last executing test programs:

18m23.0763965s ago: executing program 3 (id=1575):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
getpid()
ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000002e40), 0xffffffffffffffff)
sendmsg$auto_SEG6_CMD_SET_TUNSRC(r2, &(0x7f0000002f00)={0x0, 0x0, &(0x7f0000002ec0)={&(0x7f0000002e80)={0x14, r3, 0x1, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4048c40}, 0x4)
readv$auto(r1, &(0x7f0000000680)={0x0, 0x40200}, 0x3)
ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0)
ppoll$auto(&(0x7f0000000000)={r0, 0x40}, 0x2, 0x0, 0x0, 0x8)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0x0, 0x0)
inotify_rm_watch$auto(r1, 0x8001)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3da)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r4)
sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r4, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000001d40)={0x34, r5, 0x1, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}]}, @ETHTOOL_A_RINGS_TX_PUSH={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x90}, 0x80000)
write$auto(0x3, 0x0, 0xffd8) (fail_nth: 23)
unshare$auto(0x40000080)
fcntl$auto(0x3, 0x4, 0xa553)

18m21.69453493s ago: executing program 3 (id=1582):
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) (async)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) (async, rerun: 64)
msgrcv$auto(0x0, 0x0, 0x1000, 0x8000000000000000, 0xb5) (async, rerun: 64)
mprotect$auto(0x8000, 0x8, 0x8) (async, rerun: 64)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 64)
mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) (async)
io_uring_setup$auto(0x6, 0x0) (async)
select$auto(0x3, 0x0, &(0x7f0000000100)={[0x8, 0x5, 0x0, 0x9, 0xfffffffffffffffc, 0x83, 0x6, 0x2, 0x9, 0xffff, 0x4000000000000002, 0xd, 0x3, 0xfffffffffffffffe, 0x7, 0x1000000006]}, 0x0, 0x0)
syslog$auto(0x2, &(0x7f0000000000)='-#:\x00[\xda\xe2\xc3L\xd30{Q\xecvP\x93\x87\x1e\xdd\x95\x1b\x19qI\vv\xacO*X0V\x93\x85\xff\xb2\xdd\xd8\xd5Kh\xfa\xa3\xc7\x9b}\xec\x1e\xdc\x80\x1fR\xc30\x9a\xae\\\'\x14\x98\x98\xc3iDv\x97\xdfTMt\xe5?\xd0\xcc\xb8\xfa\a\x7f\x7f\x00\x00\x00\x00\x00\x00\x00n_\xb1\x1c\x7f\xb0y\xec\xe2\xcc\x1a/\xfa{d\xe4BN\x9c\xb9\x87.\xfe\xe7&1j\xe6]\xc3\x9anE6\x81\xe4\xec\xfa\xefE\xf7\x17h\xf4pumR\xd55Dd(\x0f(b\x1aD\xf4\x03\xc3\\\xdf\x8f\xa8\x82\xab\x102\xd1\xaf\xcaT\x86\x171\x11Q4\x94\x9d\xf5\x9c\xe3\xaa\xf3\xd26i\xf9\xb2\xd9T\xc9\xfd\xba\x91^\x19\x95\xde\xbc \xa8\x98\xc3\xed\xe9,{\xd4\xa1\xe4p\xcf\b\f\xb4\xbe_\xf2\xbe\xef\v\xf1d\xdd\x0e\xfc\xc3\xeaqt\x94\xe7\xce\xf1\xc5\x94~\xf6Cx\x0e\x98\xc7gE>*\x9c%\xa0\\\x14\t\tv.\x1c\x1a\xf1\xba\xc0>\xf4Hc\xc3\xfa\x033\x8f\xb9(\n/\xcdo\xc2', 0xcf) (async)
close_range$auto(0x2, 0x8, 0x0)
rt_sigqueueinfo$auto(0x0, 0x4, 0x0) (async, rerun: 64)
r0 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) (rerun: 64)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async)
write$auto_mousedev_fops_mousedev(r0, 0x0, 0x0) (async, rerun: 32)
clone$auto(0x1002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) (async, rerun: 32)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async, rerun: 64)
madvise$auto(0x0, 0x2003f0, 0x2) (async, rerun: 64)
mmap$auto(0x0, 0x4, 0xdf, 0x15, 0x401, 0x8000) (async)
keyctl$auto(0x1f, 0x0, 0x6, 0x3, 0x3ff)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000240), 0x8121c0, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) (async, rerun: 64)
socket(0x1d, 0x2, 0x6) (async, rerun: 64)
setsockopt$auto(r0, 0x6a, 0x3, 0x0, 0xc) (async)
madvise$auto(0x0, 0xffdfffffffff0005, 0x4) (async)
mlock$auto(0x1000, 0x6) (async)
mlockall$auto(0x800000000000005) (async, rerun: 32)
r2 = mq_open$auto(&(0x7f00000000c0)='\x12\xe6D\b\x9e\x00\x80\x8d\f\xb9w-\xbd!\x9eb\xed\xfb\x0f\xe5\x9dZ\xc2\xd1\x01wBV\x91\x8f_\xc0.\x84\xfe\x84\xd1se\x01\x06\x00\xb3\x13_Y&\xa9\x88\xe4\xa2\xb0V\x85\x92<\xb6\xdcT \\\xf2\v\xb1\xe2\xd8\xfa\xd8V\xe5\x00\xfa\xe9!\xc5<\xce\x18=\x06\xdagq\xb5\r\t\xb2\xde\x99\xd50\xbb\x192\x1c4\x86\xc0\xc1-\xd5\x10\xc3\xfc*[8\x89h\xc5\xba\xff\xc8u5<y\xa5\x97\x13\xef\xc4g\xc3\xa4&\x81I6\v\xcc\x00\x00', 0x62, 0xfffc, 0x0) (rerun: 32)
mq_timedsend$auto(r2, &(0x7f00000001c0)='@;\x94:IN\x18\xfa7Cl\x108\xcb#\x00\xa1Vq\xc9\x00\xa6=`<\x00\x00\xe7{\x87sN\xaa%\x10h\xc7\xebOi\x88\x8a#\xdf\x9a\xe9\x9f\x06\x0f\x18\x8b\x7f9%\xee\x1cT!\xae>\xf7E\xcc\x95\xf0\x01\x10Z\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x80, 0x9, 0x0) (async, rerun: 64)
mq_timedreceive$auto(r2, &(0x7f00000004c0)=' \x00;\xcc\xc7\x0f\xce\x8b|\xc0+I?\x8d+c\x82\x18\xec\xc5S\x19\xd7Vd\xecT\xf8\xaby\x82e\xb7\x1dz\xf5:\x80\x00\x00\x00\xf1\thR\x01N\xe6J\xfb\xc1\xd8J\xd6\xc0\xd2&\xa4\xdc\xe7}\xd5\xbb\xa9\x19\xaev9\xadP\x17Wh$\xb4\xfb\x1a:\xe8%\r\x11\xf8\xb7', 0x4dcd, &(0x7f0000000180)=0x7, &(0x7f0000000080)={0x4, 0xd}) (rerun: 64)

18m18.323579072s ago: executing program 3 (id=1595):
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x8440, 0x0)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0x6)
socket(0x1e, 0x1, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(0xffffffffffffffff, &(0x7f0000006940)={0x0, 0x0, &(0x7f0000006900)={&(0x7f0000000280)={0x1240, r2, 0x1, 0x70bd29, 0x25dfdbff, {}, [@HWSIM_ATTR_PMSR_RESULT={0x122c, 0x1c, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x1078, 0x5, 0x0, 0x1, [{0x1074, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x28, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x200}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x5}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x47, 0x1, "15498343c724307734086992dc1e25a2a9103e4bf48686438120218fc18eb8d92081607cef938d982b98b2ffabb3d4697d0e992a1ea9d3b471e918ae07e413f97503f8"}, @NL80211_PMSR_PEER_ATTR_RESP={0x4}, @NL80211_PMSR_PEER_ATTR_RESP={0x8, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xff4, 0x1, "1fb5becd41368ab779a0b29218e67556fc4604877ebfcbd398c11fb77c35a8bf6e74ddc9b04a9138098aecf779ea7e3d541edf3023425cada97c0dc587c6fa47716dd359907f0a162a0b886614c1a7e9546da002cc83e2ed566b0379129f985c460fbbf435e700a4b5580b8a56632571928f8f21f4d11364a0ef75b476ff3956f1c7da142f79c10a4876ffcc63f2d86a0e69b888fc4f296dee02ad8557cdbfb9f0235a183eca304867b40759629cbc72b1502c43b99766ba6d68b0c0ab3c3f028eac0d0571801e5df2a1d739c243a58bf16cfb3859743e905b7ba869f46438f8ae3034bf72d5e80c5484943de2b70c62ef38e5219cc8006f282faca545419374470f9a70397a1f81bc4623e08269594bbebf9b08b81b87ccaebf876dcaf1fa4562e3163b353cb8ff91dba36cfd929ec300388d9224fe45abcc42e157398da0642301b14d590dd9a490eeb4555c64ae48caedffd84b246834f69dfa63f173ce93ba2775a6f4aba2492fe9d62fcae89dab6719935a28c2d614d93e984df4b3a292e0e5d6754a30e52d52b951092a4df3b6abb5c8b74740d551a77c41d02f0ea667e8acb61eac844c20151dac7c08ae95aed291d11cd81365501d3fb0120e11566f94afe38fb008e05536f93364d00a43b8f486bd9aeed50d5a38947982f5f700f06aa7d6783f30abda22a3c9948a274bfae36f6a66c3229520089d65cbddde93a28dd2a72e93bc6c0d9b98f49c9d771f73b1d4dcb6c06829b15422f0c596401ba563a88ded070e2a05a79c8070085502fb3ca34fc767ff2d3b490bb9a6abc3019eefaa4bd9f345f6b94d597166754c5f95140dc5fa9ce51a7cc3257885d074c7cdfd88bb400fd6dbe2d4a830134967cacad9beaff366bf7e3b0a4fa0526473a70c1f44e343a5b9fadf9fc536113772f0f7b0bf16f9b7a7dd8eaa5f7fd9cf259565247f0e58375156005c30e25691d7f8fbd489af83a18f71a38b1996be1ca10bdcbe8d850603d9b81ba828c907753483e9ff23d1d861c36d8045acadaa640a61357fcf9aed13afdf56d13861dd74ce620e592230d3c8699e9adccf2920614ae13c1e3e88a830f36bfcd40ff7c767995044f2ba1661c5f977d9754c58a0d9dd7aad1fbfd94d36dfc61c532c5cb3093ccc0c125ee0e762469f8680500675d4404db12b7062c19c4f0c81c0de489b5eb725f1d7d4cbe7a1f4b51fe8faffb6a709c0a7a4ae7efe75bc66d6c2e705fbee29c0858d9891735c97a28aa15c16fa0444ac2caeeffae42f1fbf0f17adbc9ee40236a844add60741eb64c722811c6f9fd7d614f9620d6f07914b6e7d5eb5dc3d7d6d5f5323575a7c9f864d9d5793d4ca606ab3234930a32e44d8a08d624861a6b94c72f551e7adc8daee91594175bdba18c663ced5991c0846f1c03a96b5d8f858c10dea4886e12ee90186d2130891eb1b354abb1040dd571589b4b7884b31cff7f8b3cdef5a61bc9644883c852106d9be09e5f4d649c669a64fadd3a9b129ab1c956e33dd5ac7224439feb0ccae51aa092c36b4e8d720170d20c22a49e5919d203b312096d625e4316f141f26a9257af159b3c47e025fa40d0150b7dd969d2ec67c727b81653f679f6ebbf8b3ad9c3b0acf232d1b869982879c4a2722cc1e4f0740e9d0feb661e45c5b081ad0546761e6a025529086ca4d38a4b22193e792bbfe6ceb22be5ca954210d0f93f5e38550054b6ae80e64673158815af6cd6adc3b942b4371d33d9662ac80e3ef2eb4acd44ec66cb6d8948d67c3ba8e578f52ac30ab107723e5ce51c4e6d59b20ba7085fd8dbde58cf9a0bd3385e95db6b56a9a68e3160ad36a93e26dc8b915cd4e4767d3dbd3b74052f55e3a74b1edb1068c973a5ca70809c6aeab8ad627955a815315330c51153dcdcb6e77029b0a3712a9231f0c188659e5bb9f89b6a8fd91536a47db7e5d596fa93f0719502e442417ee11bfcb364c6ddadfc8581ce7779d107d6f7aa8739c3254ce9b1e2dbbc1e75566b6d80817e1820e02e8df220e1c9b2d98a15e9db86c5a32bf52b0f1de1be7636cb21e87d777fa1e7828be02578cac204a8e9c7ca6119aa0bdd165bbf7d0f799f0d2ae118bd9037982c1fed3e223b60cc86f21e8c1d9336cb76cb521bc9791abcd99af0bf70a198de0d678cc8bdc0f74fef28407bf09d93054d5e20f5452fad596ae036bec1109e4541d5cb9d287b5498934fad3963a53030dc2264668467716afee211f4dc8082800be3829050b2e26c447b001c076dda2e2b7f17c96612b0f594b6ef5193c5dc3affa5778896e1e40a3953e5557d39799c312b4126a6086dd85393ed3322a48ca0afb9e5dd96ac9461dc7cfc8b02a23b7a1486ea8c9bb204e39298b1017a67a8c1cf1e0582c6b8d95a611c0053eccc9592e1af600e4386680be35c29acfd9033058a4842006fe429188e6a4783a9bf5fd7d1c36c0530f6a42be785419ef2192ffe02470d376f084a4352cdc7e34b9f4891304499b1e0946832b187762d191d7e9cd9cc9112ad768e5132f804f304a9ba0572d0e1c7eac6ff606baf0f0f2e1c836d9a9f7f01fe748dd5ae7b34ed6d51f6e4c8575de14c8552026c4c82516080d919a706fa62958742cc2843ce88c04a19cb66781f2b75d9a81d3f4f2c078e35bacf3a69dc717b61c9c9557d82bdaa636fe80e37f41d63f2388da0b79555f2b3d2b7b30db6d2837aecd455814118a737d3d2845704f4b8a7156dd582477d0b9f0d2622b1f963d243c73646d35dd25547446fa94f47b63637e37b9c61ed88c97b185f9b8d09ffd768cd1c79ab31ff33e82423872f4b2642a1530a248b1dac5a776d5c5d6381e38f01fe8b23921c7b52175619bfe522c945e45ea5a0d35f35fb7c7f772f32657b8b936de258ab52fcf2bc4973c7d8da82d113bd59831b658c62b6913c9162f66a92bcdba85a33796028c8285083f65eec0168039af09f83e27d94fa22f4a595702cbd51d8f48ad8aff4a74c5fd50922b3eba0341c6718f34f3a59181722e330ccfc7d1997357fbb1c95213b082d6b6f119118bb24a98c2c53de48b8b1bdd9c51c88c89acbcd4de108fb32f4beda27743b4a04e5ebc677862da939c7dfc616e765b79b1359d8e5ae4eeae5cd38954a7b6f8693496bfd2624f1a83182440510d7de981a321ccf81b75ab23317598adcb3bff8454110a056ee64a3b088c3ed6d0cd1d2e7033f872106205e95f171e347f02d9583f59113e49386e30ad92537b577e9822f3ecfc1b1374bf2911f61168f30b8f1e3af513e8248409d25c1d3bc09e93a66fa2c4bb3caaf1f4bc28e730ffd78375136e8c32d9bc26b8958c62aa7912dcdf44bbb6668c872df81c6362a679e57860484f003506ab7e1bd7344261c761bc03a7a0167047c1c07e8e46e9af814ab2b93fbdd8536448ee939188ed5a79c6d5d962efe69afde6999a5d52d71090bcb11a1eacb07185f9f5199d44c9bb5c48a09b28cc10e3f84f04677c3052e57d5426d3f5fa852a8f4ed3c8495a4f79261bbf6d1405c9ee97fe3df651819907bf93e4bd0c0a7d2d454e7ba0e84eada5731bf373ae529a6a1f17f959c77931d2ae261b588e844e8c1deae11cf6bbc1433ecabd2715cca3c7471b6f8de376a72647f7bbe11659adb21af39f0b71ae0aaee207f1811cef018fc70717c38b14948f307302bebca0450c6d1670996a92eebe691e0f7395fc20c554a171472df72761fca5a73a242f15c39b7fe6e4c013d655cdd09e319727758beb367aaadf6e70bfef6f8fce3e7c3848279f88ebe8a10f00dfe8f4dd87f9437b8bfa4b7b1517902cc06887ec5a9b9eef923c0e72e9ff82226ae8bf7cef3b3cf91e0ff8408e62421a4d88875b9f6a9382722d42aaf8fea280198a23eda48f6ddc26411825dbfadd25301735d1f9c74f61b15d3b2181dc9d77a4115c7047b9c6520b55dd2fcf343c4f1cb7cf93c10c0e01e282f28cf54575924024819409c322dce701d88f78c94416ebf4c2275bac8c75299636f3a507b7f933c5e13d853725a5ce8f9ec33de647b87a1d0775d62dfa07fead5253cc18526b5ffd90312ff098b81dd01c59f882b0223e6cf768b2ee0d5e0e8d10a2f5c04aa3b97a3dc92e102b30d60f3f0ff5b6253e49d960bc6b8d3a5daf6f3f4c06fcaa315e8315fe71023875f318934414cfd10fd7625e084b132b1c37b1b3e10777c10a3f9c47cca710012a77bf342bd64ba5fb08e24908cbf07143a49c2acf74d0c4097b0a8c2efcb6dbda4433acd0f1e2ad24cbcb4462aa7ce3d12514d4aaaec95457ec06f197c0df614d484af7987458ed2e33552b7a1cf72a4c4b016e7a7399ef9998bd52f860d2ef0751e7e96ebc472af3e666f7778f8eedb12bbac921eac8436b31ab61d72c259a2473678d88743f0f768c1782ee4702646bf349308712ea8cbad36d90b5c770971a1ff70719cdfdeb01927a561fb67d7cb6a2feec1215bac6eeedfb930d3556b5547a7e1af3199de6929a745c5323dbc34624761bb1beff6508463a5b7cac6d1d0265c733cb609b8cdaa56042d29fb70fa58c64b1fed6028d3a2ee7d6f3046cd980bea9f9e1d82fd9beafe7d66cfcbdd49caa5ea4f43faca173cba614e02f407b5c791e460a3ee590b3780ad8cbab34ff0379cc1f947201e28d0cbfa9cc5beef86ecc7090eac13ff614bf73f24b335fcff38a57bce197f67a5816f3d11bb558f0485b4441fcddb6b33c211f19f263f35462349492e26d5fc8437e09539c06fd6b14f243e0a51cc7ed7482677c5a9e7c864b81ae890e6412b6b387e887c9a70e5470c0d17800bb4e39a971a30151c2d5717a9c1183fc5e43902b25130f5fe2d85a64b77a8e64dc59d0b1e3b022efb9c1cbdfebb071c0fbd09619577bb1e18b488091d5c239589805b8df254db031aaa7751bb0b71bffe4b307ebd8359271c2376f2c75a8bea9808725cca6254f89e211cae70dce4cefa123d29238ecb0057d28eeaaabea6e99ab64ebea4c2c62806e6a9e2bccb96a4d07e816ee378e094acee3a9f31b0d1033634310baef6bc7f5e0870a2f1f7f519861834935b1073f9a5c348a46b3be82932d3cf1823a60fb9d0b269b94e58614b5cca1bf2f47ad4e15a93fce9995e06583c41b84930fc26cfe19e9ce9028c7ed8f6f701ed97a74ff3d3affcacf957946fd675240ea08b362a4c1d15aa0722f4cec99aae7d167c49c6123b1ddc36285804044883676921d8b9feed089851e819b782c1fc4025c44874f1454e53e477838e6ff0a472331da69f8e4efb474db064a4b4325c08b4db60377a142c19512b7d1e9fdcfb599662e5448ef3fed112a62bad364467613c73a3385df9766446627c2658c87b56c069440d4e0406e1220c79c2c99116c3224a7a90fee8b6c04f3ff85cbe993c3bb4f7961a801dd893557cd0be736f17e3fa2c65ecc61b907c9d919612ac73a41f91d88733b5830d135a457b3c13fceb0bd294f412bde878315b32c91529b5d55383a1f79f949a8424865b474d784a7a89153b88fc7ec11589b01b9b1aece6585de4d6dbf329c09f35426525addf3e1aa57dddace18fdb219b5e4b32c29a24de709f180b6ff5578141158f467ee9f0cccb580e5b9929c59e47cc8ff27b8401a934769d99f26cc9a9f66ecd0879df8b5becf0cb9a41006396075455306059a7dce312f4e08c54d13bd5da696b32f2c8efbdaad768e372049a3a58bb8c6972d34f859c4ea29ec46aa7752f5d7e8bd3523a10de8b876cb1d61d143d55a1f343252f0927fd5d853b663a71dbb0fff6a7f"}]}]}, @NL80211_PMSR_ATTR_PEERS={0x1b0, 0x5, 0x0, 0x1, [{0x138, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x80, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xfffff7f7}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xffffffff}, @NL80211_PMSR_RESP_ATTR_DATA={0x64, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x5c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x1c, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_EHT_RU_ALLOC={0x5, 0xb, 0xb}, @HWSIM_RATE_INFO_ATTR_FLAGS={0x5}, @HWSIM_RATE_INFO_ATTR_EHT_GI={0x5, 0xa, 0x1}]}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_SPREAD={0xc, 0xf, 0xc}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc, 0xe, 0xffffffffffffffff}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x100}, @NL80211_PMSR_FTM_RESP_ATTR_CIVICLOC={0x6, 0x14, '+\x00'}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_INDEX={0x6, 0x2, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x4}]}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xb3, 0x1, "adcb04a58b3c2f134a15760485188573b1cab1d6ed2698c24fdf710d4b3aa02e3d7206d8e192d58f52ccb69d864b538b8c63b8931a461b0050253fe028240d8b51489a8d52d59f5088bc258b350f375c597e492406740eed2730170fcc3f336f8984bdd9509765de2517c0b82b11ee8c84f1bfcf02152e5664f172dd6025ddb37ce75221e11f3db64fbf6953ac9b5f7bf14ccddc2e65070aa3eecd7a88c038f6ae9bc539ca6b583f997fcbb21becf7"}]}, {0x74, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x48, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x9}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x4}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x628}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x1}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x8}]}, @NL80211_PMSR_PEER_ATTR_RESP={0x28, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x2}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x7}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x1}]}]}]}]}]}, 0x1240}, 0x1, 0x0, 0x0, 0x20000041}, 0x800)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
syz_open_procfs$namespace(0x0, &(0x7f0000000080))
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000)
getcwd$auto(0x0, 0xffffffffffffffff)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.7/usb8/bConfigurationValue\x00', 0x10b042, 0x0)
sendfile$auto(r3, r3, 0x0, 0x2)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/dummy_hcd.7/usb8/power/level\x00', 0x100, 0x0)
read$auto(0x3, 0x0, 0x80)
madvise$auto(0x0, 0xffffffffffff0009, 0x13)

18m15.407118943s ago: executing program 3 (id=1600):
mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1e, 0x5, 0x3, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x2, 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
get_mempolicy$auto(0x0, &(0x7f0000000100), 0xfffffffffffffffe, 0x99d6, 0x3)
r0 = socket(0x2, 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
socket(0x2, 0x1, 0x106)
open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc)
lstat$auto(&(0x7f0000000180)='./file0\x00', 0x0)
listen$auto(0x3, 0x81)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r1, 0x4, 0x7ff)
ptrace$auto(0x2, r1, 0x3, 0x4f)
wait4$auto(r1, &(0x7f0000000080)=0x2, 0x5, &(0x7f00000001c0)={{0x2}, {0xd3, 0x6}, 0x3, 0x237, 0x5, 0x6, 0x8000000000000000, 0x0, 0xffffffffffffff68, 0x5, 0x0, 0x0, 0x0, 0x2, 0x9, 0x5})
accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)

18m14.302419934s ago: executing program 3 (id=1606):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000)
mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000)
r0 = socketpair$auto(0x1e, 0x5, 0x3, 0x0)
ioctl$auto_EVIOCGID(r0, 0x80084502, &(0x7f0000000080)={0x7, 0x5, 0xf90})
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x2, 0x2, 0x0)
r1 = socket(0x2, 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
socket(0x2, 0x800, 0x106)
open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc)
lstat$auto(&(0x7f0000000180)='./file0\x00', 0x0)
listen$auto(0x3, 0x81)
accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff)
tkill$auto(0x1, 0x7)
keyctl$auto_KEYCTL_SESSION_TO_PARENT(0x12, 0x0, 0x0, 0x0, 0x48eafc79)
mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000)
r2 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x2800, 0x0)
write$auto_proc_mem_operations_base(r2, &(0x7f0000001680)="a7", 0x80000)
madvise$auto(0x0, 0x20200, 0x15)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
r3 = socket(0xa, 0x2, 0x72)
sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r3, &(0x7f0000000540)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000040)=ANY=[@ANYBLOB="9c040000", @ANYRES16=0x0, @ANYBLOB="100028bd7000fedbdf2504000000cb010500f663bdd1d35fb7db370fa320322a3129f4c2613d92d20f67a17b9021e52cfc86564d18c8d68ce1f557057f2f438c7a932dae7755449a360c9a76d1e3d84d778788f4b984cd69b4ca606670c29d094f6c9266b8ad982807e1dd97b5b2afcccf0b3f6a60cc7e869b02475fb0e1d039c13f5659eda50a4e9dd975e859cf41f9aa253db73c729c39298906913457ad60f4ea632f7c4af02b58a5db5f502848fa9a91d1e2fdbe050276c0204af59b65b216edeb5940e8bd171f73e3fddd8ebcf678aa762dce47b199073c116382833e9f894ba099a8c75473513cc152cb2b43eaec66ba97c21436f62915d1b5f43f90662c8f5f98ce053b5f94da76add5d47ae214e53e59e33d0e44518e79a037e604181c05a543a59dd70a1d562511114026197b85ab3e91b80e1d41810d649ca88674984bfa921ab7ae9b67b3878068f7bc497df192292c841f1fe83bc159538aa1e9c9514bb81e73041fbc0b743fe52c8be50682c762c8e6d2b33c1d448d654959e1614c80553891422f2a758081509738fd90aba39438e7572b56b47270845f4fe25c1e928603dba8fd9a21507423a155593027aefaa6a83152de354c7ef3037c1f85e950c96afaf4bc09d2b4f488bf3bea9ff430c460a4e8dffa00080004000100000008000400060000000800040003000000a2020500a413617f3eceb3c6243c1e9339e74375c81ed032b76c7cb3d1fddbc8f243b19ad741cd39a10dd5198e101b203908a5d59808a997cca5bc666ca8be10cb3305253e751c952c6fee04d60731e86c70b781b46f5ba8c0e8d8a5411f7430025ff2ce8295cb0a92c0a668f8be17ab0db5b0da87b643039e8e81c81cc0b40889f1d2bbfbf31a175f1757bd0ffb4428a05bb9e21bde99d4af4b765567b799991d0e0e2325827bffb09423b391bd591be97d818d37f12a44545dacc76ae4124b0bd0445cc7fa88c137c0aba5c6c3c2e74701e973048d66a83ed03934bccc0131a2cf4c2bc554b195e9818fbf503265d558f9fc2af64e1d696bf285b96f2ba1f4048da7d0b0f577ee0740e476361ba44be58bcde0705ea0ab3fcbdbf77f72b1a786c94d58f51e1c523feab936e969c6cd1c1e92a1bd561bb0b05ad00eba3faac75e034dc3053de968eba2af12a96c2c1b0a4545b10c4167d820a75762ffc7e8c06f5ada6b919ff3fca367e097852550e8514f0434a0b842353dbf86a8f943a1de0da3bb4d3717fae81cf9016901577af3a3a79ecdc10359a660fcf01220042c578630d343ba3ad6e1ae78fb632842367c35c00fa0624ab350ccaa76d7ad02e3f66ddda0a423e7869f089c69c9f94b7ecef5477618b59c31bf0ff000673b3a6deec2a6b2278d25564d7bf20d57784a324b8a833098901a8c32d819ac053fd182fd0e5689a7ce8a8704c19649392be0b00144e6eac56237f8529704db06c7aa3e45a13fbbf48e6b0448dc92aa1143fe65b423a64f37a8bf891746fbf38cebdef1850907be87d281b7bf9890541356df023fc408768bfe82a7f023d7d239829da456f3005274d56c91075b724b6bc47f06b774367f168a25d8db401830ff68b7dcbd640520011069aa85e7d896c87533e4aeb32732cb6957510390f2910a13982320af091346"], 0x49c}, 0x1, 0x0, 0x0, 0x20008810}, 0x8040)

18m11.613396765s ago: executing program 3 (id=1612):
r0 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/dri/vkms/name\x00', 0x971b02, 0x0)
mmap$auto(0xfffffffff8, 0xa, 0x8, 0x7427c1bb, r0, 0xfff)
socket(0xa, 0x801, 0x84)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
mmap$auto(0x4, 0x5, 0x1, 0xb7, 0x401, 0x300000000000)
unshare$auto(0x40000080)
r2 = socket(0xa, 0x3, 0x3a)
ioctl$auto(0xffffffffffffffff, 0x80885659, 0xffffffffffffffff)
r3 = socket(0x2, 0x801, 0x100)
bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_ifindex, r3, 0x9c, 0x0, 0x1, @relative_fd, 0x5}, 0x96)
mmap$auto(0x1, 0x2020009, 0x3, 0x18, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x23, 0xc, 0x2008, 0x9, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/module/lockd/parameters/nlm_grace_period\x00', 0x75dc42, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000140)=""/156, 0x9c)
setsockopt$auto(0x400000000000003, 0x29, 0xd1, 0x0, 0x4)
ioctl$auto(r1, 0x5608, 0x7)
mq_timedreceive$auto(0xffffffffffffffff, 0x0, 0x4dc9, 0x0, 0x0)
mq_timedreceive$auto(r2, 0x0, 0x1, 0x0, 0x0)
read$auto_proc_single_file_operations_base(0xffffffffffffffff, &(0x7f00000000c0)=""/14, 0xe)

18m11.237255137s ago: executing program 32 (id=1612):
r0 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/dri/vkms/name\x00', 0x971b02, 0x0)
mmap$auto(0xfffffffff8, 0xa, 0x8, 0x7427c1bb, r0, 0xfff)
socket(0xa, 0x801, 0x84)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
mmap$auto(0x4, 0x5, 0x1, 0xb7, 0x401, 0x300000000000)
unshare$auto(0x40000080)
r2 = socket(0xa, 0x3, 0x3a)
ioctl$auto(0xffffffffffffffff, 0x80885659, 0xffffffffffffffff)
r3 = socket(0x2, 0x801, 0x100)
bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_ifindex, r3, 0x9c, 0x0, 0x1, @relative_fd, 0x5}, 0x96)
mmap$auto(0x1, 0x2020009, 0x3, 0x18, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x23, 0xc, 0x2008, 0x9, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/module/lockd/parameters/nlm_grace_period\x00', 0x75dc42, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000140)=""/156, 0x9c)
setsockopt$auto(0x400000000000003, 0x29, 0xd1, 0x0, 0x4)
ioctl$auto(r1, 0x5608, 0x7)
mq_timedreceive$auto(0xffffffffffffffff, 0x0, 0x4dc9, 0x0, 0x0)
mq_timedreceive$auto(r2, 0x0, 0x1, 0x0, 0x0)
read$auto_proc_single_file_operations_base(0xffffffffffffffff, &(0x7f00000000c0)=""/14, 0xe)

