last executing test programs:

9.98706391s ago: executing program 1 (id=3075):
socket(0x2, 0x1, 0x106)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio0/set\x00', 0x80302, 0x0)
mmap$auto(0x0, 0x20006, 0x2000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyz9\x00', 0x800, 0x0)
r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r0, 0x5608, r1)
io_uring_setup$auto(0x6, 0x0)
openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x101401, 0x0)
pipe$auto(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x87)
socket(0xa, 0x2, 0x73)
socket(0x18, 0x3, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback=0xac14140a}, 0x55)

9.549154023s ago: executing program 3 (id=3078):
mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x20, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC2\x00', 0x60800, 0x0)
socket(0x1e, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x20401, 0x0)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f00000032c0)='/dev/mtd0\x00', 0x22801, 0x0)
open(0x0, 0x4242, 0xe1d2b27bdc14aabc)
open(0x0, 0x40440, 0x40)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x80000, 0x0)
openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r0, 0x541c, r1)

6.192077897s ago: executing program 1 (id=3084):
r0 = socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioperm$auto(0x3, 0x8001, 0x2000000000000149)
kexec_load$auto(0x6, 0x0, 0x0, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
shmctl$auto(0xa0000000, 0x6, &(0x7f00000002c0)={{0x3, 0x0, 0x0, 0x0, 0x7, 0xd, 0xff}, 0x2, 0xffffffff80000001, 0x3ff, 0x800, @raw=0x61a, @inferred=0xffffffffffffffff, 0x7, 0x0, 0x0, &(0x7f00000001c0)})
sendmsg$auto_IPVS_CMD_GET_DAEMON(r0, 0x0, 0x20000000)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0)
io_setup$auto(0x7ffe, &(0x7f0000000000))
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
execve$auto(0x0, 0x0, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffff7fffffffffd, 0xd1, 0x3, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x31, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
sendmsg$auto_ILA_CMD_ADD(r1, &(0x7f0000003fc0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000003f80)={0x0}}, 0x4000010)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0)
sendfile$auto(r2, r2, 0x0, 0x10000800000003)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)

6.054972845s ago: executing program 3 (id=3085):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyr0\x00', 0x60540, 0x0)
socket(0x5, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x11, 0x2, 0x73)
io_uring_setup$auto(0x7e1b, 0x0)
socket(0x2, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptyd7\x00', 0x501000, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0)
mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_SG_SET_RESERVED_SIZE2(0xffffffffffffffff, 0x2275, 0x0)
ioctl$auto_USB_RAW_IOCTL_EP_ENABLE(0xffffffffffffffff, 0x40095505, 0x0)
lstat$auto(&(0x7f0000000300)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0)
ioctl$auto(0x3, 0x5420, 0x38)
read$auto(r0, 0x0, 0x73)
ioctl$auto(0x3, 0x402c542c, 0x38)
sendmsg$auto_MACSEC_CMD_ADD_RXSC(0xffffffffffffffff, 0x0, 0x4000800)

6.025743717s ago: executing program 0 (id=3086):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x6202, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x3, 0x1, 0x2, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0xffffffffffffffff, 0x4, 0xfffffffffffffffe]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2b, 0x5, 0x1)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0xf87f, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, 0x0)
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r1 = socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
setsockopt$auto(r1, 0x10000000084, 0x19, 0x0, 0x8)

5.41076545s ago: executing program 3 (id=3089):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
mmap$auto(0x0, 0x400006, 0xdf, 0x9b72, 0x2, 0xc00000000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/tty/ptyqe/power/control\x00', 0xa0b02, 0x0)
write$auto(0x3, 0x0, 0x70)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/007/001\x00', 0xa901, 0x0)
ioctl$auto_USBDEVFS_SUBMITURB32(r2, 0x802c550a, &(0x7f0000000300)=ANY=[@ANYBLOB="020000060000e6ff040000000100400008"])
ioctl$auto(r2, 0x4008550d, r2)

4.965023099s ago: executing program 1 (id=3090):
mmap$auto(0x1, 0x400008, 0xdf, 0xfffffffffffff810, 0x2, 0x8000)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0)
r0 = socket(0x2, 0x5, 0x0)
close_range$auto(r0, r0, 0x7)
bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = pidfd_open$auto(0x1, 0x0)
setns(r2, 0x20000)
getpid()
bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x5, 0x105, 0xc, 0xb, 0x800, 0xffffffffffffffff, 0x5, "d81ddef9d4e6d312212bab98f4060bd8", 0x0, 0xffffffffffffffff, 0x7fffffff, 0xa991, 0x7, 0x8001}, 0x7)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r3, 0x2, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0xe4, 0x95f4da0a, 0xfffffffffff7ffff, 0x3, 0x62, 0x80000001, 0xa, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x277)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948d, 0x3, 0x15f4da0a, 0x4, 0xffffffffffffff3f, 0x100, 0x8000001f, 0x29, 0x6d3e, 0x6, 0x2, 0x6]}, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)

4.640053196s ago: executing program 0 (id=3091):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xf, 0x3, 0x2)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x2, 0x2, 0x0)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002)
socket(0xa, 0x5, 0x8)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x1, 0x100)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/usbip-vudc.0/usbip_status\x00', 0x20040, 0x0)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002b80)='/dev/snd/pcmC1D1p\x00', 0x2205, 0x0)
writev$auto(0x4, &(0x7f0000000080)={0x0, 0x8}, 0x1)
ioctl$auto_SOUND_MIXER_READ_DEVMASK2(0xffffffffffffffff, 0x80044dfe, &(0x7f0000000040))
unshare$auto(0x40000080)

4.464580134s ago: executing program 2 (id=3092):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0xdaa0, 0x1, 0x8}, 0x9, 0x0)
landlock_restrict_self$auto(r0, 0x0)
mmap$auto(0x0, 0x20009, 0x4400000000df, 0xc157, 0x101000000000000, 0x7)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2, 0x1, 0x0)
r1 = epoll_create$auto(0x4)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/conf/veth0_to_bridge/arp_announce\x00', 0x404982, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0xa, 0x3, 0x3, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0x8000]}, 0x0)
socket(0x3d, 0x805, 0xfffffffa)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0xe)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x900, 0x0)
select$auto(0x7, 0x0, &(0x7f0000000080)={[0x8, 0xc0b, 0x8, 0x5, 0x1001, 0xffffffffffffffff, 0xf, 0x1000, 0xb, 0x1, 0xced80000000000, 0x9, 0x3, 0x0, 0x1, 0x7fffffff]}, 0x0, 0x0)
ioctl$auto_CEC_S_MODE(r1, 0x40046109, 0x0)
open(0x0, 0x22240, 0x155)
mq_open$auto(0x0, 0x7e, 0x9, 0x0)

4.216205909s ago: executing program 2 (id=3093):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
socket(0x15, 0x5, 0x0)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, 0x0, 0x2, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x6202, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0xf87f, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto(0xffffffffffffffff, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9)
ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000040)={0x6, 0x0})
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_OVS_CT_LIMIT_CMD_GET(r1, &(0x7f0000000140)={0x0, 0x82, &(0x7f0000000000)={&(0x7f0000000bc0)=ANY=[@ANYBLOB=' 6\x00\x00', @ANYRES16=r2, @ANYBLOB="010025bd7000fcdbdf250300000004000180083601"], 0x3620}, 0x1, 0x0, 0x0, 0x20000055}, 0x200400d0)
sigaltstack$auto(0x0, 0x0)

3.623654863s ago: executing program 2 (id=3094):
mmap$auto(0x200000, 0x402008, 0x8, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0xb4d3)
socket(0x10, 0x4, 0xffffffc0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
write$auto(r2, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64)
inotify_init1$auto(0x3000000000000)
socket(0x15, 0x5, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/cgroup.type\x00', 0x103042, 0x0)
rmdir$auto(&(0x7f0000000300)='./cgroup\x00')
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/kernel/watchdog_cpumask\x00', 0x141241, 0x0)
write$auto(r3, 0x0, 0x0)

3.297692512s ago: executing program 0 (id=3095):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$auto(0xfffffffc, &(0x7f0000000280)=@query={@target_fd=r0, 0x1, 0xdda9, 0x20000800, 0x800, @count=0x7, 0x0, 0x0, 0x29c7, 0x7dd24546, 0x10001}, 0x6f4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x4000000eb1, 0x401, 0x8000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask\x00', 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x1, 0xffffffff, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0)
ioctl$auto_TIOCSTI2(r3, 0x5412, &(0x7f0000000000)='[')
ioctl$auto_TIOCSTI2(r3, 0x5412, &(0x7f00000000c0)="c0402e39")
write$auto(r2, &(0x7f0000000180)='1\x00\\\xa0\x04|\x9d$\xdcM)\xb9\xdd\xd6', 0x5)
setsockopt$auto_SO_OOBINLINE(r1, 0x10000, 0xa, &(0x7f0000000040)='@,\x00', 0xec)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mlock$auto(0xfbe8, 0x4)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0)
munlock$auto(0xffff, 0x1)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x0, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r4, 0x4c03, 0xfffffffffffffffd)
r5 = bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xf)
read$auto(r5, &(0x7f0000000000)='.\x9ct\x00', 0x4)

3.031533432s ago: executing program 1 (id=3096):
socket(0x10, 0x2, 0x9)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd9\x00', 0x8201, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000001080)='/dev/video12\x00', 0x42240, 0x0)
epoll_create$auto(0x4)
socket$nl_generic(0x10, 0x3, 0x10)
userfaultfd$auto(0x1)
socket(0xf, 0x3, 0x2)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa0942, 0x0)
socketpair$auto(0x21, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
recvfrom$auto(0x3, 0x0, 0x5, 0x2, 0x0, 0xfffffffffffffffd)

2.943403291s ago: executing program 2 (id=3097):
openat$auto_generic(0xffffffffffffff9c, &(0x7f0000001500)='/proc/kpagecgroup\x00', 0x101000, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0xa, 0x801, 0x84)
io_uring_setup$auto(0x6, 0x0)
socket(0x2, 0x5, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/handlers\x00', 0x40100, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev4\x00', 0x80000, 0x0)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs1\x00', 0x108002, 0x0)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0\x00', 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a9402, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x129e01, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socket(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0)
write$auto(r0, 0x0, 0xc3)

2.847629225s ago: executing program 3 (id=3098):
r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0x3d13, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:01.0/remove\x00', 0xb01, 0x0)
write$auto(r1, &(0x7f0000000100)='0\x00d1L\xff\x15\xba\xa17=w\xc1\xf8\xff\xff\v\xb5^\xa1/\xfb\xaf\xc8\xfc\\\xa9@\xc0\xee\xa2[', 0x1)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/dummy0/stable_secret\x00', 0x100, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = socket(0x1d, 0x2, 0x6)
r3 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r4=>0x0})
bind$auto(r2, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x21}}, 0x40)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x800)
sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYBLOB], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r5, 0x4, 0xffffffffffffffff)

2.743499641s ago: executing program 1 (id=3099):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
fadvise64$auto_POSIX_FADV_WILLNEED(0xffffffffffffffff, 0x1, 0x1, 0x3)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
socket(0xa, 0x1, 0x84)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
socket(0x2, 0x1, 0x0)
socket(0x11, 0x80003, 0x300)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
write$auto(0x3, 0x0, 0xfffffdef)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x5, 0x8, 0x6, 0x393f, 0xb, 0x0)
r1 = openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/ieee80211/phy0/hwsim/ps\x00', 0x100, 0x0)
read$auto_hwsim_fops_ps_(r1, 0x0, 0x0)
msgctl$auto_IPC_INFO(0x8, 0x3, 0x0)

2.657314416s ago: executing program 2 (id=3100):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0006, 0x6)
mremap$auto(0x0, 0xb8, 0x13fd4, 0x3, 0xfffff000)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}})
open(0x0, 0x22240, 0x154)
connect$auto(0x3, 0x0, 0x55)
mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0)
pread64$auto(r0, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
fcntl$auto_F_GETOWN(r1, 0x9, 0x2)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000)
prctl$auto(0x23, 0x20000000000000b, 0x7fffffffefff, 0x0, 0x0)

2.595197065s ago: executing program 0 (id=3101):
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x100000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x801, 0x6)
writev$auto(0x3, 0x0, 0x9)
sendfile$auto(0xffffffffffffffff, r0, 0x0, 0x7ffff000)
lstat$auto(0x0, &(0x7f0000000180)={0x7fffffff, 0x39, 0x3, 0xffffffff, 0x0, 0x0, 0x0, 0x1000000006, 0x10001, 0x7, 0x400, 0x7ffffffb, 0x6, 0xffffffff80000000, 0x5, 0x61, 0x103})
syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000200), 0xffffffffffffffff)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
fcntl$auto(0x3, 0x4, 0xa553)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/kallsyms\x00', 0x20100, 0x0)
pread64$auto(r1, 0x0, 0x8, 0x8000)
readv$auto(0x3, 0x0, 0x1)

1.508933616s ago: executing program 0 (id=3102):
unshare$auto(0x40000082)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
ptrace$auto_PTRACE_GETEVENTMSG(0x4201, r0, 0xf72, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
write$auto(0x3, 0x0, 0x7fffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_ADD_RXSC(r2, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x2c, r3, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x6}]}, @MACSEC_ATTR_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000040)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r1, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x38, 0x0, 0x300, 0x70bd26, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, 0x6}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0xa}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0x7c2}, @NL80211_ATTR_SPLIT_WIPHY_DUMP={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080)
write$auto(0x3, 0x0, 0xfffffdef)

1.141977979s ago: executing program 3 (id=3103):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
rt_sigaction$auto(0x1, &(0x7f00000001c0)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x5}}, 0x0, 0x8)
rt_sigaction$auto(0x5, &(0x7f0000000140)={&(0x7f0000000040)=0x0, 0x9, 0x0, {0x81}}, 0x0, 0x8)
bind$auto(0xffffffffffffffff, 0x0, 0x6b)
r0 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0)
rt_sigaction$auto(0x4, &(0x7f0000000340)={&(0x7f0000000180)=&(0x7f0000000100), 0x9342, 0x0, {0x3}}, 0x0, 0x8)
read$auto_l2cap_debugfs_fops_(r0, &(0x7f0000000240)=""/170, 0xaa)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2462, 0x0)
epoll_ctl$auto_EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r1, 0x0)
r2 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pread64$auto(r2, 0x0, 0x0, 0x9)
read$auto_mon_fops_text_t_mon_text(r2, 0x0, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa101, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x6, 0xfffff000, &(0x7f00000000c0)='/dev/bus/usb/009/001\x00', 0x400)
close_range$auto(0x2, 0x8, 0x0)
rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80, 0x0)
r3 = gettid()
r4 = getpid()
rt_tgsigqueueinfo$auto(r4, r3, 0x1, 0x0)
rt_sigsuspend$auto(0x0, 0x8)

514.041102ms ago: executing program 1 (id=3104):
mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000)
write$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto_PR_SET_NAME(0xf, 0x3, 0x0, 0x7ff, 0x2)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
r1 = ioctl$auto_userfaultfd_dev_fops_userfaultfd(r0, 0xfffffffffffffff8, &(0x7f0000000340))
capset$auto(&(0x7f0000000180)={0x19980330}, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r2, 0x4b37, 0x1)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
pipe$auto(&(0x7f0000001480))
write$auto(0x3, 0x0, 0xffd8)
pread64$auto(r1, &(0x7f0000000340)='/proc/thread-sel\b\x94!\ff/net/tcp6\x00\xd2)\x0e\x892\x82\x19\xfd\x03\xc3\x8du4\xdd\t\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\x01I3\x88;x\xe9\xdbk{F\x18G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\x97\fn\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\x00\x0f\xd6\x00\f57\x83\xdd\xaa\xf0\x9c\b\x00\xe1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00t\xf5+\t\xf0^X\xf3y&\xc7]\xcb\xef\xd6\xe4\a|\x87\xe6\xb68//1@\a.t\xac\xc6\xf54\x90\x196\x9c#6\xf8\x06\xf9\x04\xc3\x13c\x12v\x9a_o\xfe\xf0\xca\xee\x90\xbb3\xa8\xc8\xad\xab\xe9\xc7v\xd57\xb1\x04QN\x15O;\xc4\x0e\x10\xd1\x1e\x80\t]/l\x1f\xca\xf5W5}\x12%\x86\x88 \x1a{\xce\x8c\x9e3\x8fa\xcf\a\x06\xff\x1e\xcb[\xf5]\xd8\xbf2\xc38\xbd', 0x458, 0x1)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff)
pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5\x85\x91p\xe6\x1eRN8\x90\x86\xdde\x1cJ\x99\x00\x11\x89\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3)
mq_notify$auto(0xffffffffffffffff, &(0x7f0000000180)={@sival_int=0xc7, @raw=0x8, 0x790, @_tid})
socket(0xa, 0x4, 0x84)
clock_nanosleep$auto(0x5, 0x1ff, &(0x7f0000000000)={0x7, 0x8}, &(0x7f0000000040)={0x7, 0x7})
syz_genetlink_get_family_id$auto_ioam6(0x0, 0xffffffffffffffff)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)

444.273126ms ago: executing program 2 (id=3105):
mmap$auto(0x0, 0xfffffffffffffffe, 0x3, 0xeb3, 0xfffffffffffffffa, 0x0)
r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x1)
socket(0x1d, 0x2, 0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
lsm_set_self_attr$auto(0x9, 0x0, 0x80, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
open_by_handle_at$auto(r0, &(0x7f0000000480)={0xb4, 0x1e, "d5cb45bf3a85257cf184925b8dd3c6b4ba2f10e67122cbf74010d219333f2c634c3e01dae068eb200fac11aac7036e00eb07ace5ad056bcdf5bc266f99d6467f70017e9482374eff37af7bbecdc2d6389d2b5e78a50a4210767c870668ddcd0d3ae336ade6a363271b2fbaddc9ae97bf6ad4800dc0e850a5215973a1192b18930549f786880174c404722d369ef05a03034ac9241f0eaffe52d4363dc2e5c258bf3c4c5eab9b19fac68b638608cd45c7364f871b"}, 0x403)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder0\x00', 0x800, 0x0)
socket(0xa, 0x1, 0x100)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
socket(0x2c, 0x3, 0x9)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0xc00, 0x0)
r2 = socket(0x15, 0x5, 0x0)
getsockopt$auto(r2, 0x114, 0x2713, 0xfffffffffffffffc, 0x0)
write$auto(0x1, 0x0, 0x80000000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/netdevsim0/del_port\x00', 0xa001, 0x0)
write$auto(r3, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1)
fcntl$auto(0x0, 0x407, 0x100000)

110.25248ms ago: executing program 3 (id=3106):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x40005, 0xdf, 0x9b72, 0x7, 0x28000)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000380), 0x400, 0x0)
ioctl$auto_UI_SET_LEDBIT(0xffffffffffffffff, 0x40045569, &(0x7f00000003c0)=0x4)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72)
socket(0x6, 0x2, 0x2)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
ioctl$auto(0x3, 0x89e1, 0x91)
close_range$auto(0x2, 0x8, 0x0)
madvise$auto(0x110c230000, 0x8031ca, 0x9)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x20b42, 0x0)
r1 = socket(0x1d, 0x3, 0x1)
setsockopt$auto(r1, 0x65, 0x1, 0x0, 0x800)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r2=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2}, 0x6a)
close_range$auto(0x2, 0x8, 0x0)
r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="151f2cbd7000fbdbdf2516000000100001800c0000000000000000009bf6a122b84df8473b2f7e8f0b7cea3ad2b4dd5a74935e2d9ccb37f60dcbe2e07d7f2d3f49aba87d0ccda3a4fb666d1985dc359a7974815f1552dd3cbafa3cc497fc655c25679c6345cc07058c3202142803", @ANYRES32=0x0, @ANYBLOB], 0x24}, 0x1, 0x9eff, 0x0, 0xc000}, 0x20000080)

0s ago: executing program 0 (id=3107):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd10/queue/nr_requests\x00', 0x82942, 0x0)
sendfile$auto(r0, r0, 0x0, 0x200)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x3498c2, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae89, &(0x7f0000000080)={0x2, 0x0, [{0x4b564d06, 0xe3, 0x100000007f}]})
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/audit\x00', 0x40, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000002e40), 0xffffffffffffffff)
sendmsg$auto_SEG6_CMD_SET_TUNSRC(r4, &(0x7f0000002f00)={0x0, 0x0, &(0x7f0000002ec0)={&(0x7f0000002e80)={0x14, r5, 0x1, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4048c40}, 0x4)
sendmsg$auto_SEG6_CMD_DUMPHMAC(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x2c, r5, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x7f}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x4000040)
pselect6$auto(0x5, &(0x7f0000000400)={[0x8, 0x5, 0x0, 0x5, 0x8001, 0x6, 0xac, 0x2000009, 0x3, 0xffffffff, 0x7fffffffffffffff, 0x0, 0x1000, 0x2, 0x8, 0x3ff]}, 0x0, 0x0, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0)
landlock_restrict_self$auto(r6, 0x0)
execve$auto(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=&(0x7f0000000080)=',{\x00', &(0x7f0000000140)=&(0x7f0000000100)='}.\x00')
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)

kernel console output (not intermixed with test programs):

