last executing test programs:

2m7.558964695s ago: executing program 2 (id=1257):
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff)
mmap$auto(0x2, 0xaa06, 0xdf, 0xeb1, 0xffffffffffffffff, 0x2)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r0, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
ioctl$auto_BLKTRACESETUP32(r0, 0xc0401273, &(0x7f0000000440)={"e863192c8ee2c138c20ae365128c2bc22cf83f1a7155aed629c4952dc7dff02a", 0x80, 0x7, 0x5, 0x8, 0x7, 0xffffffffffffffff})
shmctl$auto_SHM_STAT_ANY(0x80, 0xf, &(0x7f0000000600)={{0x100000, 0xee00, 0xee01, 0x48db, 0x6, 0x8d30, 0x9}, 0x7, 0xffffffffffffffff, 0x2, 0x4d6e, @inferred, @raw=0x10001, 0x7, 0x0, &(0x7f00000004c0), 0x0})
close_range$auto(0x2, 0x8, 0x0)
r1 = ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xffffffffffdffe00, &(0x7f0000000140)=';')
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), r1)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
prctl$auto(0x1000000003b, 0x4, 0x0, 0x9, 0x7)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
setresuid$auto(0x2, 0x7, 0x8080)
ioprio_get$auto(0x3, 0x2)

2m6.46238784s ago: executing program 2 (id=1260):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/softrepeat\x00', 0xc2481, 0x0)
openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, 0x0, 0x40081, 0x0)
r0 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bluetooth/hci4\x00', 0x20001, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.4/usb5/5-0:1.0/usb5-port1/power/pm_qos_no_power_off\x00', 0x20a42, 0x0)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0)
read$auto(r2, 0x0, 0x1ff)
write$auto(0x3, 0x0, 0xfdef)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f0000002300)={0x0, 0x0, &(0x7f00000022c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB], 0x14}}, 0x10040)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket(0x11, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r3, 0x8955, 0x0)
syz_genetlink_get_family_id$auto_nfsd(0x0, r1)
syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), r3)
shmctl$auto_IPC_INFO(0x6, 0x3, &(0x7f0000000440)={{0x0, 0xffffffffffffffff, <r4=>0xee00, 0x9, 0xc1e, 0x0, 0x7}, 0x7fff, 0xe9, 0x5, 0x100, @inferred=0xffffffffffffffff, @inferred, 0x0, 0x0, &(0x7f0000000240)="140ecc14221384adf3da1575e6f23f863c15d5b50c853fb2fcafad52aa938224086741359696e56e3d333a58808b2669e210d0b030a1f266e6be5685cf52e8b6997c35fc5604d8aeabdb3d74e4d3c0c70c780399eb6588d3356a69d7cfffe6bac6927ce0ea22f0ec0b5cb18de50e6518ae20afd6765fea1b41e9b286bc", &(0x7f0000000340)="f4a331fad52ae43ebc3440ce9d2d9e058714df2d86e3b81944195601692f2018cea2253265e4d1923f472041e568861fffbb64e4b58b875ae19017b6acbd5ad5a3210f2d2590b4c79f7aad6a382c5860e2c744cc1ee46cd16cb3e8870659f609b781e74ee1fac93bfdfec606bfcca6bc84d80f6641970b78ed344ed1233c6e84cd36b1e6efae9259a0b86029ad77d4f0d4074003e26a7bcc1a01faefeb56c74da48891cfb4b46750b2e1f8b279ebd27131ff9c7c7d1f835f2dd82c5cc202fff358a3529010619a53f732922ab38e59920f646e2fcd723fbec7e2d96e56ac4cd4ffb2b482394aa1c8"})
ioctl$auto_XFS_IOC_FREE_EOFBLOCKS(r0, 0x8080583a, &(0x7f00000004c0)={0x205, 0x9b59, 0x0, r4, 0x7f, 0x0, 0x4})
r5 = socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
getcwd$auto(0x0, 0xffffffffffffffff)
setsockopt$auto(0x3, 0x10000000084, 0x3, 0x0, 0x4)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r5, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)

2m5.834927599s ago: executing program 2 (id=1262):
openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x81, 0x1, 0x44f, 0x807, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x8, 0x9, 0x80003, 0x4, 0x200000000001, 0x384, 0x9, 0x8, 0x10006, 0x400007f, 0x7, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xd]}, 0x1fa, 0xd)
write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000040)="de91b83a075c", 0x6)
setitimer$auto(0x2, &(0x7f0000000080)={{0x2, 0x5}, {0x0, 0x8}}, 0x0)
setitimer$auto(0x2, &(0x7f0000000000)={{0x8000, 0x6}, {0xa4b, 0x6}}, 0x0)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000000c0), 0x2802, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x28102, 0x0)
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000)
fcntl$auto(0xffffffffffffffff, 0x409, 0x40003f)
io_uring_setup$auto(0x8000, 0x0)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x4a})
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000280)={{0x0, 0x5aa, 0x0, 0x2e, 0x0, 0x7, 0x1083}, 0x5}, 0x2, 0x100)
unshare$auto(0x40000080)
r0 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/media5\x00', 0x202, 0x0)
getsockopt$auto_SO_ERROR(r0, 0x7ff, 0x4, &(0x7f0000000140)=':>()\x00', &(0x7f0000000180)=0xa7d)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008)
acct$auto(0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r0, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x20)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask\x00', 0x2, 0x0)
write$auto(r3, &(0x7f0000000180)='1\x00\\\xa0\x04|\x9d$\xdcM)\xb9\xdd\xd6', 0x5)

2m5.234137742s ago: executing program 2 (id=1265):
syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x523b21c2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0)
sendfile$auto(r0, r0, 0x0, 0x441)
socket(0xa, 0x3, 0x3b)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0)
getpid()
clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socketpair$auto(0x1c, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)

2m3.663472825s ago: executing program 2 (id=1269):
mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0)
read$auto(0x3, 0x0, 0x18)
r0 = socket(0x15, 0x5, 0x0)
setsockopt$auto_SO_BUSY_POLL_BUDGET(r0, 0x1, 0x46, 0x0, 0x94)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)

2m3.546672768s ago: executing program 2 (id=1271):
writev$auto(0xffffffffffffffff, 0x0, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x11, 0x2, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0x4, 0xa, 0x48})
socket(0x15, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast1}, 0x6a)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0)
unshare$auto(0x40000080)
write$auto(0x3, 0x0, 0xffd8)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x23, 0x0, 0x9)
read$auto(0x3, 0x0, 0x80)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x400, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x4c05, 0xfffffffffffffffd)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)

1m48.317632869s ago: executing program 32 (id=1271):
writev$auto(0xffffffffffffffff, 0x0, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x11, 0x2, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0x4, 0xa, 0x48})
socket(0x15, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast1}, 0x6a)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0)
unshare$auto(0x40000080)
write$auto(0x3, 0x0, 0xffd8)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x23, 0x0, 0x9)
read$auto(0x3, 0x0, 0x80)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x400, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x4c05, 0xfffffffffffffffd)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)

1m41.405511516s ago: executing program 0 (id=1328):
syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x523b21c2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0)
sendfile$auto(r0, r0, 0x0, 0x441)
socket(0xa, 0x3, 0x3b)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0)
clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socketpair$auto(0x1c, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)

1m40.278263846s ago: executing program 0 (id=1334):
syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x523b21c2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0)
sendfile$auto(r0, r0, 0x0, 0x441)
socket(0xa, 0x3, 0x3b)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0)
getpid()
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socketpair$auto(0x1c, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)

1m38.987540514s ago: executing program 0 (id=1338):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/asound/card0/pcm0c/sub4/xrun_injection\x00', 0x400, 0x0)
ioctl$auto(0xffffffffffffffff, 0x80004d00, r2)
read$auto(r1, 0x0, 0x20)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r4 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
madvise$auto(0x0, 0x200007, 0x8)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0x4008ae89, 0x0)
madvise$auto(0x0, 0x2003f0, 0x15)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sendfile$auto(r4, r4, 0x0, 0x10000800000003)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
shmctl$auto_SHM_STAT_ANY(0x7, 0xf, &(0x7f0000000140)={{0x67, <r5=>0xffffffffffffffff, <r6=>0x0, 0x5, 0x5, 0xccd, 0xfffb}, 0xe, 0xfffffffffffffff9, 0xd9, 0x9, @raw=0x1, @inferred=<r7=>0x0, 0x4, 0x0, &(0x7f00000000c0)="88915931af2376e5a31021a61cfb9a52a8234052f1d1d4eb96e795de03796b5f66a6026793c7e26bd18e59fd281cb2f0c3955d18da71705eaed9c98b8dd7e6aeb15cbdb776be964bc9fdb4de44a05e4a", &(0x7f0000000400)="3aed7b0cac16d27f41b0187813a0e48d49f345746184ea320575abe35da7edb4c54a14b5382669b54b3dcb6911ae15b3947a24e9a9cfd69da18f58e904dd7cdad780629ef3b050de64a60fd8e084fbd04f9dd5b12547f4a86377308fc87618e143cbf1aa0c3859ea3409f79f93c9f5ea2de88c969d3cfb2f2ee68e4fe4c4a117f44c77d48e2abe02917f18b05542f36166693e2883dc039cb7897f62a959965b477f8e07aad8f03475a67ef7b7de2f284d4933b779578dae628a91fbc62d933e9247208c407700"})
setregid$auto(0xee00, r6)
shmctl$auto_SHM_LOCK(0x6, 0xb, &(0x7f0000000300)={{0x9, r5, 0xffffffffffffffff, 0xffffffbf, 0xfffffc01, 0x2, 0x7f}, 0x5, 0x5, 0x8000, 0x101, @inferred=r7, @inferred=0xffffffffffffffff, 0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000240)="33dd20c44dfd0534435ebeaa343f2e479d893b7c4adc1a2577c17ddb10a931616fb75cc0461bfd8c"})
r8 = socket(0x2b, 0x1, 0x1)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
ioctl$auto(r8, 0x89a0, 0x4)
r9 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x3c, r9, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x9}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x4040000)

1m36.639681826s ago: executing program 0 (id=1350):
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
epoll_create$auto(0x4)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
r0 = openat$auto_msr_fops_msr(0xffffffffffffff9c, 0x0, 0xf82, 0x0)
readv$auto(r0, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
ioctl$auto_BTRFS_IOC_FORGET_DEV(0xffffffffffffffff, 0x50009405, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
close_range$auto(0x2, 0x8, 0x0)

1m34.90819745s ago: executing program 0 (id=1344):
socket(0x2, 0x4, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
write$auto(0x3, 0x0, 0xfffffdef)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
socket(0x10, 0x2, 0x6)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
write$auto(0x3, 0x0, 0x800)

1m33.719263004s ago: executing program 0 (id=1351):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xf, 0x3, 0x2)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x2, 0x2, 0x0)
socket(0x8, 0x2, 0xfffffffd)
r2 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0)
bind$auto(r2, 0x0, 0x67)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r3 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r3, 0x2, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(0x0, r4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000640)={'wlan1\x00'})
sendmsg$auto_NL80211_CMD_DEL_PMK(r4, 0x0, 0x8000)
socket(0xa, 0x5, 0x8)
unshare$auto(0x40000080)
listmount$auto(&(0x7f0000000040)={0xffffffff, @inferred=r1, 0x0, 0x7f, 0x6}, &(0x7f00000000c0)=0xffffffff, 0x10001, 0x9d)
mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)

1m18.453451468s ago: executing program 33 (id=1351):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xf, 0x3, 0x2)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x2, 0x2, 0x0)
socket(0x8, 0x2, 0xfffffffd)
r2 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0)
bind$auto(r2, 0x0, 0x67)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r3 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r3, 0x2, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(0x0, r4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000640)={'wlan1\x00'})
sendmsg$auto_NL80211_CMD_DEL_PMK(r4, 0x0, 0x8000)
socket(0xa, 0x5, 0x8)
unshare$auto(0x40000080)
listmount$auto(&(0x7f0000000040)={0xffffffff, @inferred=r1, 0x0, 0x7f, 0x6}, &(0x7f00000000c0)=0xffffffff, 0x10001, 0x9d)
mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)

53.150585092s ago: executing program 1 (id=1468):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x29, 0x2, 0x0)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x200408a4}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x40040)
recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000480)='/proc/self/maps\x00', 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x11, 0x800, 0x2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
get_mempolicy$auto(0x0, 0x0, 0x3, 0x1ff, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r2, 0x0, 0x20)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r4, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="20002bbd7000fedbdf25680000000c00311c0004008c0008002301000400000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20040041}, 0x8000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(r5, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010023bd7000fadbdf2501000000040007800c00020005000000dd00000008000100232e0000", @ANYRESHEX=r3], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x8880)

52.052259555s ago: executing program 1 (id=1470):
syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x523b21c2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0)
sendfile$auto(r0, r0, 0x0, 0x441)
socket(0xa, 0x3, 0x3b)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0)
getpid()
clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socketpair$auto(0x1c, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)

50.984184352s ago: executing program 1 (id=1473):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0xffff)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r0 = socket(0x2b, 0x1, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
mbind$auto(0x0, 0x7fffffffffffffff, 0x4, 0x0, 0x5, 0xe)
mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r1, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/block/ram7/queue/iostats\x00', 0x8502, 0x0)
write$auto(r2, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4)
read$auto_clk_dump_fops_(0xffffffffffffffff, 0x0, 0x0)
ioctl$auto_BLKRRPART(r1, 0x125f, 0x0)
getpeername$auto(r0, &(0x7f0000000080)=@hci={0x1f, 0xffffffffffffffff}, &(0x7f00000000c0)=0x4)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/domainname\x00', 0x88042, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000300)='/dev/v4l-subdev0\x00', 0x200000, 0x0)
madvise$auto(0x0, 0xf663, 0x15)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x1c1041, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x100000009, 0x7)
ioctl$auto_FIFREEZE(r3, 0xc0045878, 0xfff)
sendmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x5, 0x0, 0x1f, 0x9}, 0x800009}, 0x3, 0x20000000)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0)

50.226526962s ago: executing program 1 (id=1475):
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x100140, 0x0)
ioctl$auto_CEC_ADAP_G_LOG_ADDRS(r0, 0x805c6103, &(0x7f00000001c0)={"0900ed00", 0x1, 0x0, 0x6, 0x4, 0x6, "feaf587cdf4d2f534a1c88d3e40a00", "e6cf6552", "f34cae3a", "10a991b3", ["1ae8fc7996e08d5c6b51d880", '\x00', "0149f0a7102c3fffab592db0", "0059c09dca7de9bdbbc6be07"]})
unshare$auto(0x40000080)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0xfffffffffffffffe, 0x7, 0x4)
madvise$auto(0x0, 0x2003f0, 0x15)
socket(0x2, 0x1, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70)
renameat2$auto(r3, &(0x7f0000000200)='./file0\x00', r3, &(0x7f0000000240)='./file1\x00', 0x1)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70)
mkdir$auto(&(0x7f0000000000)='./file0/file0\x00', 0x3)
renameat2$auto(r4, &(0x7f0000000200)='./file0\x00', r4, &(0x7f0000000240)='./file1\x00', 0x2)

49.035908698s ago: executing program 1 (id=1478):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/block/parameters/events_dfl_poll_msecs\x00', 0x80002, 0x0)
mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
inotify_init1$auto(0x3000000000000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x25, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x15, 0x5, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x183042, 0x0)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, 0x0, 0x100382, 0x0)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, 0x0, 0x141a41, 0x0)
openat$auto_fops_u16_(0xffffffffffffff9c, 0x0, 0x42002, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x0)
inotify_init1$auto(0x3000000000000)
socket(0xa, 0x2, 0x3a)
r0 = io_uring_setup$auto(0x4, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socketpair$auto(0x1, 0x5, 0xfffffffd, 0x0)
close_range$auto(0x2, r0, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$auto(0x3, 0x40106f52, r1)

48.840105737s ago: executing program 1 (id=1479):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x4c00, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = syz_clone3(&(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0}}, 0x58)
waitid$auto_P_PGID(0x2, r1, &(0x7f00000001c0)={@_si_pad}, 0x6, &(0x7f0000000240)={{0x21, 0x7}, {0x1, 0x1}, 0x3ff, 0x6, 0x80000001, 0xffffffffffff7fff, 0xa, 0xcfc, 0x8, 0x1959, 0x6, 0x8, 0xccc, 0x0, 0x7, 0x6})
writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x7, 0xb}, 0x800009}, 0x5, 0x20000000)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
write$auto(r2, 0x0, 0xfffffde9)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x100, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x2, 0x2)
getsockopt$auto_SO_KEEPALIVE(r2, 0x8, 0x9, &(0x7f0000000000)='/dev/usbmon2\x00', &(0x7f0000000180)=0x9)
r4 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000080)='/dev/usbmon2\x00', 0x40080, 0x0)
listen$auto(r3, 0x5)
ioctl$auto_MON_IOCQ_URB_LEN(r4, 0x9201, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0xb0141, 0x0)
socket(0x1f, 0x800, 0xffffff01)
ioctl$auto(0xffffffffffffffff, 0xc0285629, 0xffffffffffffffff)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x6482, 0x0)
unshare$auto(0x40000080)

33.685292756s ago: executing program 34 (id=1479):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x4c00, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = syz_clone3(&(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0}}, 0x58)
waitid$auto_P_PGID(0x2, r1, &(0x7f00000001c0)={@_si_pad}, 0x6, &(0x7f0000000240)={{0x21, 0x7}, {0x1, 0x1}, 0x3ff, 0x6, 0x80000001, 0xffffffffffff7fff, 0xa, 0xcfc, 0x8, 0x1959, 0x6, 0x8, 0xccc, 0x0, 0x7, 0x6})
writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x7, 0xb}, 0x800009}, 0x5, 0x20000000)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
write$auto(r2, 0x0, 0xfffffde9)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x100, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x2, 0x2)
getsockopt$auto_SO_KEEPALIVE(r2, 0x8, 0x9, &(0x7f0000000000)='/dev/usbmon2\x00', &(0x7f0000000180)=0x9)
r4 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000080)='/dev/usbmon2\x00', 0x40080, 0x0)
listen$auto(r3, 0x5)
ioctl$auto_MON_IOCQ_URB_LEN(r4, 0x9201, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0xb0141, 0x0)
socket(0x1f, 0x800, 0xffffff01)
ioctl$auto(0xffffffffffffffff, 0xc0285629, 0xffffffffffffffff)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x6482, 0x0)
unshare$auto(0x40000080)

7.312073209s ago: executing program 3 (id=1599):
syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x523b21c2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x441)
socket(0xa, 0x3, 0x3b)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0)
getpid()
clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socketpair$auto(0x1c, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)

6.737746866s ago: executing program 6 (id=1603):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3a}}, 0x6e)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000)
io_uring_setup$auto(0x1, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_STATUS322(0xffffffffffffffff, 0x806c4120, &(0x7f0000000100)={0x0, 0x6, 0x95d7, 0x7f, 0x3, 0x1, 0x9, 0x2, 0x0, 0x7, 0xb, 0x8, 0x100, 0x2, 0x3, 0x3ff, 0x400, 0x80000000, "0c1056e3480805f935e214e44f620fa9eba8238cacc3d9e6fc45cf541e509fc2457ae4ae"})
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
write$auto(0x3, 0x0, 0xfffffdef)
unshare$auto(0x40000080)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3b87, 0xa)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
openat$dir(0xffffffffffffff9c, 0x0, 0x381000, 0x100)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0)
writev$auto(r1, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0)
ioctl$auto(r2, 0xc0285629, r2)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
open(0x0, 0x6041, 0x0)
socket(0x6, 0x2, 0x6)
semctl$auto_SETVAL(0x4, 0xfffffff7, 0x10, 0x0)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

6.323010678s ago: executing program 3 (id=1604):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
connect$auto(0x3, 0x0, 0x54)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000000), 0xa0042, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
setsockopt$auto_SO_RESERVE_MEM(r0, 0x200, 0x49, 0x0, 0x5)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000e3, 0x10000040eb2, 0x402, 0x300000000000)
pread64$auto(0xffffffffffffffff, 0x0, 0x100000001, 0x1f5)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0)
io_uring_setup$auto(0x7, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TCFLSH2(r1, 0x5408, 0x0)

5.352509538s ago: executing program 5 (id=1607):
r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffff5fdffe00, &(0x7f0000000400)=';')
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/netfilter/nf_log/3\x00', 0xa2202, 0x0)
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000)
mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x8)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file0\x00', 0x840, 0xc)
socket(0x1d, 0x2, 0x6)
io_uring_setup$auto(0x6, 0x0)
io_uring_setup$auto(0x7, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0)
socket(0x10, 0x2, 0x0)
io_uring_setup$auto(0x4, 0x0)
openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/events/vmalloc/free_vmap_area_noflush/enable\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x109500, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
io_uring_setup$auto(0x85, 0x0)
socket(0x1d, 0x2, 0x7)
socketpair$auto(0x4004, 0x7, 0x4, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
ioctl$auto_TCFLSH2(r1, 0xc0384707, 0x0)

4.966911172s ago: executing program 6 (id=1608):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
r0 = socket(0x2b, 0x1, 0x1)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
ioctl$auto(r0, 0x8983, 0x4)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2c, 0x1, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007)
bind$auto(0x3, 0x0, 0x6a)
mmap$auto(0x0, 0x4020006, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1, 0x400000001, 0x0, 0x1, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x7f, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x2, 0x2, 0x1)
sched_setaffinity$auto(0x0, 0x9899, 0x0)

4.892998357s ago: executing program 3 (id=1609):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
connect$auto(0x3, 0x0, 0x54)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000000), 0xa0042, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
setsockopt$auto_SO_RESERVE_MEM(r0, 0x200, 0x49, 0x0, 0x5)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000e3, 0x10000040eb2, 0x402, 0x300000000000)
pread64$auto(0xffffffffffffffff, 0x0, 0x100000001, 0x1f5)
ioctl$auto_TCSBRKP2(0xffffffffffffffff, 0x5425, 0x0)
io_uring_setup$auto(0x7, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TCFLSH2(r1, 0x5408, 0x0)

4.860304075s ago: executing program 5 (id=1610):
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x100140, 0x0)
ioctl$auto_CEC_ADAP_G_LOG_ADDRS(r0, 0x805c6103, &(0x7f00000001c0)={"0900ed00", 0x1, 0x0, 0x6, 0x4, 0x6, "feaf587cdf4d2f534a1c88d3e40a00", "e6cf6552", "f34cae3a", "10a991b3", ["1ae8fc7996e08d5c6b51d880", '\x00', "0149f0a7102c3fffab592db0", "0059c09dca7de9bdbbc6be07"]})
unshare$auto(0x40000080)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0xfffffffffffffffe, 0x7, 0x4)
madvise$auto(0x0, 0x2003f0, 0x15)
socket(0x2, 0x1, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70)
mknodat$auto(r3, &(0x7f00000003c0)='./file0\x00', 0xfff, 0xfffffff8)
renameat2$auto(r3, &(0x7f0000000200)='./file0\x00', r3, &(0x7f0000000240)='./file1\x00', 0x1)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70)
mkdir$auto(&(0x7f0000000000)='./file0/file0\x00', 0x3)
renameat2$auto(r4, &(0x7f0000000200)='./file0\x00', r4, &(0x7f0000000240)='./file1\x00', 0x2)