16m45.5618478s ago: executing program 2 (id=1900):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
getpid()
ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000002e40), 0xffffffffffffffff)
sendmsg$auto_SEG6_CMD_SET_TUNSRC(r2, &(0x7f0000002f00)={0x0, 0x0, &(0x7f0000002ec0)={&(0x7f0000002e80)={0x14, r3, 0x1, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4048c40}, 0x4)
readv$auto(r1, &(0x7f0000000680)={0x0, 0x40200}, 0x3)
ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0)
ppoll$auto(&(0x7f0000000000)={r0, 0x40}, 0x2, 0x0, 0x0, 0x8)
close_range$auto(0x2, 0xfffffffffffff000, 0x2)
flock$auto(0xffffffffffffffff, 0x1)
r4 = open(&(0x7f00000000c0)='./file0\x00', 0x4081, 0x40)
flock$auto(r4, 0x2)
r5 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0)
write$auto_mousedev_fops_mousedev(r5, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto(0x3, 0x0, 0xfdef)
read$auto(0x3, 0x0, 0xf3c)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4004)
ioctl$auto_SNDCTL_DSP_SYNC(r0, 0x5001, 0xfffffffffffffffc)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
pread64$auto(0xffffffffffffffff, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400)
inotify_rm_watch$auto(r1, 0x8001)

16m44.912675742s ago: executing program 2 (id=1903):
mmap$auto(0xfffffffffffffffb, 0x2, 0x100000021, 0x400009b75, 0xea8a, 0x8000)
r0 = socket(0x2, 0x3, 0x2)
setsockopt$auto(0x3, 0x0, 0xc8, 0xfffffffffffffffc, 0x4)
mmap$auto(0xd737, 0x2000000002020009, 0xf1, 0xcde, 0xfffffffffffffffa, 0x80000000001)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x1eba02, 0x61)
mmap$auto(0x0, 0x11, 0xdf, 0x9b72, r1, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x81, 0x0, 0x0, &(0x7f00000002c0)={[0x3dcbd9be, 0x80000001, 0xb7, 0x1, 0x948b, 0x3, 0x15f4de0a, 0x5, 0x8000, 0x64, 0x80000001, 0xfffffffffffffffe, 0x6d3f, 0x9, 0x2, 0x8]}, 0x0)
write$auto(r2, 0x0, 0x100000a3d9)
process_vm_readv$auto(0x0, 0x0, 0x6, &(0x7f0000000100)={0x0, 0x40000002001243}, 0x3, 0xfffffffffffffffc)
io_uring_setup$auto(0x58, 0x0)
r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/usbmon8\x00', 0x640, 0x0)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0xa, 0x1, 0x84)
read$auto_mon_fops_binary_mon_bin(r3, 0x0, 0x2f)
close_range$auto(0x2, 0xa, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/irq/12/hwirq\x00', 0x2000, 0x0)
read$auto(r4, 0x0, 0x20)
syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_MAC802154_HWSIM_CMD_SET_EDGE(r0, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x40010)
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r5, 0x0, 0x3)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty26\x00', 0x1a3c01, 0x300)

16m44.59060787s ago: executing program 2 (id=1904):
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="f2000000", @ANYBLOB='.\x00', @ANYRES8=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x24040840}, 0x94)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000040), r0)

16m44.037454432s ago: executing program 2 (id=1905):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
unshare$auto(0x8000000)
r2 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000a40)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010027bd7000fbdbdf250400000904000500cf000500a4f28ef23867d581adf7ad822670ceef0858bb5962cb0b61ccfbb923e557db7d9b741c3a0d498439bc66976382538c01f0e5016124ed0d41e27ea8fe4a63a1d7a0ae2d523ec56bf82c13328274a20d95807c209e200cfdabca5df211f22c0f3d91b987027fc021612f9cfaa1c60ae292618ead545a005c8d80c6fdb09c3a76b5f3af28e9638a646ed8956a121af90ecb40fe94c3285e38a702b3a7820336040fde8dffc8e62293000f36897f06abf7e81a51592967cabfa085f70b35d486c2328c179005115affd820ea9400"], 0xe8}, 0x1, 0x3000700, 0x0, 0x1}, 0x8054)
sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r0, &(0x7f0000000900)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000040)={&(0x7f0000000180)={0x770, r2, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@IOAM6_ATTR_SC_ID={0x8}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x8}, @IOAM6_ATTR_SC_DATA={0xd2, 0x5, "0928378929f82cd94d6305225d79de91e7565a148e511c71cf83cf4370251b1ee4055d0eb81230c78d33fb2f8b6ec04cda4d56d8f3fe3c7526b90f0b0eefa2e456592953c7a4c6e5a0de089c9206947051343fb86e33606edd0ce8a7e82f66c4a65b205a553fc92822430374a54ebcda2ffdef119fde33a1fd8574c4073d3888ec706abb449616ead0931e2819d6fd12fd1cb69bf88e3b8faaa20e8e025e2bfd7f226f131913375b6b8c7d768bfd48eec52dfdd3ba5650e2e25ef4eee19c62d5a40a8afb7af51e9d419d245072fc"}, @IOAM6_ATTR_SC_DATA={0x26, 0x5, "858236b48aff23aecefb8e10534c3dc734861c7a9f199c262d58d9eda193700706fe"}, @IOAM6_ATTR_SC_DATA={0x361, 0x5, "8479b473fceeb4e7ac59025163c54c91ff7eb978ec1b70cad3eaad989b8e9e29479afef0673736eb4e9fca593b41dc5db2a290851fb7a0be7a6d392376a6fc8113abf06bff971dbe8cc76e3251a0841827f9378d866288fa08d2387d43b4554976235e2fafdab6e8cf98c64c1ebb6e01ca58f193727215ad82ceab5c1bd1266860d2a4e92d6084359a21f17caab6bddc074e57759c938a21dee1a7b0d70abff32778d5296eccf02cdb208cfb67684af28da02d3b8691ae91dbecc347103b397a1f7aec20d799c1f6b4b8c7ce7e50b73985ac77d4bb082959bb01d927b2cac524957f4a408931b10df09266c4b6c6330bd7bc3fd22d431a235ad59691c1645d9ac7416fca43f315df4fd90fba0bcab9d4d10d4ac0a4b568040050c52122a3706cd18ce93022b67f153de75b74ef3928b312eb1bb98b0caf68516f5817ca04e063f8f4f13f5b084f51205ec94cf80dadcfd33bfb2bc85a50ed73919f5e2a57f2a66431216f17af5bb5d455363da0a02e33db5d7ab9433d2cd3599f1b95908fe18a1faf5e4fa12b8446750f02a68ba73fe7b53b1ffac1215ec1abc0da0187b8a560c15ea780c8633751077fbfb04c6a11546379ad14e1dcff519ab82d74a35098b0b633fc4e95dcd078b9fd2fc6bcb589f5544f77dc327677f497b23e3c92868eefc2711ce290009e40448c95f850cca0c337939c01dc82bfed9d9b357553b8255f0957deaee54756527fc66114084c62a5898d6f6d9efd4a65c2313704a9ed671ca97618d5bc1eab87a142eee972949ff84076b81dc5283b014cf1715a979d072342233f67f652413584cc0f71b3f032383ce59585b0620f4ee895945e447c5d324888aef71a7d42fc4776e3022477e8f1241da90e8a877a2e9f82eed1cc3eca76ced94de2f07a287a7324f956d66dec932db0347d0741e9ffb4ae33794c87285392a5a61f92dfe0ea8819f32ba10cd0cc5af9ec2ee3515d40233ffd0364a2b48778c2a85def98c5cfe960054b3012516209a7c76fc1ab8a5347655a4b98e21eeac8f838a53cb6ab1215892ee8f25063953e1ae7b8751b217d21eb3c6c0210bfc73c0cbc0acdcdae9a0d29979ddd9daab2003792653f94d8323f420d724f41c6821f75ae46065ff4ff1e8affb6556027ecc9214ad4dde67866887a6aa0b338b935788bb7414e77362c94b2b52721cba8dfdf81f66caa11759b0b1b5dd0d5"}, @IOAM6_ATTR_SC_ID={0x8}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x1}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x5}, @IOAM6_ATTR_SC_DATA={0x2d1, 0x5, "a695e4b97e0e4eccc4099db715faf6de0af4f1dd61e992d9efa0e27aeacb3bc35bb7d0e5871ff08f8657930a5e7dfb2b87fa57fc8e8dd06e7ae2cd547c28771e8393b235fd7c6803dd3e073296597d9da492d58fe5f37bec9a1b6b1e6e05f596da119d711167f7699a46f2ff63490be6f3d7c9d325e8f3fac69b7856d2f08bb5a198b024f4e69ab01bad6c29fde19b88d714642340ea219ee7cd1e48533a9d3aed754e60e6fd852842100c92306f09c928d9371ad19752e0bd7d548cb15cc6923ce350e95ee503dad57c26bcf31d73ba6c54fbf0c8148c94c30e64d3c7ca2808e0462bb237be30dbb40164f4616c2f651d38b51486ea194ed6c32c048f5ffcf88e901bfaa559670572570a22863bf50a9a458d2430362c13f5000be9a887558d7b12183300a051892b31d56746f93ceeb38ef00dca1da4a1f195a57c9ff3dc3fa7e42c9f853d85eaebbddf14ca5f2b9c956b85d752a78af28b576ca6b4842b49db6e08a46933d56c66c396de43675bcc03c7a4cb2246e5feab8445a6ae96c2586e1b2b5c78cb0885d9a786016fc61c2cc172650b1de0147e0179ed8f68fae5ff2a8b9cdde5e9471037ac9c08a85986ce4d3fd85808ad6c46d3cc6353f78abaa1ac46c3ff130a3c8f9768906a16df45b8e29f798e03459e78f5f6f948a82f8a75ca2c1b38fd851f5a6171a971fc5e6705a58af82ce9ca246f708d33a3376fde7ea7e4bad58935301fadcac24a8e8f155259b57ce41bf02d44ebeabe929df0dba942537a06afe7787b8a2b2ca09b5daf775924f2f8b5f60dfc9ba1cce082a3ca12fe3f886bb97bf51d6733f3cd74ef93053ef8136d32ce90316d6d002c206265d131792404e5a1744ffc280e82a1aa63363ecd4b698dfc0cc50c493d80a97e2bb784d4ac2cea12d66b553e8ea424a9c14953c518baea493a8268a6fb0229e7e49fc073a7638785e3f2bc08ac84e9e5978992001a81d061d5e22ca3cb0b0d9eef61dfeab0eabf0016078dc5cbc69d"}]}, 0x770}, 0x1, 0x0, 0x0, 0x44}, 0x4000)
mq_open$auto(0x0, 0xdd1, 0x8, 0x0)
mq_notify$auto(0x4, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
adjtimex$auto(&(0x7f00000005c0)={0xf332b6e, 0x0, 0xcea4, 0xfffffffffffffffd, 0xd4, 0x4, 0x0, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1007bfe, 0x0, 0x9, 0x83, 0xdfffffffffff628c, 0x2, 0xdeb1, 0x808})
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto(r4, 0x401870cb, r4)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x381800, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7ffff000)
socket(0x3, 0x5, 0x5)
sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40010}, 0x800)
ioctl$auto_MTDFILEMODE(0xffffffffffffffff, 0x4d13, 0x0)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
r5 = eventfd$auto(0x80)
readv$auto(r5, 0x0, 0x4)
read$auto(r5, 0x0, 0xcc9c)
listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1)
write$auto(0xffffffffffffffff, 0x0, 0x2b6)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r6, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000340)={&(0x7f0000000940)=ANY=[@ANYBLOB="e9540000032fd2e1ab5069ff71f585bbe4b562d1f02850a9285dabfd9d45b37fbd2e9e9e9f45ad313ef1def72601432e624d73bd1f7d60ff671431f6f4179f083aa1a574f31812e7206f88349734f4362e7ad4dac44eac977ce9274824952626083ab6fe2e508af1f6edf7c699607536b3c3c241d7cf4885da072bc55ae07ed3f8710d52ad065b733bf8d6dd7ddb35f8c3eeca182fad0f9dc7ddda4636d2506251752dfb8aeee71c88d1997035494a8f34e16fe778df411c84d85094b5abc9809158df15c308e62565236ca76d296038e6598099c7c4b88523f8449d47e2380d593d12309ec3f97a", @ANYRES16=0x0, @ANYBLOB="040028bd7000fcdbdf2511000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x80)

16m43.380979871s ago: executing program 2 (id=1908):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
getpid()
ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000002e40), 0xffffffffffffffff)
sendmsg$auto_SEG6_CMD_SET_TUNSRC(r2, &(0x7f0000002f00)={0x0, 0x0, &(0x7f0000002ec0)={&(0x7f0000002e80)={0x14, r3, 0x1, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4048c40}, 0x4)
readv$auto(r1, &(0x7f0000000680)={0x0, 0x40200}, 0x3)
ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0)
ppoll$auto(&(0x7f0000000000)={r0, 0x40}, 0x2, 0x0, 0x0, 0x8)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0x0, 0x0)
inotify_rm_watch$auto(r1, 0x8001)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3da)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000002c00), 0xffffffffffffffff)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, 0x0, 0x183440, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_UPD_RXSA(r4, &(0x7f0000006200)={0x0, 0xfffffffffffffe47, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="230027bd7000fcdbdf2508ffe9000c000380050001800300000004000280080001"], 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x44044)

16m42.383711703s ago: executing program 2 (id=1912):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x20009, 0x1ff, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x509482, 0x0)
ioctl$auto(r1, 0x560a, 0x7)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000e3, 0x10000040eb2, 0x402, 0x300000000000)
socketpair$auto(0x1e, 0x5, 0xfffffffc, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x123240, 0x114)
socket(0xa, 0x3, 0x3b)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
openat2$auto(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x80, 0x1000, 0x2}, 0x2)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x2, 0x73)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0)
write$auto(0x3, 0x0, 0x100082)
write$auto(0x3, 0x0, 0x100082)
ioctl$auto_SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x3, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0xd1, 0x0, 0x4)
ioctl$auto_BLKRRPART(r0, 0x125f, 0x0)

16m27.237863666s ago: executing program 33 (id=1912):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x20009, 0x1ff, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x509482, 0x0)
ioctl$auto(r1, 0x560a, 0x7)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000e3, 0x10000040eb2, 0x402, 0x300000000000)
socketpair$auto(0x1e, 0x5, 0xfffffffc, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x123240, 0x114)
socket(0xa, 0x3, 0x3b)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
openat2$auto(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x80, 0x1000, 0x2}, 0x2)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x2, 0x73)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0)
write$auto(0x3, 0x0, 0x100082)
write$auto(0x3, 0x0, 0x100082)
ioctl$auto_SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x3, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0xd1, 0x0, 0x4)
ioctl$auto_BLKRRPART(r0, 0x125f, 0x0)

7.546871567s ago: executing program 1 (id=5006):
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r0 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0xfffffffd, 0x5, 0x9, 0x0)
unshare$auto(0x40000080)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd)

7.505213457s ago: executing program 4 (id=5007):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
connect$auto(0x3, 0x0, 0x58)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
uname$auto(0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x7, 0x0, 0x40005, 0xffffffff, 0x2000000000210006, 0x0, 0x7, 0x5, 0x2, 0x7, 0xaf, 0x9, 0x8, 0x3, 0x105, 0x7, 0x0, 0x0, 0x5, 0x0, 0xd21, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, [0x0, 0x0, 0x0, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0xd)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc7}, 0x1, 0x0, 0x0, 0x40000009}, 0x7}, 0x3, 0x1f)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = socket(0xa, 0x3, 0xff)
connect$auto(r0, &(0x7f00000018c0)=@generic={0xa}, 0x55)
mmap$auto(0x200, 0x400008, 0x200, 0x9b72, 0xffffffffffffffff, 0x6)
openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0)
mmap$auto(0x0, 0x20009, 0x4001000000df, 0xeb1, 0x401, 0x8000)
tee$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800)
syz_clone3(0x0, 0x0)
madvise$auto(0x1ffff000, 0x7, 0x100000000)

6.382181116s ago: executing program 1 (id=5008):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
getpid()
ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000002e40), 0xffffffffffffffff)
sendmsg$auto_SEG6_CMD_SET_TUNSRC(r2, &(0x7f0000002f00)={0x0, 0x0, &(0x7f0000002ec0)={&(0x7f0000002e80)={0x14, r3, 0x1, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4048c40}, 0x4)
readv$auto(r1, &(0x7f0000000680)={0x0, 0x40200}, 0x3)
ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0)
ppoll$auto(&(0x7f0000000000)={r0, 0x40}, 0x2, 0x0, 0x0, 0x8)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0x0, 0x0)
inotify_rm_watch$auto(r1, 0x8001)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3da)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000002c00), 0xffffffffffffffff)
unshare$auto(0x40000080)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_UPD_RXSA(r4, &(0x7f0000006200)={0x0, 0xfffffffffffffe47, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c0000ff", @ANYRES16=r5, @ANYBLOB="230027bd7000fcdbdf2508ffe9000c000380050001800300000004000280080001"], 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x44044)

6.363792989s ago: executing program 4 (id=5009):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffdb5, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(0xffffffffffffffff, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000300), 0xffffffffffffffff)
read$auto(0xffffffffffffffff, &(0x7f0000000100)='nl80211\x00', 0xbe62)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYRES32=r0, @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060007000100000008000200", @ANYRES32=<r1=>0x0, @ANYBLOB="0c001a"], 0x68}, 0x1, 0x0, 0x0, 0x4044080}, 0x40090)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYRES16=r1], 0x1ac}}, 0x4004)
r2 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/config/nvmet/discovery_nqn\x00', 0x1, 0x0)
write$auto_configfs_file_operations_configfs_internal(r4, &(0x7f0000000140)="8e", 0x1)
sendmsg$auto_OVS_FLOW_CMD_GET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x2c, r2, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x14, 0x1, 0x0, 0x1, [@nested={0x10, 0x4, 0x0, 0x1, [@typed={0xfffffffffffffe10, 0x88, 0x0, 0x0, @u64=0xffffffffffffffff}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x4000800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

6.293685685s ago: executing program 4 (id=5010):
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/audit\x00', 0x200, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x20081, 0x0)
prctl$auto(0x401, 0x10000000001, 0x0, 0x5, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socket(0x15, 0x5, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0xf, 0x3, 0x2)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x6, 0x63, 0x0, 0x0, 0x0, 0x8, 0x200, 0x2, 0x40000402, 0x9, 0x9, 0x2, 0xd, 0x6, 0x200000100103})
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYRES32=r1, @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
r2 = socket(0x10, 0x2, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004)
openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, 0x0, 0x2202, 0x0)
writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000340), 0x7111}, 0x8)
recvmmsg$auto(0x3, 0x0, 0x4, 0x2, 0x0)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0)
ioctl$auto_BLKRRPART(r3, 0x125f, 0x0)
open(0x0, 0x161342, 0x100)
msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004)
open(0x0, 0xeee00, 0x31)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0)

6.132261339s ago: executing program 0 (id=5011):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
ppoll$auto(&(0x7f0000000200)={<r2=>0xffffffffffffffff, 0x6, 0x6}, 0x8, 0x0, 0x0, 0x8)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video43\x00', 0x129900, 0x0)
close_range$auto(0x2, 0x8, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
read$auto_force_wakeup_fops_hci_vhci(0xffffffffffffffff, 0x0, 0x0)
getcwd$auto(0x0, 0x3)
socket(0x2, 0x801, 0x100)
pipe$auto(&(0x7f0000000040)=<r3=>r0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000000c0)=""/4096, 0x1000)
close_range$auto(0x2, 0x8000, 0x0)
readahead$auto(0xffffffffffffffff, 0x2, 0x0)
socket(0x2c, 0x1, 0x3)
fcntl$auto_F_GETPIPE_SZ(r2, 0x408, 0x5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000080)=""/19, 0x13)
bind$auto(0x3, 0x0, 0x6a)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0xfd60, 0x6, 0x810, r1, 0x28000)
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0xe)

5.568725512s ago: executing program 1 (id=5012):
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0)
pread64$auto(r0, 0x0, 0x7ff, 0x400)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000)
fcntl$auto(0x8000000000000001, 0x5, 0x8)
clock_nanosleep$auto(0x2, 0x1000, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0xc)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0x12, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0d, 0xe, 0x3, 0x4, 0x80000033, 0xfff, 0x6d3e, 0x9, 0x8, 0x6]}, 0x0)
mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x24000001)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4004)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
recvmmsg$auto(r1, 0x0, 0xa, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2, 0x1, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/input/event0\x00', 0x40000, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x200009, 0x2, 0x40eb1, 0x602, 0x300000000000)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
madvise$auto(0x0, 0x20499d, 0x9)
setsockopt$auto(0xffffffffffffffff, 0x7, 0x3, &(0x7f0000000040)='/dev/ram7\x00', 0x8)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r2, 0x8000)

5.385838722s ago: executing program 4 (id=5013):
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x8440, 0x0)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0x6)
socket(0x1e, 0x1, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(0xffffffffffffffff, &(0x7f0000006940)={0x0, 0x0, &(0x7f0000006900)={&(0x7f0000000280)={0x1c0, r2, 0x1, 0x70bd29, 0x25dfdbff, {}, [@HWSIM_ATTR_PMSR_RESULT={0x1ac, 0x1c, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x1a8, 0x5, 0x0, 0x1, [{0x138, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x80, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xfffff7f7}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xffffffff}, @NL80211_PMSR_RESP_ATTR_DATA={0x64, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x5c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x1c, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_EHT_RU_ALLOC={0x5, 0xb, 0xb}, @HWSIM_RATE_INFO_ATTR_FLAGS={0x5}, @HWSIM_RATE_INFO_ATTR_EHT_GI={0x5, 0xa, 0x1}]}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_SPREAD={0xc, 0xf, 0xc}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc, 0xe, 0xffffffffffffffff}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x100}, @NL80211_PMSR_FTM_RESP_ATTR_CIVICLOC={0x6, 0x14, '+\x00'}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_INDEX={0x6, 0x2, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x4}]}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xb3, 0x1, "adcb04a58b3c2f134a15760485188573b1cab1d6ed2698c24fdf710d4b3aa02e3d7206d8e192d58f52ccb69d864b538b8c63b8931a461b0050253fe028240d8b51489a8d52d59f5088bc258b350f375c597e492406740eed2730170fcc3f336f8984bdd9509765de2517c0b82b11ee8c84f1bfcf02152e5664f172dd6025ddb37ce75221e11f3db64fbf6953ac9b5f7bf14ccddc2e65070aa3eecd7a88c038f6ae9bc539ca6b583f997fcbb21becf7"}]}, {0x6c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x40, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x9}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x628}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x1}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x8}]}, @NL80211_PMSR_PEER_ATTR_RESP={0x28, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x2}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x7}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x1}]}]}]}]}]}, 0x1c0}, 0x1, 0x0, 0x0, 0x20000041}, 0x800)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
syz_open_procfs$namespace(0x0, &(0x7f0000000080))
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000)
getcwd$auto(0x0, 0xffffffffffffffff)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.7/usb8/bConfigurationValue\x00', 0x10b042, 0x0)
sendfile$auto(r3, r3, 0x0, 0x2)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/dummy_hcd.7/usb8/power/level\x00', 0x100, 0x0)
read$auto(0x3, 0x0, 0x80)
madvise$auto(0x0, 0xffffffffffff0009, 0x13)

5.082159184s ago: executing program 0 (id=5014):
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x8440, 0x0)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0x6)
socket(0x1e, 0x1, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(0xffffffffffffffff, &(0x7f0000006940)={0x0, 0x0, &(0x7f0000006900)={&(0x7f0000000280)={0x1c0, r2, 0x1, 0x70bd29, 0x25dfdbff, {}, [@HWSIM_ATTR_PMSR_RESULT={0x1ac, 0x1c, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x1a8, 0x5, 0x0, 0x1, [{0x130, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x80, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xfffff7f7}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xffffffff}, @NL80211_PMSR_RESP_ATTR_DATA={0x64, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x5c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x1c, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_EHT_RU_ALLOC={0x5, 0xb, 0xb}, @HWSIM_RATE_INFO_ATTR_FLAGS={0x5}, @HWSIM_RATE_INFO_ATTR_EHT_GI={0x5, 0xa, 0x1}]}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_SPREAD={0xc, 0xf, 0xc}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc, 0xe, 0xffffffffffffffff}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x100}, @NL80211_PMSR_FTM_RESP_ATTR_CIVICLOC={0x6, 0x14, '+\x00'}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_INDEX={0x6, 0x2, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x4}]}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa9, 0x1, "adcb04a58b3c2f134a15760485188573b1cab1d6ed2698c24fdf710d4b3aa02e3d7206d8e192d58f52ccb69d864b538b8c63b8931a461b0050253fe028240d8b51489a8d52d59f5088bc258b350f375c597e492406740eed2730170fcc3f336f8984bdd9509765de2517c0b82b11ee8c84f1bfcf02152e5664f172dd6025ddb37ce75221e11f3db64fbf6953ac9b5f7bf14ccddc2e65070aa3eecd7a88c038f6ae9bc539ca"}]}, {0x74, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x48, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x9}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x4}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x628}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x1}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x8}]}, @NL80211_PMSR_PEER_ATTR_RESP={0x28, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x2}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x7}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x1}]}]}]}]}]}, 0x1c0}, 0x1, 0x0, 0x0, 0x20000041}, 0x800)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
syz_open_procfs$namespace(0x0, &(0x7f0000000080))
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000)
getcwd$auto(0x0, 0xffffffffffffffff)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.7/usb8/bConfigurationValue\x00', 0x10b042, 0x0)
sendfile$auto(r3, r3, 0x0, 0x2)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/dummy_hcd.7/usb8/power/level\x00', 0x100, 0x0)
read$auto(0x3, 0x0, 0x80)
madvise$auto(0x0, 0xffffffffffff0009, 0x13)

4.489345314s ago: executing program 5 (id=5015):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vkms/graphics/fb0/modes\x00', 0x129102, 0x0)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x11, 0x5, 0x3a)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/admmidi2\x00', 0x200, 0x0)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x108002, 0x0)
epoll_create$auto(0x3e)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_dmaengine_summary_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
eventfd$auto(0x6)
socketpair$auto(0x9, 0x2, 0xb, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyd9\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0)
ioctl$auto_TCFLSH2(r1, 0x5411, 0x0)
sendfile$auto(0x1, r0, 0x0, 0x8fb5)

4.169732739s ago: executing program 4 (id=5016):
prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2)
socket(0x3, 0x3, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x7, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
r1 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2)
open_by_handle_at$auto(r1, &(0x7f0000000300)={0xc0, 0x2, "0200000000000000c32f1a88a7d2ac4f994d42b9ccb04eead5e03d771a33bb03d2d7de959b4fd3cea3ebd9c48b2687fb19852b1da5ab33a6ca4c2b285666489ad5391024feca142d2ce5d558ded9719dea51d787328f8ead177dce68174a0f5524b4ae35369f8a21404d65bd5f6de5969ae3ab017c1bfc19029e678420377d0f040a0177ed0345f589774ee5a94eaa7f61f9b3f5deed725ac61251cf2764951f92e1945bfc2f2a921c06506e166743fbd01a69d364e3a9b990ef201ef568c167"}, 0x9)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
rseq$auto(0x0, 0x584, 0x1, 0x2)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
write$auto(r2, 0x0, 0x81)
write$auto(r2, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r3)
mmap$auto(0x401, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xfffffffffbff0002, 0x15)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x1c, 0x9, 0x63, 0x0, 0x0, 0x0, 0x1002, 0x8, 0x80000008000000a, 0x40000402, 0x9, 0x8, 0xffffffff80000000, 0x800000000000d, 0x6, 0x240000100103})
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
r4 = socket(0x10, 0x2, 0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)

3.853795019s ago: executing program 0 (id=5017):
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r0 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0xfffffffd, 0x5, 0x9, 0x0)
unshare$auto(0x40000080)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd)

3.61606158s ago: executing program 5 (id=5018):
setrlimit$auto(0x7, &(0x7f0000000080)={0x0, 0x6})
eventfd$auto(0x6)
r0 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000003b80)='/dev/snd/pcmC0D0c\x00', 0x8100, 0x0) (async)
mmap$auto(0x0, 0x68, 0x3, 0x8012, 0x3, 0x82000000) (async)
write$auto_safesetid_gid_file_fops_securityfs(r0, 0x0, 0x0)

3.3196481s ago: executing program 5 (id=5019):
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0)
getdents64$auto(r1, 0x0, 0x400)
clone$auto(0x100000020003b49, 0x80000000002, 0x0, 0x0, 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(r2, 0xfffffffffffff000, 0x2)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/platform/vhci_hcd.13/usb35/power/runtime_suspended_time\x00', 0x94c40, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000300)=""/102, 0x66)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0)
landlock_add_rule$auto(r2, 0x1, 0x0, 0x0)
r4 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0xc0000, 0x0)
read$auto_tap_fops_tap(r4, 0x0, 0x0)
bpf$auto(0x0, &(0x7f0000000140)=@bpf_attr_3={0x0, 0x1, 0xb, 0x4, 0x80000000, 0x1, 0xc0e7, 0x8, 0xc, "6ecd90ac90f2fd7b7e26ac36787c3134", 0x0, 0x2, r1, 0x40, 0x1, 0xfffffffd, 0x5, 0xcd9a, 0x3, 0xa76, @attach_prog_fd=r2, 0x7, 0x1ff, 0x6, 0x6d9, 0x7, r4, r0}, 0x1000)
r5 = openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000200), 0x100, 0x0)
io_uring_register$auto_IORING_REGISTER_CLOCK(r5, 0x1d, &(0x7f0000000240)="5900274c5bf3d7cbff78e90e7eb2672aff1f8dc5493718c273406536ed0d3b98c51c41144deac061df11b441e56c48e2b6cc4f34a4969e04f029ce166e1ac07a12fcaf6de0f6580dab0efacdb254efdf148a6271a2ae6d86e472f886b621b4833c94d0ac8bf30c039ec182f0d048c75211d0caa9930cfef0961b12967b7f93972283e848fc0399c3fc2f0dfcd7d9ba909d8110813e1f127db5cbff5b7b7822b0772a10338af4509beda701179c21", 0x7ff)
adjtimex$auto(&(0x7f0000000000)={0x4, 0x0, 0xcbe9, 0xffff, 0xa, 0x80000000, 0xd37f, 0x0, 0xffff, 0xc, 0x3, {0x10, 0x6}, 0xfffffffffffffffc, 0x10002, 0x2, 0x4, 0x0, 0xfffffffdfffffffa, 0x1, 0x0, 0x9, 0x7, 0xffffffff})
execveat$auto(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x7cc9)
sendfile$auto(0x1, 0x3, 0x0, 0xc01)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto(0x3, 0x80000541b, 0x38)
mmap$auto(0x2, 0x20009, 0xdf, 0xfff, 0x401, 0x8000)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='/sys/bus/hid/drivers/mcp2221/bind\x00', 0x202400, 0x0)
read$auto(r6, 0x0, 0xe8)
r7 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0)
writev$auto(r7, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x40008, 0xb3, 0x9b72, r6, 0x28000)
mmap$auto(0x2000000000ff, 0x4020006, 0xde, 0xeb1, 0x401, 0x8000)