490
[ 1022.586037][T20150]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1022.586056][T20150]  ? __lock_acquire+0xb8a/0x1c90
[ 1022.586080][T20150]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1022.586104][T20150]  ? policy_nodemask+0xea/0x4e0
[ 1022.586119][T20150]  alloc_pages_mpol+0x1fb/0x550
[ 1022.586134][T20150]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1022.586152][T20150]  alloc_pages_noprof+0x131/0x390
[ 1022.586167][T20150]  get_free_pages_noprof+0x10/0xb0
[ 1022.586182][T20150]  __pollwait+0x295/0x490
[ 1022.586202][T20150]  pipe_poll+0x23c/0x660
[ 1022.586221][T20150]  ? __pfx___pollwait+0x10/0x10
[ 1022.586239][T20150]  ? __pfx_pipe_poll+0x10/0x10
[ 1022.586259][T20150]  do_sys_poll+0x559/0xdf0
[ 1022.586284][T20150]  ? __pfx_do_sys_poll+0x10/0x10
[ 1022.586303][T20150]  ? __pfx___schedule+0x10/0x10
[ 1022.586336][T20150]  ? __futex_wait+0x24c/0x2f0
[ 1022.586356][T20150]  ? __pfx___pollwait+0x10/0x10
[ 1022.586377][T20150]  ? __pfx_pollwake+0x10/0x10
[ 1022.586396][T20150]  ? __pfx_pollwake+0x10/0x10
[ 1022.586415][T20150]  ? __pfx_pollwake+0x10/0x10
[ 1022.586434][T20150]  ? __pfx_pollwake+0x10/0x10
[ 1022.586453][T20150]  ? __pfx_pollwake+0x10/0x10
[ 1022.586472][T20150]  ? __pfx_pollwake+0x10/0x10
[ 1022.586491][T20150]  ? __pfx_pollwake+0x10/0x10
[ 1022.586511][T20150]  ? __pfx_pollwake+0x10/0x10
[ 1022.586530][T20150]  ? __pfx_pollwake+0x10/0x10
[ 1022.586547][T20150]  ? __pfx_timespec64_add_safe+0x10/0x10
[ 1022.586569][T20150]  ? ktime_get_ts64+0x2d2/0x400
[ 1022.586588][T20150]  ? read_tsc+0x9/0x20
[ 1022.586603][T20150]  ? ktime_get_ts64+0x256/0x400
[ 1022.586625][T20150]  __x64_sys_poll+0x1a6/0x450
[ 1022.586644][T20150]  ? __pfx___x64_sys_poll+0x10/0x10
[ 1022.586669][T20150]  do_syscall_64+0xcd/0x490
[ 1022.586692][T20150]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1022.586706][T20150] RIP: 0033:0x7f1277b8e929
[ 1022.586720][T20150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1022.586750][T20150] RSP: 002b:00007f1278adf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007
[ 1022.586765][T20150] RAX: ffffffffffffffda RBX: 00007f1277db5fa0 RCX: 00007f1277b8e929
[ 1022.586775][T20150] RDX: 000000000000800a RSI: 000000000000007f RDI: 0000200000000180
[ 1022.586784][T20150] RBP: 00007f1277c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1022.586793][T20150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1022.586806][T20150] R13: 0000000000000000 R14: 00007f1277db5fa0 R15: 00007fff679336d8
[ 1022.586824][T20150]  </TASK>
[ 1023.047592][T20156] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2679'.
[ 1023.058238][T20156] netlink: 274 bytes leftover after parsing attributes in process `syz.0.2679'.
[ 1023.088518][T20143] net/sunrpc/rpc_pipe.c: rpc_mkpipe_dentry() failed to create pipe nfs/blocklayout (errno = -12)
[ 1023.499102][T20164] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1023.535670][T20164] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1023.561692][T20164] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1023.593377][T20164] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1024.020841][T20174] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2684'.
[ 1024.100143][T20174] openvswitch: HfR: Dropping previously announced user features
[ 1024.114424][T20181] FAULT_INJECTION: forcing a failure.
[ 1024.114424][T20181] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1024.180509][T20181] CPU: 0 UID: 0 PID: 20181 Comm: syz.2.2687 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1024.180539][T20181] Tainted: [U]=USER
[ 1024.180544][T20181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1024.180554][T20181] Call Trace:
[ 1024.180560][T20181]  <TASK>
[ 1024.180566][T20181]  dump_stack_lvl+0x16c/0x1f0
[ 1024.180594][T20181]  should_fail_ex+0x512/0x640
[ 1024.180618][T20181]  should_fail_alloc_page+0xe7/0x130
[ 1024.180635][T20181]  prepare_alloc_pages+0x3c2/0x610
[ 1024.180652][T20181]  ? rcu_is_watching+0x12/0xc0
[ 1024.180676][T20181]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1024.180702][T20181]  ? rcu_is_watching+0x12/0xc0
[ 1024.180718][T20181]  ? trace_mm_page_alloc+0x11f/0x1a0
[ 1024.180736][T20181]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[ 1024.180758][T20181]  ? stack_trace_save+0x8e/0xc0
[ 1024.180776][T20181]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1024.180804][T20181]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[ 1024.180826][T20181]  ? __get_vm_area_node+0x1ca/0x330
[ 1024.180842][T20181]  ? __vmalloc_node_noprof+0xad/0xf0
[ 1024.180858][T20181]  ? pcpu_mem_zalloc+0x54/0xb0
[ 1024.180875][T20181]  ? pcpu_create_chunk+0x432/0x730
[ 1024.180892][T20181]  ? pcpu_alloc_noprof+0x11e3/0x1470
[ 1024.180910][T20181]  ? bpf_map_alloc_percpu+0x9a/0x4b0
[ 1024.180930][T20181]  ? htab_map_alloc+0x10ca/0x1570
[ 1024.180950][T20181]  ? map_create+0x58f/0x1db0
[ 1024.180976][T20181]  alloc_pages_bulk_noprof+0x71c/0x1410
[ 1024.180997][T20181]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1024.181020][T20181]  ? policy_nodemask+0xea/0x4e0
[ 1024.181036][T20181]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[ 1024.181059][T20181]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1024.181081][T20181]  kasan_populate_vmalloc+0xf1/0x1f0
[ 1024.181105][T20181]  alloc_vmap_area+0x959/0x29c0
[ 1024.181129][T20181]  ? __pfx_alloc_vmap_area+0x10/0x10
[ 1024.181150][T20181]  __get_vm_area_node+0x1ca/0x330
[ 1024.181171][T20181]  __vmalloc_node_range_noprof+0x271/0x14b0
[ 1024.181190][T20181]  ? pcpu_mem_zalloc+0x54/0xb0
[ 1024.181213][T20181]  ? pcpu_mem_zalloc+0x54/0xb0
[ 1024.181235][T20181]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1024.181260][T20181]  ? pcpu_mem_zalloc+0x54/0xb0
[ 1024.181276][T20181]  __vmalloc_node_noprof+0xad/0xf0
[ 1024.181294][T20181]  ? pcpu_mem_zalloc+0x54/0xb0
[ 1024.181313][T20181]  pcpu_mem_zalloc+0x54/0xb0
[ 1024.181331][T20181]  pcpu_create_chunk+0x432/0x730
[ 1024.181352][T20181]  pcpu_alloc_noprof+0x11e3/0x1470
[ 1024.181381][T20181]  bpf_map_alloc_percpu+0x9a/0x4b0
[ 1024.181403][T20181]  htab_map_alloc+0x10ca/0x1570
[ 1024.181429][T20181]  ? ns_capable+0xd7/0x110
[ 1024.181447][T20181]  map_create+0x58f/0x1db0
[ 1024.181474][T20181]  ? __pfx_map_create+0x10/0x10
[ 1024.181493][T20181]  ? __might_fault+0xe3/0x190
[ 1024.181513][T20181]  ? __might_fault+0xe3/0x190
[ 1024.181536][T20181]  ? __might_fault+0x13b/0x190
[ 1024.181564][T20181]  __sys_bpf+0x47cc/0x4d80
[ 1024.181576][T20181]  ? __pfx_futex_wake+0x10/0x10
[ 1024.181598][T20181]  ? __pfx___sys_bpf+0x10/0x10
[ 1024.181613][T20181]  ? do_writev+0x218/0x340
[ 1024.181636][T20181]  ? do_futex+0x122/0x350
[ 1024.181654][T20181]  ? __pfx_do_futex+0x10/0x10
[ 1024.181685][T20181]  ? fput+0x70/0xf0
[ 1024.181701][T20181]  ? xfd_validate_state+0x61/0x180
[ 1024.181721][T20181]  ? __pfx_do_writev+0x10/0x10
[ 1024.181744][T20181]  __x64_sys_bpf+0x78/0xc0
[ 1024.181758][T20181]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1024.181779][T20181]  do_syscall_64+0xcd/0x490
[ 1024.181801][T20181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1024.181817][T20181] RIP: 0033:0x7f5bf4f8e929
[ 1024.181830][T20181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1024.181845][T20181] RSP: 002b:00007f5bf5db8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1024.181859][T20181] RAX: ffffffffffffffda RBX: 00007f5bf51b5fa0 RCX: 00007f5bf4f8e929
[ 1024.181869][T20181] RDX: 00000000000000a3 RSI: 0000200000000780 RDI: 0000000000000000
[ 1024.181879][T20181] RBP: 00007f5bf5010b39 R08: 0000000000000000 R09: 0000000000000000
[ 1024.181888][T20181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1024.181896][T20181] R13: 0000000000000000 R14: 00007f5bf51b5fa0 R15: 00007ffda1d5ed98
[ 1024.181915][T20181]  </TASK>
[ 1025.105457][T20200] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2695'.
[ 1025.417258][T20198] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1025.427053][T20198] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1025.484521][T20198] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1025.535031][T20198] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1025.826036][T20212] netlink: 218 bytes leftover after parsing attributes in process `syz.1.2698'.
[ 1025.878487][T20212] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[ 1026.064172][T20218] FAULT_INJECTION: forcing a failure.
[ 1026.064172][T20218] name failslab, interval 1, probability 0, space 0, times 0
[ 1026.167505][T20218] CPU: 0 UID: 0 PID: 20218 Comm: syz.0.2700 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1026.167541][T20218] Tainted: [U]=USER
[ 1026.167547][T20218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1026.167556][T20218] Call Trace:
[ 1026.167563][T20218]  <TASK>
[ 1026.167570][T20218]  dump_stack_lvl+0x16c/0x1f0
[ 1026.167596][T20218]  should_fail_ex+0x512/0x640
[ 1026.167618][T20218]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[ 1026.167643][T20218]  should_failslab+0xc2/0x120
[ 1026.167658][T20218]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[ 1026.167680][T20218]  ? sock_alloc_inode+0x25/0x1c0
[ 1026.167698][T20218]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 1026.167711][T20218]  sock_alloc_inode+0x25/0x1c0
[ 1026.167725][T20218]  alloc_inode+0x61/0x240
[ 1026.167740][T20218]  sock_alloc+0x40/0x280
[ 1026.167755][T20218]  __sock_create+0xc1/0x8d0
[ 1026.167775][T20218]  __sys_socket+0x14d/0x260
[ 1026.167791][T20218]  ? __pfx___sys_socket+0x10/0x10
[ 1026.167808][T20218]  ? xfd_validate_state+0x61/0x180
[ 1026.167826][T20218]  ? __pfx___do_sys_close_range+0x10/0x10
[ 1026.167850][T20218]  __x64_sys_socket+0x72/0xb0
[ 1026.167866][T20218]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1026.167886][T20218]  do_syscall_64+0xcd/0x490
[ 1026.167908][T20218]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1026.167922][T20218] RIP: 0033:0x7f1277b8e929
[ 1026.167935][T20218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1026.167949][T20218] RSP: 002b:00007f1278adf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 1026.167964][T20218] RAX: ffffffffffffffda RBX: 00007f1277db5fa0 RCX: 00007f1277b8e929
[ 1026.167973][T20218] RDX: 00000000000000ff RSI: 0000000000000003 RDI: 000000000000000a
[ 1026.167982][T20218] RBP: 00007f1277c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1026.167991][T20218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1026.167999][T20218] R13: 0000000000000000 R14: 00007f1277db5fa0 R15: 00007fff679336d8
[ 1026.168017][T20218]  </TASK>
[ 1026.168026][T20218] socket: no more sockets
[ 1027.357374][T20249] FAULT_INJECTION: forcing a failure.
[ 1027.357374][T20249] name failslab, interval 1, probability 0, space 0, times 0
[ 1027.455804][T20249] CPU: 0 UID: 0 PID: 20249 Comm: syz.2.2709 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1027.455833][T20249] Tainted: [U]=USER
[ 1027.455839][T20249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1027.455848][T20249] Call Trace:
[ 1027.455854][T20249]  <TASK>
[ 1027.455860][T20249]  dump_stack_lvl+0x16c/0x1f0
[ 1027.455887][T20249]  should_fail_ex+0x512/0x640
[ 1027.455908][T20249]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1027.455933][T20249]  should_failslab+0xc2/0x120
[ 1027.455948][T20249]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1027.455969][T20249]  ? trace_cap_capable+0x18d/0x200
[ 1027.455982][T20249]  ? sk_prot_alloc+0x60/0x2a0
[ 1027.456001][T20249]  sk_prot_alloc+0x60/0x2a0
[ 1027.456017][T20249]  sk_alloc+0x36/0xc20
[ 1027.456037][T20249]  inet6_create+0x381/0x1300
[ 1027.456061][T20249]  ? inet6_create+0x7f/0x1300
[ 1027.456085][T20249]  __sock_create+0x338/0x8d0
[ 1027.456104][T20249]  __sys_socket+0x14d/0x260
[ 1027.456121][T20249]  ? __pfx___sys_socket+0x10/0x10
[ 1027.456138][T20249]  ? xfd_validate_state+0x61/0x180
[ 1027.456157][T20249]  ? __pfx___do_sys_close_range+0x10/0x10
[ 1027.456182][T20249]  __x64_sys_socket+0x72/0xb0
[ 1027.456198][T20249]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1027.456218][T20249]  do_syscall_64+0xcd/0x490
[ 1027.456240][T20249]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1027.456255][T20249] RIP: 0033:0x7f5bf4f8e929
[ 1027.456268][T20249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1027.456282][T20249] RSP: 002b:00007f5bf5db8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 1027.456296][T20249] RAX: ffffffffffffffda RBX: 00007f5bf51b5fa0 RCX: 00007f5bf4f8e929
[ 1027.456306][T20249] RDX: 00000000000000ff RSI: 0000000000000003 RDI: 000000000000000a
[ 1027.456314][T20249] RBP: 00007f5bf5010b39 R08: 0000000000000000 R09: 0000000000000000
[ 1027.456326][T20249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1027.456335][T20249] R13: 0000000000000000 R14: 00007f5bf51b5fa0 R15: 00007ffda1d5ed98
[ 1027.456353][T20249]  </TASK>
[ 1027.902440][ T6637] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1027.909057][ T6637] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1027.923321][ T6637] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1027.929721][ T6637] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1028.144632][T20252] zswap: compressor  not available
[ 1031.538802][T20313] sp0: Synchronizing with TNC
[ 1032.714152][T20334] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1032.731730][T20334] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1032.789178][T20336] FAULT_INJECTION: forcing a failure.
[ 1032.789178][T20336] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1032.839766][T20334] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1032.864240][T20334] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1032.874025][T20336] CPU: 0 UID: 0 PID: 20336 Comm: syz.1.2733 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1032.874051][T20336] Tainted: [U]=USER
[ 1032.874057][T20336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1032.874066][T20336] Call Trace:
[ 1032.874072][T20336]  <TASK>
[ 1032.874079][T20336]  dump_stack_lvl+0x16c/0x1f0
[ 1032.874109][T20336]  should_fail_ex+0x512/0x640
[ 1032.874134][T20336]  should_fail_alloc_page+0xe7/0x130
[ 1032.874151][T20336]  prepare_alloc_pages+0x3c2/0x610
[ 1032.874169][T20336]  ? rcu_is_watching+0x12/0xc0
[ 1032.874188][T20336]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1032.874213][T20336]  ? rcu_is_watching+0x12/0xc0
[ 1032.874229][T20336]  ? trace_mm_page_alloc+0x11f/0x1a0
[ 1032.874246][T20336]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[ 1032.874268][T20336]  ? stack_trace_save+0x8e/0xc0
[ 1032.874286][T20336]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1032.874314][T20336]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[ 1032.874336][T20336]  ? __get_vm_area_node+0x1ca/0x330
[ 1032.874352][T20336]  ? __vmalloc_node_noprof+0xad/0xf0
[ 1032.874369][T20336]  ? pcpu_mem_zalloc+0x54/0xb0
[ 1032.874385][T20336]  ? pcpu_create_chunk+0x432/0x730
[ 1032.874402][T20336]  ? pcpu_alloc_noprof+0x11e3/0x1470
[ 1032.874420][T20336]  ? bpf_map_alloc_percpu+0x9a/0x4b0
[ 1032.874440][T20336]  ? htab_map_alloc+0x10ca/0x1570
[ 1032.874460][T20336]  ? map_create+0x58f/0x1db0
[ 1032.874486][T20336]  alloc_pages_bulk_noprof+0x71c/0x1410
[ 1032.874507][T20336]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1032.874530][T20336]  ? policy_nodemask+0xea/0x4e0
[ 1032.874546][T20336]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[ 1032.874569][T20336]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1032.874592][T20336]  kasan_populate_vmalloc+0xf1/0x1f0
[ 1032.874616][T20336]  alloc_vmap_area+0x959/0x29c0
[ 1032.874640][T20336]  ? __pfx_alloc_vmap_area+0x10/0x10
[ 1032.874661][T20336]  __get_vm_area_node+0x1ca/0x330
[ 1032.874682][T20336]  __vmalloc_node_range_noprof+0x271/0x14b0
[ 1032.874701][T20336]  ? pcpu_mem_zalloc+0x54/0xb0
[ 1032.874724][T20336]  ? pcpu_mem_zalloc+0x54/0xb0
[ 1032.874746][T20336]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1032.874771][T20336]  ? pcpu_mem_zalloc+0x54/0xb0
[ 1032.874788][T20336]  __vmalloc_node_noprof+0xad/0xf0
[ 1032.874806][T20336]  ? pcpu_mem_zalloc+0x54/0xb0
[ 1032.874825][T20336]  pcpu_mem_zalloc+0x54/0xb0
[ 1032.874843][T20336]  pcpu_create_chunk+0x432/0x730
[ 1032.874864][T20336]  pcpu_alloc_noprof+0x11e3/0x1470
[ 1032.874893][T20336]  bpf_map_alloc_percpu+0x9a/0x4b0
[ 1032.874915][T20336]  htab_map_alloc+0x10ca/0x1570
[ 1032.874941][T20336]  ? ns_capable+0xd7/0x110
[ 1032.874959][T20336]  map_create+0x58f/0x1db0
[ 1032.875014][T20336]  ? __pfx_map_create+0x10/0x10
[ 1032.875034][T20336]  ? __might_fault+0xe3/0x190
[ 1032.875054][T20336]  ? __might_fault+0xe3/0x190
[ 1032.875073][T20336]  ? __might_fault+0x13b/0x190
[ 1032.875101][T20336]  __sys_bpf+0x47cc/0x4d80
[ 1032.875117][T20336]  ? __pfx___sys_bpf+0x10/0x10
[ 1032.875131][T20336]  ? do_writev+0x218/0x340
[ 1032.875154][T20336]  ? do_futex+0x122/0x350
[ 1032.875172][T20336]  ? __pfx_do_futex+0x10/0x10
[ 1032.875197][T20336]  ? fput+0x70/0xf0
[ 1032.875212][T20336]  ? xfd_validate_state+0x61/0x180
[ 1032.875230][T20336]  ? __pfx_do_writev+0x10/0x10
[ 1032.875252][T20336]  __x64_sys_bpf+0x78/0xc0
[ 1032.875266][T20336]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1032.875287][T20336]  do_syscall_64+0xcd/0x490
[ 1032.875310][T20336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1032.875326][T20336] RIP: 0033:0x7feae9b8e929
[ 1032.875340][T20336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1032.875354][T20336] RSP: 002b:00007feaea991038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1032.875369][T20336] RAX: ffffffffffffffda RBX: 00007feae9db5fa0 RCX: 00007feae9b8e929
[ 1032.875379][T20336] RDX: 00000000000000a3 RSI: 0000200000000780 RDI: 0000000000000000
[ 1032.875388][T20336] RBP: 00007feae9c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1032.875397][T20336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1032.875406][T20336] R13: 0000000000000000 R14: 00007feae9db5fa0 R15: 00007fff0450afc8
[ 1032.875425][T20336]  </TASK>
[ 1034.381244][T20354] FAULT_INJECTION: forcing a failure.
[ 1034.381244][T20354] name failslab, interval 1, probability 0, space 0, times 0
[ 1034.500550][T20354] CPU: 0 UID: 0 PID: 20354 Comm: syz.3.2738 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1034.500578][T20354] Tainted: [U]=USER
[ 1034.500584][T20354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1034.500593][T20354] Call Trace:
[ 1034.500599][T20354]  <TASK>
[ 1034.500606][T20354]  dump_stack_lvl+0x16c/0x1f0
[ 1034.500633][T20354]  should_fail_ex+0x512/0x640
[ 1034.500655][T20354]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[ 1034.500679][T20354]  should_failslab+0xc2/0x120
[ 1034.500694][T20354]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[ 1034.500715][T20354]  ? sock_alloc_inode+0x25/0x1c0
[ 1034.500734][T20354]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 1034.500747][T20354]  sock_alloc_inode+0x25/0x1c0
[ 1034.500761][T20354]  alloc_inode+0x61/0x240
[ 1034.500776][T20354]  sock_alloc+0x40/0x280
[ 1034.500790][T20354]  __sock_create+0xc1/0x8d0
[ 1034.500810][T20354]  __sys_socket+0x14d/0x260
[ 1034.500827][T20354]  ? __pfx___sys_socket+0x10/0x10
[ 1034.500843][T20354]  ? xfd_validate_state+0x61/0x180
[ 1034.500872][T20354]  ? __pfx___do_sys_close_range+0x10/0x10
