 00007fe6c77b5fa0 R08: 0000000000000000 R09: 0000000000000000
[  564.387311][T13822] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe6c77b5fac
[  564.387331][T13822] R13: 0000000000000000 R14: 00007ffef5d1c3e0 R15: 00007ffef5d1c4c8
[  564.387373][T13822]  </TASK>
[  565.319811][T13836] Unable to find swap-space signature
[  565.565473][T13832] 
[  565.567850][T13832] ======================================================
[  565.574894][T13832] WARNING: possible circular locking dependency detected
[  565.581974][T13832] 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 Tainted: G     U             
[  565.590704][T13832] ------------------------------------------------------
[  565.597759][T13832] syz.4.1347/13832 is trying to acquire lock:
[  565.603850][T13832] ffff8880266f5420 (&q->elevator_lock){+.+.}-{4:4}, at: queue_requests_store+0x1c7/0x310
[  565.613767][T13832] 
[  565.613767][T13832] but task is already holding lock:
[  565.621152][T13832] ffff8880266f4ee8 (&q->q_usage_counter(io)#59){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  565.632459][T13832] 
[  565.632459][T13832] which lock already depends on the new lock.
[  565.632459][T13832] 
[  565.642910][T13832] 
[  565.642910][T13832] the existing dependency chain (in reverse order) is:
[  565.651949][T13832] 
[  565.651949][T13832] -> #3 (&q->q_usage_counter(io)#59){++++}-{0:0}:
[  565.660628][T13832]        blk_alloc_queue+0x619/0x760
[  565.665963][T13832]        blk_mq_alloc_queue+0x175/0x290
[  565.671559][T13832]        __blk_mq_alloc_disk+0x29/0x120
[  565.677166][T13832]        nbd_dev_add+0x4a0/0xbc0
[  565.682155][T13832]        nbd_init+0x181/0x320
[  565.686877][T13832]        do_one_initcall+0x120/0x6e0
[  565.692197][T13832]        kernel_init_freeable+0x5c2/0x900
[  565.697961][T13832]        kernel_init+0x1c/0x2b0
[  565.702846][T13832]        ret_from_fork+0x5d7/0x6f0
[  565.708006][T13832]        ret_from_fork_asm+0x1a/0x30
[  565.713342][T13832] 
[  565.713342][T13832] -> #2 (fs_reclaim){+.+.}-{0:0}:
[  565.720602][T13832]        fs_reclaim_acquire+0x102/0x150
[  565.726194][T13832]        prepare_alloc_pages+0x162/0x610
[  565.731876][T13832]        __alloc_frozen_pages_noprof+0x18b/0x23f0
[  565.738344][T13832]        __alloc_pages_noprof+0xb/0x1b0
[  565.743936][T13832]        pcpu_populate_chunk+0x110/0xb00
[  565.749613][T13832]        pcpu_alloc_noprof+0x86a/0x1470
[  565.755202][T13832]        xt_percpu_counter_alloc+0x13e/0x1b0
[  565.761247][T13832]        find_check_entry.constprop.0+0xbc/0x9b0
[  565.767615][T13832]        translate_table+0xc98/0x1720
[  565.773031][T13832]        ipt_register_table+0x102/0x430
[  565.778628][T13832]        iptable_nat_table_init+0x4b/0x250
[  565.784480][T13832]        xt_find_table_lock+0x2e1/0x520
[  565.790085][T13832]        xt_request_find_table_lock+0x28/0xf0
[  565.796235][T13832]        get_info+0x190/0x610
[  565.800951][T13832]        do_ipt_get_ctl+0x169/0xa10
[  565.806193][T13832]        nf_getsockopt+0x7c/0xe0
[  565.811166][T13832]        ip_getsockopt+0x18c/0x1e0
[  565.816317][T13832]        tcp_getsockopt+0x9e/0x100
[  565.821501][T13832]        do_sock_getsockopt+0x3fc/0x800
[  565.827086][T13832]        __sys_getsockopt+0x123/0x1b0