3.25611309s ago: executing program 1 (id=5020):
openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x2dc08f24db163610, 0x0)
mmap$auto(0x0, 0x40009, 0xdd, 0x9b72, 0x7, 0x28000)
r0 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/fuse\x00', 0x700, 0x0)
r1 = epoll_create$auto(0x3e)
epoll_ctl$auto(r1, 0x1, r0, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x11008000, 0x0, 0x7, 0x81, 0xdfffffffffff628e, 0xeec, 0xdeb1, 0x808})
socket(0x2b, 0x1, 0x1)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
socket(0x3, 0x5, 0x5)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mtd0ro\x00', 0x2000, 0x0)
syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff)
unlink$auto(&(0x7f0000000640)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00')
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
readv$auto(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x8}, 0x4)
read$auto(0xffffffffffffffff, 0x0, 0xcc9c)
r2 = socket(0xa, 0x5, 0x84)
sendto$auto(r2, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80fffe00"}, 0x1c)

3.111822981s ago: executing program 5 (id=5022):
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/audit\x00', 0x200, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x20081, 0x0)
prctl$auto(0x401, 0x10000000001, 0x0, 0x5, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socket(0x15, 0x5, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0xf, 0x3, 0x2)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x6, 0x63, 0x0, 0x0, 0x0, 0x8, 0x200, 0x2, 0x40000402, 0x9, 0x9, 0x2, 0xd, 0x6, 0x200000100103})
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYRES32=r1, @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
r2 = socket(0x10, 0x2, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004)
openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, 0x0, 0x2202, 0x0)
writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000340), 0x7111}, 0x8)
recvmmsg$auto(0x3, 0x0, 0x4, 0x2, 0x0)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0)
ioctl$auto_BLKRRPART(r3, 0x125f, 0x0)
open(0x0, 0x161342, 0x100)
msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004)
open(0x0, 0xeee00, 0x31)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0)

2.508302298s ago: executing program 0 (id=5023):
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x63a2)
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/v4l-subdev3\x00', 0x16ba00, 0x0)
ioctl$auto(r0, 0x800004, r0)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000040), 0x40c041, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/irq/4/type\x00', 0x2000, 0x0)
read$auto(r2, 0x0, 0x20)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = prctl$auto(0x1000000003b, 0x0, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x1, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7fffffffffffffff, 0x4)
mmap$auto(0x9, 0x400008, 0xdf, 0xbb7a, 0x2, 0xe0)
madvise$auto(0x0, 0xffffff7fffff0005, 0x8)
setfsgid$auto(0xee01)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
r4 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
read$auto_proc_pid_maps_operations_internal(r4, &(0x7f00000010c0)=""/4096, 0x1000)
setsockopt$auto_SO_MARK(0xffffffffffffffff, 0xd, 0x24, &(0x7f0000000100)='c\x00\x00\x00#/\'.\x00', 0x6)
mmap$auto(0xc3f, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/vcan0/forwarding\x00', 0x8882, 0x0)
read$auto(0x3, 0x0, 0x80)
r5 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/pp_hold\x00', 0xc0b02, 0x0)
sendmsg$auto_NL802154_CMD_SET_LBT_MODE(r1, &(0x7f0000000540)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="b0000000", @ANYRES16=0x0, @ANYBLOB="260027bd7000fddbdf251200000050002e801400a3002001000000000000000000000000000014001500ff0100000000000000000000000000010e00c8002f6465762f707463300000000a001b002c257b262a000000080034007f0000010c00060029000000000000001400040064766d7270310000000000000000000008000100560400000c0017000300000000000000050002007d00000005001f000500000008001d00", @ANYRES32=r3, @ANYBLOB], 0xb0}, 0x1, 0x0, 0x0, 0x20008005}, 0x8040)
write$auto(r5, 0x0, 0xc70)

2.071520246s ago: executing program 1 (id=5024):
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
getsockopt$auto_SO_RCVTIMEO_OLD(r0, 0x1, 0x14, &(0x7f0000000180)='/dev/audio1\x00', &(0x7f0000000340)=0x9)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
write$auto(r2, &(0x7f00000001c0)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x40007, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0)
syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r3)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000200)='5', 0x1)
capset$auto(&(0x7f0000000140)={0x19980330}, 0x0)
r5 = socket(0x1d, 0x3, 0x1)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x10, 0x3, 0x6)
sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc000000", @ANYRES16=0x0, @ANYBLOB="000227bd7000fbdbdf250100000008000b002c010000e0002d80c500c880040003000000b167f7a912e0f4b130f09b4a0d4e9329190f6bfabf21e00d9e0e6dac1c274649f9dc5067b857d80112dfd2f69754f98e662a16991b088ed19efb3f07c4037a186f68a581c982e25681e7589713a70f11606ed0d33960b2fff7cee645ab0cb08c1b36800f9d8b6a9f3c9c32a40b207fcdaf8572559aad68b5e45adfc413283c7269638259c4c5f4d0a8fad3b0627b96b6c41167ff22a3974fb4ab87ecec6bcba509815b79516126a9d715f73231e386c4385343b5c5287304000a000000000900aa00ffffffff0c00278008002300ac141420"], 0xfc}, 0x1, 0x0, 0x0, 0x2000c800}, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x4)
socket(0x10, 0x3, 0x6)
r6 = socket(0x10, 0x2, 0x4)
r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r7, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100005800c00c50003000000000000000c02368008027a8087010c800800e800", @ANYRES32=r6, @ANYBLOB="0800fb"], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
setsockopt$auto(r5, 0x65, 0x1, 0x0, 0x8)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0xa, 0x100000003, 0x9, 0x6, 0x1ff, 0x6, 0xfffffffffffffff9, 0x4, 0x4618ecd2, 0x4, 0x42ff, 0x6, 0x9a8a, 0x9, 0x10005]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xdad, 0x1, 0x9, 0x0, 0x7fff, 0x6, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, 0x0, &(0x7f0000000280)={0x6, 0xc8})
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8)
io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r1, 0xa, 0x0, 0x2f)

2.040187583s ago: executing program 4 (id=5025):
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0)
pread64$auto(r0, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000)
fcntl$auto(0x8000000000000001, 0x5, 0x8)
clock_nanosleep$auto(0x2, 0x1000, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0xc)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0x12, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0d, 0xe, 0x3, 0x4, 0x80000033, 0xfff, 0x6d3e, 0x9, 0x8, 0x6]}, 0x0)
mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x24000001)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4004)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, 0x0, 0x54)
recvmmsg$auto(r1, 0x0, 0xa, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2, 0x1, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/input/event0\x00', 0x40000, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x200009, 0x2, 0x40eb1, 0x602, 0x300000000000)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
madvise$auto(0x0, 0x20499d, 0x9)
setsockopt$auto(0xffffffffffffffff, 0x7, 0x3, &(0x7f0000000040)='/dev/ram7\x00', 0x8)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r2, 0x8000)

1.290115381s ago: executing program 5 (id=5026):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2c, 0x1, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000080)=""/19, 0x13)
close_range$auto(0x2, 0x8, 0x0)
socket(0x21, 0x2, 0x2)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
mmap$auto(0x6000000, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)

929.557187ms ago: executing program 0 (id=5027):
close_range$auto(0x0, 0xfffffffffffff000, 0x3) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop11/mq/0/nr_tags\x00', 0x0, 0x0) (async)
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/040/001\x00', 0xa901, 0x0) (async)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_udc.0/gadget.0/function\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001080)=""/98, 0x62) (async)
ioctl$auto(r0, 0x5522, 0xf15) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), r2) (async, rerun: 64)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x2eb1, 0x401, 0x8000) (async, rerun: 64)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080) (async)
r3 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
fcntl$auto(r3, 0x400, 0x1) (async)
execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r4 = socket(0x20, 0x6, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ip6_mr_vif\x00', 0x0, 0x0) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYRES16=r4, @ANYBLOB='V'], 0x1ac}}, 0x40000) (async)
r5 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000002c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (async)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000140)=""/12, 0xc) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/loop9/queue/max_segment_size\x00', 0x226c1, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) (async)
r6 = openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/buffer_percent\x00', 0x1, 0x0)
writev$auto(r6, 0x0, 0x9) (async)
fcntl$auto(r1, 0xf, 0x0) (async, rerun: 64)
r7 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x101a02, 0x0) (rerun: 64)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r7, 0xc1105517, &(0x7f00000001c0)={{@raw=0xfff, 0x100110d, 0xfffd, 0x40000006, "e927783f468fa2e92fe8ec7a46cbb766439daa1ee1aa0000000000040000660e0701000000000000008000", @raw=0xb072}, 0x6, 0x0, 0x4, @raw=0x404, @reserved="2fd3bd3025f4321f5facc45cb72348ad398fc2da15a209bbcfc17cc5c5ab3d965f4e2ad345355d68f1c1e2d4f28197da1d7c06ba6226ffbbc4343010240cfbd08da557a5ed0723552fed99ee474bcc2b15fe80f05a93aa59c59ccd9bcd7c11e692ec22f5a8490a5e9a714112fb6a3e71b1f63f638788433081c3c730772916f1", "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"}) (async)
execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)

427.590123ms ago: executing program 0 (id=5028):
mmap$auto(0x0, 0x400008, 0xdf, 0x100009b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = ioctl$auto_TUNSETVNETBE2(0xffffffffffffffff, 0x400454de, &(0x7f0000000000)=0x3)
write$auto_fops_u8_(r0, &(0x7f0000000080)="918d8bfcc4174cb73d1348f3ad17adb76ffc05348743e92e6eee9236fa237ab355fb9bd8c4f4721f4869a27756385e0149ea442ce268f80bc998817a61715d597b40166f5bbad8b49004097421eb0fa3181babef4eb840837521d1c906e03d870703b270b5b3f3cc0ffd3447df8fad54bfe9f7f2473c8783c264582bec11c0093e7bbe0cee2d77dbd69915b237612289afeeeb286babe68aa7118f8c502a1b855cac1c1de7a3c25d444b6d72db8813802fe7ccbcbda9bf47f6de262f45e8ca7fb05c2fdfad7e1672de7687a928a863669f772757152c51c137196d96209449381c9a07df408b13c625e8aa7eb698d8db5b3ccd887e9d53f42f833d9e99b98b36f9c9fed458a4e0a43e79a7c07682534b99706e980df558ddb1182c67a6beeb53c1a1f6b1fad42ee213e642010f56065169c3a629a1261e855b147774c2f8d8048f907fb7a1566663df5bcc87eb901b07fb5af726a9b0b1835163851c6b50b5e63e6c494c528f8e2ba44101097fdb03d600036de85e675547fefb142d4bf7f7d68a4241a60f17f5bc409d6ce2d52e0dcbb666a12b17206eb861d27178b1c5b5958bb4595841a9d1328208dda853754ad79829b3d2b04196a5f210100d77d4fbdecc7c05cab3f8bdb6c1a083e51f1e28def7e0a19c92b5c5d3e2a34a9115bd6041241ab2d4f080390221f55db44351f7add086da5dfb55c2e2d52b3bf25cd12de08b65fee4bad7723c4abeb7125e7fc7cb1ba2ba8d083c7a97329011e09767f5d39935eb0436a49a97767226fb3e2bf2b0c001f8449a33dbb6d8e51e44e8a0b67dc9e524446b1800f94b12f6175fdbe8e255070c7b84d019d6d7008074cf7196ac958757bb3ef667ef979a573333190825e344a0d08f3bbefc193778fc2cfa8e59d29bdc32dcd0879eb1a0726b66aaf841c0ce6f240e0722be54c118ce533288880ccdd5fde5efd4ffbd6a469363c069cdb136a4a810822d475353d1e48891fd52db4b996885a30ea5a22757f09d2529bbc8c46e4d073a7c7f1b1acc70f6e0286759b6ed8fc90a909c6df75681f23747102f0f421d80d70be013b081addf5fd75359eda3c100beb3062d429e177a70525dc85722bb8e7a1f691b71eefcfa28fe78274b81670c1faf580eba393989face944bc18d00308765d1b1e308478f88640f4bc7e139d0aefa009e8364d4ddc17b11ba966da3e1bf0d307c89b08fd0ea12e1ac53db641f657457507ec0f6f723bd301d032064b196d41908c301fdf11f6dc9c7daf69ba4be1ed2e35c388753324cf81d78c57d58fa55e3b2281435633eae88d24086107a756b02192048045f6f3a83e304f37fad977225634286b2e419a7a73afa82f6379faed188555d51bf8c68fd564833f7d0dbea0da0b754a3e795fcb4fd0a6a7d64fcf6bc1d88fca19f04acdfcefbe105af38c2f16fde700747a7cdd2c5896884c7520a8de8f158d5232937707c0cbf53039663a5163e5016eb754f1ed9ce22d5b44b31e00a9f570e1b2307f558c8e8131cd1f292fb584b4ef7ea3cf2aefd957e816a8a86c60e984c98863535952525dd8e9290cf2cda75c0a50aa20777b87b287a54fc58ef349b0f0e98b52e8466e1e4a199fca7e8625f585eecf65666090756084b2e4a8b2ebe4029e4d02ecbbf1e91ce8074f7b701a0212709af16dd42bc319659f4a1f5a84074104b21038fdebb0ae0934c420299941775f61ccf0b3abf3175148709bfba75baccec3f8becdacb1232f69cc8080052894c4ee63a99327b0fc758799bad1222bb4de0d7bc836d2e798587bb4b7d35564fd4278db8aca3f8c7f483387f5bb572d4c8b0757f0869317907f4995de1bad5e167207c12bc167544f6113b06cd6e2eee3b153017e3471b2a0f30cb4cfbd60f4eee448b61ab4657b21eac6e5f8951da3d863efa6b02f11b16558c4b9e3748bc77ac70da8e2239e7259c4199be12caf1ef30f8676a5f9a740aa29abe17cadd3195380c11dc7905cded0350f20b61229ce9532c804217f30938de6e1ddf2e94754ec98ef31bf5adf8ee3fc981137a1cd57ee3a31b6aac4ae59ef0a38a712aa637115e222dcd576b42db6f55eb9cc1c3908b3b322639d22b9f71c8492e8fcdc1b767da39b60665e27570d051c87f244187a5bb984603b25fafd40a1d3b2bc4c24785f9fc68a9fd097da9eef089d46bc639b6bf0eab70bca022a55f67a89bc2e26856ed7058af798b606918b5c621b33e0b956ecf1dd25bf00d461fe11edcbd2212168437c92e224dc47f2606ede8d5f778af529a24595c8d4b07ebe09ddd3efa5921e55411c0f56a76e2685f1a338f901edfa1e3e0579be18ceabb00e7affc62e0dd647f174039816f2855d37ac8b621eb4cb940026aa56119e9bff5e2ee64ac7193d38f1f2f3fac718ba268f4e4eec6e10ed5fec389411a8b8781d099adedefdc7b8885aa9322287360f3ecfb79a5c5b646aa1450b133394fe3746cfcd3fe211cee7831888c43da82a8bdf694babe8c02e14caa6782c5837344f045488080c463aeaf6bae23456f90452dffbe31d3043758d11a00f887b8145d3c3a328c6e00deafacdbdeb7aa7cd298bae6716855389c34422dfb448a459e925fb57dcf2105c857e35409b704d6ffd59e997ccceee0dd5ff65bf44c9b50c74906e2516b1e2b474cd6e053d1fc5455408b2360f993b0ce21d25bd3192926e37dd701bdfcee657185ff1df69c6d102683fcf707b41d2b501cf39597fa8854ac7f582120759ec670da9145a1aeb0fd1437962e556c3f3eeaf8d2cefb21205bc3c717ed062c2caa3e8d7fb08ce5c2294028c81a8eab78dfdf0d73f0f00a2d973215fab103c656d65bee53bbf1cab70027523466785df69b0b6f1bf9739f804c136016dad5c24e33dbcb6f3fc65d2fbe72b30e7258c29c55424652cad55b6e2b0d81e9b870e9d70b16957affe75863ca9484b328d7f44ffe8c19e1d215b1e24aed9ae2e8763f290da0776df833602700b66fe42734a111a8ab83f02958bb16b3aa0af3dac4408f3666d65c5f04f25618f9b53a90b6bd3158e1065b825010711ffab5a834bf23dbfb06bc912a0b4da5898ffc329d22713bfafadf541def518c7b5645641bd3c4d62f42d554bcc4b9484dd3d386460af56d1775c375b69efe3cfc04ff18340c93669960d04ce38ef08b963d2b27322196bc4a8adf715f0727c64f14fc28b0ca8b0e59bd448d8a31298b9dbf88e97579bae84223152f5625962cd0eae6481655dc0a672edeff3a28b34cf1d7b6c90bbec3882f42b0c932c80878bb45f483a71f46b279d1cbccfd5ef884e28b016ee53115ae8d52c0aacbb11b91b3ae08f1affcd6166bed044b695f588c64f2aa9076a334cb2beeec22d57af9e49b45a7b42ca7b56674575aee9f4d9d2ba6f9d809b10b9845c68e37f15c578cab6a7636f06d1c25be0f078ee13939fb8c44b7b49b199c155b782f49e98d6f9593431ceeb1b06c44760351dd345dd4f4288c51f5dfe1e8c2a5b48f383049095f0a0f97dab5d8b12821b4634ba3c9879b52923d8f22792d9f4435ba322b20fdb8176f13152de52f10fb2ed08afd68fc7538edd210f42f64e7b75f76b0d92585b97e381c18aa09eb1880581db55ad004d693400781159e82941af45f01adfa5b480e0fb9efa4cf37eb6ec6bdc16056178b31b8e30e0e12539826928744bbbc078b8fb7f786b271ab88ec0a7ca67c9b95681cb806e26f690df27121db08fdbf09dfa49fc508856638f168a6f65d2be932aab8574e53190cef440ba9bbaa25c4fabcc93928e2907a9ae3a45c5c0937d9b5bb573fef295ec7616b234a29e961f6ea1b457ade999d1259c523fbef9d411ded979649b20016e5517dec228742068c19eba8d39744cfa42278f90b8aec98353b5f7804c5d16a6b95e28103bbbecef4d9f9bb4c47e5c4e29c099b4af14c5d376da241a66b46b250566a0af50e24a7edba89f08e32372cc8f43b17f934ca6d9ddfcd06520ba25eb4ff582ff51b926bf9ce41d2983f20b52132e92e7bc5ace43bebe7df4c3be122c566f436f8a62f21687ddeda45b40cbed89d61f2e3d615cfece693284e3fe1fb2b2c93cb0f1fabfca131c138079f4ef9c445185aa000da42267355d17c558e14432ac121aa57bf90f4f1aa65fe4bd2fb3953a2bddc7587a783bd7f9e553a96c8c2904971f71c07d4e8f4466e0547e0d95b9e78d7114f7453c04e768038256f0f404624f011e71172bc17d232dbf1672dbd9ab8f2447c76e1542a4491a1aca1f6da3c683f87437c49f0c2e6caef3ab53e879154f289919cf807ef653e7301e3ff60f7f781cb94dbd9cdcd01e65e951cf61f94cd6e5cd242817ce1e21641831219158a99efa732641376fde9dd9d2cc07b0fdd200d9341bf5bf39521d30f286299e3c1761ee8aef1cce1f40256f26268c651d661220682a4971eddb5cbad56a93b23c055c06894b03a54a664cb4567eaebe744acece8c5797c0178c5014088b4ed7b59600db9a1add59e6e82658a6bfa5e4c2f9888df6cb815a77f2363490c5ae44ed2793444213044af0f4c3696dbec08734b7c53ed9d98a26a5010ff74e8b74ae74d0f99b2194d345ca0f3164541abd64831aecbe76f13faa566d02a812f0a731d01a662adeea13adc10f37db9843d1c91bde1c49c907a55feac1925b919997da0f3b59e1b72f293e22335e01c0c9ef558251af37169d5f9c764634a985fab02489d81eff59ed9ce9b6789b6ae8652b63b8d83a57a94ca9a4ed675eda26e972c11f15f23c8510fb334ed506e1af5ec4435ec5dc110350b283a8436a9c23914b91cbce057302a2a9152a7ce44fee48371305fd84ef432014d1a22acb6d6e8c59eea3f74a1087a31724b424a5e41613ed51f6587dcd26686e9c1864dcea16b8ec0c44065902e0e8e20938659691855cb3282afc45d0b59f01d2a42389b7677d7183407168c72999a3ad42b89189fc3e17c90ffa7af9a8d5c73a7b271706cd355ee0009535923a7ff07ec4fccce75532a43c7bfbf82d7359625f75bae48b7504cffacda2ed9e0a365634a451a1e6d9af2f51b18cac6ee90c5b3e259a46e068c1cde3b7d162cdb82db92119a973f3cff8c699d018fc56c6b7f2df8dff92a624f7c2df3a4cd0be8f6ddbb5c35a0642858ac1ebd65e4e8b5654917a39a2bc36ffef44c3c2d6e2855ec0fd9f53b6a943ede30344dea2a3c2a73aca77235be10c811fe98fbc94e80815946774b03ff4ae39663d47c0b4c07e2c7d624076c165a87a3fa22979584708ac33267ddc3dd40310a32df9625636c13d3a6acfe495206c0c191eff3d7702cf2bb9445c48f0d7d026062be5ce0f3fe52ec169cb29a2dcaa053b15dd6f10c61514762fbe22918fcdc6632a11e989232c6dbbda78710b315dbcf37781541f403a30879453444914424a458c04a292e1c777945cfb45b458f0625e4da422bb27ddf3cc42253d66fe9afb1626510ea48fd9bee7d80f8e1c4186e4673a96b43633db40ea65b3eec5cb3af9f6b0debd568699b634cdc67755b5a7dc2d64c117204005aa8f92c3bd97a48d00df34c725721df912be5d63d598603f3e9e078d1ceda1fda0341470efbeb6c961bc73a267f6fc9144cf3944dc0f1a2b97bc274c6db2e1559f27b0a1158db304f73e8300ff45695a696ec6dec136c9f7a45c34f9b767d94973d64f854cc8e51eb4332c14ecc25655ef309ae687046e466c8ff4dfed182fc79835e61defdf86e2bdf29d0c25ecddec7d731238130f8b9676a26f6e28329c04154fb502ee079cb6ba702ba27da9fff5d9426a4876cdf", 0x1000)
socket(0x15, 0x5, 0x0)
setsockopt$auto(0x3, 0x114, 0xa, 0x0, 0x4)
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0)
ioctl$auto(r1, 0xc0185502, r1)
r2 = openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x2202, 0x0)
pwrite64$auto(r2, 0x0, 0x4e, 0x3)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x3ec0)

302.283491ms ago: executing program 1 (id=5029):
semctl$auto_SETVAL(0x0, 0x10000, 0x10, 0xc2c)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
fcntl$auto(0x3, 0x400, 0x1)
open(&(0x7f00000002c0)='./file0\x00', 0x127c84, 0x20)
fcntl$auto(0x3, 0x401, 0x3)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
r1 = timerfd_create$auto_CLOCK_MONOTONIC(0x1, 0x40)
sendmsg$auto_CGROUPSTATS_CMD_GET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[@ANYBLOB="9b6f56d8", @ANYRES16=0x0, @ANYBLOB="000129bd7000020000000400000008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r0, @ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x10008010}, 0x8000)
read$auto(r0, 0x0, 0x20)
write$auto(0x3, 0x0, 0xfffffdef)
open(0x0, 0xd02, 0xc3)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/fs/o2cb/logmask/HB_BIO\x00', 0x102, 0x0)
sendfile$auto(r2, r2, 0x0, 0x7)
writev$auto(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)="7b15bf9ea2e8f1fc713c80f716c37940751170f972aefde789ae9d643e43244b9992ef82701704ffb41af633c0ac35775e9b470be329b432c5d99e264fb9ee440c4c79d5b3e08839ce4f8a7c10c336ba337a74db27a0c0b79af830b4f81e56ed8d043e163d11d6fc3289c674698d8f510fbbeb2bea809b584152501e88e36d36db80504676b6f44f8a6319b7a0fe24afbb1b891210f66e647d1a46e4a438ec14ce0832d671a47f9bf4d9d99656376f8973e1bfafbb0d39e1116c2901c0b31056ad775b99913f0645556460f8696fc13f873df03211684c1984a9c62dffc6962f003c45898faa81ef94fe27d08f771b971cd5dfee3f2db9cdb3b0aa57", 0x5}, 0x2)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000)
r3 = socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a)
sendmsg$auto_NFC_CMD_GET_SE(r3, 0x0, 0x0)
mbind$auto(0x7, 0x800606, 0x8006, &(0x7f00000002c0)=0x8000ffff, 0x8, 0x3)
socket(0x2, 0x2, 0x0)
connect$auto(0x3, 0x0, 0x40e7)
socket(0x1e, 0x1, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x21a040, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dmmidi2\x00', 0x181440, 0x0)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0)
pwrite64$auto(r4, 0x0, 0x1, 0x8)