[ 1034.500898][T20354]  __x64_sys_socket+0x72/0xb0
[ 1034.500915][T20354]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1034.500936][T20354]  do_syscall_64+0xcd/0x490
[ 1034.500959][T20354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1034.500974][T20354] RIP: 0033:0x7fd64e58e929
[ 1034.500987][T20354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1034.501001][T20354] RSP: 002b:00007fd64f43f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 1034.501016][T20354] RAX: ffffffffffffffda RBX: 00007fd64e7b5fa0 RCX: 00007fd64e58e929
[ 1034.501026][T20354] RDX: 00000000000000ff RSI: 0000000000000003 RDI: 000000000000000a
[ 1034.501035][T20354] RBP: 00007fd64e610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1034.501043][T20354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1034.501052][T20354] R13: 0000000000000000 R14: 00007fd64e7b5fa0 R15: 00007fff0f187d68
[ 1034.501070][T20354]  </TASK>
[ 1034.501078][T20354] socket: no more sockets
[ 1034.821602][ T7516] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1034.829412][ T7516] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1034.865319][ T6637] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1034.982203][ T6637] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1035.148162][T20371] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2741'.
[ 1035.336388][T20374] lo: entered allmulticast mode
[ 1035.399036][T20373] lo: left allmulticast mode
[ 1035.533465][T20377] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1035.541130][T20377] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1035.547584][T20377] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1035.558417][T20377] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1035.577662][T20381] binder: 20376:20381 ioctl 540a ffffffffffffffff returned -22
[ 1037.579033][ T7516] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1037.585182][T13374] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1037.591425][T13374] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1037.598239][ T6637] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1038.337394][T20430] FAULT_INJECTION: forcing a failure.
[ 1038.337394][T20430] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1038.384103][T20430] CPU: 0 UID: 0 PID: 20430 Comm: syz.0.2758 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1038.384132][T20430] Tainted: [U]=USER
[ 1038.384138][T20430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1038.384146][T20430] Call Trace:
[ 1038.384152][T20430]  <TASK>
[ 1038.384159][T20430]  dump_stack_lvl+0x16c/0x1f0
[ 1038.384185][T20430]  should_fail_ex+0x512/0x640
[ 1038.384209][T20430]  get_futex_key+0x1d0/0x1540
[ 1038.384229][T20430]  ? __pfx_get_futex_key+0x10/0x10
[ 1038.384254][T20430]  futex_wake+0xe7/0x4e0
[ 1038.384275][T20430]  ? __pfx_futex_wake+0x10/0x10
[ 1038.384298][T20430]  ? errseq_sample+0x53/0x70
[ 1038.384320][T20430]  ? file_init_path+0x4fe/0x760
[ 1038.384338][T20430]  do_futex+0x1e3/0x350
[ 1038.384355][T20430]  ? __pfx_do_futex+0x10/0x10
[ 1038.384372][T20430]  ? fd_install+0x225/0x750
[ 1038.384395][T20430]  __x64_sys_futex+0x1e0/0x4c0
[ 1038.384413][T20430]  ? __sys_socket+0xac/0x260
[ 1038.384431][T20430]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1038.384449][T20430]  ? xfd_validate_state+0x61/0x180
[ 1038.384468][T20430]  ? __pfx___do_sys_close_range+0x10/0x10
[ 1038.384494][T20430]  do_syscall_64+0xcd/0x490
[ 1038.384518][T20430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1038.384533][T20430] RIP: 0033:0x7f1277b8e929
[ 1038.384546][T20430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1038.384560][T20430] RSP: 002b:00007f1278adf0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1038.384647][T20430] RAX: ffffffffffffffda RBX: 00007f1277db5fa8 RCX: 00007f1277b8e929
[ 1038.384661][T20430] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1277db5fac
[ 1038.384671][T20430] RBP: 00007f1277db5fa0 R08: 00007f1278ae0000 R09: 0000000000000000
[ 1038.384682][T20430] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f1277db5fac
[ 1038.384691][T20430] R13: 0000000000000000 R14: 00007fff679335f0 R15: 00007fff679336d8
[ 1038.384713][T20430]  </TASK>
[ 1040.689106][T20481] FAULT_INJECTION: forcing a failure.
[ 1040.689106][T20481] name failslab, interval 1, probability 0, space 0, times 0
[ 1040.739994][T20481] CPU: 0 UID: 0 PID: 20481 Comm: syz.0.2775 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1040.740021][T20481] Tainted: [U]=USER
[ 1040.740027][T20481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1040.740036][T20481] Call Trace:
[ 1040.740042][T20481]  <TASK>
[ 1040.740048][T20481]  dump_stack_lvl+0x16c/0x1f0
[ 1040.740075][T20481]  should_fail_ex+0x512/0x640
[ 1040.740096][T20481]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1040.740121][T20481]  should_failslab+0xc2/0x120
[ 1040.740135][T20481]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1040.740157][T20481]  ? __kernfs_new_node+0xd2/0x8e0
[ 1040.740180][T20481]  __kernfs_new_node+0xd2/0x8e0
[ 1040.740202][T20481]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1040.740226][T20481]  ? find_held_lock+0x2b/0x80
[ 1040.740243][T20481]  ? kernfs_root+0xee/0x2a0
[ 1040.740265][T20481]  kernfs_new_node+0x13c/0x1e0
[ 1040.740291][T20481]  __kernfs_create_file+0x53/0x350
[ 1040.740310][T20481]  sysfs_add_file_mode_ns+0x207/0x3c0
[ 1040.740333][T20481]  internal_create_group+0x578/0xf30
[ 1040.740358][T20481]  ? __pfx_internal_create_group+0x10/0x10
[ 1040.740386][T20481]  sysfs_slab_add+0x1a3/0x1e0
[ 1040.740407][T20481]  do_kmem_cache_create+0x530/0x730
[ 1040.740438][T20481]  ? __kmem_cache_create_args+0x205/0x390
[ 1040.740462][T20481]  __kmem_cache_create_args+0x225/0x390
[ 1040.740486][T20481]  mon_text_open+0x313/0x4f0
[ 1040.740508][T20481]  ? __pfx_mon_text_open+0x10/0x10
[ 1040.740529][T20481]  ? __debugfs_file_get+0x1fe/0x840
[ 1040.740544][T20481]  ? __pfx_mon_text_ctor+0x10/0x10
[ 1040.740566][T20481]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1040.740584][T20481]  ? lockdown_is_locked_down+0x3f/0x130
[ 1040.740604][T20481]  ? bpf_lsm_locked_down+0x9/0x10
[ 1040.740624][T20481]  ? __pfx_mon_text_open+0x10/0x10
[ 1040.740644][T20481]  full_proxy_open_regular+0x1b9/0x360
[ 1040.740663][T20481]  do_dentry_open+0x741/0x1c10
[ 1040.740684][T20481]  ? __pfx_full_proxy_open_regular+0x10/0x10
[ 1040.740704][T20481]  vfs_open+0x82/0x3f0
[ 1040.740723][T20481]  path_openat+0x1de4/0x2cb0
[ 1040.740750][T20481]  ? __pfx_path_openat+0x10/0x10
[ 1040.740773][T20481]  ? __lock_acquire+0xb8a/0x1c90
[ 1040.740794][T20481]  do_filp_open+0x20b/0x470
[ 1040.740815][T20481]  ? __pfx_do_filp_open+0x10/0x10
[ 1040.740850][T20481]  ? alloc_fd+0x471/0x7d0
[ 1040.740875][T20481]  do_sys_openat2+0x11b/0x1d0
[ 1040.740891][T20481]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1040.740915][T20481]  __x64_sys_openat+0x174/0x210
[ 1040.740931][T20481]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1040.740956][T20481]  do_syscall_64+0xcd/0x490
[ 1040.740982][T20481]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1040.740997][T20481] RIP: 0033:0x7f1277b8e929
[ 1040.741011][T20481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1040.741025][T20481] RSP: 002b:00007f1278adf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1040.741039][T20481] RAX: ffffffffffffffda RBX: 00007f1277db5fa0 RCX: 00007f1277b8e929
[ 1040.741049][T20481] RDX: 0000000000000200 RSI: 0000200000000380 RDI: ffffffffffffff9c
[ 1040.741059][T20481] RBP: 00007f1277c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1040.741068][T20481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1040.741077][T20481] R13: 0000000000000000 R14: 00007f1277db5fa0 R15: 00007fff679336d8
[ 1040.741096][T20481]  </TASK>
[ 1041.515996][T20481] SLUB: Unable to add cache mon_text_ffff8880361d8400 to sysfs
[ 1041.968910][T20495] FAULT_INJECTION: forcing a failure.
[ 1041.968910][T20495] name failslab, interval 1, probability 0, space 0, times 0
[ 1041.988163][T20496] FAULT_INJECTION: forcing a failure.
[ 1041.988163][T20496] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1042.024371][T20496] CPU: 0 UID: 0 PID: 20496 Comm: syz.2.2781 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1042.024399][T20496] Tainted: [U]=USER
[ 1042.024405][T20496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1042.024414][T20496] Call Trace:
[ 1042.024420][T20496]  <TASK>
[ 1042.024427][T20496]  dump_stack_lvl+0x16c/0x1f0
[ 1042.024453][T20496]  should_fail_ex+0x512/0x640
[ 1042.024477][T20496]  should_fail_alloc_page+0xe7/0x130
[ 1042.024494][T20496]  prepare_alloc_pages+0x3c2/0x610
[ 1042.024512][T20496]  ? rcu_is_watching+0x12/0xc0
[ 1042.024531][T20496]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1042.024554][T20496]  ? kasan_save_stack+0x42/0x60
[ 1042.024576][T20496]  ? __lock_acquire+0x622/0x1c90
[ 1042.024597][T20496]  ? __vmf_anon_prepare+0x11c/0x240
[ 1042.024616][T20496]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1042.024636][T20496]  ? __lock_acquire+0x622/0x1c90
[ 1042.024662][T20496]  ? __lock_acquire+0x622/0x1c90
[ 1042.024682][T20496]  ? __lock_acquire+0x622/0x1c90
[ 1042.024701][T20496]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1042.024722][T20496]  ? cpuset_nodemask_valid_mems_allowed+0x5f/0x80
[ 1042.024741][T20496]  ? policy_nodemask+0xea/0x4e0
[ 1042.024757][T20496]  alloc_pages_mpol+0x1fb/0x550
[ 1042.024772][T20496]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1042.024790][T20496]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1042.024809][T20496]  vma_alloc_folio_noprof+0xed/0x1e0
[ 1042.024825][T20496]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1042.024840][T20496]  ? find_held_lock+0x2b/0x80
[ 1042.024856][T20496]  ? __handle_mm_fault+0x1092/0x5490
[ 1042.024877][T20496]  __handle_mm_fault+0x2f21/0x5490
[ 1042.024901][T20496]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1042.024921][T20496]  ? __pte_offset_map_lock+0x174/0x310
[ 1042.024937][T20496]  ? find_held_lock+0x2b/0x80
[ 1042.024950][T20496]  ? find_held_lock+0x2b/0x80
[ 1042.024970][T20496]  ? follow_page_pte+0x3af/0x14c0
[ 1042.024990][T20496]  handle_mm_fault+0x589/0xd10
[ 1042.025013][T20496]  __get_user_pages+0x589/0x3b80
[ 1042.025035][T20496]  ? __pfx_mt_find+0x10/0x10
[ 1042.025049][T20496]  ? __pfx___get_user_pages+0x10/0x10
[ 1042.025072][T20496]  populate_vma_page_range+0x278/0x3a0
[ 1042.025091][T20496]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1042.025108][T20496]  ? __pfx_find_vma_intersection+0x10/0x10
[ 1042.025125][T20496]  ? do_mmap+0x69c/0x1210
[ 1042.025143][T20496]  __mm_populate+0x1d8/0x380
[ 1042.025160][T20496]  ? __pfx___mm_populate+0x10/0x10
[ 1042.025179][T20496]  ? up_write+0x1b2/0x520
[ 1042.025202][T20496]  vm_mmap_pgoff+0x362/0x450
[ 1042.025219][T20496]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1042.025234][T20496]  ? do_set_mempolicy+0x220/0x480
[ 1042.025250][T20496]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1042.025266][T20496]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1042.025286][T20496]  ksys_mmap_pgoff+0x7d/0x5c0
[ 1042.025301][T20496]  ? xfd_validate_state+0x61/0x180
[ 1042.025320][T20496]  ? __pfx_kernel_set_mempolicy+0x10/0x10
[ 1042.025336][T20496]  __x64_sys_mmap+0x125/0x190
[ 1042.025368][T20496]  do_syscall_64+0xcd/0x490
[ 1042.025391][T20496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1042.025408][T20496] RIP: 0033:0x7f5bf4f8e929
[ 1042.025422][T20496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1042.025436][T20496] RSP: 002b:00007f5bf5db8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1042.025450][T20496] RAX: ffffffffffffffda RBX: 00007f5bf51b5fa0 RCX: 00007f5bf4f8e929
[ 1042.025460][T20496] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[ 1042.025469][T20496] RBP: 00007f5bf5010b39 R08: 0000000000000002 R09: 0000000000008000
[ 1042.025478][T20496] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[ 1042.025487][T20496] R13: 0000000000000000 R14: 00007f5bf51b5fa0 R15: 00007ffda1d5ed98
[ 1042.025506][T20496]  </TASK>
[ 1042.401558][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1042.948851][T20495] CPU: 0 UID: 0 PID: 20495 Comm: syz.3.2780 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1042.948879][T20495] Tainted: [U]=USER
[ 1042.948884][T20495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1042.948893][T20495] Call Trace:
[ 1042.948899][T20495]  <TASK>
[ 1042.948905][T20495]  dump_stack_lvl+0x16c/0x1f0
[ 1042.948931][T20495]  should_fail_ex+0x512/0x640
[ 1042.948952][T20495]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1042.948976][T20495]  should_failslab+0xc2/0x120
[ 1042.948991][T20495]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1042.949012][T20495]  ? alloc_file_pseudo+0x1b3/0x230
[ 1042.949027][T20495]  ? alloc_empty_file+0x55/0x1e0
[ 1042.949044][T20495]  alloc_empty_file+0x55/0x1e0
[ 1042.949060][T20495]  alloc_file_clone+0x5f/0x110
[ 1042.949076][T20495]  create_pipe_files+0x412/0x930
[ 1042.949100][T20495]  do_pipe2+0xaf/0x1c0
[ 1042.949121][T20495]  ? __pfx_do_pipe2+0x10/0x10
[ 1042.949142][T20495]  ? xfd_validate_state+0x61/0x180
[ 1042.949162][T20495]  ? __pfx_ksys_write+0x10/0x10
[ 1042.949186][T20495]  __x64_sys_pipe+0x33/0x50
[ 1042.949198][T20495]  do_syscall_64+0xcd/0x490
[ 1042.949221][T20495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1042.949235][T20495] RIP: 0033:0x7fd64e58e929
[ 1042.949247][T20495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1042.949261][T20495] RSP: 002b:00007fd64f43f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016
[ 1042.949275][T20495] RAX: ffffffffffffffda RBX: 00007fd64e7b5fa0 RCX: 00007fd64e58e929
[ 1042.949292][T20495] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1042.949302][T20495] RBP: 00007fd64e610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1042.949310][T20495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1042.949319][T20495] R13: 0000000000000000 R14: 00007fd64e7b5fa0 R15: 00007fff0f187d68
[ 1042.949338][T20495]  </TASK>
[ 1043.144399][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1043.409653][T20503] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1043.453533][T20503] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1043.459569][T20503] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1043.558481][T20503] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1043.844965][T20503] Process accounting resumed
[ 1044.312307][T20521] FAULT_INJECTION: forcing a failure.
[ 1044.312307][T20521] name failslab, interval 1, probability 0, space 0, times 0
[ 1044.362600][T20523] sp0: Synchronizing with TNC
[ 1044.390383][T20521] CPU: 0 UID: 0 PID: 20521 Comm: syz.2.2787 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1044.390411][T20521] Tainted: [U]=USER
[ 1044.390417][T20521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1044.390426][T20521] Call Trace:
[ 1044.390432][T20521]  <TASK>
[ 1044.390438][T20521]  dump_stack_lvl+0x16c/0x1f0
[ 1044.390466][T20521]  should_fail_ex+0x512/0x640
[ 1044.390488][T20521]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1044.390512][T20521]  should_failslab+0xc2/0x120
[ 1044.390526][T20521]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1044.390548][T20521]  ? __kernfs_new_node+0xd2/0x8e0
[ 1044.390572][T20521]  __kernfs_new_node+0xd2/0x8e0
[ 1044.390594][T20521]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1044.390618][T20521]  ? find_held_lock+0x2b/0x80
[ 1044.390634][T20521]  ? kernfs_root+0xee/0x2a0
[ 1044.390658][T20521]  kernfs_new_node+0x13c/0x1e0
[ 1044.390683][T20521]  __kernfs_create_file+0x53/0x350
[ 1044.390702][T20521]  sysfs_add_file_mode_ns+0x207/0x3c0
[ 1044.390726][T20521]  internal_create_group+0x578/0xf30
[ 1044.390751][T20521]  ? __pfx_internal_create_group+0x10/0x10
[ 1044.390779][T20521]  sysfs_slab_add+0x1a3/0x1e0
[ 1044.390800][T20521]  do_kmem_cache_create+0x530/0x730
[ 1044.390821][T20521]  ? __kmem_cache_create_args+0x205/0x390
[ 1044.390844][T20521]  __kmem_cache_create_args+0x225/0x390
[ 1044.390866][T20521]  mon_text_open+0x313/0x4f0
[ 1044.390890][T20521]  ? __pfx_mon_text_open+0x10/0x10
[ 1044.390911][T20521]  ? __debugfs_file_get+0x1fe/0x840
[ 1044.390926][T20521]  ? __pfx_mon_text_ctor+0x10/0x10
[ 1044.390947][T20521]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1044.390966][T20521]  ? lockdown_is_locked_down+0x3f/0x130
[ 1044.390985][T20521]  ? bpf_lsm_locked_down+0x9/0x10
[ 1044.391006][T20521]  ? __pfx_mon_text_open+0x10/0x10
[ 1044.391027][T20521]  full_proxy_open_regular+0x1b9/0x360
[ 1044.391045][T20521]  do_dentry_open+0x741/0x1c10
[ 1044.391067][T20521]  ? __pfx_full_proxy_open_regular+0x10/0x10
[ 1044.391087][T20521]  vfs_open+0x82/0x3f0
[ 1044.391105][T20521]  path_openat+0x1de4/0x2cb0
[ 1044.391133][T20521]  ? __pfx_path_openat+0x10/0x10
[ 1044.391155][T20521]  ? __lock_acquire+0xb8a/0x1c90
[ 1044.391177][T20521]  do_filp_open+0x20b/0x470
[ 1044.391205][T20521]  ? __pfx_do_filp_open+0x10/0x10
[ 1044.391242][T20521]  ? alloc_fd+0x471/0x7d0
[ 1044.391267][T20521]  do_sys_openat2+0x11b/0x1d0
[ 1044.391283][T20521]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1044.391308][T20521]  __x64_sys_openat+0x174/0x210
[ 1044.391325][T20521]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1044.391350][T20521]  do_syscall_64+0xcd/0x490
[ 1044.391373][T20521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1044.391389][T20521] RIP: 0033:0x7f5bf4f8e929
[ 1044.391401][T20521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1044.391416][T20521] RSP: 002b:00007f5bf5db8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1044.391430][T20521] RAX: ffffffffffffffda RBX: 00007f5bf51b5fa0 RCX: 00007f5bf4f8e929
[ 1044.391440][T20521] RDX: 0000000000000200 RSI: 0000200000000380 RDI: ffffffffffffff9c
[ 1044.391449][T20521] RBP: 00007f5bf5010b39 R08: 0000000000000000 R09: 0000000000000000
[ 1044.391458][T20521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1044.391467][T20521] R13: 0000000000000000 R14: 00007f5bf51b5fa0 R15: 00007ffda1d5ed98
[ 1044.391487][T20521]  </TASK>
[ 1044.392065][T20521] SLUB: Unable to add cache mon_text_ffff88805ee9a800 to sysfs
[ 1045.320292][    C0] sd 0:0:1:0: [sda] tag#5870 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[ 1045.330740][    C0] sd 0:0:1:0: [sda] tag#5870 CDB: Write(6) 0a 00 00 00 0b 00 00 00 00 00 00 00
[ 1045.449751][T17593] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1045.513474][T17593] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1045.519581][T17593] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1045.527824][T20541] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1045.554389][T20541] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1045.606634][T20541] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1045.612674][T20541] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1046.202488][T20551] sp0: Synchronizing with TNC
[ 1046.259302][T20558] FAULT_INJECTION: forcing a failure.
[ 1046.259302][T20558] name failslab, interval 1, probability 0, space 0, times 0
[ 1046.312942][T20558] CPU: 0 UID: 0 PID: 20558 Comm: syz.1.2800 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1046.312971][T20558] Tainted: [U]=USER