[  565.832506][T13832]        __x64_sys_getsockopt+0xbd/0x160
[  565.838183][T13832]        do_syscall_64+0xcd/0x490
[  565.843254][T13832]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  565.849793][T13832] 
[  565.849793][T13832] -> #1 (pcpu_alloc_mutex){+.+.}-{4:4}:
[  565.857578][T13832]        __mutex_lock+0x199/0xb90
[  565.862843][T13832]        pcpu_alloc_noprof+0xb4c/0x1470
[  565.868439][T13832]        sbitmap_init_node+0x2fd/0x770
[  565.873951][T13832]        sbitmap_queue_init_node+0x41/0x560
[  565.879881][T13832]        blk_mq_init_tags+0x12d/0x2b0
[  565.885308][T13832]        blk_mq_alloc_map_and_rqs+0x237/0xf60
[  565.891421][T13832]        blk_mq_init_sched+0x30c/0x610
[  565.896914][T13832]        elevator_switch+0x1e1/0x7f0
[  565.902237][T13832]        elevator_change+0x2ac/0x400
[  565.907563][T13832]        elevator_set_default+0x292/0x320
[  565.913326][T13832]        blk_register_queue+0x393/0x4f0
[  565.918900][T13832]        __add_disk+0x74a/0xf00
[  565.923924][T13832]        add_disk_fwnode+0x13f/0x5d0
[  565.929256][T13832]        nbd_dev_add+0x791/0xbc0
[  565.934242][T13832]        nbd_init+0x181/0x320
[  565.938960][T13832]        do_one_initcall+0x120/0x6e0
[  565.944278][T13832]        kernel_init_freeable+0x5c2/0x900
[  565.950041][T13832]        kernel_init+0x1c/0x2b0
[  565.954939][T13832]        ret_from_fork+0x5d7/0x6f0
[  565.960234][T13832]        ret_from_fork_asm+0x1a/0x30
[  565.966270][T13832] 
[  565.966270][T13832] -> #0 (&q->elevator_lock){+.+.}-{4:4}:
[  565.974140][T13832]        __lock_acquire+0x126f/0x1c90
[  565.979583][T13832]        lock_acquire+0x179/0x350
[  565.984679][T13832]        __mutex_lock+0x199/0xb90
[  565.989900][T13832]        queue_requests_store+0x1c7/0x310
[  565.995704][T13832]        queue_attr_store+0x276/0x320
[  566.001260][T13832]        sysfs_kf_write+0xef/0x150
[  566.006435][T13832]        kernfs_fop_write_iter+0x354/0x510
[  566.012305][T13832]        iter_file_splice_write+0x91f/0x1150
[  566.018512][T13832]        direct_splice_actor+0x192/0x6c0
[  566.024189][T13832]        splice_direct_to_actor+0x342/0xa30
[  566.030130][T13832]        do_splice_direct+0x174/0x240
[  566.035536][T13832]        do_sendfile+0xb06/0xe50
[  566.040513][T13832]        __x64_sys_sendfile64+0x1d8/0x220
[  566.046361][T13832]        do_syscall_64+0xcd/0x490
[  566.051476][T13832]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.057934][T13832] 
[  566.057934][T13832] other info that might help us debug this:
[  566.057934][T13832] 
[  566.068210][T13832] Chain exists of:
[  566.068210][T13832]   &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#59
[  566.068210][T13832] 
[  566.082029][T13832]  Possible unsafe locking scenario:
[  566.082029][T13832] 
[  566.089507][T13832]        CPU0                    CPU1
[  566.094915][T13832]        ----                    ----
[  566.100330][T13832]   lock(&q->q_usage_counter(io)#59);
[  566.105759][T13832]                                lock(fs_reclaim);
[  566.112310][T13832]                                lock(&q->q_usage_counter(io)#59);
[  566.120254][T13832]   lock(&q->elevator_lock);
[  566.124881][T13832] 
[  566.124881][T13832]  *** DEADLOCK ***
[  566.124881][T13832] 