4.851810092s ago: executing program 4 (id=1611):
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x100140, 0x0)
ioctl$auto_CEC_ADAP_G_LOG_ADDRS(r0, 0x805c6103, &(0x7f00000001c0)={"0900ed00", 0x1, 0x0, 0x6, 0x4, 0x6, "feaf587cdf4d2f534a1c88d3e40a00", "e6cf6552", "f34cae3a", "10a991b3", ["1ae8fc7996e08d5c6b51d880", '\x00', "0149f0a7102c3fffab592db0", "0059c09dca7de9bdbbc6be07"]})
unshare$auto(0x40000080)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0xfffffffffffffffe, 0x7, 0x4)
madvise$auto(0x0, 0x2003f0, 0x15)
socket(0x2, 0x1, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto(0x3, 0xae41, r2)
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70)
mknodat$auto(r3, &(0x7f00000003c0)='./file0\x00', 0xfff, 0xfffffff8)
renameat2$auto(r3, &(0x7f0000000200)='./file0\x00', r3, &(0x7f0000000240)='./file1\x00', 0x1)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70)
mkdir$auto(&(0x7f0000000000)='./file0/file0\x00', 0x3)
renameat2$auto(r4, &(0x7f0000000200)='./file0\x00', r4, &(0x7f0000000240)='./file1\x00', 0x2)

3.871361821s ago: executing program 4 (id=1612):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x20b42, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_proc_fault_inject_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/make-it-fail\x00', 0x40002, 0x0)
write$auto_proc_fault_inject_operations_base(r1, 0x0, 0x0)
mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0)
read$auto(0x3, 0x0, 0x18)
r2 = socket(0x15, 0x5, 0x0)
setsockopt$auto_SO_BUSY_POLL_BUDGET(r2, 0x1, 0x46, 0x0, 0x94)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
alarm$auto(0x1)
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
r3 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0)
read$auto_minstrel_ht_stat_fops_rc80211_minstrel_ht_debugfs(r3, &(0x7f0000000340)=""/253, 0xfd)
timer_create$auto(0x3, 0x0, 0x0)
rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8)
timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x26b, 0x4}, {0x0, 0x83}}, 0x0)
ioctl$auto_SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f0000000040))
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/tasks\x00', 0x63102, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, &(0x7f0000000080)="f90aae355469cfe372588cdb1a12b7e7ca5a258182f8a31fc51cbad58bf4063707b140163577a9ab1e656a9346a02b69b4cb4dd84c95b46abafbee53d03bdff287a3875ce33922d58265d7647c188366f19dee74a86b37755bb6a67b82e135d392c8a59975bc7f95c9682e3098f5f36c3ad28598aee48127ab79ed81d60bd7acffc213af70305f01a91b360eb1620ba1b275beaaa2493c45c906ff37c6ba21ef1a628b70b007d7a8016134a17f9035eaec1390fde886d07bb93c38b4ce6a4628e5f59f39aa99f05d26e297d8064d16fb44d547ade4361f29a0f68f20734628a4e662d6169285de09228a5fff1b7e1c884453f31a93119346429dd4d317")

3.702276031s ago: executing program 5 (id=1613):
syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x523b21c2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x441)
socket(0xa, 0x3, 0x3b)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0)
getpid()
clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socketpair$auto(0x1c, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)

3.620759106s ago: executing program 3 (id=1614):
unshare$auto(0x40000080)
write$auto(0xffffffffffffffff, &(0x7f0000000180)='\x04\x02\x00\r\xfb\xff\xf6\xdd\x90\x806\xc8\xbe\x94\xf2\xa2', 0x0)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000200), 0xffffffffffffffff)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptybf\x00', 0x72180, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
r0 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x80440, 0x0)
ioctl$auto_VHOST_GET_FEATURES2(r0, 0x8008af00, &(0x7f0000000040)=0x1)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x28, 0x801, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51)
listen$auto(0x3, 0x83)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2200, 0x0)
openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x8a001, 0x0)
write$auto(0x3, 0x0, 0x81)
openat$auto_proc_setgroups_operations_base(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x381, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NFC_CMD_GET_SE(r1, 0x0, 0x40)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0x2, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x1, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)

3.489616632s ago: executing program 6 (id=1615):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8000000000000000, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
r0 = fspick$auto(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0)
r1 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NFC_CMD_START_POLL(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000036bd7000fedb25060000000800f026ca655221004803000000000008000100055c00"/53], 0x34}}, 0x20005090)
capset$auto(0x0, &(0x7f0000000180)={0x3, 0x7, 0x6})
r2 = open(0x0, 0x22ac2, 0x5d745cb200ae4d7b)
fchown$auto(r2, 0xe5a, 0x5)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x20, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptys0\x00', 0x40001, 0x0)
write$auto(0x3, 0x0, 0xfdef)
ioctl$auto(0x3, 0x5402, r3)
r4 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000580), 0x400, 0x0)
ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r4, 0x4018bc13, &(0x7f00000005c0)={0x0, 0x9d, 0x720, [0x0]})
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x0, 0x0)
gettid()

2.924729062s ago: executing program 4 (id=1616):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f0000000180), 0x90203, 0x0)
write$auto_nvmf_dev_fops_fabrics(r0, 0x0, 0x0)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/fb0\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x6, 0x800, 0x8)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer\x00', 0x2, 0x0)
r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r1, &(0x7f0000000040)='nbd\x00', 0x4)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000)
io_uring_register$auto(0x2, 0xe, 0x0, 0x20)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/kernel/mm/transparent_hugepage/hugepages-32kB/stats/nr_anon_partially_mapped\x00', 0x80040, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/225, 0xe1)
write$auto(0xffffffffffffffff, &(0x7f00000002c0)='/d-:\xe7J\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xea>=\xe8hUs\xf3N\x10$#_\x01\xdc\x16<\xda>ui\x9eS;\n\xeaG@\xf9\\r\xbc\x06\xfa\x1b\x8d \x9ebd\x10\xea#\xcb(o\x9ei\x89\x84\xa7\x85\xad\xe1\xe0\xf19\xfa4\xb5\ad\x84\f\xc9\x12a3\xb9~\x87\x1c\xd1\xf4V\x06\xa7\x00\x01D\x1eo\xfd\x03\xbe\xd8\x05H|+wsSs\xf9\x11\xc9\x13x\xe0\x8e\x109J\xe7\x9f\x99\x82G(\xabH\xee\xaaPs_\xc3\x00'/157, 0x1eb0800)
mmap$auto(0x0, 0x0, 0x400000dc, 0x937e, 0x2, 0x8000)
prctl$auto_PR_PPC_SET_DEXCR(0x49, 0x8, 0xfffffffffffffff7, 0x2, 0x2)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
msgctl$auto_MSG_INFO(0x0, 0xc, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x15, 0x5, 0x0)
r3 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000200)='/dev/input/mouse0\x00', 0x22002, 0x0)
readv$auto(0x3, 0x0, 0x1)
write$auto_mousedev_fops_mousedev(r3, &(0x7f00000000c0)="13", 0x1)

2.715987327s ago: executing program 5 (id=1617):
ioperm$auto(0x7, 0x6, 0x2)
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0)
pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0xa, 0x2, 0x88)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'team0\x00', <r2=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r2, r1, 0x4, 0x1, r0, @relative_id=0x13, 0xe600}, 0xf)
r3 = open(0x0, 0x261c2, 0x84)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r3, 0x0, 0x3}, 0xc)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x3}, 0xc)
select$auto(0x0, &(0x7f0000000740)={[0x7, 0x4, 0x5, 0x4, 0x2, 0x6, 0x6, 0xff, 0x6, 0xdf08100, 0x400, 0x3, 0x6, 0xf, 0x2, 0xffffffff]}, &(0x7f00000007c0)={[0x100, 0x6, 0xfffffffffffffffc, 0x2, 0x9, 0x400, 0x80000000, 0x1000, 0xef, 0x8, 0xbcdd, 0x46, 0x80, 0xb9, 0xf39, 0x3]}, 0x0, &(0x7f00000008c0)={0x0, 0x7})
r4 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc)
flock$auto(r4, 0x5)
syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/dummy_hcd.7/usb8/power/level\x00', 0x2881, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f00000002c0)="ddc47ce8", 0x4)
r6 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc)
flock$auto(r6, 0x2)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)

2.622817799s ago: executing program 4 (id=1618):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
connect$auto(0x3, 0x0, 0x54)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000000), 0xa0042, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
setsockopt$auto_SO_RESERVE_MEM(r0, 0x200, 0x49, 0x0, 0x5)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000e3, 0x10000040eb2, 0x402, 0x300000000000)
pread64$auto(0xffffffffffffffff, 0x0, 0x100000001, 0x1f5)
ioctl$auto_TCSBRKP2(0xffffffffffffffff, 0x5425, 0x0)
io_uring_setup$auto(0x7, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TCFLSH2(r1, 0x5408, 0x0)

2.552243991s ago: executing program 6 (id=1619):
r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffff5fdffe00, &(0x7f0000000400)=';')
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/netfilter/nf_log/3\x00', 0xa2202, 0x0)
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000)
mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x8)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file0\x00', 0x840, 0xc)
socket(0x1d, 0x2, 0x6)
io_uring_setup$auto(0x6, 0x0)
io_uring_setup$auto(0x7, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0)
socket(0x10, 0x2, 0x0)
io_uring_setup$auto(0x4, 0x0)
openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/events/vmalloc/free_vmap_area_noflush/enable\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x109500, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
io_uring_setup$auto(0x85, 0x0)
socket(0x1d, 0x2, 0x7)
socketpair$auto(0x4004, 0x7, 0x4, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
ioctl$auto_TCFLSH2(r1, 0xc0384707, 0x0)

2.136918107s ago: executing program 3 (id=1620):
r0 = socket(0x2, 0x80002, 0x73)
getpeername$auto(r0, 0x0, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1e1842, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSCOMPRESS(r2, 0x4010744d, &(0x7f00000001c0)={&(0x7f00000000c0)='\x8e\x04\x8f~\xa7 \xcf\x1fg7\n\xd8\xbd\xd3&\xa7\xa6_\xaa\xe2;\xb5\x82\x9dA\x8f|\xf3\xd7\xc6X\xdf\xdaC\x9aoqM2\x10\xb1\xd1\xbd\xca0\x9f\xe7\x00\x00\x00\x00\x00\x00\x00\x00T\r\xbfZO\x7f\xbd\x91\xf2\xbd\xc6.\xa2*\xdb\xd7\f\xebM\xba\x15P\as\x82\x17\xa3\xf5\xf6\xcd\x19P&\x88*\xf9\xdd\xc3t[`\xf3h\xc0\"\xd2\xa5\x81\xd6l\xc2k|\rX]XP\xfe\xc9\xe3\xea\xa4P\x95!3\xce\x9f\x9f<\x1eI\xfd\x80\x1c\xf9~\x06\x1b{K\x04\x85\xfa\x14\xbf\t\xc0\xced?j\xb2\xf1~T\xb2i\n\x15\x0e\xf7G9\'}^B=\xfc\x11\xfa\x0f\x0fd4^`\xc2\xb0\xaf\\\x1duPu\x02\xce:`c\xb0\xd0\xde\x13\xb4\xe0\xfcn\x98%\x1d\xff(\xa3\x10d\x89', 0x8, 0x80})
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x800, 0x0)
read$auto(r3, 0x0, 0x1ff)
r4 = socket(0x8, 0x2, 0xb)
r5 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="10002cbd7000fadbdf250a00000a06000100060000000312d583a95bc933399d21c99ea1c75a90e60b662d5e9668e9bdec452a25f728fb2d8b23dd6553c4ad7b6968b96dbc21c8d6475cc59cf6006e2d979d7b4b613b7e3f0eed945510d9050f394dfc8053e13d4b8b54580caf51a7a3a14e98c6a4c71bc14223f0a3a509c81f750acf7eaef047c574472ec58c70cb307dcd1831f9031a413a6fff1919ff0e7aee7a9dbc93c61c7e69d3e8871db4e8a08cb000d9fe002af52dec4886b1c48a889c6d6fcb10865d497d4e47677f0319ca8ae676e37411f274ecf2ac76e97fb42b1b4ba0d0fe78e9fcfd5a5f206d7c6169d29af0ffb6484d73fa0c30e17976cfed4c0ba1698fab"], 0x1c}, 0x1, 0x0, 0x0, 0x24050803}, 0x10004010)
write$auto(0x3, 0x0, 0xfdef)
socket(0x2, 0x1, 0xfffffffd)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
bind$auto(r0, &(0x7f0000000240)=@tipc=@name={0x1e, 0x2, 0x2, {{0x0, 0x3}}}, 0x9)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x62c00, 0x0)

2.013317882s ago: executing program 6 (id=1621):
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x100140, 0x0)
ioctl$auto_CEC_ADAP_G_LOG_ADDRS(r0, 0x805c6103, &(0x7f00000001c0)={"0900ed00", 0x1, 0x0, 0x6, 0x4, 0x6, "feaf587cdf4d2f534a1c88d3e40a00", "e6cf6552", "f34cae3a", "10a991b3", ["1ae8fc7996e08d5c6b51d880", '\x00', "0149f0a7102c3fffab592db0", "0059c09dca7de9bdbbc6be07"]})
unshare$auto(0x40000080)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0xfffffffffffffffe, 0x7, 0x4)
madvise$auto(0x0, 0x2003f0, 0x15)
socket(0x2, 0x1, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto(0x3, 0xae41, r2)
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70)
mknodat$auto(r3, &(0x7f00000003c0)='./file0\x00', 0xfff, 0xfffffff8)
renameat2$auto(r3, &(0x7f0000000200)='./file0\x00', r3, &(0x7f0000000240)='./file1\x00', 0x1)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70)
mkdir$auto(&(0x7f0000000000)='./file0/file0\x00', 0x3)
renameat2$auto(r4, &(0x7f0000000200)='./file0\x00', r4, &(0x7f0000000240)='./file1\x00', 0x2)

1.804274014s ago: executing program 5 (id=1622):
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x100140, 0x0)
ioctl$auto_CEC_ADAP_G_LOG_ADDRS(r0, 0x805c6103, &(0x7f00000001c0)={"0900ed00", 0x1, 0x0, 0x6, 0x4, 0x6, "feaf587cdf4d2f534a1c88d3e40a00", "e6cf6552", "f34cae3a", "10a991b3", ["1ae8fc7996e08d5c6b51d880", '\x00', "0149f0a7102c3fffab592db0", "0059c09dca7de9bdbbc6be07"]})
unshare$auto(0x40000080)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0xfffffffffffffffe, 0x7, 0x4)
madvise$auto(0x0, 0x2003f0, 0x15)
socket(0x2, 0x1, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70)
mknodat$auto(r3, &(0x7f00000003c0)='./file0\x00', 0xfff, 0xfffffff8)
renameat2$auto(r3, &(0x7f0000000200)='./file0\x00', r3, &(0x7f0000000240)='./file1\x00', 0x1)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70)
mkdir$auto(&(0x7f0000000000)='./file0/file0\x00', 0x3)
renameat2$auto(r4, &(0x7f0000000200)='./file0\x00', r4, &(0x7f0000000240)='./file1\x00', 0x2)

1.151818836s ago: executing program 4 (id=1623):
syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x523b21c2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x441)
socket(0xa, 0x3, 0x3b)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0)
getpid()
clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socketpair$auto(0x1c, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)

980.519625ms ago: executing program 6 (id=1624):
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x468401, 0x0)
r0 = socket(0x10, 0x2, 0x4)
write$auto(r0, &(0x7f0000000000)='-\x00', 0xfdef)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
fstatfs$auto(0x3, 0x0)
ioctl$auto(r2, 0x4b67, 0x1)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x203, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x7, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
write$auto(0xffffffffffffffff, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
write$auto(0xffffffffffffffff, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x6)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0)
read$auto_def_blk_fops_fs(r3, &(0x7f0000000140)=""/194, 0xc2)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x161640, 0x0)
open(0x0, 0x80842, 0x20)
ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8)
write$auto(r4, 0x0, 0xfffffdef)
madvise$auto(0xffffffffffff08b1, 0x20499c, 0x9)

670.479202ms ago: executing program 3 (id=1625):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x20b42, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_proc_fault_inject_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/make-it-fail\x00', 0x40002, 0x0)
write$auto_proc_fault_inject_operations_base(r1, 0x0, 0x0)
mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0)
read$auto(0x3, 0x0, 0x18)
r2 = socket(0x15, 0x5, 0x0)
setsockopt$auto_SO_BUSY_POLL_BUDGET(r2, 0x1, 0x46, 0x0, 0x94)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
alarm$auto(0x1)
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
r3 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0)
read$auto_minstrel_ht_stat_fops_rc80211_minstrel_ht_debugfs(r3, &(0x7f0000000340)=""/253, 0xfd)
timer_create$auto(0x3, 0x0, 0x0)
rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8)
timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x26b, 0x4}, {0x0, 0x83}}, 0x0)
ioctl$auto_SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f0000000040))
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/tasks\x00', 0x63102, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, &(0x7f0000000080)="f90aae355469cfe372588cdb1a12b7e7ca5a258182f8a31fc51cbad58bf4063707b140163577a9ab1e656a9346a02b69b4cb4dd84c95b46abafbee53d03bdff287a3875ce33922d58265d7647c188366f19dee74a86b37755bb6a67b82e135d392c8a59975bc7f95c9682e3098f5f36c3ad28598aee48127ab79ed81d60bd7acffc213af70305f01a91b360eb1620ba1b275beaaa2493c45c906ff37c6ba21ef1a628b70b007d7a8016134a17f9035eaec1390fde886d07bb93c38b4ce6a4628e5f59f39aa99f05d26e297d8064d16fb44d547ade4361f29a0f68f20734628a4e662d6169285de09228a5fff1b7e1c884453f31a93119346429dd4d317")

487.55759ms ago: executing program 5 (id=1626):
syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x523b21c2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x441)
socket(0xa, 0x3, 0x3b)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0)
getpid()
clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socketpair$auto(0x1c, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)

0s ago: executing program 4 (id=1627):
fcntl$auto_F_GETOWN(0xffffffffffffffff, 0x9, 0x4)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd3\xa8q\x8d;(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc\v\x02\x03O(\x90\r/\xc5;\x00\xb7\xb3\xf5\x8aG+\xc8v\x8c\x0ej\x01\xe2MZ\xc7\xd7\xc2\xd0\f\x8c.\f\xad`\x91Q\xae\xc8\x85\x87\xbaL\x86\xdb\xae\xfck\xdc\x84Lb_\xbfW!\xcfq\"Z\x18\r\x1a\xda\xc0@\x1c\xfbsW\x86T\xcf\xc5\x0fe\x18\xaaK\xbbAS\x7f\xcfd\xa4\xc5\xfc\xf8\xa2.\xd4M\x86\xd5\x89\xd4m\xb7_\xbb5\xb7\x95\x1d\xca\xbe\xa4\n\xd9#R\x99\xe2O\x19H\x1f\x1e\xda\xb9\xa7eu\xa4\x9f\x1e\xd1v\xd00[\xd9\x03\x1eT\xed\x91P\x94\x9e\xb8\x14\x02\x91\x9cn\xb7\xd4E1\xcd\x15\x1c6\xb1\xcd\x04\xf4\x1cE\x01\xe4\x97e\xb0\x03+\xb8R\x05\x7f\xee\x18$b\xb4\xeay/\xf81\x98\xf2&', 0x8100000a3d9)
syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(0xffffffffffffffff, 0x0, 0x800)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
landlock_create_ruleset$auto(0x0, 0xc, 0x200)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/device_info\x00', 0x48041, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x39, 0x2, 0x1)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r0 = gettid()
tkill$auto(r0, 0x0)
socket(0x1e, 0x1, 0x50d)
sched_setaffinity$auto(0x0, 0xcf4d, &(0x7f00000000c0)=0xffffffffffffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b71, 0x2, 0x8000)
futex$auto(&(0x7f0000000080)=0xfffffffd, 0xb, 0x1, 0x0, 0x0, 0xfffffffa)
futex$auto(&(0x7f0000000080)=0x7, 0xd, 0x1, 0x0, 0x0, 0x5)
rseq$auto(&(0x7f0000000100)={0xe, 0x401, 0x1, 0x1a09, 0xfffffff9, 0x5cd}, 0x8000, 0x0, 0x6)
socket(0xa, 0x1, 0x84)
clone$auto(0x1ff00, 0x0, 0x0, 0x0, 0x9)
exit$auto(0x7)
sched_setaffinity$auto(0x0, 0x80000000, 0x0)

kernel console output (not intermixed with test programs):