[ 1046.312976][T20558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1046.312986][T20558] Call Trace:
[ 1046.312992][T20558]  <TASK>
[ 1046.313004][T20558]  dump_stack_lvl+0x16c/0x1f0
[ 1046.313031][T20558]  should_fail_ex+0x512/0x640
[ 1046.313056][T20558]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1046.313078][T20558]  should_failslab+0xc2/0x120
[ 1046.313092][T20558]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1046.313112][T20558]  ? kvm_uevent_notify_change.part.0+0x2b2/0x450
[ 1046.313132][T20558]  kvm_uevent_notify_change.part.0+0x2b2/0x450
[ 1046.313149][T20558]  ? __pfx_kvm_vm_release+0x10/0x10
[ 1046.313161][T20558]  kvm_put_kvm+0xe4/0xb40
[ 1046.313173][T20558]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1046.313196][T20558]  ? __pfx_kvm_vm_release+0x10/0x10
[ 1046.313209][T20558]  kvm_vm_release+0x3c/0x50
[ 1046.313221][T20558]  __fput+0x402/0xb70
[ 1046.313247][T20558]  task_work_run+0x150/0x240
[ 1046.313272][T20558]  ? __pfx_task_work_run+0x10/0x10
[ 1046.313295][T20558]  ? __pfx___do_sys_close_range+0x10/0x10
[ 1046.313321][T20558]  exit_to_user_mode_loop+0xeb/0x110
[ 1046.313346][T20558]  do_syscall_64+0x3f6/0x490
[ 1046.313369][T20558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1046.313384][T20558] RIP: 0033:0x7feae9b8e929
[ 1046.313396][T20558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1046.313411][T20558] RSP: 002b:00007feaea991038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1046.313426][T20558] RAX: 0000000000000000 RBX: 00007feae9db5fa0 RCX: 00007feae9b8e929
[ 1046.313435][T20558] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1046.313445][T20558] RBP: 00007feae9c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1046.313454][T20558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1046.313462][T20558] R13: 0000000000000000 R14: 00007feae9db5fa0 R15: 00007fff0450afc8
[ 1046.313480][T20558]  </TASK>
[ 1046.518635][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1046.844417][T20568] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[ 1047.060934][T20581] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1047.114871][T20581] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1047.148763][T20581] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1047.182183][T20581] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1047.867786][T20606] FAULT_INJECTION: forcing a failure.
[ 1047.867786][T20606] name failslab, interval 1, probability 0, space 0, times 0
[ 1047.933907][T20606] CPU: 0 UID: 0 PID: 20606 Comm: syz.1.2815 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1047.933934][T20606] Tainted: [U]=USER
[ 1047.933940][T20606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1047.933950][T20606] Call Trace:
[ 1047.933956][T20606]  <TASK>
[ 1047.933963][T20606]  dump_stack_lvl+0x16c/0x1f0
[ 1047.933989][T20606]  should_fail_ex+0x512/0x640
[ 1047.934011][T20606]  ? __kmalloc_noprof+0xbf/0x510
[ 1047.934035][T20606]  ? slhc_init+0x3dd/0x570
[ 1047.934053][T20606]  should_failslab+0xc2/0x120
[ 1047.934067][T20606]  __kmalloc_noprof+0xd2/0x510
[ 1047.934092][T20606]  slhc_init+0x3dd/0x570
[ 1047.934110][T20606]  ? kasan_save_track+0x14/0x30
[ 1047.934132][T20606]  slip_open+0x8ee/0x1150
[ 1047.934152][T20606]  ? __pfx_n_tty_close+0x10/0x10
[ 1047.934169][T20606]  ? __pfx_slip_open+0x10/0x10
[ 1047.934187][T20606]  ? down_write+0x14d/0x200
[ 1047.934201][T20606]  ? __pfx_slip_open+0x10/0x10
[ 1047.934219][T20606]  tty_ldisc_open+0x9c/0x120
[ 1047.934239][T20606]  tty_set_ldisc+0x32b/0x780
[ 1047.934262][T20606]  tty_ioctl+0xc2e/0x1640
[ 1047.934284][T20606]  ? __pfx_tty_ioctl+0x10/0x10
[ 1047.934312][T20606]  ? find_held_lock+0x2b/0x80
[ 1047.934327][T20606]  ? hook_file_ioctl_common+0x145/0x410
[ 1047.934347][T20606]  ? __fget_files+0x20e/0x3c0
[ 1047.934371][T20606]  ? __pfx_tty_ioctl+0x10/0x10
[ 1047.934393][T20606]  __x64_sys_ioctl+0x18e/0x210
[ 1047.934412][T20606]  do_syscall_64+0xcd/0x490
[ 1047.934435][T20606]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1047.934451][T20606] RIP: 0033:0x7feae9b8e929
[ 1047.934463][T20606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1047.934478][T20606] RSP: 002b:00007feaea991038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1047.934492][T20606] RAX: ffffffffffffffda RBX: 00007feae9db5fa0 RCX: 00007feae9b8e929
[ 1047.934502][T20606] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000006
[ 1047.934511][T20606] RBP: 00007feae9c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1047.934519][T20606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1047.934527][T20606] R13: 0000000000000000 R14: 00007feae9db5fa0 R15: 00007fff0450afc8
[ 1047.934547][T20606]  </TASK>
[ 1048.187937][T20608] FAULT_INJECTION: forcing a failure.
[ 1048.187937][T20608] name failslab, interval 1, probability 0, space 0, times 0
[ 1048.200600][T20608] CPU: 0 UID: 0 PID: 20608 Comm: syz.3.2816 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1048.200626][T20608] Tainted: [U]=USER
[ 1048.200631][T20608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1048.200641][T20608] Call Trace:
[ 1048.200647][T20608]  <TASK>
[ 1048.200654][T20608]  dump_stack_lvl+0x16c/0x1f0
[ 1048.200679][T20608]  should_fail_ex+0x512/0x640
[ 1048.200701][T20608]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1048.200725][T20608]  should_failslab+0xc2/0x120
[ 1048.200739][T20608]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1048.200760][T20608]  ? __pfx_map_id_range_down+0x10/0x10
[ 1048.200780][T20608]  ? __pfx_blkcg_maybe_throttle_current+0x10/0x10
[ 1048.200797][T20608]  ? prepare_creds+0x2c/0x7d0
[ 1048.200821][T20608]  prepare_creds+0x2c/0x7d0
[ 1048.200843][T20608]  __sys_setuid+0x9a/0x440
[ 1048.200860][T20608]  do_syscall_64+0xcd/0x490
[ 1048.200891][T20608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1048.200906][T20608] RIP: 0033:0x7fd64e58e929
[ 1048.200920][T20608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1048.200933][T20608] RSP: 002b:00007fd64f43f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000069
[ 1048.200948][T20608] RAX: ffffffffffffffda RBX: 00007fd64e7b5fa0 RCX: 00007fd64e58e929
[ 1048.200958][T20608] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e
[ 1048.200966][T20608] RBP: 00007fd64e610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1048.200975][T20608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1048.200984][T20608] R13: 0000000000000000 R14: 00007fd64e7b5fa0 R15: 00007fff0f187d68
[ 1048.201003][T20608]  </TASK>
[ 1048.480290][T20612] FAULT_INJECTION: forcing a failure.
[ 1048.480290][T20612] name failslab, interval 1, probability 0, space 0, times 0
[ 1048.492982][T20612] CPU: 0 UID: 0 PID: 20612 Comm: syz.1.2817 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1048.493009][T20612] Tainted: [U]=USER
[ 1048.493014][T20612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1048.493024][T20612] Call Trace:
[ 1048.493032][T20612]  <TASK>
[ 1048.493039][T20612]  dump_stack_lvl+0x16c/0x1f0
[ 1048.493065][T20612]  should_fail_ex+0x512/0x640
[ 1048.493086][T20612]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1048.493109][T20612]  should_failslab+0xc2/0x120
[ 1048.493124][T20612]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1048.493147][T20612]  ? madvise_collapse+0x1cb/0xb20
[ 1048.493166][T20612]  madvise_collapse+0x1cb/0xb20
[ 1048.493182][T20612]  ? __schedule+0x1181/0x5de0
[ 1048.493205][T20612]  ? __pfx_madvise_collapse+0x10/0x10
[ 1048.493224][T20612]  ? mtree_range_walk+0x718/0xc00
[ 1048.493242][T20612]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1048.493267][T20612]  madvise_vma_behavior+0x118d/0x2420
[ 1048.493283][T20612]  ? mas_prev_setup.constprop.0+0x81/0x830
[ 1048.493305][T20612]  ? __pfx_madvise_vma_behavior+0x10/0x10
[ 1048.493321][T20612]  ? __pfx_mas_prev+0x10/0x10
[ 1048.493345][T20612]  ? find_vma_prev+0xda/0x160
[ 1048.493362][T20612]  ? __pfx_find_vma_prev+0x10/0x10
[ 1048.493383][T20612]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1048.493407][T20612]  ? __pfx_madvise_vma_behavior+0x10/0x10
[ 1048.493421][T20612]  madvise_walk_vmas+0x1ce/0x2c0
[ 1048.493437][T20612]  ? __pfx_madvise_walk_vmas+0x10/0x10
[ 1048.493457][T20612]  madvise_do_behavior+0x15d/0x3f0
[ 1048.493474][T20612]  ? __pfx_madvise_do_behavior+0x10/0x10
[ 1048.493501][T20612]  do_madvise+0x161/0x230
[ 1048.493516][T20612]  ? __pfx_do_madvise+0x10/0x10
[ 1048.493540][T20612]  ? xfd_validate_state+0x61/0x180
[ 1048.493563][T20612]  __x64_sys_madvise+0xa9/0x110
[ 1048.493578][T20612]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1048.493598][T20612]  do_syscall_64+0xcd/0x490
[ 1048.493620][T20612]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1048.493635][T20612] RIP: 0033:0x7feae9b8e929
[ 1048.493648][T20612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1048.493662][T20612] RSP: 002b:00007feaea991038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[ 1048.493676][T20612] RAX: ffffffffffffffda RBX: 00007feae9db5fa0 RCX: 00007feae9b8e929
[ 1048.493686][T20612] RDX: 0000000000000019 RSI: 0000000000200007 RDI: 0000000000000000
[ 1048.493695][T20612] RBP: 00007feae9c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1048.493704][T20612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1048.493713][T20612] R13: 0000000000000000 R14: 00007feae9db5fa0 R15: 00007fff0450afc8
[ 1048.493732][T20612]  </TASK>
[ 1048.859948][T20610] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[ 1049.010997][T20622] FAULT_INJECTION: forcing a failure.
[ 1049.010997][T20622] name failslab, interval 1, probability 0, space 0, times 0
[ 1049.033411][T20622] CPU: 0 UID: 0 PID: 20622 Comm: syz.3.2821 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1049.033437][T20622] Tainted: [U]=USER
[ 1049.033442][T20622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1049.033451][T20622] Call Trace:
[ 1049.033457][T20622]  <TASK>
[ 1049.033463][T20622]  dump_stack_lvl+0x16c/0x1f0
[ 1049.033490][T20622]  should_fail_ex+0x512/0x640
[ 1049.033510][T20622]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1049.033532][T20622]  should_failslab+0xc2/0x120
[ 1049.033546][T20622]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1049.033566][T20622]  ? kvm_pic_init+0x4f/0x380
[ 1049.033588][T20622]  kvm_pic_init+0x4f/0x380
[ 1049.033609][T20622]  kvm_arch_vm_ioctl+0x8fd/0x1cf0
[ 1049.033628][T20622]  ? ima_match_policy+0x7f9/0x22e0
[ 1049.033644][T20622]  ? __pfx_kvm_arch_vm_ioctl+0x10/0x10
[ 1049.033662][T20622]  ? __lock_acquire+0x622/0x1c90
[ 1049.033686][T20622]  ? __lock_acquire+0x622/0x1c90
[ 1049.033709][T20622]  ? __lock_acquire+0x622/0x1c90
[ 1049.033732][T20622]  ? __lock_acquire+0x622/0x1c90
[ 1049.033765][T20622]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1049.033783][T20622]  ? is_bpf_text_address+0x94/0x1a0
[ 1049.033803][T20622]  ? kernel_text_address+0x8d/0x100
[ 1049.033832][T20622]  ? __kernel_text_address+0xd/0x40
[ 1049.033846][T20622]  ? unwind_get_return_address+0x59/0xa0
[ 1049.033869][T20622]  ? arch_stack_walk+0xa6/0x100
[ 1049.033891][T20622]  ? stack_trace_save+0x8e/0xc0
[ 1049.033908][T20622]  ? __pfx_stack_trace_save+0x10/0x10
[ 1049.033924][T20622]  ? stack_depot_save_flags+0x28/0xa40
[ 1049.033946][T20622]  ? __lock_acquire+0xb8a/0x1c90
[ 1049.033967][T20622]  ? kasan_save_stack+0x42/0x60
[ 1049.033987][T20622]  ? kasan_save_stack+0x33/0x60
[ 1049.034006][T20622]  ? kasan_save_track+0x14/0x30
[ 1049.034025][T20622]  ? kasan_save_free_info+0x3b/0x60
[ 1049.034041][T20622]  ? __kasan_slab_free+0x51/0x70
[ 1049.034061][T20622]  ? kfree+0x2b4/0x4d0
[ 1049.034077][T20622]  ? tomoyo_path_number_perm+0x470/0x580
[ 1049.034093][T20622]  ? security_file_ioctl+0x9b/0x240
[ 1049.034109][T20622]  ? __x64_sys_ioctl+0xb7/0x210
[ 1049.034125][T20622]  ? do_syscall_64+0xcd/0x490
[ 1049.034148][T20622]  kvm_vm_ioctl+0x19d3/0x3dd0
[ 1049.034178][T20622]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[ 1049.034211][T20622]  ? kasan_quarantine_put+0x10a/0x240
[ 1049.034230][T20622]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1049.034253][T20622]  ? find_held_lock+0x2b/0x80
[ 1049.034268][T20622]  ? tomoyo_path_number_perm+0x295/0x580
[ 1049.034288][T20622]  ? tomoyo_path_number_perm+0x18d/0x580
[ 1049.034306][T20622]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1049.034323][T20622]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1049.034346][T20622]  ? do_vfs_ioctl+0x523/0x1a60
[ 1049.034363][T20622]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1049.034392][T20622]  ? find_held_lock+0x2b/0x80
[ 1049.034406][T20622]  ? hook_file_ioctl_common+0x145/0x410
[ 1049.034426][T20622]  ? __fget_files+0x20e/0x3c0
[ 1049.034448][T20622]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[ 1049.034471][T20622]  __x64_sys_ioctl+0x18e/0x210
[ 1049.034489][T20622]  do_syscall_64+0xcd/0x490
[ 1049.034511][T20622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1049.034526][T20622] RIP: 0033:0x7fd64e58e929
[ 1049.034540][T20622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1049.034554][T20622] RSP: 002b:00007fd64f43f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1049.034568][T20622] RAX: ffffffffffffffda RBX: 00007fd64e7b5fa0 RCX: 00007fd64e58e929
[ 1049.034577][T20622] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003
[ 1049.034587][T20622] RBP: 00007fd64e610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1049.034595][T20622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1049.034604][T20622] R13: 0000000000000000 R14: 00007fd64e7b5fa0 R15: 00007fff0f187d68
[ 1049.034623][T20622]  </TASK>
[ 1049.463548][T17593] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1049.469846][T17593] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1049.476825][T17593] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1049.482815][T17593] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1049.545076][T20626] input: f¬
 as /devices/virtual/input/input151
[ 1050.049570][T20635] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2825'.
[ 1050.098689][T20635] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2825'.
[ 1050.213254][T20643] ima: policy update failed
[ 1050.256149][   T30] audit: type=1802 audit(4294968909.414:16): pid=20643 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2830" res=0 errno=0
[ 1050.274768][T20643] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2830'.
[ 1050.362148][   T30] audit: type=1326 audit(4294968909.514:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20637 comm="syz.1.2828" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7feae9b8e929 code=0x0
[ 1050.527384][T20641] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2829'.
[ 1050.573991][T20641] openvswitch: HfR: Dropping previously announced user features
[ 1050.995999][T20652] Process accounting resumed
[ 1051.350340][T20665] FAULT_INJECTION: forcing a failure.
[ 1051.350340][T20665] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1051.392617][T20668] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2837'.
[ 1051.415436][T20665] CPU: 0 UID: 0 PID: 20665 Comm: syz.3.2836 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1051.415464][T20665] Tainted: [U]=USER
[ 1051.415469][T20665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1051.415478][T20665] Call Trace:
[ 1051.415484][T20665]  <TASK>
[ 1051.415490][T20665]  dump_stack_lvl+0x16c/0x1f0
[ 1051.415517][T20665]  should_fail_ex+0x512/0x640
[ 1051.415541][T20665]  should_fail_alloc_page+0xe7/0x130
[ 1051.415558][T20665]  prepare_alloc_pages+0x3c2/0x610
[ 1051.415576][T20665]  ? rcu_is_watching+0x12/0xc0
[ 1051.415594][T20665]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1051.415623][T20665]  ? __lock_acquire+0x622/0x1c90
[ 1051.415653][T20665]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1051.415674][T20665]  ? __lock_acquire+0x622/0x1c90
[ 1051.415701][T20665]  ? __lock_acquire+0x622/0x1c90
[ 1051.415722][T20665]  ? __lock_acquire+0x622/0x1c90
[ 1051.415742][T20665]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1051.415765][T20665]  ? cpuset_nodemask_valid_mems_allowed+0x5f/0x80
[ 1051.415784][T20665]  ? policy_nodemask+0xea/0x4e0
[ 1051.415799][T20665]  alloc_pages_mpol+0x1fb/0x550
[ 1051.415814][T20665]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1051.415833][T20665]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1051.415851][T20665]  vma_alloc_folio_noprof+0xed/0x1e0
[ 1051.415868][T20665]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1051.415883][T20665]  ? find_held_lock+0x2b/0x80
[ 1051.415898][T20665]  ? __handle_mm_fault+0x1092/0x5490
[ 1051.415920][T20665]  __handle_mm_fault+0x2f21/0x5490
[ 1051.415944][T20665]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1051.415963][T20665]  ? __pte_offset_map_lock+0x174/0x310
[ 1051.415979][T20665]  ? find_held_lock+0x2b/0x80
[ 1051.415993][T20665]  ? find_held_lock+0x2b/0x80
[ 1051.416012][T20665]  ? follow_page_pte+0x3af/0x14c0
[ 1051.416034][T20665]  handle_mm_fault+0x589/0xd10
[ 1051.416056][T20665]  __get_user_pages+0x589/0x3b80
[ 1051.416078][T20665]  ? __pfx_mt_find+0x10/0x10
[ 1051.416092][T20665]  ? __pfx___get_user_pages+0x10/0x10
[ 1051.416115][T20665]  populate_vma_page_range+0x278/0x3a0
[ 1051.416135][T20665]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1051.416152][T20665]  ? __pfx_find_vma_intersection+0x10/0x10
[ 1051.416169][T20665]  ? do_mmap+0x69c/0x1210
[ 1051.416188][T20665]  __mm_populate+0x1d8/0x380
[ 1051.416206][T20665]  ? __pfx___mm_populate+0x10/0x10
[ 1051.416226][T20665]  ? up_write+0x1b2/0x520
[ 1051.416250][T20665]  vm_mmap_pgoff+0x362/0x450
[ 1051.416267][T20665]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1051.416282][T20665]  ? do_set_mempolicy+0x220/0x480
[ 1051.416298][T20665]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1051.416315][T20665]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1051.416334][T20665]  ksys_mmap_pgoff+0x7d/0x5c0
[ 1051.416349][T20665]  ? xfd_validate_state+0x61/0x180
[ 1051.416368][T20665]  ? __pfx_kernel_set_mempolicy+0x10/0x10
[ 1051.416384][T20665]  __x64_sys_mmap+0x125/0x190
[ 1051.416406][T20665]  do_syscall_64+0xcd/0x490
[ 1051.416429][T20665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1051.416444][T20665] RIP: 0033:0x7fd64e58e929
[ 1051.416457][T20665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1051.416471][T20665] RSP: 002b:00007fd64f43f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1051.416485][T20665] RAX: ffffffffffffffda RBX: 00007fd64e7b5fa0 RCX: 00007fd64e58e929
[ 1051.416495][T20665] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[ 1051.416504][T20665] RBP: 00007fd64e610b39 R08: 0000000000000002 R09: 0000000000008000
[ 1051.416513][T20665] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[ 1051.416522][T20665] R13: 0000000000000000 R14: 00007fd64e7b5fa0 R15: 00007fff0f187d68
[ 1051.416542][T20665]  </TASK>
[ 1051.781874][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1051.794471][T20670] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2837'.
[ 1053.375831][T20684] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2841'.
[ 1053.423944][T20684] openvswitch: HfR: Dropping previously announced user features