0s ago: executing program 5 (id=5030):
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x8440, 0x0)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0x6)
socket(0x1e, 0x1, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(0xffffffffffffffff, &(0x7f0000006940)={0x0, 0x0, &(0x7f0000006900)={&(0x7f0000000280)={0x122c, r2, 0x1, 0x70bd29, 0x25dfdbff, {}, [@HWSIM_ATTR_PMSR_RESULT={0x1218, 0x1c, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x1078, 0x5, 0x0, 0x1, [{0x1074, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x28, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x200}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x5}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x47, 0x1, "15498343c724307734086992dc1e25a2a9103e4bf48686438120218fc18eb8d92081607cef938d982b98b2ffabb3d4697d0e992a1ea9d3b471e918ae07e413f97503f8"}, @NL80211_PMSR_PEER_ATTR_RESP={0x4}, @NL80211_PMSR_PEER_ATTR_RESP={0x8, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xff4, 0x1, "1fb5becd41368ab779a0b29218e67556fc4604877ebfcbd398c11fb77c35a8bf6e74ddc9b04a9138098aecf779ea7e3d541edf3023425cada97c0dc587c6fa47716dd359907f0a162a0b886614c1a7e9546da002cc83e2ed566b0379129f985c460fbbf435e700a4b5580b8a56632571928f8f21f4d11364a0ef75b476ff3956f1c7da142f79c10a4876ffcc63f2d86a0e69b888fc4f296dee02ad8557cdbfb9f0235a183eca304867b40759629cbc72b1502c43b99766ba6d68b0c0ab3c3f028eac0d0571801e5df2a1d739c243a58bf16cfb3859743e905b7ba869f46438f8ae3034bf72d5e80c5484943de2b70c62ef38e5219cc8006f282faca545419374470f9a70397a1f81bc4623e08269594bbebf9b08b81b87ccaebf876dcaf1fa4562e3163b353cb8ff91dba36cfd929ec300388d9224fe45abcc42e157398da0642301b14d590dd9a490eeb4555c64ae48caedffd84b246834f69dfa63f173ce93ba2775a6f4aba2492fe9d62fcae89dab6719935a28c2d614d93e984df4b3a292e0e5d6754a30e52d52b951092a4df3b6abb5c8b74740d551a77c41d02f0ea667e8acb61eac844c20151dac7c08ae95aed291d11cd81365501d3fb0120e11566f94afe38fb008e05536f93364d00a43b8f486bd9aeed50d5a38947982f5f700f06aa7d6783f30abda22a3c9948a274bfae36f6a66c3229520089d65cbddde93a28dd2a72e93bc6c0d9b98f49c9d771f73b1d4dcb6c06829b15422f0c596401ba563a88ded070e2a05a79c8070085502fb3ca34fc767ff2d3b490bb9a6abc3019eefaa4bd9f345f6b94d597166754c5f95140dc5fa9ce51a7cc3257885d074c7cdfd88bb400fd6dbe2d4a830134967cacad9beaff366bf7e3b0a4fa0526473a70c1f44e343a5b9fadf9fc536113772f0f7b0bf16f9b7a7dd8eaa5f7fd9cf259565247f0e58375156005c30e25691d7f8fbd489af83a18f71a38b1996be1ca10bdcbe8d850603d9b81ba828c907753483e9ff23d1d861c36d8045acadaa640a61357fcf9aed13afdf56d13861dd74ce620e592230d3c8699e9adccf2920614ae13c1e3e88a830f36bfcd40ff7c767995044f2ba1661c5f977d9754c58a0d9dd7aad1fbfd94d36dfc61c532c5cb3093ccc0c125ee0e762469f8680500675d4404db12b7062c19c4f0c81c0de489b5eb725f1d7d4cbe7a1f4b51fe8faffb6a709c0a7a4ae7efe75bc66d6c2e705fbee29c0858d9891735c97a28aa15c16fa0444ac2caeeffae42f1fbf0f17adbc9ee40236a844add60741eb64c722811c6f9fd7d614f9620d6f07914b6e7d5eb5dc3d7d6d5f5323575a7c9f864d9d5793d4ca606ab3234930a32e44d8a08d624861a6b94c72f551e7adc8daee91594175bdba18c663ced5991c0846f1c03a96b5d8f858c10dea4886e12ee90186d2130891eb1b354abb1040dd571589b4b7884b31cff7f8b3cdef5a61bc9644883c852106d9be09e5f4d649c669a64fadd3a9b129ab1c956e33dd5ac7224439feb0ccae51aa092c36b4e8d720170d20c22a49e5919d203b312096d625e4316f141f26a9257af159b3c47e025fa40d0150b7dd969d2ec67c727b81653f679f6ebbf8b3ad9c3b0acf232d1b869982879c4a2722cc1e4f0740e9d0feb661e45c5b081ad0546761e6a025529086ca4d38a4b22193e792bbfe6ceb22be5ca954210d0f93f5e38550054b6ae80e64673158815af6cd6adc3b942b4371d33d9662ac80e3ef2eb4acd44ec66cb6d8948d67c3ba8e578f52ac30ab107723e5ce51c4e6d59b20ba7085fd8dbde58cf9a0bd3385e95db6b56a9a68e3160ad36a93e26dc8b915cd4e4767d3dbd3b74052f55e3a74b1edb1068c973a5ca70809c6aeab8ad627955a815315330c51153dcdcb6e77029b0a3712a9231f0c188659e5bb9f89b6a8fd91536a47db7e5d596fa93f0719502e442417ee11bfcb364c6ddadfc8581ce7779d107d6f7aa8739c3254ce9b1e2dbbc1e75566b6d80817e1820e02e8df220e1c9b2d98a15e9db86c5a32bf52b0f1de1be7636cb21e87d777fa1e7828be02578cac204a8e9c7ca6119aa0bdd165bbf7d0f799f0d2ae118bd9037982c1fed3e223b60cc86f21e8c1d9336cb76cb521bc9791abcd99af0bf70a198de0d678cc8bdc0f74fef28407bf09d93054d5e20f5452fad596ae036bec1109e4541d5cb9d287b5498934fad3963a53030dc2264668467716afee211f4dc8082800be3829050b2e26c447b001c076dda2e2b7f17c96612b0f594b6ef5193c5dc3affa5778896e1e40a3953e5557d39799c312b4126a6086dd85393ed3322a48ca0afb9e5dd96ac9461dc7cfc8b02a23b7a1486ea8c9bb204e39298b1017a67a8c1cf1e0582c6b8d95a611c0053eccc9592e1af600e4386680be35c29acfd9033058a4842006fe429188e6a4783a9bf5fd7d1c36c0530f6a42be785419ef2192ffe02470d376f084a4352cdc7e34b9f4891304499b1e0946832b187762d191d7e9cd9cc9112ad768e5132f804f304a9ba0572d0e1c7eac6ff606baf0f0f2e1c836d9a9f7f01fe748dd5ae7b34ed6d51f6e4c8575de14c8552026c4c82516080d919a706fa62958742cc2843ce88c04a19cb66781f2b75d9a81d3f4f2c078e35bacf3a69dc717b61c9c9557d82bdaa636fe80e37f41d63f2388da0b79555f2b3d2b7b30db6d2837aecd455814118a737d3d2845704f4b8a7156dd582477d0b9f0d2622b1f963d243c73646d35dd25547446fa94f47b63637e37b9c61ed88c97b185f9b8d09ffd768cd1c79ab31ff33e82423872f4b2642a1530a248b1dac5a776d5c5d6381e38f01fe8b23921c7b52175619bfe522c945e45ea5a0d35f35fb7c7f772f32657b8b936de258ab52fcf2bc4973c7d8da82d113bd59831b658c62b6913c9162f66a92bcdba85a33796028c8285083f65eec0168039af09f83e27d94fa22f4a595702cbd51d8f48ad8aff4a74c5fd50922b3eba0341c6718f34f3a59181722e330ccfc7d1997357fbb1c95213b082d6b6f119118bb24a98c2c53de48b8b1bdd9c51c88c89acbcd4de108fb32f4beda27743b4a04e5ebc677862da939c7dfc616e765b79b1359d8e5ae4eeae5cd38954a7b6f8693496bfd2624f1a83182440510d7de981a321ccf81b75ab23317598adcb3bff8454110a056ee64a3b088c3ed6d0cd1d2e7033f872106205e95f171e347f02d9583f59113e49386e30ad92537b577e9822f3ecfc1b1374bf2911f61168f30b8f1e3af513e8248409d25c1d3bc09e93a66fa2c4bb3caaf1f4bc28e730ffd78375136e8c32d9bc26b8958c62aa7912dcdf44bbb6668c872df81c6362a679e57860484f003506ab7e1bd7344261c761bc03a7a0167047c1c07e8e46e9af814ab2b93fbdd8536448ee939188ed5a79c6d5d962efe69afde6999a5d52d71090bcb11a1eacb07185f9f5199d44c9bb5c48a09b28cc10e3f84f04677c3052e57d5426d3f5fa852a8f4ed3c8495a4f79261bbf6d1405c9ee97fe3df651819907bf93e4bd0c0a7d2d454e7ba0e84eada5731bf373ae529a6a1f17f959c77931d2ae261b588e844e8c1deae11cf6bbc1433ecabd2715cca3c7471b6f8de376a72647f7bbe11659adb21af39f0b71ae0aaee207f1811cef018fc70717c38b14948f307302bebca0450c6d1670996a92eebe691e0f7395fc20c554a171472df72761fca5a73a242f15c39b7fe6e4c013d655cdd09e319727758beb367aaadf6e70bfef6f8fce3e7c3848279f88ebe8a10f00dfe8f4dd87f9437b8bfa4b7b1517902cc06887ec5a9b9eef923c0e72e9ff82226ae8bf7cef3b3cf91e0ff8408e62421a4d88875b9f6a9382722d42aaf8fea280198a23eda48f6ddc26411825dbfadd25301735d1f9c74f61b15d3b2181dc9d77a4115c7047b9c6520b55dd2fcf343c4f1cb7cf93c10c0e01e282f28cf54575924024819409c322dce701d88f78c94416ebf4c2275bac8c75299636f3a507b7f933c5e13d853725a5ce8f9ec33de647b87a1d0775d62dfa07fead5253cc18526b5ffd90312ff098b81dd01c59f882b0223e6cf768b2ee0d5e0e8d10a2f5c04aa3b97a3dc92e102b30d60f3f0ff5b6253e49d960bc6b8d3a5daf6f3f4c06fcaa315e8315fe71023875f318934414cfd10fd7625e084b132b1c37b1b3e10777c10a3f9c47cca710012a77bf342bd64ba5fb08e24908cbf07143a49c2acf74d0c4097b0a8c2efcb6dbda4433acd0f1e2ad24cbcb4462aa7ce3d12514d4aaaec95457ec06f197c0df614d484af7987458ed2e33552b7a1cf72a4c4b016e7a7399ef9998bd52f860d2ef0751e7e96ebc472af3e666f7778f8eedb12bbac921eac8436b31ab61d72c259a2473678d88743f0f768c1782ee4702646bf349308712ea8cbad36d90b5c770971a1ff70719cdfdeb01927a561fb67d7cb6a2feec1215bac6eeedfb930d3556b5547a7e1af3199de6929a745c5323dbc34624761bb1beff6508463a5b7cac6d1d0265c733cb609b8cdaa56042d29fb70fa58c64b1fed6028d3a2ee7d6f3046cd980bea9f9e1d82fd9beafe7d66cfcbdd49caa5ea4f43faca173cba614e02f407b5c791e460a3ee590b3780ad8cbab34ff0379cc1f947201e28d0cbfa9cc5beef86ecc7090eac13ff614bf73f24b335fcff38a57bce197f67a5816f3d11bb558f0485b4441fcddb6b33c211f19f263f35462349492e26d5fc8437e09539c06fd6b14f243e0a51cc7ed7482677c5a9e7c864b81ae890e6412b6b387e887c9a70e5470c0d17800bb4e39a971a30151c2d5717a9c1183fc5e43902b25130f5fe2d85a64b77a8e64dc59d0b1e3b022efb9c1cbdfebb071c0fbd09619577bb1e18b488091d5c239589805b8df254db031aaa7751bb0b71bffe4b307ebd8359271c2376f2c75a8bea9808725cca6254f89e211cae70dce4cefa123d29238ecb0057d28eeaaabea6e99ab64ebea4c2c62806e6a9e2bccb96a4d07e816ee378e094acee3a9f31b0d1033634310baef6bc7f5e0870a2f1f7f519861834935b1073f9a5c348a46b3be82932d3cf1823a60fb9d0b269b94e58614b5cca1bf2f47ad4e15a93fce9995e06583c41b84930fc26cfe19e9ce9028c7ed8f6f701ed97a74ff3d3affcacf957946fd675240ea08b362a4c1d15aa0722f4cec99aae7d167c49c6123b1ddc36285804044883676921d8b9feed089851e819b782c1fc4025c44874f1454e53e477838e6ff0a472331da69f8e4efb474db064a4b4325c08b4db60377a142c19512b7d1e9fdcfb599662e5448ef3fed112a62bad364467613c73a3385df9766446627c2658c87b56c069440d4e0406e1220c79c2c99116c3224a7a90fee8b6c04f3ff85cbe993c3bb4f7961a801dd893557cd0be736f17e3fa2c65ecc61b907c9d919612ac73a41f91d88733b5830d135a457b3c13fceb0bd294f412bde878315b32c91529b5d55383a1f79f949a8424865b474d784a7a89153b88fc7ec11589b01b9b1aece6585de4d6dbf329c09f35426525addf3e1aa57dddace18fdb219b5e4b32c29a24de709f180b6ff5578141158f467ee9f0cccb580e5b9929c59e47cc8ff27b8401a934769d99f26cc9a9f66ecd0879df8b5becf0cb9a41006396075455306059a7dce312f4e08c54d13bd5da696b32f2c8efbdaad768e372049a3a58bb8c6972d34f859c4ea29ec46aa7752f5d7e8bd3523a10de8b876cb1d61d143d55a1f343252f0927fd5d853b663a71dbb0fff6a7f"}]}]}, @NL80211_PMSR_ATTR_PEERS={0x19c, 0x5, 0x0, 0x1, [{0x130, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x78, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xfffff7f7}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xffffffff}, @NL80211_PMSR_RESP_ATTR_DATA={0x5c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x54, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x1c, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_EHT_RU_ALLOC={0x5, 0xb, 0xb}, @HWSIM_RATE_INFO_ATTR_FLAGS={0x5}, @HWSIM_RATE_INFO_ATTR_EHT_GI={0x5, 0xa, 0x1}]}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_SPREAD={0xc, 0xf, 0xc}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc, 0xe, 0xffffffffffffffff}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x100}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_INDEX={0x6, 0x2, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x4}]}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xb3, 0x1, "adcb04a58b3c2f134a15760485188573b1cab1d6ed2698c24fdf710d4b3aa02e3d7206d8e192d58f52ccb69d864b538b8c63b8931a461b0050253fe028240d8b51489a8d52d59f5088bc258b350f375c597e492406740eed2730170fcc3f336f8984bdd9509765de2517c0b82b11ee8c84f1bfcf02152e5664f172dd6025ddb37ce75221e11f3db64fbf6953ac9b5f7bf14ccddc2e65070aa3eecd7a88c038f6ae9bc539ca6b583f997fcbb21becf7"}]}, {0x68, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x48, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x9}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x4}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x628}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x1}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x8}]}, @NL80211_PMSR_PEER_ATTR_RESP={0x1c, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x2}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x1}]}]}]}]}]}, 0x122c}, 0x1, 0x0, 0x0, 0x20000041}, 0x800)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
syz_open_procfs$namespace(0x0, &(0x7f0000000080))
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000)
getcwd$auto(0x0, 0xffffffffffffffff)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.7/usb8/bConfigurationValue\x00', 0x10b042, 0x0)
sendfile$auto(r3, r3, 0x0, 0x2)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/dummy_hcd.7/usb8/power/level\x00', 0x100, 0x0)
read$auto(0x3, 0x0, 0x80)
madvise$auto(0x0, 0xffffffffffff0009, 0x13)

kernel console output (not intermixed with test programs):