uetooth: hci3: command 0x0c1a tx timeout
[  293.649846][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  293.649903][ T5839] Bluetooth: hci1: command 0x0c1a tx timeout
[  295.723776][ T5839] Bluetooth: hci3: command 0x0c1a tx timeout
[  298.606156][ T8610] Process accounting resumed
[  302.409387][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  302.426462][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  302.462123][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  302.468604][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  302.480902][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  302.487618][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  302.495570][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  302.501896][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  306.702968][ T8701] FAULT_INJECTION: forcing a failure.
[  306.702968][ T8701] name failslab, interval 1, probability 0, space 0, times 0
[  306.733783][ T8701] CPU: 0 UID: 0 PID: 8701 Comm: syz.3.540 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  306.733806][ T8701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  306.733816][ T8701] Call Trace:
[  306.733821][ T8701]  <TASK>
[  306.733827][ T8701]  dump_stack_lvl+0x16c/0x1f0
[  306.733855][ T8701]  should_fail_ex+0x512/0x640
[  306.733875][ T8701]  ? fs_reclaim_acquire+0xae/0x150
[  306.733895][ T8701]  should_failslab+0xc2/0x120
[  306.733910][ T8701]  __kmalloc_cache_noprof+0x6a/0x3e0
[  306.733929][ T8701]  ? tomoyo_find_next_domain+0x145/0x20b0
[  306.733944][ T8701]  ? kasan_save_track+0x14/0x30
[  306.733967][ T8701]  tomoyo_find_next_domain+0x145/0x20b0
[  306.733988][ T8701]  ? __pfx_tomoyo_find_next_domain+0x10/0x10
[  306.734010][ T8701]  tomoyo_bprm_check_security+0x12e/0x1d0
[  306.734031][ T8701]  ? tomoyo_bprm_check_security+0x120/0x1d0
[  306.734054][ T8701]  security_bprm_check+0x1b9/0x1e0
[  306.734068][ T8701]  bprm_execve+0x810/0x1650
[  306.734091][ T8701]  ? __pfx_bprm_execve+0x10/0x10
[  306.734109][ T8701]  ? copy_string_kernel+0x444/0x510
[  306.734131][ T8701]  do_execveat_common.isra.0+0x4a5/0x610
[  306.734154][ T8701]  __x64_sys_execve+0x8e/0xb0
[  306.734174][ T8701]  do_syscall_64+0xcd/0x490
[  306.734196][ T8701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.734219][ T8701] RIP: 0033:0x7f264598e929
[  306.734232][ T8701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  306.734246][ T8701] RSP: 002b:00007f2646858038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  306.734261][ T8701] RAX: ffffffffffffffda RBX: 00007f2645bb6080 RCX: 00007f264598e929
[  306.734271][ T8701] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  306.734279][ T8701] RBP: 00007f2645a10b39 R08: 0000000000000000 R09: 0000000000000000
[  306.734288][ T8701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  306.734296][ T8701] R13: 0000000000000000 R14: 00007f2645bb6080 R15: 00007ffceeed68c8
[  306.734314][ T8701]  </TASK>
[  307.661413][ T8710] FAULT_INJECTION: forcing a failure.
[  307.661413][ T8710] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  307.675213][ T8710] CPU: 0 UID: 0 PID: 8710 Comm: syz.2.542 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  307.675249][ T8710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  307.675264][ T8710] Call Trace:
[  307.675272][ T8710]  <TASK>
[  307.675282][ T8710]  dump_stack_lvl+0x16c/0x1f0
[  307.675326][ T8710]  should_fail_ex+0x512/0x640
[  307.675363][ T8710]  _copy_from_iter+0x463/0x16f0
[  307.675410][ T8710]  ? __pfx__copy_from_iter+0x10/0x10
[  307.675447][ T8710]  ? rcu_is_watching+0x12/0xc0
[  307.675471][ T8710]  ? trace_kmalloc+0x2b/0xd0
[  307.675493][ T8710]  ? __kmalloc_noprof+0x242/0x510
[  307.675536][ T8710]  kernfs_fop_write_iter+0x19a/0x510
[  307.675569][ T8710]  do_iter_readv_writev+0x657/0x950
[  307.675604][ T8710]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  307.675651][ T8710]  vfs_writev+0x35f/0xde0
[  307.675692][ T8710]  ? __pfx_vfs_writev+0x10/0x10
[  307.675747][ T8710]  ? __fget_files+0x20e/0x3c0
[  307.675786][ T8710]  ? do_pwritev+0x1a6/0x270
[  307.675815][ T8710]  do_pwritev+0x1a6/0x270
[  307.675847][ T8710]  ? __pfx_do_pwritev+0x10/0x10
[  307.675886][ T8710]  do_syscall_64+0xcd/0x490
[  307.675925][ T8710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.675949][ T8710] RIP: 0033:0x7f8e02f8e929
[  307.675971][ T8710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.675995][ T8710] RSP: 002b:00007f8e03e9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[  307.676020][ T8710] RAX: ffffffffffffffda RBX: 00007f8e031b6080 RCX: 00007f8e02f8e929
[  307.676036][ T8710] RDX: 0000000000000005 RSI: 0000200000001000 RDI: 0000000000000003
[  307.676050][ T8710] RBP: 00007f8e03010b39 R08: 0000000000000009 R09: 0000000000000000
[  307.676065][ T8710] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[  307.676080][ T8710] R13: 0000000000000000 R14: 00007f8e031b6080 R15: 00007ffeada86fa8
[  307.676126][ T8710]  </TASK>
[  317.109090][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  317.124013][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  320.684244][ T8903] RDS: rds_bind could not find a transport for ::ffff:10.1.1.2, load rds_tcp or rds_rdma?
[  330.943853][ T9025] netlink: 28 bytes leftover after parsing attributes in process `syz.0.591'.
[  331.050818][ T9025] geneve1: entered promiscuous mode
[  331.056218][ T9025] geneve1: entered allmulticast mode
[  331.100943][ T9025] netlink: 28 bytes leftover after parsing attributes in process `syz.0.591'.
[  334.049706][ T9069] netlink: 4 bytes leftover after parsing attributes in process `syz.2.600'.
[  337.312634][ T5839] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  337.994438][ T9116] input: 00
[  337.994438][ T9116]  as /devices/virtual/input/input21
[  338.003311][ T9116] FAULT_INJECTION: forcing a failure.
[  338.003311][ T9116] name failslab, interval 1, probability 0, space 0, times 0
[  338.203853][ T9116] CPU: 1 UID: 0 PID: 9116 Comm: syz.0.606 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  338.203890][ T9116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  338.203905][ T9116] Call Trace:
[  338.203915][ T9116]  <TASK>
[  338.203925][ T9116]  dump_stack_lvl+0x16c/0x1f0
[  338.203977][ T9116]  should_fail_ex+0x512/0x640
[  338.204011][ T9116]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  338.204056][ T9116]  should_failslab+0xc2/0x120
[  338.204082][ T9116]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  338.204121][ T9116]  ? kstrdup_const+0x63/0x80
[  338.204161][ T9116]  kstrdup+0x53/0x100
[  338.204196][ T9116]  kstrdup_const+0x63/0x80
[  338.204229][ T9116]  __kernfs_new_node+0x9b/0x8e0
[  338.204267][ T9116]  ? __pfx___kernfs_new_node+0x10/0x10
[  338.204309][ T9116]  ? find_held_lock+0x2b/0x80
[  338.204335][ T9116]  ? kernfs_root+0xee/0x2a0
[  338.204375][ T9116]  kernfs_new_node+0x13c/0x1e0
[  338.204418][ T9116]  kernfs_create_link+0xcc/0x240
[  338.204448][ T9116]  sysfs_do_create_link_sd+0x90/0x140
[  338.204482][ T9116]  sysfs_create_link+0x61/0xc0
[  338.204514][ T9116]  device_add+0xb14/0x1a70
[  338.204544][ T9116]  ? __pfx_device_add+0x10/0x10
[  338.204568][ T9116]  ? __pfx_exact_lock+0x10/0x10
[  338.204606][ T9116]  ? kobject_get+0xbb/0x150
[  338.204643][ T9116]  cdev_device_add+0xc2/0x1e0
[  338.204679][ T9116]  evdev_connect+0x3a4/0x4c0
[  338.204714][ T9116]  input_attach_handler.isra.0+0x181/0x260
[  338.204747][ T9116]  input_register_device+0xa84/0x1130
[  338.204780][ T9116]  uinput_ioctl_handler.isra.0+0x1357/0x1df0
[  338.204806][ T9116]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  338.204836][ T9116]  ? find_held_lock+0x2b/0x80
[  338.204871][ T9116]  ? __pfx_uinput_ioctl+0x10/0x10
[  338.204893][ T9116]  __x64_sys_ioctl+0x18b/0x210
[  338.204920][ T9116]  do_syscall_64+0xcd/0x490
[  338.204960][ T9116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.204983][ T9116] RIP: 0033:0x7f03d5d8e929
[  338.205002][ T9116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.205022][ T9116] RSP: 002b:00007f03d6b6c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  338.205042][ T9116] RAX: ffffffffffffffda RBX: 00007f03d5fb5fa0 RCX: 00007f03d5d8e929
[  338.205057][ T9116] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000006
[  338.205070][ T9116] RBP: 00007f03d5e10b39 R08: 0000000000000000 R09: 0000000000000000
[  338.205083][ T9116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  338.205096][ T9116] R13: 0000000000000000 R14: 00007f03d5fb5fa0 R15: 00007fffff651cb8
[  338.205127][ T9116]  </TASK>
[  338.578595][ T9116] input: failed to attach handler evdev to device input21, error: -12
[  342.226913][ T9154] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  342.274470][ T9154] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  342.324932][ T9154] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  342.386689][ T9154] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  342.397153][ T9154] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  343.245935][ T5151] Bluetooth: hci0: command 0x0c1a tx timeout
[  344.273655][ T5151] Bluetooth: hci1: command 0x0c1a tx timeout
[  344.353719][ T5151] Bluetooth: hci2: command 0x0c1a tx timeout
[  344.434342][ T5151] Bluetooth: hci3: command 0x0c1a tx timeout
[  345.333285][ T9211] phram: parameter too long
[  345.712724][ T9222] netlink: 4 bytes leftover after parsing attributes in process `syz.3.626'.
[  346.513816][ T5151] Bluetooth: hci3: command 0x0c1a tx timeout
[  346.999036][ T9226] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  347.014956][ T9226] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  347.023985][ T9226] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  347.035606][ T9226] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  347.894916][ T5151] Bluetooth: hci0: command 0x0c1a tx timeout
[  348.285193][ T9260] netlink: 12 bytes leftover after parsing attributes in process `syz.1.634'.
[  348.316605][ T9257] openvswitch: HfR: Dropping previously announced user features
[  348.373502][ T9260] openvswitch: HfR: Dropping previously announced user features
[  349.074598][ T5151] Bluetooth: hci3: command 0x0c1a tx timeout
[  349.078488][ T5839] Bluetooth: hci2: command 0x0c1a tx timeout
[  349.080651][ T5151] Bluetooth: hci1: command 0x0c1a tx timeout
[  349.658712][ T9274] FAULT_INJECTION: forcing a failure.
[  349.658712][ T9274] name failslab, interval 1, probability 0, space 0, times 0
[  349.710638][ T9274] CPU: 1 UID: 0 PID: 9274 Comm: syz.1.644 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  349.710676][ T9274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  349.710691][ T9274] Call Trace:
[  349.710700][ T9274]  <TASK>
[  349.710709][ T9274]  dump_stack_lvl+0x16c/0x1f0
[  349.710753][ T9274]  should_fail_ex+0x512/0x640
[  349.710786][ T9274]  ? __kvmalloc_node_noprof+0x124/0x620
[  349.710823][ T9274]  should_failslab+0xc2/0x120
[  349.710847][ T9274]  __kvmalloc_node_noprof+0x137/0x620
[  349.710877][ T9274]  ? trace_kmalloc+0x2b/0xd0
[  349.710900][ T9274]  ? __kmalloc_noprof+0x242/0x510
[  349.710932][ T9274]  ? alloc_netdev_mqs+0xd2/0x1570
[  349.710967][ T9274]  ? __asan_memcpy+0x3c/0x60
[  349.711003][ T9274]  ? __pfx_do_setup+0x10/0x10
[  349.711041][ T9274]  ? alloc_netdev_mqs+0xd2/0x1570
[  349.711077][ T9274]  alloc_netdev_mqs+0xd2/0x1570
[  349.711116][ T9274]  ? ovs_vport_alloc+0x2a0/0x3d0
[  349.711143][ T9274]  internal_dev_create+0x8a/0x520
[  349.711171][ T9274]  ovs_vport_add+0x144/0x4d0
[  349.711209][ T9274]  new_vport+0x16/0x1d0
[  349.711239][ T9274]  ovs_dp_cmd_new+0x6ba/0xe60
[  349.711281][ T9274]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[  349.711320][ T9274]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  349.711353][ T9274]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  349.711392][ T9274]  genl_family_rcv_msg_doit+0x209/0x2f0
[  349.711426][ T9274]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  349.711455][ T9274]  ? trace_cap_capable+0x18d/0x200
[  349.711489][ T9274]  ? bpf_lsm_capable+0x9/0x10
[  349.711516][ T9274]  ? security_capable+0x7e/0x260
[  349.711552][ T9274]  ? ns_capable+0xd7/0x110
[  349.711579][ T9274]  genl_rcv_msg+0x55c/0x800
[  349.711613][ T9274]  ? __pfx_genl_rcv_msg+0x10/0x10
[  349.711641][ T9274]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[  349.711678][ T9274]  ? __lock_acquire+0x622/0x1c90
[  349.711714][ T9274]  netlink_rcv_skb+0x158/0x420
[  349.711740][ T9274]  ? __pfx_genl_rcv_msg+0x10/0x10
[  349.711771][ T9274]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  349.711810][ T9274]  ? netlink_deliver_tap+0x1ae/0xd30
[  349.711833][ T9274]  ? is_vmalloc_addr+0x86/0xa0
[  349.711870][ T9274]  genl_rcv+0x28/0x40
[  349.711895][ T9274]  netlink_unicast+0x53a/0x7f0
[  349.711926][ T9274]  ? __pfx_netlink_unicast+0x10/0x10
[  349.711962][ T9274]  netlink_sendmsg+0x8d1/0xdd0
[  349.711995][ T9274]  ? __pfx_netlink_sendmsg+0x10/0x10
[  349.712047][ T9274]  ____sys_sendmsg+0xa98/0xc70
[  349.712078][ T9274]  ? copy_msghdr_from_user+0x10a/0x160
[  349.712116][ T9274]  ? __pfx_____sys_sendmsg+0x10/0x10
[  349.712152][ T9274]  ? __pfx_futex_wake_mark+0x10/0x10
[  349.712191][ T9274]  ___sys_sendmsg+0x134/0x1d0
[  349.712228][ T9274]  ? __pfx____sys_sendmsg+0x10/0x10
[  349.712259][ T9274]  ? __lock_acquire+0x622/0x1c90
[  349.712335][ T9274]  __sys_sendmsg+0x16d/0x220
[  349.712371][ T9274]  ? __pfx___sys_sendmsg+0x10/0x10
[  349.712405][ T9274]  ? __x64_sys_futex+0x1e0/0x4c0
[  349.712456][ T9274]  do_syscall_64+0xcd/0x490
[  349.712496][ T9274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.712527][ T9274] RIP: 0033:0x7f7f0018e929
[  349.712549][ T9274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.712574][ T9274] RSP: 002b:00007f7f00f34038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  349.712598][ T9274] RAX: ffffffffffffffda RBX: 00007f7f003b5fa0 RCX: 00007f7f0018e929
[  349.712615][ T9274] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000008
[  349.712630][ T9274] RBP: 00007f7f00210b39 R08: 0000000000000000 R09: 0000000000000000
[  349.712644][ T9274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  349.712658][ T9274] R13: 0000000000000000 R14: 00007f7f003b5fa0 R15: 00007ffcc561f9d8
[  349.712693][ T9274]  </TASK>
[  351.363799][ T9286] input: jJǸ���;9�%v����l��Q�	J86�� as /devices/virtual/input/input23
[  352.482868][ T9294] FAULT_INJECTION: forcing a failure.
[  352.482868][ T9294] name failslab, interval 1, probability 0, space 0, times 0
[  352.514108][ T9294] CPU: 1 UID: 0 PID: 9294 Comm: syz.2.639 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  352.514147][ T9294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  352.514163][ T9294] Call Trace:
[  352.514172][ T9294]  <TASK>
[  352.514190][ T9294]  dump_stack_lvl+0x16c/0x1f0
[  352.514233][ T9294]  should_fail_ex+0x512/0x640
[  352.514267][ T9294]  ? __kmalloc_node_noprof+0xc5/0x500
[  352.514308][ T9294]  should_failslab+0xc2/0x120
[  352.514333][ T9294]  __kmalloc_node_noprof+0xd8/0x500
[  352.514368][ T9294]  ? __up_read+0x1f8/0x750
[  352.514400][ T9294]  ? crypto_alloc_tfmmem.isra.0+0x38/0x110
[  352.514432][ T9294]  ? __pfx_crypto_alg_extsize+0x10/0x10
[  352.514464][ T9294]  crypto_alloc_tfmmem.isra.0+0x38/0x110
[  352.514495][ T9294]  crypto_create_tfm_node+0x85/0x350
[  352.514524][ T9294]  ? __pfx_rsassa_pkcs1_init_tfm+0x10/0x10
[  352.514552][ T9294]  crypto_spawn_tfm2+0x62/0xb0
[  352.514588][ T9294]  rsassa_pkcs1_init_tfm+0x39/0xb0
[  352.514614][ T9294]  crypto_sig_init_tfm+0xba/0xf0
[  352.514646][ T9294]  crypto_create_tfm_node+0x127/0x350
[  352.514678][ T9294]  crypto_alloc_tfm_node+0x102/0x260
[  352.514711][ T9294]  public_key_verify_signature+0x1ca/0x970
[  352.514747][ T9294]  ? __pfx_public_key_verify_signature+0x10/0x10
[  352.514804][ T9294]  ? __pfx_public_key_verify_signature_2+0x10/0x10
[  352.514836][ T9294]  verify_signature+0xdf/0x130
[  352.514864][ T9294]  pkcs7_validate_trust+0x220/0x7e0
[  352.514903][ T9294]  verify_pkcs7_message_sig+0x12c/0x250
[  352.514930][ T9294]  ? __pfx_verify_pkcs7_message_sig+0x10/0x10
[  352.514956][ T9294]  ? kfree+0x2b4/0x4d0
[  352.514982][ T9294]  ? public_key_signature_free+0xda/0x110
[  352.515010][ T9294]  ? pkcs7_parse_message+0x531/0x720
[  352.515050][ T9294]  ? pkcs7_parse_message+0x536/0x720
[  352.515086][ T9294]  verify_pkcs7_signature+0x6d/0xa0
[  352.515121][ T9294]  valid_regdb+0x215/0x590
[  352.515150][ T9294]  ? __pfx___mutex_lock+0x10/0x10
[  352.515193][ T9294]  ? __pfx_valid_regdb+0x10/0x10
[  352.515228][ T9294]  reg_reload_regdb+0x11e/0x460
[  352.515258][ T9294]  ? __pfx_reg_reload_regdb+0x10/0x10
[  352.515289][ T9294]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  352.515323][ T9294]  ? nl80211_pre_doit+0x1b0/0xb10
[  352.515362][ T9294]  genl_family_rcv_msg_doit+0x209/0x2f0
[  352.515397][ T9294]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  352.515425][ T9294]  ? rcu_is_watching+0x12/0xc0
[  352.515463][ T9294]  ? bpf_lsm_capable+0x9/0x10
[  352.515491][ T9294]  ? security_capable+0x7e/0x260
[  352.515537][ T9294]  genl_rcv_msg+0x55c/0x800
[  352.515570][ T9294]  ? __pfx_genl_rcv_msg+0x10/0x10
[  352.515600][ T9294]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  352.515633][ T9294]  ? __pfx_nl80211_reload_regdb+0x10/0x10
[  352.515659][ T9294]  ? __pfx_nl80211_post_doit+0x10/0x10
[  352.515698][ T9294]  ? __lock_acquire+0x622/0x1c90
[  352.515735][ T9294]  netlink_rcv_skb+0x158/0x420
[  352.515762][ T9294]  ? __pfx_genl_rcv_msg+0x10/0x10
[  352.515794][ T9294]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  352.515836][ T9294]  ? netlink_deliver_tap+0x1ae/0xd30
[  352.515860][ T9294]  ? is_vmalloc_addr+0x86/0xa0
[  352.515898][ T9294]  genl_rcv+0x28/0x40
[  352.515923][ T9294]  netlink_unicast+0x53a/0x7f0
[  352.515954][ T9294]  ? __pfx_netlink_unicast+0x10/0x10
[  352.515991][ T9294]  netlink_sendmsg+0x8d1/0xdd0
[  352.516024][ T9294]  ? __pfx_netlink_sendmsg+0x10/0x10
[  352.516065][ T9294]  ____sys_sendmsg+0xa98/0xc70
[  352.516095][ T9294]  ? copy_msghdr_from_user+0x10a/0x160
[  352.516127][ T9294]  ? __pfx_____sys_sendmsg+0x10/0x10
[  352.516160][ T9294]  ? __pfx_futex_wake_mark+0x10/0x10
[  352.516206][ T9294]  ___sys_sendmsg+0x134/0x1d0
[  352.516246][ T9294]  ? __pfx____sys_sendmsg+0x10/0x10
[  352.516280][ T9294]  ? __lock_acquire+0x622/0x1c90
[  352.516356][ T9294]  __sys_sendmsg+0x16d/0x220
[  352.516392][ T9294]  ? __pfx___sys_sendmsg+0x10/0x10
[  352.516427][ T9294]  ? __x64_sys_futex+0x1e0/0x4c0
[  352.516479][ T9294]  do_syscall_64+0xcd/0x490
[  352.516517][ T9294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.516543][ T9294] RIP: 0033:0x7f8e02f8e929
[  352.516566][ T9294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  352.516590][ T9294] RSP: 002b:00007f8e03ebe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  352.516615][ T9294] RAX: ffffffffffffffda RBX: 00007f8e031b5fa0 RCX: 00007f8e02f8e929
[  352.516632][ T9294] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004
[  352.516647][ T9294] RBP: 00007f8e03010b39 R08: 0000000000000000 R09: 0000000000000000
[  352.516662][ T9294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  352.516677][ T9294] R13: 0000000000000000 R14: 00007f8e031b5fa0 R15: 00007ffeada86fa8
[  352.516710][ T9294]  </TASK>
[  356.209662][ T9342] FAULT_INJECTION: forcing a failure.
[  356.209662][ T9342] name failslab, interval 1, probability 0, space 0, times 0
[  356.232681][ T9342] CPU: 0 UID: 0 PID: 9342 Comm: syz.1.656 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  356.232717][ T9342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  356.232730][ T9342] Call Trace:
[  356.232738][ T9342]  <TASK>
[  356.232747][ T9342]  dump_stack_lvl+0x16c/0x1f0
[  356.232789][ T9342]  should_fail_ex+0x512/0x640
[  356.232823][ T9342]  ? __kmalloc_node_noprof+0xc5/0x500
[  356.232864][ T9342]  should_failslab+0xc2/0x120
[  356.232890][ T9342]  __kmalloc_node_noprof+0xd8/0x500
[  356.232932][ T9342]  ? __up_read+0x1f8/0x750
[  356.232965][ T9342]  ? crypto_alloc_tfmmem.isra.0+0x38/0x110
[  356.232998][ T9342]  ? __pfx_crypto_alg_extsize+0x10/0x10
[  356.233034][ T9342]  crypto_alloc_tfmmem.isra.0+0x38/0x110
[  356.233065][ T9342]  crypto_create_tfm_node+0x85/0x350
[  356.233094][ T9342]  ? __pfx_rsassa_pkcs1_init_tfm+0x10/0x10
[  356.233122][ T9342]  crypto_spawn_tfm2+0x62/0xb0
[  356.233159][ T9342]  rsassa_pkcs1_init_tfm+0x39/0xb0
[  356.233185][ T9342]  crypto_sig_init_tfm+0xba/0xf0
[  356.233217][ T9342]  crypto_create_tfm_node+0x127/0x350
[  356.233250][ T9342]  crypto_alloc_tfm_node+0x102/0x260
[  356.233282][ T9342]  public_key_verify_signature+0x1ca/0x970
[  356.233318][ T9342]  ? __pfx_public_key_verify_signature+0x10/0x10
[  356.233374][ T9342]  ? __pfx_public_key_verify_signature_2+0x10/0x10
[  356.233406][ T9342]  verify_signature+0xdf/0x130
[  356.233434][ T9342]  pkcs7_validate_trust+0x220/0x7e0
[  356.233471][ T9342]  verify_pkcs7_message_sig+0x12c/0x250
[  356.233496][ T9342]  ? __pfx_verify_pkcs7_message_sig+0x10/0x10
[  356.233521][ T9342]  ? kfree+0x2b4/0x4d0
[  356.233551][ T9342]  ? public_key_signature_free+0xda/0x110
[  356.233577][ T9342]  ? pkcs7_parse_message+0x531/0x720
[  356.233613][ T9342]  ? pkcs7_parse_message+0x536/0x720
[  356.233656][ T9342]  verify_pkcs7_signature+0x6d/0xa0
[  356.233685][ T9342]  valid_regdb+0x215/0x590
[  356.233710][ T9342]  ? __pfx___mutex_lock+0x10/0x10
[  356.233758][ T9342]  ? __pfx_valid_regdb+0x10/0x10
[  356.233791][ T9342]  reg_reload_regdb+0x11e/0x460
[  356.233827][ T9342]  ? __pfx_reg_reload_regdb+0x10/0x10
[  356.233866][ T9342]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  356.233901][ T9342]  ? nl80211_pre_doit+0x1b0/0xb10