[ 1053.892266][T20695] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1053.945269][T20695] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1054.025471][T20695] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1054.081615][T20695] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1054.216548][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.222992][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.562497][T20709] FAULT_INJECTION: forcing a failure.
[ 1054.562497][T20709] name failslab, interval 1, probability 0, space 0, times 0
[ 1054.626532][T20709] CPU: 0 UID: 0 PID: 20709 Comm: syz.0.2847 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1054.626561][T20709] Tainted: [U]=USER
[ 1054.626566][T20709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1054.626576][T20709] Call Trace:
[ 1054.626582][T20709]  <TASK>
[ 1054.626588][T20709]  dump_stack_lvl+0x16c/0x1f0
[ 1054.626614][T20709]  should_fail_ex+0x512/0x640
[ 1054.626635][T20709]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1054.626660][T20709]  should_failslab+0xc2/0x120
[ 1054.626675][T20709]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1054.626697][T20709]  ? skb_clone+0x190/0x3f0
[ 1054.626721][T20709]  skb_clone+0x190/0x3f0
[ 1054.626743][T20709]  netlink_broadcast_filtered+0xb11/0xf40
[ 1054.626774][T20709]  ? sprintf+0xcc/0x100
[ 1054.626792][T20709]  ? __pfx_netlink_broadcast_filtered+0x10/0x10
[ 1054.626822][T20709]  ? netlink_has_listeners+0x20f/0x430
[ 1054.626846][T20709]  netlink_broadcast+0x39/0x50
[ 1054.626870][T20709]  kobject_uevent_env+0xc6a/0x1870
[ 1054.626889][T20709]  ? queue_work_on+0x12a/0x1f0
[ 1054.626903][T20709]  ? bus_to_subsys+0x131/0x160
[ 1054.626923][T20709]  driver_bound+0x164/0x230
[ 1054.626946][T20709]  device_bind_driver+0x3a/0x70
[ 1054.626966][T20709]  mac80211_hwsim_new_radio+0x3e5/0x54d0
[ 1054.626998][T20709]  ? __asan_memset+0x23/0x50
[ 1054.627018][T20709]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1054.627046][T20709]  hwsim_new_radio_nl+0xb51/0x12c0
[ 1054.627072][T20709]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1054.627099][T20709]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[ 1054.627118][T20709]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[ 1054.627140][T20709]  genl_family_rcv_msg_doit+0x206/0x2f0
[ 1054.627159][T20709]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1054.627177][T20709]  ? trace_cap_capable+0x18d/0x200
[ 1054.627197][T20709]  ? bpf_lsm_capable+0x9/0x10
[ 1054.627214][T20709]  ? security_capable+0x7e/0x260
[ 1054.627229][T20709]  ? ns_capable+0xd7/0x110
[ 1054.627247][T20709]  genl_rcv_msg+0x55c/0x800
[ 1054.627266][T20709]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1054.627284][T20709]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1054.627312][T20709]  netlink_rcv_skb+0x155/0x420
[ 1054.627327][T20709]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1054.627345][T20709]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1054.627372][T20709]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1054.627406][T20709]  genl_rcv+0x28/0x40
[ 1054.627421][T20709]  netlink_unicast+0x58d/0x850
[ 1054.627441][T20709]  ? __pfx_netlink_unicast+0x10/0x10
[ 1054.627462][T20709]  netlink_sendmsg+0x8d1/0xdd0
[ 1054.627480][T20709]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1054.627503][T20709]  ____sys_sendmsg+0xa95/0xc70
[ 1054.627520][T20709]  ? copy_msghdr_from_user+0x10a/0x160
[ 1054.627541][T20709]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1054.627561][T20709]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1054.627585][T20709]  ___sys_sendmsg+0x134/0x1d0
[ 1054.627607][T20709]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1054.627626][T20709]  ? __lock_acquire+0x622/0x1c90
[ 1054.627670][T20709]  __sys_sendmsg+0x16d/0x220
[ 1054.627691][T20709]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1054.627712][T20709]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1054.627741][T20709]  do_syscall_64+0xcd/0x490
[ 1054.627763][T20709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1054.627778][T20709] RIP: 0033:0x7f1277b8e929
[ 1054.627791][T20709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1054.627805][T20709] RSP: 002b:00007f1278adf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1054.627820][T20709] RAX: ffffffffffffffda RBX: 00007f1277db5fa0 RCX: 00007f1277b8e929
[ 1054.627830][T20709] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000005
[ 1054.627839][T20709] RBP: 00007f1277c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1054.627849][T20709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1054.627858][T20709] R13: 0000000000000000 R14: 00007f1277db5fa0 R15: 00007fff679336d8
[ 1054.627878][T20709]  </TASK>
[ 1055.143247][T20705] [U]  
[ 1055.146055][T20705] [U] 
[ 1055.148731][T20705] [U] 
[ 1055.151411][T20705] [U] 
[ 1055.154310][T20705] [U] 
[ 1055.156991][T20705] [U] 
[ 1055.159662][T20705] [U] 
[ 1055.162335][T20705] [U] 
[ 1055.165178][T20705] [U] 
[ 1055.167855][T20705] [U] 
[ 1055.170544][T20705] [U] 
[ 1055.173219][T20705] [U] 
[ 1055.176117][T20705] [U] 
[ 1055.178799][T20705] [U] 
[ 1055.181474][T20705] [U] 
[ 1055.184146][T20705] [U] 
[ 1055.187089][T20705] [U] 
[ 1055.189769][T20705] [U] 
[ 1055.192443][T20705] [U] 
[ 1055.195117][T20705] [U] 
[ 1055.197969][T20705] [U] 
[ 1055.200648][T20705] [U] 
[ 1055.203321][T20705] [U] 
[ 1055.205994][T20705] [U] 
[ 1055.209095][T20705] [U] 
[ 1055.211777][T20705] [U] 
[ 1055.214450][T20705] [U] 
[ 1055.217124][T20705] [U] 
[ 1055.219971][T20705] [U] 
[ 1055.222648][T20705] [U] 
[ 1055.225322][T20705] [U] 
[ 1055.227997][T20705] [U] 
[ 1055.230920][T20705] [U] 
[ 1055.233600][T20705] [U] 
[ 1055.236273][T20705] [U] 
[ 1055.238947][T20705] [U] 
[ 1055.241803][T20705] [U] 
[ 1055.244484][T20705] [U] 
[ 1055.247156][T20705] [U] 
[ 1055.249831][T20705] [U] 
[ 1055.252662][T20705] [U] 
[ 1055.255343][T20705] [U] 
[ 1055.258019][T20705] [U] 
[ 1055.260694][T20705] [U] 
[ 1055.263549][T20705] [U] 
[ 1055.266233][T20705] [U] 
[ 1055.268909][T20705] [U] 
[ 1055.271583][T20705] [U] 
[ 1055.274505][T20705] [U] 
[ 1055.277186][T20705] [U] 
[ 1055.279858][T20705] [U] 
[ 1055.282534][T20705] [U] 
[ 1055.285363][T20705] [U] 
[ 1055.288040][T20705] [U] 
[ 1055.290716][T20705] [U] 
[ 1055.293387][T20705] [U] 
[ 1055.296198][T20705] [U] 
[ 1055.298876][T20705] [U] 
[ 1055.301552][T20705] [U] 
[ 1055.304223][T20705] [U] 
[ 1055.307306][T20705] [U] 
[ 1055.309987][T20705] [U] 
[ 1055.312660][T20705] [U] 
[ 1055.315334][T20705] [U] 
[ 1055.318231][T20705] [U] 
[ 1055.320912][T20705] [U] 
[ 1055.323588][T20705] [U] 
[ 1055.326298][T20705] [U] 
[ 1055.329136][T20705] [U] 
[ 1055.331816][T20705] [U] 
[ 1055.334491][T20705] [U] 
[ 1055.337164][T20705] [U] 
[ 1055.340091][T20705] [U] 
[ 1055.342772][T20705] [U] 
[ 1055.345443][T20705] [U] 
[ 1055.348115][T20705] [U] 
[ 1055.350951][T20705] [U] 
[ 1055.353628][T20705] [U] 
[ 1055.356303][T20705] [U] 
[ 1055.358977][T20705] [U] 
[ 1055.361887][T20705] [U] 
[ 1055.364568][T20705] [U] 
[ 1055.367242][T20705] [U] 
[ 1055.369919][T20705] [U] 
[ 1055.372748][T20705] [U] 
[ 1055.375428][T20705] [U] 
[ 1055.378109][T20705] [U] 
[ 1055.380781][T20705] [U] 
[ 1055.383598][T20705] [U] 
[ 1055.386273][T20705] [U] 
[ 1055.388945][T20705] [U] 
[ 1055.391618][T20705] [U] 
[ 1055.394427][T20705] [U] 
[ 1055.397103][T20705] [U] 
[ 1055.399776][T20705] [U] 
[ 1055.402452][T20705] [U] 
[ 1055.405624][T20705] [U] 
[ 1055.408305][T20705] [U] 
[ 1055.410979][T20705] [U] 
[ 1055.413650][T20705] [U] 
[ 1055.421849][T20705] [U] 
[ 1055.424551][T20705] [U] 
[ 1055.427225][T20705] [U] 
[ 1055.429901][T20705] [U] 
[ 1055.432752][T20705] [U] 
[ 1055.435432][T20705] [U] 
[ 1055.438104][T20705] [U] 
[ 1055.440777][T20705] [U] 
[ 1055.443600][T20705] [U] 
[ 1055.446277][T20705] [U] 
[ 1055.448950][T20705] [U] 
[ 1055.451625][T20705] [U] 
[ 1055.454549][T20705] [U] 
[ 1055.457232][T20705] [U] 
[ 1055.459906][T20705] [U] 
[ 1055.462591][T20705] [U] 
[ 1055.465434][T20705] [U] 
[ 1055.468127][T20705] [U] 
[ 1055.470800][T20705] [U] 
[ 1055.473475][T20705] [U] 
[ 1055.477178][T20705] [U] 
[ 1055.479873][T20705] [U] 
[ 1055.482549][T20705] [U] 
[ 1055.485221][T20705] [U] 
[ 1055.488023][T20705] [U] 
[ 1055.490703][T20705] [U] 
[ 1055.493375][T20705] [U] 
[ 1055.747696][T20704] [U] 
[ 1055.766295][T20719] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2850'.
[ 1055.982629][T20416] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1055.990309][T20416] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1056.003271][T20416] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1056.152572][T17593] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1056.338118][T20730] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1056.378249][T20730] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1056.438374][T20730] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1056.498848][T20730] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1057.714653][T20747] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2861'.
[ 1057.761137][T20747] openvswitch: HfR: Dropping previously announced user features
[ 1058.454457][T17593] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1058.460486][T20416] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1058.534403][T17593] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1058.540495][T20416] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1059.028564][T20769] input: 00
[ 1059.028564][T20769]  as /devices/virtual/input/input152
[ 1059.103646][T20769] FAULT_INJECTION: forcing a failure.
[ 1059.103646][T20769] name failslab, interval 1, probability 0, space 0, times 0
[ 1059.182949][T20769] CPU: 0 UID: 0 PID: 20769 Comm: syz.0.2867 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1059.182976][T20769] Tainted: [U]=USER
[ 1059.182982][T20769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1059.182991][T20769] Call Trace:
[ 1059.182997][T20769]  <TASK>
[ 1059.183004][T20769]  dump_stack_lvl+0x16c/0x1f0
[ 1059.183030][T20769]  should_fail_ex+0x512/0x640
[ 1059.183052][T20769]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1059.183078][T20769]  should_failslab+0xc2/0x120
[ 1059.183093][T20769]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1059.183111][T20769]  ? rcu_is_watching+0x12/0xc0
[ 1059.183131][T20769]  ? device_add+0xccc/0x1a70
[ 1059.183149][T20769]  device_add+0xccc/0x1a70
[ 1059.183167][T20769]  ? __pfx_device_add+0x10/0x10
[ 1059.183182][T20769]  ? __pfx_exact_lock+0x10/0x10
[ 1059.183208][T20769]  ? kobject_get+0xbb/0x150
[ 1059.183232][T20769]  cdev_device_add+0xc2/0x1e0
[ 1059.183255][T20769]  evdev_connect+0x3a4/0x4c0
[ 1059.183278][T20769]  input_attach_handler.isra.0+0x184/0x260
[ 1059.183300][T20769]  input_register_device+0xa84/0x1130
[ 1059.183323][T20769]  uinput_ioctl_handler.isra.0+0x1357/0x1df0
[ 1059.183341][T20769]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[ 1059.183362][T20769]  ? find_held_lock+0x2b/0x80
[ 1059.183387][T20769]  ? __pfx_uinput_ioctl+0x10/0x10
[ 1059.183403][T20769]  __x64_sys_ioctl+0x18e/0x210
[ 1059.183422][T20769]  do_syscall_64+0xcd/0x490
[ 1059.183445][T20769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1059.183460][T20769] RIP: 0033:0x7f1277b8e929
[ 1059.183473][T20769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1059.183487][T20769] RSP: 002b:00007f1278adf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1059.183501][T20769] RAX: ffffffffffffffda RBX: 00007f1277db5fa0 RCX: 00007f1277b8e929
[ 1059.183512][T20769] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000005
[ 1059.183521][T20769] RBP: 00007f1277c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1059.183530][T20769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1059.183538][T20769] R13: 0000000000000000 R14: 00007f1277db5fa0 R15: 00007fff679336d8
[ 1059.183557][T20769]  </TASK>
[ 1059.401951][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1059.413317][T20772] FAULT_INJECTION: forcing a failure.
[ 1059.413317][T20772] name failslab, interval 1, probability 0, space 0, times 0
[ 1059.426075][T20772] CPU: 0 UID: 0 PID: 20772 Comm: syz.1.2868 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1059.426105][T20772] Tainted: [U]=USER
[ 1059.426110][T20772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1059.426119][T20772] Call Trace:
[ 1059.426126][T20772]  <TASK>
[ 1059.426133][T20772]  dump_stack_lvl+0x16c/0x1f0
[ 1059.426160][T20772]  should_fail_ex+0x512/0x640
[ 1059.426181][T20772]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[ 1059.426207][T20772]  should_failslab+0xc2/0x120
[ 1059.426222][T20772]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[ 1059.426244][T20772]  ? mark_held_locks+0x49/0x80
[ 1059.426263][T20772]  ? kstrdup_const+0x63/0x80
[ 1059.426287][T20772]  kstrdup+0x53/0x100
[ 1059.426309][T20772]  kstrdup_const+0x63/0x80
[ 1059.426329][T20772]  kvasprintf_const+0x10f/0x1a0
[ 1059.426345][T20772]  kobject_set_name_vargs+0x5a/0x140
[ 1059.426361][T20772]  dev_set_name+0xc7/0x100
[ 1059.426378][T20772]  ? __pfx_dev_set_name+0x10/0x10
[ 1059.426397][T20772]  ? lockdep_init_map_type+0x5c/0x280
[ 1059.426418][T20772]  ? __init_waitqueue_head+0xca/0x150
[ 1059.426437][T20772]  netdev_register_kobject+0xc5/0x3a0
[ 1059.426456][T20772]  register_netdevice+0x13dc/0x2270
[ 1059.426475][T20772]  ? __pfx_register_netdevice+0x10/0x10
[ 1059.426488][T20772]  ? rcu_is_watching+0x12/0xc0
[ 1059.426503][T20772]  ? trace_kmalloc+0x2b/0xd0
[ 1059.426517][T20772]  ? __kmalloc_noprof+0x242/0x510
[ 1059.426541][T20772]  register_netdev+0x34/0x50
[ 1059.426554][T20772]  mkiss_open+0x4cd/0x9a0
[ 1059.426576][T20772]  ? __pfx_mkiss_open+0x10/0x10
[ 1059.426598][T20772]  tty_ldisc_open+0x9c/0x120
[ 1059.426618][T20772]  tty_set_ldisc+0x32b/0x780
[ 1059.426641][T20772]  tty_ioctl+0xc2e/0x1640
[ 1059.426663][T20772]  ? __pfx_tty_ioctl+0x10/0x10
[ 1059.426691][T20772]  ? find_held_lock+0x2b/0x80
[ 1059.426706][T20772]  ? hook_file_ioctl_common+0x145/0x410
[ 1059.426727][T20772]  ? __fget_files+0x20e/0x3c0
[ 1059.426749][T20772]  ? __pfx_tty_ioctl+0x10/0x10
[ 1059.426771][T20772]  __x64_sys_ioctl+0x18e/0x210
[ 1059.426790][T20772]  do_syscall_64+0xcd/0x490
[ 1059.426812][T20772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1059.426828][T20772] RIP: 0033:0x7feae9b8e929
[ 1059.426840][T20772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1059.426855][T20772] RSP: 002b:00007feaea991038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1059.426869][T20772] RAX: ffffffffffffffda RBX: 00007feae9db5fa0 RCX: 00007feae9b8e929
[ 1059.426879][T20772] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000005
[ 1059.426888][T20772] RBP: 00007feae9c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1059.426897][T20772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1059.426905][T20772] R13: 0000000000000000 R14: 00007feae9db5fa0 R15: 00007fff0450afc8
[ 1059.426924][T20772]  </TASK>
[ 1059.713173][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1060.640651][T20776] FAULT_INJECTION: forcing a failure.
[ 1060.640651][T20776] name failslab, interval 1, probability 0, space 0, times 0
[ 1060.694301][T20776] CPU: 0 UID: 0 PID: 20776 Comm: syz.2.2870 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1060.694329][T20776] Tainted: [U]=USER
[ 1060.694334][T20776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1060.694343][T20776] Call Trace:
[ 1060.694349][T20776]  <TASK>
[ 1060.694356][T20776]  dump_stack_lvl+0x16c/0x1f0
[ 1060.694382][T20776]  should_fail_ex+0x512/0x640
[ 1060.694403][T20776]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1060.694427][T20776]  ? __pfx_objects_open+0x10/0x10
[ 1060.694449][T20776]  should_failslab+0xc2/0x120
[ 1060.694462][T20776]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1060.694484][T20776]  ? seq_open+0x55/0x170
[ 1060.694499][T20776]  ? __pfx___debugfs_file_get+0x10/0x10
[ 1060.694514][T20776]  ? __pfx_objects_open+0x10/0x10
[ 1060.694534][T20776]  seq_open+0x55/0x170
[ 1060.694550][T20776]  objects_open+0x22/0xd0
[ 1060.694571][T20776]  full_proxy_open_regular+0x1b9/0x360
[ 1060.694589][T20776]  do_dentry_open+0x741/0x1c10
[ 1060.694611][T20776]  ? __pfx_full_proxy_open_regular+0x10/0x10
[ 1060.694630][T20776]  vfs_open+0x82/0x3f0
[ 1060.694648][T20776]  path_openat+0x1de4/0x2cb0
[ 1060.694675][T20776]  ? __pfx_path_openat+0x10/0x10
[ 1060.694696][T20776]  ? __lock_acquire+0xb8a/0x1c90
[ 1060.694719][T20776]  do_filp_open+0x20b/0x470
[ 1060.694739][T20776]  ? __pfx_do_filp_open+0x10/0x10
[ 1060.694773][T20776]  ? alloc_fd+0x471/0x7d0
[ 1060.694797][T20776]  do_sys_openat2+0x11b/0x1d0
[ 1060.694814][T20776]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1060.694837][T20776]  __x64_sys_openat+0x174/0x210
[ 1060.694854][T20776]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1060.694878][T20776]  do_syscall_64+0xcd/0x490
[ 1060.694901][T20776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1060.694915][T20776] RIP: 0033:0x7f5bf4f8e929
[ 1060.694927][T20776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1060.694941][T20776] RSP: 002b:00007f5bf5db8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1060.694956][T20776] RAX: ffffffffffffffda RBX: 00007f5bf51b5fa0 RCX: 00007f5bf4f8e929
[ 1060.694965][T20776] RDX: 0000000000000200 RSI: 0000200000000280 RDI: ffffffffffffff9c
[ 1060.694974][T20776] RBP: 00007f5bf5010b39 R08: 0000000000000000 R09: 0000000000000000
[ 1060.694992][T20776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1060.695001][T20776] R13: 0000000000000000 R14: 00007f5bf51b5fa0 R15: 00007ffda1d5ed98
[ 1060.695020][T20776]  </TASK>
[ 1060.943238][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1061.376941][T20782] snd_aloop snd_aloop.0: Parsing timer source 'òÿÿÿòÿÿÿòÿÿÿòÿ' failed with -22
[ 1061.845502][T20769] input: failed to attach handler evdev to device input152, error: -12
[ 1062.224118][T20789] netlink: 'syz.2.2873': attribute type 10 has an invalid length.
[ 1062.264407][T20789] netlink: 230 bytes leftover after parsing attributes in process `syz.2.2873'.
[ 1062.350160][T20789] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 1062.410172][T20793] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2875'.
[ 1063.008085][T20795] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2876'.
[ 1063.020521][T20803] FAULT_INJECTION: forcing a failure.
[ 1063.020521][T20803] name failslab, interval 1, probability 0, space 0, times 0
[ 1063.054113][T20795] openvswitch: HfR: Dropping previously announced user features
[ 1063.077542][T20803] CPU: 0 UID: 0 PID: 20803 Comm: syz.1.2879 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1063.077572][T20803] Tainted: [U]=USER
[ 1063.077578][T20803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1063.077588][T20803] Call Trace:
[ 1063.077594][T20803]  <TASK>
[ 1063.077601][T20803]  dump_stack_lvl+0x16c/0x1f0
[ 1063.077628][T20803]  should_fail_ex+0x512/0x640
[ 1063.077650][T20803]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1063.077673][T20803]  should_failslab+0xc2/0x120
[ 1063.077688][T20803]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1063.077707][T20803]  ? rfkill_fop_open+0x56/0x750
[ 1063.077728][T20803]  ? __pfx_rfkill_fop_open+0x10/0x10
[ 1063.077743][T20803]  rfkill_fop_open+0x56/0x750