249]  copy_msghdr_from_user+0x98/0x160
[ 1490.732324][T28249]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1490.732384][T28249]  ? kfree+0x24f/0x4d0
[ 1490.732423][T28249]  ? __lock_acquire+0x622/0x1c90
[ 1490.732473][T28249]  ___sys_recvmsg+0xdb/0x1a0
[ 1490.732527][T28249]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1490.732604][T28249]  ? __pfx___might_resched+0x10/0x10
[ 1490.732645][T28249]  do_recvmmsg+0x2fe/0x750
[ 1490.732683][T28249]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1490.732744][T28249]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 1490.732789][T28249]  ? __fget_files+0x20e/0x3c0
[ 1490.732845][T28249]  __x64_sys_recvmmsg+0x22a/0x280
[ 1490.732893][T28249]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1490.732940][T28249]  do_syscall_64+0xcd/0x490
[ 1490.732975][T28249]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1490.733007][T28249] RIP: 0033:0x7f0a1838e929
[ 1490.733033][T28249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1490.733064][T28249] RSP: 002b:00007f0a191a0038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1490.733093][T28249] RAX: ffffffffffffffda RBX: 00007f0a185b6080 RCX: 00007f0a1838e929
[ 1490.733114][T28249] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1490.733133][T28249] RBP: 00007f0a191a0090 R08: 0000000000000000 R09: 0000000000000000
[ 1490.733152][T28249] R10: 00000000000003ff R11: 0000000000000246 R12: 0000000000000002
[ 1490.733171][T28249] R13: 0000000000000000 R14: 00007f0a185b6080 R15: 00007fff579db928
[ 1490.733212][T28249]  </TASK>
[ 1491.715656][   T30] audit: type=1807 audit(4294967301.810:108): UNKNOWN=§ res=0
[ 1491.760766][   T30] audit: type=1802 audit(4294967301.810:109): pid=28266 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.4497" res=0 errno=0
[ 1491.841847][T28270] ima: policy update failed
[ 1491.850763][   T30] audit: type=1802 audit(4294967301.940:110): pid=28270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.4497" res=0 errno=0
[ 1491.942733][T28272] FAULT_INJECTION: forcing a failure.
[ 1491.942733][T28272] name failslab, interval 1, probability 0, space 0, times 0
[ 1492.006707][T28272] CPU: 1 UID: 0 PID: 28272 Comm: syz.1.4498 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1492.006764][T28272] Tainted: [U]=USER
[ 1492.006776][T28272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1492.006796][T28272] Call Trace:
[ 1492.006808][T28272]  <TASK>
[ 1492.006820][T28272]  dump_stack_lvl+0x16c/0x1f0
[ 1492.006912][T28272]  should_fail_ex+0x512/0x640
[ 1492.006960][T28272]  ? __kmalloc_node_noprof+0xc5/0x500
[ 1492.007013][T28272]  should_failslab+0xc2/0x120
[ 1492.007043][T28272]  __kmalloc_node_noprof+0xd8/0x500
[ 1492.007091][T28272]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1492.007122][T28272]  ? alloc_slab_obj_exts+0x41/0xa0
[ 1492.007170][T28272]  alloc_slab_obj_exts+0x41/0xa0
[ 1492.007212][T28272]  new_slab+0x283/0x330
[ 1492.007255][T28272]  ___slab_alloc+0xd9c/0x1940
[ 1492.007298][T28272]  ? alloc_empty_file+0x55/0x1e0
[ 1492.007332][T28272]  ? new_slab+0x2d1/0x330
[ 1492.007386][T28272]  ? alloc_empty_file+0x55/0x1e0
[ 1492.007418][T28272]  ? __slab_alloc.constprop.0+0x56/0xb0
[ 1492.007461][T28272]  __slab_alloc.constprop.0+0x56/0xb0
[ 1492.007510][T28272]  kmem_cache_alloc_noprof+0xef/0x3b0
[ 1492.007566][T28272]  ? alloc_empty_file+0x55/0x1e0
[ 1492.007608][T28272]  alloc_empty_file+0x55/0x1e0
[ 1492.007644][T28272]  path_openat+0xda/0x2cb0
[ 1492.007691][T28272]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1492.007738][T28272]  ? __pfx_path_openat+0x10/0x10
[ 1492.007790][T28272]  ? __lock_acquire+0xb8a/0x1c90
[ 1492.007838][T28272]  do_filp_open+0x20b/0x470
[ 1492.007896][T28272]  ? __pfx_do_filp_open+0x10/0x10
[ 1492.007990][T28272]  ? alloc_fd+0x471/0x7d0
[ 1492.008046][T28272]  do_sys_openat2+0x11b/0x1d0
[ 1492.008083][T28272]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1492.008136][T28272]  __x64_sys_openat+0x174/0x210
[ 1492.008175][T28272]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1492.008229][T28272]  do_syscall_64+0xcd/0x490
[ 1492.008263][T28272]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1492.008297][T28272] RIP: 0033:0x7fe75d58e929
[ 1492.008323][T28272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1492.008355][T28272] RSP: 002b:00007fe75e34a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1492.008387][T28272] RAX: ffffffffffffffda RBX: 00007fe75d7b5fa0 RCX: 00007fe75d58e929
[ 1492.008407][T28272] RDX: 0000000000000a02 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1492.008427][T28272] RBP: 00007fe75d610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1492.008446][T28272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1492.008465][T28272] R13: 0000000000000000 R14: 00007fe75d7b5fa0 R15: 00007ffc9aedd198
[ 1492.008506][T28272]  </TASK>
[ 1493.270117][T28131] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1493.308777][T28131] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1493.367800][T28131] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1493.533317][T28131] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1493.705233][T28304] FAULT_INJECTION: forcing a failure.
[ 1493.705233][T28304] name failslab, interval 1, probability 0, space 0, times 0
[ 1493.725467][T28304] CPU: 1 UID: 0 PID: 28304 Comm: syz.4.4502 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1493.725524][T28304] Tainted: [U]=USER
[ 1493.725536][T28304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1493.725557][T28304] Call Trace:
[ 1493.725569][T28304]  <TASK>
[ 1493.725582][T28304]  dump_stack_lvl+0x16c/0x1f0
[ 1493.725641][T28304]  should_fail_ex+0x512/0x640
[ 1493.725692][T28304]  ? fs_reclaim_acquire+0xae/0x150
[ 1493.725737][T28304]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1493.725796][T28304]  should_failslab+0xc2/0x120
[ 1493.725828][T28304]  __kmalloc_noprof+0xd2/0x510
[ 1493.725889][T28304]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1493.725950][T28304]  tomoyo_check_open_permission+0x2ab/0x3c0
[ 1493.725993][T28304]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1493.726048][T28304]  ? mntput_no_expire+0x15e/0xbb0
[ 1493.726131][T28304]  ? find_held_lock+0x2b/0x80
[ 1493.726173][T28304]  tomoyo_file_open+0x6b/0x90
[ 1493.726227][T28304]  security_file_open+0x84/0x1e0
[ 1493.726273][T28304]  do_dentry_open+0x596/0x1c10
[ 1493.726329][T28304]  vfs_open+0x82/0x3f0
[ 1493.726366][T28304]  path_openat+0x1de4/0x2cb0
[ 1493.726423][T28304]  ? __pfx_path_openat+0x10/0x10
[ 1493.726470][T28304]  ? __lock_acquire+0xb8a/0x1c90
[ 1493.726515][T28304]  do_filp_open+0x20b/0x470
[ 1493.726563][T28304]  ? __pfx_do_filp_open+0x10/0x10
[ 1493.726639][T28304]  ? alloc_fd+0x471/0x7d0
[ 1493.726694][T28304]  do_sys_openat2+0x11b/0x1d0
[ 1493.726729][T28304]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1493.726789][T28304]  __x64_sys_openat+0x174/0x210
[ 1493.726826][T28304]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1493.726879][T28304]  do_syscall_64+0xcd/0x490
[ 1493.726913][T28304]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1493.726945][T28304] RIP: 0033:0x7f787738e929
[ 1493.726972][T28304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1493.727005][T28304] RSP: 002b:00007f787812b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1493.727037][T28304] RAX: ffffffffffffffda RBX: 00007f78775b5fa0 RCX: 00007f787738e929
[ 1493.727060][T28304] RDX: 0000000000000a02 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1493.727079][T28304] RBP: 00007f7877410b39 R08: 0000000000000000 R09: 0000000000000000
[ 1493.727097][T28304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1493.727116][T28304] R13: 0000000000000000 R14: 00007f78775b5fa0 R15: 00007ffe9947b338
[ 1493.727155][T28304]  </TASK>
[ 1493.761909][T28304] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1494.030596][T28310] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4503'.
[ 1494.219976][T28131] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1494.388178][T28131] 8021q: adding VLAN 0 to HW filter on device team0
[ 1494.416192][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1494.423470][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1494.496103][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1494.503329][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1494.527140][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1494.537378][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1495.477686][T28131] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1496.451815][T28365] net_ratelimit: 20 callbacks suppressed
[ 1496.451839][T28365] sock: sock_set_timeout: `syz.4.4509' (pid 28365) tries to set negative timeout
[ 1496.586216][T28365] zram0: detected capacity change from 0 to 8
[ 1496.756342][T28131] veth0_vlan: entered promiscuous mode
[ 1496.813304][T28131] veth1_vlan: entered promiscuous mode
[ 1497.132630][T28131] veth0_macvtap: entered promiscuous mode
[ 1497.184306][T28131] veth1_macvtap: entered promiscuous mode
[ 1497.412145][T28131] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1497.465591][T28379] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4510'.
[ 1497.530525][T28131] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1497.548958][T28131] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1497.582517][T28131] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1497.591955][T28131] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1497.601729][T28131] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1498.198791][T26706] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1498.221899][T26706] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1498.342136][T26706] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1498.378005][T26706] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1498.753965][T28392] hub 8-0:1.0: USB hub found
[ 1498.764324][T28392] hub 8-0:1.0: 1 port detected
[ 1500.302577][T28421] FAULT_INJECTION: forcing a failure.
[ 1500.302577][T28421] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1500.386793][T28421] CPU: 0 UID: 0 PID: 28421 Comm: syz.0.4515 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1500.386845][T28421] Tainted: [U]=USER
[ 1500.386854][T28421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1500.386872][T28421] Call Trace:
[ 1500.386884][T28421]  <TASK>
[ 1500.386896][T28421]  dump_stack_lvl+0x16c/0x1f0
[ 1500.386952][T28421]  should_fail_ex+0x512/0x640
[ 1500.387005][T28421]  _copy_to_user+0x32/0xd0
[ 1500.387038][T28421]  simple_read_from_buffer+0xcb/0x170
[ 1500.387085][T28421]  proc_fail_nth_read+0x197/0x270
[ 1500.387126][T28421]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1500.387167][T28421]  ? rw_verify_area+0xcf/0x680
[ 1500.387208][T28421]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1500.387246][T28421]  vfs_read+0x1e4/0xc60
[ 1500.387317][T28421]  ? __pfx___mutex_lock+0x10/0x10
[ 1500.387351][T28421]  ? __pfx_vfs_read+0x10/0x10
[ 1500.387407][T28421]  ? __fget_files+0x20e/0x3c0
[ 1500.387464][T28421]  ksys_read+0x12a/0x250
[ 1500.387510][T28421]  ? __pfx_ksys_read+0x10/0x10
[ 1500.387552][T28421]  ? syscall_user_dispatch+0x78/0x140
[ 1500.387616][T28421]  do_syscall_64+0xcd/0x490
[ 1500.387650][T28421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1500.387684][T28421] RIP: 0033:0x7f0a1838d33c
[ 1500.387711][T28421] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1500.387744][T28421] RSP: 002b:00007f0a191c1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1500.387775][T28421] RAX: ffffffffffffffda RBX: 00007f0a185b5fa0 RCX: 00007f0a1838d33c
[ 1500.387796][T28421] RDX: 000000000000000f RSI: 00007f0a191c10a0 RDI: 0000000000000008
[ 1500.387815][T28421] RBP: 00007f0a191c1090 R08: 0000000000000000 R09: 0000000000000000
[ 1500.387834][T28421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1500.387852][T28421] R13: 0000000000000000 R14: 00007f0a185b5fa0 R15: 00007fff579db928
[ 1500.387894][T28421]  </TASK>
[ 1501.449923][T28444] hub 8-0:1.0: USB hub found
[ 1501.455293][T28444] hub 8-0:1.0: 1 port detected
[ 1502.845032][T28461] hub 8-0:1.0: USB hub found
[ 1502.854040][T28461] hub 8-0:1.0: 1 port detected
[ 1502.926679][T28465] FAULT_INJECTION: forcing a failure.
[ 1502.926679][T28465] name failslab, interval 1, probability 0, space 0, times 0
[ 1502.943176][T28465] CPU: 1 UID: 0 PID: 28465 Comm: syz.1.4522 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1502.943224][T28465] Tainted: [U]=USER
[ 1502.943235][T28465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1502.943252][T28465] Call Trace:
[ 1502.943262][T28465]  <TASK>
[ 1502.943273][T28465]  dump_stack_lvl+0x16c/0x1f0
[ 1502.943327][T28465]  should_fail_ex+0x512/0x640
[ 1502.943371][T28465]  ? fs_reclaim_acquire+0xae/0x150
[ 1502.943411][T28465]  ? tomoyo_encode2+0x100/0x3e0
[ 1502.943459][T28465]  should_failslab+0xc2/0x120
[ 1502.943490][T28465]  __kmalloc_noprof+0xd2/0x510
[ 1502.943536][T28465]  ? d_absolute_path+0x136/0x1a0
[ 1502.943576][T28465]  tomoyo_encode2+0x100/0x3e0
[ 1502.943628][T28465]  tomoyo_encode+0x29/0x50
[ 1502.943671][T28465]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1502.943730][T28465]  tomoyo_check_open_permission+0x2ab/0x3c0
[ 1502.943772][T28465]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1502.943863][T28465]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1502.943924][T28465]  tomoyo_file_open+0x6b/0x90
[ 1502.943978][T28465]  security_file_open+0x84/0x1e0
[ 1502.944022][T28465]  do_dentry_open+0x596/0x1c10
[ 1502.944083][T28465]  vfs_open+0x82/0x3f0
[ 1502.944123][T28465]  path_openat+0x1de4/0x2cb0
[ 1502.944182][T28465]  ? __pfx_path_openat+0x10/0x10
[ 1502.944230][T28465]  ? __lock_acquire+0xb8a/0x1c90
[ 1502.944276][T28465]  do_filp_open+0x20b/0x470
[ 1502.944323][T28465]  ? __pfx_do_filp_open+0x10/0x10
[ 1502.944398][T28465]  ? alloc_fd+0x471/0x7d0
[ 1502.944455][T28465]  do_sys_openat2+0x11b/0x1d0
[ 1502.944490][T28465]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1502.944530][T28465]  ? __fget_files+0x20e/0x3c0
[ 1502.944581][T28465]  __x64_sys_openat+0x174/0x210
[ 1502.944618][T28465]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1502.944654][T28465]  ? ksys_write+0x1ac/0x250
[ 1502.944713][T28465]  do_syscall_64+0xcd/0x490
[ 1502.944747][T28465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1502.944778][T28465] RIP: 0033:0x7fe75d58e929
[ 1502.944809][T28465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1502.944867][T28465] RSP: 002b:00007fe75e34a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1502.944898][T28465] RAX: ffffffffffffffda RBX: 00007fe75d7b5fa0 RCX: 00007fe75d58e929
[ 1502.944921][T28465] RDX: 0000000000000080 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1502.944941][T28465] RBP: 00007fe75e34a090 R08: 0000000000000000 R09: 0000000000000000
[ 1502.944960][T28465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1502.944978][T28465] R13: 0000000000000001 R14: 00007fe75d7b5fa0 R15: 00007ffc9aedd198
[ 1502.945013][T28465]  </TASK>
[ 1503.215646][T28465] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1504.249759][T28483] FAULT_INJECTION: forcing a failure.
[ 1504.249759][T28483] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1504.300584][T28483] CPU: 0 UID: 0 PID: 28483 Comm: syz.0.4524 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1504.300637][T28483] Tainted: [U]=USER
[ 1504.300648][T28483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1504.300667][T28483] Call Trace:
[ 1504.300679][T28483]  <TASK>
[ 1504.300692][T28483]  dump_stack_lvl+0x16c/0x1f0
[ 1504.300748][T28483]  should_fail_ex+0x512/0x640
[ 1504.300813][T28483]  _copy_from_user+0x2e/0xd0
[ 1504.300860][T28483]  snd_pcm_oss_write2+0x1c2/0x410
[ 1504.300892][T28483]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[ 1504.300920][T28483]  ? snd_pcm_kernel_ioctl+0x267/0x2e0
[ 1504.300963][T28483]  snd_pcm_oss_write+0x711/0xa10
[ 1504.300996][T28483]  ? security_file_permission+0x71/0x210
[ 1504.301035][T28483]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[ 1504.301065][T28483]  vfs_write+0x29d/0x1150
[ 1504.301124][T28483]  ? __pfx_vfs_write+0x10/0x10
[ 1504.301153][T28483]  ? find_held_lock+0x2b/0x80
[ 1504.301176][T28483]  ? __fget_files+0x204/0x3c0
[ 1504.301210][T28483]  ? __fget_files+0x20e/0x3c0
[ 1504.301238][T28483]  ? sysvec_kvm_asyncpf_interrupt+0x40/0xc0
[ 1504.301281][T28483]  ksys_write+0x12a/0x250
[ 1504.301311][T28483]  ? __pfx_ksys_write+0x10/0x10
[ 1504.301351][T28483]  do_syscall_64+0xcd/0x490
[ 1504.301374][T28483]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1504.301397][T28483] RIP: 0033:0x7f0a1838e929
[ 1504.301415][T28483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1504.301437][T28483] RSP: 002b:00007f0a1917f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1504.301458][T28483] RAX: ffffffffffffffda RBX: 00007f0a185b6160 RCX: 00007f0a1838e929
[ 1504.301472][T28483] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003
[ 1504.301486][T28483] RBP: 00007f0a1917f090 R08: 0000000000000000 R09: 0000000000000000
[ 1504.301500][T28483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1504.301513][T28483] R13: 0000000000000000 R14: 00007f0a185b6160 R15: 00007fff579db928
[ 1504.301542][T28483]  </TASK>
[ 1505.521253][T28504] FAULT_INJECTION: forcing a failure.
[ 1505.521253][T28504] name failslab, interval 1, probability 0, space 0, times 0
[ 1505.562609][T28504] CPU: 0 UID: 0 PID: 28504 Comm: syz.0.4528 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1505.562663][T28504] Tainted: [U]=USER
[ 1505.562674][T28504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1505.562693][T28504] Call Trace:
[ 1505.562704][T28504]  <TASK>
[ 1505.562717][T28504]  dump_stack_lvl+0x16c/0x1f0
[ 1505.562776][T28504]  should_fail_ex+0x512/0x640
[ 1505.562822][T28504]  ? fs_reclaim_acquire+0xae/0x150
[ 1505.562862][T28504]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1505.562911][T28504]  should_failslab+0xc2/0x120
[ 1505.562942][T28504]  __kmalloc_noprof+0xd2/0x510
[ 1505.563008][T28504]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1505.563069][T28504]  tomoyo_check_open_permission+0x2ab/0x3c0
[ 1505.563113][T28504]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1505.563152][T28504]  ? mntput_no_expire+0x15e/0xbb0
[ 1505.563234][T28504]  ? find_held_lock+0x2b/0x80
[ 1505.563279][T28504]  tomoyo_file_open+0x6b/0x90
[ 1505.563332][T28504]  security_file_open+0x84/0x1e0
[ 1505.563377][T28504]  do_dentry_open+0x596/0x1c10
[ 1505.563438][T28504]  vfs_open+0x82/0x3f0
[ 1505.563478][T28504]  path_openat+0x1de4/0x2cb0
[ 1505.563539][T28504]  ? __pfx_path_openat+0x10/0x10
[ 1505.563589][T28504]  ? __lock_acquire+0xb8a/0x1c90
[ 1505.563636][T28504]  do_filp_open+0x20b/0x470
[ 1505.563683][T28504]  ? __pfx_do_filp_open+0x10/0x10
[ 1505.563764][T28504]  ? alloc_fd+0x471/0x7d0
[ 1505.563821][T28504]  do_sys_openat2+0x11b/0x1d0
[ 1505.563858][T28504]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1505.563909][T28504]  __x64_sys_openat+0x174/0x210
[ 1505.563946][T28504]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1505.564014][T28504]  do_syscall_64+0xcd/0x490
[ 1505.564048][T28504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1505.564082][T28504] RIP: 0033:0x7f0a1838e929
[ 1505.564109][T28504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1505.564141][T28504] RSP: 002b:00007f0a191c1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1505.564172][T28504] RAX: ffffffffffffffda RBX: 00007f0a185b5fa0 RCX: 00007f0a1838e929
[ 1505.564193][T28504] RDX: 0000000000000a02 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1505.564213][T28504] RBP: 00007f0a18410b39 R08: 0000000000000000 R09: 0000000000000000
[ 1505.564231][T28504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1505.564247][T28504] R13: 0000000000000000 R14: 00007f0a185b5fa0 R15: 00007fff579db928
[ 1505.564282][T28504]  </TASK>
[ 1505.564295][T28504] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1506.404042][T28500] Process accounting resumed
[ 1506.694077][T28515] hub 8-0:1.0: USB hub found
[ 1506.793508][T28515] hub 8-0:1.0: 1 port detected
[ 1508.636417][T28538] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1508.660854][T28538] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1508.713223][T28538] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1508.732990][T28538] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1508.879328][T28538] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1508.921736][T28556] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4535'.
[ 1509.064753][T28538] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1509.080992][T28538] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1509.178358][T28538] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1509.895625][T28566] FAULT_INJECTION: forcing a failure.
[ 1509.895625][T28566] name failslab, interval 1, probability 0, space 0, times 0
[ 1509.965043][T28566] CPU: 0 UID: 0 PID: 28566 Comm: syz.5.4537 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1509.965101][T28566] Tainted: [U]=USER
[ 1509.965114][T28566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1509.965134][T28566] Call Trace:
[ 1509.965146][T28566]  <TASK>
[ 1509.965159][T28566]  dump_stack_lvl+0x16c/0x1f0
[ 1509.965219][T28566]  should_fail_ex+0x512/0x640
[ 1509.965268][T28566]  ? fs_reclaim_acquire+0xae/0x150
[ 1509.965312][T28566]  ? tomoyo_encode2+0x100/0x3e0
[ 1509.965358][T28566]  should_failslab+0xc2/0x120
[ 1509.965390][T28566]  __kmalloc_noprof+0xd2/0x510
[ 1509.965451][T28566]  tomoyo_encode2+0x100/0x3e0
[ 1509.965503][T28566]  tomoyo_encode+0x29/0x50
[ 1509.965547][T28566]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1509.965608][T28566]  tomoyo_check_open_permission+0x2ab/0x3c0
[ 1509.965652][T28566]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1509.965701][T28566]  ? mntput_no_expire+0x15e/0xbb0
[ 1509.965788][T28566]  ? find_held_lock+0x2b/0x80
[ 1509.965834][T28566]  tomoyo_file_open+0x6b/0x90
[ 1509.965888][T28566]  security_file_open+0x84/0x1e0
[ 1509.965933][T28566]  do_dentry_open+0x596/0x1c10
[ 1509.965996][T28566]  vfs_open+0x82/0x3f0
[ 1509.966039][T28566]  path_openat+0x1de4/0x2cb0
[ 1509.966101][T28566]  ? __pfx_path_openat+0x10/0x10
[ 1509.966153][T28566]  ? __lock_acquire+0xb8a/0x1c90
[ 1509.966203][T28566]  do_filp_open+0x20b/0x470
[ 1509.966252][T28566]  ? __pfx_do_filp_open+0x10/0x10
[ 1509.966332][T28566]  ? alloc_fd+0x471/0x7d0
[ 1509.966389][T28566]  do_sys_openat2+0x11b/0x1d0
[ 1509.966426][T28566]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1509.966481][T28566]  __x64_sys_openat+0x174/0x210
[ 1509.966521][T28566]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1509.966577][T28566]  do_syscall_64+0xcd/0x490
[ 1509.966612][T28566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1509.966644][T28566] RIP: 0033:0x7f818718e929
[ 1509.966672][T28566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1509.966713][T28566] RSP: 002b:00007f8187ffd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1509.966747][T28566] RAX: ffffffffffffffda RBX: 00007f81873b5fa0 RCX: 00007f818718e929
[ 1509.966769][T28566] RDX: 0000000000000a02 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1509.966791][T28566] RBP: 00007f8187210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1509.966811][T28566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1509.966831][T28566] R13: 0000000000000000 R14: 00007f81873b5fa0 R15: 00007ffec49f28b8
[ 1509.966875][T28566]  </TASK>
[ 1509.966909][T28566] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1510.645306][T28576] hub 8-0:1.0: USB hub found
[ 1510.661820][T28576] hub 8-0:1.0: 1 port detected
[ 1510.684502][T20426] Bluetooth: hci0: command 0x0406 tx timeout
[ 1510.690813][T20426] Bluetooth: hci1: command 0x0406 tx timeout
[ 1510.696934][T25979] Bluetooth: hci2: command 0x0406 tx timeout
[ 1511.121979][T28577] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1512.760792][T28577] Bluetooth: hci0: command 0x0406 tx timeout
[ 1513.165602][T28577] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1513.246460][T28609] netlink: zone id is out of range
[ 1513.265886][T28609] netlink: zone id is out of range
[ 1513.277509][T28609] netlink: zone id is out of range
[ 1513.300842][T28609] netlink: zone id is out of range
[ 1513.307610][T28609] netlink: zone id is out of range
[ 1513.314306][T28609] netlink: zone id is out of range
[ 1513.322161][T28609] netlink: zone id is out of range
[ 1513.328853][T28609] netlink: zone id is out of range
[ 1513.335897][T28609] netlink: zone id is out of range
[ 1513.342642][T28609] netlink: zone id is out of range
[ 1513.813107][T28627] FAULT_INJECTION: forcing a failure.
[ 1513.813107][T28627] name failslab, interval 1, probability 0, space 0, times 0
[ 1513.942436][T28627] CPU: 0 UID: 0 PID: 28627 Comm: syz.1.4550 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1513.942496][T28627] Tainted: [U]=USER
[ 1513.942509][T28627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1513.942529][T28627] Call Trace:
[ 1513.942541][T28627]  <TASK>
[ 1513.942554][T28627]  dump_stack_lvl+0x16c/0x1f0
[ 1513.942617][T28627]  should_fail_ex+0x512/0x640
[ 1513.942667][T28627]  ? fs_reclaim_acquire+0xae/0x150
[ 1513.942711][T28627]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1513.942760][T28627]  should_failslab+0xc2/0x120
[ 1513.942794][T28627]  __kmalloc_noprof+0xd2/0x510
[ 1513.942856][T28627]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1513.942918][T28627]  tomoyo_check_open_permission+0x2ab/0x3c0
[ 1513.942964][T28627]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1513.943005][T28627]  ? mntput_no_expire+0x15e/0xbb0
[ 1513.943090][T28627]  ? find_held_lock+0x2b/0x80
[ 1513.943137][T28627]  tomoyo_file_open+0x6b/0x90
[ 1513.943194][T28627]  security_file_open+0x84/0x1e0
[ 1513.943249][T28627]  do_dentry_open+0x596/0x1c10
[ 1513.943315][T28627]  vfs_open+0x82/0x3f0
[ 1513.943356][T28627]  path_openat+0x1de4/0x2cb0
[ 1513.943420][T28627]  ? __pfx_path_openat+0x10/0x10
[ 1513.943474][T28627]  ? __lock_acquire+0xb8a/0x1c90
[ 1513.943525][T28627]  do_filp_open+0x20b/0x470
[ 1513.943574][T28627]  ? __pfx_do_filp_open+0x10/0x10
[ 1513.943656][T28627]  ? alloc_fd+0x471/0x7d0
[ 1513.943716][T28627]  do_sys_openat2+0x11b/0x1d0
[ 1513.943754][T28627]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1513.943810][T28627]  __x64_sys_openat+0x174/0x210
[ 1513.943851][T28627]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1513.943909][T28627]  do_syscall_64+0xcd/0x490
[ 1513.943945][T28627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1513.943979][T28627] RIP: 0033:0x7fe75d58e929
[ 1513.944008][T28627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1513.944044][T28627] RSP: 002b:00007fe75e34a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1513.944076][T28627] RAX: ffffffffffffffda RBX: 00007fe75d7b5fa0 RCX: 00007fe75d58e929
[ 1513.944098][T28627] RDX: 0000000000000a02 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1513.944120][T28627] RBP: 00007fe75d610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1513.944140][T28627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1513.944161][T28627] R13: 0000000000000000 R14: 00007fe75d7b5fa0 R15: 00007ffc9aedd198
[ 1513.944212][T28627]  </TASK>
[ 1514.351007][T28627] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1514.846561][T28577] Bluetooth: hci0: command 0x0406 tx timeout
[ 1515.207121][T28639] hub 8-0:1.0: USB hub found
[ 1515.240704][T28577] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1515.274066][T28639] hub 8-0:1.0: 1 port detected
[ 1515.443310][T28645] Invalid ELF header magic: != ELF
[ 1516.873575][T28660] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4557'.
[ 1518.448452][T28686] hub 8-0:1.0: USB hub found
[ 1518.464159][T28686] hub 8-0:1.0: 1 port detected
[ 1518.499004][T28687] hub 8-0:1.0: USB hub found
[ 1518.513667][T28687] hub 8-0:1.0: 1 port detected
[ 1519.277768][T28700] FAULT_INJECTION: forcing a failure.
[ 1519.277768][T28700] name failslab, interval 1, probability 0, space 0, times 0
[ 1519.291184][T28700] CPU: 0 UID: 0 PID: 28700 Comm: syz.5.4565 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1519.291223][T28700] Tainted: [U]=USER
[ 1519.291231][T28700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1519.291246][T28700] Call Trace:
[ 1519.291253][T28700]  <TASK>
[ 1519.291262][T28700]  dump_stack_lvl+0x16c/0x1f0
[ 1519.291306][T28700]  should_fail_ex+0x512/0x640
[ 1519.291342][T28700]  ? __kmalloc_cache_node_noprof+0x5a/0x420
[ 1519.291381][T28700]  should_failslab+0xc2/0x120
[ 1519.291403][T28700]  __kmalloc_cache_node_noprof+0x6d/0x420
[ 1519.291437][T28700]  ? register_lock_class+0x41/0x4c0
[ 1519.291468][T28700]  ? __get_vm_area_node+0x101/0x330
[ 1519.291500][T28700]  __get_vm_area_node+0x101/0x330
[ 1519.291527][T28700]  ? __lock_acquire+0xb8a/0x1c90
[ 1519.291559][T28700]  __vmalloc_node_range_noprof+0x271/0x14b0
[ 1519.291591][T28700]  ? n_tty_open+0x1a/0x170
[ 1519.291616][T28700]  ? do_raw_spin_unlock+0x172/0x230
[ 1519.291660][T28700]  ? n_tty_open+0x1a/0x170
[ 1519.291694][T28700]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1519.291724][T28700]  ? console_unlock+0x184/0x210
[ 1519.291758][T28700]  ? __pfx_console_unlock+0x10/0x10
[ 1519.291783][T28700]  ? __pfx___ldsem_down_write_nested+0x10/0x10
[ 1519.291814][T28700]  ? n_tty_open+0x1a/0x170
[ 1519.291839][T28700]  __vmalloc_node_noprof+0xad/0xf0
[ 1519.291868][T28700]  ? n_tty_open+0x1a/0x170
[ 1519.291900][T28700]  ? __pfx_n_tty_open+0x10/0x10
[ 1519.291927][T28700]  n_tty_open+0x1a/0x170
[ 1519.291952][T28700]  ? __pfx_n_tty_open+0x10/0x10
[ 1519.291976][T28700]  tty_ldisc_open+0x9f/0x120
[ 1519.292011][T28700]  tty_ldisc_setup+0x40/0x100
[ 1519.292047][T28700]  tty_init_dev.part.0+0x1ec/0x500
[ 1519.292074][T28700]  tty_open+0xa50/0xf90
[ 1519.292102][T28700]  ? __pfx_tty_open+0x10/0x10
[ 1519.292126][T28700]  ? chrdev_open+0x10b/0x6a0
[ 1519.292167][T28700]  ? __pfx_tty_open+0x10/0x10
[ 1519.292190][T28700]  chrdev_open+0x231/0x6a0
[ 1519.292226][T28700]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1519.292257][T28700]  ? __pfx_chrdev_open+0x10/0x10
[ 1519.292296][T28700]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1519.292334][T28700]  do_dentry_open+0x744/0x1c10
[ 1519.292370][T28700]  ? __pfx_chrdev_open+0x10/0x10
[ 1519.292413][T28700]  vfs_open+0x82/0x3f0
[ 1519.292442][T28700]  path_openat+0x1de4/0x2cb0
[ 1519.292486][T28700]  ? __pfx_path_openat+0x10/0x10
[ 1519.292522][T28700]  ? __lock_acquire+0xb8a/0x1c90
[ 1519.292556][T28700]  do_filp_open+0x20b/0x470
[ 1519.292590][T28700]  ? __pfx_do_filp_open+0x10/0x10
[ 1519.292647][T28700]  ? alloc_fd+0x471/0x7d0
[ 1519.292687][T28700]  do_sys_openat2+0x11b/0x1d0
[ 1519.292712][T28700]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1519.292742][T28700]  ? __fget_files+0x20e/0x3c0
[ 1519.292780][T28700]  __x64_sys_openat+0x174/0x210
[ 1519.292807][T28700]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1519.292833][T28700]  ? ksys_write+0x1ac/0x250
[ 1519.292877][T28700]  do_syscall_64+0xcd/0x490
[ 1519.292905][T28700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1519.292928][T28700] RIP: 0033:0x7f818718e929
[ 1519.292947][T28700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1519.292970][T28700] RSP: 002b:00007f8187fdc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1519.292992][T28700] RAX: ffffffffffffffda RBX: 00007f81873b6080 RCX: 00007f818718e929
[ 1519.293008][T28700] RDX: 00000000001a3c01 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1519.293024][T28700] RBP: 00007f8187fdc090 R08: 0000000000000000 R09: 0000000000000000
[ 1519.293038][T28700] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000001
[ 1519.293053][T28700] R13: 0000000000000000 R14: 00007f81873b6080 R15: 00007ffec49f28b8
[ 1519.293083][T28700]  </TASK>
[ 1519.293094][T28700] syz.5.4565: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1519.679938][T28700] CPU: 0 UID: 0 PID: 28700 Comm: syz.5.4565 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1519.679989][T28700] Tainted: [U]=USER
[ 1519.680000][T28700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1519.680019][T28700] Call Trace:
[ 1519.680028][T28700]  <TASK>
[ 1519.680037][T28700]  dump_stack_lvl+0x16c/0x1f0
[ 1519.680082][T28700]  warn_alloc+0x248/0x3a0
[ 1519.680120][T28700]  ? __pfx_warn_alloc+0x10/0x10
[ 1519.680153][T28700]  ? rcu_is_watching+0x12/0xc0
[ 1519.680177][T28700]  ? trace_kmalloc+0x2b/0xd0
[ 1519.680198][T28700]  ? __kmalloc_cache_node_noprof+0x272/0x420
[ 1519.680236][T28700]  ? __kasan_kmalloc+0x8a/0xb0
[ 1519.680270][T28700]  ? __get_vm_area_node+0x208/0x330
[ 1519.680304][T28700]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[ 1519.680334][T28700]  ? do_raw_spin_unlock+0x172/0x230
[ 1519.680377][T28700]  ? n_tty_open+0x1a/0x170