[  356.233954][ T9342]  genl_family_rcv_msg_doit+0x209/0x2f0
[  356.233988][ T9342]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  356.234016][ T9342]  ? rcu_is_watching+0x12/0xc0
[  356.234054][ T9342]  ? bpf_lsm_capable+0x9/0x10
[  356.234083][ T9342]  ? security_capable+0x7e/0x260
[  356.234129][ T9342]  genl_rcv_msg+0x55c/0x800
[  356.234165][ T9342]  ? __pfx_genl_rcv_msg+0x10/0x10
[  356.234195][ T9342]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  356.234228][ T9342]  ? __pfx_nl80211_reload_regdb+0x10/0x10
[  356.234254][ T9342]  ? __pfx_nl80211_post_doit+0x10/0x10
[  356.234294][ T9342]  ? __lock_acquire+0x622/0x1c90
[  356.234330][ T9342]  netlink_rcv_skb+0x158/0x420
[  356.234356][ T9342]  ? __pfx_genl_rcv_msg+0x10/0x10
[  356.234388][ T9342]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  356.234431][ T9342]  ? netlink_deliver_tap+0x1ae/0xd30
[  356.234454][ T9342]  ? is_vmalloc_addr+0x86/0xa0
[  356.234491][ T9342]  genl_rcv+0x28/0x40
[  356.234517][ T9342]  netlink_unicast+0x53a/0x7f0
[  356.234547][ T9342]  ? __pfx_netlink_unicast+0x10/0x10
[  356.234585][ T9342]  netlink_sendmsg+0x8d1/0xdd0
[  356.234618][ T9342]  ? __pfx_netlink_sendmsg+0x10/0x10
[  356.234659][ T9342]  ____sys_sendmsg+0xa98/0xc70
[  356.234688][ T9342]  ? copy_msghdr_from_user+0x10a/0x160
[  356.234721][ T9342]  ? __pfx_____sys_sendmsg+0x10/0x10
[  356.234758][ T9342]  ? __pfx_futex_wake_mark+0x10/0x10
[  356.234798][ T9342]  ___sys_sendmsg+0x134/0x1d0
[  356.234836][ T9342]  ? __pfx____sys_sendmsg+0x10/0x10
[  356.234868][ T9342]  ? __lock_acquire+0x622/0x1c90
[  356.234952][ T9342]  __sys_sendmsg+0x16d/0x220
[  356.234991][ T9342]  ? __pfx___sys_sendmsg+0x10/0x10
[  356.235027][ T9342]  ? __x64_sys_futex+0x1e0/0x4c0
[  356.235082][ T9342]  do_syscall_64+0xcd/0x490
[  356.235122][ T9342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.235148][ T9342] RIP: 0033:0x7f7f0018e929
[  356.235176][ T9342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  356.235206][ T9342] RSP: 002b:00007f7f00f34038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  356.235231][ T9342] RAX: ffffffffffffffda RBX: 00007f7f003b5fa0 RCX: 00007f7f0018e929
[  356.235249][ T9342] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004
[  356.235264][ T9342] RBP: 00007f7f00210b39 R08: 0000000000000000 R09: 0000000000000000
[  356.235280][ T9342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  356.235295][ T9342] R13: 0000000000000000 R14: 00007f7f003b5fa0 R15: 00007ffcc561f9d8
[  356.235335][ T9342]  </TASK>
[  357.291047][ T9351] FAULT_INJECTION: forcing a failure.
[  357.291047][ T9351] name failslab, interval 1, probability 0, space 0, times 0
[  357.323697][ T9351] CPU: 0 UID: 0 PID: 9351 Comm: syz.3.649 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  357.323731][ T9351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  357.323746][ T9351] Call Trace:
[  357.323754][ T9351]  <TASK>
[  357.323763][ T9351]  dump_stack_lvl+0x16c/0x1f0
[  357.323803][ T9351]  should_fail_ex+0x512/0x640
[  357.323834][ T9351]  ? __kmalloc_noprof+0xbf/0x510
[  357.323870][ T9351]  ? ovs_vport_alloc+0x30/0x3d0
[  357.323899][ T9351]  should_failslab+0xc2/0x120
[  357.323924][ T9351]  __kmalloc_noprof+0xd2/0x510
[  357.323958][ T9351]  ? ovs_dp_cmd_new+0x5d9/0xe60
[  357.323995][ T9351]  ovs_vport_alloc+0x30/0x3d0
[  357.324023][ T9351]  internal_dev_create+0x25/0x520
[  357.324049][ T9351]  ovs_vport_add+0x144/0x4d0
[  357.324083][ T9351]  new_vport+0x16/0x1d0
[  357.324112][ T9351]  ovs_dp_cmd_new+0x6ba/0xe60
[  357.324154][ T9351]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[  357.324192][ T9351]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  357.324224][ T9351]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  357.324265][ T9351]  genl_family_rcv_msg_doit+0x209/0x2f0
[  357.324299][ T9351]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  357.324331][ T9351]  ? trace_cap_capable+0x18d/0x200
[  357.324363][ T9351]  ? bpf_lsm_capable+0x9/0x10
[  357.324392][ T9351]  ? security_capable+0x7e/0x260
[  357.324430][ T9351]  ? ns_capable+0xd7/0x110
[  357.324458][ T9351]  genl_rcv_msg+0x55c/0x800
[  357.324503][ T9351]  ? __pfx_genl_rcv_msg+0x10/0x10
[  357.324536][ T9351]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[  357.324585][ T9351]  netlink_rcv_skb+0x158/0x420
[  357.324612][ T9351]  ? __pfx_genl_rcv_msg+0x10/0x10
[  357.324644][ T9351]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  357.324685][ T9351]  ? netlink_deliver_tap+0x1ae/0xd30
[  357.324716][ T9351]  genl_rcv+0x28/0x40
[  357.324739][ T9351]  netlink_unicast+0x53a/0x7f0
[  357.324770][ T9351]  ? __pfx_netlink_unicast+0x10/0x10
[  357.324806][ T9351]  netlink_sendmsg+0x8d1/0xdd0
[  357.324839][ T9351]  ? __pfx_netlink_sendmsg+0x10/0x10
[  357.324881][ T9351]  ____sys_sendmsg+0xa98/0xc70
[  357.324911][ T9351]  ? copy_msghdr_from_user+0x10a/0x160
[  357.324946][ T9351]  ? __pfx_____sys_sendmsg+0x10/0x10
[  357.324971][ T9351]  ? preempt_schedule_thunk+0x16/0x30
[  357.325008][ T9351]  ? try_to_wake_up+0xa2f/0x1680
[  357.325039][ T9351]  ___sys_sendmsg+0x134/0x1d0
[  357.325076][ T9351]  ? __pfx____sys_sendmsg+0x10/0x10
[  357.325108][ T9351]  ? __lock_acquire+0x622/0x1c90
[  357.325193][ T9351]  __sys_sendmsg+0x16d/0x220
[  357.325232][ T9351]  ? __pfx___sys_sendmsg+0x10/0x10
[  357.325267][ T9351]  ? __x64_sys_futex+0x1e0/0x4c0
[  357.325321][ T9351]  do_syscall_64+0xcd/0x490
[  357.325359][ T9351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.325385][ T9351] RIP: 0033:0x7f264598e929
[  357.325406][ T9351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  357.325430][ T9351] RSP: 002b:00007f2646879038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  357.325453][ T9351] RAX: ffffffffffffffda RBX: 00007f2645bb5fa0 RCX: 00007f264598e929
[  357.325471][ T9351] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000008
[  357.325494][ T9351] RBP: 00007f2645a10b39 R08: 0000000000000000 R09: 0000000000000000
[  357.325509][ T9351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  357.325524][ T9351] R13: 0000000000000000 R14: 00007f2645bb5fa0 R15: 00007ffceeed68c8
[  357.325560][ T9351]  </TASK>
[  361.058602][ T5151] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  369.355019][ T9471] FAULT_INJECTION: forcing a failure.
[  369.355019][ T9471] name failslab, interval 1, probability 0, space 0, times 0
[  369.369855][ T9471] CPU: 0 UID: 0 PID: 9471 Comm: syz.2.677 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  369.369892][ T9471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  369.369908][ T9471] Call Trace:
[  369.369916][ T9471]  <TASK>
[  369.369927][ T9471]  dump_stack_lvl+0x16c/0x1f0
[  369.369969][ T9471]  should_fail_ex+0x512/0x640
[  369.370001][ T9471]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  369.370038][ T9471]  should_failslab+0xc2/0x120
[  369.370062][ T9471]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  369.370097][ T9471]  ? __kernfs_new_node+0xd2/0x8e0
[  369.370134][ T9471]  __kernfs_new_node+0xd2/0x8e0
[  369.370171][ T9471]  ? __pfx___kernfs_new_node+0x10/0x10
[  369.370212][ T9471]  ? find_held_lock+0x2b/0x80
[  369.370238][ T9471]  ? kernfs_root+0xee/0x2a0
[  369.370277][ T9471]  kernfs_new_node+0x13c/0x1e0
[  369.370318][ T9471]  __kernfs_create_file+0x53/0x350
[  369.370349][ T9471]  sysfs_add_file_mode_ns+0x207/0x3c0
[  369.370389][ T9471]  internal_create_group+0x578/0xf30
[  369.370430][ T9471]  ? __pfx_internal_create_group+0x10/0x10
[  369.370469][ T9471]  ? kernfs_create_link+0x1bd/0x240
[  369.370501][ T9471]  internal_create_groups+0x9d/0x150
[  369.370538][ T9471]  device_add+0x6d1/0x1a70
[  369.370567][ T9471]  ? __pfx_device_add+0x10/0x10
[  369.370592][ T9471]  ? lockdep_init_map_type+0x5c/0x280
[  369.370624][ T9471]  ? __init_waitqueue_head+0xca/0x150
[  369.370668][ T9471]  netdev_register_kobject+0x182/0x3a0
[  369.370713][ T9471]  register_netdevice+0x13dc/0x2270
[  369.370746][ T9471]  ? __pfx_register_netdevice+0x10/0x10
[  369.370783][ T9471]  __ip_tunnel_create+0x540/0x6e0
[  369.370813][ T9471]  ? __pfx___ip_tunnel_create+0x10/0x10
[  369.370852][ T9471]  ip_tunnel_init_net+0x22f/0x7d0
[  369.370885][ T9471]  ? __pfx_ip_tunnel_init_net+0x10/0x10
[  369.370917][ T9471]  ? trace_kmalloc+0x2b/0xd0
[  369.370940][ T9471]  ? __kmalloc_noprof+0x242/0x510
[  369.370973][ T9471]  ? lockdep_init_map_type+0x5c/0x280
[  369.371008][ T9471]  ? __pfx_ipgre_tap_init_net+0x10/0x10
[  369.371046][ T9471]  ops_init+0x1df/0x5f0
[  369.371087][ T9471]  setup_net+0x1ff/0x510
[  369.371109][ T9471]  ? lockdep_init_map_type+0x5c/0x280
[  369.371141][ T9471]  ? __pfx_setup_net+0x10/0x10
[  369.371168][ T9471]  ? debug_mutex_init+0x37/0x70
[  369.371196][ T9471]  copy_net_ns+0x2a6/0x5f0
[  369.371226][ T9471]  create_new_namespaces+0x3ea/0xa90
[  369.371262][ T9471]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  369.371293][ T9471]  ksys_unshare+0x45b/0xa40
[  369.371322][ T9471]  ? __pfx_ksys_unshare+0x10/0x10
[  369.371368][ T9471]  __x64_sys_unshare+0x31/0x40
[  369.371397][ T9471]  do_syscall_64+0xcd/0x490
[  369.371438][ T9471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.371464][ T9471] RIP: 0033:0x7f8e02f8e929
[  369.371486][ T9471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  369.371511][ T9471] RSP: 002b:00007f8e03ebe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  369.371536][ T9471] RAX: ffffffffffffffda RBX: 00007f8e031b5fa0 RCX: 00007f8e02f8e929
[  369.371553][ T9471] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  369.371569][ T9471] RBP: 00007f8e03010b39 R08: 0000000000000000 R09: 0000000000000000
[  369.371585][ T9471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  369.371600][ T9471] R13: 0000000000000000 R14: 00007f8e031b5fa0 R15: 00007ffeada86fa8
[  369.371635][ T9471]  </TASK>
[  371.886002][ T5151] Bluetooth: hci1: SCO packet for unknown connection handle 0
[  372.557835][ T9511] Invalid ELF header magic: != ELF
[  374.579797][ T5151] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  375.552483][ T9554] netlink: 8 bytes leftover after parsing attributes in process `syz.1.685'.
[  378.524281][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  378.530601][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  379.406491][   T30] audit: type=1800 audit(6045756153.125:11): pid=9610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.701" name="dbroot" dev="configfs" ino=75558 res=0 errno=0
[  380.310277][ T9613] Invalid ELF header magic: != ELF
[  383.353971][ T9669] ptrace attach of "./syz-executor exec"[5840] was attempted by "./syz-executor exec"[9669]
[  386.509345][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  386.518099][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  386.532402][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  386.538922][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  386.552073][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  386.558534][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  386.566412][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  386.572688][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  388.159607][ T9712] Invalid ELF header magic: != ELF
[  388.245350][ T9711] random: crng reseeded on system resumption
[  390.011408][ T9736] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  392.213001][   T30] audit: type=1800 audit(6045756173.927:12): pid=9766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.720" name="dbroot" dev="configfs" ino=80282 res=0 errno=0
[  396.332710][ T9813] Invalid ELF header magic: != ELF
[  400.332023][ T9861] netlink: 28 bytes leftover after parsing attributes in process `syz.2.738'.
[  400.582133][ T9861] bond0: (slave bond_slave_0): Releasing backup interface
[  403.730945][ T9875] FAULT_INJECTION: forcing a failure.
[  403.730945][ T9875] name failslab, interval 1, probability 0, space 0, times 0
[  403.769735][ T9875] CPU: 0 UID: 0 PID: 9875 Comm: syz.1.741 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  403.769775][ T9875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  403.769791][ T9875] Call Trace:
[  403.769801][ T9875]  <TASK>
[  403.769812][ T9875]  dump_stack_lvl+0x16c/0x1f0
[  403.769855][ T9875]  should_fail_ex+0x512/0x640
[  403.769889][ T9875]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  403.769929][ T9875]  should_failslab+0xc2/0x120
[  403.769952][ T9875]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  403.769988][ T9875]  ? __kernfs_new_node+0xd2/0x8e0
[  403.770025][ T9875]  __kernfs_new_node+0xd2/0x8e0
[  403.770062][ T9875]  ? __pfx___kernfs_new_node+0x10/0x10
[  403.770102][ T9875]  ? find_held_lock+0x2b/0x80
[  403.770127][ T9875]  ? kernfs_root+0xee/0x2a0
[  403.770164][ T9875]  kernfs_new_node+0x13c/0x1e0
[  403.770204][ T9875]  __kernfs_create_file+0x53/0x350
[  403.770234][ T9875]  sysfs_add_file_mode_ns+0x207/0x3c0
[  403.770278][ T9875]  internal_create_group+0x578/0xf30
[  403.770321][ T9875]  ? __pfx_internal_create_group+0x10/0x10
[  403.770360][ T9875]  ? kernfs_create_link+0x1bd/0x240
[  403.770391][ T9875]  internal_create_groups+0x9d/0x150
[  403.770428][ T9875]  device_add+0xf30/0x1a70
[  403.770467][ T9875]  ? __pfx_device_add+0x10/0x10
[  403.770493][ T9875]  ? lockdep_init_map_type+0x5c/0x280
[  403.770528][ T9875]  ? __init_waitqueue_head+0xca/0x150
[  403.770574][ T9875]  netdev_register_kobject+0x182/0x3a0
[  403.770606][ T9875]  register_netdevice+0x13dc/0x2270
[  403.770639][ T9875]  ? __pfx_register_netdevice+0x10/0x10
[  403.770674][ T9875]  __ip_tunnel_create+0x540/0x6e0
[  403.770705][ T9875]  ? __pfx___ip_tunnel_create+0x10/0x10
[  403.770741][ T9875]  ip_tunnel_init_net+0x22f/0x7d0
[  403.770772][ T9875]  ? __pfx_ip_tunnel_init_net+0x10/0x10
[  403.770807][ T9875]  ? trace_kmalloc+0x2b/0xd0
[  403.770831][ T9875]  ? __kmalloc_noprof+0x242/0x510
[  403.770864][ T9875]  ? lockdep_init_map_type+0x5c/0x280
[  403.770900][ T9875]  ? __pfx_ipgre_tap_init_net+0x10/0x10
[  403.770938][ T9875]  ops_init+0x1df/0x5f0
[  403.770978][ T9875]  setup_net+0x1ff/0x510
[  403.770998][ T9875]  ? lockdep_init_map_type+0x5c/0x280
[  403.771030][ T9875]  ? __pfx_setup_net+0x10/0x10
[  403.771055][ T9875]  ? debug_mutex_init+0x37/0x70
[  403.771082][ T9875]  copy_net_ns+0x2a6/0x5f0
[  403.771112][ T9875]  create_new_namespaces+0x3ea/0xa90
[  403.771148][ T9875]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  403.771178][ T9875]  ksys_unshare+0x45b/0xa40
[  403.771209][ T9875]  ? __pfx_ksys_unshare+0x10/0x10
[  403.771240][ T9875]  ? xfd_validate_state+0x61/0x180
[  403.771281][ T9875]  __x64_sys_unshare+0x31/0x40
[  403.771312][ T9875]  do_syscall_64+0xcd/0x490
[  403.771350][ T9875]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.771376][ T9875] RIP: 0033:0x7f7f0018e929
[  403.771397][ T9875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  403.771422][ T9875] RSP: 002b:00007f7f00f34038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  403.771447][ T9875] RAX: ffffffffffffffda RBX: 00007f7f003b5fa0 RCX: 00007f7f0018e929
[  403.771471][ T9875] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  403.771487][ T9875] RBP: 00007f7f00210b39 R08: 0000000000000000 R09: 0000000000000000
[  403.771503][ T9875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  403.771519][ T9875] R13: 0000000000000000 R14: 00007f7f003b5fa0 R15: 00007ffcc561f9d8
[  403.771554][ T9875]  </TASK>
[  404.903922][ T5151] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  404.911404][ T5151] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  405.905281][ T9904] netlink: 4 bytes leftover after parsing attributes in process `syz.0.754'.
[  405.957189][ T9913] netlink: 354 bytes leftover after parsing attributes in process `syz.0.754'.
[  408.605162][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  408.633697][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  408.643357][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  408.651979][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  408.664393][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  408.676036][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  408.692041][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  408.703736][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  410.504027][ T9936] ptrace attach of "./syz-executor exec"[5833] was attempted by "./syz-executor exec"[9936]
[  411.614306][ T9966] netlink: 'syz.1.758': attribute type 2 has an invalid length.
[  412.817229][ T9985] [U]  
[  412.820275][ T9985] [U] 
[  412.822973][ T9985] [U] 
[  412.825667][ T9985] [U] 
[  412.930476][ T9985] [U] 
[  412.933264][ T9985] [U] 
[  412.935979][ T9985] [U] 
[  412.938678][ T9985] [U] 
[  413.051012][ T9985] [U] 
[  413.053793][ T9985] [U] 
[  413.056522][ T9985] [U] 
[  413.059258][ T9985] [U] 
[  413.062935][ T9985] [U] 
[  413.065672][ T9985] [U] 
[  413.068401][ T9985] [U] 
[  413.071126][ T9985] [U] 
[  413.115254][ T9985] [U] 
[  413.118079][ T9985] [U] 
[  413.120783][ T9985] [U] 
[  413.123483][ T9985] [U] 
[  413.371845][ T9985] [U] 
[  413.374597][ T9985] [U] 
[  413.377298][ T9985] [U] 
[  413.379972][ T9985] [U] 
[  413.395473][ T9985] [U] 
[  416.121851][T10021] netlink: 4 bytes leftover after parsing attributes in process `syz.1.767'.
[  416.233661][T10021] netlink: 354 bytes leftover after parsing attributes in process `syz.1.767'.
[  417.333264][T10044] Invalid ELF header magic: != ELF
[  417.911804][T10036] ptrace attach of "./syz-executor exec"[5836] was attempted by "./syz-executor exec"[10036]
[  418.334854][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  418.342097][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  418.366236][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  418.373966][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  418.413995][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  418.420623][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  418.436763][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  418.443664][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  418.728037][T10061] netlink: 342 bytes leftover after parsing attributes in process `syz.1.784'.
[  418.964035][T10061] netlink: 98 bytes leftover after parsing attributes in process `syz.1.784'.
[  422.372564][   T30] audit: type=1800 audit(6045756212.089:13): pid=10094 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.780" name="dbroot" dev="configfs" ino=88613 res=0 errno=0
[  425.636802][T10121] ptrace attach of "./syz-executor exec"[5828] was attempted by "./syz-executor exec"[10121]
[  425.913113][T10137] hub 8-0:1.0: USB hub found
[  425.926079][T10137] hub 8-0:1.0: 1 port detected
[  426.016045][T10140] WARNING! power/level is deprecated; use power/control instead
[  428.507934][T10156] Invalid ELF header magic: != ELF
[  429.177135][T10176] netlink: 342 bytes leftover after parsing attributes in process `syz.1.797'.
[  429.196290][T10176] netlink: 98 bytes leftover after parsing attributes in process `syz.1.797'.
[  430.288854][ T5839] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  431.944186][   T30] audit: type=1804 audit(6045756221.669:14): pid=10217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.805" name="/newroot/203/file0" dev="tmpfs" ino=1095 res=1 errno=0
[  432.026249][   T30] audit: type=1800 audit(6045756221.669:15): pid=10217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.805" name="file0" dev="tmpfs" ino=1095 res=0 errno=0
[  432.261907][T10198] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  432.307241][T10198] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  432.417892][T10198] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  432.444326][T10198] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  432.582972][T10198] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  432.594136][T10198] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  432.678129][T10198] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  433.553833][ T5151] Bluetooth: hci0: command 0x0c1a tx timeout
[  434.433631][ T5151] Bluetooth: hci1: command 0x0c1a tx timeout
[  434.593704][ T5151] Bluetooth: hci2: command 0x0c1a tx timeout
[  434.706826][T10240] netlink: 354 bytes leftover after parsing attributes in process `syz.3.819'.
[  434.756884][ T5151] Bluetooth: hci3: command 0x0c1a tx timeout
[  434.955925][   T30] audit: type=1800 audit(6045756232.672:16): pid=10245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.810" name="dbroot" dev="configfs" ino=91012 res=0 errno=0
[  435.644810][ T5151] Bluetooth: hci0: command 0x0c1a tx timeout
[  436.599001][ T5151] Bluetooth: hci1: command 0x0c1a tx timeout
[  436.673650][ T5151] Bluetooth: hci2: command 0x0c1a tx timeout
[  437.166868][T10264] Invalid ELF header magic: != ELF
[  439.958792][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  439.965319][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  440.283343][T10303] zswap: compressor  not available
[  440.744181][T10320] syz.3.820 (10320): attempted to duplicate a private mapping with mremap.  This is not supported.
[  443.307884][T10343] GUP no longer grows the stack in syz.1.833 (10343): 14000-401000 (4000)
[  443.353840][T10343] CPU: 0 UID: 0 PID: 10343 Comm: syz.1.833 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  443.353880][T10343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  443.353895][T10343] Call Trace:
[  443.353904][T10343]  <TASK>
[  443.353913][T10343]  dump_stack_lvl+0x16c/0x1f0
[  443.353955][T10343]  gup_vma_lookup+0x1d2/0x220
[  443.353985][T10343]  __get_user_pages+0x271/0x3b80
[  443.354025][T10343]  ? process_vm_rw_core.constprop.0+0x1d8/0x9a0
[  443.354062][T10343]  ? kasan_save_stack+0x42/0x60