[ 1063.077759][T20803]  ? kobject_get_unless_zero+0x156/0x1e0
[ 1063.077790][T20803]  ? __pfx_rfkill_fop_open+0x10/0x10
[ 1063.077808][T20803]  misc_open+0x35d/0x420
[ 1063.077827][T20803]  ? __pfx_misc_open+0x10/0x10
[ 1063.077844][T20803]  chrdev_open+0x234/0x6a0
[ 1063.077866][T20803]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1063.077885][T20803]  ? __pfx_chrdev_open+0x10/0x10
[ 1063.077908][T20803]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1063.077931][T20803]  do_dentry_open+0x741/0x1c10
[ 1063.077952][T20803]  ? __pfx_chrdev_open+0x10/0x10
[ 1063.077977][T20803]  vfs_open+0x82/0x3f0
[ 1063.077995][T20803]  path_openat+0x1de4/0x2cb0
[ 1063.078022][T20803]  ? __pfx_path_openat+0x10/0x10
[ 1063.078044][T20803]  ? __lock_acquire+0xb8a/0x1c90
[ 1063.078066][T20803]  do_filp_open+0x20b/0x470
[ 1063.078087][T20803]  ? __pfx_do_filp_open+0x10/0x10
[ 1063.078121][T20803]  ? alloc_fd+0x471/0x7d0
[ 1063.078145][T20803]  do_sys_openat2+0x11b/0x1d0
[ 1063.078161][T20803]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1063.078185][T20803]  __x64_sys_openat+0x174/0x210
[ 1063.078201][T20803]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1063.078226][T20803]  do_syscall_64+0xcd/0x490
[ 1063.078248][T20803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1063.078263][T20803] RIP: 0033:0x7feae9b8e929
[ 1063.078275][T20803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1063.078289][T20803] RSP: 002b:00007feaea991038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1063.078304][T20803] RAX: ffffffffffffffda RBX: 00007feae9db5fa0 RCX: 00007feae9b8e929
[ 1063.078313][T20803] RDX: 0000000000183440 RSI: 0000200000000240 RDI: ffffffffffffff9c
[ 1063.078323][T20803] RBP: 00007feae9c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1063.078332][T20803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1063.078341][T20803] R13: 0000000000000000 R14: 00007feae9db5fa0 R15: 00007fff0450afc8
[ 1063.078361][T20803]  </TASK>
[ 1063.344781][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1063.645823][T20805] ima: policy update failed
[ 1063.685022][T20805] netlink: 25 bytes leftover after parsing attributes in process `syz.3.2878'.
[ 1063.783003][   T30] audit: type=1802 audit(4294968922.804:18): pid=20805 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2878" res=0 errno=0
[ 1064.464698][T20812] random: crng reseeded on system resumption
[ 1064.616851][T20809] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2881'.
[ 1064.741024][T20809] openvswitch: HfR: Dropping previously announced user features
[ 1065.364939][T20834] netlink: 25 bytes leftover after parsing attributes in process `syz.3.2890'.
[ 1065.834667][T20839] binder: 20838:20839 ioctl 400c620e 200000000080 returned -22
[ 1065.989037][T20834] ima: policy update failed
[ 1066.069185][   T30] audit: type=1802 audit(4294968925.224:19): pid=20834 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2890" res=0 errno=0
[ 1066.571077][T20842] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2892'.
[ 1066.692515][T20842] openvswitch: HfR: Dropping previously announced user features
[ 1067.191742][T20855] FAULT_INJECTION: forcing a failure.
[ 1067.191742][T20855] name failslab, interval 1, probability 0, space 0, times 0
[ 1067.262829][T20855] CPU: 0 UID: 0 PID: 20855 Comm: syz.2.2896 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1067.262858][T20855] Tainted: [U]=USER
[ 1067.262864][T20855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1067.262874][T20855] Call Trace:
[ 1067.262879][T20855]  <TASK>
[ 1067.262886][T20855]  dump_stack_lvl+0x16c/0x1f0
[ 1067.262913][T20855]  should_fail_ex+0x512/0x640
[ 1067.262935][T20855]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1067.262957][T20855]  should_failslab+0xc2/0x120
[ 1067.262971][T20855]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1067.262991][T20855]  ? rfkill_fop_open+0x56/0x750
[ 1067.263011][T20855]  ? __pfx_rfkill_fop_open+0x10/0x10
[ 1067.263027][T20855]  rfkill_fop_open+0x56/0x750
[ 1067.263043][T20855]  ? kobject_get_unless_zero+0x156/0x1e0
[ 1067.263068][T20855]  ? __pfx_rfkill_fop_open+0x10/0x10
[ 1067.263085][T20855]  misc_open+0x35d/0x420
[ 1067.263107][T20855]  ? __pfx_misc_open+0x10/0x10
[ 1067.263126][T20855]  chrdev_open+0x234/0x6a0
[ 1067.263149][T20855]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1067.263168][T20855]  ? __pfx_chrdev_open+0x10/0x10
[ 1067.263191][T20855]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1067.263214][T20855]  do_dentry_open+0x741/0x1c10
[ 1067.263236][T20855]  ? __pfx_chrdev_open+0x10/0x10
[ 1067.263261][T20855]  vfs_open+0x82/0x3f0
[ 1067.263280][T20855]  path_openat+0x1de4/0x2cb0
[ 1067.263307][T20855]  ? __pfx_path_openat+0x10/0x10
[ 1067.263328][T20855]  ? __lock_acquire+0xb8a/0x1c90
[ 1067.263351][T20855]  do_filp_open+0x20b/0x470
[ 1067.263372][T20855]  ? __pfx_do_filp_open+0x10/0x10
[ 1067.263405][T20855]  ? alloc_fd+0x471/0x7d0
[ 1067.263430][T20855]  do_sys_openat2+0x11b/0x1d0
[ 1067.263446][T20855]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1067.263469][T20855]  __x64_sys_openat+0x174/0x210
[ 1067.263495][T20855]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1067.263520][T20855]  do_syscall_64+0xcd/0x490
[ 1067.263544][T20855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1067.263559][T20855] RIP: 0033:0x7f5bf4f8e929
[ 1067.263572][T20855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1067.263586][T20855] RSP: 002b:00007f5bf5db8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1067.263600][T20855] RAX: ffffffffffffffda RBX: 00007f5bf51b5fa0 RCX: 00007f5bf4f8e929
[ 1067.263610][T20855] RDX: 0000000000183440 RSI: 0000200000000240 RDI: ffffffffffffff9c
[ 1067.263619][T20855] RBP: 00007f5bf5010b39 R08: 0000000000000000 R09: 0000000000000000
[ 1067.263628][T20855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1067.263637][T20855] R13: 0000000000000000 R14: 00007f5bf51b5fa0 R15: 00007ffda1d5ed98
[ 1067.263657][T20855]  </TASK>
[ 1067.526338][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1068.249618][T20861] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2898'.
[ 1068.298013][T20861] openvswitch: HfR: Dropping previously announced user features
[ 1069.157789][T20868] FAULT_INJECTION: forcing a failure.
[ 1069.157789][T20868] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1069.343410][T20868] CPU: 0 UID: 0 PID: 20868 Comm: syz.1.2900 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1069.343440][T20868] Tainted: [U]=USER
[ 1069.343445][T20868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1069.343455][T20868] Call Trace:
[ 1069.343461][T20868]  <TASK>
[ 1069.343468][T20868]  dump_stack_lvl+0x16c/0x1f0
[ 1069.343498][T20868]  should_fail_ex+0x512/0x640
[ 1069.343523][T20868]  should_fail_alloc_page+0xe7/0x130
[ 1069.343541][T20868]  prepare_alloc_pages+0x3c2/0x610
[ 1069.343561][T20868]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1069.343584][T20868]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1069.343609][T20868]  ? __lock_acquire+0x622/0x1c90
[ 1069.343631][T20868]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1069.343662][T20868]  ? filemap_get_entry+0x1a7/0x3b0
[ 1069.343678][T20868]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1069.343701][T20868]  ? policy_nodemask+0xea/0x4e0
[ 1069.343716][T20868]  alloc_pages_mpol+0x1fb/0x550
[ 1069.343731][T20868]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1069.343744][T20868]  ? _raw_spin_unlock+0x28/0x50
[ 1069.343763][T20868]  ? swap_entry_swapped+0x122/0x190
[ 1069.343785][T20868]  ? __pfx_swap_entry_swapped+0x10/0x10
[ 1069.343810][T20868]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1069.343828][T20868]  __read_swap_cache_async+0x3b6/0x5a0
[ 1069.343851][T20868]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1069.343871][T20868]  ? swp_swap_info+0xce/0x130
[ 1069.343885][T20868]  ? __pfx_swp_swap_info+0x10/0x10
[ 1069.343903][T20868]  swap_cluster_readahead+0x3eb/0x710
[ 1069.343927][T20868]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1069.343959][T20868]  ? get_vma_policy+0x242/0x3c0
[ 1069.343975][T20868]  swapin_readahead+0x13a/0xd60
[ 1069.344000][T20868]  ? __pfx_swapin_readahead+0x10/0x10
[ 1069.344018][T20868]  ? __filemap_get_folio+0x32b/0xc30
[ 1069.344036][T20868]  ? swap_cache_get_folio+0x1df/0x450
[ 1069.344056][T20868]  ? __pfx_swap_cache_get_folio+0x10/0x10
[ 1069.344074][T20868]  ? __pfx_get_swap_device+0x10/0x10
[ 1069.344097][T20868]  ? do_swap_page+0x125/0x65c0
[ 1069.344112][T20868]  ? __lock_acquire+0xb8a/0x1c90
[ 1069.344133][T20868]  do_swap_page+0x635/0x65c0
[ 1069.344151][T20868]  ? __lock_acquire+0x622/0x1c90
[ 1069.344172][T20868]  ? find_held_lock+0x2b/0x80
[ 1069.344189][T20868]  ? __pfx_do_swap_page+0x10/0x10
[ 1069.344207][T20868]  ? __pfx_default_wake_function+0x10/0x10
[ 1069.344227][T20868]  ? rcu_is_watching+0x12/0xc0
[ 1069.344243][T20868]  ? ___pte_offset_map+0x1d5/0x570
[ 1069.344261][T20868]  __handle_mm_fault+0x162f/0x5490
[ 1069.344286][T20868]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1069.344304][T20868]  ? __pfx_mt_find+0x10/0x10
[ 1069.344327][T20868]  ? find_vma+0xbf/0x140
[ 1069.344350][T20868]  ? __pfx_find_vma+0x10/0x10
[ 1069.344367][T20868]  handle_mm_fault+0x589/0xd10
[ 1069.344387][T20868]  ? __pkru_allows_pkey+0x51/0xb0
[ 1069.344410][T20868]  do_user_addr_fault+0x7a6/0x1370
[ 1069.344433][T20868]  ? rcu_is_watching+0x12/0xc0
[ 1069.344450][T20868]  exc_page_fault+0x5c/0xb0
[ 1069.344470][T20868]  asm_exc_page_fault+0x26/0x30
[ 1069.344485][T20868] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1069.344503][T20868] Code: 11 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 0f 11 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[ 1069.344517][T20868] RSP: 0018:ffffc9000b657d18 EFLAGS: 00050202
[ 1069.344529][T20868] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000078
[ 1069.344539][T20868] RDX: fffff520016cafd1 RSI: 0000000000000000 RDI: ffffc9000b657e10
[ 1069.344548][T20868] RBP: 0000000000000078 R08: 0000000000000001 R09: fffff520016cafd0
[ 1069.344557][T20868] R10: ffffc9000b657e87 R11: 0000000000000001 R12: 0000000000000000
[ 1069.344567][T20868] R13: ffffc9000b657e10 R14: 0000000000000000 R15: 0000000000000000
[ 1069.344586][T20868]  _copy_from_user+0x98/0xd0
[ 1069.344610][T20868]  io_uring_setup+0xb4/0x2080
[ 1069.344630][T20868]  ? __pfx_io_uring_setup+0x10/0x10
[ 1069.344648][T20868]  ? do_futex+0x122/0x350
[ 1069.344666][T20868]  ? __pfx_do_futex+0x10/0x10
[ 1069.344682][T20868]  ? fput+0x70/0xf0
[ 1069.344696][T20868]  ? __sys_connect+0xe0/0x160
[ 1069.344723][T20868]  ? xfd_validate_state+0x61/0x180
[ 1069.344741][T20868]  ? __sys_setsockopt+0x140/0x1a0
[ 1069.344764][T20868]  __x64_sys_io_uring_setup+0xc2/0x170
[ 1069.344784][T20868]  do_syscall_64+0xcd/0x490
[ 1069.344806][T20868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1069.344821][T20868] RIP: 0033:0x7feae9b8e929
[ 1069.344833][T20868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1069.344847][T20868] RSP: 002b:00007feaea991038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[ 1069.344860][T20868] RAX: ffffffffffffffda RBX: 00007feae9db5fa0 RCX: 00007feae9b8e929
[ 1069.344870][T20868] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[ 1069.344879][T20868] RBP: 00007feae9c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1069.344887][T20868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1069.344895][T20868] R13: 0000000000000000 R14: 00007feae9db5fa0 R15: 00007fff0450afc8
[ 1069.344914][T20868]  </TASK>
[ 1071.758825][T20882] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2904'.
[ 1071.794861][T20882] openvswitch: HfR: Dropping previously announced user features
[ 1073.505524][T20901] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 1073.599351][T20911] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2911'.
[ 1073.673791][T20911] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2911'.
[ 1073.710001][T20914] FAULT_INJECTION: forcing a failure.
[ 1073.710001][T20914] name failslab, interval 1, probability 0, space 0, times 0
[ 1073.834126][T20914] CPU: 0 UID: 0 PID: 20914 Comm: syz.0.2913 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1073.834156][T20914] Tainted: [U]=USER
[ 1073.834161][T20914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1073.834171][T20914] Call Trace:
[ 1073.834176][T20914]  <TASK>
[ 1073.834183][T20914]  dump_stack_lvl+0x16c/0x1f0
[ 1073.834210][T20914]  should_fail_ex+0x512/0x640
[ 1073.834231][T20914]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[ 1073.834257][T20914]  should_failslab+0xc2/0x120
[ 1073.834272][T20914]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[ 1073.834295][T20914]  ? kfree+0x24f/0x4d0
[ 1073.834311][T20914]  ? snd_pcm_hw_rule_add+0x414/0x5a0
[ 1073.834336][T20914]  krealloc_noprof+0x156/0x370
[ 1073.834356][T20914]  ? krealloc_noprof+0x1b1/0x370
[ 1073.834378][T20914]  snd_pcm_hw_rule_add+0x414/0x5a0
[ 1073.834400][T20914]  ? __pfx_snd_pcm_hw_rule_muldivk+0x10/0x10
[ 1073.834422][T20914]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[ 1073.834443][T20914]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[ 1073.834465][T20914]  ? lockdep_init_map_type+0x5c/0x280
[ 1073.834486][T20914]  ? debug_mutex_init+0x37/0x70
[ 1073.834501][T20914]  ? snd_pcm_attach_substream+0x89d/0xd60
[ 1073.834523][T20914]  snd_pcm_open_substream+0x92c/0x17f0
[ 1073.834544][T20914]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[ 1073.834563][T20914]  ? rcu_is_watching+0x12/0xc0
[ 1073.834581][T20914]  snd_pcm_open+0x29e/0x730
[ 1073.834601][T20914]  ? __pfx_snd_pcm_open+0x10/0x10
[ 1073.834621][T20914]  ? __pfx_default_wake_function+0x10/0x10
[ 1073.834642][T20914]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[ 1073.834660][T20914]  snd_pcm_capture_open+0x89/0xe0
[ 1073.834678][T20914]  snd_open+0x201/0x450
[ 1073.834701][T20914]  ? __pfx_snd_open+0x10/0x10
[ 1073.834722][T20914]  chrdev_open+0x234/0x6a0
[ 1073.834744][T20914]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1073.834763][T20914]  ? __pfx_chrdev_open+0x10/0x10
[ 1073.834787][T20914]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1073.834809][T20914]  do_dentry_open+0x741/0x1c10
[ 1073.834832][T20914]  ? __pfx_chrdev_open+0x10/0x10
[ 1073.834858][T20914]  vfs_open+0x82/0x3f0
[ 1073.834876][T20914]  path_openat+0x1de4/0x2cb0
[ 1073.834902][T20914]  ? __pfx_path_openat+0x10/0x10
[ 1073.834924][T20914]  ? __lock_acquire+0xb8a/0x1c90
[ 1073.834945][T20914]  do_filp_open+0x20b/0x470
[ 1073.834966][T20914]  ? __pfx_do_filp_open+0x10/0x10
[ 1073.835000][T20914]  ? alloc_fd+0x471/0x7d0
[ 1073.835034][T20914]  do_sys_openat2+0x11b/0x1d0
[ 1073.835050][T20914]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1073.835074][T20914]  __x64_sys_openat+0x174/0x210
[ 1073.835091][T20914]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1073.835118][T20914]  do_syscall_64+0xcd/0x490
[ 1073.835142][T20914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1073.835157][T20914] RIP: 0033:0x7f1277b8e929
[ 1073.835171][T20914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1073.835185][T20914] RSP: 002b:00007f1278abe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1073.835199][T20914] RAX: ffffffffffffffda RBX: 00007f1277db6080 RCX: 00007f1277b8e929
[ 1073.835209][T20914] RDX: 0000000000001200 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 1073.835219][T20914] RBP: 00007f1277c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1073.835228][T20914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1073.835238][T20914] R13: 0000000000000000 R14: 00007f1277db6080 R15: 00007fff679336d8
[ 1073.835258][T20914]  </TASK>
[ 1074.702179][T20915] Process accounting paused
[ 1076.409714][T20926] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2916'.
[ 1076.579388][T20926] openvswitch: HfR: Dropping previously announced user features
[ 1077.040338][T20952] sp0: Synchronizing with TNC
[ 1079.986585][   T30] audit: type=1800 audit(4294968939.144:20): pid=20995 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2936" name="members" dev="configfs" ino=75368 res=0 errno=0
[ 1080.330190][T21004] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2937'.
[ 1080.969754][T21011] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2941'.
[ 1081.064255][T21000] Process accounting paused
[ 1081.338149][T17593] Bluetooth: hci3: unexpected event 0x04 length: 11 > 10
[ 1081.338297][T17593] Bluetooth: hci3: connection err: -111
[ 1082.107354][T21020] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2943'.
[ 1082.216615][T21020] openvswitch: HfR: Dropping previously announced user features
[ 1083.163663][T21043] netlink: 186 bytes leftover after parsing attributes in process `syz.2.2950'.
[ 1083.794932][T21064] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2956'.
[ 1083.896334][T21067] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2956'.
[ 1085.975060][T21080] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2961'.
[ 1086.037825][T21080] openvswitch: HfR: Dropping previously announced user features
[ 1086.963919][T21102] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 1089.743945][T21141] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2978'.
[ 1089.984841][T21145] FAULT_INJECTION: forcing a failure.
[ 1089.984841][T21145] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1090.067031][T21145] CPU: 0 UID: 0 PID: 21145 Comm: syz.2.2979 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1090.067062][T21145] Tainted: [U]=USER
[ 1090.067067][T21145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1090.067077][T21145] Call Trace:
[ 1090.067082][T21145]  <TASK>
[ 1090.067089][T21145]  dump_stack_lvl+0x16c/0x1f0
[ 1090.067121][T21145]  should_fail_ex+0x512/0x640
[ 1090.067146][T21145]  get_futex_key+0x1d0/0x1540
[ 1090.067167][T21145]  ? __pfx_get_futex_key+0x10/0x10
[ 1090.067190][T21145]  futex_wake+0xe7/0x4e0
[ 1090.067211][T21145]  ? __pfx_futex_wake+0x10/0x10
[ 1090.067233][T21145]  ? kmem_cache_free+0x2d1/0x4d0
[ 1090.067253][T21145]  ? fd_install+0x225/0x750
[ 1090.067271][T21145]  ? putname+0x154/0x1a0
[ 1090.067287][T21145]  do_futex+0x1e3/0x350
[ 1090.067305][T21145]  ? __pfx_do_futex+0x10/0x10
[ 1090.067327][T21145]  __x64_sys_futex+0x1e0/0x4c0
[ 1090.067346][T21145]  ? __x64_sys_openat+0x174/0x210
[ 1090.067363][T21145]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1090.067381][T21145]  ? xfd_validate_state+0x61/0x180
[ 1090.067406][T21145]  do_syscall_64+0xcd/0x490
[ 1090.067429][T21145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1090.067443][T21145] RIP: 0033:0x7f5bf4f8e929
[ 1090.067456][T21145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1090.067470][T21145] RSP: 002b:00007f5bf5db80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1090.067484][T21145] RAX: ffffffffffffffda RBX: 00007f5bf51b5fa8 RCX: 00007f5bf4f8e929
[ 1090.067494][T21145] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5bf51b5fac
[ 1090.067502][T21145] RBP: 00007f5bf51b5fa0 R08: 00007f5bf5db9000 R09: 0000000000000000
[ 1090.067511][T21145] R10: 0000000000000009 R11: 0000000000000246 R12: 00007f5bf51b5fac
[ 1090.067520][T21145] R13: 0000000000000000 R14: 00007ffda1d5ecb0 R15: 00007ffda1d5ed98