[ 1519.680412][T28700]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1519.680454][T28700]  ? console_unlock+0x184/0x210
[ 1519.680483][T28700]  ? __pfx_console_unlock+0x10/0x10
[ 1519.680515][T28700]  ? __pfx___ldsem_down_write_nested+0x10/0x10
[ 1519.680558][T28700]  ? n_tty_open+0x1a/0x170
[ 1519.680590][T28700]  __vmalloc_node_noprof+0xad/0xf0
[ 1519.680629][T28700]  ? n_tty_open+0x1a/0x170
[ 1519.680663][T28700]  ? __pfx_n_tty_open+0x10/0x10
[ 1519.680702][T28700]  n_tty_open+0x1a/0x170
[ 1519.680737][T28700]  ? __pfx_n_tty_open+0x10/0x10
[ 1519.680773][T28700]  tty_ldisc_open+0x9f/0x120
[ 1519.680819][T28700]  tty_ldisc_setup+0x40/0x100
[ 1519.680893][T28700]  tty_init_dev.part.0+0x1ec/0x500
[ 1519.680929][T28700]  tty_open+0xa50/0xf90
[ 1519.680971][T28700]  ? __pfx_tty_open+0x10/0x10
[ 1519.681006][T28700]  ? chrdev_open+0x10b/0x6a0
[ 1519.681062][T28700]  ? __pfx_tty_open+0x10/0x10
[ 1519.681093][T28700]  chrdev_open+0x231/0x6a0
[ 1519.681141][T28700]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1519.681182][T28700]  ? __pfx_chrdev_open+0x10/0x10
[ 1519.681234][T28700]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1519.681285][T28700]  do_dentry_open+0x744/0x1c10
[ 1519.681335][T28700]  ? __pfx_chrdev_open+0x10/0x10
[ 1519.681392][T28700]  vfs_open+0x82/0x3f0
[ 1519.681431][T28700]  path_openat+0x1de4/0x2cb0
[ 1519.681494][T28700]  ? __pfx_path_openat+0x10/0x10
[ 1519.681543][T28700]  ? __lock_acquire+0xb8a/0x1c90
[ 1519.681592][T28700]  do_filp_open+0x20b/0x470
[ 1519.681639][T28700]  ? __pfx_do_filp_open+0x10/0x10
[ 1519.681719][T28700]  ? alloc_fd+0x471/0x7d0
[ 1519.681776][T28700]  do_sys_openat2+0x11b/0x1d0
[ 1519.681811][T28700]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1519.681859][T28700]  ? __fget_files+0x20e/0x3c0
[ 1519.681911][T28700]  __x64_sys_openat+0x174/0x210
[ 1519.681949][T28700]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1519.681983][T28700]  ? ksys_write+0x1ac/0x250
[ 1519.682045][T28700]  do_syscall_64+0xcd/0x490
[ 1519.682078][T28700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1519.682112][T28700] RIP: 0033:0x7f818718e929
[ 1519.682139][T28700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1519.682170][T28700] RSP: 002b:00007f8187fdc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1519.682202][T28700] RAX: ffffffffffffffda RBX: 00007f81873b6080 RCX: 00007f818718e929
[ 1519.682223][T28700] RDX: 00000000001a3c01 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1519.682244][T28700] RBP: 00007f8187fdc090 R08: 0000000000000000 R09: 0000000000000000
[ 1519.682263][T28700] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000001
[ 1519.682282][T28700] R13: 0000000000000000 R14: 00007f81873b6080 R15: 00007ffec49f28b8
[ 1519.682324][T28700]  </TASK>
[ 1520.033265][T28700] Mem-Info:
[ 1520.054697][T28703] FAULT_INJECTION: forcing a failure.
[ 1520.054697][T28703] name failslab, interval 1, probability 0, space 0, times 0
[ 1520.067543][T28703] CPU: 0 UID: 0 PID: 28703 Comm: syz.1.4567 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1520.067614][T28703] Tainted: [U]=USER
[ 1520.067625][T28703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1520.067644][T28703] Call Trace:
[ 1520.067657][T28703]  <TASK>
[ 1520.067670][T28703]  dump_stack_lvl+0x16c/0x1f0
[ 1520.067742][T28703]  should_fail_ex+0x512/0x640
[ 1520.067789][T28703]  ? fs_reclaim_acquire+0xae/0x150
[ 1520.067839][T28703]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1520.067885][T28703]  should_failslab+0xc2/0x120
[ 1520.067915][T28703]  __kmalloc_noprof+0xd2/0x510
[ 1520.067973][T28703]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1520.068027][T28703]  tomoyo_check_open_permission+0x2ab/0x3c0
[ 1520.068067][T28703]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1520.068106][T28703]  ? mntput_no_expire+0x15e/0xbb0
[ 1520.068187][T28703]  ? find_held_lock+0x2b/0x80
[ 1520.068229][T28703]  tomoyo_file_open+0x6b/0x90
[ 1520.068284][T28703]  security_file_open+0x84/0x1e0
[ 1520.068329][T28703]  do_dentry_open+0x596/0x1c10
[ 1520.068390][T28703]  vfs_open+0x82/0x3f0
[ 1520.068431][T28703]  path_openat+0x1de4/0x2cb0
[ 1520.068492][T28703]  ? __pfx_path_openat+0x10/0x10
[ 1520.068542][T28703]  ? __lock_acquire+0xb8a/0x1c90
[ 1520.068589][T28703]  do_filp_open+0x20b/0x470
[ 1520.068636][T28703]  ? __pfx_do_filp_open+0x10/0x10
[ 1520.068713][T28703]  ? alloc_fd+0x471/0x7d0
[ 1520.068768][T28703]  do_sys_openat2+0x11b/0x1d0
[ 1520.068804][T28703]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1520.068868][T28703]  __x64_sys_openat+0x174/0x210
[ 1520.068928][T28703]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1520.068986][T28703]  do_syscall_64+0xcd/0x490
[ 1520.069022][T28703]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1520.069056][T28703] RIP: 0033:0x7fe75d58e929
[ 1520.069082][T28703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1520.069117][T28703] RSP: 002b:00007fe75e34a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1520.069149][T28703] RAX: ffffffffffffffda RBX: 00007fe75d7b5fa0 RCX: 00007fe75d58e929
[ 1520.069172][T28703] RDX: 0000000000000a02 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1520.069195][T28703] RBP: 00007fe75d610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1520.069216][T28703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1520.069235][T28703] R13: 0000000000000000 R14: 00007fe75d7b5fa0 R15: 00007ffc9aedd198
[ 1520.069278][T28703]  </TASK>
[ 1520.069291][T28703] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1520.140857][T28700] active_anon:13850 inactive_anon:1632 isolated_anon:0
[ 1520.140857][T28700]  active_file:23514 inactive_file:39886 isolated_file:0
[ 1520.140857][T28700]  unevictable:768 dirty:803 writeback:0
[ 1520.140857][T28700]  slab_reclaimable:11403 slab_unreclaimable:97128
[ 1520.140857][T28700]  mapped:28329 shmem:1387 pagetables:1494
[ 1520.140857][T28700]  sec_pagetables:0 bounce:0
[ 1520.140857][T28700]  kernel_misc_reclaimable:0
[ 1520.140857][T28700]  free:1305383 free_pcp:13478 free_cma:0
[ 1520.140943][T28700] Node 0 active_anon:55400kB inactive_anon:6528kB active_file:94056kB inactive_file:159404kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:113316kB dirty:3212kB writeback:0kB shmem:4012kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11988kB pagetables:5836kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1520.425374][T28700] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:140kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1520.465829][T28700] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1520.529009][T28700] lowmem_reserve[]: 0 2481 2482 2482 2482
[ 1520.539160][T28700] Node 0 DMA32 free:1308944kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB free_highatomic:0KB active_anon:55356kB inactive_anon:6228kB active_file:92756kB inactive_file:159136kB unevictable:1536kB writepending:3212kB present:3129332kB managed:2540900kB mlocked:0kB bounce:0kB free_pcp:34388kB local_pcp:19932kB free_cma:0kB
[ 1520.715902][T28700] lowmem_reserve[]: 0 0 1 1 1
[ 1520.756774][T28700] Node 0 Normal free:20kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:1300kB inactive_file:268kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB
[ 1520.850701][T28700] lowmem_reserve[]: 0 0 0 0 0
[ 1520.865866][T28700] Node 1 Normal free:3899232kB boost:0kB min:55788kB low:69732kB high:83676kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:140kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:17320kB local_pcp:11432kB free_cma:0kB
[ 1520.964664][T28700] lowmem_reserve[]: 0 0 0 0 0
[ 1520.969465][T28700] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1521.049482][T28700] Node 0 DMA32: 4352*4kB (UM) 2502*8kB (UME) 1507*16kB (UM) 1178*32kB (UME) 935*64kB (UME) 593*128kB (UME) 168*256kB (UME) 139*512kB (UME) 73*1024kB (UME) 8*2048kB (UME) 212*4096kB (M) = 1308640kB
[ 1521.118894][T28700] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB
[ 1521.267167][T28700] Node 1 Normal: 197*4kB (UM) 68*8kB (UME) 48*16kB (UME) 231*32kB (UM) 106*64kB (UME) 34*128kB (UME) 17*256kB (UME) 7*512kB (UM) 2*1024kB (UM) 3*2048kB (UM) 943*4096kB (M) = 3899284kB
[ 1521.341298][T28700] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1521.353657][T28700] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1521.382511][T28700] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1521.409934][T28700] Node 1 hugepages_total=4 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1521.440675][T28700] 65574 total pagecache pages
[ 1521.445434][T28700] 0 pages in swap cache
[ 1521.452400][T28700] Free swap  = 124996kB
[ 1521.461354][T28700] Total swap = 124996kB
[ 1521.468947][T28700] 2097051 pages RAM
[ 1521.478559][T28700] 0 pages HighMem/MovableOnly
[ 1521.487125][T28700] 429784 pages reserved
[ 1521.499524][T28700] 0 pages cma reserved
[ 1521.509736][T28700] tty tty26: ldisc open failed (-12), clearing slot 25
[ 1521.526660][T28693] ptm ptm0: ldisc open failed (-12), clearing slot 0
[ 1521.908481][T28718] Invalid ELF header magic: != ELF
[ 1522.191745][T28721] hub 8-0:1.0: USB hub found
[ 1522.197749][T28721] hub 8-0:1.0: 1 port detected
[ 1524.084405][T28754] hub 8-0:1.0: USB hub found
[ 1524.099586][T28754] hub 8-0:1.0: 1 port detected
[ 1526.816441][T28791] Invalid ELF header magic: != ELF
[ 1526.990187][T28796] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4586'.
[ 1530.588067][T28846] hub 8-0:1.0: USB hub found
[ 1530.594525][T28846] hub 8-0:1.0: 1 port detected
[ 1530.999348][T28855] can: request_module (can-proto-3) failed.
[ 1532.149916][T28864] hub 8-0:1.0: USB hub found
[ 1532.200368][T28864] hub 8-0:1.0: 1 port detected
[ 1533.677069][T28888] hub 8-0:1.0: USB hub found
[ 1533.689996][T28888] hub 8-0:1.0: 1 port detected
[ 1534.204339][T28891] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4607'.
[ 1534.312788][T28892] nfs4: Unknown parameter '€
'
[ 1535.532463][T28912] FAULT_INJECTION: forcing a failure.
[ 1535.532463][T28912] name failslab, interval 1, probability 0, space 0, times 0
[ 1535.545532][T28912] CPU: 1 UID: 0 PID: 28912 Comm: syz.1.4611 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1535.545590][T28912] Tainted: [U]=USER
[ 1535.545603][T28912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1535.545624][T28912] Call Trace:
[ 1535.545635][T28912]  <TASK>
[ 1535.545648][T28912]  dump_stack_lvl+0x16c/0x1f0
[ 1535.545711][T28912]  should_fail_ex+0x512/0x640
[ 1535.545762][T28912]  ? fs_reclaim_acquire+0xae/0x150
[ 1535.545805][T28912]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1535.545855][T28912]  should_failslab+0xc2/0x120
[ 1535.545899][T28912]  __kmalloc_noprof+0xd2/0x510
[ 1535.545961][T28912]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1535.546026][T28912]  tomoyo_check_open_permission+0x2ab/0x3c0
[ 1535.546073][T28912]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1535.546114][T28912]  ? mntput_no_expire+0x15e/0xbb0
[ 1535.546212][T28912]  ? find_held_lock+0x2b/0x80
[ 1535.546257][T28912]  tomoyo_file_open+0x6b/0x90
[ 1535.546312][T28912]  security_file_open+0x84/0x1e0
[ 1535.546359][T28912]  do_dentry_open+0x596/0x1c10
[ 1535.546423][T28912]  vfs_open+0x82/0x3f0
[ 1535.546465][T28912]  path_openat+0x1de4/0x2cb0
[ 1535.546528][T28912]  ? __pfx_path_openat+0x10/0x10
[ 1535.546579][T28912]  ? __lock_acquire+0xb8a/0x1c90
[ 1535.546627][T28912]  do_filp_open+0x20b/0x470
[ 1535.546677][T28912]  ? __pfx_do_filp_open+0x10/0x10
[ 1535.546757][T28912]  ? alloc_fd+0x471/0x7d0
[ 1535.546816][T28912]  do_sys_openat2+0x11b/0x1d0
[ 1535.546853][T28912]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1535.546916][T28912]  __x64_sys_openat+0x174/0x210
[ 1535.546956][T28912]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1535.547013][T28912]  do_syscall_64+0xcd/0x490
[ 1535.547049][T28912]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1535.547081][T28912] RIP: 0033:0x7fe75d58e929
[ 1535.547109][T28912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1535.547145][T28912] RSP: 002b:00007fe75e34a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1535.547177][T28912] RAX: ffffffffffffffda RBX: 00007fe75d7b5fa0 RCX: 00007fe75d58e929
[ 1535.547199][T28912] RDX: 0000000000000a02 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1535.547220][T28912] RBP: 00007fe75d610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1535.547240][T28912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1535.547259][T28912] R13: 0000000000000000 R14: 00007fe75d7b5fa0 R15: 00007ffc9aedd198
[ 1535.547302][T28912]  </TASK>
[ 1535.547317][T28912] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1536.655175][T28917] Process accounting paused
[ 1536.661990][T28920] hub 8-0:1.0: USB hub found
[ 1536.671039][T28920] hub 8-0:1.0: 1 port detected
[ 1537.292493][T28932] kvm: user requested TSC rate below hardware speed
[ 1537.646734][T28940] hub 8-0:1.0: USB hub found
[ 1537.701999][T28940] hub 8-0:1.0: 1 port detected
[ 1539.192819][T28965] FAULT_INJECTION: forcing a failure.
[ 1539.192819][T28965] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1539.246394][T28965] CPU: 0 UID: 0 PID: 28965 Comm: syz.5.4625 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1539.246447][T28965] Tainted: [U]=USER
[ 1539.246458][T28965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1539.246477][T28965] Call Trace:
[ 1539.246488][T28965]  <TASK>
[ 1539.246501][T28965]  dump_stack_lvl+0x16c/0x1f0
[ 1539.246557][T28965]  should_fail_ex+0x512/0x640
[ 1539.246611][T28965]  _copy_from_iter+0x29f/0x16f0
[ 1539.246665][T28965]  ? __alloc_skb+0x200/0x380
[ 1539.246723][T28965]  ? __pfx__copy_from_iter+0x10/0x10
[ 1539.246775][T28965]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1539.246826][T28965]  netlink_sendmsg+0x829/0xdd0
[ 1539.246870][T28965]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1539.246928][T28965]  ____sys_sendmsg+0xa95/0xc70
[ 1539.246969][T28965]  ? copy_msghdr_from_user+0x10a/0x160
[ 1539.247018][T28965]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1539.247076][T28965]  ___sys_sendmsg+0x134/0x1d0
[ 1539.247128][T28965]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1539.247173][T28965]  ? __lock_acquire+0x622/0x1c90
[ 1539.247266][T28965]  __sys_sendmsg+0x16d/0x220
[ 1539.247295][T28965]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1539.247350][T28965]  do_syscall_64+0xcd/0x490
[ 1539.247384][T28965]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1539.247420][T28965] RIP: 0033:0x7f818718e929
[ 1539.247444][T28965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1539.247475][T28965] RSP: 002b:00007f8187ffd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1539.247504][T28965] RAX: ffffffffffffffda RBX: 00007f81873b5fa0 RCX: 00007f818718e929
[ 1539.247524][T28965] RDX: 0000000000044044 RSI: 0000200000006200 RDI: 000000000000000a
[ 1539.247543][T28965] RBP: 00007f8187ffd090 R08: 0000000000000000 R09: 0000000000000000
[ 1539.247562][T28965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1539.247579][T28965] R13: 0000000000000000 R14: 00007f81873b5fa0 R15: 00007ffec49f28b8
[ 1539.247628][T28965]  </TASK>
[ 1542.997774][T29017] hub 8-0:1.0: USB hub found
[ 1543.082104][T29017] hub 8-0:1.0: 1 port detected
[ 1543.718400][T29023] hub 8-0:1.0: USB hub found
[ 1543.766738][T29023] hub 8-0:1.0: 1 port detected
[ 1544.476438][T29032] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4638'.
[ 1546.202848][T29057] netlink: 48 bytes leftover after parsing attributes in process `syz.4.4645'.
[ 1546.554978][T29064] Invalid ELF header magic: != ELF
[ 1549.177970][T29107] Invalid ELF header magic: != ELF
[ 1549.596584][T29112] hub 8-0:1.0: USB hub found
[ 1549.631201][T29112] hub 8-0:1.0: 1 port detected
[ 1551.530033][   T30] audit: type=1804 audit(4294967361.620:111): pid=29140 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.4661" name="/newroot/146/file0" dev="tmpfs" ino=780 res=1 errno=0
[ 1551.955679][T29147] can0: slcan on ttyS2.
[ 1552.073009][T29150] can0 (unregistered): slcan off ttyS2.
[ 1552.366342][T29159] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4663'.
[ 1552.394386][T29161] ref_tracker: memory allocation failure, unreliable refcount tracker.
[ 1552.437560][T29159] HSR: entered promiscuous mode
[ 1553.259064][T29168] ptrace attach of "./syz-executor exec"[18283] was attempted by ""[29168]
[ 1553.556953][T29171] netlink: 48 bytes leftover after parsing attributes in process `syz.4.4666'.
[ 1555.403482][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1555.421388][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1555.430283][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1555.446984][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1555.455209][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1555.966998][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1555.973710][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1556.657071][T26706] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1556.758055][T29190] chnl_net:caif_netlink_parms(): no params data found
[ 1556.818719][T26706] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1557.035933][T26706] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1557.217951][T26706] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1557.479174][T29190] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1557.489835][ T5840] Bluetooth: hci4: command tx timeout
[ 1557.595013][T29190] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1557.604042][T29190] bridge_slave_0: entered allmulticast mode
[ 1557.612539][T29190] bridge_slave_0: entered promiscuous mode
[ 1557.643498][T29190] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1557.655140][T29190] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1557.663427][T29190] bridge_slave_1: entered allmulticast mode
[ 1557.673833][T29190] bridge_slave_1: entered promiscuous mode
[ 1558.305062][T29215] CIFS mount error: No usable UNC path provided in device string!
[ 1558.305062][T29215] 
[ 1558.321025][T29215] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1558.420778][T29218] FAULT_INJECTION: forcing a failure.
[ 1558.420778][T29218] name failslab, interval 1, probability 0, space 0, times 0
[ 1558.457616][T29218] CPU: 0 UID: 0 PID: 29218 Comm: syz.4.4673 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1558.457670][T29218] Tainted: [U]=USER
[ 1558.457682][T29218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1558.457703][T29218] Call Trace:
[ 1558.457714][T29218]  <TASK>
[ 1558.457727][T29218]  dump_stack_lvl+0x16c/0x1f0
[ 1558.457788][T29218]  should_fail_ex+0x512/0x640
[ 1558.457847][T29218]  ? fs_reclaim_acquire+0xae/0x150
[ 1558.457889][T29218]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1558.457937][T29218]  should_failslab+0xc2/0x120
[ 1558.457969][T29218]  __kmalloc_noprof+0xd2/0x510
[ 1558.458030][T29218]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1558.458089][T29218]  tomoyo_check_open_permission+0x2ab/0x3c0
[ 1558.458131][T29218]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1558.458169][T29218]  ? mntput_no_expire+0x15e/0xbb0
[ 1558.458255][T29218]  ? find_held_lock+0x2b/0x80
[ 1558.458301][T29218]  tomoyo_file_open+0x6b/0x90
[ 1558.458355][T29218]  security_file_open+0x84/0x1e0
[ 1558.458400][T29218]  do_dentry_open+0x596/0x1c10
[ 1558.458462][T29218]  vfs_open+0x82/0x3f0
[ 1558.458503][T29218]  path_openat+0x1de4/0x2cb0
[ 1558.458567][T29218]  ? __pfx_path_openat+0x10/0x10
[ 1558.458629][T29218]  ? __lock_acquire+0xb8a/0x1c90
[ 1558.458676][T29218]  do_filp_open+0x20b/0x470
[ 1558.458723][T29218]  ? __pfx_do_filp_open+0x10/0x10
[ 1558.458800][T29218]  ? alloc_fd+0x471/0x7d0
[ 1558.458865][T29218]  do_sys_openat2+0x11b/0x1d0
[ 1558.458902][T29218]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1558.458958][T29218]  __x64_sys_openat+0x174/0x210
[ 1558.458998][T29218]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1558.459053][T29218]  do_syscall_64+0xcd/0x490
[ 1558.459088][T29218]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1558.459121][T29218] RIP: 0033:0x7f787738e929
[ 1558.459148][T29218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1558.459182][T29218] RSP: 002b:00007f787812b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1558.459214][T29218] RAX: ffffffffffffffda RBX: 00007f78775b5fa0 RCX: 00007f787738e929
[ 1558.459237][T29218] RDX: 0000000000000a02 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1558.459257][T29218] RBP: 00007f7877410b39 R08: 0000000000000000 R09: 0000000000000000
[ 1558.459278][T29218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1558.459297][T29218] R13: 0000000000000000 R14: 00007f78775b5fa0 R15: 00007ffe9947b338
[ 1558.459340][T29218]  </TASK>
[ 1558.459352][T29218] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1559.021640][T29224] hub 8-0:1.0: USB hub found
[ 1559.027163][T29224] hub 8-0:1.0: 1 port detected
[ 1559.073128][T29190] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1559.146874][T29190] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1559.499763][T29190] team0: Port device team_slave_0 added
[ 1559.508960][T29190] team0: Port device team_slave_1 added
[ 1559.560949][ T5840] Bluetooth: hci4: command tx timeout
[ 1559.844478][T29190] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1559.851738][T29190] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1559.886201][T29190] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1559.937043][T29190] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1559.955104][T29190] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1559.989274][T29190] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1560.119383][T26706] bridge_slave_1: left allmulticast mode
[ 1560.129945][T26706] bridge_slave_1: left promiscuous mode
[ 1560.149016][T26706] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1560.177358][T26706] bridge_slave_0: left allmulticast mode
[ 1560.188704][T26706] bridge_slave_0: left promiscuous mode
[ 1560.207754][T26706] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1560.922862][T26706] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1560.950021][T26706] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1560.977052][T26706] bond0 (unregistering): Released all slaves
[ 1561.095191][T26706] HfR: left promiscuous mode
[ 1561.346218][T29190] hsr_slave_0: entered promiscuous mode
[ 1561.368550][T29190] hsr_slave_1: entered promiscuous mode
[ 1561.379517][T29190] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1561.387293][T29190] Cannot create hsr debugfs directory
[ 1561.641762][ T5840] Bluetooth: hci4: command tx timeout
[ 1561.971820][T29253] Invalid ELF header magic: != ELF
[ 1563.210603][T26706] hsr_slave_0: left promiscuous mode
[ 1563.227943][T26706] hsr_slave_1: left promiscuous mode
[ 1563.261049][T26706] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1563.268641][T26706] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1563.305712][T26706] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1563.313382][T26706] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1563.367732][T26706] veth1_macvtap: left promiscuous mode
[ 1563.384801][T26706] veth0_macvtap: left promiscuous mode
[ 1563.395058][T26706] veth1_vlan: left promiscuous mode
[ 1563.401791][T26706] veth0_vlan: left promiscuous mode
[ 1563.616222][T29273] hub 8-0:1.0: USB hub found
[ 1563.622180][T29273] hub 8-0:1.0: 1 port detected
[ 1563.722581][ T5840] Bluetooth: hci4: command tx timeout
[ 1564.413427][T29280] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input47
[ 1564.566929][T29281] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input48
[ 1564.666389][T29280] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4683'.
[ 1564.946101][T26706] team0 (unregistering): Port device team_slave_1 removed
[ 1566.358592][T29190] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1566.476591][T29190] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1566.590131][T29190] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1566.632565][T29190] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1566.987972][T29321] Invalid ELF header magic: != ELF
[ 1567.077822][T29311] hub 8-0:1.0: USB hub found
[ 1567.115279][T29311] hub 8-0:1.0: 1 port detected
[ 1567.290890][T29190] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1567.517702][T29190] 8021q: adding VLAN 0 to HW filter on device team0
[ 1567.598084][T26706] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1567.605452][T26706] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1567.804549][ T3420] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1567.811936][ T3420] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1568.335590][T29335] hub 8-0:1.0: USB hub found
[ 1568.398360][T29335] hub 8-0:1.0: 1 port detected
[ 1569.442279][T29351] hub 8-0:1.0: USB hub found
[ 1569.447580][T29351] hub 8-0:1.0: 1 port detected
[ 1569.681030][T29190] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1570.048627][T29190] veth0_vlan: entered promiscuous mode
[ 1570.253451][T29190] veth1_vlan: entered promiscuous mode
[ 1570.430321][T29190] veth0_macvtap: entered promiscuous mode
[ 1570.485644][T29190] veth1_macvtap: entered promiscuous mode
[ 1570.586789][T29190] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1570.685322][T29190] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1570.780125][T29190] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1570.804983][T29190] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1570.826126][T29190] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1570.850929][T29190] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1570.880205][T29377] can: request_module (can-proto-3) failed.
[ 1571.078875][T26709] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1571.121684][T26709] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1571.287676][T26709] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1571.295815][T26709] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1571.710001][T29391] FAULT_INJECTION: forcing a failure.
[ 1571.710001][T29391] name failslab, interval 1, probability 0, space 0, times 0
[ 1571.752112][T29391] CPU: 0 UID: 0 PID: 29391 Comm: syz.4.4697 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1571.752156][T29391] Tainted: [U]=USER
[ 1571.752164][T29391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1571.752180][T29391] Call Trace:
[ 1571.752188][T29391]  <TASK>
[ 1571.752197][T29391]  dump_stack_lvl+0x16c/0x1f0
[ 1571.752242][T29391]  should_fail_ex+0x512/0x640
[ 1571.752280][T29391]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1571.752321][T29391]  should_failslab+0xc2/0x120
[ 1571.752344][T29391]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1571.752382][T29391]  ? security_file_alloc+0x34/0x2b0
[ 1571.752420][T29391]  security_file_alloc+0x34/0x2b0
[ 1571.752454][T29391]  init_file+0x93/0x4c0
[ 1571.752478][T29391]  alloc_empty_file+0x73/0x1e0
[ 1571.752505][T29391]  path_openat+0xda/0x2cb0
[ 1571.752540][T29391]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1571.752576][T29391]  ? __pfx_path_openat+0x10/0x10
[ 1571.752613][T29391]  ? __lock_acquire+0xb8a/0x1c90
[ 1571.752650][T29391]  do_filp_open+0x20b/0x470
[ 1571.752686][T29391]  ? __pfx_do_filp_open+0x10/0x10
[ 1571.752744][T29391]  ? alloc_fd+0x471/0x7d0
[ 1571.752786][T29391]  do_sys_openat2+0x11b/0x1d0
[ 1571.752822][T29391]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1571.752861][T29391]  __x64_sys_openat+0x174/0x210
[ 1571.752890][T29391]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1571.752931][T29391]  do_syscall_64+0xcd/0x490
[ 1571.752957][T29391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1571.752982][T29391] RIP: 0033:0x7f787738e929
[ 1571.753001][T29391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1571.753034][T29391] RSP: 002b:00007f787812b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1571.753063][T29391] RAX: ffffffffffffffda RBX: 00007f78775b5fa0 RCX: 00007f787738e929
[ 1571.753086][T29391] RDX: 0000000000000a02 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1571.753107][T29391] RBP: 00007f7877410b39 R08: 0000000000000000 R09: 0000000000000000
[ 1571.753127][T29391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1571.753148][T29391] R13: 0000000000000000 R14: 00007f78775b5fa0 R15: 00007ffe9947b338
[ 1571.753180][T29391]  </TASK>
[ 1571.930857][T29394] Invalid ELF header magic: != ELF
[ 1575.816207][T29461] hub 8-0:1.0: USB hub found
[ 1575.822078][T29461] hub 8-0:1.0: 1 port detected
[ 1577.214022][T29484] hub 8-0:1.0: USB hub found
[ 1577.222457][T29484] hub 8-0:1.0: 1 port detected
[ 1577.279084][T29483] hub 8-0:1.0: USB hub found
[ 1577.284652][T29483] hub 8-0:1.0: 1 port detected
[ 1577.616922][T29487] block nbd7: not configured, cannot reconfigure
[ 1577.724396][T29490] Invalid ELF header magic: != ELF
[ 1578.217033][T29499] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4717'.
[ 1578.235120][T29499] net_ratelimit: 20 callbacks suppressed
[ 1578.235149][T29499] openvswitch: netlink: IPv4 tunnel dst address is zero
[ 1578.353791][T29505] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4717'.
[ 1579.471371][T29520] FAULT_INJECTION: forcing a failure.
[ 1579.471371][T29520] name failslab, interval 1, probability 0, space 0, times 0
[ 1579.510026][T29520] CPU: 1 UID: 0 PID: 29520 Comm: syz.0.4720 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1579.510072][T29520] Tainted: [U]=USER
[ 1579.510080][T29520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1579.510095][T29520] Call Trace:
[ 1579.510103][T29520]  <TASK>
[ 1579.510112][T29520]  dump_stack_lvl+0x16c/0x1f0
[ 1579.510155][T29520]  should_fail_ex+0x512/0x640
[ 1579.510192][T29520]  ? __kvmalloc_node_noprof+0x124/0x620
[ 1579.510230][T29520]  should_failslab+0xc2/0x120
[ 1579.510252][T29520]  __kvmalloc_node_noprof+0x137/0x620
[ 1579.510287][T29520]  ? lockdep_init_map_type+0x5c/0x280
[ 1579.510322][T29520]  ? open_substream+0x30c/0x9b0
[ 1579.510357][T29520]  ? open_substream+0x30c/0x9b0
[ 1579.510384][T29520]  ? open_substream+0x19a/0x9b0
[ 1579.510425][T29520]  open_substream+0x30c/0x9b0
[ 1579.510464][T29520]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1579.510505][T29520]  rawmidi_open_priv+0x513/0x6e0
[ 1579.510543][T29520]  snd_rawmidi_open+0x4cc/0xbf0
[ 1579.510588][T29520]  ? __pfx_snd_rawmidi_open+0x10/0x10
[ 1579.510624][T29520]  ? __pfx_default_wake_function+0x10/0x10
[ 1579.510652][T29520]  ? kobject_get_unless_zero+0x156/0x1e0
[ 1579.510680][T29520]  ? __pfx_snd_rawmidi_open+0x10/0x10
[ 1579.510714][T29520]  snd_open+0x1fe/0x450
[ 1579.510744][T29520]  ? __pfx_snd_open+0x10/0x10
[ 1579.510767][T29520]  chrdev_open+0x231/0x6a0
[ 1579.510805][T29520]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1579.510836][T29520]  ? __pfx_chrdev_open+0x10/0x10
[ 1579.510876][T29520]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1579.510914][T29520]  do_dentry_open+0x744/0x1c10
[ 1579.510951][T29520]  ? __pfx_chrdev_open+0x10/0x10
[ 1579.510995][T29520]  vfs_open+0x82/0x3f0
[ 1579.511023][T29520]  path_openat+0x1de4/0x2cb0
[ 1579.511068][T29520]  ? __pfx_path_openat+0x10/0x10
[ 1579.511104][T29520]  ? __lock_acquire+0xb8a/0x1c90
[ 1579.511139][T29520]  do_filp_open+0x20b/0x470
[ 1579.511174][T29520]  ? __pfx_do_filp_open+0x10/0x10
[ 1579.511231][T29520]  ? alloc_fd+0x471/0x7d0
[ 1579.511285][T29520]  do_sys_openat2+0x11b/0x1d0
[ 1579.511332][T29520]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1579.511372][T29520]  __x64_sys_openat+0x174/0x210
[ 1579.511401][T29520]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1579.511442][T29520]  do_syscall_64+0xcd/0x490
[ 1579.511468][T29520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1579.511494][T29520] RIP: 0033:0x7f0a1838e929
[ 1579.511513][T29520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1579.511539][T29520] RSP: 002b:00007f0a191a0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1579.511568][T29520] RAX: ffffffffffffffda RBX: 00007f0a185b6080 RCX: 00007f0a1838e929
[ 1579.511585][T29520] RDX: 00000000000e0203 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1579.511601][T29520] RBP: 00007f0a18410b39 R08: 0000000000000000 R09: 0000000000000000
[ 1579.511616][T29520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1579.511631][T29520] R13: 0000000000000000 R14: 00007f0a185b6080 R15: 00007fff579db928
[ 1579.511663][T29520]  </TASK>
[ 1580.846148][T29545] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4723'.
[ 1581.075194][T29546] hub 8-0:1.0: USB hub found
[ 1581.083465][T29546] hub 8-0:1.0: 1 port detected
[ 1582.250264][T28577] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1582.274499][T28577] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1582.295784][T28577] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1582.322064][T28577] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1582.331728][T28577] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1582.759314][T18033] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1582.900794][T18033] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1583.205564][T29582] FAULT_INJECTION: forcing a failure.