[  443.354096][T10343]  ? __pfx___get_user_pages+0x10/0x10
[  443.354124][T10343]  ? register_lock_class+0x41/0x4c0
[  443.354155][T10343]  ? __x64_sys_process_vm_readv+0xe2/0x1c0
[  443.354192][T10343]  ? do_syscall_64+0xcd/0x490
[  443.354233][T10343]  __gup_longterm_locked+0x20d/0x1840
[  443.354261][T10343]  ? __lock_acquire+0xb8a/0x1c90
[  443.354295][T10343]  ? __pfx___gup_longterm_locked+0x10/0x10
[  443.354349][T10343]  pin_user_pages_remote+0xed/0x140
[  443.354383][T10343]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  443.354411][T10343]  ? mm_access+0x22d/0x2e0
[  443.354453][T10343]  process_vm_rw_core.constprop.0+0x41b/0x9a0
[  443.354507][T10343]  ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[  443.354548][T10343]  ? iovec_from_user+0xbb/0x140
[  443.354601][T10343]  ? iovec_from_user+0xbb/0x140
[  443.354641][T10343]  process_vm_rw+0x216/0x2c0
[  443.354681][T10343]  ? __pfx_process_vm_rw+0x10/0x10
[  443.354765][T10343]  ? xfd_validate_state+0x61/0x180
[  443.354795][T10343]  ? __task_pid_nr_ns+0x17c/0x500
[  443.354830][T10343]  __x64_sys_process_vm_readv+0xe2/0x1c0
[  443.354869][T10343]  ? do_syscall_64+0x91/0x490
[  443.354903][T10343]  ? lockdep_hardirqs_on+0x7c/0x110
[  443.354936][T10343]  do_syscall_64+0xcd/0x490
[  443.354973][T10343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  443.354999][T10343] RIP: 0033:0x7f7f0018e929
[  443.355021][T10343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  443.355045][T10343] RSP: 002b:00007f7efdbd3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  443.355070][T10343] RAX: ffffffffffffffda RBX: 00007f7f003b6240 RCX: 00007f7f0018e929
[  443.355087][T10343] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 000000000000038e
[  443.355103][T10343] RBP: 00007f7f00210b39 R08: 0000000000000003 R09: 0000000000000000
[  443.355119][T10343] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000
[  443.355135][T10343] R13: 0000000000000000 R14: 00007f7f003b6240 R15: 00007ffcc561f9d8
[  443.355169][T10343]  </TASK>
[  444.862710][T10345] kafs: addr_prefs: Invalid Command
[  448.427062][T10387] zswap: compressor  not available
[  448.816212][T10394] netlink: 28 bytes leftover after parsing attributes in process `syz.3.836'.
[  449.008349][T10394] bond0: (slave bond_slave_0): Releasing backup interface
[  456.682918][T10460] ptrace attach of "./syz-executor exec"[5840] was attempted by "./syz-executor exec"[10460]
[  460.511003][T10512] netlink: 28 bytes leftover after parsing attributes in process `syz.1.857'.
[  460.704607][T10512] bond0: (slave bond_slave_0): Releasing backup interface
[  465.028661][T10574] FAULT_INJECTION: forcing a failure.
[  465.028661][T10574] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  465.103702][T10574] CPU: 1 UID: 0 PID: 10574 Comm: syz.3.869 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  465.103741][T10574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  465.103756][T10574] Call Trace:
[  465.103765][T10574]  <TASK>
[  465.103775][T10574]  dump_stack_lvl+0x16c/0x1f0
[  465.103816][T10574]  should_fail_ex+0x512/0x640
[  465.103854][T10574]  should_fail_alloc_page+0xe7/0x130
[  465.103879][T10574]  prepare_alloc_pages+0x3c2/0x610
[  465.103915][T10574]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  465.103956][T10574]  ? finish_task_switch.isra.0+0x221/0xc10
[  465.103985][T10574]  ? finish_task_switch.isra.0+0x2fa/0xc10
[  465.104012][T10574]  ? rcu_is_watching+0x12/0xc0
[  465.104037][T10574]  ? trace_sched_exit_tp+0xde/0x130
[  465.104066][T10574]  ? __schedule+0x1181/0x5de0
[  465.104105][T10574]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  465.104164][T10574]  ? __pfx___schedule+0x10/0x10
[  465.104196][T10574]  ? __schedule+0x1181/0x5de0
[  465.104228][T10574]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  465.104269][T10574]  ? policy_nodemask+0xea/0x4e0
[  465.104297][T10574]  alloc_pages_mpol+0x1fb/0x550
[  465.104323][T10574]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  465.104344][T10574]  ? irqentry_exit+0x3b/0x90
[  465.104376][T10574]  ? lockdep_hardirqs_on+0x7c/0x110
[  465.104418][T10574]  alloc_pages_noprof+0x131/0x390
[  465.104443][T10574]  __pmd_alloc+0x3b/0x930
[  465.104475][T10574]  __handle_mm_fault+0xaac/0x5490
[  465.104517][T10574]  ? __pfx___handle_mm_fault+0x10/0x10
[  465.104546][T10574]  ? __pfx_mt_find+0x10/0x10
[  465.104589][T10574]  ? find_vma+0xbf/0x140
[  465.104611][T10574]  ? __pfx_find_vma+0x10/0x10
[  465.104639][T10574]  handle_mm_fault+0x589/0xd10
[  465.104670][T10574]  ? __pkru_allows_pkey+0x41/0xb0
[  465.104704][T10574]  do_user_addr_fault+0x7a6/0x1370
[  465.104738][T10574]  ? rcu_is_watching+0x12/0xc0
[  465.104768][T10574]  exc_page_fault+0x5c/0xb0
[  465.104802][T10574]  asm_exc_page_fault+0x26/0x30
[  465.104826][T10574] RIP: 0010:__put_user_4+0xd/0x20
[  465.104861][T10574] Code: 66 89 01 31 c9 0f 01 ca e9 d0 5a 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90
[  465.104887][T10574] RSP: 0018:ffffc90004b2fe28 EFLAGS: 00050246
[  465.104908][T10574] RAX: 0000000000000006 RBX: 0000000000000000 RCX: 0000000000000000
[  465.104925][T10574] RDX: 0000000000080000 RSI: ffffffff894b42f4 RDI: ffffffff8c1565a0
[  465.104941][T10574] RBP: 1ffff92000965fc9 R08: d5e9e978e57f2557 R09: 0000000000000000
[  465.104958][T10574] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000006
[  465.104973][T10574] R13: 0000000000000007 R14: 0000000000000001 R15: dffffc0000000000
[  465.105000][T10574]  ? __sys_socketpair+0x114/0x5a0
[  465.105036][T10574]  __sys_socketpair+0x120/0x5a0
[  465.105068][T10574]  ? __pfx___sys_socketpair+0x10/0x10
[  465.105118][T10574]  __x64_sys_socketpair+0x96/0x100
[  465.105152][T10574]  do_syscall_64+0xcd/0x490
[  465.105192][T10574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.105217][T10574] RIP: 0033:0x7f264598e929
[  465.105237][T10574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  465.105262][T10574] RSP: 002b:00007f2646879038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  465.105284][T10574] RAX: ffffffffffffffda RBX: 00007f2645bb5fa0 RCX: 00007f264598e929
[  465.105301][T10574] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[  465.105317][T10574] RBP: 00007f2645a10b39 R08: 0000000000000000 R09: 0000000000000000
[  465.105333][T10574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  465.105348][T10574] R13: 0000000000000000 R14: 00007f2645bb5fa0 R15: 00007ffceeed68c8
[  465.105383][T10574]  </TASK>
[  467.536060][T10596] netlink: 28 bytes leftover after parsing attributes in process `syz.0.873'.
[  467.751719][T10596] bond0: (slave bond_slave_0): Releasing backup interface
[  471.457751][T10623] kafs: addr_prefs: Invalid Command
[  475.452887][T10684] FAULT_INJECTION: forcing a failure.
[  475.452887][T10684] name failslab, interval 1, probability 0, space 0, times 0
[  475.502899][T10684] CPU: 1 UID: 0 PID: 10684 Comm: syz.1.891 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  475.502938][T10684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  475.502955][T10684] Call Trace:
[  475.502964][T10684]  <TASK>
[  475.502974][T10684]  dump_stack_lvl+0x16c/0x1f0
[  475.503018][T10684]  should_fail_ex+0x512/0x640
[  475.503052][T10684]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  475.503092][T10684]  should_failslab+0xc2/0x120
[  475.503126][T10684]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  475.503162][T10684]  ? d_instantiate+0x77/0x90
[  475.503183][T10684]  ? alloc_empty_file+0x55/0x1e0
[  475.503214][T10684]  alloc_empty_file+0x55/0x1e0
[  475.503241][T10684]  alloc_file_pseudo+0x13a/0x230
[  475.503269][T10684]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  475.503296][T10684]  ? __pfx_unix_socketpair+0x10/0x10
[  475.503335][T10684]  sock_alloc_file+0x50/0x210
[  475.503359][T10684]  __sys_socketpair+0x31c/0x5a0
[  475.503392][T10684]  ? __pfx___sys_socketpair+0x10/0x10
[  475.503426][T10684]  ? xfd_validate_state+0x61/0x180
[  475.503455][T10684]  ? do_execveat_common.isra.0+0x4c6/0x610
[  475.503494][T10684]  __x64_sys_socketpair+0x96/0x100
[  475.503526][T10684]  ? lockdep_hardirqs_on+0x7c/0x110
[  475.503558][T10684]  do_syscall_64+0xcd/0x490
[  475.503596][T10684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  475.503621][T10684] RIP: 0033:0x7f7f0018e929
[  475.503642][T10684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  475.503669][T10684] RSP: 002b:00007f7f00f34038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  475.503694][T10684] RAX: ffffffffffffffda RBX: 00007f7f003b5fa0 RCX: 00007f7f0018e929
[  475.503711][T10684] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[  475.503728][T10684] RBP: 00007f7f00210b39 R08: 0000000000000000 R09: 0000000000000000
[  475.503743][T10684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  475.503756][T10684] R13: 0000000000000000 R14: 00007f7f003b5fa0 R15: 00007ffcc561f9d8
[  475.503789][T10684]  </TASK>
[  478.671845][T10719] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  479.011379][T10727] ptrace attach of "./syz-executor exec"[5833] was attempted by "./syz-executor exec"[10727]
[  479.603949][T10733] FAULT_INJECTION: forcing a failure.
[  479.603949][T10733] name failslab, interval 1, probability 0, space 0, times 0
[  479.744736][T10733] CPU: 1 UID: 0 PID: 10733 Comm: syz.2.900 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  479.744777][T10733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  479.744792][T10733] Call Trace:
[  479.744801][T10733]  <TASK>
[  479.744810][T10733]  dump_stack_lvl+0x16c/0x1f0
[  479.744854][T10733]  should_fail_ex+0x512/0x640
[  479.744887][T10733]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  479.744929][T10733]  should_failslab+0xc2/0x120
[  479.744953][T10733]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  479.744990][T10733]  ? alloc_inode+0xc3/0x240
[  479.745007][T10733]  alloc_inode+0xc3/0x240
[  479.745022][T10733]  iget_locked+0x2e4/0x830
[  479.745039][T10733]  ? __pfx_iget_locked+0x10/0x10
[  479.745056][T10733]  ? find_held_lock+0x2b/0x80
[  479.745071][T10733]  ? kernfs_root+0xee/0x2a0
[  479.745095][T10733]  kernfs_get_inode+0x48/0x460
[  479.745114][T10733]  kernfs_iop_lookup+0x1a7/0x2d0
[  479.745135][T10733]  ? __pfx_kernfs_iop_lookup+0x10/0x10
[  479.745154][T10733]  lookup_open.isra.0+0x4d7/0x1580
[  479.745177][T10733]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  479.745205][T10733]  ? mnt_get_write_access+0x20c/0x300
[  479.745224][T10733]  path_openat+0x893/0x2cb0
[  479.745250][T10733]  ? __pfx_path_openat+0x10/0x10
[  479.745271][T10733]  ? __lock_acquire+0xb8a/0x1c90
[  479.745292][T10733]  do_filp_open+0x20b/0x470
[  479.745312][T10733]  ? __pfx_do_filp_open+0x10/0x10
[  479.745346][T10733]  ? alloc_fd+0x471/0x7d0
[  479.745370][T10733]  do_sys_openat2+0x11b/0x1d0
[  479.745386][T10733]  ? __pfx_do_sys_openat2+0x10/0x10
[  479.745409][T10733]  __x64_sys_openat+0x174/0x210
[  479.745425][T10733]  ? __pfx___x64_sys_openat+0x10/0x10
[  479.745448][T10733]  do_syscall_64+0xcd/0x490
[  479.745472][T10733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  479.745487][T10733] RIP: 0033:0x7f8e02f8e929
[  479.745500][T10733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  479.745514][T10733] RSP: 002b:00007f8e03e9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  479.745528][T10733] RAX: ffffffffffffffda RBX: 00007f8e031b6080 RCX: 00007f8e02f8e929
[  479.745538][T10733] RDX: 0000000000001182 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  479.745547][T10733] RBP: 00007f8e03010b39 R08: 0000000000000000 R09: 0000000000000000
[  479.745556][T10733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  479.745565][T10733] R13: 0000000000000000 R14: 00007f8e031b6080 R15: 00007ffeada86fa8
[  479.745584][T10733]  </TASK>
[  487.673079][T10809] netlink: 28 bytes leftover after parsing attributes in process `syz.3.916'.
[  487.728797][T10809] team_slave_0: entered allmulticast mode
[  493.480224][T10851] kafs: addr_prefs: Invalid Command
[  494.546806][T10867] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  494.554556][T10867] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  494.562093][T10867] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  494.578791][T10867] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  495.048692][T10894] FAULT_INJECTION: forcing a failure.
[  495.048692][T10894] name failslab, interval 1, probability 0, space 0, times 0
[  495.115971][T10894] CPU: 1 UID: 0 PID: 10894 Comm: syz.2.929 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  495.116011][T10894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  495.116027][T10894] Call Trace:
[  495.116035][T10894]  <TASK>
[  495.116046][T10894]  dump_stack_lvl+0x16c/0x1f0
[  495.116087][T10894]  should_fail_ex+0x512/0x640
[  495.116121][T10894]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  495.116159][T10894]  should_failslab+0xc2/0x120
[  495.116183][T10894]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  495.116217][T10894]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.116244][T10894]  ? fuse_request_alloc+0x22/0x200
[  495.116270][T10894]  fuse_request_alloc+0x22/0x200
[  495.116294][T10894]  fuse_get_req+0x748/0xfd0
[  495.116328][T10894]  ? __pfx_fuse_get_req+0x10/0x10
[  495.116371][T10894]  fuse_simple_background+0x464/0x5f0
[  495.116397][T10894]  ? kasan_save_track+0x14/0x30
[  495.116434][T10894]  cuse_channel_open+0x561/0x7f0
[  495.116466][T10894]  ? __pfx_cuse_channel_open+0x10/0x10
[  495.116500][T10894]  misc_open+0x35d/0x420
[  495.116530][T10894]  ? __pfx_misc_open+0x10/0x10
[  495.116559][T10894]  chrdev_open+0x231/0x6a0
[  495.116595][T10894]  ? __pfx_apparmor_file_open+0x10/0x10
[  495.116626][T10894]  ? __pfx_chrdev_open+0x10/0x10
[  495.116664][T10894]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  495.116706][T10894]  do_dentry_open+0x744/0x1c10
[  495.116740][T10894]  ? __pfx_chrdev_open+0x10/0x10
[  495.116783][T10894]  vfs_open+0x82/0x3f0
[  495.116814][T10894]  path_openat+0x1de4/0x2cb0
[  495.116861][T10894]  ? __pfx_path_openat+0x10/0x10
[  495.116898][T10894]  ? __lock_acquire+0xb8a/0x1c90
[  495.116934][T10894]  do_filp_open+0x20b/0x470
[  495.116973][T10894]  ? __pfx_do_filp_open+0x10/0x10
[  495.117037][T10894]  ? alloc_fd+0x471/0x7d0
[  495.117080][T10894]  do_sys_openat2+0x11b/0x1d0
[  495.117106][T10894]  ? __pfx_do_sys_openat2+0x10/0x10
[  495.117141][T10894]  __x64_sys_openat+0x174/0x210
[  495.117167][T10894]  ? __pfx___x64_sys_openat+0x10/0x10
[  495.117206][T10894]  do_syscall_64+0xcd/0x490
[  495.117245][T10894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.117269][T10894] RIP: 0033:0x7f8e02f8e929
[  495.117291][T10894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  495.117316][T10894] RSP: 002b:00007f8e03e9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  495.117341][T10894] RAX: ffffffffffffffda RBX: 00007f8e031b6080 RCX: 00007f8e02f8e929
[  495.117359][T10894] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  495.117375][T10894] RBP: 00007f8e03010b39 R08: 0000000000000000 R09: 0000000000000000
[  495.117389][T10894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  495.117403][T10894] R13: 0000000000000000 R14: 00007f8e031b6080 R15: 00007ffeada86fa8
[  495.117437][T10894]  </TASK>
[  496.434236][ T5151] Bluetooth: hci0: command 0x0c1a tx timeout
[  496.593675][ T5151] Bluetooth: hci3: command 0x0c1a tx timeout
[  496.599768][ T5151] Bluetooth: hci2: command 0x0c1a tx timeout
[  496.606181][ T5151] Bluetooth: hci1: command 0x0c1a tx timeout
[  497.845236][T10926] netlink: 28 bytes leftover after parsing attributes in process `syz.3.936'.
[  498.121466][T10926] veth1_macvtap: left promiscuous mode
[  501.399252][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  501.406605][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  501.767484][T10977] 
[  505.532009][T11024] can: request_module (can-proto-0) failed.
[  505.564485][T11024] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input25
[  506.567603][T11043] ima: policy update failed
[  506.573289][   T30] audit: type=1802 audit(6045756304.282:17): pid=11043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.958" res=0 errno=0
[  506.575410][T11043] netlink: 25 bytes leftover after parsing attributes in process `syz.3.958'.
[  508.160675][T11066] FAULT_INJECTION: forcing a failure.
[  508.160675][T11066] name failslab, interval 1, probability 0, space 0, times 0
[  508.205174][T11066] CPU: 0 UID: 0 PID: 11066 Comm: syz.3.964 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  508.205199][T11066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  508.205208][T11066] Call Trace:
[  508.205214][T11066]  <TASK>
[  508.205221][T11066]  dump_stack_lvl+0x16c/0x1f0
[  508.205249][T11066]  should_fail_ex+0x512/0x640
[  508.205269][T11066]  ? __kmalloc_noprof+0xbf/0x510
[  508.205292][T11066]  ? lsm_blob_alloc+0x68/0x90
[  508.205313][T11066]  should_failslab+0xc2/0x120
[  508.205327][T11066]  __kmalloc_noprof+0xd2/0x510
[  508.205351][T11066]  lsm_blob_alloc+0x68/0x90
[  508.205372][T11066]  security_sk_alloc+0x30/0x270
[  508.205388][T11066]  sk_prot_alloc+0xfb/0x2a0
[  508.205405][T11066]  sk_alloc+0x36/0xc20
[  508.205425][T11066]  qrtr_create+0x84/0x1d0
[  508.205438][T11066]  __sock_create+0x338/0x8d0
[  508.205459][T11066]  __sys_socket+0x14d/0x260
[  508.205475][T11066]  ? __pfx___sys_socket+0x10/0x10
[  508.205491][T11066]  ? xfd_validate_state+0x61/0x180
[  508.205509][T11066]  ? __task_pid_nr_ns+0x17c/0x500
[  508.205531][T11066]  __x64_sys_socket+0x72/0xb0
[  508.205547][T11066]  ? lockdep_hardirqs_on+0x7c/0x110
[  508.205567][T11066]  do_syscall_64+0xcd/0x490
[  508.205589][T11066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.205604][T11066] RIP: 0033:0x7f264598e929
[  508.205616][T11066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  508.205630][T11066] RSP: 002b:00007f2646879038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  508.205645][T11066] RAX: ffffffffffffffda RBX: 00007f2645bb5fa0 RCX: 00007f264598e929
[  508.205655][T11066] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 000000000000002a
[  508.205663][T11066] RBP: 00007f2645a10b39 R08: 0000000000000000 R09: 0000000000000000
[  508.205671][T11066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  508.205685][T11066] R13: 0000000000000000 R14: 00007f2645bb5fa0 R15: 00007ffceeed68c8
[  508.205703][T11066]  </TASK>
[  513.394451][T11126] ptrace attach of "./syz-executor exec"[5828] was attempted by "./syz-executor exec"[11126]
[  521.100424][T11208] netlink: 28 bytes leftover after parsing attributes in process `syz.1.987'.
[  521.112332][T11208] veth1_macvtap: left promiscuous mode
[  523.751930][   T30] audit: type=1800 audit(6045756321.462:18): pid=11237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.994" name="file0" dev="tmpfs" ino=1374 res=0 errno=0
[  524.543807][T11248] can: request_module (can-proto-0) failed.
[  524.651020][T11252] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input26
[  527.005464][T11274] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1001'.
[  527.134256][T11274] veth1_macvtap: left promiscuous mode
[  532.772202][T11351] FAULT_INJECTION: forcing a failure.
[  532.772202][T11351] name failslab, interval 1, probability 0, space 0, times 0
[  532.785052][T11351] CPU: 0 UID: 0 PID: 11351 Comm: syz.2.1017 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  532.785091][T11351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  532.785106][T11351] Call Trace:
[  532.785116][T11351]  <TASK>
[  532.785127][T11351]  dump_stack_lvl+0x16c/0x1f0
[  532.785170][T11351]  should_fail_ex+0x512/0x640
[  532.785205][T11351]  ? __kmalloc_noprof+0xbf/0x510
[  532.785243][T11351]  ? lsm_blob_alloc+0x68/0x90
[  532.785277][T11351]  should_failslab+0xc2/0x120
[  532.785302][T11351]  __kmalloc_noprof+0xd2/0x510
[  532.785343][T11351]  lsm_blob_alloc+0x68/0x90
[  532.785379][T11351]  security_sk_alloc+0x30/0x270
[  532.785407][T11351]  sk_prot_alloc+0xfb/0x2a0
[  532.785437][T11351]  sk_alloc+0x36/0xc20
[  532.785472][T11351]  qrtr_create+0x84/0x1d0
[  532.785497][T11351]  __sock_create+0x338/0x8d0
[  532.785533][T11351]  __sys_socket+0x14d/0x260
[  532.785562][T11351]  ? __pfx___sys_socket+0x10/0x10
[  532.785591][T11351]  ? xfd_validate_state+0x61/0x180
[  532.785620][T11351]  ? __task_pid_nr_ns+0x17c/0x500
[  532.785659][T11351]  __x64_sys_socket+0x72/0xb0
[  532.785685][T11351]  ? lockdep_hardirqs_on+0x7c/0x110
[  532.785719][T11351]  do_syscall_64+0xcd/0x490
[  532.785756][T11351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.785782][T11351] RIP: 0033:0x7f8e02f8e929
[  532.785803][T11351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  532.785829][T11351] RSP: 002b:00007f8e03ebe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  532.785854][T11351] RAX: ffffffffffffffda RBX: 00007f8e031b5fa0 RCX: 00007f8e02f8e929
[  532.785871][T11351] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 000000000000002a
[  532.785886][T11351] RBP: 00007f8e03010b39 R08: 0000000000000000 R09: 0000000000000000
[  532.785902][T11351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  532.785917][T11351] R13: 0000000000000000 R14: 00007f8e031b5fa0 R15: 00007ffeada86fa8
[  532.785958][T11351]  </TASK>
[  535.408262][T11394] can: request_module (can-proto-0) failed.
[  535.408317][T11399] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input27
[  538.876050][T11427] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  541.684337][T11476] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1040'.