[ 1090.067539][T21145]  </TASK>
[ 1090.586612][T21156] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input153
[ 1091.012750][T21164] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2984'.
[ 1092.570756][T21186] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2992'.
[ 1092.596367][T21189] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2989'.
[ 1092.612907][T21168] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1092.636151][T21168] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1092.661759][T21168] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1092.688068][T21168] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1092.922043][T21195] FAULT_INJECTION: forcing a failure.
[ 1092.922043][T21195] name failslab, interval 1, probability 0, space 0, times 0
[ 1092.999809][T21195] CPU: 0 UID: 0 PID: 21195 Comm: syz.0.2993 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1092.999838][T21195] Tainted: [U]=USER
[ 1092.999843][T21195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1092.999852][T21195] Call Trace:
[ 1092.999858][T21195]  <TASK>
[ 1092.999865][T21195]  dump_stack_lvl+0x16c/0x1f0
[ 1092.999892][T21195]  should_fail_ex+0x512/0x640
[ 1092.999914][T21195]  ? fs_reclaim_acquire+0xae/0x150
[ 1092.999934][T21195]  should_failslab+0xc2/0x120
[ 1092.999949][T21195]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1092.999971][T21195]  ? security_inode_alloc+0x3b/0x2b0
[ 1092.999991][T21195]  security_inode_alloc+0x3b/0x2b0
[ 1093.000020][T21195]  inode_init_always_gfp+0xce4/0x1030
[ 1093.000045][T21195]  alloc_inode+0x86/0x240
[ 1093.000062][T21195]  new_inode+0x22/0x1c0
[ 1093.000079][T21195]  mqueue_get_inode+0x2e/0xdd0
[ 1093.000106][T21195]  mqueue_create_attr+0x261/0x440
[ 1093.000123][T21195]  vfs_mkobj+0x3db/0x620
[ 1093.000139][T21195]  ? __pfx_mqueue_create_attr+0x10/0x10
[ 1093.000155][T21195]  do_mq_open+0x71e/0x8c0
[ 1093.000180][T21195]  ? __pfx_do_mq_open+0x10/0x10
[ 1093.000207][T21195]  __x64_sys_mq_open+0x155/0x1e0
[ 1093.000221][T21195]  ? __pfx___x64_sys_mq_open+0x10/0x10
[ 1093.000245][T21195]  do_syscall_64+0xcd/0x490
[ 1093.000268][T21195]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1093.000283][T21195] RIP: 0033:0x7f1277b8e929
[ 1093.000296][T21195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1093.000311][T21195] RSP: 002b:00007f1278abe038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f0
[ 1093.000325][T21195] RAX: ffffffffffffffda RBX: 00007f1277db6080 RCX: 00007f1277b8e929
[ 1093.000335][T21195] RDX: 0000000000000009 RSI: 000000000000007e RDI: 0000000000000000
[ 1093.000344][T21195] RBP: 00007f1277c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1093.000352][T21195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1093.000360][T21195] R13: 0000000000000000 R14: 00007f1277db6080 R15: 00007fff679336d8
[ 1093.000379][T21195]  </TASK>
[ 1093.499980][T17593] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1093.844500][T21206] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2997'.
[ 1093.874367][T17593] Bluetooth: hci1: unexpected event 0x04 length: 11 > 10
[ 1093.874423][T17593] Bluetooth: hci1: connection err: -111
[ 1093.904908][T21206] openvswitch: HfR: Dropping previously announced user features
[ 1094.693417][T17593] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1094.699458][T17593] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1094.706018][T20416] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1096.831971][   T30] audit: type=1806 audit(4294968955.984:21): xattr="." res=0
[ 1097.901859][T21267] bridge0: port 3(dummy0) entered blocking state
[ 1097.964337][T21267] bridge0: port 3(dummy0) entered disabled state
[ 1098.014465][T21267] dummy0: entered allmulticast mode
[ 1098.085109][T21267] dummy0: entered promiscuous mode
[ 1098.124970][T21267] bridge0: port 3(dummy0) entered blocking state
[ 1098.131422][T21267] bridge0: port 3(dummy0) entered forwarding state
[ 1098.425108][T21278] snd_aloop snd_aloop.0: Parsing timer source 'òÿÿÿòÿÿÿòÿÿÿòÿ' failed with -22
[ 1098.937451][T21276] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1098.991187][T21276] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1099.021513][T21276] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1099.079630][T21276] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1100.496303][T21303] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1100.559509][T21303] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1100.655626][T21303] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1100.661656][T21303] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1101.904599][T20416] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1101.927403][T21327] snd_aloop snd_aloop.0: Parsing timer source 'òÿÿÿòÿÿÿòÿÿÿòÿ' failed with -22
[ 1102.613606][T20416] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1102.696306][T20416] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1102.702346][T20416] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1105.579212][T21370] netlink: 194 bytes leftover after parsing attributes in process `syz.3.3038'.
[ 1105.737313][T21374] netlink: 'syz.0.3040': attribute type 10 has an invalid length.
[ 1105.783314][T21374] netlink: 230 bytes leftover after parsing attributes in process `syz.0.3040'.
[ 1106.362080][T21392] FAULT_INJECTION: forcing a failure.
[ 1106.362080][T21392] name failslab, interval 1, probability 0, space 0, times 0
[ 1106.398414][T21394] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input155
[ 1106.412797][T21386] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3042'.
[ 1106.441983][T21392] CPU: 0 UID: 0 PID: 21392 Comm: syz.0.3045 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1106.442011][T21392] Tainted: [U]=USER
[ 1106.442017][T21392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1106.442026][T21392] Call Trace:
[ 1106.442032][T21392]  <TASK>
[ 1106.442038][T21392]  dump_stack_lvl+0x16c/0x1f0
[ 1106.442074][T21392]  should_fail_ex+0x512/0x640
[ 1106.442095][T21392]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1106.442118][T21392]  should_failslab+0xc2/0x120
[ 1106.442132][T21392]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1106.442151][T21392]  ? pkcs7_parse_message+0x100/0x720
[ 1106.442175][T21392]  pkcs7_parse_message+0x100/0x720
[ 1106.442197][T21392]  verify_pkcs7_signature+0x30/0xa0
[ 1106.442215][T21392]  valid_regdb+0x215/0x590
[ 1106.442230][T21392]  ? __pfx___mutex_lock+0x10/0x10
[ 1106.442252][T21392]  ? __pfx_valid_regdb+0x10/0x10
[ 1106.442271][T21392]  reg_reload_regdb+0x11e/0x460
[ 1106.442288][T21392]  ? __pfx_reg_reload_regdb+0x10/0x10
[ 1106.442306][T21392]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 1106.442326][T21392]  ? nl80211_pre_doit+0x1b0/0xb10
[ 1106.442349][T21392]  genl_family_rcv_msg_doit+0x206/0x2f0
[ 1106.442369][T21392]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1106.442385][T21392]  ? rcu_is_watching+0x12/0xc0
[ 1106.442407][T21392]  ? bpf_lsm_capable+0x9/0x10
[ 1106.442424][T21392]  ? security_capable+0x7e/0x260
[ 1106.442443][T21392]  genl_rcv_msg+0x55c/0x800
[ 1106.442463][T21392]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1106.442480][T21392]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 1106.442499][T21392]  ? __pfx_nl80211_reload_regdb+0x10/0x10
[ 1106.442514][T21392]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 1106.442540][T21392]  netlink_rcv_skb+0x155/0x420
[ 1106.442555][T21392]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1106.442573][T21392]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1106.442596][T21392]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1106.442638][T21392]  genl_rcv+0x28/0x40
[ 1106.442654][T21392]  netlink_unicast+0x58d/0x850
[ 1106.442678][T21392]  ? __pfx_netlink_unicast+0x10/0x10
[ 1106.442699][T21392]  netlink_sendmsg+0x8d1/0xdd0
[ 1106.442718][T21392]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1106.442741][T21392]  ____sys_sendmsg+0xa95/0xc70
[ 1106.442759][T21392]  ? copy_msghdr_from_user+0x10a/0x160
[ 1106.442780][T21392]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1106.442800][T21392]  ? try_to_wake_up+0xa2f/0x1680
[ 1106.442818][T21392]  ___sys_sendmsg+0x134/0x1d0
[ 1106.442840][T21392]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1106.442859][T21392]  ? __lock_acquire+0x622/0x1c90
[ 1106.442902][T21392]  __sys_sendmsg+0x16d/0x220
[ 1106.442925][T21392]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1106.442946][T21392]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1106.442975][T21392]  do_syscall_64+0xcd/0x490
[ 1106.442998][T21392]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1106.443017][T21392] RIP: 0033:0x7f1277b8e929
[ 1106.443030][T21392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1106.443046][T21392] RSP: 002b:00007f1278adf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1106.443060][T21392] RAX: ffffffffffffffda RBX: 00007f1277db5fa0 RCX: 00007f1277b8e929
[ 1106.443070][T21392] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000009
[ 1106.443080][T21392] RBP: 00007f1277c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1106.443090][T21392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1106.443099][T21392] R13: 0000000000000000 R14: 00007f1277db5fa0 R15: 00007fff679336d8
[ 1106.443118][T21392]  </TASK>
[ 1107.133658][T21386] openvswitch: HfR: Dropping previously announced user features
[ 1107.156906][T21279] Process accounting resumed
[ 1107.733977][T21399] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3046'.
[ 1107.775653][T21399] openvswitch: HfR: Dropping previously announced user features
[ 1108.414656][T21404] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3048'.
[ 1109.281773][T21406] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1109.289517][T21406] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1109.301704][T21406] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1109.318889][T21406] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1111.047483][T21443] snd_aloop snd_aloop.0: Parsing timer source 'òÿÿÿòÿÿÿòÿÿÿòÿ' failed with -22
[ 1111.243883][T21447] FAULT_INJECTION: forcing a failure.
[ 1111.243883][T21447] name failslab, interval 1, probability 0, space 0, times 0
[ 1111.313964][T21447] CPU: 0 UID: 0 PID: 21447 Comm: syz.0.3060 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1111.313992][T21447] Tainted: [U]=USER
[ 1111.313998][T21447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1111.314008][T21447] Call Trace:
[ 1111.314013][T21447]  <TASK>
[ 1111.314024][T21447]  dump_stack_lvl+0x16c/0x1f0
[ 1111.314051][T21447]  should_fail_ex+0x512/0x640
[ 1111.314072][T21447]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[ 1111.314099][T21447]  should_failslab+0xc2/0x120
[ 1111.314113][T21447]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[ 1111.314137][T21447]  ? kstrdup_const+0x63/0x80
[ 1111.314162][T21447]  kstrdup+0x53/0x100
[ 1111.314187][T21447]  kstrdup_const+0x63/0x80
[ 1111.314207][T21447]  __kernfs_new_node+0x9b/0x8e0
[ 1111.314230][T21447]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1111.314255][T21447]  ? find_held_lock+0x2b/0x80
[ 1111.314280][T21447]  ? kernfs_root+0xee/0x2a0
[ 1111.314304][T21447]  kernfs_new_node+0x13c/0x1e0
[ 1111.314331][T21447]  kernfs_create_link+0xcc/0x240
[ 1111.314351][T21447]  sysfs_do_create_link_sd+0x90/0x140
[ 1111.314375][T21447]  sysfs_create_link+0x61/0xc0
[ 1111.314395][T21447]  device_add+0x62c/0x1a70
[ 1111.314414][T21447]  ? __pfx_device_add+0x10/0x10
[ 1111.314437][T21447]  __add_disk+0x457/0xf00
[ 1111.314458][T21447]  ? find_held_lock+0x2b/0x80
[ 1111.314475][T21447]  add_disk_fwnode+0x3f8/0x5d0
[ 1111.314497][T21447]  zram_add+0x4c8/0x700
[ 1111.314514][T21447]  ? __pfx_zram_add+0x10/0x10
[ 1111.314543][T21447]  ? find_held_lock+0x2b/0x80
[ 1111.314562][T21447]  ? __pfx_hot_add_show+0x10/0x10
[ 1111.314577][T21447]  ? __pfx_class_attr_show+0x10/0x10
[ 1111.314591][T21447]  hot_add_show+0x21/0x80
[ 1111.314608][T21447]  class_attr_show+0x72/0xa0
[ 1111.314623][T21447]  sysfs_kf_seq_show+0x213/0x3e0
[ 1111.314644][T21447]  seq_read_iter+0x509/0x12c0
[ 1111.314672][T21447]  kernfs_fop_read_iter+0x40f/0x5a0
[ 1111.314687][T21447]  ? rw_verify_area+0xcf/0x680
[ 1111.314707][T21447]  vfs_read+0x8bc/0xc60
[ 1111.314730][T21447]  ? __pfx___mutex_lock+0x10/0x10
[ 1111.314752][T21447]  ? __pfx_vfs_read+0x10/0x10
[ 1111.314785][T21447]  ksys_read+0x12a/0x250
[ 1111.314804][T21447]  ? __pfx_ksys_read+0x10/0x10
[ 1111.314830][T21447]  do_syscall_64+0xcd/0x490
[ 1111.314853][T21447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1111.314867][T21447] RIP: 0033:0x7f1277b8e929
[ 1111.314880][T21447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1111.314895][T21447] RSP: 002b:00007f1278adf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1111.314910][T21447] RAX: ffffffffffffffda RBX: 00007f1277db5fa0 RCX: 00007f1277b8e929
[ 1111.314919][T21447] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000009
[ 1111.314929][T21447] RBP: 00007f1277c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1111.314937][T21447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1111.314946][T21447] R13: 0000000000000000 R14: 00007f1277db5fa0 R15: 00007fff679336d8
[ 1111.314966][T21447]  </TASK>
[ 1111.946824][T17593] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1111.952904][T17593] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1111.960517][T17593] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1111.966601][T17593] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1112.087469][T21431] Process accounting resumed
[ 1113.004787][T21477] FAULT_INJECTION: forcing a failure.
[ 1113.004787][T21477] name failslab, interval 1, probability 0, space 0, times 0
[ 1113.096501][T21477] CPU: 0 UID: 0 PID: 21477 Comm: syz.0.3070 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1113.096530][T21477] Tainted: [U]=USER
[ 1113.096535][T21477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1113.096545][T21477] Call Trace:
[ 1113.096551][T21477]  <TASK>
[ 1113.096558][T21477]  dump_stack_lvl+0x16c/0x1f0
[ 1113.096585][T21477]  should_fail_ex+0x512/0x640
[ 1113.096606][T21477]  ? __kmalloc_noprof+0xbf/0x510
[ 1113.096629][T21477]  ? nfc_llcp_build_tlv+0xfd/0x230
[ 1113.096650][T21477]  should_failslab+0xc2/0x120
[ 1113.096664][T21477]  __kmalloc_noprof+0xd2/0x510
[ 1113.096689][T21477]  nfc_llcp_build_tlv+0xfd/0x230
[ 1113.096712][T21477]  nfc_llcp_build_gb.isra.0+0x193/0x400
[ 1113.096734][T21477]  ? __pfx_nfc_llcp_build_gb.isra.0+0x10/0x10
[ 1113.096758][T21477]  ? se_io_cb+0x230/0x390
[ 1113.096774][T21477]  ? lockdep_init_map_type+0x5c/0x280
[ 1113.096797][T21477]  nfc_llcp_register_device+0x600/0xa60
[ 1113.096820][T21477]  nfc_register_device+0x6d/0x3c0
[ 1113.096844][T21477]  nci_register_device+0x7f1/0xb80
[ 1113.096864][T21477]  ? __pfx_nci_register_device+0x10/0x10
[ 1113.096886][T21477]  ? lockdep_init_map_type+0x5c/0x280
[ 1113.096909][T21477]  virtual_ncidev_open+0x141/0x220
[ 1113.096929][T21477]  ? __pfx_virtual_ncidev_open+0x10/0x10
[ 1113.096946][T21477]  misc_open+0x35d/0x420
[ 1113.096965][T21477]  ? __pfx_misc_open+0x10/0x10
[ 1113.096982][T21477]  chrdev_open+0x234/0x6a0
[ 1113.097004][T21477]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1113.097023][T21477]  ? __pfx_chrdev_open+0x10/0x10
[ 1113.097051][T21477]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1113.097075][T21477]  do_dentry_open+0x741/0x1c10
[ 1113.097098][T21477]  ? __pfx_chrdev_open+0x10/0x10
[ 1113.097124][T21477]  vfs_open+0x82/0x3f0
[ 1113.097144][T21477]  path_openat+0x1de4/0x2cb0
[ 1113.097171][T21477]  ? __pfx_path_openat+0x10/0x10
[ 1113.097199][T21477]  ? __lock_acquire+0xb8a/0x1c90
[ 1113.097222][T21477]  do_filp_open+0x20b/0x470
[ 1113.097243][T21477]  ? __pfx_do_filp_open+0x10/0x10
[ 1113.097279][T21477]  ? alloc_fd+0x471/0x7d0
[ 1113.097303][T21477]  do_sys_openat2+0x11b/0x1d0
[ 1113.097319][T21477]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1113.097343][T21477]  __x64_sys_openat+0x174/0x210
[ 1113.097359][T21477]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1113.097383][T21477]  do_syscall_64+0xcd/0x490
[ 1113.097407][T21477]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1113.097422][T21477] RIP: 0033:0x7f1277b8e929
[ 1113.097435][T21477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1113.097449][T21477] RSP: 002b:00007f1278adf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1113.097464][T21477] RAX: ffffffffffffffda RBX: 00007f1277db5fa0 RCX: 00007f1277b8e929
[ 1113.097474][T21477] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c
[ 1113.097484][T21477] RBP: 00007f1277c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1113.097493][T21477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1113.097501][T21477] R13: 0000000000000000 R14: 00007f1277db5fa0 R15: 00007fff679336d8
[ 1113.097520][T21477]  </TASK>
[ 1114.443185][   T30] audit: type=1804 audit(4294968973.564:22): pid=21488 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.3072" name="/newroot/754/file0" dev="tmpfs" ino=3948 res=1 errno=0
[ 1114.513159][   T30] audit: type=1800 audit(4294968973.574:23): pid=21488 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3072" name="file0" dev="tmpfs" ino=3948 res=0 errno=0
[ 1115.309325][T21496] FAULT_INJECTION: forcing a failure.
[ 1115.309325][T21496] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1115.309354][T21496] CPU: 0 UID: 0 PID: 21496 Comm: syz.0.3074 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1115.309377][T21496] Tainted: [U]=USER
[ 1115.309382][T21496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1115.309391][T21496] Call Trace:
[ 1115.309396][T21496]  <TASK>
[ 1115.309402][T21496]  dump_stack_lvl+0x16c/0x1f0
[ 1115.309428][T21496]  should_fail_ex+0x512/0x640
[ 1115.309452][T21496]  should_fail_alloc_page+0xe7/0x130
[ 1115.309469][T21496]  prepare_alloc_pages+0x3c2/0x610
[ 1115.309487][T21496]  ? rcu_is_watching+0x12/0xc0
[ 1115.309505][T21496]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1115.309529][T21496]  ? rcu_is_watching+0x12/0xc0
[ 1115.309544][T21496]  ? trace_mm_page_alloc+0x11f/0x1a0
[ 1115.309561][T21496]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[ 1115.309583][T21496]  ? __pfx_stack_trace_save+0x10/0x10
[ 1115.309600][T21496]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1115.309628][T21496]  ? alloc_vmap_area+0x645/0x29c0
[ 1115.309643][T21496]  ? __vmalloc_node_range_noprof+0x271/0x14b0
[ 1115.309661][T21496]  ? __do_sys_listmount+0x1c2/0xec0
[ 1115.309678][T21496]  ? do_syscall_64+0xcd/0x490
[ 1115.309698][T21496]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1115.309721][T21496]  alloc_pages_bulk_noprof+0x71c/0x1410
[ 1115.309742][T21496]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1115.309765][T21496]  ? policy_nodemask+0xea/0x4e0
[ 1115.309781][T21496]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[ 1115.309803][T21496]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1115.309825][T21496]  kasan_populate_vmalloc+0xf1/0x1f0
[ 1115.309849][T21496]  alloc_vmap_area+0x959/0x29c0
[ 1115.309872][T21496]  ? __pfx_alloc_vmap_area+0x10/0x10