[  566.133045][T13832] 5 locks held by syz.4.1347/13832:
[  566.138263][T13832]  #0: ffff88807c484428 (sb_writers#7){.+.+}-{0:0}, at: splice_direct_to_actor+0x342/0xa30
[  566.148355][T13832]  #1: ffff88805be2f088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[  566.158167][T13832]  #2: ffff888026a02008 (kn->active#146){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[  566.168420][T13832]  #3: ffff8880266f4ee8 (&q->q_usage_counter(io)#59){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  566.180177][T13832]  #4: ffff8880266f4f20 (&q->q_usage_counter(queue)#11){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  566.192200][T13832] 
[  566.192200][T13832] stack backtrace:
[  566.198118][T13832] CPU: 0 UID: 0 PID: 13832 Comm: syz.4.1347 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  566.198162][T13832] Tainted: [U]=USER
[  566.198172][T13832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  566.198189][T13832] Call Trace:
[  566.198200][T13832]  <TASK>
[  566.198211][T13832]  dump_stack_lvl+0x116/0x1f0
[  566.198256][T13832]  print_circular_bug+0x275/0x350
[  566.198296][T13832]  check_noncircular+0x14c/0x170
[  566.198338][T13832]  __lock_acquire+0x126f/0x1c90
[  566.198380][T13832]  ? __lock_acquire+0xb8a/0x1c90
[  566.198419][T13832]  lock_acquire+0x179/0x350
[  566.198457][T13832]  ? queue_requests_store+0x1c7/0x310
[  566.198506][T13832]  ? __pfx___might_resched+0x10/0x10
[  566.198536][T13832]  ? do_raw_spin_lock+0x12c/0x2b0
[  566.198583][T13832]  __mutex_lock+0x199/0xb90
[  566.198625][T13832]  ? queue_requests_store+0x1c7/0x310
[  566.198672][T13832]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  566.198724][T13832]  ? queue_requests_store+0x1c7/0x310
[  566.198775][T13832]  ? lockdep_hardirqs_on+0x7c/0x110
[  566.198815][T13832]  ? __pfx___mutex_lock+0x10/0x10
[  566.198862][T13832]  ? __pfx_autoremove_wake_function+0x10/0x10
[  566.198903][T13832]  ? queue_requests_store+0x1c7/0x310
[  566.198948][T13832]  queue_requests_store+0x1c7/0x310
[  566.198994][T13832]  ? __pfx_queue_requests_store+0x10/0x10
[  566.199044][T13832]  ? __mutex_trylock_common+0xe9/0x250
[  566.199085][T13832]  ? __pfx_queue_requests_store+0x10/0x10
[  566.199131][T13832]  queue_attr_store+0x276/0x320
[  566.199175][T13832]  ? __pfx_queue_attr_store+0x10/0x10
[  566.199217][T13832]  ? __lock_acquire+0x622/0x1c90
[  566.199263][T13832]  ? find_held_lock+0x2b/0x80
[  566.199291][T13832]  ? sysfs_file_kobj+0xe4/0x290
[  566.199326][T13832]  ? __pfx_queue_attr_store+0x10/0x10
[  566.199369][T13832]  sysfs_kf_write+0xef/0x150
[  566.199403][T13832]  kernfs_fop_write_iter+0x354/0x510
[  566.199432][T13832]  ? __pfx_sysfs_kf_write+0x10/0x10
[  566.199466][T13832]  iter_file_splice_write+0x91f/0x1150
[  566.199515][T13832]  ? __pfx_iter_file_splice_write+0x10/0x10
[  566.199557][T13832]  ? __pfx_copy_splice_read+0x10/0x10
[  566.199602][T13832]  ? __pfx_iter_file_splice_write+0x10/0x10
[  566.199642][T13832]  direct_splice_actor+0x192/0x6c0
[  566.199681][T13832]  splice_direct_to_actor+0x342/0xa30
[  566.199718][T13832]  ? __pfx_direct_splice_actor+0x10/0x10
[  566.199766][T13832]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  566.199809][T13832]  do_splice_direct+0x174/0x240