[  543.692710][T11484] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  543.699718][T11484] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  543.722994][T11484] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  543.729630][T11484] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  545.493575][ T5839] Bluetooth: hci0: command 0x0c1a tx timeout
[  545.725885][ T5839] Bluetooth: hci1: command 0x0c1a tx timeout
[  545.794844][ T5839] Bluetooth: hci3: command 0x0c1a tx timeout
[  545.800951][ T5151] Bluetooth: hci2: command 0x0c1a tx timeout
[  556.193267][T11616] kexec: Could not allocate control_code_buffer
[  562.854104][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  562.860476][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  568.265859][T11770] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  568.272103][T11770] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  568.283900][T11770] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  568.290200][T11770] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  568.544567][T11797] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28
[  569.559703][ T5839] Bluetooth: hci0: command 0x0c1a tx timeout
[  570.363675][ T5839] Bluetooth: hci3: command 0x0c1a tx timeout
[  570.367979][ T5151] Bluetooth: hci1: command 0x0c1a tx timeout
[  570.369718][ T5839] Bluetooth: hci2: command 0x0c1a tx timeout
[  577.146953][T11900] netlink: 'syz.1.1125': attribute type 1 has an invalid length.
[  577.183751][T11900] netlink: 33 bytes leftover after parsing attributes in process `syz.1.1125'.
[  580.011644][T11942] snd_virmidi snd_virmidi.0: control 5:9:1:IA��>/�[k<���mgx���<�5��+-C��Y��5:0 is already present
[  582.834007][T11971] ieee80211 .: Failed to add default virtual iface
[  592.894678][T12090] FAULT_INJECTION: forcing a failure.
[  592.894678][T12090] name failslab, interval 1, probability 0, space 0, times 0
[  593.003751][T12090] CPU: 0 UID: 0 PID: 12090 Comm: syz.2.1152 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  593.003792][T12090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  593.003807][T12090] Call Trace:
[  593.003817][T12090]  <TASK>
[  593.003827][T12090]  dump_stack_lvl+0x16c/0x1f0
[  593.003870][T12090]  should_fail_ex+0x512/0x640
[  593.003903][T12090]  ? __kvmalloc_node_noprof+0x124/0x620
[  593.003942][T12090]  should_failslab+0xc2/0x120
[  593.003975][T12090]  __kvmalloc_node_noprof+0x137/0x620
[  593.004011][T12090]  ? __pfx___mutex_lock+0x10/0x10
[  593.004048][T12090]  ? nf_hook_entries_grow+0x22b/0x860
[  593.004092][T12090]  ? nf_hook_entries_grow+0x22b/0x860
[  593.004125][T12090]  nf_hook_entries_grow+0x22b/0x860
[  593.004173][T12090]  __nf_register_net_hook+0x1cd/0x730
[  593.004215][T12090]  nf_register_net_hook+0x109/0x160
[  593.004253][T12090]  nf_register_net_hooks+0x5d/0xd0
[  593.004291][T12090]  ? __pfx_apparmor_nf_register+0x10/0x10
[  593.004328][T12090]  ops_init+0x1df/0x5f0
[  593.004369][T12090]  setup_net+0x1ff/0x510
[  593.004390][T12090]  ? lockdep_init_map_type+0x5c/0x280
[  593.004424][T12090]  ? __pfx_setup_net+0x10/0x10
[  593.004450][T12090]  ? debug_mutex_init+0x37/0x70
[  593.004479][T12090]  copy_net_ns+0x2a6/0x5f0
[  593.004509][T12090]  create_new_namespaces+0x3ea/0xa90
[  593.004546][T12090]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  593.004576][T12090]  ksys_unshare+0x45b/0xa40
[  593.004608][T12090]  ? __pfx_ksys_unshare+0x10/0x10
[  593.004641][T12090]  ? xfd_validate_state+0x61/0x180
[  593.004684][T12090]  __x64_sys_unshare+0x31/0x40
[  593.004723][T12090]  do_syscall_64+0xcd/0x490
[  593.004767][T12090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  593.004794][T12090] RIP: 0033:0x7f8e02f8e929
[  593.004816][T12090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  593.004841][T12090] RSP: 002b:00007f8e03ebe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  593.004866][T12090] RAX: ffffffffffffffda RBX: 00007f8e031b5fa0 RCX: 00007f8e02f8e929
[  593.004884][T12090] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  593.004901][T12090] RBP: 00007f8e03010b39 R08: 0000000000000000 R09: 0000000000000000
[  593.004917][T12090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  593.004933][T12090] R13: 0000000000000000 R14: 00007f8e031b5fa0 R15: 00007ffeada86fa8
[  593.004978][T12090]  </TASK>
[  609.195021][T12306] random: crng reseeded on system resumption
[  612.926036][T12343] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1202'.
[  612.998545][T12343] vcan0: entered promiscuous mode
[  613.560241][T12362] ubi: mtd0 is already attached to ubi0
[  614.847320][T12390] rnbd_client L202: map_device: Unknown parameter or missing value '('
[  615.421159][T12129] Bluetooth: hci0: unexpected event 0x3d length: 726 > 14
[  616.048595][T12416] FAULT_INJECTION: forcing a failure.
[  616.048595][T12416] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  616.103659][T12416] CPU: 1 UID: 0 PID: 12416 Comm: syz.3.1216 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  616.103699][T12416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  616.103713][T12416] Call Trace:
[  616.103722][T12416]  <TASK>
[  616.103732][T12416]  dump_stack_lvl+0x16c/0x1f0
[  616.103772][T12416]  should_fail_ex+0x512/0x640
[  616.103813][T12416]  should_fail_alloc_page+0xe7/0x130
[  616.103841][T12416]  prepare_alloc_pages+0x3c2/0x610
[  616.103878][T12416]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  616.103920][T12416]  ? stack_trace_save+0x8e/0xc0
[  616.103947][T12416]  ? __pfx_stack_trace_save+0x10/0x10
[  616.103976][T12416]  ? stack_depot_save_flags+0x28/0xa40
[  616.104010][T12416]  ? stack_trace_save+0x8e/0xc0
[  616.104041][T12416]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  616.104079][T12416]  ? kasan_save_stack+0x33/0x60
[  616.104109][T12416]  ? __kasan_kmalloc+0xaa/0xb0
[  616.104140][T12416]  ? ring_buffer_read_prepare+0x101/0x320
[  616.104167][T12416]  ? tracing_open+0xbe8/0xf90
[  616.104188][T12416]  ? do_dentry_open+0x744/0x1c10
[  616.104223][T12416]  ? vfs_open+0x82/0x3f0
[  616.104238][T12416]  ? path_openat+0x1de4/0x2cb0
[  616.104257][T12416]  ? do_filp_open+0x20b/0x470
[  616.104291][T12416]  ? ring_buffer_read_prepare+0x171/0x320
[  616.104305][T12416]  __alloc_pages_noprof+0xb/0x1b0
[  616.104326][T12416]  ___kmalloc_large_node+0x84/0x1e0
[  616.104346][T12416]  ? ring_buffer_read_prepare+0x171/0x320
[  616.104361][T12416]  __kmalloc_large_node_noprof+0x1c/0x70
[  616.104379][T12416]  __kmalloc_noprof.cold+0xc/0x61
[  616.104402][T12416]  ? kasan_save_track+0x14/0x30
[  616.104424][T12416]  ring_buffer_read_prepare+0x171/0x320
[  616.104442][T12416]  tracing_open+0xbe8/0xf90
[  616.104461][T12416]  do_dentry_open+0x744/0x1c10
[  616.104482][T12416]  ? __pfx_tracing_open+0x10/0x10
[  616.104501][T12416]  vfs_open+0x82/0x3f0
[  616.104518][T12416]  path_openat+0x1de4/0x2cb0
[  616.104544][T12416]  ? __pfx_path_openat+0x10/0x10
[  616.104565][T12416]  ? __lock_acquire+0xb8a/0x1c90
[  616.104586][T12416]  do_filp_open+0x20b/0x470
[  616.104606][T12416]  ? __pfx_do_filp_open+0x10/0x10
[  616.104639][T12416]  ? alloc_fd+0x471/0x7d0
[  616.104663][T12416]  do_sys_openat2+0x11b/0x1d0
[  616.104679][T12416]  ? __pfx_do_sys_openat2+0x10/0x10
[  616.104701][T12416]  __x64_sys_openat+0x174/0x210
[  616.104717][T12416]  ? __pfx___x64_sys_openat+0x10/0x10
[  616.104741][T12416]  do_syscall_64+0xcd/0x490
[  616.104764][T12416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  616.104778][T12416] RIP: 0033:0x7f264598e929
[  616.104790][T12416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  616.104804][T12416] RSP: 002b:00007f2646858038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  616.104817][T12416] RAX: ffffffffffffffda RBX: 00007f2645bb6080 RCX: 00007f264598e929
[  616.104827][T12416] RDX: 0000000000000002 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  616.104836][T12416] RBP: 00007f2645a10b39 R08: 0000000000000000 R09: 0000000000000000
[  616.104844][T12416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  616.104852][T12416] R13: 0000000000000000 R14: 00007f2645bb6080 R15: 00007ffceeed68c8
[  616.104871][T12416]  </TASK>
[  616.849755][T12425] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1219'.
[  616.904051][T12425] bridge_slave_1: left allmulticast mode
[  616.911573][T12425] bridge0: port 2(bridge_slave_1) entered disabled state
[  616.966938][T12425] bridge_slave_0: left allmulticast mode
[  616.972772][T12425] bridge_slave_0: left promiscuous mode
[  616.989316][T12425] bridge0: port 1(bridge_slave_0) entered disabled state
[  617.217944][T12434] scsi_strcpy_devinfo: vendor string '��/&c��~n]	�|
[  617.217944][T12434] M�' is too long
[  617.237177][T12434] scsi_strcpy_devinfo: model string '�Dd5��K�2b�
[  617.237177][T12434] ���W����� ��' is too long
[  624.291576][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  624.298727][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  624.452786][T12534] FAULT_INJECTION: forcing a failure.
[  624.452786][T12534] name failslab, interval 1, probability 0, space 0, times 0
[  624.473697][T12534] CPU: 0 UID: 0 PID: 12534 Comm: syz.0.1241 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  624.473736][T12534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  624.473746][T12534] Call Trace:
[  624.473752][T12534]  <TASK>
[  624.473759][T12534]  dump_stack_lvl+0x16c/0x1f0
[  624.473786][T12534]  should_fail_ex+0x512/0x640
[  624.473806][T12534]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  624.473828][T12534]  should_failslab+0xc2/0x120
[  624.473843][T12534]  __kmalloc_cache_noprof+0x6a/0x3e0
[  624.473861][T12534]  ? mpi_alloc+0x46/0x230
[  624.473880][T12534]  mpi_alloc+0x46/0x230
[  624.473894][T12534]  ? mpi_free+0x14/0x160
[  624.473909][T12534]  mpi_read_raw_data+0x133/0x4a0
[  624.473927][T12534]  rsa_set_pub_key+0x149/0x270
[  624.473949][T12534]  ? __pfx_rsa_set_pub_key+0x10/0x10
[  624.473978][T12534]  ? __asan_memcpy+0x3c/0x60
[  624.474000][T12534]  rsassa_pkcs1_set_pub_key+0xcb/0x1f0
[  624.474017][T12534]  public_key_verify_signature+0x779/0x970
[  624.474037][T12534]  ? __pfx_public_key_verify_signature+0x10/0x10
[  624.474069][T12534]  x509_check_for_self_signed+0x31a/0x500
[  624.474091][T12534]  x509_cert_parse+0x5f8/0x900
[  624.474107][T12534]  ? kasan_save_stack+0x42/0x60
[  624.474126][T12534]  ? kasan_save_stack+0x33/0x60
[  624.474145][T12534]  ? kasan_save_track+0x14/0x30
[  624.474170][T12534]  pkcs7_extract_cert+0xa4/0x320
[  624.474192][T12534]  asn1_ber_decoder+0xc5f/0x1df0
[  624.474222][T12534]  ? __pfx_asn1_ber_decoder+0x10/0x10
[  624.474258][T12534]  pkcs7_parse_message+0x288/0x720
[  624.474280][T12534]  verify_pkcs7_signature+0x30/0xa0
[  624.474298][T12534]  valid_regdb+0x215/0x590
[  624.474313][T12534]  ? __pfx___mutex_lock+0x10/0x10
[  624.474335][T12534]  ? __pfx_valid_regdb+0x10/0x10
[  624.474354][T12534]  reg_reload_regdb+0x11e/0x460
[  624.474371][T12534]  ? __pfx_reg_reload_regdb+0x10/0x10
[  624.474390][T12534]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  624.474410][T12534]  ? nl80211_pre_doit+0x1b0/0xb10
[  624.474433][T12534]  genl_family_rcv_msg_doit+0x209/0x2f0
[  624.474453][T12534]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  624.474469][T12534]  ? rcu_is_watching+0x12/0xc0
[  624.474490][T12534]  ? bpf_lsm_capable+0x9/0x10
[  624.474507][T12534]  ? security_capable+0x7e/0x260
[  624.474534][T12534]  genl_rcv_msg+0x55c/0x800
[  624.474553][T12534]  ? __pfx_genl_rcv_msg+0x10/0x10
[  624.474570][T12534]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  624.474590][T12534]  ? __pfx_nl80211_reload_regdb+0x10/0x10
[  624.474604][T12534]  ? __pfx_nl80211_post_doit+0x10/0x10
[  624.474631][T12534]  netlink_rcv_skb+0x158/0x420
[  624.474646][T12534]  ? __pfx_genl_rcv_msg+0x10/0x10
[  624.474664][T12534]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  624.474695][T12534]  ? netlink_deliver_tap+0x1ae/0xd30
[  624.474712][T12534]  genl_rcv+0x28/0x40
[  624.474728][T12534]  netlink_unicast+0x53a/0x7f0
[  624.474745][T12534]  ? __pfx_netlink_unicast+0x10/0x10
[  624.474767][T12534]  netlink_sendmsg+0x8d1/0xdd0
[  624.474785][T12534]  ? __pfx_netlink_sendmsg+0x10/0x10
[  624.474807][T12534]  ____sys_sendmsg+0xa98/0xc70
[  624.474824][T12534]  ? copy_msghdr_from_user+0x10a/0x160
[  624.474845][T12534]  ? __pfx_____sys_sendmsg+0x10/0x10
[  624.474865][T12534]  ? __pfx_futex_wake_mark+0x10/0x10
[  624.474888][T12534]  ___sys_sendmsg+0x134/0x1d0
[  624.474910][T12534]  ? __pfx____sys_sendmsg+0x10/0x10
[  624.474929][T12534]  ? __lock_acquire+0x622/0x1c90
[  624.474970][T12534]  __sys_sendmsg+0x16d/0x220
[  624.474992][T12534]  ? __pfx___sys_sendmsg+0x10/0x10
[  624.475012][T12534]  ? __x64_sys_futex+0x1e0/0x4c0
[  624.475040][T12534]  do_syscall_64+0xcd/0x490
[  624.475064][T12534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  624.475079][T12534] RIP: 0033:0x7f03d5d8e929
[  624.475091][T12534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  624.475106][T12534] RSP: 002b:00007f03d6b6c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  624.475120][T12534] RAX: ffffffffffffffda RBX: 00007f03d5fb5fa0 RCX: 00007f03d5d8e929
[  624.475129][T12534] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000007
[  624.475138][T12534] RBP: 00007f03d5e10b39 R08: 0000000000000000 R09: 0000000000000000
[  624.475147][T12534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  624.475155][T12534] R13: 0000000000000000 R14: 00007f03d5fb5fa0 R15: 00007fffff651cb8
[  624.475174][T12534]  </TASK>
[  626.166212][T12547] Process accounting resumed
[  627.934804][T12583] openvswitch: HfR: Dropping previously announced user features
[  628.290528][T12549] kexec: Could not allocate control_code_buffer
[  629.837137][T12614] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30
[  631.215246][T12632] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  631.237060][T12632] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  631.253748][T12632] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  631.264607][T12632] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  631.272250][T12632] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  631.683918][T12631] chnl_net:caif_netlink_parms(): no params data found
[  632.002650][T12631] bridge0: port 1(bridge_slave_0) entered blocking state
[  632.012588][T12631] bridge0: port 1(bridge_slave_0) entered disabled state
[  632.020758][T12631] bridge_slave_0: entered allmulticast mode
[  632.028599][T12631] bridge_slave_0: entered promiscuous mode
[  632.037224][T12631] bridge0: port 2(bridge_slave_1) entered blocking state
[  632.046314][T12631] bridge0: port 2(bridge_slave_1) entered disabled state
[  632.060737][T12631] bridge_slave_1: entered allmulticast mode
[  632.074505][T12631] bridge_slave_1: entered promiscuous mode
[  632.121613][T12631] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  632.141186][T12631] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  632.186878][T12631] team0: Port device team_slave_0 added
[  632.197290][T12631] team0: Port device team_slave_1 added
[  632.234359][T12631] batman_adv: batadv0: Adding interface: batadv_slave_0
[  632.241612][T12631] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  632.270915][T12631] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  632.293160][T12631] batman_adv: batadv0: Adding interface: batadv_slave_1
[  632.300849][T12631] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  632.342823][T12631] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  632.607379][T12631] hsr_slave_0: entered promiscuous mode
[  632.614651][T12631] hsr_slave_1: entered promiscuous mode
[  633.136791][T12631] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  633.278509][T12631] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  633.314209][T12632] Bluetooth: hci0: command tx timeout
[  633.441399][T12631] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  633.611072][T12631] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  633.951210][T12631] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  634.022298][T12631] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  634.105430][T12631] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  634.124364][T12631] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  634.392762][T12631] 8021q: adding VLAN 0 to HW filter on device bond0
[  634.484740][T12631] 8021q: adding VLAN 0 to HW filter on device team0
[  634.571189][T12143] bridge0: port 1(bridge_slave_0) entered blocking state
[  634.578371][T12143] bridge0: port 1(bridge_slave_0) entered forwarding state
[  634.706920][T12385] bridge0: port 2(bridge_slave_1) entered blocking state
[  634.714075][T12385] bridge0: port 2(bridge_slave_1) entered forwarding state
[  635.385979][T12631] 8021q: adding VLAN 0 to HW filter on device batadv0
[  635.399704][T12632] Bluetooth: hci0: command tx timeout
[  635.525850][T12631] veth0_vlan: entered promiscuous mode
[  635.588713][T12631] veth1_vlan: entered promiscuous mode
[  635.725372][T12631] veth0_macvtap: entered promiscuous mode
[  635.746955][T12631] veth1_macvtap: entered promiscuous mode
[  635.787918][T12631] batman_adv: batadv0: Interface activated: batadv_slave_0
[  635.822468][T12631] batman_adv: batadv0: Interface activated: batadv_slave_1
[  635.845426][T12631] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  635.863914][T12631] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  635.872673][T12631] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  635.881554][T12631] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  636.292764][T12160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  636.312885][T12160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  636.385800][T12124] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  636.396013][T12124] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  636.518222][T12725] input: 00
[  636.518222][T12725]  as /devices/virtual/input/input31
[  636.547037][T12725] FAULT_INJECTION: forcing a failure.
[  636.547037][T12725] name failslab, interval 1, probability 0, space 0, times 0
[  636.566449][T12725] CPU: 0 UID: 0 PID: 12725 Comm: syz.1.1263 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  636.566477][T12725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  636.566487][T12725] Call Trace:
[  636.566492][T12725]  <TASK>
[  636.566499][T12725]  dump_stack_lvl+0x16c/0x1f0
[  636.566526][T12725]  should_fail_ex+0x512/0x640
[  636.566547][T12725]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  636.566571][T12725]  should_failslab+0xc2/0x120
[  636.566585][T12725]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  636.566605][T12725]  ? __asan_memcpy+0x3c/0x60
[  636.566623][T12725]  ? __kernfs_new_node+0xd2/0x8e0
[  636.566646][T12725]  __kernfs_new_node+0xd2/0x8e0
[  636.566667][T12725]  ? __pfx___kernfs_new_node+0x10/0x10
[  636.566691][T12725]  ? find_held_lock+0x2b/0x80
[  636.566706][T12725]  ? kernfs_root+0xee/0x2a0
[  636.566728][T12725]  kernfs_new_node+0x13c/0x1e0
[  636.566753][T12725]  kernfs_create_link+0xcc/0x240
[  636.566777][T12725]  sysfs_do_create_link_sd+0x90/0x140
[  636.566799][T12725]  sysfs_create_link+0x61/0xc0
[  636.566818][T12725]  device_add+0xb14/0x1a70
[  636.566836][T12725]  ? __pfx_device_add+0x10/0x10
[  636.566850][T12725]  ? __pfx_exact_lock+0x10/0x10
[  636.566873][T12725]  ? kobject_get+0xbb/0x150
[  636.566897][T12725]  cdev_device_add+0xc2/0x1e0
[  636.566920][T12725]  evdev_connect+0x3a4/0x4c0
[  636.566942][T12725]  input_attach_handler.isra.0+0x181/0x260
[  636.566964][T12725]  input_register_device+0xa84/0x1130
[  636.566985][T12725]  uinput_ioctl_handler.isra.0+0x1357/0x1df0
[  636.567002][T12725]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  636.567021][T12725]  ? find_held_lock+0x2b/0x80
[  636.567044][T12725]  ? __pfx_uinput_ioctl+0x10/0x10
[  636.567058][T12725]  __x64_sys_ioctl+0x18b/0x210
[  636.567076][T12725]  do_syscall_64+0xcd/0x490
[  636.567099][T12725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  636.567114][T12725] RIP: 0033:0x7f226198e929
[  636.567127][T12725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  636.567140][T12725] RSP: 002b:00007f226283d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  636.567154][T12725] RAX: ffffffffffffffda RBX: 00007f2261bb5fa0 RCX: 00007f226198e929
[  636.567163][T12725] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 000000000000000a
[  636.567172][T12725] RBP: 00007f2261a10b39 R08: 0000000000000000 R09: 0000000000000000
[  636.567181][T12725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  636.567189][T12725] R13: 0000000000000000 R14: 00007f2261bb5fa0 R15: 00007ffcada92bb8
[  636.567208][T12725]  </TASK>
[  636.573252][T12725] input: failed to attach handler evdev to device input31, error: -12
[  637.475337][T12632] Bluetooth: hci0: command tx timeout
[  639.557287][T12632] Bluetooth: hci0: command tx timeout
[  641.538294][T12793] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1290'.
[  645.683388][T12852] FAULT_INJECTION: forcing a failure.
[  645.683388][T12852] name failslab, interval 1, probability 0, space 0, times 0
[  645.698577][T12852] CPU: 0 UID: 0 PID: 12852 Comm: syz.0.1304 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  645.698614][T12852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  645.698630][T12852] Call Trace:
[  645.698639][T12852]  <TASK>
[  645.698648][T12852]  dump_stack_lvl+0x16c/0x1f0
[  645.698692][T12852]  should_fail_ex+0x512/0x640
[  645.698725][T12852]  ? __kmalloc_noprof+0xbf/0x510
[  645.698764][T12852]  ? ptp_open+0x103/0x520
[  645.698789][T12852]  should_failslab+0xc2/0x120
[  645.698833][T12852]  __kmalloc_noprof+0xd2/0x510
[  645.698876][T12852]  ptp_open+0x103/0x520
[  645.698908][T12852]  ? __pfx_ptp_open+0x10/0x10
[  645.698948][T12852]  ? __pfx_ptp_open+0x10/0x10