[ 1583.205564][T29582] name failslab, interval 1, probability 0, space 0, times 0
[ 1583.279676][T29582] CPU: 1 UID: 0 PID: 29582 Comm: syz.4.4733 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1583.279727][T29582] Tainted: [U]=USER
[ 1583.279738][T29582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1583.279756][T29582] Call Trace:
[ 1583.279766][T29582]  <TASK>
[ 1583.279779][T29582]  dump_stack_lvl+0x16c/0x1f0
[ 1583.279832][T29582]  should_fail_ex+0x512/0x640
[ 1583.279877][T29582]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1583.279923][T29582]  should_failslab+0xc2/0x120
[ 1583.279953][T29582]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1583.279994][T29582]  ? snd_midi_event_new+0x6f/0x210
[ 1583.280033][T29582]  snd_midi_event_new+0x6f/0x210
[ 1583.280065][T29582]  snd_virmidi_input_open+0x107/0x4a0
[ 1583.280117][T29582]  open_substream+0x478/0x9b0
[ 1583.280161][T29582]  rawmidi_open_priv+0x513/0x6e0
[ 1583.280210][T29582]  snd_rawmidi_open+0x4cc/0xbf0
[ 1583.280260][T29582]  ? __pfx_snd_rawmidi_open+0x10/0x10
[ 1583.280304][T29582]  ? __pfx_default_wake_function+0x10/0x10
[ 1583.280338][T29582]  ? kobject_get_unless_zero+0x156/0x1e0
[ 1583.280383][T29582]  ? __pfx_snd_rawmidi_open+0x10/0x10
[ 1583.280430][T29582]  snd_open+0x1fe/0x450
[ 1583.280462][T29582]  ? __pfx_snd_open+0x10/0x10
[ 1583.280492][T29582]  chrdev_open+0x231/0x6a0
[ 1583.280541][T29582]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1583.280582][T29582]  ? __pfx_chrdev_open+0x10/0x10
[ 1583.280634][T29582]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1583.280684][T29582]  do_dentry_open+0x744/0x1c10
[ 1583.280732][T29582]  ? __pfx_chrdev_open+0x10/0x10
[ 1583.280788][T29582]  vfs_open+0x82/0x3f0
[ 1583.280827][T29582]  path_openat+0x1de4/0x2cb0
[ 1583.280886][T29582]  ? __pfx_path_openat+0x10/0x10
[ 1583.280932][T29582]  ? __lock_acquire+0xb8a/0x1c90
[ 1583.280979][T29582]  do_filp_open+0x20b/0x470
[ 1583.281025][T29582]  ? __pfx_do_filp_open+0x10/0x10
[ 1583.281116][T29582]  ? alloc_fd+0x471/0x7d0
[ 1583.281189][T29582]  do_sys_openat2+0x11b/0x1d0
[ 1583.281224][T29582]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1583.281265][T29582]  ? __fget_files+0x20e/0x3c0
[ 1583.281315][T29582]  __x64_sys_openat+0x174/0x210
[ 1583.281352][T29582]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1583.281387][T29582]  ? ksys_write+0x1ac/0x250
[ 1583.281446][T29582]  do_syscall_64+0xcd/0x490
[ 1583.281479][T29582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1583.281511][T29582] RIP: 0033:0x7f787738e929
[ 1583.281535][T29582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1583.281567][T29582] RSP: 002b:00007f787812b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1583.281596][T29582] RAX: ffffffffffffffda RBX: 00007f78775b5fa0 RCX: 00007f787738e929
[ 1583.281617][T29582] RDX: 0000000000080102 RSI: 0000200000000100 RDI: ffffffffffffff9c
[ 1583.281636][T29582] RBP: 00007f787812b090 R08: 0000000000000000 R09: 0000000000000000
[ 1583.281653][T29582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1583.281671][T29582] R13: 0000000000000000 R14: 00007f78775b5fa0 R15: 00007ffe9947b338
[ 1583.281711][T29582]  </TASK>
[ 1583.718468][T18033] bridge_slave_1: left allmulticast mode
[ 1583.724679][T18033] bridge_slave_1: left promiscuous mode
[ 1583.730593][T18033] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1583.756589][T18033] bridge_slave_0: left allmulticast mode
[ 1583.766677][T18033] bridge_slave_0: left promiscuous mode
[ 1583.773416][T18033] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1584.451301][ T5840] Bluetooth: hci1: command tx timeout
[ 1584.567851][T29598] hub 8-0:1.0: USB hub found
[ 1584.611977][T29598] hub 8-0:1.0: 1 port detected
[ 1585.701032][T18033] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1585.738510][T18033] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1585.794765][T18033] bond0 (unregistering): Released all slaves
[ 1585.843625][T29567] chnl_net:caif_netlink_parms(): no params data found
[ 1586.065529][T18033] .SR: left promiscuous mode
[ 1586.245126][T18033] HfR: left promiscuous mode
[ 1586.346495][T29567] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1586.418587][T29567] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1586.430931][T29567] bridge_slave_0: entered allmulticast mode
[ 1586.439492][T29567] bridge_slave_0: entered promiscuous mode
[ 1586.453394][T18033] HSR: left promiscuous mode
[ 1586.495186][T29567] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1586.510962][T29567] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1586.520573][ T5840] Bluetooth: hci1: command tx timeout
[ 1586.528043][T29567] bridge_slave_1: entered allmulticast mode
[ 1586.542064][T29567] bridge_slave_1: entered promiscuous mode
[ 1586.773571][T29567] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1586.855711][T29567] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1587.275494][T29567] team0: Port device team_slave_0 added
[ 1587.349004][T18033] hsr_slave_0: left promiscuous mode
[ 1587.379000][T18033] hsr_slave_1: left promiscuous mode
[ 1587.387609][T18033] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1587.395761][T18033] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1587.407912][T18033] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1587.420687][T18033] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1587.523814][T18033] veth1_macvtap: left promiscuous mode
[ 1587.545599][T18033] veth0_macvtap: left promiscuous mode
[ 1587.583076][T18033] veth1_vlan: left promiscuous mode
[ 1587.621695][T18033] veth0_vlan: left promiscuous mode
[ 1588.639004][ T5840] Bluetooth: hci1: command tx timeout
[ 1589.632649][T18033] team0 (unregistering): Port device team_slave_1 removed
[ 1589.722090][T18033] team0 (unregistering): Port device team_slave_0 removed
[ 1590.019332][T29674] hub 8-0:1.0: USB hub found
[ 1590.038303][T29674] hub 8-0:1.0: 1 port detected
[ 1590.519566][T29567] team0: Port device team_slave_1 added
[ 1590.680871][ T5840] Bluetooth: hci1: command tx timeout
[ 1590.788184][T29567] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1590.798844][T29567] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1590.830545][T29567] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1590.879499][T29567] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1590.887009][T29567] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1590.970498][T29567] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1591.226811][T29567] hsr_slave_0: entered promiscuous mode
[ 1591.272276][T29567] hsr_slave_1: entered promiscuous mode
[ 1592.292701][T29691] netlink: 186 bytes leftover after parsing attributes in process `syz.5.4747'.
[ 1593.547344][T29715] hub 8-0:1.0: USB hub found
[ 1593.593937][T29715] hub 8-0:1.0: 1 port detected
[ 1594.542186][T29738] Invalid ELF header magic: != ELF
[ 1594.550929][T29739] Invalid ELF header magic: != ELF
[ 1595.095926][T29567] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1595.171536][T29567] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1595.225905][T29567] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1595.227693][T29751] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4758'.
[ 1595.255233][T29567] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1596.186926][T29567] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1596.444109][T29567] 8021q: adding VLAN 0 to HW filter on device team0
[ 1596.550009][ T3420] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1596.557944][ T3420] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1596.752719][ T3420] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1596.760053][ T3420] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1596.845241][T29776] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1597.252498][T29567] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1597.263477][T29567] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1597.828573][T29800] netlink: 48 bytes leftover after parsing attributes in process `syz.4.4762'.
[ 1598.312537][T29812] FAULT_INJECTION: forcing a failure.
[ 1598.312537][T29812] name failslab, interval 1, probability 0, space 0, times 0
[ 1598.353564][T29812] CPU: 0 UID: 0 PID: 29812 Comm: syz.5.4765 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1598.353622][T29812] Tainted: [U]=USER
[ 1598.353634][T29812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1598.353655][T29812] Call Trace:
[ 1598.353667][T29812]  <TASK>
[ 1598.353681][T29812]  dump_stack_lvl+0x16c/0x1f0
[ 1598.353743][T29812]  should_fail_ex+0x512/0x640
[ 1598.353794][T29812]  ? fs_reclaim_acquire+0xae/0x150
[ 1598.353840][T29812]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1598.353890][T29812]  should_failslab+0xc2/0x120
[ 1598.353922][T29812]  __kmalloc_noprof+0xd2/0x510
[ 1598.353994][T29812]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1598.354055][T29812]  tomoyo_check_open_permission+0x2ab/0x3c0
[ 1598.354100][T29812]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1598.354143][T29812]  ? mntput_no_expire+0x15e/0xbb0
[ 1598.354237][T29812]  ? find_held_lock+0x2b/0x80
[ 1598.354283][T29812]  tomoyo_file_open+0x6b/0x90
[ 1598.354338][T29812]  security_file_open+0x84/0x1e0
[ 1598.354386][T29812]  do_dentry_open+0x596/0x1c10
[ 1598.354451][T29812]  vfs_open+0x82/0x3f0
[ 1598.354493][T29812]  path_openat+0x1de4/0x2cb0
[ 1598.354557][T29812]  ? __pfx_path_openat+0x10/0x10
[ 1598.354616][T29812]  ? __lock_acquire+0xb8a/0x1c90
[ 1598.354666][T29812]  do_filp_open+0x20b/0x470
[ 1598.354716][T29812]  ? __pfx_do_filp_open+0x10/0x10
[ 1598.354800][T29812]  ? alloc_fd+0x471/0x7d0
[ 1598.354861][T29812]  do_sys_openat2+0x11b/0x1d0
[ 1598.354899][T29812]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1598.354955][T29812]  __x64_sys_openat+0x174/0x210
[ 1598.354995][T29812]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1598.355054][T29812]  do_syscall_64+0xcd/0x490
[ 1598.355090][T29812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1598.355126][T29812] RIP: 0033:0x7f818718e929
[ 1598.355154][T29812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1598.355195][T29812] RSP: 002b:00007f8187ffd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1598.355227][T29812] RAX: ffffffffffffffda RBX: 00007f81873b5fa0 RCX: 00007f818718e929
[ 1598.355250][T29812] RDX: 0000000000000a02 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1598.355272][T29812] RBP: 00007f8187210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1598.355301][T29812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1598.355321][T29812] R13: 0000000000000000 R14: 00007f81873b5fa0 R15: 00007ffec49f28b8
[ 1598.355364][T29812]  </TASK>
[ 1598.355379][T29812] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1598.784752][T29567] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1598.929971][T29820] hub 8-0:1.0: USB hub found
[ 1599.005923][T29820] hub 8-0:1.0: 1 port detected
[ 1599.029082][T29567] veth0_vlan: entered promiscuous mode
[ 1599.049634][T29567] veth1_vlan: entered promiscuous mode
[ 1599.147612][T29567] veth0_macvtap: entered promiscuous mode
[ 1599.256310][T29567] veth1_macvtap: entered promiscuous mode
[ 1599.356368][T29567] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1599.400205][T29567] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1599.454828][T29830] Invalid ELF header magic: != ELF
[ 1599.457922][T29567] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1599.505078][T29567] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1599.540952][T29567] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1599.549920][T29567] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1600.089571][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1600.127930][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1600.376459][T29846] FAULT_INJECTION: forcing a failure.
[ 1600.376459][T29846] name failslab, interval 1, probability 0, space 0, times 0
[ 1600.411650][T29846] CPU: 0 UID: 0 PID: 29846 Comm: syz.1.4770 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1600.411703][T29846] Tainted: [U]=USER
[ 1600.411713][T29846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1600.411732][T29846] Call Trace:
[ 1600.411744][T29846]  <TASK>
[ 1600.411757][T29846]  dump_stack_lvl+0x16c/0x1f0
[ 1600.411814][T29846]  should_fail_ex+0x512/0x640
[ 1600.411862][T29846]  ? fs_reclaim_acquire+0xae/0x150
[ 1600.411898][T29846]  should_failslab+0xc2/0x120
[ 1600.411924][T29846]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1600.411962][T29846]  ? hub_ext_port_status+0x5e/0x670
[ 1600.411986][T29846]  ? usb_control_msg+0xbc/0x4a0
[ 1600.412022][T29846]  usb_control_msg+0xbc/0x4a0
[ 1600.412053][T29846]  ? __pfx_usb_control_msg+0x10/0x10
[ 1600.412094][T29846]  hub_ext_port_status+0x14e/0x670
[ 1600.412135][T29846]  hub_activate+0x6e5/0x1be0
[ 1600.412175][T29846]  ? __pfx_hub_activate+0x10/0x10
[ 1600.412204][T29846]  ? find_held_lock+0x2b/0x80
[ 1600.412231][T29846]  ? snoop_urb_data+0x70/0x330
[ 1600.412264][T29846]  hub_resume+0xa8/0x3f0
[ 1600.412294][T29846]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1600.412322][T29846]  ? __pfx_hub_resume+0x10/0x10
[ 1600.412362][T29846]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1600.412402][T29846]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1600.412451][T29846]  usb_resume_interface.constprop.0.isra.0+0x2c2/0x3e0
[ 1600.412498][T29846]  usb_resume_both+0x273/0x800
[ 1600.412540][T29846]  ? __pfx_usb_resume_both+0x10/0x10
[ 1600.412582][T29846]  ? __pfx_usb_runtime_resume+0x10/0x10
[ 1600.412626][T29846]  ? __pfx_usb_runtime_resume+0x10/0x10
[ 1600.412670][T29846]  __rpm_callback+0xc8/0x610
[ 1600.412715][T29846]  ? __pfx_usb_runtime_resume+0x10/0x10
[ 1600.412759][T29846]  rpm_callback+0x1b7/0x200
[ 1600.412800][T29846]  ? __pfx_usb_runtime_resume+0x10/0x10
[ 1600.412844][T29846]  rpm_resume+0xd0a/0x1310
[ 1600.412893][T29846]  ? __pfx_rpm_resume+0x10/0x10
[ 1600.412932][T29846]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1600.412974][T29846]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1600.413029][T29846]  __pm_runtime_resume+0xb6/0x170
[ 1600.413056][T29846]  usb_autoresume_device+0x23/0xe0
[ 1600.413100][T29846]  usbdev_open+0x228/0x8b0
[ 1600.413147][T29846]  ? kobject_get_unless_zero+0x156/0x1e0
[ 1600.413175][T29846]  ? __pfx_usbdev_open+0x10/0x10
[ 1600.413219][T29846]  ? chrdev_open+0x10b/0x6a0
[ 1600.413265][T29846]  ? __pfx_usbdev_open+0x10/0x10
[ 1600.413307][T29846]  chrdev_open+0x231/0x6a0
[ 1600.413347][T29846]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1600.413389][T29846]  ? __pfx_chrdev_open+0x10/0x10
[ 1600.413432][T29846]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1600.413474][T29846]  do_dentry_open+0x744/0x1c10
[ 1600.413515][T29846]  ? __pfx_chrdev_open+0x10/0x10
[ 1600.413564][T29846]  vfs_open+0x82/0x3f0
[ 1600.413597][T29846]  path_openat+0x1de4/0x2cb0
[ 1600.413648][T29846]  ? __pfx_path_openat+0x10/0x10
[ 1600.413689][T29846]  ? __lock_acquire+0xb8a/0x1c90
[ 1600.413729][T29846]  do_filp_open+0x20b/0x470
[ 1600.413769][T29846]  ? __pfx_do_filp_open+0x10/0x10
[ 1600.413834][T29846]  ? alloc_fd+0x471/0x7d0
[ 1600.413881][T29846]  do_sys_openat2+0x11b/0x1d0
[ 1600.413910][T29846]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1600.413945][T29846]  ? __fget_files+0x20e/0x3c0
[ 1600.413988][T29846]  __x64_sys_openat+0x174/0x210
[ 1600.414019][T29846]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1600.414050][T29846]  ? ksys_write+0x1ac/0x250
[ 1600.414101][T29846]  do_syscall_64+0xcd/0x490
[ 1600.414130][T29846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1600.414158][T29846] RIP: 0033:0x7fa9bc58e929
[ 1600.414180][T29846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1600.414207][T29846] RSP: 002b:00007fa9bd39a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1600.414234][T29846] RAX: ffffffffffffffda RBX: 00007fa9bc7b6160 RCX: 00007fa9bc58e929
[ 1600.414252][T29846] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1600.414270][T29846] RBP: 00007fa9bd39a090 R08: 0000000000000000 R09: 0000000000000000
[ 1600.414287][T29846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1600.414304][T29846] R13: 0000000000000000 R14: 00007fa9bc7b6160 R15: 00007ffdefafaaa8
[ 1600.414338][T29846]  </TASK>
[ 1600.417999][T29846] hub 15-0:1.0: hub_ext_port_status failed (err = -12)
[ 1600.930745][ T3420] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1600.962370][ T3420] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1604.735048][   T30] audit: type=1804 audit(4294967414.830:112): pid=29929 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.4778" name="/newroot/72/file0" dev="tmpfs" ino=395 res=1 errno=0
[ 1604.796013][   T30] audit: type=1800 audit(4294967414.830:113): pid=29929 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4778" name="file0" dev="tmpfs" ino=395 res=0 errno=0
[ 1605.501745][T29947] hub 8-0:1.0: USB hub found
[ 1605.507703][T29947] hub 8-0:1.0: 1 port detected
[ 1605.629763][T29951] Invalid ELF header magic: != ELF
[ 1609.694178][T29992] hub 8-0:1.0: USB hub found
[ 1609.779494][T29992] hub 8-0:1.0: 1 port detected
[ 1609.870177][T29996] hub 8-0:1.0: USB hub found
[ 1609.876857][T29996] hub 8-0:1.0: 1 port detected
[ 1609.922596][T30000] FAULT_INJECTION: forcing a failure.
[ 1609.922596][T30000] name failslab, interval 1, probability 0, space 0, times 0
[ 1609.957517][T30000] CPU: 1 UID: 0 PID: 30000 Comm: syz.1.4794 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1609.957557][T30000] Tainted: [U]=USER
[ 1609.957566][T30000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1609.957580][T30000] Call Trace:
[ 1609.957588][T30000]  <TASK>
[ 1609.957597][T30000]  dump_stack_lvl+0x16c/0x1f0
[ 1609.957640][T30000]  should_fail_ex+0x512/0x640
[ 1609.957676][T30000]  ? fs_reclaim_acquire+0xae/0x150
[ 1609.957713][T30000]  ? tomoyo_encode2+0x100/0x3e0
[ 1609.957745][T30000]  should_failslab+0xc2/0x120
[ 1609.957767][T30000]  __kmalloc_noprof+0xd2/0x510
[ 1609.957802][T30000]  ? d_absolute_path+0x136/0x1a0
[ 1609.957831][T30000]  tomoyo_encode2+0x100/0x3e0
[ 1609.957868][T30000]  tomoyo_encode+0x29/0x50
[ 1609.957904][T30000]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1609.957952][T30000]  tomoyo_path_number_perm+0x245/0x580
[ 1609.957989][T30000]  ? tomoyo_path_number_perm+0x237/0x580
[ 1609.958030][T30000]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1609.958074][T30000]  ? find_held_lock+0x2b/0x80
[ 1609.958133][T30000]  ? find_held_lock+0x2b/0x80
[ 1609.958155][T30000]  ? hook_file_ioctl_common+0x145/0x410
[ 1609.958188][T30000]  ? __fget_files+0x20e/0x3c0
[ 1609.958226][T30000]  security_file_ioctl+0x9b/0x240
[ 1609.958259][T30000]  __x64_sys_ioctl+0xb7/0x210
[ 1609.958290][T30000]  do_syscall_64+0xcd/0x490
[ 1609.958314][T30000]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1609.958339][T30000] RIP: 0033:0x7fa9bc58e929
[ 1609.958359][T30000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1609.958383][T30000] RSP: 002b:00007fa9bd3dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1609.958406][T30000] RAX: ffffffffffffffda RBX: 00007fa9bc7b5fa0 RCX: 00007fa9bc58e929
[ 1609.958423][T30000] RDX: 0000000000000038 RSI: 000000000000560a RDI: 0000000000000003
[ 1609.958438][T30000] RBP: 00007fa9bd3dc090 R08: 0000000000000000 R09: 0000000000000000
[ 1609.958454][T30000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1609.958469][T30000] R13: 0000000000000000 R14: 00007fa9bc7b5fa0 R15: 00007ffdefafaaa8
[ 1609.958499][T30000]  </TASK>
[ 1609.958652][T30000] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1611.282804][T30009] FAULT_INJECTION: forcing a failure.
[ 1611.282804][T30009] name failslab, interval 1, probability 0, space 0, times 0
[ 1611.295862][T30009] CPU: 1 UID: 0 PID: 30009 Comm: syz.4.4795 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1611.295917][T30009] Tainted: [U]=USER
[ 1611.295929][T30009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1611.295950][T30009] Call Trace:
[ 1611.295963][T30009]  <TASK>
[ 1611.295976][T30009]  dump_stack_lvl+0x16c/0x1f0
[ 1611.296036][T30009]  should_fail_ex+0x512/0x640
[ 1611.296087][T30009]  ? fs_reclaim_acquire+0xae/0x150
[ 1611.296131][T30009]  ? tomoyo_encode2+0x100/0x3e0
[ 1611.296176][T30009]  should_failslab+0xc2/0x120
[ 1611.296206][T30009]  __kmalloc_noprof+0xd2/0x510
[ 1611.296242][T30009]  ? d_absolute_path+0x136/0x1a0
[ 1611.296272][T30009]  tomoyo_encode2+0x100/0x3e0
[ 1611.296311][T30009]  tomoyo_encode+0x29/0x50
[ 1611.296344][T30009]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1611.296396][T30009]  tomoyo_path_number_perm+0x245/0x580
[ 1611.296426][T30009]  ? tomoyo_path_number_perm+0x237/0x580
[ 1611.296459][T30009]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1611.296520][T30009]  ? find_held_lock+0x2b/0x80
[ 1611.296544][T30009]  ? hook_file_ioctl_common+0x145/0x410
[ 1611.296578][T30009]  ? __fget_files+0x20e/0x3c0
[ 1611.296629][T30009]  security_file_ioctl+0x9b/0x240
[ 1611.296661][T30009]  __x64_sys_ioctl+0xb7/0x210
[ 1611.296691][T30009]  do_syscall_64+0xcd/0x490
[ 1611.296714][T30009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1611.296756][T30009] RIP: 0033:0x7f787738e929
[ 1611.296776][T30009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1611.296800][T30009] RSP: 002b:00007f787812b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1611.296823][T30009] RAX: ffffffffffffffda RBX: 00007f78775b5fa0 RCX: 00007f787738e929
[ 1611.296839][T30009] RDX: 0000000000000000 RSI: 000000000000125f RDI: 0000000000000003
[ 1611.296855][T30009] RBP: 00007f7877410b39 R08: 0000000000000000 R09: 0000000000000000
[ 1611.296873][T30009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1611.296888][T30009] R13: 0000000000000000 R14: 00007f78775b5fa0 R15: 00007ffe9947b338
[ 1611.296918][T30009]  </TASK>
[ 1611.512563][T30009] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1614.824471][T30070] FAULT_INJECTION: forcing a failure.
[ 1614.824471][T30070] name failslab, interval 1, probability 0, space 0, times 0
[ 1614.890529][T30070] CPU: 1 UID: 0 PID: 30070 Comm: syz.1.4804 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1614.890583][T30070] Tainted: [U]=USER
[ 1614.890594][T30070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1614.890614][T30070] Call Trace:
[ 1614.890624][T30070]  <TASK>
[ 1614.890649][T30070]  dump_stack_lvl+0x16c/0x1f0
[ 1614.890709][T30070]  should_fail_ex+0x512/0x640
[ 1614.890760][T30070]  should_failslab+0xc2/0x120
[ 1614.890791][T30070]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1614.890838][T30070]  ? skb_clone+0x190/0x3f0
[ 1614.890874][T30070]  skb_clone+0x190/0x3f0
[ 1614.890907][T30070]  netlink_deliver_tap+0xabd/0xd30
[ 1614.890950][T30070]  netlink_unicast+0x5df/0x7f0
[ 1614.890991][T30070]  ? __pfx_netlink_unicast+0x10/0x10
[ 1614.891039][T30070]  netlink_sendmsg+0x8d1/0xdd0
[ 1614.891084][T30070]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1614.891138][T30070]  ____sys_sendmsg+0xa95/0xc70
[ 1614.891178][T30070]  ? copy_msghdr_from_user+0x10a/0x160
[ 1614.891227][T30070]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1614.891286][T30070]  ___sys_sendmsg+0x134/0x1d0
[ 1614.891339][T30070]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1614.891387][T30070]  ? __lock_acquire+0x622/0x1c90
[ 1614.891505][T30070]  __sys_sendmsg+0x16d/0x220
[ 1614.891537][T30070]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1614.891598][T30070]  do_syscall_64+0xcd/0x490
[ 1614.891631][T30070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1614.891664][T30070] RIP: 0033:0x7fa9bc58e929
[ 1614.891689][T30070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1614.891720][T30070] RSP: 002b:00007fa9bd3dc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1614.891750][T30070] RAX: ffffffffffffffda RBX: 00007fa9bc7b5fa0 RCX: 00007fa9bc58e929
[ 1614.891770][T30070] RDX: 0000000000044044 RSI: 0000200000006200 RDI: 000000000000000a
[ 1614.891790][T30070] RBP: 00007fa9bd3dc090 R08: 0000000000000000 R09: 0000000000000000
[ 1614.891809][T30070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1614.891828][T30070] R13: 0000000000000000 R14: 00007fa9bc7b5fa0 R15: 00007ffdefafaaa8
[ 1614.891868][T30070]  </TASK>
[ 1615.717212][T30078] i2c i2c-0: new_device: Can't parse I2C address
[ 1615.747469][T30085] blktrace: Concurrent blktraces are not allowed on loop2
[ 1615.944813][T30089] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input49
[ 1616.581036][T30091] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input50
[ 1617.415069][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1617.421685][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1618.679740][T30118] hub 8-0:1.0: USB hub found
[ 1618.757345][T30118] hub 8-0:1.0: 1 port detected
[ 1619.157384][   T30] audit: type=1800 audit(4294967429.250:114): pid=30125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4814" name="discovery_nqn" dev="configfs" ino=110675 res=0 errno=0
[ 1621.071846][T30159] hub 8-0:1.0: USB hub found
[ 1621.078189][T30159] hub 8-0:1.0: 1 port detected
[ 1622.063171][T30167] hub 8-0:1.0: USB hub found
[ 1622.093455][T30167] hub 8-0:1.0: 1 port detected
[ 1623.042132][T30184] netlink: zone id is out of range
[ 1623.047304][T30184] netlink: zone id is out of range
[ 1623.070590][T30184] netlink: zone id is out of range
[ 1623.077074][T30184] netlink: zone id is out of range
[ 1623.120689][T30184] netlink: zone id is out of range
[ 1623.190224][T30184] netlink: zone id is out of range
[ 1623.201631][T30184] netlink: zone id is out of range
[ 1623.208359][T30184] netlink: zone id is out of range
[ 1623.216989][T30184] netlink: zone id is out of range
[ 1623.227261][T30184] netlink: zone id is out of range
[ 1625.142754][T30221] hub 8-0:1.0: USB hub found
[ 1625.259176][T30221] hub 8-0:1.0: 1 port detected
[ 1625.805221][T30234] ptrace attach of "./syz-executor exec"[29567] was attempted by ""[30234]
[ 1626.848394][T30246] Invalid ELF header magic: != ELF
[ 1627.037608][T30239] FAULT_INJECTION: forcing a failure.
[ 1627.037608][T30239] name failslab, interval 1, probability 0, space 0, times 0
[ 1627.151246][T30239] CPU: 0 UID: 0 PID: 30239 Comm: syz.4.4837 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1627.151305][T30239] Tainted: [U]=USER
[ 1627.151317][T30239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1627.151337][T30239] Call Trace:
[ 1627.151348][T30239]  <TASK>
[ 1627.151361][T30239]  dump_stack_lvl+0x16c/0x1f0
[ 1627.151423][T30239]  should_fail_ex+0x512/0x640
[ 1627.151482][T30239]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1627.151533][T30239]  should_failslab+0xc2/0x120
[ 1627.151566][T30239]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1627.151612][T30239]  ? percpu_ref_init+0xec/0x410
[ 1627.151657][T30239]  ? __pfx_io_ring_ctx_ref_free+0x10/0x10
[ 1627.151713][T30239]  percpu_ref_init+0xec/0x410
[ 1627.151760][T30239]  io_uring_setup+0x453/0x2080
[ 1627.151811][T30239]  ? __pfx_io_uring_setup+0x10/0x10
[ 1627.151855][T30239]  ? do_futex+0x122/0x350
[ 1627.151898][T30239]  ? __pfx_do_futex+0x10/0x10
[ 1627.151938][T30239]  ? fd_install+0x225/0x750
[ 1627.152004][T30239]  ? xfd_validate_state+0x61/0x180
[ 1627.152046][T30239]  ? __pfx_do_writev+0x10/0x10
[ 1627.152101][T30239]  __x64_sys_io_uring_setup+0xc2/0x170
[ 1627.152149][T30239]  do_syscall_64+0xcd/0x490
[ 1627.152184][T30239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1627.152219][T30239] RIP: 0033:0x7f787738e929
[ 1627.152246][T30239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1627.152284][T30239] RSP: 002b:00007f787812b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[ 1627.152319][T30239] RAX: ffffffffffffffda RBX: 00007f78775b5fa0 RCX: 00007f787738e929
[ 1627.152340][T30239] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000001
[ 1627.152361][T30239] RBP: 00007f7877410b39 R08: 0000000000000000 R09: 0000000000000000
[ 1627.152382][T30239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1627.152401][T30239] R13: 0000000000000000 R14: 00007f78775b5fa0 R15: 00007ffe9947b338
[ 1627.152444][T30239]  </TASK>
[ 1627.358764][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1631.493729][T30316] FAULT_INJECTION: forcing a failure.
[ 1631.493729][T30316] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1631.509394][T30316] CPU: 0 UID: 0 PID: 30316 Comm: syz.5.4852 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1631.509444][T30316] Tainted: [U]=USER
[ 1631.509456][T30316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1631.509474][T30316] Call Trace:
[ 1631.509485][T30316]  <TASK>
[ 1631.509498][T30316]  dump_stack_lvl+0x16c/0x1f0
[ 1631.509555][T30316]  should_fail_ex+0x512/0x640
[ 1631.509610][T30316]  _copy_from_user+0x2e/0xd0
[ 1631.509664][T30316]  copy_msghdr_from_user+0x98/0x160
[ 1631.509719][T30316]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1631.509779][T30316]  ? kfree+0x24f/0x4d0
[ 1631.509820][T30316]  ? __lock_acquire+0x622/0x1c90
[ 1631.509868][T30316]  ___sys_recvmsg+0xdb/0x1a0
[ 1631.509922][T30316]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1631.509999][T30316]  ? __pfx___might_resched+0x10/0x10
[ 1631.510043][T30316]  do_recvmmsg+0x2fe/0x750
[ 1631.510081][T30316]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1631.510144][T30316]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 1631.510203][T30316]  ? __fget_files+0x20e/0x3c0
[ 1631.510258][T30316]  __x64_sys_recvmmsg+0x22a/0x280
[ 1631.510295][T30316]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1631.510328][T30316]  ? xfd_validate_state+0x61/0x180
[ 1631.510387][T30316]  do_syscall_64+0xcd/0x490
[ 1631.510420][T30316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1631.510454][T30316] RIP: 0033:0x7f818718e929
[ 1631.510479][T30316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1631.510511][T30316] RSP: 002b:00007f8187fdc038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1631.510541][T30316] RAX: ffffffffffffffda RBX: 00007f81873b6080 RCX: 00007f818718e929
[ 1631.510561][T30316] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1631.510579][T30316] RBP: 00007f8187fdc090 R08: 0000000000000000 R09: 0000000000000000
[ 1631.510598][T30316] R10: 00000000000003ff R11: 0000000000000246 R12: 0000000000000002
[ 1631.510616][T30316] R13: 0000000000000000 R14: 00007f81873b6080 R15: 00007ffec49f28b8
[ 1631.510654][T30316]  </TASK>
[ 1631.715514][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1632.907304][T30325] hub 8-0:1.0: USB hub found
[ 1632.927187][T30325] hub 8-0:1.0: 1 port detected
[ 1633.045969][   T30] audit: type=1804 audit(4294967443.120:115): pid=30330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.4853" name="/newroot/44/file0" dev="tmpfs" ino=249 res=1 errno=0
[ 1633.162130][   T30] audit: type=1800 audit(4294967443.120:116): pid=30330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4853" name="file0" dev="tmpfs" ino=249 res=0 errno=0
[ 1633.314610][ T5840] Bluetooth: hci3: unexpected event 0x3c length: 728 > 7
[ 1633.845428][T30348] netlink: 48 bytes leftover after parsing attributes in process `syz.4.4858'.
[ 1635.792097][T30359] hub 8-0:1.0: USB hub found
[ 1635.809856][T30359] hub 8-0:1.0: 1 port detected
[ 1637.279457][T30373] hub 8-0:1.0: USB hub found
[ 1637.304456][T30373] hub 8-0:1.0: 1 port detected
[ 1637.930550][T30384] Invalid ELF header magic: != ELF
[ 1638.349185][   T30] audit: type=1804 audit(4294967448.440:117): pid=30389 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.4867" name="/newroot/202/file0" dev="tmpfs" ino=1072 res=1 errno=0
[ 1638.372487][   T30] audit: type=1800 audit(4294967448.440:118): pid=30389 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4867" name="file0" dev="tmpfs" ino=1072 res=0 errno=0
[ 1638.410625][   T30] audit: type=1800 audit(4294967448.440:119): pid=30389 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4867" name="file0" dev="tmpfs" ino=1072 res=0 errno=0
[ 1640.198322][T30428] hub 8-0:1.0: USB hub found
[ 1640.207422][T30428] hub 8-0:1.0: 1 port detected
[ 1640.408981][T30432] hub 8-0:1.0: USB hub found
[ 1640.415642][T30432] hub 8-0:1.0: 1 port detected
[ 1641.160728][T30439] hub 8-0:1.0: USB hub found
[ 1641.170532][T30439] hub 8-0:1.0: 1 port detected
[ 1641.227574][T30445] Invalid ELF header magic: != ELF
[ 1642.579695][T30460] nbd: couldn't find a device at index 925970439
[ 1644.813349][T30482] FAULT_INJECTION: forcing a failure.
[ 1644.813349][T30482] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1644.850553][T30482] CPU: 1 UID: 0 PID: 30482 Comm: syz.0.4882 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1644.850604][T30482] Tainted: [U]=USER