[  566.199845][T13832]  ? __pfx_do_splice_direct+0x10/0x10
[  566.199881][T13832]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  566.199919][T13832]  ? rw_verify_area+0xcf/0x680
[  566.199955][T13832]  do_sendfile+0xb06/0xe50
[  566.199996][T13832]  ? __pfx_do_sendfile+0x10/0x10
[  566.200034][T13832]  ? handle_mm_fault+0x2ab/0xd10
[  566.200073][T13832]  ? __x64_sys_futex+0x1e0/0x4c0
[  566.200107][T13832]  ? __x64_sys_futex+0x1e9/0x4c0
[  566.200143][T13832]  __x64_sys_sendfile64+0x1d8/0x220
[  566.200171][T13832]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  566.200203][T13832]  do_syscall_64+0xcd/0x490
[  566.200247][T13832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.200276][T13832] RIP: 0033:0x7f4fcf18e929
[  566.200299][T13832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  566.200328][T13832] RSP: 002b:00007f4fcff65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  566.200354][T13832] RAX: ffffffffffffffda RBX: 00007f4fcf3b5fa0 RCX: 00007f4fcf18e929
[  566.200373][T13832] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  566.200389][T13832] RBP: 00007f4fcf210b39 R08: 0000000000000000 R09: 0000000000000000
[  566.200406][T13832] R10: 0000000000000200 R11: 0000000000000246 R12: 0000000000000000
[  566.200423][T13832] R13: 0000000000000000 R14: 00007f4fcf3b5fa0 R15: 00007ffd5f0da668
[  566.200450][T13832]  </TASK>
[  567.572694][T13773] Process accounting resumed
[  569.837289][T13701] syz.1.1322 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  569.908597][T13701] CPU: 1 UID: 0 PID: 13701 Comm: syz.1.1322 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  569.908654][T13701] Tainted: [U]=USER
[  569.908665][T13701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  569.908685][T13701] Call Trace:
[  569.908695][T13701]  <TASK>
[  569.908706][T13701]  dump_stack_lvl+0x16c/0x1f0
[  569.908760][T13701]  dump_header+0x101/0x930
[  569.908810][T13701]  oom_kill_process+0x270/0xa60
[  569.908863][T13701]  out_of_memory+0x350/0x1700
[  569.908918][T13701]  ? __pfx_out_of_memory+0x10/0x10
[  569.908973][T13701]  mem_cgroup_out_of_memory+0x118/0x130
[  569.909014][T13701]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  569.909061][T13701]  ? do_raw_spin_unlock+0x172/0x230
[  569.909095][T13701]  try_charge_memcg+0x72b/0xd50
[  569.909128][T13701]  ? __pfx_try_charge_memcg+0x10/0x10
[  569.909159][T13701]  ? rcu_is_watching+0x12/0xc0
[  569.909194][T13701]  ? rcu_is_watching+0x12/0xc0
[  569.909229][T13701]  ? __folio_batch_add_and_move+0x602/0xc90
[  569.909288][T13701]  charge_memcg+0x8a/0x230
[  569.909318][T13701]  __mem_cgroup_charge+0x2b/0x1e0
[  569.909354][T13701]  shmem_alloc_and_add_folio+0x514/0xc20
[  569.909417][T13701]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  569.909466][T13701]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  569.909518][T13701]  shmem_get_folio_gfp+0x67f/0x1600
[  569.909570][T13701]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  569.909619][T13701]  ? __pte_offset_map_lock+0x174/0x310
[  569.909655][T13701]  shmem_write_begin+0x160/0x300
[  569.909705][T13701]  ? __pfx_shmem_write_begin+0x10/0x10
[  569.909754][T13701]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[  569.909795][T13701]  ? __pfx_timestamp_truncate+0x10/0x10