[  645.698975][T12852]  posix_clock_open+0x17b/0x290
[  645.699002][T12852]  ? __pfx_posix_clock_open+0x10/0x10
[  645.699030][T12852]  chrdev_open+0x231/0x6a0
[  645.699065][T12852]  ? __pfx_apparmor_file_open+0x10/0x10
[  645.699097][T12852]  ? __pfx_chrdev_open+0x10/0x10
[  645.699135][T12852]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  645.699182][T12852]  do_dentry_open+0x744/0x1c10
[  645.699220][T12852]  ? __pfx_chrdev_open+0x10/0x10
[  645.699260][T12852]  vfs_open+0x82/0x3f0
[  645.699291][T12852]  path_openat+0x1de4/0x2cb0
[  645.699338][T12852]  ? __pfx_path_openat+0x10/0x10
[  645.699372][T12852]  ? __lock_acquire+0xb8a/0x1c90
[  645.699405][T12852]  do_filp_open+0x20b/0x470
[  645.699439][T12852]  ? __pfx_do_filp_open+0x10/0x10
[  645.699498][T12852]  ? alloc_fd+0x471/0x7d0
[  645.699538][T12852]  do_sys_openat2+0x11b/0x1d0
[  645.699563][T12852]  ? __pfx_do_sys_openat2+0x10/0x10
[  645.699607][T12852]  __x64_sys_openat+0x174/0x210
[  645.699633][T12852]  ? __pfx___x64_sys_openat+0x10/0x10
[  645.699677][T12852]  do_syscall_64+0xcd/0x490
[  645.699715][T12852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  645.699741][T12852] RIP: 0033:0x7f03d5d8e929
[  645.699763][T12852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  645.699786][T12852] RSP: 002b:00007f03d6b4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  645.699811][T12852] RAX: ffffffffffffffda RBX: 00007f03d5fb6080 RCX: 00007f03d5d8e929
[  645.699828][T12852] RDX: 0000000000000440 RSI: 0000200000000280 RDI: ffffffffffffff9c
[  645.699845][T12852] RBP: 00007f03d5e10b39 R08: 0000000000000000 R09: 0000000000000000
[  645.699860][T12852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  645.699874][T12852] R13: 0000000000000000 R14: 00007f03d5fb6080 R15: 00007fffff651cb8
[  645.699907][T12852]  </TASK>
[  647.149731][T12632] Bluetooth: hci1: unexpected event 0x3d length: 726 > 14
[  648.490883][T12893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1314'.
[  649.092995][T12129] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  649.102805][T12129] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  649.119142][T12129] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  649.129591][T12129] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  649.143997][T12129] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  649.160969][ T5844] udevd[5844]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory
[  649.264762][ T5844] udevd[5844]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory
[  650.075906][T12901] chnl_net:caif_netlink_parms(): no params data found
[  650.240058][T12901] bridge0: port 1(bridge_slave_0) entered blocking state
[  650.249371][T12901] bridge0: port 1(bridge_slave_0) entered disabled state
[  650.258023][T12901] bridge_slave_0: entered allmulticast mode
[  650.266503][T12901] bridge_slave_0: entered promiscuous mode
[  650.276773][T12901] bridge0: port 2(bridge_slave_1) entered blocking state
[  650.285548][T12901] bridge0: port 2(bridge_slave_1) entered disabled state
[  650.292823][T12901] bridge_slave_1: entered allmulticast mode
[  650.308627][T12901] bridge_slave_1: entered promiscuous mode
[  650.481363][T12901] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  650.525971][T12901] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  650.712162][T12901] team0: Port device team_slave_0 added
[  650.737752][T12936] FAULT_INJECTION: forcing a failure.
[  650.737752][T12936] name failslab, interval 1, probability 0, space 0, times 0
[  650.752731][T12901] team0: Port device team_slave_1 added
[  650.759184][T12936] CPU: 1 UID: 0 PID: 12936 Comm: syz.1.1320 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  650.759221][T12936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  650.759236][T12936] Call Trace:
[  650.759243][T12936]  <TASK>
[  650.759252][T12936]  dump_stack_lvl+0x16c/0x1f0
[  650.759295][T12936]  should_fail_ex+0x512/0x640
[  650.759327][T12936]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  650.759370][T12936]  should_failslab+0xc2/0x120
[  650.759396][T12936]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  650.759433][T12936]  ? nlmsg_notify+0xac/0x220
[  650.759456][T12936]  ? nlmsg_notify+0x11e/0x220
[  650.759481][T12936]  ? __devinet_sysctl_register+0xbc/0x360
[  650.759517][T12936]  kmemdup_noprof+0x29/0x60
[  650.759551][T12936]  __devinet_sysctl_register+0xbc/0x360
[  650.759597][T12936]  ? __pfx___devinet_sysctl_register+0x10/0x10
[  650.759632][T12936]  ? devinet_init_net+0xeb/0x910
[  650.759661][T12936]  ? __asan_memcpy+0x3c/0x60
[  650.759695][T12936]  devinet_init_net+0x347/0x910
[  650.759725][T12936]  ? __pfx_devinet_init_net+0x10/0x10
[  650.759753][T12936]  ops_init+0x1df/0x5f0
[  650.759794][T12936]  setup_net+0x1ff/0x510
[  650.759815][T12936]  ? lockdep_init_map_type+0x5c/0x280
[  650.759847][T12936]  ? __pfx_setup_net+0x10/0x10
[  650.759870][T12936]  ? debug_mutex_init+0x37/0x70
[  650.759897][T12936]  copy_net_ns+0x2a6/0x5f0
[  650.759926][T12936]  create_new_namespaces+0x3ea/0xa90
[  650.759962][T12936]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  650.759992][T12936]  ksys_unshare+0x45b/0xa40
[  650.760023][T12936]  ? __pfx_ksys_unshare+0x10/0x10
[  650.760056][T12936]  ? syscall_user_dispatch+0x78/0x140
[  650.760100][T12936]  __x64_sys_unshare+0x31/0x40
[  650.760130][T12936]  do_syscall_64+0xcd/0x490
[  650.760167][T12936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  650.760191][T12936] RIP: 0033:0x7f226198e929
[  650.760213][T12936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  650.760238][T12936] RSP: 002b:00007f226283d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  650.760262][T12936] RAX: ffffffffffffffda RBX: 00007f2261bb5fa0 RCX: 00007f226198e929
[  650.760280][T12936] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  650.760296][T12936] RBP: 00007f2261a10b39 R08: 0000000000000000 R09: 0000000000000000
[  650.760312][T12936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  650.760328][T12936] R13: 0000000000000000 R14: 00007f2261bb5fa0 R15: 00007ffcada92bb8
[  650.760363][T12936]  </TASK>
[  651.241769][T12632] Bluetooth: hci2: command tx timeout
[  651.398279][T12901] batman_adv: batadv0: Adding interface: batadv_slave_0
[  651.414902][T12901] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  651.478381][T12901] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  651.492431][T12901] batman_adv: batadv0: Adding interface: batadv_slave_1
[  651.505284][T12901] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  651.531260][    C0] vkms_vblank_simulate: vblank timer overrun
[  651.537667][T12901] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  651.833108][T12901] hsr_slave_0: entered promiscuous mode
[  651.840687][T12901] hsr_slave_1: entered promiscuous mode
[  651.848056][T12901] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  651.856676][T12901] Cannot create hsr debugfs directory
[  652.054617][T12901] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  652.064549][T12901] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  652.076081][T12901] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  652.086235][T12901] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  652.160024][T12901] 8021q: adding VLAN 0 to HW filter on device bond0
[  652.179801][T12901] 8021q: adding VLAN 0 to HW filter on device team0
[  652.191962][T12160] bridge0: port 1(bridge_slave_0) entered blocking state
[  652.199196][T12160] bridge0: port 1(bridge_slave_0) entered forwarding state
[  652.215630][T12160] bridge0: port 2(bridge_slave_1) entered blocking state
[  652.222753][T12160] bridge0: port 2(bridge_slave_1) entered forwarding state
[  652.267867][T12901] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  652.411193][T12901] 8021q: adding VLAN 0 to HW filter on device batadv0
[  652.619261][T12901] veth0_vlan: entered promiscuous mode
[  652.631402][T12901] veth1_vlan: entered promiscuous mode
[  652.657557][T12901] veth0_macvtap: entered promiscuous mode
[  652.667218][T12901] veth1_macvtap: entered promiscuous mode
[  652.686607][T12901] batman_adv: batadv0: Interface activated: batadv_slave_0
[  652.701406][T12901] batman_adv: batadv0: Interface activated: batadv_slave_1
[  652.713434][T12901] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  652.722580][T12901] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  652.734058][T12901] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  652.742794][T12901] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  652.804092][T12385] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  652.812219][T12385] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  652.844709][T12137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  652.852588][T12137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  653.322739][T12632] Bluetooth: hci2: command tx timeout
[  654.745613][T12993] FAULT_INJECTION: forcing a failure.
[  654.745613][T12993] name failslab, interval 1, probability 0, space 0, times 0
[  654.774496][T12993] CPU: 0 UID: 0 PID: 12993 Comm: syz.4.1325 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  654.774534][T12993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  654.774544][T12993] Call Trace:
[  654.774549][T12993]  <TASK>
[  654.774555][T12993]  dump_stack_lvl+0x16c/0x1f0
[  654.774582][T12993]  should_fail_ex+0x512/0x640
[  654.774603][T12993]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  654.774627][T12993]  should_failslab+0xc2/0x120
[  654.774642][T12993]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  654.774662][T12993]  ? __proc_create+0xc3/0x8c0
[  654.774684][T12993]  ? __proc_create+0x2ce/0x8c0
[  654.774707][T12993]  __proc_create+0x2ce/0x8c0
[  654.774730][T12993]  ? __pfx___proc_create+0x10/0x10
[  654.774755][T12993]  ? _raw_write_unlock+0x28/0x50
[  654.774777][T12993]  proc_create_reg+0x7d/0x180
[  654.774792][T12993]  proc_create_data+0x86/0x110
[  654.774805][T12993]  ? __pfx_proc_create_data+0x10/0x10
[  654.774820][T12993]  ? cache_register_net+0x137/0x5e0
[  654.774838][T12993]  cache_register_net+0x1e0/0x5e0
[  654.774853][T12993]  nfsd_idmap_init+0xb6/0x250
[  654.774873][T12993]  ? __pfx_nfsd_net_init+0x10/0x10
[  654.774888][T12993]  nfsd_net_init+0x69/0x3d0
[  654.774903][T12993]  ? __pfx_nfsd_net_init+0x10/0x10
[  654.774918][T12993]  ops_init+0x1df/0x5f0
[  654.774943][T12993]  setup_net+0x1ff/0x510
[  654.774955][T12993]  ? lockdep_init_map_type+0x5c/0x280
[  654.774974][T12993]  ? __pfx_setup_net+0x10/0x10
[  654.774989][T12993]  ? debug_mutex_init+0x37/0x70
[  654.775008][T12993]  copy_net_ns+0x2a6/0x5f0
[  654.775025][T12993]  create_new_namespaces+0x3ea/0xa90
[  654.775046][T12993]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  654.775064][T12993]  ksys_unshare+0x45b/0xa40
[  654.775083][T12993]  ? __pfx_ksys_unshare+0x10/0x10
[  654.775102][T12993]  ? xfd_validate_state+0x61/0x180
[  654.775126][T12993]  __x64_sys_unshare+0x31/0x40
[  654.775144][T12993]  do_syscall_64+0xcd/0x490
[  654.775167][T12993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  654.775181][T12993] RIP: 0033:0x7f02bfb8e929
[  654.775195][T12993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  654.775208][T12993] RSP: 002b:00007f02c0941038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  654.775229][T12993] RAX: ffffffffffffffda RBX: 00007f02bfdb5fa0 RCX: 00007f02bfb8e929
[  654.775238][T12993] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  654.775247][T12993] RBP: 00007f02bfc10b39 R08: 0000000000000000 R09: 0000000000000000
[  654.775256][T12993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  654.775264][T12993] R13: 0000000000000000 R14: 00007f02bfdb5fa0 R15: 00007ffd090f5398
[  654.775283][T12993]  </TASK>
[  655.401396][T12632] Bluetooth: hci2: command tx timeout
[  655.998741][T13013] ip_vti0: entered allmulticast mode
[  657.474004][T12632] Bluetooth: hci2: command tx timeout
[  657.506221][T13045] FAULT_INJECTION: forcing a failure.
[  657.506221][T13045] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  657.561961][T13045] CPU: 0 UID: 0 PID: 13045 Comm: syz.0.1338 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  657.562001][T13045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  657.562017][T13045] Call Trace:
[  657.562027][T13045]  <TASK>
[  657.562037][T13045]  dump_stack_lvl+0x16c/0x1f0
[  657.562080][T13045]  should_fail_ex+0x512/0x640
[  657.562120][T13045]  should_fail_alloc_page+0xe7/0x130
[  657.562148][T13045]  prepare_alloc_pages+0x3c2/0x610
[  657.562183][T13045]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  657.562221][T13045]  ? copy_splice_read+0x1a8/0xba0
[  657.562250][T13045]  ? stack_trace_save+0x8e/0xc0
[  657.562285][T13045]  ? __pfx_stack_trace_save+0x10/0x10
[  657.562314][T13045]  ? stack_depot_save_flags+0x28/0xa40
[  657.562360][T13045]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  657.562396][T13045]  ? kasan_save_stack+0x33/0x60
[  657.562429][T13045]  ? __kasan_kmalloc+0xaa/0xb0
[  657.562461][T13045]  ? copy_splice_read+0x1a8/0xba0
[  657.562488][T13045]  ? do_splice_read+0x282/0x370
[  657.562515][T13045]  ? splice_direct_to_actor+0x2a1/0xa30
[  657.562549][T13045]  ? do_splice_direct+0x174/0x240
[  657.562577][T13045]  ? do_sendfile+0xb06/0xe50
[  657.562606][T13045]  ? __x64_sys_sendfile64+0x1d8/0x220
[  657.562628][T13045]  ? do_syscall_64+0xcd/0x490
[  657.562688][T13045]  alloc_pages_bulk_noprof+0x71c/0x1410
[  657.562736][T13045]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  657.562780][T13045]  ? trace_kmalloc+0x2b/0xd0
[  657.562804][T13045]  ? __kmalloc_noprof+0x242/0x510
[  657.562847][T13045]  copy_splice_read+0x1e1/0xba0
[  657.562879][T13045]  ? __pfx_pipe_to_null+0x10/0x10
[  657.562920][T13045]  ? __pfx_copy_splice_read+0x10/0x10
[  657.562946][T13045]  ? pipe_unlock+0x4a/0x70
[  657.562982][T13045]  ? __pfx_splice_from_pipe+0x10/0x10
[  657.563022][T13045]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  657.563057][T13045]  ? __pfx_copy_splice_read+0x10/0x10
[  657.563085][T13045]  do_splice_read+0x282/0x370
[  657.563119][T13045]  splice_direct_to_actor+0x2a1/0xa30
[  657.563152][T13045]  ? __pfx_direct_splice_actor+0x10/0x10
[  657.563189][T13045]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  657.563230][T13045]  do_splice_direct+0x174/0x240
[  657.563261][T13045]  ? __pfx_do_splice_direct+0x10/0x10
[  657.563304][T13045]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  657.563336][T13045]  ? bpf_lsm_file_permission+0x9/0x10
[  657.563362][T13045]  ? security_file_permission+0x71/0x210
[  657.563394][T13045]  ? rw_verify_area+0xcf/0x680
[  657.563427][T13045]  do_sendfile+0xb06/0xe50
[  657.563464][T13045]  ? __pfx_do_sendfile+0x10/0x10
[  657.563505][T13045]  ? __x64_sys_futex+0x1e0/0x4c0
[  657.563532][T13045]  ? __x64_sys_futex+0x1e9/0x4c0
[  657.563565][T13045]  __x64_sys_sendfile64+0x1d8/0x220
[  657.563589][T13045]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  657.563620][T13045]  do_syscall_64+0xcd/0x490
[  657.563658][T13045]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  657.563681][T13045] RIP: 0033:0x7f03d5d8e929
[  657.563702][T13045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  657.563725][T13045] RSP: 002b:00007f03d6b6c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  657.563747][T13045] RAX: ffffffffffffffda RBX: 00007f03d5fb5fa0 RCX: 00007f03d5d8e929
[  657.563760][T13045] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000007
[  657.563773][T13045] RBP: 00007f03d5e10b39 R08: 0000000000000000 R09: 0000000000000000
[  657.563786][T13045] R10: 0010000800000003 R11: 0000000000000246 R12: 0000000000000000
[  657.563801][T13045] R13: 0000000000000000 R14: 00007f03d5fb5fa0 R15: 00007fffff651cb8
[  657.563830][T13045]  </TASK>
[  663.640559][T13119] Invalid ELF header magic: != ELF
[  664.351937][T13139] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1356'.
[  664.532198][T13139] hsr_slave_0 (unregistering): left promiscuous mode
[  667.088186][T13181] hub 8-0:1.0: USB hub found
[  667.149749][T13181] hub 8-0:1.0: 1 port detected
[  667.341609][T13190] random: crng reseeded on system resumption
[  668.403369][T13204] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input32
[  668.904076][T13206] netlink: 186 bytes leftover after parsing attributes in process `syz.4.1368'.
[  669.496107][T13216] netlink: 354 bytes leftover after parsing attributes in process `syz.4.1372'.
[  672.468108][T13245] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  676.868844][T13320] Process accounting resumed
[  678.394331][T12129] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  678.404206][T12129] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  678.412220][T12129] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  678.420244][T12129] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  678.428835][T12129] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  679.470878][T13346] chnl_net:caif_netlink_parms(): no params data found
[  679.736114][T13351] kexec: Could not allocate control_code_buffer
[  679.875876][T13346] bridge0: port 1(bridge_slave_0) entered blocking state
[  679.883111][T13346] bridge0: port 1(bridge_slave_0) entered disabled state
[  679.893346][T13346] bridge_slave_0: entered allmulticast mode
[  679.911355][T13346] bridge_slave_0: entered promiscuous mode
[  679.934148][T13346] bridge0: port 2(bridge_slave_1) entered blocking state
[  679.941781][T13346] bridge0: port 2(bridge_slave_1) entered disabled state
[  679.954378][T13346] bridge_slave_1: entered allmulticast mode
[  679.962507][T13346] bridge_slave_1: entered promiscuous mode
[  680.071157][T13346] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  680.112420][T13346] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  680.223730][   T30] audit: type=1800 audit(6045756477.932:19): pid=13376 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1401" name="lu_gp_id" dev="configfs" ino=150621 res=0 errno=0
[  680.328040][T13346] team0: Port device team_slave_0 added
[  680.359083][T13346] team0: Port device team_slave_1 added
[  680.406244][T13376] ALUA LU Group already has a valid ID, ignoring request
[  680.452311][T13346] batman_adv: batadv0: Adding interface: batadv_slave_0
[  680.475059][T13346] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  680.519099][T12129] Bluetooth: hci4: command tx timeout
[  680.543731][T13346] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  680.556724][T13346] batman_adv: batadv0: Adding interface: batadv_slave_1
[  680.563893][T13346] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  680.593273][T13346] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  681.206647][T13346] hsr_slave_0: entered promiscuous mode
[  681.236932][T13346] hsr_slave_1: entered promiscuous mode
[  681.243383][T13346] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  681.273684][T13346] Cannot create hsr debugfs directory
[  681.535963][T13346] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  681.546012][T13346] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  681.559137][T13346] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  681.570147][T13346] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  681.642625][T13346] 8021q: adding VLAN 0 to HW filter on device bond0
[  681.664061][T13346] 8021q: adding VLAN 0 to HW filter on device team0
[  681.677628][T13037] bridge0: port 1(bridge_slave_0) entered blocking state
[  681.684852][T13037] bridge0: port 1(bridge_slave_0) entered forwarding state
[  681.700096][T12132] bridge0: port 2(bridge_slave_1) entered blocking state
[  681.707329][T12132] bridge0: port 2(bridge_slave_1) entered forwarding state
[  681.900113][T13346] 8021q: adding VLAN 0 to HW filter on device batadv0
[  682.100373][T13346] veth0_vlan: entered promiscuous mode
[  682.111534][T13346] veth1_vlan: entered promiscuous mode
[  682.140652][T13346] veth0_macvtap: entered promiscuous mode
[  682.149810][T13346] veth1_macvtap: entered promiscuous mode
[  682.168120][T13346] batman_adv: batadv0: Interface activated: batadv_slave_0
[  682.183664][T13346] batman_adv: batadv0: Interface activated: batadv_slave_1
[  682.195729][T13346] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  682.204550][T13346] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  682.213268][T13346] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  682.222160][T13346] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  682.292089][T12132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  682.303876][T12132] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  682.332045][T12467] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  682.340051][T12467] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  682.595326][T12129] Bluetooth: hci4: command tx timeout
[  683.721451][ T5903] Process accounting resumed
[  684.673699][T12129] Bluetooth: hci4: command tx timeout
[  685.774325][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  685.780843][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  686.188650][T13464] bridge0: port 3(batadv0) entered blocking state
[  686.195977][T13464] bridge0: port 3(batadv0) entered disabled state
[  686.217487][T13464] batadv0: entered allmulticast mode
[  686.241701][T13464] batadv0: entered promiscuous mode
[  686.272656][T13464] bridge0: port 3(batadv0) entered blocking state
[  686.279401][T13464] bridge0: port 3(batadv0) entered forwarding state
[  686.773553][T12129] Bluetooth: hci4: command tx timeout
[  687.766054][T13493] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1420'.
[  689.344196][T13522] random: crng reseeded on system resumption