[ 1644.850615][T30482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1644.850634][T30482] Call Trace:
[ 1644.850646][T30482]  <TASK>
[ 1644.850658][T30482]  dump_stack_lvl+0x16c/0x1f0
[ 1644.850711][T30482]  should_fail_ex+0x512/0x640
[ 1644.850764][T30482]  should_fail_alloc_page+0xe7/0x130
[ 1644.850800][T30482]  prepare_alloc_pages+0x3c2/0x610
[ 1644.850848][T30482]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1644.850910][T30482]  ? rcu_is_watching+0x12/0xc0
[ 1644.850945][T30482]  ? trace_kmem_cache_alloc+0x28/0xc0
[ 1644.850984][T30482]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1644.851043][T30482]  ? mas_destroy+0x5de/0xa20
[ 1644.851081][T30482]  ? perf_event_mmap+0xbb/0xd40
[ 1644.851122][T30482]  ? __pfx_perf_event_mmap+0x10/0x10
[ 1644.851153][T30482]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1644.851207][T30482]  ? policy_nodemask+0xea/0x4e0
[ 1644.851241][T30482]  alloc_pages_mpol+0x1fb/0x550
[ 1644.851276][T30482]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1644.851320][T30482]  alloc_pages_noprof+0x131/0x390
[ 1644.851354][T30482]  pte_alloc_one+0x1c/0x3a0
[ 1644.851409][T30482]  __do_fault+0x320/0x490
[ 1644.851461][T30482]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1644.851512][T30482]  __handle_mm_fault+0x3c2a/0x5490
[ 1644.851570][T30482]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1644.851651][T30482]  handle_mm_fault+0x589/0xd10
[ 1644.851705][T30482]  __get_user_pages+0x589/0x3b80
[ 1644.851756][T30482]  ? __pfx_mt_find+0x10/0x10
[ 1644.851789][T30482]  ? __pfx___get_user_pages+0x10/0x10
[ 1644.851843][T30482]  populate_vma_page_range+0x278/0x3a0
[ 1644.851885][T30482]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1644.851924][T30482]  ? __pfx_find_vma_intersection+0x10/0x10
[ 1644.851964][T30482]  ? do_mmap+0x69c/0x1210
[ 1644.852004][T30482]  __mm_populate+0x1d8/0x380
[ 1644.852046][T30482]  ? __pfx___mm_populate+0x10/0x10
[ 1644.852090][T30482]  ? up_write+0x1b2/0x520
[ 1644.852144][T30482]  vm_mmap_pgoff+0x362/0x450
[ 1644.852181][T30482]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1644.852223][T30482]  ? __fget_files+0x20e/0x3c0
[ 1644.852276][T30482]  ksys_mmap_pgoff+0x32c/0x5c0
[ 1644.852312][T30482]  ? __pfx_ksys_write+0x10/0x10
[ 1644.852363][T30482]  __x64_sys_mmap+0x125/0x190
[ 1644.852422][T30482]  do_syscall_64+0xcd/0x490
[ 1644.852457][T30482]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1644.852490][T30482] RIP: 0033:0x7f95c398e929
[ 1644.852516][T30482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1644.852547][T30482] RSP: 002b:00007f95c4869038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1644.852577][T30482] RAX: ffffffffffffffda RBX: 00007f95c3bb6160 RCX: 00007f95c398e929
[ 1644.852597][T30482] RDX: 0000000000000ffb RSI: 0000000000810004 RDI: 0000000006000000
[ 1644.852616][T30482] RBP: 00007f95c4869090 R08: 0000000000000003 R09: 0000000000008000
[ 1644.852635][T30482] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000001
[ 1644.852655][T30482] R13: 0000000000000000 R14: 00007f95c3bb6160 R15: 00007ffd580ed348
[ 1644.852697][T30482]  </TASK>
[ 1646.297444][T30496] netlink: 48 bytes leftover after parsing attributes in process `syz.5.4886'.
[ 1647.812620][T30519] Invalid ELF header magic: != ELF
[ 1648.002784][T30523] hub 8-0:1.0: USB hub found
[ 1648.017089][T30523] hub 8-0:1.0: 1 port detected
[ 1648.750683][T30538] Invalid ELF header magic: != ELF
[ 1649.431603][T30544] FAULT_INJECTION: forcing a failure.
[ 1649.431603][T30544] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1649.487236][T30544] CPU: 1 UID: 0 PID: 30544 Comm: syz.0.4894 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1649.487298][T30544] Tainted: [U]=USER
[ 1649.487310][T30544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1649.487329][T30544] Call Trace:
[ 1649.487341][T30544]  <TASK>
[ 1649.487355][T30544]  dump_stack_lvl+0x16c/0x1f0
[ 1649.487411][T30544]  should_fail_ex+0x512/0x640
[ 1649.487466][T30544]  _copy_from_user+0x2e/0xd0
[ 1649.487521][T30544]  snd_pcm_oss_write2+0x1c2/0x410
[ 1649.487563][T30544]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[ 1649.487600][T30544]  ? snd_pcm_kernel_ioctl+0x267/0x2e0
[ 1649.487657][T30544]  snd_pcm_oss_write+0x711/0xa10
[ 1649.487701][T30544]  ? security_file_permission+0x71/0x210
[ 1649.487752][T30544]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[ 1649.487791][T30544]  vfs_write+0x29d/0x1150
[ 1649.487846][T30544]  ? __pfx_vfs_write+0x10/0x10
[ 1649.487887][T30544]  ? find_held_lock+0x2b/0x80
[ 1649.487921][T30544]  ? __fget_files+0x204/0x3c0
[ 1649.487971][T30544]  ? __fget_files+0x20e/0x3c0
[ 1649.488027][T30544]  ksys_write+0x12a/0x250
[ 1649.488072][T30544]  ? __pfx_ksys_write+0x10/0x10
[ 1649.488132][T30544]  do_syscall_64+0xcd/0x490
[ 1649.488174][T30544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1649.488208][T30544] RIP: 0033:0x7f95c398e929
[ 1649.488235][T30544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1649.488268][T30544] RSP: 002b:00007f95c48ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1649.488299][T30544] RAX: ffffffffffffffda RBX: 00007f95c3bb5fa0 RCX: 00007f95c398e929
[ 1649.488333][T30544] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003
[ 1649.488353][T30544] RBP: 00007f95c48ab090 R08: 0000000000000000 R09: 0000000000000000
[ 1649.488371][T30544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1649.488390][T30544] R13: 0000000000000000 R14: 00007f95c3bb5fa0 R15: 00007ffd580ed348
[ 1649.488432][T30544]  </TASK>
[ 1651.241186][T30571] netlink: 48 bytes leftover after parsing attributes in process `syz.5.4898'.
[ 1651.443203][T30575] hub 8-0:1.0: USB hub found
[ 1651.450971][T30575] hub 8-0:1.0: 1 port detected
[ 1652.914332][T30601] hub 8-0:1.0: USB hub found
[ 1653.069800][T30601] hub 8-0:1.0: 1 port detected
[ 1654.206044][T30618] FAULT_INJECTION: forcing a failure.
[ 1654.206044][T30618] name failslab, interval 1, probability 0, space 0, times 0
[ 1654.218982][T30618] CPU: 0 UID: 0 PID: 30618 Comm: syz.5.4910 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1654.219032][T30618] Tainted: [U]=USER
[ 1654.219043][T30618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1654.219063][T30618] Call Trace:
[ 1654.219075][T30618]  <TASK>
[ 1654.219089][T30618]  dump_stack_lvl+0x16c/0x1f0
[ 1654.219151][T30618]  should_fail_ex+0x512/0x640
[ 1654.219198][T30618]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1654.219246][T30618]  should_failslab+0xc2/0x120
[ 1654.219277][T30618]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1654.219322][T30618]  ? open_substream+0xec/0x9b0
[ 1654.219361][T30618]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1654.219411][T30618]  open_substream+0xec/0x9b0
[ 1654.219456][T30618]  rawmidi_open_priv+0x543/0x6e0
[ 1654.219509][T30618]  snd_rawmidi_open+0x4cc/0xbf0
[ 1654.219562][T30618]  ? __pfx_snd_rawmidi_open+0x10/0x10
[ 1654.219609][T30618]  ? __pfx_default_wake_function+0x10/0x10
[ 1654.219648][T30618]  ? kobject_get_unless_zero+0x156/0x1e0
[ 1654.219693][T30618]  ? __pfx_snd_rawmidi_open+0x10/0x10
[ 1654.219737][T30618]  snd_open+0x1fe/0x450
[ 1654.219771][T30618]  ? __pfx_snd_open+0x10/0x10
[ 1654.219804][T30618]  chrdev_open+0x231/0x6a0
[ 1654.219852][T30618]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1654.219896][T30618]  ? __pfx_chrdev_open+0x10/0x10
[ 1654.219951][T30618]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1654.220003][T30618]  do_dentry_open+0x744/0x1c10
[ 1654.220053][T30618]  ? __pfx_chrdev_open+0x10/0x10
[ 1654.220119][T30618]  vfs_open+0x82/0x3f0
[ 1654.220160][T30618]  path_openat+0x1de4/0x2cb0
[ 1654.220223][T30618]  ? __pfx_path_openat+0x10/0x10
[ 1654.220274][T30618]  ? __lock_acquire+0xb8a/0x1c90
[ 1654.220322][T30618]  do_filp_open+0x20b/0x470
[ 1654.220373][T30618]  ? __pfx_do_filp_open+0x10/0x10
[ 1654.220447][T30618]  ? alloc_fd+0x471/0x7d0
[ 1654.220502][T30618]  do_sys_openat2+0x11b/0x1d0
[ 1654.220539][T30618]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1654.220581][T30618]  ? __fget_files+0x20e/0x3c0
[ 1654.220633][T30618]  __x64_sys_openat+0x174/0x210
[ 1654.220670][T30618]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1654.220708][T30618]  ? ksys_write+0x1ac/0x250
[ 1654.220767][T30618]  do_syscall_64+0xcd/0x490
[ 1654.220801][T30618]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1654.220834][T30618] RIP: 0033:0x7f818718e929
[ 1654.220858][T30618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1654.220889][T30618] RSP: 002b:00007f8187ffd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1654.220917][T30618] RAX: ffffffffffffffda RBX: 00007f81873b5fa0 RCX: 00007f818718e929
[ 1654.220937][T30618] RDX: 0000000000080102 RSI: 0000200000000100 RDI: ffffffffffffff9c
[ 1654.220957][T30618] RBP: 00007f8187ffd090 R08: 0000000000000000 R09: 0000000000000000
[ 1654.220976][T30618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1654.220994][T30618] R13: 0000000000000000 R14: 00007f81873b5fa0 R15: 00007ffec49f28b8
[ 1654.221036][T30618]  </TASK>
[ 1654.662409][T30616] hub 8-0:1.0: USB hub found
[ 1654.667523][T30616] hub 8-0:1.0: 1 port detected
[ 1654.811179][T30626] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4911'.
[ 1655.151787][T30627] hub 8-0:1.0: USB hub found
[ 1655.157460][T30627] hub 8-0:1.0: 1 port detected
[ 1655.187799][T30628] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4909'.
[ 1657.754597][T30670] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4919'.
[ 1657.845880][T30670] ipvlan1: entered allmulticast mode
[ 1657.851449][T30670] veth0_vlan: entered allmulticast mode
[ 1660.262612][T30707] netlink: 48 bytes leftover after parsing attributes in process `syz.5.4926'.
[ 1661.487918][T30715] Invalid ELF header magic: != ELF
[ 1662.288768][T30727] can: request_module (can-proto-3) failed.
[ 1663.834417][T30738] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4940'.
[ 1663.873300][T30738] ipvlan1: entered allmulticast mode
[ 1663.945912][T30738] veth0_vlan: entered allmulticast mode
[ 1664.230194][T30739] hub 8-0:1.0: USB hub found
[ 1664.241257][T30739] hub 8-0:1.0: 1 port detected
[ 1664.656782][T30752] Invalid ELF header magic: != ELF
[ 1664.990255][T30759] hub 8-0:1.0: USB hub found
[ 1665.014099][T30759] hub 8-0:1.0: 1 port detected
[ 1665.400841][T30767] FAULT_INJECTION: forcing a failure.
[ 1665.400841][T30767] name failslab, interval 1, probability 0, space 0, times 0
[ 1665.461027][T30767] CPU: 0 UID: 0 PID: 30767 Comm: syz.1.4937 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1665.461081][T30767] Tainted: [U]=USER
[ 1665.461092][T30767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1665.461110][T30767] Call Trace:
[ 1665.461121][T30767]  <TASK>
[ 1665.461134][T30767]  dump_stack_lvl+0x16c/0x1f0
[ 1665.461190][T30767]  should_fail_ex+0x512/0x640
[ 1665.461244][T30767]  ? __kvmalloc_node_noprof+0x124/0x620
[ 1665.461294][T30767]  should_failslab+0xc2/0x120
[ 1665.461343][T30767]  __kvmalloc_node_noprof+0x137/0x620
[ 1665.461393][T30767]  ? io_alloc_cache_init+0x33/0x170
[ 1665.461450][T30767]  ? io_alloc_cache_init+0x33/0x170
[ 1665.461498][T30767]  io_alloc_cache_init+0x33/0x170
[ 1665.461571][T30767]  io_uring_setup+0x675/0x2080
[ 1665.461624][T30767]  ? __pfx_io_uring_setup+0x10/0x10
[ 1665.461700][T30767]  ? do_futex+0x122/0x350
[ 1665.461751][T30767]  ? __pfx_do_futex+0x10/0x10
[ 1665.461793][T30767]  ? __sock_release+0x20b/0x270
[ 1665.461856][T30767]  ? xfd_validate_state+0x61/0x180
[ 1665.461899][T30767]  ? __pfx_do_writev+0x10/0x10
[ 1665.461955][T30767]  __x64_sys_io_uring_setup+0xc2/0x170
[ 1665.462004][T30767]  do_syscall_64+0xcd/0x490
[ 1665.462043][T30767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1665.462078][T30767] RIP: 0033:0x7fa9bc58e929
[ 1665.462105][T30767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1665.462141][T30767] RSP: 002b:00007fa9bd3bb038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[ 1665.462174][T30767] RAX: ffffffffffffffda RBX: 00007fa9bc7b6080 RCX: 00007fa9bc58e929
[ 1665.462197][T30767] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000001
[ 1665.462225][T30767] RBP: 00007fa9bc610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1665.462246][T30767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1665.462267][T30767] R13: 0000000000000000 R14: 00007fa9bc7b6080 R15: 00007ffdefafaaa8
[ 1665.462310][T30767]  </TASK>
[ 1666.061432][T30773] netlink: 48 bytes leftover after parsing attributes in process `syz.5.4938'.
[ 1671.212832][T30820] hub 8-0:1.0: USB hub found
[ 1671.234305][T30820] hub 8-0:1.0: 1 port detected
[ 1673.090738][T30845] hub 8-0:1.0: USB hub found
[ 1673.096135][T30845] hub 8-0:1.0: 1 port detected
[ 1674.481766][T30849] hub 8-0:1.0: USB hub found
[ 1674.501296][T30849] hub 8-0:1.0: 1 port detected
[ 1676.130208][T30878] netlink: 48 bytes leftover after parsing attributes in process `syz.4.4964'.
[ 1677.489711][T30895] delete_channel: no stack
[ 1677.798599][T30909] HfR: entered promiscuous mode
[ 1677.883317][T30909] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4972'.
[ 1677.955225][T30909] openvswitch: HfR: Dropping previously announced user features
[ 1678.832267][T30918] FAULT_INJECTION: forcing a failure.
[ 1678.832267][T30918] name failslab, interval 1, probability 0, space 0, times 0
[ 1678.861184][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1678.867568][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1678.925083][T30918] CPU: 0 UID: 0 PID: 30918 Comm: syz.5.4974 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1678.925135][T30918] Tainted: [U]=USER
[ 1678.925147][T30918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1678.925165][T30918] Call Trace:
[ 1678.925176][T30918]  <TASK>
[ 1678.925188][T30918]  dump_stack_lvl+0x16c/0x1f0
[ 1678.925242][T30918]  should_fail_ex+0x512/0x640
[ 1678.925298][T30918]  ? fs_reclaim_acquire+0xae/0x150
[ 1678.925363][T30918]  ? usb_alloc_urb+0x66/0xa0
[ 1678.925396][T30918]  should_failslab+0xc2/0x120
[ 1678.925432][T30918]  __kmalloc_noprof+0xd2/0x510
[ 1678.925498][T30918]  usb_alloc_urb+0x66/0xa0
[ 1678.925533][T30918]  usb_control_msg+0x1d3/0x4a0
[ 1678.925576][T30918]  ? __pfx_usb_control_msg+0x10/0x10
[ 1678.925639][T30918]  hub_ext_port_status+0x14e/0x670
[ 1678.925694][T30918]  hub_activate+0x6e5/0x1be0
[ 1678.925749][T30918]  ? __pfx_hub_activate+0x10/0x10
[ 1678.925786][T30918]  ? find_held_lock+0x2b/0x80
[ 1678.925823][T30918]  ? snoop_urb_data+0x70/0x330
[ 1678.925870][T30918]  hub_resume+0xa8/0x3f0
[ 1678.925911][T30918]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1678.925949][T30918]  ? __pfx_hub_resume+0x10/0x10
[ 1678.925990][T30918]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1678.926044][T30918]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1678.926110][T30918]  usb_resume_interface.constprop.0.isra.0+0x2c2/0x3e0
[ 1678.926174][T30918]  usb_resume_both+0x273/0x800
[ 1678.926232][T30918]  ? __pfx_usb_resume_both+0x10/0x10
[ 1678.926288][T30918]  ? __pfx_usb_runtime_resume+0x10/0x10
[ 1678.926349][T30918]  ? __pfx_usb_runtime_resume+0x10/0x10
[ 1678.926408][T30918]  __rpm_callback+0xc8/0x610
[ 1678.926468][T30918]  ? __pfx_usb_runtime_resume+0x10/0x10
[ 1678.926526][T30918]  rpm_callback+0x1b7/0x200
[ 1678.926580][T30918]  ? __pfx_usb_runtime_resume+0x10/0x10
[ 1678.926647][T30918]  rpm_resume+0xd0a/0x1310
[ 1678.926715][T30918]  ? __pfx_rpm_resume+0x10/0x10
[ 1678.926766][T30918]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1678.926829][T30918]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1678.926904][T30918]  __pm_runtime_resume+0xb6/0x170
[ 1678.926941][T30918]  usb_autoresume_device+0x23/0xe0
[ 1678.927003][T30918]  usbdev_open+0x228/0x8b0
[ 1678.927061][T30918]  ? kobject_get_unless_zero+0x156/0x1e0
[ 1678.927100][T30918]  ? __pfx_usbdev_open+0x10/0x10
[ 1678.927159][T30918]  ? chrdev_open+0x10b/0x6a0
[ 1678.927222][T30918]  ? __pfx_usbdev_open+0x10/0x10
[ 1678.927279][T30918]  chrdev_open+0x231/0x6a0
[ 1678.927334][T30918]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1678.927381][T30918]  ? __pfx_chrdev_open+0x10/0x10
[ 1678.927443][T30918]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1678.927500][T30918]  do_dentry_open+0x744/0x1c10
[ 1678.927555][T30918]  ? __pfx_chrdev_open+0x10/0x10
[ 1678.927629][T30918]  vfs_open+0x82/0x3f0
[ 1678.927676][T30918]  path_openat+0x1de4/0x2cb0
[ 1678.927743][T30918]  ? __pfx_path_openat+0x10/0x10
[ 1678.927799][T30918]  ? __lock_acquire+0xb8a/0x1c90
[ 1678.927850][T30918]  do_filp_open+0x20b/0x470
[ 1678.927913][T30918]  ? __pfx_do_filp_open+0x10/0x10
[ 1678.928001][T30918]  ? alloc_fd+0x471/0x7d0
[ 1678.928062][T30918]  do_sys_openat2+0x11b/0x1d0
[ 1678.928103][T30918]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1678.928152][T30918]  ? __fget_files+0x20e/0x3c0
[ 1678.928211][T30918]  __x64_sys_openat+0x174/0x210
[ 1678.928255][T30918]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1678.928296][T30918]  ? ksys_write+0x1ac/0x250
[ 1678.928364][T30918]  do_syscall_64+0xcd/0x490
[ 1678.928402][T30918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1678.928440][T30918] RIP: 0033:0x7f818718e929
[ 1678.928469][T30918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1678.928505][T30918] RSP: 002b:00007f8187ffd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1678.928540][T30918] RAX: ffffffffffffffda RBX: 00007f81873b5fa0 RCX: 00007f818718e929
[ 1678.928564][T30918] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1678.928589][T30918] RBP: 00007f8187ffd090 R08: 0000000000000000 R09: 0000000000000000
[ 1678.928620][T30918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1678.928643][T30918] R13: 0000000000000000 R14: 00007f81873b5fa0 R15: 00007ffec49f28b8
[ 1678.928691][T30918]  </TASK>
[ 1678.928743][T30918] hub 15-0:1.0: hub_ext_port_status failed (err = -12)
[ 1680.116936][T30945] hub 8-0:1.0: USB hub found
[ 1680.135760][T30945] hub 8-0:1.0: 1 port detected
[ 1680.237979][T30944] hub 8-0:1.0: USB hub found
[ 1680.243254][T30944] hub 8-0:1.0: 1 port detected
[ 1680.921619][T28577] Bluetooth: hci4: command 0x0406 tx timeout
[ 1683.313642][T30997] Invalid ELF header magic: != ELF
[ 1683.479254][T31003] netlink: 'syz.5.4990': attribute type 11 has an invalid length.
[ 1683.500555][T31003] netlink: 'syz.5.4990': attribute type 11 has an invalid length.
[ 1684.216049][T31014] hub 8-0:1.0: USB hub found
[ 1684.223271][T31014] hub 8-0:1.0: 1 port detected
[ 1684.570286][T30999] page: refcount:4 mapcount:3 mapping:0000000000000000 index:0xffff888078006000 pfn:0x78000
[ 1684.581845][T30999] flags: 0xfff00000000014(referenced|dirty|node=0|zone=1|lastcpupid=0x7ff)
[ 1684.590765][T30999] raw: 00fff00000000014 0000000000000000 dead000000000122 0000000000000000
[ 1684.601051][T30999] raw: ffff888078006000 0000000000000000 0000000400000002 0000000000000000
[ 1684.610571][T30999] page dumped because: unmovable page
[ 1684.616095][T30999] page_owner tracks the page as allocated
[ 1684.621994][T30999] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 28123, tgid 28123 (syz-executor), ts 1480901701446, free_ts 1464979994603
[ 1684.642034][T30999]  post_alloc_hook+0x1c0/0x230
[ 1684.647066][T30999]  get_page_from_freelist+0x1321/0x3890
[ 1684.652866][T30999]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1684.660065][T30999]  alloc_pages_mpol+0x1fb/0x550
[ 1684.666031][T30999]  alloc_pages_noprof+0x131/0x390
[ 1684.671295][T30999]  __vmalloc_node_range_noprof+0x72f/0x14b0
[ 1684.677332][T30999]  vmalloc_user_noprof+0x9e/0xe0
[ 1684.682689][T30999]  kcov_ioctl+0x4c/0x730
[ 1684.687110][T30999]  __x64_sys_ioctl+0x18e/0x210
[ 1684.692033][T30999]  do_syscall_64+0xcd/0x490
[ 1684.696628][T30999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1684.702800][T30999] page last free pid 5824 tgid 5824 stack trace:
[ 1684.709195][T30999]  __free_frozen_pages+0x7fe/0x1180
[ 1684.714709][T30999]  __folio_put+0x329/0x450
[ 1684.719228][T30999]  skb_release_data+0x7fb/0x9c0
[ 1684.724243][T30999]  __kfree_skb+0x4f/0x70
[ 1684.728589][T30999]  tcp_ack+0x19b2/0x5c90
[ 1684.733012][T30999]  tcp_rcv_established+0xda1/0x22e0
[ 1684.738328][T30999]  tcp_v4_do_rcv+0x5ca/0xa90
[ 1684.743064][T30999]  __release_sock+0x31b/0x400
[ 1684.747822][T30999]  release_sock+0x5a/0x220
[ 1684.752376][T30999]  tcp_sendmsg+0x38/0x50
[ 1684.757605][T30999]  inet_sendmsg+0xb9/0x140
[ 1684.763335][T30999]  sock_write_iter+0x4aa/0x5b0
[ 1684.768176][T30999]  vfs_write+0x6c4/0x1150
[ 1684.772825][T30999]  ksys_write+0x1f8/0x250
[ 1684.777230][T30999]  do_syscall_64+0xcd/0x490
[ 1684.781846][T30999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1684.810156][T31003] could not allocate digest TFM handle binfmt_misc
[ 1685.379342][T31023] hub 8-0:1.0: USB hub found
[ 1685.394593][T31023] hub 8-0:1.0: 1 port detected
[ 1686.580270][T31040] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4997'.
[ 1686.589424][T31040] net_ratelimit: 20 callbacks suppressed
[ 1686.589448][T31040] openvswitch: netlink: IPv4 tunnel dst address is zero
[ 1686.674751][T31044] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4997'.
[ 1688.019872][T31064] hub 8-0:1.0: USB hub found
[ 1688.025523][T31064] hub 8-0:1.0: 1 port detected
[ 1688.204645][T31063] hub 8-0:1.0: USB hub found
[ 1688.260566][T31063] hub 8-0:1.0: 1 port detected
[ 1688.363393][T31068] hub 8-0:1.0: USB hub found
[ 1688.496948][T31068] hub 8-0:1.0: 1 port detected
[ 1690.452976][T31087] netlink: 186 bytes leftover after parsing attributes in process `syz.4.5010'.
[ 1691.497797][T31105] netlink: 186 bytes leftover after parsing attributes in process `syz.5.5021'.
[ 1691.576178][T31104] hub 8-0:1.0: USB hub found
[ 1691.627307][T31104] hub 8-0:1.0: 1 port detected
[ 1691.861260][T31112] hub 8-0:1.0: USB hub found
[ 1691.866716][T31112] hub 8-0:1.0: 1 port detected
[ 1693.368004][T31120] netlink: 186 bytes leftover after parsing attributes in process `syz.4.5016'.
[ 1694.470845][T31137] netlink: 186 bytes leftover after parsing attributes in process `syz.5.5022'.
[ 1696.592464][T31166] ==================================================================
[ 1696.592489][T31166] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0xa03/0xc70
[ 1696.592552][T31166] Read of size 10 at addr ffff8880287836a8 by task syz.1.5029/31166
[ 1696.592584][T31166] 
[ 1696.592603][T31166] CPU: 0 UID: 0 PID: 31166 Comm: syz.1.5029 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1696.592651][T31166] Tainted: [U]=USER
[ 1696.592663][T31166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1696.592685][T31166] Call Trace:
[ 1696.592696][T31166]  <TASK>
[ 1696.592709][T31166]  dump_stack_lvl+0x116/0x1f0
[ 1696.592764][T31166]  print_report+0xcd/0x680
[ 1696.592794][T31166]  ? __virt_addr_valid+0x81/0x610
[ 1696.592828][T31166]  ? __phys_addr+0xe8/0x180
[ 1696.592863][T31166]  ? fbcon_prepare_logo+0xa03/0xc70
[ 1696.592912][T31166]  kasan_report+0xe0/0x110
[ 1696.592943][T31166]  ? fbcon_prepare_logo+0xa03/0xc70
[ 1696.592999][T31166]  kasan_check_range+0x100/0x1b0
[ 1696.593037][T31166]  __asan_memcpy+0x23/0x60
[ 1696.593080][T31166]  fbcon_prepare_logo+0xa03/0xc70
[ 1696.593158][T31166]  fbcon_init+0xd77/0x1900
[ 1696.593223][T31166]  ? __pfx_drm_fb_helper_set_par+0x10/0x10
[ 1696.593283][T31166]  visual_init+0x320/0x620
[ 1696.593335][T31166]  do_bind_con_driver.isra.0+0x57a/0xbf0
[ 1696.593411][T31166]  store_bind+0x61d/0x760
[ 1696.593463][T31166]  ? sysfs_file_kobj+0xe4/0x290
[ 1696.593504][T31166]  ? __pfx_store_bind+0x10/0x10
[ 1696.593553][T31166]  dev_attr_store+0x58/0x80
[ 1696.593586][T31166]  ? __pfx_dev_attr_store+0x10/0x10
[ 1696.593620][T31166]  sysfs_kf_write+0xf2/0x150
[ 1696.593661][T31166]  kernfs_fop_write_iter+0x351/0x510
[ 1696.593696][T31166]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1696.593738][T31166]  vfs_write+0x6c4/0x1150
[ 1696.593787][T31166]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1696.593824][T31166]  ? __pfx___mutex_lock+0x10/0x10
[ 1696.593856][T31166]  ? __pfx_vfs_write+0x10/0x10
[ 1696.593915][T31166]  ksys_write+0x12a/0x250
[ 1696.593959][T31166]  ? __pfx_ksys_write+0x10/0x10
[ 1696.594013][T31166]  do_syscall_64+0xcd/0x490
[ 1696.594046][T31166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1696.594082][T31166] RIP: 0033:0x7fa9bc58e929
[ 1696.594108][T31166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1696.594144][T31166] RSP: 002b:00007fa9bd3dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1696.594176][T31166] RAX: ffffffffffffffda RBX: 00007fa9bc7b5fa0 RCX: 00007fa9bc58e929
[ 1696.594200][T31166] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[ 1696.594221][T31166] RBP: 00007fa9bc610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1696.594242][T31166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1696.594275][T31166] R13: 0000000000000000 R14: 00007fa9bc7b5fa0 R15: 00007ffdefafaaa8
[ 1696.594315][T31166]  </TASK>
[ 1696.594328][T31166] 
[ 1696.594336][T31166] Allocated by task 31166:
[ 1696.594352][T31166]  kasan_save_stack+0x33/0x60
[ 1696.594399][T31166]  kasan_save_track+0x14/0x30
[ 1696.594445][T31166]  __kasan_kmalloc+0xaa/0xb0
[ 1696.594489][T31166]  __set_page_owner+0x32e/0x550
[ 1696.594535][T31166]  post_alloc_hook+0x1c0/0x230
[ 1696.594576][T31166]  get_page_from_freelist+0x1321/0x3890
[ 1696.594621][T31166]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1696.594669][T31166]  alloc_pages_mpol+0x1fb/0x550
[ 1696.594695][T31166]  alloc_pages_noprof+0x131/0x390
[ 1696.594723][T31166]  stack_depot_save_flags+0x933/0xa40
[ 1696.594770][T31166]  kasan_save_stack+0x42/0x60
[ 1696.594815][T31166]  kasan_save_track+0x14/0x30
[ 1696.594861][T31166]  __kasan_kmalloc+0xaa/0xb0
[ 1696.594904][T31166]  drm_atomic_helper_setup_commit+0x63a/0x15d0
[ 1696.594977][T31166]  drm_atomic_helper_commit+0xa9/0x380
[ 1696.595007][T31166]  drm_atomic_commit+0x231/0x300
[ 1696.595042][T31166]  drm_client_modeset_commit_atomic+0x69d/0x7e0
[ 1696.595079][T31166]  drm_client_modeset_commit_locked+0x14d/0x580
[ 1696.595117][T31166]  drm_fb_helper_pan_display+0x32d/0xa40
[ 1696.595167][T31166]  fb_pan_display+0x479/0x7d0
[ 1696.595214][T31166]  fb_set_var+0x847/0x1280
[ 1696.595261][T31166]  fbcon_switch+0x4dc/0x14c0
[ 1696.595320][T31166]  redraw_screen+0x2c1/0x760
[ 1696.595367][T31166]  vc_do_resize+0xed0/0x10e0
[ 1696.595413][T31166]  fbcon_init+0xd53/0x1900
[ 1696.595462][T31166]  visual_init+0x320/0x620
[ 1696.595501][T31166]  do_bind_con_driver.isra.0+0x57a/0xbf0
[ 1696.595550][T31166]  store_bind+0x61d/0x760
[ 1696.595596][T31166]  dev_attr_store+0x58/0x80
[ 1696.595626][T31166]  sysfs_kf_write+0xf2/0x150
[ 1696.595662][T31166]  kernfs_fop_write_iter+0x351/0x510
[ 1696.595694][T31166]  vfs_write+0x6c4/0x1150
[ 1696.595737][T31166]  ksys_write+0x12a/0x250
[ 1696.595780][T31166]  do_syscall_64+0xcd/0x490
[ 1696.595808][T31166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1696.595840][T31166] 
[ 1696.595849][T31166] The buggy address belongs to the object at ffff8880287836a0
[ 1696.595849][T31166]  which belongs to the cache kmalloc-16 of size 16
[ 1696.595877][T31166] The buggy address is located 8 bytes inside of
[ 1696.595877][T31166]  allocated 16-byte region [ffff8880287836a0, ffff8880287836b0)
[ 1696.595914][T31166] 
[ 1696.595923][T31166] The buggy address belongs to the physical page:
[ 1696.595937][T31166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28783
[ 1696.595968][T31166] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1696.595995][T31166] page_type: f5(slab)
[ 1696.596023][T31166] raw: 00fff00000000000 ffff88801b441640 ffffea0000c8ffc0 dead000000000002
[ 1696.596054][T31166] raw: 0000000000000000 0000000000800080 00000000f5000000 0000000000000000
[ 1696.596075][T31166] page dumped because: kasan: bad access detected
[ 1696.596090][T31166] page_owner tracks the page as allocated
[ 1696.596101][T31166] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 37, tgid 37 (kworker/u8:3), ts 17554102278, free_ts 17477731112
[ 1696.596168][T31166]  post_alloc_hook+0x1c0/0x230
[ 1696.596209][T31166]  get_page_from_freelist+0x1321/0x3890
[ 1696.596255][T31166]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1696.596318][T31166]  new_slab+0x94/0x330
[ 1696.596356][T31166]  ___slab_alloc+0xd9c/0x1940
[ 1696.596393][T31166]  __slab_alloc.constprop.0+0x56/0xb0
[ 1696.596433][T31166]  __kmalloc_node_noprof+0x2ed/0x500
[ 1696.596482][T31166]  blk_mq_alloc_and_init_hctx+0xa46/0x11c0
[ 1696.596517][T31166]  __blk_mq_realloc_hw_ctxs+0x495/0x610
[ 1696.596551][T31166]  blk_mq_init_allocated_queue+0x3af/0x1240
[ 1696.596597][T31166]  blk_mq_alloc_queue+0x1be/0x290
[ 1696.596642][T31166]  scsi_alloc_sdev+0x88f/0xd80
[ 1696.596682][T31166]  scsi_probe_and_add_lun+0x76b/0xd80
[ 1696.596721][T31166]  __scsi_scan_target+0x1e8/0x580
[ 1696.596763][T31166]  scsi_scan_channel+0x149/0x1e0
[ 1696.596805][T31166]  scsi_scan_host_selected+0x302/0x400
[ 1696.596850][T31166] page last free pid 1211 tgid 1211 stack trace:
[ 1696.596868][T31166]  __free_frozen_pages+0x7fe/0x1180
[ 1696.596908][T31166]  vfree+0x1fd/0xb50
[ 1696.596942][T31166]  delayed_vfree_work+0x56/0x70
[ 1696.596977][T31166]  process_one_work+0x9cf/0x1b70
[ 1696.597024][T31166]  worker_thread+0x6c8/0xf10
[ 1696.597068][T31166]  kthread+0x3c2/0x780
[ 1696.597110][T31166]  ret_from_fork+0x5d4/0x6f0
[ 1696.597151][T31166]  ret_from_fork_asm+0x1a/0x30
[ 1696.597182][T31166] 
[ 1696.597190][T31166] Memory state around the buggy address:
[ 1696.597207][T31166]  ffff888028783580: 00 02 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc
[ 1696.597232][T31166]  ffff888028783600: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc
[ 1696.597256][T31166] >ffff888028783680: 00 00 fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc
[ 1696.597275][T31166]                                      ^
[ 1696.597293][T31166]  ffff888028783700: 00 03 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc
[ 1696.597324][T31166]  ffff888028783780: fa fb fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc
[ 1696.597343][T31166] ==================================================================
[ 1696.597362][T31166] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1696.597387][T31166] CPU: 0 UID: 0 PID: 31166 Comm: syz.1.5029 Tainted: G     U              6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1696.597436][T31166] Tainted: [U]=USER
[ 1696.597448][T31166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1696.597470][T31166] Call Trace:
[ 1696.597481][T31166]  <TASK>
[ 1696.597495][T31166]  dump_stack_lvl+0x3d/0x1f0
[ 1696.597548][T31166]  panic+0x71c/0x800
[ 1696.597591][T31166]  ? __pfx_panic+0x10/0x10
[ 1696.597639][T31166]  ? __pfx__printk+0x10/0x10
[ 1696.597688][T31166]  ? fbcon_prepare_logo+0xa03/0xc70
[ 1696.597738][T31166]  check_panic_on_warn+0xab/0xb0
[ 1696.597784][T31166]  end_report+0x107/0x170
[ 1696.597834][T31166]  kasan_report+0xee/0x110
[ 1696.597865][T31166]  ? fbcon_prepare_logo+0xa03/0xc70
[ 1696.597922][T31166]  kasan_check_range+0x100/0x1b0
[ 1696.597960][T31166]  __asan_memcpy+0x23/0x60
[ 1696.598004][T31166]  fbcon_prepare_logo+0xa03/0xc70
[ 1696.598065][T31166]  fbcon_init+0xd77/0x1900
[ 1696.598117][T31166]  ? __pfx_drm_fb_helper_set_par+0x10/0x10
[ 1696.598176][T31166]  visual_init+0x320/0x620
[ 1696.598219][T31166]  do_bind_con_driver.isra.0+0x57a/0xbf0
[ 1696.598275][T31166]  store_bind+0x61d/0x760
[ 1696.598337][T31166]  ? sysfs_file_kobj+0xe4/0x290
[ 1696.598377][T31166]  ? __pfx_store_bind+0x10/0x10
[ 1696.598425][T31166]  dev_attr_store+0x58/0x80
[ 1696.598458][T31166]  ? __pfx_dev_attr_store+0x10/0x10
[ 1696.598491][T31166]  sysfs_kf_write+0xf2/0x150
[ 1696.598530][T31166]  kernfs_fop_write_iter+0x351/0x510
[ 1696.598563][T31166]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1696.598604][T31166]  vfs_write+0x6c4/0x1150
[ 1696.598649][T31166]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1696.598687][T31166]  ? __pfx___mutex_lock+0x10/0x10
[ 1696.598717][T31166]  ? __pfx_vfs_write+0x10/0x10
[ 1696.598776][T31166]  ksys_write+0x12a/0x250
[ 1696.598823][T31166]  ? __pfx_ksys_write+0x10/0x10
[ 1696.598878][T31166]  do_syscall_64+0xcd/0x490
[ 1696.598911][T31166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1696.598944][T31166] RIP: 0033:0x7fa9bc58e929
[ 1696.598970][T31166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1696.599004][T31166] RSP: 002b:00007fa9bd3dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1696.599037][T31166] RAX: ffffffffffffffda RBX: 00007fa9bc7b5fa0 RCX: 00007fa9bc58e929
[ 1696.599060][T31166] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[ 1696.599081][T31166] RBP: 00007fa9bc610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1696.599102][T31166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1696.599123][T31166] R13: 0000000000000000 R14: 00007fa9bc7b5fa0 R15: 00007ffdefafaaa8
[ 1696.599156][T31166]  </TASK>
[ 1696.599497][T31166] Kernel Offset: disabled