[ 1115.309892][T21496]  __get_vm_area_node+0x1ca/0x330
[ 1115.309912][T21496]  __vmalloc_node_range_noprof+0x271/0x14b0
[ 1115.309931][T21496]  ? __do_sys_listmount+0x1c2/0xec0
[ 1115.309952][T21496]  ? __lock_acquire+0xb8a/0x1c90
[ 1115.309972][T21496]  ? __do_sys_listmount+0x1c2/0xec0
[ 1115.310005][T21496]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1115.310025][T21496]  ? __alloc_pages_noprof+0xb/0x1b0
[ 1115.310045][T21496]  ? ___kmalloc_large_node+0x84/0x1e0
[ 1115.310062][T21496]  ? find_held_lock+0x2b/0x80
[ 1115.310081][T21496]  __kvmalloc_node_noprof+0x30a/0x620
[ 1115.310101][T21496]  ? __do_sys_listmount+0x1c2/0xec0
[ 1115.310120][T21496]  ? __do_sys_listmount+0x1c2/0xec0
[ 1115.310141][T21496]  ? __do_sys_listmount+0x1c2/0xec0
[ 1115.310157][T21496]  __do_sys_listmount+0x1c2/0xec0
[ 1115.310178][T21496]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1115.310195][T21496]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1115.310212][T21496]  ? __pfx___do_sys_listmount+0x10/0x10
[ 1115.310238][T21496]  do_syscall_64+0xcd/0x490
[ 1115.310261][T21496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1115.310276][T21496] RIP: 0033:0x7f1277b8e929
[ 1115.310288][T21496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1115.310302][T21496] RSP: 002b:00007f1278adf038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[ 1115.310316][T21496] RAX: ffffffffffffffda RBX: 00007f1277db5fa0 RCX: 00007f1277b8e929
[ 1115.310326][T21496] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[ 1115.310335][T21496] RBP: 00007f1277c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1115.310344][T21496] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 1115.310353][T21496] R13: 0000000000000000 R14: 00007f1277db5fa0 R15: 00007fff679336d8
[ 1115.310371][T21496]  </TASK>
[ 1115.311069][T21496] syz.0.3074: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1115.311136][T21496] CPU: 0 UID: 0 PID: 21496 Comm: syz.0.3074 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1115.311159][T21496] Tainted: [U]=USER
[ 1115.311165][T21496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1115.311173][T21496] Call Trace:
[ 1115.311178][T21496]  <TASK>
[ 1115.311184][T21496]  dump_stack_lvl+0x16c/0x1f0
[ 1115.311207][T21496]  warn_alloc+0x248/0x3a0
[ 1115.311228][T21496]  ? __pfx_warn_alloc+0x10/0x10
[ 1115.311250][T21496]  ? kfree+0x2b4/0x4d0
[ 1115.311271][T21496]  ? __get_vm_area_node+0x208/0x330
[ 1115.311292][T21496]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[ 1115.311314][T21496]  ? __lock_acquire+0xb8a/0x1c90
[ 1115.311333][T21496]  ? __do_sys_listmount+0x1c2/0xec0
[ 1115.311355][T21496]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1115.311374][T21496]  ? __alloc_pages_noprof+0xb/0x1b0
[ 1115.311394][T21496]  ? ___kmalloc_large_node+0x84/0x1e0
[ 1115.311409][T21496]  ? find_held_lock+0x2b/0x80
[ 1115.311427][T21496]  __kvmalloc_node_noprof+0x30a/0x620
[ 1115.311447][T21496]  ? __do_sys_listmount+0x1c2/0xec0
[ 1115.311465][T21496]  ? __do_sys_listmount+0x1c2/0xec0
[ 1115.311486][T21496]  ? __do_sys_listmount+0x1c2/0xec0
[ 1115.311502][T21496]  __do_sys_listmount+0x1c2/0xec0
[ 1115.311523][T21496]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1115.311539][T21496]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1115.311557][T21496]  ? __pfx___do_sys_listmount+0x10/0x10
[ 1115.311583][T21496]  do_syscall_64+0xcd/0x490
[ 1115.311605][T21496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1115.311619][T21496] RIP: 0033:0x7f1277b8e929
[ 1115.311631][T21496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1115.311644][T21496] RSP: 002b:00007f1278adf038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[ 1115.311657][T21496] RAX: ffffffffffffffda RBX: 00007f1277db5fa0 RCX: 00007f1277b8e929
[ 1115.311667][T21496] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[ 1115.311675][T21496] RBP: 00007f1277c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1115.311684][T21496] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 1115.311692][T21496] R13: 0000000000000000 R14: 00007f1277db5fa0 R15: 00007fff679336d8
[ 1115.311710][T21496]  </TASK>
[ 1115.311716][T21496] Mem-Info:
[ 1115.311723][T21496] active_anon:11192 inactive_anon:12706 isolated_anon:0
[ 1115.311723][T21496]  active_file:20143 inactive_file:2061 isolated_file:0
[ 1115.311723][T21496]  unevictable:4070 dirty:542 writeback:0
[ 1115.311723][T21496]  slab_reclaimable:15164 slab_unreclaimable:105910
[ 1115.311723][T21496]  mapped:31498 shmem:8209 pagetables:1448
[ 1115.311723][T21496]  sec_pagetables:0 bounce:0
[ 1115.311723][T21496]  kernel_misc_reclaimable:0
[ 1115.311723][T21496]  free:1306485 free_pcp:27763 free_cma:0
[ 1115.311760][T21496] Node 0 active_anon:44768kB inactive_anon:50824kB active_file:80568kB inactive_file:8112kB unevictable:10648kB isolated(anon):0kB isolated(file):0kB mapped:125992kB dirty:2164kB writeback:0kB shmem:26180kB shmem_thp:2048kB shmem_pmdmapped:0kB anon_thp:2048kB writeback_tmp:0kB kernel_stack:11376kB pagetables:5632kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1115.311799][T21496] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:132kB unevictable:5632kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:6656kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB writeback_tmp:0kB kernel_stack:48kB pagetables:160kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1115.311834][T21496] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1115.311873][T21496] lowmem_reserve[]: 0 2480 2482 2482 2482
[ 1115.311902][T21496] Node 0 DMA32 free:1333812kB boost:0kB min:34328kB low:42908kB high:51488kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44724kB inactive_anon:50768kB active_file:79332kB inactive_file:8056kB unevictable:10648kB writepending:2164kB present:3129332kB managed:2540348kB mlocked:9112kB bounce:0kB free_pcp:74888kB local_pcp:74888kB free_cma:0kB
[ 1115.311943][T21496] lowmem_reserve[]: 0 0 1 1 1
[ 1115.311970][T21496] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:16kB active_file:1236kB inactive_file:56kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB
[ 1115.312022][T21496] lowmem_reserve[]: 0 0 0 0 0
[ 1115.312049][T21496] Node 1 Normal free:3876748kB boost:0kB min:55556kB low:69444kB high:83332kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:132kB unevictable:5632kB writepending:4kB present:4194300kB managed:4111164kB mlocked:4096kB bounce:0kB free_pcp:36152kB local_pcp:36152kB free_cma:0kB
[ 1115.312091][T21496] lowmem_reserve[]: 0 0 0 0 0
[ 1115.312118][T21496] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1115.312207][T21496] Node 0 DMA32: 5039*4kB (UME) 3744*8kB (UME) 2572*16kB (UME) 1173*32kB (UME) 780*64kB (UME) 300*128kB (UM) 236*256kB (UM) 261*512kB (UME) 113*1024kB (UME) 12*2048kB (UM) 191*4096kB (UM) = 1333788kB
[ 1115.312330][T21496] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB
[ 1115.312408][T21496] Node 1 Normal: 147*4kB (UME) 64*8kB (UME) 16*16kB (UM) 220*32kB (UME) 111*64kB (UME) 40*128kB (UME) 13*256kB (UE) 7*512kB (UME) 1*1024kB (E) 1*2048kB (E) 939*4096kB (UM) = 3876748kB
[ 1115.312530][T21496] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1115.312542][T21496] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[ 1115.312554][T21496] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1115.312565][T21496] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[ 1115.312577][T21496] 31118 total pagecache pages
[ 1115.312583][T21496] 31 pages in swap cache
[ 1115.312589][T21496] Free swap  = 124856kB
[ 1115.312595][T21496] Total swap = 124996kB
[ 1115.312601][T21496] 2097051 pages RAM
[ 1115.312606][T21496] 0 pages HighMem/MovableOnly
[ 1115.312612][T21496] 429986 pages reserved
[ 1115.312617][T21496] 0 pages cma reserved
[ 1115.725772][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1115.725839][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1115.881850][T21500] snd_aloop snd_aloop.0: Parsing timer source 'òÿÿÿòÿÿÿòÿÿÿòÿ' failed with -22
[ 1119.640704][T21511] tty tty12: ldisc open failed (-12), clearing slot 11
[ 1121.851475][T21560] snd_aloop snd_aloop.0: Parsing timer source 'òÿÿÿòÿÿÿòÿÿÿòÿ' failed with -22
[ 1124.725239][T21615] syz.2.3100 (21615): attempted to duplicate a private mapping with mremap.  This is not supported.
[ 1126.213404][T21637] 
[ 1126.215758][T21637] ======================================================
[ 1126.222758][T21637] WARNING: possible circular locking dependency detected
[ 1126.229762][T21637] 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 Tainted: G     U             
[ 1126.238444][T21637] ------------------------------------------------------
[ 1126.245444][T21637] syz.0.3107/21637 is trying to acquire lock:
[ 1126.251493][T21637] ffff888026811970 (&q->elevator_lock){+.+.}-{4:4}, at: queue_requests_store+0x1c7/0x310
[ 1126.261321][T21637] 
[ 1126.261321][T21637] but task is already holding lock:
[ 1126.268667][T21637] ffff888026811438 (&q->q_usage_counter(io)#59){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[ 1126.279879][T21637] 
[ 1126.279879][T21637] which lock already depends on the new lock.
[ 1126.279879][T21637] 
[ 1126.290264][T21637] 
[ 1126.290264][T21637] the existing dependency chain (in reverse order) is:
[ 1126.299258][T21637] 
[ 1126.299258][T21637] -> #3 (&q->q_usage_counter(io)#59){++++}-{0:0}:
[ 1126.307849][T21637]        blk_alloc_queue+0x619/0x760
[ 1126.313123][T21637]        blk_mq_alloc_queue+0x175/0x290
[ 1126.318671][T21637]        __blk_mq_alloc_disk+0x29/0x120
[ 1126.324221][T21637]        nbd_dev_add+0x4a0/0xbc0
[ 1126.329157][T21637]        nbd_init+0x181/0x320
[ 1126.333842][T21637]        do_one_initcall+0x120/0x6e0
[ 1126.339117][T21637]        kernel_init_freeable+0x5c2/0x900
[ 1126.344833][T21637]        kernel_init+0x1c/0x2b0
[ 1126.349672][T21637]        ret_from_fork+0x5d7/0x6f0
[ 1126.354776][T21637]        ret_from_fork_asm+0x1a/0x30
[ 1126.360047][T21637] 
[ 1126.360047][T21637] -> #2 (fs_reclaim){+.+.}-{0:0}:
[ 1126.367248][T21637]        fs_reclaim_acquire+0x102/0x150
[ 1126.372782][T21637]        prepare_alloc_pages+0x162/0x610
[ 1126.378400][T21637]        __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1126.384804][T21637]        __alloc_pages_noprof+0xb/0x1b0
[ 1126.390344][T21637]        pcpu_populate_chunk+0x110/0xb00
[ 1126.395963][T21637]        pcpu_alloc_noprof+0x86a/0x1470
[ 1126.401498][T21637]        xt_percpu_counter_alloc+0x13e/0x1b0
[ 1126.407468][T21637]        find_check_entry.constprop.0+0xbc/0x9b0
[ 1126.413783][T21637]        translate_table+0xc98/0x1720
[ 1126.419142][T21637]        ipt_register_table+0x102/0x430
[ 1126.424685][T21637]        iptable_nat_table_init+0x4b/0x250
[ 1126.430477][T21637]        xt_find_table_lock+0x2e1/0x520
[ 1126.436008][T21637]        xt_request_find_table_lock+0x28/0xf0
[ 1126.442061][T21637]        get_info+0x190/0x610
[ 1126.446723][T21637]        do_ipt_get_ctl+0x169/0xa10
[ 1126.451906][T21637]        nf_getsockopt+0x7c/0xe0
[ 1126.456828][T21637]        ip_getsockopt+0x18c/0x1e0
[ 1126.461950][T21637]        tcp_getsockopt+0x9e/0x100
[ 1126.467057][T21637]        do_sock_getsockopt+0x3fc/0x800
[ 1126.472590][T21637]        __sys_getsockopt+0x123/0x1b0
[ 1126.477951][T21637]        __x64_sys_getsockopt+0xbd/0x160
[ 1126.483572][T21637]        do_syscall_64+0xcd/0x490
[ 1126.488588][T21637]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1126.494988][T21637] 
[ 1126.494988][T21637] -> #1 (pcpu_alloc_mutex){+.+.}-{4:4}:
[ 1126.502703][T21637]        __mutex_lock+0x199/0xb90
[ 1126.507719][T21637]        pcpu_alloc_noprof+0xb4c/0x1470
[ 1126.513252][T21637]        sbitmap_init_node+0x2fd/0x770
[ 1126.518693][T21637]        sbitmap_queue_init_node+0x41/0x560
[ 1126.524570][T21637]        blk_mq_init_tags+0x12d/0x2b0
[ 1126.529935][T21637]        blk_mq_alloc_map_and_rqs+0x237/0xf60
[ 1126.535990][T21637]        blk_mq_init_sched+0x30c/0x610
[ 1126.541433][T21637]        elevator_switch+0x1e1/0x7f0
[ 1126.546704][T21637]        elevator_change+0x2ac/0x400
[ 1126.551975][T21637]        elevator_set_default+0x292/0x320
[ 1126.557680][T21637]        blk_register_queue+0x393/0x4f0
[ 1126.563260][T21637]        __add_disk+0x74a/0xf00
[ 1126.568114][T21637]        add_disk_fwnode+0x13f/0x5d0
[ 1126.573401][T21637]        nbd_dev_add+0x791/0xbc0
[ 1126.578349][T21637]        nbd_init+0x181/0x320
[ 1126.583030][T21637]        do_one_initcall+0x120/0x6e0
[ 1126.588311][T21637]        kernel_init_freeable+0x5c2/0x900
[ 1126.594024][T21637]        kernel_init+0x1c/0x2b0
[ 1126.598863][T21637]        ret_from_fork+0x5d7/0x6f0
[ 1126.603967][T21637]        ret_from_fork_asm+0x1a/0x30
[ 1126.609243][T21637] 
[ 1126.609243][T21637] -> #0 (&q->elevator_lock){+.+.}-{4:4}:
[ 1126.617052][T21637]        __lock_acquire+0x126f/0x1c90
[ 1126.622414][T21637]        lock_acquire+0x179/0x350
[ 1126.627427][T21637]        __mutex_lock+0x199/0xb90
[ 1126.632443][T21637]        queue_requests_store+0x1c7/0x310
[ 1126.638152][T21637]        queue_attr_store+0x276/0x320
[ 1126.643518][T21637]        sysfs_kf_write+0xef/0x150
[ 1126.648616][T21637]        kernfs_fop_write_iter+0x354/0x510
[ 1126.654404][T21637]        iter_file_splice_write+0x91f/0x1150
[ 1126.660374][T21637]        direct_splice_actor+0x192/0x6c0
[ 1126.665990][T21637]        splice_direct_to_actor+0x342/0xa30
[ 1126.671867][T21637]        do_splice_direct+0x174/0x240
[ 1126.677225][T21637]        do_sendfile+0xb06/0xe50
[ 1126.682150][T21637]        __x64_sys_sendfile64+0x1d8/0x220
[ 1126.687856][T21637]        do_syscall_64+0xcd/0x490
[ 1126.692958][T21637]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1126.699356][T21637] 
[ 1126.699356][T21637] other info that might help us debug this:
[ 1126.699356][T21637] 
[ 1126.709563][T21637] Chain exists of:
[ 1126.709563][T21637]   &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#59
[ 1126.709563][T21637] 
[ 1126.723284][T21637]  Possible unsafe locking scenario:
[ 1126.723284][T21637] 
[ 1126.730710][T21637]        CPU0                    CPU1
[ 1126.736054][T21637]        ----                    ----
[ 1126.741398][T21637]   lock(&q->q_usage_counter(io)#59);
[ 1126.746759][T21637]                                lock(fs_reclaim);
[ 1126.753240][T21637]                                lock(&q->q_usage_counter(io)#59);
[ 1126.761130][T21637]   lock(&q->elevator_lock);
[ 1126.765707][T21637] 
[ 1126.765707][T21637]  *** DEADLOCK ***
[ 1126.765707][T21637] 
[ 1126.773830][T21637] 5 locks held by syz.0.3107/21637:
[ 1126.779009][T21637]  #0: ffff888024e24428 (sb_writers#7){.+.+}-{0:0}, at: splice_direct_to_actor+0x342/0xa30
[ 1126.789009][T21637]  #1: ffff8880362c4888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1126.798741][T21637]  #2: ffff88802690f4b8 (kn->active#299){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1126.808820][T21637]  #3: ffff888026811438 (&q->q_usage_counter(io)#59){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[ 1126.820487][T21637]  #4: ffff888026811470 (&q->q_usage_counter(queue)#11){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[ 1126.832397][T21637] 
[ 1126.832397][T21637] stack backtrace:
[ 1126.838271][T21637] CPU: 0 UID: 0 PID: 21637 Comm: syz.0.3107 Tainted: G     U              6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[ 1126.838294][T21637] Tainted: [U]=USER
[ 1126.838299][T21637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1126.838308][T21637] Call Trace:
[ 1126.838316][T21637]  <TASK>
[ 1126.838322][T21637]  dump_stack_lvl+0x116/0x1f0
[ 1126.838346][T21637]  print_circular_bug+0x275/0x350
[ 1126.838366][T21637]  check_noncircular+0x14c/0x170
[ 1126.838388][T21637]  __lock_acquire+0x126f/0x1c90
[ 1126.838409][T21637]  ? __lock_acquire+0xb8a/0x1c90
[ 1126.838429][T21637]  lock_acquire+0x179/0x350
[ 1126.838448][T21637]  ? queue_requests_store+0x1c7/0x310
[ 1126.838473][T21637]  ? __pfx___might_resched+0x10/0x10
[ 1126.838489][T21637]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1126.838513][T21637]  __mutex_lock+0x199/0xb90
[ 1126.838535][T21637]  ? queue_requests_store+0x1c7/0x310
[ 1126.838558][T21637]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1126.838578][T21637]  ? queue_requests_store+0x1c7/0x310
[ 1126.838600][T21637]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1126.838621][T21637]  ? __pfx___mutex_lock+0x10/0x10
[ 1126.838644][T21637]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1126.838665][T21637]  ? queue_requests_store+0x1c7/0x310
[ 1126.838688][T21637]  queue_requests_store+0x1c7/0x310
[ 1126.838711][T21637]  ? __pfx_queue_requests_store+0x10/0x10
[ 1126.838736][T21637]  ? __mutex_trylock_common+0xe9/0x250
[ 1126.838757][T21637]  ? __pfx_queue_requests_store+0x10/0x10
[ 1126.838780][T21637]  queue_attr_store+0x276/0x320
[ 1126.838802][T21637]  ? __pfx_queue_attr_store+0x10/0x10
[ 1126.838823][T21637]  ? __lock_acquire+0x622/0x1c90
[ 1126.838846][T21637]  ? find_held_lock+0x2b/0x80
[ 1126.838861][T21637]  ? sysfs_file_kobj+0xe4/0x290
[ 1126.838879][T21637]  ? __pfx_queue_attr_store+0x10/0x10
[ 1126.838901][T21637]  sysfs_kf_write+0xef/0x150
[ 1126.838918][T21637]  kernfs_fop_write_iter+0x354/0x510
[ 1126.838933][T21637]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1126.838951][T21637]  iter_file_splice_write+0x91f/0x1150
[ 1126.838975][T21637]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1126.838996][T21637]  ? __pfx_copy_splice_read+0x10/0x10
[ 1126.839018][T21637]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1126.839038][T21637]  direct_splice_actor+0x192/0x6c0
[ 1126.839058][T21637]  splice_direct_to_actor+0x342/0xa30
[ 1126.839077][T21637]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1126.839097][T21637]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1126.839118][T21637]  do_splice_direct+0x174/0x240
[ 1126.839137][T21637]  ? __pfx_do_splice_direct+0x10/0x10
[ 1126.839160][T21637]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1126.839180][T21637]  ? rw_verify_area+0xcf/0x680
[ 1126.839198][T21637]  do_sendfile+0xb06/0xe50
[ 1126.839219][T21637]  ? __pfx_do_sendfile+0x10/0x10
[ 1126.839238][T21637]  ? handle_mm_fault+0x2ab/0xd10
[ 1126.839258][T21637]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1126.839276][T21637]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1126.839294][T21637]  __x64_sys_sendfile64+0x1d8/0x220
[ 1126.839309][T21637]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1126.839325][T21637]  do_syscall_64+0xcd/0x490
[ 1126.839347][T21637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1126.839363][T21637] RIP: 0033:0x7f1277b8e929
[ 1126.839376][T21637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1126.839391][T21637] RSP: 002b:00007f1278adf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1126.839405][T21637] RAX: ffffffffffffffda RBX: 00007f1277db5fa0 RCX: 00007f1277b8e929
[ 1126.839415][T21637] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[ 1126.839424][T21637] RBP: 00007f1277c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1126.839433][T21637] R10: 0000000000000200 R11: 0000000000000246 R12: 0000000000000000
[ 1126.839443][T21637] R13: 0000000000000000 R14: 00007f1277db5fa0 R15: 00007fff679336d8
[ 1126.839456][T21637]  </TASK>