syzkaller
syzkaller login: [  702.745880][T13754] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1467'.
[  703.210938][T13762] FAULT_INJECTION: forcing a failure.
[  703.210938][T13762] name failslab, interval 1, probability 0, space 0, times 0
[  703.236970][T13762] CPU: 0 UID: 0 PID: 13762 Comm: syz.1.1468 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  703.237014][T13762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  703.237031][T13762] Call Trace:
[  703.237040][T13762]  <TASK>
[  703.237051][T13762]  dump_stack_lvl+0x16c/0x1f0
[  703.237096][T13762]  should_fail_ex+0x512/0x640
[  703.237130][T13762]  ? fs_reclaim_acquire+0xae/0x150
[  703.237163][T13762]  should_failslab+0xc2/0x120
[  703.237189][T13762]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  703.237226][T13762]  ? security_inode_alloc+0x3b/0x2b0
[  703.237260][T13762]  security_inode_alloc+0x3b/0x2b0
[  703.237289][T13762]  inode_init_always_gfp+0xce4/0x1030
[  703.237330][T13762]  alloc_inode+0x86/0x240
[  703.237358][T13762]  new_inode+0x22/0x1c0
[  703.237387][T13762]  bdev_alloc+0x2b/0x420
[  703.237422][T13762]  __alloc_disk_node+0x116/0x630
[  703.237462][T13762]  __blk_mq_alloc_disk+0x89/0x120
[  703.237499][T13762]  nbd_dev_add+0x4a0/0xbc0
[  703.237537][T13762]  ? __pfx_nbd_dev_add+0x10/0x10
[  703.237594][T13762]  ? bpf_lsm_capable+0x9/0x10
[  703.237626][T13762]  ? __radix_tree_lookup+0x21f/0x2c0
[  703.237669][T13762]  nbd_genl_connect+0x8b0/0x1c20
[  703.237713][T13762]  ? __pfx_nbd_genl_connect+0x10/0x10
[  703.237750][T13762]  ? __nla_parse+0x40/0x60
[  703.237779][T13762]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  703.237813][T13762]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  703.237853][T13762]  genl_family_rcv_msg_doit+0x209/0x2f0
[  703.237888][T13762]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  703.237920][T13762]  ? genl_get_cmd+0x194/0x580
[  703.237960][T13762]  ? __radix_tree_lookup+0x21f/0x2c0
[  703.238000][T13762]  genl_rcv_msg+0x55c/0x800
[  703.238043][T13762]  ? __pfx_genl_rcv_msg+0x10/0x10
[  703.238076][T13762]  ? __pfx_nbd_genl_connect+0x10/0x10
[  703.238129][T13762]  netlink_rcv_skb+0x158/0x420
[  703.238158][T13762]  ? __pfx_genl_rcv_msg+0x10/0x10
[  703.238192][T13762]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  703.238236][T13762]  ? netlink_deliver_tap+0x1ae/0xd30
[  703.238268][T13762]  genl_rcv+0x28/0x40
[  703.238294][T13762]  netlink_unicast+0x53a/0x7f0
[  703.238325][T13762]  ? __pfx_netlink_unicast+0x10/0x10
[  703.238364][T13762]  netlink_sendmsg+0x8d1/0xdd0
[  703.238397][T13762]  ? __pfx_netlink_sendmsg+0x10/0x10
[  703.238440][T13762]  ____sys_sendmsg+0xa98/0xc70
[  703.238470][T13762]  ? copy_msghdr_from_user+0x10a/0x160
[  703.238506][T13762]  ? __pfx_____sys_sendmsg+0x10/0x10
[  703.238532][T13762]  ? preempt_schedule_thunk+0x16/0x30
[  703.238570][T13762]  ? try_to_wake_up+0xa2f/0x1680
[  703.238603][T13762]  ___sys_sendmsg+0x134/0x1d0
[  703.238642][T13762]  ? __pfx____sys_sendmsg+0x10/0x10
[  703.238675][T13762]  ? __lock_acquire+0x622/0x1c90
[  703.238753][T13762]  __sys_sendmsg+0x16d/0x220
[  703.238790][T13762]  ? __pfx___sys_sendmsg+0x10/0x10
[  703.238826][T13762]  ? __x64_sys_futex+0x1e0/0x4c0
[  703.238879][T13762]  do_syscall_64+0xcd/0x490
[  703.238919][T13762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  703.238944][T13762] RIP: 0033:0x7f226198e929
[  703.238967][T13762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  703.238991][T13762] RSP: 002b:00007f226281c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  703.239022][T13762] RAX: ffffffffffffffda RBX: 00007f2261bb6080 RCX: 00007f226198e929
[  703.239041][T13762] RDX: 0000000000008880 RSI: 0000200000001e00 RDI: 0000000000000005
[  703.239058][T13762] RBP: 00007f2261a10b39 R08: 0000000000000000 R09: 0000000000000000
[  703.239074][T13762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  703.239090][T13762] R13: 0000000000000000 R14: 00007f2261bb6080 R15: 00007ffcada92bb8
[  703.239127][T13762]  </TASK>
[  703.935980][T13762] nbd: failed to add new device
[  707.178789][T13812] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  708.751869][T13843] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  710.880998][T13879] netlink: 296 bytes leftover after parsing attributes in process `syz.3.1491'.
[  717.776905][T13995] Console: switching to colour VGA+ 80x25
[  717.959696][T13994] Console: switching to colour frame buffer device 128x48
[  719.383988][T14022] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1517'.
[  723.713808][T12632] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  723.724749][T12632] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  723.732654][T12632] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  723.745350][T12632] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  723.773589][T12632] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  724.607137][T14093] chnl_net:caif_netlink_parms(): no params data found
[  724.658349][T14107] random: crng reseeded on system resumption
[  725.031669][T14093] bridge0: port 1(bridge_slave_0) entered blocking state
[  725.051512][T14093] bridge0: port 1(bridge_slave_0) entered disabled state
[  725.080431][T14093] bridge_slave_0: entered allmulticast mode
[  725.092742][T14093] bridge_slave_0: entered promiscuous mode
[  725.104821][T14093] bridge0: port 2(bridge_slave_1) entered blocking state
[  725.116553][T14093] bridge0: port 2(bridge_slave_1) entered disabled state
[  725.137516][T14093] bridge_slave_1: entered allmulticast mode
[  725.168430][T14093] bridge_slave_1: entered promiscuous mode
[  725.313409][T14093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  725.378613][T14093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  725.480098][T14093] team0: Port device team_slave_0 added
[  725.512416][T14093] team0: Port device team_slave_1 added
[  725.678850][T14093] batman_adv: batadv0: Adding interface: batadv_slave_0
[  725.685899][T14093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  725.763793][T14093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  725.877812][T12129] Bluetooth: hci5: command tx timeout
[  725.918016][T14093] batman_adv: batadv0: Adding interface: batadv_slave_1
[  725.943944][T14093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  726.026221][T14093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  726.257037][T14093] hsr_slave_0: entered promiscuous mode
[  726.284956][T14093] hsr_slave_1: entered promiscuous mode
[  726.308398][T14093] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  726.317463][T14093] Cannot create hsr debugfs directory
[  727.012947][T14093] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  727.029110][T14093] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  727.049577][T14093] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  727.083189][T14093] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  727.299098][T14093] 8021q: adding VLAN 0 to HW filter on device bond0
[  727.366569][T14093] 8021q: adding VLAN 0 to HW filter on device team0
[  727.396664][T12467] bridge0: port 1(bridge_slave_0) entered blocking state
[  727.403864][T12467] bridge0: port 1(bridge_slave_0) entered forwarding state
[  727.457372][T12467] bridge0: port 2(bridge_slave_1) entered blocking state
[  727.464599][T12467] bridge0: port 2(bridge_slave_1) entered forwarding state
[  727.532975][T14136] sd 0:0:1:0: PR command failed: 1026
[  727.542454][T14136] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  727.562535][T14136] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  727.954614][T12129] Bluetooth: hci5: command tx timeout
[  728.449113][T14093] 8021q: adding VLAN 0 to HW filter on device batadv0
[  729.424607][T14093] veth0_vlan: entered promiscuous mode
[  729.558008][T14093] veth1_vlan: entered promiscuous mode
[  729.704601][T14093] veth0_macvtap: entered promiscuous mode
[  729.760112][T14093] veth1_macvtap: entered promiscuous mode
[  729.804310][T14093] batman_adv: batadv0: Interface activated: batadv_slave_0
[  729.826627][T14093] batman_adv: batadv0: Interface activated: batadv_slave_1
[  729.933456][T14093] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  730.017306][T14093] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  730.026349][T14093] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  730.034068][T12126] Bluetooth: hci5: command tx timeout
[  730.035391][T14093] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  730.430319][T12160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  730.497985][T12160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  730.593111][T12137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  730.624549][T12137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  731.505908][T14203] .SR: entered promiscuous mode
[  731.893429][T14203] Invalid ELF header magic: != ELF
[  732.114319][T12126] Bluetooth: hci5: command tx timeout
[  732.282616][T14203] could not allocate digest TFM handle 
[  732.373455][T14206] could not allocate digest TFM handle 
[  736.194432][T14282] 
[  738.460639][T14302] kexec: Could not allocate control_code_buffer
[  740.019868][T14355] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  740.204581][T14355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00
[  740.309350][T14355] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  740.588275][T14355] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  740.643679][T14355] page_type: f5(slab)
[  740.690697][T14355] raw: 00fff00000000040 ffff88801ce95780 dead000000000122 0000000000000000
[  740.748535][T14355] raw: 0000000000000000 0000000000150015 00000000f5000000 0000000000000000
[  740.799189][T14355] head: 00fff00000000040 ffff88801ce95780 dead000000000122 0000000000000000
[  740.808049][T14355] head: 0000000000000000 0000000000150015 00000000f5000000 0000000000000000
[  740.823019][T14355] head: 00fff00000000001 ffffea0001ff8001 00000000ffffffff 00000000ffffffff
[  740.832101][T14355] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  740.841663][T14355] page dumped because: unmovable page
[  740.891529][T14355] page_owner tracks the page as allocated
[  740.917406][T14355] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5819, tgid 5819 (syz-executor), ts 80223236713, free_ts 27901630461
[  740.997376][T14355]  post_alloc_hook+0x1c0/0x230
[  741.196322][T14355]  get_page_from_freelist+0x1321/0x3890
[  741.202038][T14355]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  741.509083][T14355]  alloc_pages_mpol+0x1fb/0x550
[  741.537718][T14355]  new_slab+0x23b/0x330
[  741.541967][T14355]  ___slab_alloc+0xd9c/0x1940
[  741.601612][T14355]  __slab_alloc.constprop.0+0x56/0xb0
[  741.756290][T14355]  kmem_cache_alloc_lru_noprof+0xf4/0x3b0
[  741.762112][T14355]  __d_alloc+0x31/0xaa0
[  741.901363][T14355]  d_alloc+0x4a/0x1e0
[  741.906003][T14355]  d_alloc_parallel+0xe3/0x12e0
[  741.910958][T14355]  __lookup_slow+0x193/0x460
[  741.916059][T14355]  walk_component+0x353/0x5b0
[  741.920862][T14355]  path_lookupat+0x142/0x6d0
[  741.927888][T14355]  filename_lookup+0x224/0x5f0
[  741.934380][T14355]  vfs_statx+0x101/0x3e0
[  741.938756][T14355] page last free pid 1 tgid 1 stack trace:
[  741.945147][T14355]  __free_frozen_pages+0x7fe/0x1180
[  741.950473][T14355]  free_contig_range+0x183/0x4b0
[  741.955894][T14355]  destroy_args+0x7f6/0xa60
[  741.960497][T14355]  debug_vm_pgtable+0x13b8/0x2d00
[  742.028310][T14355]  do_one_initcall+0x120/0x6e0
[  742.055293][T14355]  kernel_init_freeable+0x5c2/0x900
[  742.082946][T14355]  kernel_init+0x1c/0x2b0
[  742.105546][T14355]  ret_from_fork+0x5d4/0x6f0
[  742.110336][T14355]  ret_from_fork_asm+0x1a/0x30
[  745.645352][T14425] random: crng reseeded on system resumption
[  746.134439][T14440] random: crng reseeded on system resumption
[  747.174085][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  747.180382][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  747.235735][T14444] Restarting kernel threads ...
[  747.312152][T14444] Done restarting kernel threads.
[  748.676086][T14475] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1598'.
[  748.769330][T14475] bridge_slave_1: left allmulticast mode
[  748.797930][T14475] bridge_slave_1: left promiscuous mode
[  748.820885][T14475] bridge0: port 2(bridge_slave_1) entered disabled state
[  748.907992][T14475] bridge_slave_0: left allmulticast mode
[  748.920306][T14475] bridge_slave_0: left promiscuous mode
[  748.921744][T14480] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1600'.
[  748.935715][T14475] bridge0: port 1(bridge_slave_0) entered disabled state
[  753.536204][T14563] 
[  754.356454][T12632] Bluetooth: hci0: command 0x0406 tx timeout
[  756.113939][   T31] INFO: task kworker/u10:1:12127 blocked for more than 143 seconds.
[  756.122493][   T31]       Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0
[  756.135303][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  756.181223][   T31] task:kworker/u10:1   state:D stack:26952 pid:12127 tgid:12127 ppid:2      task_flags:0x4208060 flags:0x00004000
[  756.194659][   T31] Workqueue: netns cleanup_net
[  756.200669][   T31] Call Trace:
[  756.211073][   T31]  <TASK>
[  756.214189][   T31]  __schedule+0x116a/0x5de0
[  756.218850][   T31]  ? __pfx___schedule+0x10/0x10
[  756.223914][   T31]  ? find_held_lock+0x2b/0x80
[  756.228705][   T31]  ? schedule+0x2d7/0x3a0
[  756.233156][   T31]  schedule+0xe7/0x3a0
[  756.238625][   T31]  schedule_timeout+0x257/0x290
[  756.244787][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  756.250315][   T31]  ? mark_held_locks+0x49/0x80
[  756.255536][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  756.263463][   T31]  __wait_for_common+0x2ff/0x4e0
[  756.268906][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  756.276081][   T31]  ? __pfx___wait_for_common+0x10/0x10
[  756.282740][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  756.290426][   T31]  ? flush_workqueue_prep_pwqs+0x2e9/0x510
[  756.296633][   T31]  __flush_workqueue+0x3e2/0x1230
[  756.312428][   T31]  ? __pfx___flush_workqueue+0x10/0x10
[  756.336682][   T31]  ? reacquire_held_locks+0xcd/0x1f0
[  756.342173][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[  756.348475][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[  756.405861][   T31]  rds_tcp_listen_stop+0x104/0x150
[  756.447264][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[  756.452767][   T31]  rds_tcp_exit_net+0xcb/0x810
[  756.496555][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[  756.519665][   T31]  ? __pfx___might_resched+0x10/0x10
[  756.531333][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[  756.554774][   T31]  ops_undo_list+0x2eb/0xab0
[  756.564007][   T31]  ? __pfx_ops_undo_list+0x10/0x10
[  756.577431][   T31]  ? __local_bh_enable_ip+0xa4/0x120
[  756.589435][   T31]  cleanup_net+0x408/0x890
[  756.599521][   T31]  ? __pfx_cleanup_net+0x10/0x10
[  756.614880][   T31]  ? rcu_is_watching+0x12/0xc0
[  756.663674][   T31]  process_one_work+0x9cc/0x1b70
[  756.669493][   T31]  ? __pfx_process_one_work+0x10/0x10
[  756.677276][   T31]  ? assign_work+0x1a0/0x250
[  756.683602][   T31]  worker_thread+0x6c8/0xf10
[  756.693210][   T31]  ? __pfx_worker_thread+0x10/0x10
[  756.698448][   T31]  kthread+0x3c5/0x780
[  756.702555][   T31]  ? __pfx_kthread+0x10/0x10
[  756.707218][   T31]  ? rcu_is_watching+0x12/0xc0
[  756.712011][   T31]  ? __pfx_kthread+0x10/0x10
[  756.717627][   T31]  ret_from_fork+0x5d4/0x6f0
[  756.722264][   T31]  ? __pfx_kthread+0x10/0x10
[  756.727026][   T31]  ret_from_fork_asm+0x1a/0x30
[  756.731836][   T31]  </TASK>
[  756.735311][   T31] 
[  756.735311][   T31] Showing all locks held in the system:
[  756.743053][   T31] 1 lock held by khungtaskd/31:
[  756.748441][   T31]  #0: ffffffff8e5c47c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[  756.760215][   T31] 1 lock held by udevd/5201:
[  756.765112][   T31] 2 locks held by syz-executor/5819:
[  756.771368][   T31] 3 locks held by kworker/u10:1/12127:
[  756.778817][   T31]  #0: ffff88801c6fe148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  756.789560][   T31]  #1: ffffc900045afd10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  756.799839][   T31]  #2: ffffffff90338250 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890
[  756.809556][   T31] 1 lock held by syz.2.1271/12664:
[  756.815015][   T31]  #0: ffffffff90338250 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0
[  756.824803][   T31] 1 lock held by syz.0.1351/13127:
[  756.829947][   T31]  #0: ffffffff90338250 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0
[  756.840054][   T31] 2 locks held by getty/13580:
[  756.845240][   T31]  #0: ffff8880324af0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  756.855313][   T31]  #1: ffffc9000333b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[  756.890421][   T31] 1 lock held by syz.1.1479/13816:
[  756.914202][   T31]  #0: ffffffff90338250 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0
[  756.955501][   T31] 2 locks held by syz-executor/14073:
[  756.960930][   T31] 2 locks held by syz-executor/14093:
[  756.997279][   T31]  #0: ffffffff8e5cfdb8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0
[  757.024347][   T31]  #1: ffff8880b843a418 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  757.054597][   T31] 
[  757.056972][   T31] =============================================
[  757.056972][   T31] 
[  757.138209][   T31] NMI backtrace for cpu 0
[  757.138230][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  757.138261][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  757.138275][   T31] Call Trace:
[  757.138283][   T31]  <TASK>
[  757.138293][   T31]  dump_stack_lvl+0x116/0x1f0
[  757.138332][   T31]  nmi_cpu_backtrace+0x27b/0x390
[  757.138358][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  757.138390][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  757.138421][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  757.138453][   T31]  watchdog+0xf70/0x12c0
[  757.138492][   T31]  ? __pfx_watchdog+0x10/0x10
[  757.138521][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  757.138556][   T31]  ? __kthread_parkme+0x19e/0x250
[  757.138586][   T31]  ? __pfx_watchdog+0x10/0x10
[  757.138617][   T31]  kthread+0x3c5/0x780
[  757.138649][   T31]  ? __pfx_kthread+0x10/0x10
[  757.138682][   T31]  ? rcu_is_watching+0x12/0xc0
[  757.138705][   T31]  ? __pfx_kthread+0x10/0x10
[  757.138737][   T31]  ret_from_fork+0x5d4/0x6f0
[  757.138766][   T31]  ? __pfx_kthread+0x10/0x10
[  757.138797][   T31]  ret_from_fork_asm+0x1a/0x30
[  757.138838][   T31]  </TASK>
[  757.138847][   T31] Sending NMI from CPU 0 to CPUs 1:
[  757.267595][    C1] NMI backtrace for cpu 1
[  757.267613][    C1] CPU: 1 UID: 0 PID: 55 Comm: kworker/1:2 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  757.267644][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  757.267661][    C1] Workqueue: events drain_vmap_area_work
[  757.267690][    C1] RIP: 0010:lockdep_hardirqs_off+0x42/0xf0
[  757.267727][    C1] Code: 8b 05 42 63 4f 08 a9 00 00 f0 00 74 3a 8b 15 45 d3 5e 0f 85 d2 74 12 65 8b 05 86 a1 4f 08 85 c0 75 43 5b 5d e9 8f f5 02 00 9c <58> f6 c4 02 74 e7 90 e8 b2 f0 58 f9 85 c0 74 0a 8b 05 f8 c1 2b 05
[  757.267750][    C1] RSP: 0018:ffffc9000120f7a0 EFLAGS: 00000046
[  757.267768][    C1] RAX: 0000000000000000 RBX: ffffffff8b7f42e2 RCX: 0000000000000001
[  757.267783][    C1] RDX: 0000000000000000 RSI: ffffffff8de138ae RDI: ffffffff8c1565a0
[  757.267799][    C1] RBP: 0000000000000282 R08: ffffffff9b00b2c0 R09: 0000000000003194
[  757.267814][    C1] R10: 0000000000018ca0 R11: 0000000000000001 R12: dffffc0000000000
[  757.267829][    C1] R13: ffff888084122000 R14: ffffffff9b00b2c0 R15: 0000000000003194
[  757.267845][    C1] FS:  0000000000000000(0000) GS:ffff888124860000(0000) knlGS:0000000000000000
[  757.267867][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  757.267883][    C1] CR2: 00007fbc58ee7d60 CR3: 0000000030e8c000 CR4: 00000000003526f0
[  757.267899][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  757.267913][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  757.267927][    C1] Call Trace:
[  757.267941][    C1]  <TASK>
[  757.267950][    C1]  trace_hardirqs_off+0xd/0x40
[  757.267984][    C1]  _raw_spin_lock_irqsave+0x52/0x60
[  757.268015][    C1]  debug_check_no_obj_freed+0x1c9/0x600
[  757.268047][    C1]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  757.268082][    C1]  __free_frozen_pages+0x34a/0x1180
[  757.268115][    C1]  ? __pfx_kasan_depopulate_vmalloc_pte+0x10/0x10
[  757.268149][    C1]  kasan_depopulate_vmalloc_pte+0x5f/0x80
[  757.268182][    C1]  __apply_to_page_range+0xa8f/0x1350
[  757.268217][    C1]  ? __pfx_kasan_depopulate_vmalloc_pte+0x10/0x10
[  757.268251][    C1]  ? __pfx___apply_to_page_range+0x10/0x10
[  757.268280][    C1]  ? __pfx___schedule+0x10/0x10
[  757.268314][    C1]  kasan_release_vmalloc+0xd1/0xe0
[  757.268345][    C1]  purge_vmap_node+0x1c4/0xa30
[  757.268370][    C1]  ? preempt_schedule_thunk+0x16/0x30
[  757.268399][    C1]  ? preempt_schedule_common+0x44/0xc0
[  757.268431][    C1]  ? __pfx_purge_vmap_node+0x10/0x10
[  757.268453][    C1]  ? preempt_schedule_thunk+0x16/0x30
[  757.268486][    C1]  __purge_vmap_area_lazy+0xa06/0xc60
[  757.268514][    C1]  drain_vmap_area_work+0x27/0x40
[  757.268537][    C1]  process_one_work+0x9cc/0x1b70
[  757.268578][    C1]  ? __pfx_process_one_work+0x10/0x10
[  757.268617][    C1]  ? assign_work+0x1a0/0x250
[  757.268649][    C1]  worker_thread+0x6c8/0xf10
[  757.268687][    C1]  ? __kthread_parkme+0x19e/0x250
[  757.268714][    C1]  ? __pfx_worker_thread+0x10/0x10
[  757.268748][    C1]  kthread+0x3c5/0x780
[  757.268778][    C1]  ? __pfx_kthread+0x10/0x10
[  757.268810][    C1]  ? rcu_is_watching+0x12/0xc0
[  757.268833][    C1]  ? __pfx_kthread+0x10/0x10
[  757.268864][    C1]  ret_from_fork+0x5d4/0x6f0
[  757.268894][    C1]  ? __pfx_kthread+0x10/0x10
[  757.268924][    C1]  ret_from_fork_asm+0x1a/0x30
[  757.268960][    C1]  </TASK>
[  757.589252][    C0] vkms_vblank_simulate: vblank timer overrun
[  757.620536][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  757.627444][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  757.639291][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  757.649376][   T31] Call Trace:
[  757.652669][   T31]  <TASK>
[  757.655615][   T31]  dump_stack_lvl+0x3d/0x1f0
[  757.660251][   T31]  panic+0x71c/0x800
[  757.664186][   T31]  ? __pfx_panic+0x10/0x10
[  757.668629][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  757.674041][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  757.680058][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  757.685467][   T31]  ? watchdog+0xdda/0x12c0
[  757.689911][   T31]  ? watchdog+0xdcd/0x12c0
[  757.694365][   T31]  watchdog+0xdeb/0x12c0
[  757.698644][   T31]  ? __pfx_watchdog+0x10/0x10
[  757.703350][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  757.708578][   T31]  ? __kthread_parkme+0x19e/0x250
[  757.713630][   T31]  ? __pfx_watchdog+0x10/0x10
[  757.718336][   T31]  kthread+0x3c5/0x780
[  757.722436][   T31]  ? __pfx_kthread+0x10/0x10
[  757.727058][   T31]  ? rcu_is_watching+0x12/0xc0
[  757.731841][   T31]  ? __pfx_kthread+0x10/0x10
[  757.736466][   T31]  ret_from_fork+0x5d4/0x6f0
[  757.741082][   T31]  ? __pfx_kthread+0x10/0x10
[  757.745712][   T31]  ret_from_fork_asm+0x1a/0x30
[  757.750515][   T31]  </TASK>
[  757.753779][   T31] Kernel Offset: disabled
[  757.758097][   T31] Rebooting in 86400 seconds..