[  569.909844][T13701]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  569.909898][T13701]  generic_perform_write+0x3cd/0x930
[  569.909951][T13701]  ? __pfx_generic_perform_write+0x10/0x10
[  569.909999][T13701]  ? inode_needs_update_time.part.0+0x191/0x270
[  569.910058][T13701]  shmem_file_write_iter+0x10e/0x140
[  569.910091][T13701]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  569.910122][T13701]  __kernel_write_iter+0x31a/0xa90
[  569.910171][T13701]  ? __pfx___kernel_write_iter+0x10/0x10
[  569.910219][T13701]  ? __up_read+0x1f8/0x750
[  569.910272][T13701]  ? lock_release+0x201/0x2f0
[  569.910315][T13701]  ? dump_user_range+0x16e/0xb60
[  569.910355][T13701]  dump_user_range+0x41f/0xb60
[  569.910402][T13701]  ? __pfx_dump_user_range+0x10/0x10
[  569.910440][T13701]  ? elf_coredump_extra_notes_write+0xbd/0x4f0
[  569.910494][T13701]  ? __pfx_writenote+0x10/0x10
[  569.910539][T13701]  elf_core_dump+0x288a/0x3a90
[  569.910592][T13701]  ? __pfx_elf_core_dump+0x10/0x10
[  569.910639][T13701]  ? find_held_lock+0x2b/0x80
[  569.910672][T13701]  ? 0xffffffffff600000
[  569.910707][T13701]  ? rcu_is_watching+0x12/0xc0
[  569.910739][T13701]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  569.910782][T13701]  ? lockdep_hardirqs_on+0x7c/0x110
[  569.910857][T13701]  ? do_coredump+0x399f/0x4f10
[  569.910889][T13701]  do_coredump+0x399f/0x4f10
[  569.910931][T13701]  ? __pfx_do_coredump+0x10/0x10
[  569.910966][T13701]  ? find_held_lock+0x2b/0x80
[  569.910998][T13701]  ? is_bpf_text_address+0x8a/0x1a0
[  569.911044][T13701]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  569.911083][T13701]  ? is_bpf_text_address+0x94/0x1a0
[  569.911127][T13701]  ? kernel_text_address+0x8d/0x100
[  569.911178][T13701]  ? __kernel_text_address+0xd/0x40
[  569.911207][T13701]  ? unwind_get_return_address+0x59/0xa0
[  569.911270][T13701]  ? stack_depot_save_flags+0x28/0xa40
[  569.911318][T13701]  ? __lock_acquire+0xb8a/0x1c90
[  569.911369][T13701]  ? kasan_save_stack+0x42/0x60
[  569.911414][T13701]  ? kasan_save_stack+0x33/0x60
[  569.911459][T13701]  ? kasan_save_track+0x14/0x30
[  569.911505][T13701]  ? kasan_save_free_info+0x3b/0x60
[  569.911542][T13701]  ? __kasan_slab_free+0x51/0x70
[  569.911590][T13701]  ? kmem_cache_free+0x2d1/0x4d0
[  569.911632][T13701]  ? __sigqueue_free+0xba/0x2a0
[  569.911676][T13701]  ? get_signal+0xcba/0x26d0
[  569.911710][T13701]  ? arch_do_signal_or_restart+0x8f/0x790
[  569.911774][T13701]  ? proc_coredump_connector+0x2d1/0x4f0
[  569.911814][T13701]  ? __pfx_proc_coredump_connector+0x10/0x10
[  569.911858][T13701]  ? rcu_is_watching+0x12/0xc0
[  569.911894][T13701]  get_signal+0x22e3/0x26d0
[  569.911937][T13701]  ? __pfx_get_signal+0x10/0x10
[  569.911974][T13701]  ? rcu_is_watching+0x12/0xc0
[  569.912007][T13701]  ? trace_irq_disable.constprop.0+0xd4/0x120
[  569.912052][T13701]  arch_do_signal_or_restart+0x8f/0x790
[  569.912085][T13701]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  569.912128][T13701]  irqentry_exit_to_user_mode+0x12a/0x270
[  569.912171][T13701]  asm_exc_page_fault+0x26/0x30
[  569.912197][T13701] RIP: 0033:0x21000
[  569.912222][T13701] Code: Unable to access opcode bytes at 0x20fd6.
[  569.912234][T13701] RSP: 002b:000000000000000a EFLAGS: 00010206
[  569.912255][T13701] RAX: 0000000000000000 RBX: 00007f6ededb6240 RCX: 00007f6edeb8e929
[  569.912272][T13701] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46
[  569.912307][T13701] RBP: 00007f6edec10b39 R08: 0000000000000002 R09: 0000000000000000
[  569.912324][T13701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  569.912340][T13701] R13: 0000000000000000 R14: 00007f6ededb6240 R15: 00007ffcdacd1598
[  569.912375][T13701]  </TASK>
[  569.912384][T13701] memory: usage 307200kB, limit 307200kB, failcnt 19357
[  570.430184][T13701] memory+swap: usage 432112kB, limit 9007199254740988kB, failcnt 0
[  570.430209][T13701] kmem: usage 7844kB, limit 9007199254740988kB, failcnt 0
[  570.430229][T13701] Memory cgroup stats for /syz1:
[  570.446553][T13701] cache 306274304
[  570.455871][T13701] rss 180224
[  570.459108][T13701] rss_huge 0
[  570.462329][T13701] shmem 306266112
[  570.466059][T13701] mapped_file 16744448
[  570.470169][T13701] dirty 0
[  570.473112][T13701] writeback 0
[  570.476477][T13701] workingset_refault_anon 2061
[  570.481267][T13701] workingset_refault_file 291
[  570.485996][T13701] swap 127909888
[  570.489570][T13701] swapcached 86016
[  570.493311][T13701] pgpgin 433430
[  570.496990][T13701] pgpgout 361237
[  570.500560][T13701] pgfault 344986
[  570.504125][T13701] pgmajfault 681
[  570.507723][T13701] inactive_anon 145928192
[  570.512434][T13701] active_anon 160604160
[  570.516678][T13701] inactive_file 8192
[  570.520597][T13701] active_file 0
[  570.524064][T13701] unevictable 0
[  570.527567][T13701] hierarchical_memory_limit 314572800
[  570.532966][T13701] hierarchical_memsw_limit 9223372036854771712
[  570.539182][T13701] total_cache 306274304
[  570.543387][T13701] total_rss 180224
[  570.547177][T13701] total_rss_huge 0
[  570.550936][T13701] total_shmem 306266112
[  570.555227][T13701] total_mapped_file 16744448
[  570.559859][T13701] total_dirty 0
[  570.563390][T13701] total_writeback 0
[  570.567350][T13701] total_workingset_refault_anon 2061
[  570.572673][T13701] total_workingset_refault_file 291
[  570.577992][T13701] total_swap 127909888
[  570.582091][T13701] total_swapcached 86016
[  570.586382][T13701] total_pgpgin 433430
[  570.590389][T13701] total_pgpgout 361237
[  570.594469][T13701] total_pgfault 344986
[  570.598594][T13701] total_pgmajfault 681
[  570.602686][T13701] total_inactive_anon 145928192
[  570.607588][T13701] total_active_anon 160604160
[  570.612291][T13701] total_inactive_file 8192
[  570.617152][T13701] total_active_file 0
[  570.621163][T13701] total_unevictable 0
[  570.625207][T13701] anon_cost 0
[  570.628514][T13701] file_cost 0
[  570.631813][T13701] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.1322,pid=13715,uid=0
[  570.646896][T13701] Memory cgroup out of memory: Killed process 13715 (syz.1.1322) total-vm:131540kB, anon-rss:920kB, file-rss:21668kB, shmem-rss:16128kB, UID:0 pgtables:180kB oom_score_adj:1000
[  572.728168][   T32] oom_reaper: reaped process 13715 (syz.1.1322), now anon-rss:0kB, file-rss:20508kB, shmem-rss:2816kB
[  573.276922][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  573.283412][ T1300] ieee802154 phy1 wpan1: encryption failed: -22